Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(policy): make MatchSubjectMappings operator agnostic #1658

Merged
merged 28 commits into from
Nov 4, 2024
Merged
Show file tree
Hide file tree
Changes from 22 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
b906280
remove operator condition
suchak1 Oct 16, 2024
af489a5
remove value condition
suchak1 Oct 16, 2024
be2e94c
remove duplicate field condition
suchak1 Oct 16, 2024
9b850e7
update db code comments
suchak1 Oct 17, 2024
b4597b0
update proto
suchak1 Oct 17, 2024
2562520
update gen code
suchak1 Oct 17, 2024
b8faf75
change NOT_IN test
suchak1 Oct 17, 2024
bf1035e
don't consider values in multiple test
suchak1 Oct 17, 2024
f2b7beb
add validation to proto
suchak1 Oct 18, 2024
6581f84
remove values from MatchSubjectMappingsRequest
suchak1 Oct 18, 2024
bac4f8f
Revert "remove values from MatchSubjectMappingsRequest"
suchak1 Oct 18, 2024
394e061
add value back to request
suchak1 Oct 18, 2024
cb156ae
make proto-generate
suchak1 Oct 18, 2024
1dd6d34
remove test
suchak1 Oct 19, 2024
cd3a765
remove integration tests, add unit tests
suchak1 Oct 19, 2024
caf0077
convert to sqlc
suchak1 Oct 21, 2024
881ba07
clean up
suchak1 Oct 21, 2024
e01820f
remove unused select fx
suchak1 Oct 21, 2024
4723a71
rewrite unused hydrate fxs
suchak1 Oct 21, 2024
c58881e
delete hydrate fxs - type issues
suchak1 Oct 21, 2024
93c22c6
delete constructMetadata fx
suchak1 Oct 21, 2024
24870d4
Merge branch 'main' into feature/matchsubjectmappings
suchak1 Oct 21, 2024
b7c4788
fix(policy): fix MatchSubjectMappings e2e functionality (#1692)
jakedoublev Oct 29, 2024
21d7610
chore(policy): DSP-241 clean up db table code (#1682)
suchak1 Oct 29, 2024
f64e0cd
Merge branch 'main' into feature/matchsubjectmappings
jakedoublev Nov 4, 2024
394052a
chore(policy): address merge conflict in proto gencode (#1711)
jakedoublev Nov 4, 2024
8516522
re-trigger CI
jakedoublev Nov 4, 2024
4b17a70
Merge branch 'main' into feature/matchsubjectmappings
jakedoublev Nov 4, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/grpc/index.html

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

311 changes: 156 additions & 155 deletions protocol/go/policy/objects.pb.go

Large diffs are not rendered by default.

589 changes: 291 additions & 298 deletions protocol/go/policy/subjectmapping/subject_mapping.pb.go

Large diffs are not rendered by default.

38 changes: 3 additions & 35 deletions service/integration/subject_mappings_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -834,7 +834,7 @@ func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_InOne() {
s.Equal(fixtureScs.ID, sm[0].GetSubjectConditionSet().GetId())
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_DoesNotReturnNotInWhenMatches() {
func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_ReturnsNotInWhenMatches() {
fixtureScs := s.f.GetSubjectConditionSetKey("subject_condition_simple_not_in")
externalSelectorValue := fixtureScs.Condition.SubjectSets[0].ConditionGroups[0].Conditions[0].SubjectExternalSelectorValue
externalValues := fixtureScs.Condition.SubjectSets[0].ConditionGroups[0].Conditions[0].SubjectExternalValues
Expand All @@ -849,7 +849,7 @@ func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_DoesNotReturnNotInW
smList, err := s.db.PolicyClient.GetMatchedSubjectMappings(context.Background(), props)
s.Require().NoError(err)
s.NotZero(smList)
s.Empty(smList)
s.Equal(fixtureScs.ID, smList[0].GetSubjectConditionSet().GetId())
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_NotInOneMatch() {
Expand All @@ -873,38 +873,6 @@ func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_NotInOneMatch() {
s.Equal(expectedMappedFixture.ID, smList[0].GetId())
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_MissingFieldInProperty_Fails() {
props := []*policy.SubjectProperty{
{
ExternalValue: "some_value",
},
}

