From ff19e7789345d07356b6f016c28cbd2dc5424db4 Mon Sep 17 00:00:00 2001 From: Kian Parvin <46668016+kian99@users.noreply.github.com> Date: Wed, 23 Aug 2023 17:20:35 +0200 Subject: [PATCH] Tweak ofga list objects return type (#1032) * Tweak ofga list objects return type * Fix tests * Renamed to internal package tag --- internal/jujuapi/jimm.go | 4 ---- internal/openfga/openfga.go | 12 ++++-------- internal/openfga/openfga_test.go | 22 ++++++++++++++-------- internal/openfga/user.go | 10 +++++++++- 4 files changed, 27 insertions(+), 21 deletions(-) diff --git a/internal/jujuapi/jimm.go b/internal/jujuapi/jimm.go index d64742dfc..e8969b034 100644 --- a/internal/jujuapi/jimm.go +++ b/internal/jujuapi/jimm.go @@ -501,10 +501,6 @@ func (r *controllerRoot) CrossModelQuery(ctx context.Context, req apiparams.Cros if err != nil { return apiparams.CrossModelQueryResponse{}, errors.E(op, errors.Code("failed to list user's model access")) } - // UUIDs are returned in the form "model:uuid" - for i, uuid := range modelUUIDs { - modelUUIDs[i] = strings.Split(uuid, ":")[1] - } models, err := r.jimm.Database.GetModelsByUUID(ctx, modelUUIDs) if err != nil { return apiparams.CrossModelQueryResponse{}, errors.E(op, errors.Code("failed to get models for user")) diff --git a/internal/openfga/openfga.go b/internal/openfga/openfga.go index 5c2b1bba7..3c928ab8d 100644 --- a/internal/openfga/openfga.go +++ b/internal/openfga/openfga.go @@ -80,7 +80,7 @@ func (o *OFGAClient) getRelatedObjects(ctx context.Context, tuple Tuple, pageSiz // must NOT include the ID, i.e., // // - "group:" vs "group:mygroup", where "mygroup" is the ID and the correct objType would be "group". -func (o *OFGAClient) listObjects(ctx context.Context, user string, relation string, objType string, contextualTuples []Tuple) (objectIds []string, err error) { +func (o *OFGAClient) listObjects(ctx context.Context, user string, relation string, objType string, contextualTuples []Tuple) (objectIds []Tag, err error) { userEntity, err := cofga.ParseEntity(user) if err != nil { return nil, err @@ -88,16 +88,12 @@ func (o *OFGAClient) listObjects(ctx context.Context, user string, relation stri entities, err := o.cofgaClient.FindAccessibleObjectsByRelation(ctx, Tuple{ Object: &userEntity, Relation: cofga.Relation(relation), - Target: &cofga.Entity{Kind: cofga.Kind(objType)}, + Target: &Tag{Kind: cofga.Kind(objType)}, }, contextualTuples...) if err != nil { return nil, err } - result := make([]string, len(entities)) - for i, entity := range entities { - result[i] = entity.String() - } - return result, nil + return entities, nil } // AddRelation adds given relations (tuples). @@ -111,7 +107,7 @@ func (o *OFGAClient) RemoveRelation(ctx context.Context, tuples ...Tuple) error } // ListObjects returns all object IDs of that a user has the relation to. -func (o *OFGAClient) ListObjects(ctx context.Context, user string, relation string, objType string, contextualTuples []Tuple) ([]string, error) { +func (o *OFGAClient) ListObjects(ctx context.Context, user string, relation string, objType string, contextualTuples []Tuple) ([]Tag, error) { return o.listObjects(ctx, user, relation, objType, contextualTuples) } diff --git a/internal/openfga/openfga_test.go b/internal/openfga/openfga_test.go index 97e75fee4..443b6c26b 100644 --- a/internal/openfga/openfga_test.go +++ b/internal/openfga/openfga_test.go @@ -435,9 +435,12 @@ func (s *openFGATestSuite) TestListObjectsWithContextualTuples(c *gc.C) { "30000000-0000-0000-0000-000000000000", } - expected := make([]string, len(modelUUIDs)) + expected := make([]openfga.Tag, len(modelUUIDs)) for i, v := range modelUUIDs { - expected[i] = "model:" + v + expected[i] = openfga.Tag{ + Kind: "model", + ID: v, + } } ids, err := s.ofgaClient.ListObjects(ctx, "user:alice", "reader", "model", []openfga.Tuple{ @@ -474,8 +477,8 @@ func (s *openFGATestSuite) TestListObjectsWithContextualTuples(c *gc.C) { c.Assert(cmp.Equal( ids, expected, - cmpopts.SortSlices(func(want string, expected string) bool { - return want < expected + cmpopts.SortSlices(func(want openfga.Tag, expected openfga.Tag) bool { + return want.ID < expected.ID }), ), gc.Equals, true) } @@ -489,9 +492,12 @@ func (s *openFGATestSuite) TestListObjectsWithPeristedTuples(c *gc.C) { "30000000-0000-0000-0000-000000000000", } - expected := make([]string, len(modelUUIDs)) + expected := make([]openfga.Tag, len(modelUUIDs)) for i, v := range modelUUIDs { - expected[i] = "model:" + v + expected[i] = openfga.Tag{ + Kind: "model", + ID: v, + } } c.Assert(s.ofgaClient.AddRelation(ctx, @@ -531,8 +537,8 @@ func (s *openFGATestSuite) TestListObjectsWithPeristedTuples(c *gc.C) { c.Assert(cmp.Equal( ids, expected, - cmpopts.SortSlices(func(want string, expected string) bool { - return want < expected + cmpopts.SortSlices(func(want openfga.Tag, expected openfga.Tag) bool { + return want.ID < expected.ID }), ), gc.Equals, true) } diff --git a/internal/openfga/user.go b/internal/openfga/user.go index 0b1e8b304..a38a88430 100644 --- a/internal/openfga/user.go +++ b/internal/openfga/user.go @@ -217,7 +217,15 @@ func (u *User) UnsetApplicationOfferAccess(ctx context.Context, resource names.A // ListModels returns a slice of model UUIDs this user has at least reader access to. func (u *User) ListModels(ctx context.Context) ([]string, error) { - return u.client.ListObjects(ctx, ofganames.ConvertTag(u.ResourceTag()).String(), ofganames.ReaderRelation.String(), "model", nil) + entities, err := u.client.ListObjects(ctx, ofganames.ConvertTag(u.ResourceTag()).String(), ofganames.ReaderRelation.String(), "model", nil) + if err != nil { + return nil, err + } + modelUUIDs := make([]string, len(entities)) + for i, model := range entities { + modelUUIDs[i] = model.ID + } + return modelUUIDs, err } type administratorT interface {