Skip to content

Commit

Permalink
[automate-2861] Update authn service to teams v2 client (#2875)
Browse files Browse the repository at this point in the history
  • Loading branch information
@msorens
msorens authored Feb 25, 2020
1 parent 7434def commit d434ec6
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 37 deletions.
1 change: 0 additions & 1 deletion .bldr.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,6 @@ paths = [
"components/authn-service/*",
"api/config/platform/*",
"api/config/shared/*",
"api/external/common/*",
"api/interservice/authn/*",
"api/interservice/authz/*",
"api/interservice/cereal/*",
Expand Down
10 changes: 5 additions & 5 deletions components/authn-service/server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import (
api "github.com/chef/automate/api/interservice/authn"
authz "github.com/chef/automate/api/interservice/authz/common"
authz_v2 "github.com/chef/automate/api/interservice/authz/v2"
teams "github.com/chef/automate/api/interservice/teams/v1"
teams "github.com/chef/automate/api/interservice/teams/v2"
"github.com/chef/automate/components/authn-service/authenticator"
tokens "github.com/chef/automate/components/authn-service/tokens/types"
"github.com/chef/automate/lib/grpc/health"
Expand Down Expand Up @@ -48,7 +48,7 @@ type Server struct {
authenticators map[string]authenticator.Authenticator
logger *zap.Logger
connFactory *secureconn.Factory
teamsClient teams.TeamsV1Client
teamsClient teams.TeamsV2Client
authzSubjectClient authz.SubjectPurgeClient
authzV2Client authz_v2.AuthorizationClient
health *health.Service
Expand Down Expand Up @@ -167,7 +167,7 @@ func newServer(ctx context.Context, c Config, authzV2Client authz_v2.Authorizati
authenticators: authenticators,
logger: c.Logger,
connFactory: factory,
teamsClient: teams.NewTeamsV1Client(teamsConn),
teamsClient: teams.NewTeamsV2Client(teamsConn),
health: health.NewService(),
}

Expand All @@ -178,13 +178,13 @@ func newServer(ctx context.Context, c Config, authzV2Client authz_v2.Authorizati
}

func (s *Server) fetchLocalTeams(ctx context.Context, userID string) ([]string, error) {
teamsResp, err := s.teamsClient.GetTeamsForUser(ctx, &teams.GetTeamsForUserReq{UserId: userID})
teamsResp, err := s.teamsClient.GetTeamsForMember(ctx, &teams.GetTeamsForMemberReq{UserId: userID})
if err != nil {
return nil, errors.Wrapf(err, "failed to fetch local teams for user %q", userID)
}
teams := make([]string, len(teamsResp.GetTeams()))
for i, team := range teamsResp.GetTeams() {
teams[i] = team.GetName()
teams[i] = team.GetId()
}

return teams, nil
Expand Down
58 changes: 27 additions & 31 deletions components/authn-service/server/server_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (
"github.com/chef/automate/lib/tls/test/helpers"

authz_v2 "github.com/chef/automate/api/interservice/authz/v2"
teams_api "github.com/chef/automate/api/interservice/teams/v1"
teams_api "github.com/chef/automate/api/interservice/teams/v2"
teams_server "github.com/chef/automate/components/teams-service/server"
teams_service "github.com/chef/automate/components/teams-service/service"
teams_logger "github.com/chef/automate/lib/logger"
Expand Down Expand Up @@ -112,14 +112,14 @@ func TestFetchLocalTeamsInAuthenticate(t *testing.T) {

t.Run("with an existing team that has this member", func(t *testing.T) {
// arrange
teamAdmins, err := srv.teamsClient.GetTeamByName(ctx,
&teams_api.GetTeamByNameReq{
Name: "admins",
teamAdmins, err := srv.teamsClient.GetTeam(ctx,
&teams_api.GetTeamReq{
Id: "admins",
})
require.Nil(t, err, "arrange: create team in teams-service")

_, err = srv.teamsClient.AddUsers(ctx,
&teams_api.AddUsersReq{
_, err = srv.teamsClient.AddTeamMembers(ctx,
&teams_api.AddTeamMembersReq{
Id: teamAdmins.GetTeam().GetId(),
UserIds: []string{mockUserID},
})
Expand All @@ -139,7 +139,7 @@ func TestFetchLocalTeamsInAuthenticate(t *testing.T) {
func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
ctx := context.Background()

mockTeams := teams_api.NewTeamsV1ServerMock()
mockTeams := teams_api.NewTeamsV2ServerMock()
teams := newTeamService(t, mockTeams)
defer teams.Close()

