influxdb/chronograf/server/auth_test.go

package server

import (
	"context"
	"errors"
	"fmt"
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/influxdata/influxdb/v2/chronograf"
	"github.com/influxdata/influxdb/v2/chronograf/mocks"
	"github.com/influxdata/influxdb/v2/chronograf/oauth2"
	"github.com/influxdata/influxdb/v2/chronograf/roles"
)

func TestAuthorizedToken(t *testing.T) {
	var tests = []struct {
		Desc        string
		Code        int
		Principal   oauth2.Principal
		ValidateErr error
		Expected    string
	}{
		{
			Desc:        "Error in validate",
			Code:        http.StatusForbidden,
			ValidateErr: errors.New("error"),
		},
		{
			Desc: "Authorized ok",
			Code: http.StatusOK,
			Principal: oauth2.Principal{
				Subject: "Principal Strickland",
			},
			Expected: "Principal Strickland",
		},
	}
	for _, test := range tests {
		// next is a sentinel StatusOK and
		// principal recorder.
		var principal oauth2.Principal
		next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			w.WriteHeader(http.StatusOK)
			principal = r.Context().Value(oauth2.PrincipalKey).(oauth2.Principal)
		})
		req, _ := http.NewRequest("GET", "", nil)
		w := httptest.NewRecorder()

		a := &mocks.Authenticator{
			Principal:   test.Principal,
			ValidateErr: test.ValidateErr,
		}

		logger := &chronograf.NoopLogger{}
		handler := AuthorizedToken(a, logger, next)
		handler.ServeHTTP(w, req)
		if w.Code != test.Code {
			t.Errorf("Status code expected: %d actual %d", test.Code, w.Code)
		} else if principal != test.Principal {
			t.Errorf("Principal mismatch expected: %s actual %s", test.Principal, principal)
		}
	}
}
func TestAuthorizedUser(t *testing.T) {
	type fields struct {
		UsersStore         chronograf.UsersStore
		OrganizationsStore chronograf.OrganizationsStore
		Logger             chronograf.Logger
	}
	type args struct {
		principal *oauth2.Principal
		scheme    string
		useAuth   bool
		role      string
	}
	tests := []struct {
		name                   string
		fields                 fields
		args                   args
		hasOrganizationContext bool
		hasSuperAdminContext   bool
		hasRoleContext         bool
		hasServerContext       bool
		authorized             bool
	}{
		{
			name: "Not using auth",
			fields: fields{
				UsersStore: &mocks.UsersStore{},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				useAuth: false,
			},
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         false,
			hasServerContext:       true,
			authorized:             true,
		},
		{
			name: "User with member role is member authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.MemberRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "member",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with viewer role is member authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.ViewerRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "member",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with editor role is member authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.EditorRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "member",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with admin role is member authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "member",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with viewer role is viewer authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.ViewerRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "viewer",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with editor role is viewer authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.EditorRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "viewer",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with admin role is viewer authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "viewer",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with viewer role is editor unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.ViewerRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with editor role is editor authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.EditorRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with admin role is editor authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with viewer role is admin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.ViewerRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with editor role is admin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.EditorRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with admin role is admin authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   false,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "User with no role is viewer unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles:    []chronograf.Role{},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "view",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with no role is editor unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles:    []chronograf.Role{},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with no role is admin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles:    []chronograf.Role{},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with unknown role is viewer unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name: "sweet_role",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "viewer",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with unknown role is editor unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name: "sweet_role",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with unknown role is admin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name: "sweet_role",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with viewer role is SuperAdmin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.ViewerRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "superadmin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with editor role is SuperAdmin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.EditorRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "superadmin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "User with admin role is SuperAdmin unauthorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "superadmin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "SuperAdmin is Viewer authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:         1337,
							Name:       "billysteve",
							Provider:   "google",
							Scheme:     "oauth2",
							SuperAdmin: true,
							Roles: []chronograf.Role{
								{
									Name:         roles.MemberRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "viewer",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   true,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "SuperAdmin is Editor authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:         1337,
							Name:       "billysteve",
							Provider:   "google",
							Scheme:     "oauth2",
							SuperAdmin: true,
							Roles: []chronograf.Role{
								{
									Name:         roles.MemberRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "editor",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   true,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "SuperAdmin is Admin authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:         1337,
							Name:       "billysteve",
							Provider:   "google",
							Scheme:     "oauth2",
							SuperAdmin: true,
							Roles: []chronograf.Role{
								{
									Name:         roles.MemberRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   true,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "SuperAdmin is SuperAdmin authorized",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:         1337,
							Name:       "billysteve",
							Provider:   "google",
							Scheme:     "oauth2",
							SuperAdmin: true,
							Roles: []chronograf.Role{
								{
									Name:         roles.MemberRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "superadmin",
				useAuth: true,
			},
			authorized:             true,
			hasOrganizationContext: true,
			hasSuperAdminContext:   true,
			hasRoleContext:         true,
			hasServerContext:       false,
		},
		{
			name: "Invalid principal – principal is nil",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: nil,
				scheme:    "oauth2",
				role:      "admin",
				useAuth:   true,
			},
			authorized: false,
		},
		{
			name: "Invalid principal - missing organization",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject: "billysteve",
					Issuer:  "google",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "Invalid principal - organization id not uint64",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1ee7",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "Failed to retrieve organization",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						return &chronograf.User{
							ID:       1337,
							Name:     "billysteve",
							Provider: "google",
							Scheme:   "oauth2",
							Roles: []chronograf.Role{
								{
									Name:         roles.AdminRoleName,
									Organization: "1337",
								},
							},
						}, nil
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						switch *q.ID {
						case "1338":
							return &chronograf.Organization{
								ID:   "1338",
								Name: "The ShillBillThrilliettas",
							}, nil
						default:
							return nil, chronograf.ErrOrganizationNotFound
						}
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billysteve",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
		{
			name: "Failed to retrieve user",
			fields: fields{
				UsersStore: &mocks.UsersStore{
					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
							return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
						}
						switch *q.Name {
						case "billysteve":
							return &chronograf.User{
								ID:       1337,
								Name:     "billysteve",
								Provider: "google",
								Scheme:   "oauth2",
								Roles: []chronograf.Role{
									{
										Name:         roles.AdminRoleName,
										Organization: "1337",
									},
								},
							}, nil
						default:
							return nil, chronograf.ErrUserNotFound
						}
					},
				},
				OrganizationsStore: &mocks.OrganizationsStore{
					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
						return &chronograf.Organization{
							ID: "0",
						}, nil
					},
					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
						if q.ID == nil {
							return nil, fmt.Errorf("invalid organization query: missing ID")
						}
						return &chronograf.Organization{
							ID:   "1337",
							Name: "The ShillBillThrilliettas",
						}, nil
					},
				},
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				principal: &oauth2.Principal{
					Subject:      "billietta",
					Issuer:       "google",
					Organization: "1337",
				},
				scheme:  "oauth2",
				role:    "admin",
				useAuth: true,
			},
			authorized: false,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			var authorized bool
			var hasServerCtx bool
			var hasSuperAdminCtx bool
			var hasOrganizationCtx bool
			var hasRoleCtx bool
			next := func(w http.ResponseWriter, r *http.Request) {
				ctx := r.Context()
				hasServerCtx = hasServerContext(ctx)
				hasSuperAdminCtx = hasSuperAdminContext(ctx)
				_, hasOrganizationCtx = hasOrganizationContext(ctx)
				_, hasRoleCtx = hasRoleContext(ctx)
				authorized = true
			}
			fn := AuthorizedUser(
				&Store{
					UsersStore:         tt.fields.UsersStore,
					OrganizationsStore: tt.fields.OrganizationsStore,
				},
				tt.args.useAuth,
				tt.args.role,
				tt.fields.Logger,
				next,
			)

			w := httptest.NewRecorder()
			r := httptest.NewRequest(
				"GET",
				"http://any.url", // can be any valid URL as we are bypassing mux
				nil,
			)
			if tt.args.principal == nil {
				r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, nil))
			} else {
				r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, *tt.args.principal))
			}
			fn(w, r)

			if authorized != tt.authorized {
				t.Errorf("%q. AuthorizedUser() = %v, expected %v", tt.name, authorized, tt.authorized)
			}

			if !authorized && w.Code != http.StatusForbidden {
				t.Errorf("%q. AuthorizedUser() Status Code = %v, expected %v", tt.name, w.Code, http.StatusForbidden)
			}

			if hasServerCtx != tt.hasServerContext {
				t.Errorf("%q. AuthorizedUser().Context().Server = %v, expected %v", tt.name, hasServerCtx, tt.hasServerContext)
			}

			if hasSuperAdminCtx != tt.hasSuperAdminContext {
				t.Errorf("%q. AuthorizedUser().Context().SuperAdmin = %v, expected %v", tt.name, hasSuperAdminCtx, tt.hasSuperAdminContext)
			}

			if hasOrganizationCtx != tt.hasOrganizationContext {
				t.Errorf("%q. AuthorizedUser.Context().Organization = %v, expected %v", tt.name, hasOrganizationCtx, tt.hasOrganizationContext)
			}

			if hasRoleCtx != tt.hasRoleContext {
				t.Errorf("%q. AuthorizedUser().Context().Role = %v, expected %v", tt.name, hasRoleCtx, tt.hasRoleContext)
			}

		})
	}
}

func TestRawStoreAccess(t *testing.T) {
	type fields struct {
		Logger chronograf.Logger
	}
	type args struct {
		principal     *oauth2.Principal
		serverContext bool
		user          *chronograf.User
	}
	type wants struct {
		authorized       bool
		hasServerContext bool
	}
	tests := []struct {
		name   string
		fields fields
		args   args
		wants  wants
	}{
		{
			name: "middleware already has server context",
			fields: fields{
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				serverContext: true,
			},
			wants: wants{
				authorized:       true,
				hasServerContext: true,
			},
		},
		{
			name: "user on context is a SuperAdmin",
			fields: fields{
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				user: &chronograf.User{
					SuperAdmin: true,
				},
			},
			wants: wants{
				authorized:       true,
				hasServerContext: true,
			},
		},
		{
			name: "user on context is a not SuperAdmin",
			fields: fields{
				Logger: &chronograf.NoopLogger{},
			},
			args: args{
				user: &chronograf.User{
					SuperAdmin: false,
				},
			},
			wants: wants{
				authorized:       false,
				hasServerContext: false,
			},
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			var authorized bool
			var hasServerCtx bool
			next := func(w http.ResponseWriter, r *http.Request) {
				ctx := r.Context()
				hasServerCtx = hasServerContext(ctx)
				authorized = true
			}
			fn := RawStoreAccess(
				tt.fields.Logger,
				next,
			)

