chronograf/organizations/users.go

package organizations

import (
	"context"
	"fmt"

	"github.com/influxdata/chronograf"
)

// Ensure UsersStore implements chronograf.UsersStore.
var _ chronograf.UsersStore = &UsersStore{}

// UsersStore uses bolt to store and retrieve users
type UsersStore struct {
	organization string
	store        chronograf.UsersStore
}

func NewUsersStore(s chronograf.UsersStore, org string) *UsersStore {
	return &UsersStore{
		store:        s,
		organization: org,
	}
}

// validOrganizationRoles ensures that each User Role has both an associated Organization and a Name
func validOrganizationRoles(orgID string, u *chronograf.User) error {
	if u == nil || u.Roles == nil {
		return nil
	}
	for _, r := range u.Roles {
		if r.Organization == "" {
			return fmt.Errorf("user role must have an Organization")
		}
		if r.Organization != orgID {
			return fmt.Errorf("organizationID %s does not match %s", r.Organization, orgID)
		}
		if r.Name == "" {
			return fmt.Errorf("user role must have a Name")
		}
	}
	return nil
}

// Get searches the UsersStore for user with name
func (s *UsersStore) Get(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
	err := validOrganization(ctx)
	if err != nil {
		return nil, err
	}

	usr, err := s.store.Get(ctx, q)
	if err != nil {
		return nil, err
	}

	// filter Roles that are not scoped to this Organization
	roles := usr.Roles[:0]
	for _, r := range usr.Roles {
		if r.Organization == s.organization {
			roles = append(roles, r)
		}
	}
	if len(roles) == 0 {
		// This means that the user has no roles in an organization
		// TODO: should we return the user without any roles or ErrUserNotFound?
		return nil, chronograf.ErrUserNotFound
	}
	usr.Roles = roles
	return usr, nil
}

// Add a new User to the UsersStore.
func (s *UsersStore) Add(ctx context.Context, u *chronograf.User) (*chronograf.User, error) {
	err := validOrganization(ctx)
	if err != nil {
		return nil, err
	}

	if err := validOrganizationRoles(s.organization, u); err != nil {
		return nil, err
	}
	usr, err := s.store.Get(ctx, chronograf.UserQuery{
		Name:     &u.Name,
		Provider: &u.Provider,
		Scheme:   &u.Scheme,
	})
	if err != nil && err != chronograf.ErrUserNotFound {
		return nil, err
	}
	if err == chronograf.ErrUserNotFound {
		return s.store.Add(ctx, u)
	}
	usr.Roles = append(usr.Roles, u.Roles...)
	if err := s.store.Update(ctx, usr); err != nil {
		return nil, err
	}
	u.ID = usr.ID
	return u, nil
}

// Delete a user from the UsersStore
func (s *UsersStore) Delete(ctx context.Context, usr *chronograf.User) error {
	err := validOrganization(ctx)
	if err != nil {
		return err
	}
	u, err := s.store.Get(ctx, chronograf.UserQuery{ID: &usr.ID})
	if err != nil {
		return err
	}
	// delete Roles that are not scoped to this Organization
	roles := u.Roles[:0]
	for _, r := range u.Roles {
		if r.Organization != s.organization {
			roles = append(roles, r)
		}
	}
	u.Roles = roles
	return s.store.Update(ctx, u)
}

// Update a user
func (s *UsersStore) Update(ctx context.Context, usr *chronograf.User) error {
	err := validOrganization(ctx)
	if err != nil {
		return err
	}

	if err := validOrganizationRoles(s.organization, usr); err != nil {
		return err
	}
	u, err := s.store.Get(ctx, chronograf.UserQuery{ID: &usr.ID})
	if err != nil {
		return err
	}
	// filter Roles that are not scoped to this Organization
	roles := u.Roles[:0]
	for _, r := range u.Roles {
		if r.Organization != s.organization {
			roles = append(roles, r)
		}
	}

	// recombine roles from usr, by replacing the roles of the user
	// within the current Organization
	u.Roles = append(roles, usr.Roles...)

