From ca3f47187336a9c81c9a01fc59b971878c677058 Mon Sep 17 00:00:00 2001 From: John Schaeffer Date: Thu, 7 Sep 2023 15:58:05 -0400 Subject: [PATCH] Remove relationship create/delete handlers (#174) * Remove relationship create/delete handlers NATS is the interface being used for relationship management now. relationshipCreate and relationshipDelete are redundant and also hard to make secure, since this part of the API is more of a management of the SpiceDB graph itself instead of management of resources that are on the SpiceDB graph. This commit removes both of them and their respective API routes. Signed-off-by: John Schaeffer * Remove unused types and functions Signed-off-by: John Schaeffer --------- Signed-off-by: John Schaeffer --- internal/api/relationships.go | 128 ---------------------------------- internal/api/router.go | 2 - internal/api/types.go | 22 ------ 3 files changed, 152 deletions(-) diff --git a/internal/api/relationships.go b/internal/api/relationships.go index 546c5371..c633da81 100644 --- a/internal/api/relationships.go +++ b/internal/api/relationships.go @@ -3,89 +3,12 @@ package api import ( "net/http" - "go.infratographer.com/permissions-api/internal/types" - "github.com/labstack/echo/v4" "go.infratographer.com/x/gidx" "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/trace" ) -func (r *Router) buildRelationship(resource types.Resource, item createRelationshipItem) (types.Relationship, error) { - itemID, err := gidx.Parse(item.SubjectID) - if err != nil { - return types.Relationship{}, err - } - - itemResource, err := r.engine.NewResourceFromID(itemID) - if err != nil { - return types.Relationship{}, err - } - - out := types.Relationship{ - Subject: itemResource, - Relation: item.Relation, - Resource: resource, - } - - return out, nil -} - -func (r *Router) buildRelationships(subjResource types.Resource, items []createRelationshipItem) ([]types.Relationship, error) { - out := make([]types.Relationship, len(items)) - - for i, item := range items { - rel, err := r.buildRelationship(subjResource, item) - if err != nil { - return nil, err - } - - out[i] = rel - } - - return out, nil -} - -func (r *Router) relationshipsCreate(c echo.Context) error { - resourceIDStr := c.Param("id") - - ctx, span := tracer.Start(c.Request().Context(), "api.relationshipsCreate", trace.WithAttributes(attribute.String("id", resourceIDStr))) - defer span.End() - - resourceID, err := gidx.Parse(resourceIDStr) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error parsing resource ID").SetInternal(err) - } - - var reqBody createRelationshipsRequest - - err = c.Bind(&reqBody) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error parsing request body").SetInternal(err) - } - - resource, err := r.engine.NewResourceFromID(resourceID) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error creating relationships").SetInternal(err) - } - - rels, err := r.buildRelationships(resource, reqBody.Relationships) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error creating relationships").SetInternal(err) - } - - _, err = r.engine.CreateRelationships(ctx, rels) - if err != nil { - return echo.NewHTTPError(http.StatusInternalServerError, "error creating relationships").SetInternal(err) - } - - resp := createRelationshipsResponse{ - Success: true, - } - - return c.JSON(http.StatusCreated, resp) -} - func (r *Router) relationshipListFrom(c echo.Context) error { resourceIDStr := c.Param("id") @@ -159,54 +82,3 @@ func (r *Router) relationshipListTo(c echo.Context) error { return c.JSON(http.StatusOK, out) } - -func (r *Router) relationshipDelete(c echo.Context) error { - resourceIDStr := c.Param("id") - - ctx, span := tracer.Start(c.Request().Context(), "api.relationshipsDelete", trace.WithAttributes(attribute.String("id", resourceIDStr))) - defer span.End() - - resourceID, err := gidx.Parse(resourceIDStr) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error parsing resource ID").SetInternal(err) - } - - var reqBody deleteRelationshipRequest - - err = c.Bind(&reqBody) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error parsing request body").SetInternal(err) - } - - resource, err := r.engine.NewResourceFromID(resourceID) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error deleting relationship").SetInternal(err) - } - - relatedResourceID, err := gidx.Parse(reqBody.SubjectID) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error deleting relationship").SetInternal(err) - } - - relatedResource, err := r.engine.NewResourceFromID(relatedResourceID) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "error deleting relationship").SetInternal(err) - } - - relationship := types.Relationship{ - Resource: resource, - Relation: reqBody.Relation, - Subject: relatedResource, - } - - _, err = r.engine.DeleteRelationships(ctx, relationship) - if err != nil { - return echo.NewHTTPError(http.StatusInternalServerError, "error deleting relationship").SetInternal(err) - } - - resp := deleteRelationshipsResponse{ - Success: true, - } - - return c.JSON(http.StatusOK, resp) -} diff --git a/internal/api/router.go b/internal/api/router.go index f2e2cbcf..e5b869f5 100644 --- a/internal/api/router.go +++ b/internal/api/router.go @@ -56,8 +56,6 @@ func (r *Router) Routes(rg *echo.Group) { v1.POST("/resources/:id/roles", r.roleCreate) v1.GET("/resources/:id/roles", r.rolesList) - v1.POST("/resources/:id/relationships", r.relationshipsCreate) - v1.DELETE("/resources/:id/relationships", r.relationshipDelete) v1.GET("/resources/:id/relationships", r.relationshipListFrom) v1.GET("/relationships/from/:id", r.relationshipListFrom) v1.GET("/relationships/to/:id", r.relationshipListTo) diff --git a/internal/api/types.go b/internal/api/types.go index dbab6e9a..018ea06d 100644 --- a/internal/api/types.go +++ b/internal/api/types.go @@ -25,28 +25,6 @@ type listRolesResponse struct { Data []roleResponse `json:"data"` } -type createRelationshipItem struct { - Relation string `json:"relation" binding:"required"` - SubjectID string `json:"subject_id" binding:"required"` -} - -type createRelationshipsRequest struct { - Relationships []createRelationshipItem `json:"relationships" binding:"required"` -} - -type createRelationshipsResponse struct { - Success bool `json:"success"` -} - -type deleteRelationshipRequest struct { - Relation string `json:"relation" binding:"required"` - SubjectID string `json:"subject_id" binding:"required"` -} - -type deleteRelationshipsResponse struct { - Success bool `json:"success"` -} - type relationshipItem struct { ResourceID string `json:"resource_id,omitempty"` Relation string `json:"relation"`