sm, err := s.db.PolicyClient.GetMatchedSubjectMappings(context.Background(), props)
s.Require().ErrorIs(err, db.ErrMissingValue)
s.Zero(sm)
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_MissingValueInProperty_Fails() {
props := []*policy.SubjectProperty{
{
ExternalSelectorValue: ".some_field",
},
}

sm, err := s.db.PolicyClient.GetMatchedSubjectMappings(context.Background(), props)
s.Require().ErrorIs(err, db.ErrMissingValue)
s.Zero(sm)
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_NoPropertiesProvided_Fails() {
props := []*policy.SubjectProperty{}

sm, err := s.db.PolicyClient.GetMatchedSubjectMappings(context.Background(), props)
s.Require().ErrorIs(err, db.ErrMissingValue)
s.Zero(sm)
}

func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_InMultiple() {
simpleScs := s.f.GetSubjectConditionSetKey("subject_condition_simple_in")
simpleexternalSelectorValue := simpleScs.Condition.SubjectSets[0].ConditionGroups[0].Conditions[0].SubjectExternalSelectorValue
Expand Down Expand Up @@ -1003,7 +971,7 @@ func (s *SubjectMappingsSuite) TestGetMatchedSubjectMappings_NotInMultiple() {
smList, err := s.db.PolicyClient.GetMatchedSubjectMappings(context.Background(), props)
s.Require().NoError(err)
s.NotZero(smList)
s.Len(smList, 2)
s.Len(smList, 3)
for _, sm := range smList {
if sm.GetSubjectConditionSet().GetId() == fixtureScs.ID {
s.Equal(expectedMappedFixture.ID, sm.GetId())
Expand Down
2 changes: 1 addition & 1 deletion service/policy/db/db.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion service/policy/db/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

25 changes: 25 additions & 0 deletions service/policy/db/query.sql
Original file line number Diff line number Diff line change
Expand Up @@ -691,6 +691,31 @@ LEFT JOIN subject_condition_set scs ON scs.id = sm.subject_condition_set_id
WHERE sm.id = $1
GROUP BY av.id, sm.id, scs.id;

-- name: MatchSubjectMappings :many
SELECT
sm.id,
sm.actions,
JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', sm.metadata -> 'labels', 'created_at', sm.created_at, 'updated_at', sm.updated_at)) AS metadata,
jakedoublev marked this conversation as resolved.
Show resolved Hide resolved
JSON_BUILD_OBJECT(
'id', scs.id,
'metadata', JSON_STRIP_NULLS(JSON_BUILD_OBJECT('labels', scs.metadata -> 'labels', 'created_at', scs.created_at, 'updated_at', scs.updated_at)),
'subject_sets', scs.condition
) AS subject_condition_set,
JSON_BUILD_OBJECT('id', av.id,'value', av.value,'active', av.active) AS attribute_value
FROM subject_mappings sm
LEFT JOIN attribute_values av ON sm.attribute_value_id = av.id
LEFT JOIN attribute_definitions ad ON av.attribute_definition_id = ad.id
LEFT JOIN attribute_namespaces ns ON ad.namespace_id = ns.id
LEFT JOIN subject_condition_set scs ON scs.id = sm.subject_condition_set_id
WHERE ns.active = true AND ad.active = true and av.active = true AND EXISTS (
SELECT 1
FROM JSONB_ARRAY_ELEMENTS(scs.condition) AS ss, JSONB_ARRAY_ELEMENTS(ss->'condition_groups') AS cg, JSONB_ARRAY_ELEMENTS(cg->'conditions') AS each_condition
WHERE (each_condition->>'subject_external_selector_value' = ANY(@selectors::TEXT[]))

)
GROUP BY av.id, sm.id, scs.id;


-- name: CreateSubjectMapping :one
INSERT INTO subject_mappings (attribute_value_id, actions, metadata, subject_condition_set_id)
VALUES ($1, $2, $3, $4)
Expand Down
85 changes: 84 additions & 1 deletion service/policy/db/query.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading