From ee226b7ad0fe36e5f94f0cff76fac95d5976fec8 Mon Sep 17 00:00:00 2001 From: Arvindh Date: Wed, 10 Jul 2024 19:40:29 +0530 Subject: [PATCH] fix lint errors Signed-off-by: Arvindh --- auth/api/http/pats/endpoint.go | 2 +- auth/bolt/pat.go | 289 --------------------------------- auth/pat.go | 69 +++++--- auth/service.go | 2 - 4 files changed, 43 insertions(+), 319 deletions(-) diff --git a/auth/api/http/pats/endpoint.go b/auth/api/http/pats/endpoint.go index d2f1002a022..36b7ac1b75e 100644 --- a/auth/api/http/pats/endpoint.go +++ b/auth/api/http/pats/endpoint.go @@ -197,6 +197,6 @@ func testCheckPATScopeEntryEndpoint(svc auth.Service) endpoint.Endpoint { return nil, err } - return revokePatSecretRes{}, nil + return testCheckPatScopeRes{}, nil } } diff --git a/auth/bolt/pat.go b/auth/bolt/pat.go index dfcde5a7cae..9c8e8f2eede 100644 --- a/auth/bolt/pat.go +++ b/auth/bolt/pat.go @@ -42,8 +42,6 @@ var ( entityValue = []byte{0x02} anyIDValue = []byte{0x03} selectedIDsValue = []byte{0x04} - - errBucketNotFound = errors.New("bucket not found") ) type patRepo struct { @@ -525,269 +523,6 @@ func keyValueToPAT(kv map[string][]byte) (auth.PAT, error) { return pat, nil } -// 129eab11-681b-4c62-89e4-7a9ce0eda29d:scope:users:read -// 129eab11-681b-4c62-89e4-7a9ce0eda29d:scope:domains:domain_1:groups:read -// 129eab11-681b-4c62-89e4-7a9ce0eda29d:scope:domains:domain_1:groups:read:group_2 -// 129eab11-681b-4c62-89e4-7a9ce0eda29d:scope:domains:domain_1:domain_management:read -// 129eab11-681b-4c62-89e4-7a9ce0eda29d:scope:domains:domain_1:groups:read:group_1 - -func parseKeyValueToScopeLegacy(kv map[string][]byte) (auth.Scope, error) { - scope := auth.Scope{ - Domains: make(map[string]auth.DomainScope), - } - for key, value := range kv { - if strings.Index(key, keySeparator+scopeKey+keySeparator) > 0 { - keyParts := strings.Split(key, keySeparator) - - platformEntityType, err := auth.ParsePlatformEntityType(keyParts[2]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - switch platformEntityType { - case auth.PlatformUsersScope: - switch string(value) { - case string(entityValue): - if len(keyParts) != 5 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-2]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - entityID := keyParts[len(keyParts)-1] - if scope.Users.Operations == nil { - scope.Users.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if _, oValueExists := scope.Users.Operations[opType]; !oValueExists { - scope.Users.Operations[opType] = &auth.SelectedIDs{} - } - oValue := scope.Users.Operations[opType] - if err := oValue.AddValues(entityID); err != nil { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity value %v : %w", key, entityID, err) - } - scope.Users.Operations[opType] = oValue - case string(anyIDValue): - if len(keyParts) != 4 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if scope.Users.Operations == nil { - scope.Users.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if oValue, oValueExists := scope.Users.Operations[opType]; oValueExists && oValue != nil { - if _, ok := oValue.(*auth.AnyIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity anyIDs scope value : key already initialized with different type", key) - } - } - scope.Users.Operations[opType] = &auth.AnyIDs{} - case string(selectedIDsValue): - if len(keyParts) != 4 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if scope.Users.Operations == nil { - scope.Users.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - oValue, oValueExists := scope.Users.Operations[opType] - if oValueExists && oValue != nil { - if _, ok := oValue.(*auth.SelectedIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity selectedIDs scope value : key already initialized with different type", key) - } - } - if !oValueExists { - scope.Users.Operations[opType] = &auth.SelectedIDs{} - } - default: - return auth.Scope{}, fmt.Errorf("key %s have invalid value %v", key, value) - } - - case auth.PlatformDomainsScope: - if len(keyParts) < 6 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - domainID := keyParts[3] - if scope.Domains == nil { - scope.Domains = make(map[string]auth.DomainScope) - } - if _, ok := scope.Domains[domainID]; !ok { - scope.Domains[domainID] = auth.DomainScope{} - } - domainScope := scope.Domains[domainID] - - entityType := keyParts[4] - - switch entityType { - case auth.DomainManagementScope.String(): - switch string(value) { - case string(entityValue): - if len(keyParts) != 7 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-2]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - entityID := keyParts[len(keyParts)-1] - - if domainScope.DomainManagement.Operations == nil { - domainScope.DomainManagement.