	return s.store.Update(ctx, u)
}

// All returns all users
func (s *UsersStore) All(ctx context.Context) ([]chronograf.User, error) {
	err := validOrganization(ctx)
	if err != nil {
		return nil, err
	}

	usrs, err := s.store.All(ctx)
	if err != nil {
		return nil, err
	}

	// Filtering users that have no associtation to an organization
	us := usrs[:0]
	for _, usr := range usrs {
		roles := usr.Roles[:0]
		for _, r := range usr.Roles {
			if r.Organization == s.organization {
				roles = append(roles, r)
			}
		}
		if len(roles) != 0 {
			// Only add users if they have a role in the associated organization
			usr.Roles = roles
			us = append(us, usr)
		}
	}

	return us, nil
}
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`package organizations`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00
			`import (`
			`"context"`
			`"fmt"`

			`"github.com/influxdata/chronograf"`
			`)`

Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`// Ensure UsersStore implements chronograf.UsersStore.`
			`var _ chronograf.UsersStore = &UsersStore{}`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`// UsersStore uses bolt to store and retrieve users`
			`type UsersStore struct {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`organization string`
			`store chronograf.UsersStore`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`

Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`func NewUsersStore(s chronograf.UsersStore, org string) *UsersStore {`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`return &UsersStore{`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`store: s,`
			`organization: org,`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`}`
			`}`

Change OrganizationID to Organization in Roles Fix formatting of proto file 2017-10-30 16:28:57 +00:00			`// validOrganizationRoles ensures that each User Role has both an associated Organization and a Name`
Rename userHasValidRoles to validOrganizationRoles for clarity Signed-off-by: Michael de Sa <mjdesa@gmail.com> 2017-10-24 21:04:48 +00:00			`func validOrganizationRoles(orgID string, u *chronograf.User) error {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`if u == nil \|\| u.Roles == nil {`
			`return nil`
			`}`
			`for _, r := range u.Roles {`
Change OrganizationID to Organization in Roles Fix formatting of proto file 2017-10-30 16:28:57 +00:00			`if r.Organization == "" {`
			`return fmt.Errorf("user role must have an Organization")`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Change OrganizationID to Organization in Roles Fix formatting of proto file 2017-10-30 16:28:57 +00:00			`if r.Organization != orgID {`
			`return fmt.Errorf("organizationID %s does not match %s", r.Organization, orgID)`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
			`if r.Name == "" {`
			`return fmt.Errorf("user role must have a Name")`
			`}`
			`}`
			`return nil`
			`}`

Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`// Get searches the UsersStore for user with name`
			`func (s UsersStore) Get(ctx context.Context, q chronograf.UserQuery) (chronograf.User, error) {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`err := validOrganization(ctx)`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`if err != nil {`
			`return nil, err`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`usr, err := s.store.Get(ctx, q)`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`// filter Roles that are not scoped to this Organization`
			`roles := usr.Roles[:0]`
			`for _, r := range usr.Roles {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`if r.Organization == s.organization {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`roles = append(roles, r)`
			`}`
			`}`
			`if len(roles) == 0 {`
			`// This means that the user has no roles in an organization`
			`// TODO: should we return the user without any roles or ErrUserNotFound?`
			`return nil, chronograf.ErrUserNotFound`
			`}`
			`usr.Roles = roles`
			`return usr, nil`
			`}`

Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`// Add a new User to the UsersStore.`
			`func (s UsersStore) Add(ctx context.Context, u chronograf.User) (*chronograf.User, error) {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`err := validOrganization(ctx)`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`if err != nil {`
			`return nil, err`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00
			`if err := validOrganizationRoles(s.organization, u); err != nil {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`return nil, err`
			`}`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`usr, err := s.store.Get(ctx, chronograf.UserQuery{`
Ensure additional Users aren't created OrganizationUser.Add Performs a Get against the global UsersStore, and if the User already exists, it appends to that User instead of trying to add the "new" User blindly. Signed-off-by: Michael de Sa <mjdesa@gmail.com> 2017-10-24 21:53:44 +00:00			`Name: &u.Name,`
			`Provider: &u.Provider,`
			`Scheme: &u.Scheme,`
			`})`
			`if err != nil && err != chronograf.ErrUserNotFound {`
			`return nil, err`
			`}`
			`if err == chronograf.ErrUserNotFound {`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`return s.store.Add(ctx, u)`
Ensure additional Users aren't created OrganizationUser.Add Performs a Get against the global UsersStore, and if the User already exists, it appends to that User instead of trying to add the "new" User blindly. Signed-off-by: Michael de Sa <mjdesa@gmail.com> 2017-10-24 21:53:44 +00:00			`}`
			`usr.Roles = append(usr.Roles, u.Roles...)`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`if err := s.store.Update(ctx, usr); err != nil {`
Ensure additional Users aren't created OrganizationUser.Add Performs a Get against the global UsersStore, and if the User already exists, it appends to that User instead of trying to add the "new" User blindly. Signed-off-by: Michael de Sa <mjdesa@gmail.com> 2017-10-24 21:53:44 +00:00			`return nil, err`
			`}`
			`u.ID = usr.ID`
			`return u, nil`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`

Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`// Delete a user from the UsersStore`
			`func (s UsersStore) Delete(ctx context.Context, usr chronograf.User) error {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`err := validOrganization(ctx)`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`if err != nil {`
			`return err`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`u, err := s.store.Get(ctx, chronograf.UserQuery{ID: &usr.ID})`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`if err != nil {`
			`return err`
			`}`
			`// delete Roles that are not scoped to this Organization`
			`roles := u.Roles[:0]`
			`for _, r := range u.Roles {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`if r.Organization != s.organization {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`roles = append(roles, r)`
			`}`
			`}`
			`u.Roles = roles`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`return s.store.Update(ctx, u)`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`

			`// Update a user`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`func (s UsersStore) Update(ctx context.Context, usr chronograf.User) error {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`err := validOrganization(ctx)`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`if err != nil {`
			`return err`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00
			`if err := validOrganizationRoles(s.organization, usr); err != nil {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`return err`
			`}`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`u, err := s.store.Get(ctx, chronograf.UserQuery{ID: &usr.ID})`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`if err != nil {`
			`return err`
			`}`
			`// filter Roles that are not scoped to this Organization`
			`roles := u.Roles[:0]`
			`for _, r := range u.Roles {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`if r.Organization != s.organization {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`roles = append(roles, r)`
			`}`
			`}`

Clarify Update methodology comment Signed-off-by: Michael de Sa <mjdesa@gmail.com> 2017-10-24 21:04:05 +00:00			`// recombine roles from usr, by replacing the roles of the user`
			`// within the current Organization`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`u.Roles = append(roles, usr.Roles...)`

Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`return s.store.Update(ctx, u)`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`

			`// All returns all users`
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`func (s *UsersStore) All(ctx context.Context) ([]chronograf.User, error) {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`err := validOrganization(ctx)`
Test for error on Add Org User without context Org Refactor guards in OrganizationUser bolt methods into comon func Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 20:53:30 +00:00			`if err != nil {`
			`return nil, err`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`}`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00
Move organization resouces to their own package 2017-10-30 18:31:19 +00:00			`usrs, err := s.store.All(ctx)`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`// Filtering users that have no associtation to an organization`
			`us := usrs[:0]`
			`for _, usr := range usrs {`
			`roles := usr.Roles[:0]`
			`for _, r := range usr.Roles {`
Add org param to New Organizaiton methods 2017-10-31 21:40:58 +00:00			`if r.Organization == s.organization {`
Add OrganizationUsersStore bolt/organization_users_store contains a boltdb implementation of a chronograf.UsersStore that filters the results based on the organization that is set on the context. Signed-off-by: Jared Scheib <jared.scheib@gmail.com> 2017-10-24 17:29:46 +00:00			`roles = append(roles, r)`
			`}`
			`}`
			`if len(roles) != 0 {`
			`// Only add users if they have a role in the associated organization`
			`usr.Roles = roles`
			`us = append(us, usr)`
			`}`
			`}`

			`return us, nil`
			`}`