			w := httptest.NewRecorder()
			url := "http://any.url"
			r := httptest.NewRequest(
				"GET",
				url,
				nil,
			)
			if tt.args.principal == nil {
				r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, nil))
			} else {
				r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, *tt.args.principal))
			}

			if tt.args.serverContext {
				r = r.WithContext(serverContext(r.Context()))
			}
			if tt.args.user != nil {
				r = r.WithContext(context.WithValue(r.Context(), UserContextKey, tt.args.user))
			}
			fn(w, r)

			if authorized != tt.wants.authorized {
				t.Errorf("%q. RawStoreAccess() = %v, expected %v", tt.name, authorized, tt.wants.authorized)
			}

			if !authorized && w.Code != http.StatusForbidden {
				t.Errorf("%q. RawStoreAccess() Status Code = %v, expected %v", tt.name, w.Code, http.StatusForbidden)
			}

			if hasServerCtx != tt.wants.hasServerContext {
				t.Errorf("%q. RawStoreAccess().Context().Server = %v, expected %v", tt.name, hasServerCtx, tt.wants.hasServerContext)
			}

		})
	}
}
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+								package server
-												Add new auth duration CLI option; add client heartbeat; fix logout (#1119)

* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close

* Refactor GET 'me' into heartbeat at constant interval

* Add ping route to all routes

* Add /chronograf/v1/ping endpoint for server status

* Refactor cookie generation to use an interface

* WIP adding refreshable tokens

* Add reminder to review index.js Login error handling

* Refactor Authenticator interface to accommodate cookie duration and logout delay

* Update make run-dev to be more TICKStack compliant

* Remove heartbeat/logout duration from authentication

* WIP Refactor tests to accommodate cookie and auth refactor

* Update oauth2 tests to newly refactored design

* Update oauth provider tests

* Remove unused oauth2/consts.go

* Move authentication middleware to server package

* Fix authentication comment

* Update authenication documentation to mention AUTH_DURATION

* Update /chronograf/v1/ping to simply return 204

* Fix Makefile run-dev target

* Remove spurious ping route

* Update auth docs to clarify authentication duration

* Revert "Refactor GET 'me' into heartbeat at constant interval"

This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3.

Conflicts:
ui/src/index.js

* Add auth test for JWT signing method

* Add comments for why coverage isn't written for some areas of jwt code

* Update auth docs to explicitly mention how to require re-auth for all users on server restart

* Add Duration to Validation interface for Tokens

* Make auth duration of zero yield a everlasting token

* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""

This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd.

* Rename http status constants and add FORBIDDEN

* Heartbeat only when logged in, notify user if heartbeat fails

* Update changelog

* Fix minor word semantics

* Update oauth2 tests to be in the oauth2_test package

* Add check at compile time that JWT implements Tokenizer

* Rename CookieMux to AuthMux for consistency with earlier refactor

* Fix logout middleware

* Fix logout button not showing due to obsolete data shape expectations

* Update changelog

* Fix proptypes for logout button data shape in SideNav

											
										
										
											2017-04-06 18:40:57 +00:00
 								import (
 									"context"
 									"errors"
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+									"fmt"
-												Add new auth duration CLI option; add client heartbeat; fix logout (#1119)

* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close

* Refactor GET 'me' into heartbeat at constant interval

* Add ping route to all routes

* Add /chronograf/v1/ping endpoint for server status

* Refactor cookie generation to use an interface

* WIP adding refreshable tokens

* Add reminder to review index.js Login error handling

* Refactor Authenticator interface to accommodate cookie duration and logout delay

* Update make run-dev to be more TICKStack compliant

* Remove heartbeat/logout duration from authentication

* WIP Refactor tests to accommodate cookie and auth refactor

* Update oauth2 tests to newly refactored design

* Update oauth provider tests

* Remove unused oauth2/consts.go

* Move authentication middleware to server package

* Fix authentication comment

* Update authenication documentation to mention AUTH_DURATION

* Update /chronograf/v1/ping to simply return 204

* Fix Makefile run-dev target

* Remove spurious ping route

* Update auth docs to clarify authentication duration

* Revert "Refactor GET 'me' into heartbeat at constant interval"

This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3.

Conflicts:
ui/src/index.js

* Add auth test for JWT signing method

* Add comments for why coverage isn't written for some areas of jwt code

* Update auth docs to explicitly mention how to require re-auth for all users on server restart

* Add Duration to Validation interface for Tokens

* Make auth duration of zero yield a everlasting token

* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""

This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd.

* Rename http status constants and add FORBIDDEN

* Heartbeat only when logged in, notify user if heartbeat fails

* Update changelog

* Fix minor word semantics

* Update oauth2 tests to be in the oauth2_test package

* Add check at compile time that JWT implements Tokenizer

* Rename CookieMux to AuthMux for consistency with earlier refactor

* Fix logout middleware

* Fix logout button not showing due to obsolete data shape expectations

* Update changelog

* Fix proptypes for logout button data shape in SideNav

											
										
										
											2017-04-06 18:40:57 +00:00
+									"net/http"
 									"net/http/httptest"
 									"testing"
-												refactor: rewrite imports to include the /v2 suffix for version 2

											
										
										
											2020-04-03 17:39:20 +00:00
+									"github.com/influxdata/influxdb/v2/chronograf"
 									"github.com/influxdata/influxdb/v2/chronograf/mocks"
 									"github.com/influxdata/influxdb/v2/chronograf/oauth2"
 									"github.com/influxdata/influxdb/v2/chronograf/roles"
-												Add new auth duration CLI option; add client heartbeat; fix logout (#1119)

* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close

* Refactor GET 'me' into heartbeat at constant interval

* Add ping route to all routes

* Add /chronograf/v1/ping endpoint for server status

* Refactor cookie generation to use an interface

* WIP adding refreshable tokens

* Add reminder to review index.js Login error handling

* Refactor Authenticator interface to accommodate cookie duration and logout delay

* Update make run-dev to be more TICKStack compliant

* Remove heartbeat/logout duration from authentication

* WIP Refactor tests to accommodate cookie and auth refactor

* Update oauth2 tests to newly refactored design

* Update oauth provider tests

* Remove unused oauth2/consts.go

* Move authentication middleware to server package

* Fix authentication comment

* Update authenication documentation to mention AUTH_DURATION

* Update /chronograf/v1/ping to simply return 204

* Fix Makefile run-dev target

* Remove spurious ping route

* Update auth docs to clarify authentication duration

* Revert "Refactor GET 'me' into heartbeat at constant interval"

This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3.

Conflicts:
ui/src/index.js

* Add auth test for JWT signing method

* Add comments for why coverage isn't written for some areas of jwt code

* Update auth docs to explicitly mention how to require re-auth for all users on server restart

* Add Duration to Validation interface for Tokens

* Make auth duration of zero yield a everlasting token

* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""

This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd.

* Rename http status constants and add FORBIDDEN

* Heartbeat only when logged in, notify user if heartbeat fails

* Update changelog

* Fix minor word semantics

* Update oauth2 tests to be in the oauth2_test package

* Add check at compile time that JWT implements Tokenizer

* Rename CookieMux to AuthMux for consistency with earlier refactor

* Fix logout middleware

* Fix logout button not showing due to obsolete data shape expectations

* Update changelog

* Fix proptypes for logout button data shape in SideNav

											
										
										
											2017-04-06 18:40:57 +00:00
+								)
 								func TestAuthorizedToken(t *testing.T) {
 									var tests = []struct {
 										Desc        string
 										Code        int
 										Principal   oauth2.Principal
 										ValidateErr error
 										Expected    string
 									}{
 										{
 											Desc:        "Error in validate",
 											Code:        http.StatusForbidden,
 											ValidateErr: errors.New("error"),
 										},
 										{
 											Desc: "Authorized ok",
 											Code: http.StatusOK,
 											Principal: oauth2.Principal{
 												Subject: "Principal Strickland",
 											},
 											Expected: "Principal Strickland",
 										},
 									}
 									for _, test := range tests {
 										// next is a sentinel StatusOK and
 										// principal recorder.
 										var principal oauth2.Principal
 										next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 											w.WriteHeader(http.StatusOK)
 											principal = r.Context().Value(oauth2.PrincipalKey).(oauth2.Principal)
 										})
 										req, _ := http.NewRequest("GET", "", nil)
 										w := httptest.NewRecorder()
-												Move Mock Authenticator into mocks package

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-26 22:46:06 +00:00
+										a := &mocks.Authenticator{
-												Add new auth duration CLI option; add client heartbeat; fix logout (#1119)

* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close

* Refactor GET 'me' into heartbeat at constant interval

* Add ping route to all routes

* Add /chronograf/v1/ping endpoint for server status

* Refactor cookie generation to use an interface

* WIP adding refreshable tokens

* Add reminder to review index.js Login error handling

* Refactor Authenticator interface to accommodate cookie duration and logout delay

* Update make run-dev to be more TICKStack compliant

* Remove heartbeat/logout duration from authentication

* WIP Refactor tests to accommodate cookie and auth refactor

* Update oauth2 tests to newly refactored design

* Update oauth provider tests

* Remove unused oauth2/consts.go

* Move authentication middleware to server package

* Fix authentication comment

* Update authenication documentation to mention AUTH_DURATION

* Update /chronograf/v1/ping to simply return 204

* Fix Makefile run-dev target

* Remove spurious ping route

* Update auth docs to clarify authentication duration

* Revert "Refactor GET 'me' into heartbeat at constant interval"

This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3.

