(svc) Access.DeletePolicyIdentity

uatuko · Aug 4, 2023 · 9406230 · 9406230
1 parent e8ff8de
commit 9406230
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 0 deletions.
diff --git a/src/svc/access.cpp b/src/svc/access.cpp
@@ -94,6 +94,19 @@ grpc::ServerUnaryReactor *Access::CreatePolicy(
 	return reactor;
 }
 
+grpc::ServerUnaryReactor *Access::DeletePolicyIdentity(
+	grpc::CallbackServerContext *context, const gk::v1::AccessDeletePolicyIdentityRequest *request,
+	google::protobuf::Empty *response) {
+	auto *reactor = context->DefaultReactor();
+
+	// TODO: error handling
+	auto policy = datastore::RetrieveAccessPolicy(request->policy_id());
+	policy.deleteIdentity(request->identity_id());
+
+	reactor->Finish(grpc::Status::OK);
+	return reactor;
+}
+
 grpc::ServerUnaryReactor *Access::RetrievePolicy(
 	grpc::CallbackServerContext *context, const gk::v1::AccessRetrievePolicyRequest *request,
 	gk::v1::AccessPolicy *response) {

diff --git a/src/svc/access.h b/src/svc/access.h
@@ -23,6 +23,11 @@ class Access final : public gk::v1::Access::CallbackService {
 		grpc::CallbackServerContext *context, const gk::v1::AccessCreatePolicyRequest *request,
 		gk::v1::AccessPolicy *response) override;
 
+	grpc::ServerUnaryReactor *DeletePolicyIdentity(
+		grpc::CallbackServerContext                     *context,
+		const gk::v1::AccessDeletePolicyIdentityRequest *request,
+		google::protobuf::Empty                         *response) override;
+
 	grpc::ServerUnaryReactor *RetrievePolicy(
 		grpc::CallbackServerContext *context, const gk::v1::AccessRetrievePolicyRequest *request,
 		gk::v1::AccessPolicy *response) override;

diff --git a/src/svc/access_test.cpp b/src/svc/access_test.cpp
@@ -279,6 +279,41 @@ TEST_F(svc_AccessTest, CreatePolicy) {
 	}
 }
 
+TEST_F(svc_AccessTest, DeletePolicyIdentity) {
+	svc::Access svc;
+
+	// Success: delete identity
+	{
+		const datastore::Identity identity({
+			.sub = "sub:svc_AccessTest.DeletePolicyIdentity",
+		});
+		ASSERT_NO_THROW(identity.store());
+
+		const datastore::AccessPolicy policy({
+			.name = "name:svc_AccessTest.DeletePolicyIdentity",
+		});
+		ASSERT_NO_THROW(policy.store());
+		ASSERT_NO_THROW(policy.addIdentity(identity.id()));
+		EXPECT_EQ(1, policy.identities().size());
+
+		grpc::CallbackServerContext           ctx;
+		grpc::testing::DefaultReactorTestPeer peer(&ctx);
+		google::protobuf::Empty               response;
+
+		gk::v1::AccessDeletePolicyIdentityRequest request;
+		request.set_policy_id(policy.id());
+		request.set_identity_id(identity.id());
+
+		auto reactor = svc.DeletePolicyIdentity(&ctx, &request, &response);
+		EXPECT_TRUE(peer.test_status_set());
+		EXPECT_TRUE(peer.test_status().ok());
+		EXPECT_EQ(peer.reactor(), reactor);
+
+		const auto ids = policy.identities();
+		ASSERT_EQ(0, ids.size());
+	}
+}
+
 TEST_F(svc_AccessTest, RetrievePolicy) {
 	svc::Access svc;