influxdb/chronograf/enterprise/roles.go

package enterprise

import (
	"context"

	"github.com/influxdata/influxdb/v2/chronograf"
)

// RolesStore uses a control client operate on Influx Enterprise roles.  Roles are
// groups of permissions applied to groups of users
type RolesStore struct {
	Ctrl
	Logger chronograf.Logger
}

// Add creates a new Role in Influx Enterprise
// This must be done in three smaller steps: creating, setting permissions, setting users.
func (c *RolesStore) Add(ctx context.Context, u *chronograf.Role) (*chronograf.Role, error) {
	if err := c.Ctrl.CreateRole(ctx, u.Name); err != nil {
		return nil, err
	}
	if err := c.Ctrl.SetRolePerms(ctx, u.Name, ToEnterprise(u.Permissions)); err != nil {
		return nil, err
	}

	users := make([]string, len(u.Users))
	for i, u := range u.Users {
		users[i] = u.Name
	}
	if err := c.Ctrl.SetRoleUsers(ctx, u.Name, users); err != nil {
		return nil, err
	}
	return u, nil
}

// Delete the Role from Influx Enterprise
func (c *RolesStore) Delete(ctx context.Context, u *chronograf.Role) error {
	return c.Ctrl.DeleteRole(ctx, u.Name)
}

// Get retrieves a Role if name exists.
func (c *RolesStore) Get(ctx context.Context, name string) (*chronograf.Role, error) {
	role, err := c.Ctrl.Role(ctx, name)
	if err != nil {
		return nil, err
	}

	// Hydrate all the users to gather their permissions and their roles.
	users := make([]chronograf.User, len(role.Users))
	for i, u := range role.Users {
		user, err := c.Ctrl.User(ctx, u)
		if err != nil {
			return nil, err
		}
		users[i] = chronograf.User{
			Name:        user.Name,
			Permissions: ToChronograf(user.Permissions),
		}
	}
	return &chronograf.Role{
		Name:        role.Name,
		Permissions: ToChronograf(role.Permissions),
		Users:       users,
	}, nil
}

// Update the Role's permissions and roles
func (c *RolesStore) Update(ctx context.Context, u *chronograf.Role) error {
	if u.Permissions != nil {
		perms := ToEnterprise(u.Permissions)
		if err := c.Ctrl.SetRolePerms(ctx, u.Name, perms); err != nil {
			return err
		}
	}
	if u.Users != nil {
		users := make([]string, len(u.Users))
		for i, u := range u.Users {
			users[i] = u.Name
		}
		return c.Ctrl.SetRoleUsers(ctx, u.Name, users)
	}
	return nil
}

// All is all Roles in influx
func (c *RolesStore) All(ctx context.Context) ([]chronograf.Role, error) {
	all, err := c.Ctrl.Roles(ctx, nil)
	if err != nil {
		return nil, err
	}

	return all.ToChronograf(), nil
}

// ToChronograf converts enterprise roles to chronograf
func (r *Roles) ToChronograf() []chronograf.Role {
	res := make([]chronograf.Role, len(r.Roles))
	for i, role := range r.Roles {
		users := make([]chronograf.User, len(role.Users))
		for i, user := range role.Users {
			users[i] = chronograf.User{
				Name: user,
			}
		}

		res[i] = chronograf.Role{
			Name:        role.Name,
			Permissions: ToChronograf(role.Permissions),
			Users:       users,
		}
	}
	return res
}
WIP roles 2017-02-22 15:29:39 +00:00			`package enterprise`

Add roles to chronograf 2017-02-23 22:02:53 +00:00			`import (`
			`"context"`

refactor: rewrite imports to include the /v2 suffix for version 2 2020-04-03 17:39:20 +00:00			`"github.com/influxdata/influxdb/v2/chronograf"`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`)`

			`// RolesStore uses a control client operate on Influx Enterprise roles. Roles are`
			`// groups of permissions applied to groups of users`
			`type RolesStore struct {`
			`Ctrl`
			`Logger chronograf.Logger`
			`}`

WIP roles 2017-02-22 15:29:39 +00:00			`// Add creates a new Role in Influx Enterprise`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`// This must be done in three smaller steps: creating, setting permissions, setting users.`
			`func (c RolesStore) Add(ctx context.Context, u chronograf.Role) (*chronograf.Role, error) {`
			`if err := c.Ctrl.CreateRole(ctx, u.Name); err != nil {`
			`return nil, err`
			`}`
			`if err := c.Ctrl.SetRolePerms(ctx, u.Name, ToEnterprise(u.Permissions)); err != nil {`
			`return nil, err`
			`}`