Conflicts:
ui/src/index.js

* Add auth test for JWT signing method

* Add comments for why coverage isn't written for some areas of jwt code

* Update auth docs to explicitly mention how to require re-auth for all users on server restart

* Add Duration to Validation interface for Tokens

* Make auth duration of zero yield a everlasting token

* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""

This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd.

* Rename http status constants and add FORBIDDEN

* Heartbeat only when logged in, notify user if heartbeat fails

* Update changelog

* Fix minor word semantics

* Update oauth2 tests to be in the oauth2_test package

* Add check at compile time that JWT implements Tokenizer

* Rename CookieMux to AuthMux for consistency with earlier refactor

* Fix logout middleware

* Fix logout button not showing due to obsolete data shape expectations

* Update changelog

* Fix proptypes for logout button data shape in SideNav

											
										
										
											2017-04-06 18:40:57 +00:00
+											Principal:   test.Principal,
 											ValidateErr: test.ValidateErr,
 										}
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+										logger := &chronograf.NoopLogger{}
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+										handler := AuthorizedToken(a, logger, next)
-												Add new auth duration CLI option; add client heartbeat; fix logout (#1119)

* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close

* Refactor GET 'me' into heartbeat at constant interval

* Add ping route to all routes

* Add /chronograf/v1/ping endpoint for server status

* Refactor cookie generation to use an interface

* WIP adding refreshable tokens

* Add reminder to review index.js Login error handling

* Refactor Authenticator interface to accommodate cookie duration and logout delay

* Update make run-dev to be more TICKStack compliant

* Remove heartbeat/logout duration from authentication

* WIP Refactor tests to accommodate cookie and auth refactor

* Update oauth2 tests to newly refactored design

* Update oauth provider tests

* Remove unused oauth2/consts.go

* Move authentication middleware to server package

* Fix authentication comment

* Update authenication documentation to mention AUTH_DURATION

* Update /chronograf/v1/ping to simply return 204

* Fix Makefile run-dev target

* Remove spurious ping route

* Update auth docs to clarify authentication duration

* Revert "Refactor GET 'me' into heartbeat at constant interval"

This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3.

Conflicts:
ui/src/index.js

* Add auth test for JWT signing method

* Add comments for why coverage isn't written for some areas of jwt code

* Update auth docs to explicitly mention how to require re-auth for all users on server restart

* Add Duration to Validation interface for Tokens

* Make auth duration of zero yield a everlasting token

* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""

This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd.

* Rename http status constants and add FORBIDDEN

* Heartbeat only when logged in, notify user if heartbeat fails

* Update changelog

* Fix minor word semantics

* Update oauth2 tests to be in the oauth2_test package

* Add check at compile time that JWT implements Tokenizer

* Rename CookieMux to AuthMux for consistency with earlier refactor

* Fix logout middleware

* Fix logout button not showing due to obsolete data shape expectations

* Update changelog

* Fix proptypes for logout button data shape in SideNav

											
										
										
											2017-04-06 18:40:57 +00:00
+										handler.ServeHTTP(w, req)
 										if w.Code != test.Code {
 											t.Errorf("Status code expected: %d actual %d", test.Code, w.Code)
 										} else if principal != test.Principal {
 											t.Errorf("Principal mismatch expected: %s actual %s", test.Principal, principal)
 										}
 									}
 								}
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+								func TestAuthorizedUser(t *testing.T) {
 									type fields struct {
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+										UsersStore         chronograf.UsersStore
 										OrganizationsStore chronograf.OrganizationsStore
 										Logger             chronograf.Logger
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+									}
 									type args struct {
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+										principal *oauth2.Principal
 										scheme    string
 										useAuth   bool
 										role      string
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+									}
 									tests := []struct {
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+										name                   string
 										fields                 fields
 										args                   args
 										hasOrganizationContext bool
 										hasSuperAdminContext   bool
 										hasRoleContext         bool
 										hasServerContext       bool
 										authorized             bool
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+									}{
 										{
 											name: "Not using auth",
 											fields: fields{
-												Add default org check even when no auth is used

											
										
										
											2017-11-03 16:55:55 +00:00
+												UsersStore: &mocks.UsersStore{},
 												OrganizationsStore: &mocks.OrganizationsStore{
 													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org check even when no auth is used

											
										
										
											2017-11-03 16:55:55 +00:00
+														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
 												useAuth: false,
 											},
-												Add OrganizationConfigStore & refactor org config to be per org

As previously implemented, OrganizationConfig was a global
object. This refactor adds the organization id to context for
every request, even when auth is disabled, so that org id
can be used to get/update an organization config.

Along those lines, this also removes OrganizationConfigStore
.Initialize and replaces .Get with .FindOrCreate, handling
the creation of organization configs upon first attempted
access.

