validate and consolidate config

lib/aserto/config.rb

@@ -40,7 +40,7 @@ def validate!
       policy_root: "",
       cert_path: "",
       on_unauthorized: lambda do |_env|
-        return [403, {}, ["Forbidden"]]
+        [403, {}, ["Forbidden"]]
       end
     }.freeze
 

lib/aserto/directory/errors.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class ConfigError < StandardError
+end

lib/aserto/directory/v3/client.rb

@@ -8,6 +8,7 @@
 require_relative "model"
 require_relative "importer"
 require_relative "exporter"
+require_relative "../errors"
 
 module Aserto
   module Directory
@@ -77,7 +78,7 @@ def initialize(name)
           end
 
           def method_missing(method, *_args)
-            puts "Cannot call '#{method}': '#{@name.to_s.capitalize}' client is not initialized."
+            raise ConfigError, "Cannot call '#{method}': '#{@name.to_s.capitalize}' client is not initialized."
           end
 
           def respond_to_missing?(_name, _include_private)

lib/aserto/directory/v3/config.rb

@@ -10,7 +10,7 @@ class Config
 
         def initialize(config)
           @base = {
-            url: config[:url] || "directory.prod.aserto.com:8443",
+            url: config[:url],
             api_key: config[:api_key],
             tenant_id: config[:tenant_id],
             cert_path: config[:cert_path]
@@ -28,23 +28,30 @@ def initialize(config)
         class BaseConfig
           attr_reader :url, :credentials, :interceptors
 
+          DEFAULT_DIRECTORY_URL = "directory.prod.aserto.com:8443"
+
           def initialize(url, credentials, interceptors)
             @url = url
             @credentials = credentials
             @interceptors = interceptors
           end
         end
 
-        def build(
-          url: @base[:url],
-          api_key: @base[:api_key],
-          tenant_id: @base[:tenant_id],
-          cert_path: @base[:cert_path]
-        )
+        def build(url: nil, api_key: @base[:api_key], tenant_id: @base[:tenant_id], cert_path: @base[:cert_path])
+          return unless valid_config?(@base, { url: url, api_key: api_key, tenant_id: tenant_id })
 
-          interceptors = []
           interceptors = [Interceptors::Headers.new(api_key, tenant_id)] if !api_key.nil? && !tenant_id.nil?
-          BaseConfig.new(url, load_creds(cert_path), interceptors)
+          BaseConfig.new(
+            url || @base[:url] || BaseConfig::DEFAULT_DIRECTORY_URL,
+            load_creds(cert_path),
+            interceptors || []
+          )
+        end
+
+        def valid_config?(config, fallback)
+          !(config[:url].nil? && fallback[:url].nil?) ||
+            ((!config[:api_key].nil? || !fallback[:api_key].nil?) &&
+            (!config[:tenant_id].nil? || !fallback[:tenant_id].nil?))
         end
 
         def load_creds(cert_path)

lib/aserto/directory/v3/importer.rb

@@ -12,12 +12,12 @@ module Importer
         # @example
         #   directory.import(
         #     [
-        #       { object: { id: "import-user", type: "user" } },
-        #       { object: { id: "import-group", type: "group" } },
+        #       { object: { type: "user", id: "import-user" } },
+        #       { object: { type: "group", id: "import-group" } },
         #       {
         #         relation: {
-        #           object_id: "import-user",
         #           object_type: "user",
+        #           object_id: "import-user",
         #           relation: "member",
         #           subject_id: "import-group",
         #           subject_type: "group"

lib/aserto/directory/v3/reader.rb

@@ -7,8 +7,8 @@ module Reader
         #
         # find an object by id and type
         #
-        # @param object_id [String]
         # @param object_type [String]
+        # @param object_id [String]
         #
         # @return [Aserto::Directory::Reader::V3::GetObjectResponse]
         #
@@ -17,11 +17,11 @@ module Reader
         #     object_type: "user",
         #     object_id: "[email protected]"
         #   )
-        def get_object(object_id:, object_type:)
+        def get_object(object_type:, object_id:)
           reader.get_object(
             Aserto::Directory::Reader::V3::GetObjectRequest.new(
-              object_id: object_id,
-              object_type: object_type
+              object_type: object_type,
+              object_id: object_id
             )
           )
         end
@@ -227,13 +227,13 @@ def check_permission(object_type:, object_id:, permission:, subject_type:, subje
         #
         # Returns object graph from anchor to subject or object.
         #
-        # @param [String] anchor_type <description>
-        # @param [String] anchor_id <description>
-        # @param [String] object_type <description>
-        # @param [String] object_id <description>
-        # @param [String] relation <description>
-        # @param [String] subject_type <description>
-        # @param [String] <description>
+        # @param [String] anchor_type
+        # @param [String] anchor_id
+        # @param [String] object_type
+        # @param [String] object_id
+        # @param [String] relation
+        # @param [String] subject_type
+        # @param [String]
         #
         # @return [Aserto::Directory::Reader::V3::GetGraphResponse]
         #

