Skip to content

Commit fbc02f3

Browse files
jakedoublevjakedoublev
authored
feat(policy): add unsafe attribute RPC db connectivity (#1022)
3rd PR for #115 - [x] reactivate (no cascade down) - [x] update definition name (and upsert fqn) - [x] upsert name fqn changes from namespaces down and from attribute definition down to values - [X] update rule (changes access) - [x] reorder of values (changes hierarchy) - [x] delete (cascading)
1 parent 8193cec commit fbc02f3

File tree

12 files changed

+882
-295
lines changed

12 files changed

+882
-295
lines changed

docs/grpc/index.html

Lines changed: 10 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/openapi/policy/unsafe/unsafe.swagger.json

Lines changed: 11 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

protocol/go/policy/unsafe/unsafe.pb.go

Lines changed: 170 additions & 156 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

service/integration/attribute_fqns_test.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -366,6 +366,57 @@ func (s *AttributeFqnSuite) TestGetAttributesByValueFqns_Fails_WithDeactivatedAt
366366
s.Require().ErrorIs(err, db.ErrNotFound)
367367
}
368368

369+
func (s *AttributeFqnSuite) TestGetAttributesByValueFqns_Fails_WithDeactivatedAttributeValue() {
370+
// create a new namespace
371+
ns, err := s.db.PolicyClient.CreateNamespace(s.ctx, &namespaces.CreateNamespaceRequest{
372+
Name: "test_fqn_namespace.goodbye",
373+
})
374+
s.Require().NoError(err)
375+
376+
// give it an attribute with two values
377+
attr, err := s.db.PolicyClient.CreateAttribute(s.ctx, &attributes.CreateAttributeRequest{
378+
NamespaceId: ns.GetId(),
379+
Name: "deactivating_attr",
380+
Rule: policy.AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF,
381+
})
382+
s.Require().NoError(err)
383+
384+
v1, err := s.db.PolicyClient.CreateAttributeValue(s.ctx, attr.GetId(), &attributes.CreateAttributeValueRequest{
385+
Value: "value1",
386+
})
387+
s.Require().NoError(err)
388+
389+
v2, err := s.db.PolicyClient.CreateAttributeValue(s.ctx, attr.GetId(), &attributes.CreateAttributeValueRequest{
390+
Value: "value2",
391+
})
392+
s.Require().NoError(err)
393+
394+
// deactivate the first attribute value only
395+
_, err = s.db.PolicyClient.DeactivateAttributeValue(s.ctx, v1.GetId())
396+
s.Require().NoError(err)
397+
398+
// get the attribute by the value fqn for v1
399+
v, err := s.db.PolicyClient.GetAttributesByValueFqns(s.ctx, &attributes.GetAttributeValuesByFqnsRequest{
400+
Fqns: []string{fqnBuilder(ns.GetName(), attr.GetName(), v1.GetValue())},
401+
WithValue: &policy.AttributeValueSelector{
402+
WithSubjectMaps: true,
403+
},
404+
})
405+
s.Require().Error(err)
406+
s.Nil(v)
407+
s.Require().ErrorIs(err, db.ErrNotFound)
408+
409+
// get the attribute by the value fqn for v2
410+
v, err = s.db.PolicyClient.GetAttributesByValueFqns(s.ctx, &attributes.GetAttributeValuesByFqnsRequest{
411+
Fqns: []string{fqnBuilder(ns.GetName(), attr.GetName(), v2.GetValue())},
412+
WithValue: &policy.AttributeValueSelector{
413+
WithSubjectMaps: true,
414+
},
415+
})
416+
s.Require().NoError(err)
417+
s.Len(v, 1)
418+
}
419+
369420
func (s *AttributeFqnSuite) TestGetAttributesByValueFqns_Fails_WithNonValueFqns() {
370421
nsFqn := fqnBuilder("example.com", "", "")
371422
attrFqn := fqnBuilder("example.com", "attr1", "")

0 commit comments

Comments
 (0)