Co-authored-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2018-07-06 01:40:52 +00:00
+											hasOrganizationContext: true,
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											hasSuperAdminContext:   false,
 											hasRoleContext:         false,
 											hasServerContext:       true,
 											authorized:             true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+										{
 											name: "User with member role is member authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
 																	Name:         roles.MemberRoleName,
 																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
 													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
 															ID: "0",
 														}, nil
 													},
 													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.Organization{
 															ID:   "1337",
 															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "member",
 												useAuth: true,
 											},
 											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
 										},
 										{
 											name: "User with viewer role is member authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
 																	Name:         roles.ViewerRoleName,
 																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
 													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
 															ID: "0",
 														}, nil
 													},
 													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.Organization{
 															ID:   "1337",
 															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "member",
 												useAuth: true,
 											},
 											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
 										},
 										{
 											name: "User with editor role is member authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
 																	Name:         roles.EditorRoleName,
 																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
 													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
 															ID: "0",
 														}, nil
 													},
 													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.Organization{
 															ID:   "1337",
 															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "member",
 												useAuth: true,
 											},
 											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
 										},
 										{
 											name: "User with admin role is member authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
 																	Name:         roles.AdminRoleName,
 																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
 													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
 															ID: "0",
 														}, nil
 													},
 													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+														}
 														return &chronograf.Organization{
 															ID:   "1337",
 															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "member",
 												useAuth: true,
 											},
 											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
 										},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										{
 											name: "User with viewer role is viewer authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.ViewerRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "viewer",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with editor role is viewer authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.EditorRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "viewer",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with admin role is viewer authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "viewer",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with viewer role is editor unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.ViewerRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with editor role is editor authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.EditorRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with admin role is editor authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with viewer role is admin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.ViewerRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with editor role is admin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.EditorRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with admin role is admin authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   false,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										},
 										{
 											name: "User with no role is viewer unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles:    []chronograf.Role{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "view",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with no role is editor unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles:    []chronograf.Role{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with no role is admin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles:    []chronograf.Role{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with unknown role is viewer unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
 																{
 																	Name: "sweet_role",
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+																},
 															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "viewer",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with unknown role is editor unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
 																{
 																	Name: "sweet_role",
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+																},
 															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
 													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
-												Add OrganizationConfigStore & refactor org config to be per org

As previously implemented, OrganizationConfig was a global
object. This refactor adds the organization id to context for
every request, even when auth is disabled, so that org id
can be used to get/update an organization config.

Along those lines, this also removes OrganizationConfigStore
.Initialize and replaces .Get with .FindOrCreate, handling
the creation of organization configs upon first attempted
access.

Co-authored-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2018-07-06 01:40:52 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
 															ID: "0",
 														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 										{
 											name: "User with unknown role is admin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+														}
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
-												Lowercase Provider & Scheme & Role values for consistency

The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.

											
										
										
											2017-10-24 23:17:59 +00:00
+															Provider: "google",
 															Scheme:   "oauth2",
-												Use new chonograf.UserStore Get method when needed

Refactor tests that were dependent of old implementation of UsersStore

											
										
										
											2017-10-18 18:45:33 +00:00
+															Roles: []chronograf.Role{
 																{
 																	Name: "sweet_role",
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+																},
 															},
 														}, nil
 													},
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											args: args{
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+										{
 											name: "User with viewer role is SuperAdmin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.ViewerRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "superadmin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "User with editor role is SuperAdmin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.EditorRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "superadmin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "User with admin role is SuperAdmin unauthorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "superadmin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "SuperAdmin is Viewer authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:         1337,
 															Name:       "billysteve",
 															Provider:   "google",
 															Scheme:     "oauth2",
 															SuperAdmin: true,
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.MemberRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "viewer",
 												useAuth: true,
 											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   true,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+										},
 										{
 											name: "SuperAdmin is Editor authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:         1337,
 															Name:       "billysteve",
 															Provider:   "google",
 															Scheme:     "oauth2",
 															SuperAdmin: true,
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.MemberRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "editor",
 												useAuth: true,
 											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   true,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+										},
 										{
 											name: "SuperAdmin is Admin authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:         1337,
 															Name:       "billysteve",
 															Provider:   "google",
 															Scheme:     "oauth2",
 															SuperAdmin: true,
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.MemberRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
 											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   true,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+										},
 										{
 											name: "SuperAdmin is SuperAdmin authorized",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.User{
 															ID:         1337,
 															Name:       "billysteve",
 															Provider:   "google",
 															Scheme:     "oauth2",
 															SuperAdmin: true,
 															Roles: []chronograf.Role{
 																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.MemberRoleName,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+																	Organization: "1337",
 																},
 															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "superadmin",
 												useAuth: true,
 											},
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											authorized:             true,
 											hasOrganizationContext: true,
 											hasSuperAdminContext:   true,
 											hasRoleContext:         true,
 											hasServerContext:       false,
-												Add exhaustive test for AuthorizedUser

											
										
										
											2017-11-01 20:38:17 +00:00
+										},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+										{
 											name: "Invalid principal – principal is nil",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											},
 											args: args{
 												principal: nil,
 												scheme:    "oauth2",
 												role:      "admin",
 												useAuth:   true,
 											},
 											authorized: false,
 										},
 										{
 											name: "Invalid principal - missing organization",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject: "billysteve",
 													Issuer:  "google",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "Invalid principal - organization id not uint64",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1ee7",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "Failed to retrieve organization",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.User{
 															ID:       1337,
 															Name:     "billysteve",
 															Provider: "google",
 															Scheme:   "oauth2",
 															Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																	Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	Organization: "1337",
 																},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															},
 														}, nil
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														switch *q.ID {
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+														case "1338":
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+																ID:   "1338",
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+																Name: "The ShillBillThrilliettas",
 															}, nil
 														default:
 															return nil, chronograf.ErrOrganizationNotFound
 														}
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billysteve",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
 											},
 											authorized: false,
 										},
 										{
 											name: "Failed to retrieve user",
 											fields: fields{
 												UsersStore: &mocks.UsersStore{
 													GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
 														if q.Name == nil || q.Provider == nil || q.Scheme == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid user query: missing Name, Provider, and/or Scheme")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														switch *q.Name {
 														case "billysteve":
 															return &chronograf.User{
 																ID:       1337,
 																Name:     "billysteve",
 																Provider: "google",
 																Scheme:   "oauth2",
 																Roles: []chronograf.Role{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																	{
-												Move user roles and role names to roles package

											
										
										
											2017-11-03 20:32:05 +00:00
+																		Name:         roles.AdminRoleName,
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+																		Organization: "1337",
 																	},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+																},
 															}, nil
 														default:
 															return nil, chronograf.ErrUserNotFound
 														}
 													},
 												},
 												OrganizationsStore: &mocks.OrganizationsStore{
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+													DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID: "0",
-												Add default org logic to OrganizationsStore

Update resource handlers to appropriate consume default organization IDs

											
										
										
											2017-11-02 20:47:45 +00:00
+														}, nil
 													},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+													GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
 														if q.ID == nil {
-												Ensure error strings not capitalised ST1005

											
										
										
											2018-11-21 14:22:35 +00:00
+															return nil, fmt.Errorf("invalid organization query: missing ID")
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+														}
 														return &chronograf.Organization{
-												Change Organization ID to string from uint64

											
										
										
											2017-12-18 22:07:40 +00:00
+															ID:   "1337",
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+															Name: "The ShillBillThrilliettas",
 														}, nil
 													},
 												},
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											},
 											args: args{
 												principal: &oauth2.Principal{
 													Subject:      "billietta",
 													Issuer:       "google",
 													Organization: "1337",
 												},
 												scheme:  "oauth2",
 												role:    "admin",
 												useAuth: true,
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											},
 											authorized: false,
 										},
 									}
 									for _, tt := range tests {
 										t.Run(tt.name, func(t *testing.T) {
 											var authorized bool
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+											var hasServerCtx bool
 											var hasSuperAdminCtx bool
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											var hasOrganizationCtx bool
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+											var hasRoleCtx bool
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											next := func(w http.ResponseWriter, r *http.Request) {
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+												ctx := r.Context()
 												hasServerCtx = hasServerContext(ctx)
 												hasSuperAdminCtx = hasSuperAdminContext(ctx)
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+												_, hasOrganizationCtx = hasOrganizationContext(ctx)
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+												_, hasRoleCtx = hasRoleContext(ctx)
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+												authorized = true
 											}
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+											fn := AuthorizedUser(
 												&Store{
-												Refactor data stores into a common interface

											
										
										
											2017-10-31 20:41:17 +00:00
+													UsersStore:         tt.fields.UsersStore,
 													OrganizationsStore: tt.fields.OrganizationsStore,
 												},
-												Add organization field to principal in auth tests

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>

											
										
										
											2017-10-27 20:19:43 +00:00
+												tt.args.useAuth,
 												tt.args.role,
 												tt.fields.Logger,
 												next,
 											)
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
 											w := httptest.NewRecorder()
 											r := httptest.NewRequest(
 												"GET",
 												"http://any.url", // can be any valid URL as we are bypassing mux
 												nil,
 											)
-												Test authorized User in the context of Organization

Make principal explicit arg in auth tests.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-27 20:53:16 +00:00
+											if tt.args.principal == nil {
 												r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, nil))
 											} else {
 												r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, *tt.args.principal))
 											}
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											fn(w, r)
 											if authorized != tt.authorized {
-												Set Scheme to be OAuth2 explicitly for all users

Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>

											
										
										
											2017-10-19 18:17:40 +00:00
+												t.Errorf("%q. AuthorizedUser() = %v, expected %v", tt.name, authorized, tt.authorized)
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+											}
-												Change HTTP Status 401 to 403 in AuthorizedUser

This signals to the front end that a user must go through another ouath
flow.

											
										
										
											2017-11-21 23:55:26 +00:00
+											if !authorized && w.Code != http.StatusForbidden {
 												t.Errorf("%q. AuthorizedUser() Status Code = %v, expected %v", tt.name, w.Code, http.StatusForbidden)
 											}
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+											if hasServerCtx != tt.hasServerContext {
 												t.Errorf("%q. AuthorizedUser().Context().Server = %v, expected %v", tt.name, hasServerCtx, tt.hasServerContext)
 											}
 											if hasSuperAdminCtx != tt.hasSuperAdminContext {
 												t.Errorf("%q. AuthorizedUser().Context().SuperAdmin = %v, expected %v", tt.name, hasSuperAdminCtx, tt.hasSuperAdminContext)
 											}
-												Change UserKey to UserContextKey

Fix name of arguments in tests

											
										
										
											2017-11-10 16:18:06 +00:00
+											if hasOrganizationCtx != tt.hasOrganizationContext {
 												t.Errorf("%q. AuthorizedUser.Context().Organization = %v, expected %v", tt.name, hasOrganizationCtx, tt.hasOrganizationContext)
-												Differentiate between SuperAdminContext and ServerContext

Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.