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if _, oValueExists := domainScope.DomainManagement.Operations[opType]; !oValueExists { - domainScope.DomainManagement.Operations[opType] = &auth.SelectedIDs{} - } - oValue := domainScope.DomainManagement.Operations[opType] - if err := oValue.AddValues(entityID); err != nil { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity value %v : %w", key, entityID, err) - } - domainScope.DomainManagement.Operations[opType] = oValue - case string(anyIDValue): - if len(keyParts) != 6 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if domainScope.DomainManagement.Operations == nil { - domainScope.DomainManagement.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if oValue, oValueExists := domainScope.DomainManagement.Operations[opType]; oValueExists && oValue != nil { - if _, ok := oValue.(*auth.AnyIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity anyIDs scope value : key already initialized with different type", key) - } - } - domainScope.DomainManagement.Operations[opType] = &auth.AnyIDs{} - case string(selectedIDsValue): - if len(keyParts) != 6 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if domainScope.DomainManagement.Operations == nil { - domainScope.DomainManagement.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - oValue, oValueExists := domainScope.DomainManagement.Operations[opType] - if oValueExists && oValue != nil { - if _, ok := oValue.(*auth.SelectedIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity selectedIDs scope value : key already initialized with different type", key) - } - } - if !oValueExists { - domainScope.DomainManagement.Operations[opType] = &auth.SelectedIDs{} - } - default: - return auth.Scope{}, fmt.Errorf("key %s have invalid value %v", key, value) - } - default: - etype, err := auth.ParseDomainEntityType(entityType) - if err != nil { - return auth.Scope{}, fmt.Errorf("key %s invalid entity type %s : %w", key, entityType, err) - } - if domainScope.Entities == nil { - domainScope.Entities = make(map[auth.DomainEntityType]auth.OperationScope) - } - if _, ok := domainScope.Entities[etype]; !ok { - domainScope.Entities[etype] = auth.OperationScope{} - } - entityOperationScope := domainScope.Entities[etype] - switch string(value) { - case string(entityValue): - if len(keyParts) != 7 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-2]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - entityID := keyParts[len(keyParts)-1] - if entityOperationScope.Operations == nil { - entityOperationScope.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if _, oValueExists := entityOperationScope.Operations[opType]; !oValueExists { - entityOperationScope.Operations[opType] = &auth.SelectedIDs{} - } - oValue := entityOperationScope.Operations[opType] - if err := oValue.AddValues(entityID); err != nil { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity value %v : %w", key, entityID, err) - } - entityOperationScope.Operations[opType] = oValue - case string(anyIDValue): - if len(keyParts) != 6 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if entityOperationScope.Operations == nil { - entityOperationScope.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - if oValue, oValueExists := entityOperationScope.Operations[opType]; oValueExists && oValue != nil { - if _, ok := oValue.(*auth.AnyIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity anyIDs scope value : key already initialized with different type", key) - } - } - entityOperationScope.Operations[opType] = &auth.AnyIDs{} - case string(selectedIDsValue): - if len(keyParts) != 6 { - return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key) - } - opType, err := auth.ParseOperationType(keyParts[len(keyParts)-1]) - if err != nil { - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err) - } - - if entityOperationScope.Operations == nil { - entityOperationScope.Operations = make(map[auth.OperationType]auth.ScopeValue) - } - - oValue, oValueExists := entityOperationScope.Operations[opType] - if oValueExists && oValue != nil { - if _, ok := oValue.(*auth.SelectedIDs); !ok { - return auth.Scope{}, fmt.Errorf("failed to add scope key %s with entity selectedIDs scope value : key already initialized with different type", key) - } - } - if !oValueExists { - entityOperationScope.Operations[opType] = &auth.SelectedIDs{} - } - default: - return auth.Scope{}, fmt.Errorf("key %s have invalid value %v", key, value) - } - - domainScope.Entities[etype] = entityOperationScope - } - - scope.Domains[domainID] = domainScope - default: - return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, fmt.Errorf("invalid platform entity type : %s", platformEntityType.String())) - } - } - } - return scope, nil -} - func parseKeyValueToScope(kv map[string][]byte) (auth.Scope, error) { scope := auth.Scope{ Domains: make(map[string]auth.DomainScope), @@ -942,30 +677,6 @@ func validateOperation(platformEntityType auth.PlatformEntityType, opScope auth. return nil } -func getString(b *bolt.Bucket, patID, key string) string { - value := b.Get([]byte(patID + keySeparator + key)) - if value != nil { - return string(value) - } - return "" -} - -func getTime(b *bolt.Bucket, patID, key string) time.Time { - value := b.Get([]byte(patID + keySeparator + key)) - if value != nil { - return bytesToTime(value) - } - return time.Time{} -} - -func getBool(b *bolt.Bucket, patID, key string) bool { - value := b.Get([]byte(patID + keySeparator + key)) - if value != nil { - return bytesToBoolean(value) - } - return false -} - func timeToBytes(t time.Time) []byte { timeBytes := make([]byte, 8) binary.BigEndian.PutUint64(timeBytes, uint64(t.Nanosecond())) diff --git a/auth/pat.go b/auth/pat.go index c8fca890229..1ea4ee09cd3 100644 --- a/auth/pat.go +++ b/auth/pat.go @@ -25,18 +25,26 @@ const ( DeleteOp ) +const ( + createOpStr = "create" + readOpStr = "read" + listOpStr = "list" + updateOpStr = "update" + deleteOpStr = "delete" +) + func (ot OperationType) ValidString() (string, error) { switch ot { case CreateOp: - return "create", nil + return createOpStr, nil case ReadOp: - return "read", nil + return readOpStr, nil case ListOp: - return "list", nil + return listOpStr, nil case UpdateOp: - return "update", nil + return updateOpStr, nil case DeleteOp: - return "delete", nil + return deleteOpStr, nil default: return "", fmt.Errorf("unknown operation type %d", ot) } @@ -45,15 +53,15 @@ func (ot OperationType) ValidString() (string, error) { func (ot OperationType) String() string { switch ot { case CreateOp: - return "create" + return createOpStr case ReadOp: - return "read" + return readOpStr case ListOp: - return "list" + return listOpStr case UpdateOp: - return "update" + return updateOpStr case DeleteOp: - return "delete" + return deleteOpStr default: return fmt.Sprintf("unknown operation type %d", ot) } @@ -61,15 +69,15 @@ func (ot OperationType) String() string { func ParseOperationType(ot string) (OperationType, error) { switch ot { - case "create": + case createOpStr: return CreateOp, nil - case "read": + case readOpStr: return ReadOp, nil - case "list": + case listOpStr: return ListOp, nil - case "update": + case updateOpStr: return UpdateOp, nil - case "delete": + case deleteOpStr: return DeleteOp, nil default: return 0, fmt.Errorf("unknown operation type %s", ot) @@ -100,16 +108,23 @@ const ( DomainNullScope ) +const ( + domainManagementScopeStr = "domain_management" + domainGroupsScopeStr = "groups" + domainChannelsScopeStr = "channels" + domainThingsScopeStr = "things" +) + func (det DomainEntityType) ValidString() (string, error) { switch det { case DomainManagementScope: - return "domain_management", nil + return domainManagementScopeStr, nil case DomainGroupsScope: - return "groups", nil + return domainGroupsScopeStr, nil case DomainChannelsScope: - return "channels", nil + return domainChannelsScopeStr, nil case DomainThingsScope: - return "things", nil + return domainThingsScopeStr, nil default: return "", fmt.Errorf("unknown domain entity type %d", det) } @@ -118,13 +133,13 @@ func (det DomainEntityType) ValidString() (string, error) { func (det DomainEntityType) String() string { switch det { case DomainManagementScope: - return "domain_management" + return domainManagementScopeStr case DomainGroupsScope: - return "groups" + return domainGroupsScopeStr case DomainChannelsScope: - return "channels" + return domainChannelsScopeStr case DomainThingsScope: - return "things" + return domainThingsScopeStr default: return fmt.Sprintf("unknown domain entity type %d", det) } @@ -132,13 +147,13 @@ func (det DomainEntityType) String() string { func ParseDomainEntityType(det string) (DomainEntityType, error) { switch det { - case "domain_management": + case domainManagementScopeStr: return DomainManagementScope, nil - case "groups": + case domainGroupsScopeStr: return DomainGroupsScope, nil - case "channels": + case domainChannelsScopeStr: return DomainChannelsScope, nil - case "things": + case domainThingsScopeStr: return DomainThingsScope, nil default: return 0, fmt.Errorf("unknown domain entity type %s", det) diff --git a/auth/service.go b/auth/service.go index 7790c46f974..070ddbae8a0 100644 --- a/auth/service.go +++ b/auth/service.go @@ -77,8 +77,6 @@ var ( errRetrievePAT = errors.New("failed to retrieve PAT") errDeletePAT = errors.New("failed to delete PAT") errRevokePAT = errors.New("failed to revoke PAT") - errAddScope = errors.New("failed to add entry in scope") - errRemoveScope = errors.New("failed to remove entry in scope") errClearAllScope = errors.New("failed to clear all entry in scope") )