			`users := make([]string, len(u.Users))`
			`for i, u := range u.Users {`
			`users[i] = u.Name`
			`}`
			`if err := c.Ctrl.SetRoleUsers(ctx, u.Name, users); err != nil {`
WIP roles 2017-02-22 15:29:39 +00:00			`return nil, err`
			`}`
			`return u, nil`
			`}`

			`// Delete the Role from Influx Enterprise`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`func (c RolesStore) Delete(ctx context.Context, u chronograf.Role) error {`
WIP roles 2017-02-22 15:29:39 +00:00			`return c.Ctrl.DeleteRole(ctx, u.Name)`
			`}`

			`// Get retrieves a Role if name exists.`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`func (c RolesStore) Get(ctx context.Context, name string) (chronograf.Role, error) {`
			`role, err := c.Ctrl.Role(ctx, name)`
WIP roles 2017-02-22 15:29:39 +00:00			`if err != nil {`
			`return nil, err`
			`}`
Add roles to chronograf 2017-02-23 22:02:53 +00:00
			`// Hydrate all the users to gather their permissions and their roles.`
			`users := make([]chronograf.User, len(role.Users))`
			`for i, u := range role.Users {`
			`user, err := c.Ctrl.User(ctx, u)`
			`if err != nil {`
			`return nil, err`
			`}`
			`users[i] = chronograf.User{`
			`Name: user.Name,`
			`Permissions: ToChronograf(user.Permissions),`
			`}`
			`}`
WIP roles 2017-02-22 15:29:39 +00:00			`return &chronograf.Role{`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`Name: role.Name,`
			`Permissions: ToChronograf(role.Permissions),`
			`Users: users,`
WIP roles 2017-02-22 15:29:39 +00:00			`}, nil`
			`}`

Add roles to chronograf 2017-02-23 22:02:53 +00:00			`// Update the Role's permissions and roles`
			`func (c RolesStore) Update(ctx context.Context, u chronograf.Role) error {`
Fix users and roles PATCH removing all permissions 2017-03-02 19:57:53 +00:00			`if u.Permissions != nil {`
			`perms := ToEnterprise(u.Permissions)`
			`if err := c.Ctrl.SetRolePerms(ctx, u.Name, perms); err != nil {`
			`return err`
			`}`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`}`
Fix users and roles PATCH removing all permissions 2017-03-02 19:57:53 +00:00			`if u.Users != nil {`
			`users := make([]string, len(u.Users))`
			`for i, u := range u.Users {`
			`users[i] = u.Name`
			`}`
			`return c.Ctrl.SetRoleUsers(ctx, u.Name, users)`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`}`
Fix users and roles PATCH removing all permissions 2017-03-02 19:57:53 +00:00			`return nil`
WIP roles 2017-02-22 15:29:39 +00:00			`}`

			`// All is all Roles in influx`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`func (c *RolesStore) All(ctx context.Context) ([]chronograf.Role, error) {`
WIP roles 2017-02-22 15:29:39 +00:00			`all, err := c.Ctrl.Roles(ctx, nil)`
			`if err != nil {`
			`return nil, err`
			`}`

Update InfluxEnterprise users to return their roles 2017-03-02 01:13:44 +00:00			`return all.ToChronograf(), nil`
			`}`
Add roles to chronograf 2017-02-23 22:02:53 +00:00
Update InfluxEnterprise users to return their roles 2017-03-02 01:13:44 +00:00			`// ToChronograf converts enterprise roles to chronograf`
			`func (r *Roles) ToChronograf() []chronograf.Role {`
			`res := make([]chronograf.Role, len(r.Roles))`
			`for i, role := range r.Roles {`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`users := make([]chronograf.User, len(role.Users))`
			`for i, user := range role.Users {`
			`users[i] = chronograf.User{`
			`Name: user,`
			`}`
			`}`

WIP roles 2017-02-22 15:29:39 +00:00			`res[i] = chronograf.Role{`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`Name: role.Name,`
			`Permissions: ToChronograf(role.Permissions),`
			`Users: users,`
WIP roles 2017-02-22 15:29:39 +00:00			`}`
			`}`
Update InfluxEnterprise users to return their roles 2017-03-02 01:13:44 +00:00			`return res`
Add roles to chronograf 2017-02-23 22:02:53 +00:00			`}`