lib/aserto/directory/v3/writer.rb

@@ -9,22 +9,22 @@ module Writer
         #
         # Create a new object
         #
-        # @param [String] object_id
         # @param [String] object_type
+        # @param [String] object_id
         # @param [String] display_name
         # @param [Hash] properties
         # @param [String] etag
         #
         # @return [Aserto::Directory::Writer::V3::SetObjectResponse]
         #
         # @example
-        #   client.set_object(object_id: "1234", object_type: "user", properties: { email: "test" })
-        def set_object(object_id:, object_type:, display_name: "", properties: {}, etag: nil)
+        #   client.set_object(object_type: "user", object_id: "1234", properties: { email: "test" })
+        def set_object(object_type:, object_id:, display_name: "", properties: {}, etag: nil)
           writer.set_object(
             Aserto::Directory::Writer::V3::SetObjectRequest.new(
               object: {
-                id: object_id,
                 type: object_type,
+                id: object_id,
                 display_name: display_name,
                 properties: Google::Protobuf::Struct.from_hash(properties.transform_keys!(&:to_s)),
                 etag: etag
@@ -36,19 +36,19 @@ def set_object(object_id:, object_type:, display_name: "", properties: {}, etag:
         #
         # Delete an object
         #
-        # @param [String] object_id
         # @param [String] object_type
+        # @param [String] object_id
         # @param [Boolean] with_relations
         #
         # @return [ Aserto::Directory::Writer::V3::DeleteObjectResponse]
         #
         # @example
-        #   client.delete_object(object_id: "1234", object_type: "user")
-        def delete_object(object_id:, object_type:, with_relations: false)
+        #   client.delete_object(object_type: "user", object_id: "1234")
+        def delete_object(object_type:, object_id:, with_relations: false)
           writer.delete_object(
             Aserto::Directory::Writer::V3::DeleteObjectRequest.new(
-              object_id: object_id,
               object_type: object_type,
+              object_id: object_id,
               with_relations: with_relations
             )
           )

spec/aserto/directory/v3/client_spec.rb

@@ -1,6 +1,62 @@
 # frozen_string_literal: true
 
 describe Aserto::Directory::V3::Client do
+  describe("client") do
+    describe("reader") do
+      it "inherits base config" do
+        client = described_class.new({ tenant_id: "1234", api_key: "basic test" })
+        expect(
+          client.instance_variable_get(:@reader).instance_variable_get(:@host)
+        ).to eql("directory.prod.aserto.com:8443")
+      end
+
+      it "allows overwriting base config" do
+        client = described_class.new({ url: "base.com", tenant_id: "1234", api_key: "basic test" })
+        expect(
+          client.instance_variable_get(:@reader).instance_variable_get(:@host)
+        ).to eql("base.com")
+      end
+
+      it "allows specific reader config" do
+        client = described_class.new(
+          { url: "base.com", tenant_id: "1234", api_key: "basic test",
+            reader: { url: "reader.com" } }
+        )
+        expect(
+          client.instance_variable_get(:@reader).instance_variable_get(:@host)
+        ).to eql("reader.com")
+      end
+
+      it "throws ConfigError if the client is missing" do
+        client = described_class.new({})
+
+        expect do
+          client.get_object(object_id: "1234", object_type: "object")
+        end.to raise_error(ConfigError, "Cannot call 'get_object': 'Reader' client is not initialized.")
+      end
+    end
+
+    context("when using partial config") do
+      let(:client) { described_class.new({ reader: { tenant_id: "1234", api_key: "basic test" } }) }
+
+      it "provides an informative error message for writer" do
+        expect do
+          client.set_object(object_id: "1234", object_type: "object")
+        end.to raise_error(ConfigError, "Cannot call 'set_object': 'Writer' client is not initialized.")
+      end
+
+      it "creates the requested service object" do
+        expect(client.instance_variable_get(:@reader)).to be_a(Aserto::Directory::Reader::V3::Reader::Stub)
+      end
+
+      it "configures the correct host" do
+        expect(
+          client.instance_variable_get(:@reader).instance_variable_get(:@host)
+        ).to eql("directory.prod.aserto.com:8443")
+      end
+    end
+  end
+
   describe ".reader" do
     let(:client) { described_class.new(tenant_id: "1234", api_key: "basic test") }
 

spec/integration/directory_spec.rb

@@ -5,7 +5,10 @@
     Aserto::Directory::V3::Client.new(
       {
         url: "localhost:9292",
-        cert_path: File.join(ENV.fetch("HOME", ""), ".config/topaz/certs/grpc-ca.crt")
+        cert_path: File.join(ENV.fetch("HOME", ""), ".config/topaz/certs/grpc-ca.crt"),
+        writer: {
+          url: "localhost:9292"
+        }
       }
     )
   end