From 8298e281056cdb055299ddc0f7d0322adeaa3c1e Mon Sep 17 00:00:00 2001
From: Kieran Warwick <kieran.warwick@rungway.com>
Date: Mon, 2 Oct 2023 16:14:29 +0100
Subject: [PATCH 1/4] Add where clause to expand query for policies

---
 src/datastore/access-policies.cpp | 1 +
 src/datastore/rbac-policies.cpp   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/datastore/access-policies.cpp b/src/datastore/access-policies.cpp
index a1fe6ac5..4e987fd5 100644
--- a/src/datastore/access-policies.cpp
+++ b/src/datastore/access-policies.cpp
@@ -150,6 +150,7 @@ const AccessPolicy::identities_t AccessPolicy::identities(bool expand) const {
 			from
 				"access-policies_collections" p
 				join "collections_identities" c on p.collection_id = c.collection_id
+				where p.policy_id = $1:text
 			;
 		)";
 	} else {
diff --git a/src/datastore/rbac-policies.cpp b/src/datastore/rbac-policies.cpp
index 8570e8b6..abf5ce3b 100644
--- a/src/datastore/rbac-policies.cpp
+++ b/src/datastore/rbac-policies.cpp
@@ -158,6 +158,7 @@ const RbacPolicy::identities_t RbacPolicy::identities(bool expand) const {
 			from
 				"rbac-policies_collections" p
 				join "collections_identities" c on p.collection_id = c.collection_id
+				where p.policy_id = $1:text
 			;
 		)";
 	} else {

From 7bd3e2780e4e58b093205fbebe18a51d384f7c23 Mon Sep 17 00:00:00 2001
From: Kieran Warwick <kieran.warwick@rungway.com>
Date: Mon, 2 Oct 2023 16:22:23 +0100
Subject: [PATCH 2/4] fix syntax

---
 src/datastore/access-policies.cpp | 2 +-
 src/datastore/rbac-policies.cpp   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/datastore/access-policies.cpp b/src/datastore/access-policies.cpp
index 4e987fd5..bf5dd65c 100644
--- a/src/datastore/access-policies.cpp
+++ b/src/datastore/access-policies.cpp
@@ -150,7 +150,7 @@ const AccessPolicy::identities_t AccessPolicy::identities(bool expand) const {
 			from
 				"access-policies_collections" p
 				join "collections_identities" c on p.collection_id = c.collection_id
-				where p.policy_id = $1:text
+				where p.policy_id = $1::text
 			;
 		)";
 	} else {
diff --git a/src/datastore/rbac-policies.cpp b/src/datastore/rbac-policies.cpp
index abf5ce3b..a1427ac0 100644
--- a/src/datastore/rbac-policies.cpp
+++ b/src/datastore/rbac-policies.cpp
@@ -158,7 +158,7 @@ const RbacPolicy::identities_t RbacPolicy::identities(bool expand) const {
 			from
 				"rbac-policies_collections" p
 				join "collections_identities" c on p.collection_id = c.collection_id
-				where p.policy_id = $1:text
+				where p.policy_id = $1::text
 			;
 		)";
 	} else {

From 501d7a8b995f8c33a8e838401ce06dfaf2d5c041 Mon Sep 17 00:00:00 2001
From: Kieran Warwick <kieran.warwick@rungway.com>
Date: Mon, 2 Oct 2023 16:39:11 +0100
Subject: [PATCH 3/4] create background noise to improve testing

---
 src/datastore/access-policies_test.cpp | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/datastore/access-policies_test.cpp b/src/datastore/access-policies_test.cpp
index 575520c4..78c556b5 100644
--- a/src/datastore/access-policies_test.cpp
+++ b/src/datastore/access-policies_test.cpp
@@ -29,6 +29,30 @@ class AccessPoliciesTest : public ::testing::Test {
 TEST_F(AccessPoliciesTest, identities) {
 	// Success: retrieve identities
 	{
+		// Create background noise
+		const datastore::Identities randomIdentities({
+			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[0]"},
+			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[1]"},
+		});
+
+		for (const auto &idn : randomIdentities) {
+			ASSERT_NO_THROW(idn.store());
+		}
+
+		const datastore::Collection randomCollection({
+			.name = "name:AccessPoliciesTest.retrieveIdentities.randomCollection",
+		});
+		ASSERT_NO_THROW(randomCollection.store());
+		ASSERT_NO_THROW(randomCollection.add(randomIdentities[0].id()));
+
+		const datastore::AccessPolicy randomPolicy({
+			.name = "name:AccessPoliciesTest.retrieveIdentities.randomPolicy",
+		});
+		ASSERT_NO_THROW(randomPolicy.store());
+		ASSERT_NO_THROW(randomPolicy.addCollection(randomCollection.id()));
+		ASSERT_NO_THROW(randomPolicy.addIdentity(randomIdentities[1].id()));
+
+		// Setup real tests
 		const datastore::Identities identities({
 			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities[0]"},
 			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities[1]"},

From 76c2fb3f026975125039f3a9f128b798e3f159f5 Mon Sep 17 00:00:00 2001
From: Kieran Warwick <kieran.warwick@rungway.com>
Date: Mon, 2 Oct 2023 16:40:39 +0100
Subject: [PATCH 4/4] make lint fix

---
 src/datastore/access-policies_test.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/datastore/access-policies_test.cpp b/src/datastore/access-policies_test.cpp
index 78c556b5..13e17740 100644
--- a/src/datastore/access-policies_test.cpp
+++ b/src/datastore/access-policies_test.cpp
@@ -31,8 +31,10 @@ TEST_F(AccessPoliciesTest, identities) {
 	{
 		// Create background noise
 		const datastore::Identities randomIdentities({
-			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[0]"},
-			datastore::Identity::Data{.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[1]"},
+			datastore::Identity::Data{
+				.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[0]"},
+			datastore::Identity::Data{
+				.sub = "sub:AccessPoliciesTest.retrieveIdentities.randomIdentities[1]"},
 		});
 
 		for (const auto &idn : randomIdentities) {