											
										
										
											2017-11-08 21:56:34 +00:00
+											}
 											if hasRoleCtx != tt.hasRoleContext {
 												t.Errorf("%q. AuthorizedUser().Context().Role = %v, expected %v", tt.name, hasRoleCtx, tt.hasRoleContext)
 											}
-												Add AuthorizedUser middleware

											
										
										
											2017-10-18 16:35:40 +00:00
+										})
 									}
 								}
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+								func TestRawStoreAccess(t *testing.T) {
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+									type fields struct {
 										Logger chronograf.Logger
 									}
 									type args struct {
 										principal     *oauth2.Principal
 										serverContext bool
 										user          *chronograf.User
 									}
 									type wants struct {
 										authorized       bool
 										hasServerContext bool
 									}
 									tests := []struct {
 										name   string
 										fields fields
 										args   args
 										wants  wants
 									}{
 										{
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											name: "middleware already has server context",
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											fields: fields{
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											},
 											args: args{
 												serverContext: true,
 											},
 											wants: wants{
 												authorized:       true,
 												hasServerContext: true,
 											},
 										},
 										{
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											name: "user on context is a SuperAdmin",
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											fields: fields{
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											},
 											args: args{
 												user: &chronograf.User{
 													SuperAdmin: true,
 												},
 											},
 											wants: wants{
 												authorized:       true,
 												hasServerContext: true,
 											},
 										},
 										{
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											name: "user on context is a not SuperAdmin",
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											fields: fields{
-												feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): remove explicit logrus dependency

chore(platform): run go mod tidy

chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus

chore(platform): update docker dependency

feat(vault): add vault implementation of secret service

test(platform): run testcontainer integration tests for nightly release

Integration tests for the vault secret service using testcontiners
should not run along with unit tests, however, they should run on some
regular schedule. This commit introduces `make test-integration` which
runs integration tests for vault using testcontainers. The command introduced
relies on docker being available on the host it is executed on.

chore(platform): make go modules tidy

chore: try to fix go mod

chore(platform): run go mod tidy

feat(vault): add vault implementation of secret service

chore(platform): make go modules tidy

feat(platform): add Put/Patch/Delete methods on secret service

feat(vault): add Put/Patch/Delete methods on vault secret service

feat(http): add http handler methods for secret service

feat(bolt): add Put/Delete/Patch methods to bolt secret service

feat(testing): add tests for Put/Patch/Delete methods in secret service

feat(mock): add mock secret service

feat(http): add tests for secrets endpoints

feat(http): update swagger for secrets endpoints

chore: run go mod tidy

											
										
										
											2018-11-16 16:45:00 +00:00
+												Logger: &chronograf.NoopLogger{},
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											},
 											args: args{
 												user: &chronograf.User{
 													SuperAdmin: false,
 												},
 											},
 											wants: wants{
 												authorized:       false,
 												hasServerContext: false,
 											},
 										},
 									}
 									for _, tt := range tests {
 										t.Run(tt.name, func(t *testing.T) {
 											var authorized bool
 											var hasServerCtx bool
 											next := func(w http.ResponseWriter, r *http.Request) {
 												ctx := r.Context()
 												hasServerCtx = hasServerContext(ctx)
 												authorized = true
 											}
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+											fn := RawStoreAccess(
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+												tt.fields.Logger,
 												next,
 											)
 											w := httptest.NewRecorder()
 											url := "http://any.url"
 											r := httptest.NewRequest(
 												"GET",
 												url,
 												nil,
 											)
 											if tt.args.principal == nil {
 												r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, nil))
 											} else {
 												r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, *tt.args.principal))
 											}
 											if tt.args.serverContext {
 												r = r.WithContext(serverContext(r.Context()))
 											}
 											if tt.args.user != nil {
 												r = r.WithContext(context.WithValue(r.Context(), UserContextKey, tt.args.user))
 											}
 											fn(w, r)
 											if authorized != tt.wants.authorized {
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+												t.Errorf("%q. RawStoreAccess() = %v, expected %v", tt.name, authorized, tt.wants.authorized)
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											}
 											if !authorized && w.Code != http.StatusForbidden {
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+												t.Errorf("%q. RawStoreAccess() Status Code = %v, expected %v", tt.name, w.Code, http.StatusForbidden)
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											}
 											if hasServerCtx != tt.wants.hasServerContext {
-												Nest user routes under organization

Add global user routes

											
										
										
											2018-01-16 21:45:58 +00:00
+												t.Errorf("%q. RawStoreAccess().Context().Server = %v, expected %v", tt.name, hasServerCtx, tt.wants.hasServerContext)
-												Modify CRUD user handlers for global operations

Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.

											
										
										
											2018-01-09 18:43:33 +00:00
+											}
 										})
 									}
 								}