Expand All @@ -165,21 +165,20 @@ func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
client := auth.NewAuthenticationClient(conn)

tests := map[string]struct {
teamsResp *teams_api.GetTeamsForUserResp
teamsResp *teams_api.GetTeamsForMemberResp
checks []checkFunc
}{
"when the user has no teams": {
&teams_api.GetTeamsForUserResp{},
&teams_api.GetTeamsForMemberResp{},
check(
hasTeams(0),
),
},
"when the user has exactly one team": {
&teams_api.GetTeamsForUserResp{Teams: []*teams_api.Team{
&teams_api.GetTeamsForMemberResp{Teams: []*teams_api.Team{
{
Id: "32b93d9b-cd3d-4d3b-aa8d-eb0c553f7afa",
Name: "admins",
Description: "admins",
Id: "admins",
Name: "admins",
},
}},
check(
Expand All @@ -188,11 +187,10 @@ func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
),
},
"when the user has a team that has a space in it": {
&teams_api.GetTeamsForUserResp{Teams: []*teams_api.Team{
&teams_api.GetTeamsForMemberResp{Teams: []*teams_api.Team{
{
Id: "32b93d9b-cd3d-4d3b-aa8d-eb0c553f7afa",
Name: "ad mins",
Description: "admins",
Id: "ad mins",
Name: "admins",
},
}},
check(
Expand All @@ -201,16 +199,14 @@ func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
),
},
"when the user has two teams": {
&teams_api.GetTeamsForUserResp{Teams: []*teams_api.Team{
&teams_api.GetTeamsForMemberResp{Teams: []*teams_api.Team{
{
Id: "32b93d9b-cd3d-4d3b-aa8d-eb0c553f7afa",
Name: "admins",
Description: "admins",
Id: "admins",
Name: "admins",
},
{
Id: "ee28d5ee-d15b-4704-b4f2-3104454f3c49",
Name: "überadmins",
Description: "they can do so much more",
Id: "überadmins",
Name: "they can do so much more",
},
}},
check(
Expand All @@ -224,8 +220,8 @@ func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
t.Run(name, func(t *testing.T) {
// arrange
mockTeams.Reset()
mockTeams.GetTeamsForUserFunc = func(
context.Context, *teams_api.GetTeamsForUserReq) (*teams_api.GetTeamsForUserResp, error) {
mockTeams.GetTeamsForMemberFunc = func(
context.Context, *teams_api.GetTeamsForMemberReq) (*teams_api.GetTeamsForMemberResp, error) {
return tc.teamsResp, nil
}

Expand All @@ -244,7 +240,7 @@ func TestTeamsLookupForLocalUsersInAuthenticate(t *testing.T) {
func TestNoTeamsLookupForNonLocalUsersInAuthenticate(t *testing.T) {
ctx := context.Background()

mockTeams := teams_api.NewTeamsV1ServerMock()
mockTeams := teams_api.NewTeamsV2ServerMock()
teams := newTeamService(t, mockTeams)
defer teams.Close()

Expand Down Expand Up @@ -279,8 +275,8 @@ func TestNoTeamsLookupForNonLocalUsersInAuthenticate(t *testing.T) {
// arrange
mockTeams.Reset()
// setup our teams-service mock so that everything goes to hell if it's called
mockTeams.GetTeamsForUserFunc = func(
context.Context, *teams_api.GetTeamsForUserReq) (*teams_api.GetTeamsForUserResp, error) {
mockTeams.GetTeamsForMemberFunc = func(
context.Context, *teams_api.GetTeamsForMemberReq) (*teams_api.GetTeamsForMemberResp, error) {
assert.True(t, false, "don't call this")
return nil, status.Error(codes.Internal, "shouldn't have called this service")
}
Expand Down Expand Up @@ -318,13 +314,13 @@ func containsTeam(team string) checkFunc {

// mini-factories

func newTeamService(t *testing.T, m *teams_api.TeamsV1ServerMock) *grpctest.Server {
func newTeamService(t *testing.T, m *teams_api.TeamsV2ServerMock) *grpctest.Server {
t.Helper()

serviceCerts := helpers.LoadDevCerts(t, "teams-service")
connFactory := secureconn.NewFactory(*serviceCerts)
g := connFactory.NewServer()
teams_api.RegisterTeamsV1Server(g, m)
teams_api.RegisterTeamsV2Server(g, m)
return grpctest.NewServer(g)
}

Expand Down

0 comments on commit d434ec6

Please sign in to comment.