enh: create relationships between rules and groups

notdodo · Dec 7, 2023 · a8eef82 · a8eef82
1 parent 9d69a13
commit a8eef82
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 106 deletions.
diff --git a/cmd/dump.go b/cmd/dump.go
@@ -21,7 +21,7 @@ var usersCmd = &cobra.Command{
 		if cmd.Flags().Changed(flagDebug) {
 			logger.SetDebugLevel()
 		}
-		oktaNeo4jApp := app.NewOktaNeo4jApp(okta.NewOktaClient(orgUrl, oktaClientToken), neo4jClient)
+		oktaNeo4jApp := iamme.NewOktaNeo4jApp(okta.NewOktaClient(orgUrl, oktaClientToken), neo4jClient)
 		oktaNeo4jApp.Dump()
 	},
 }

diff --git a/go.mod b/go.mod
@@ -22,16 +22,16 @@ require (
 	github.com/kelseyhightower/envconfig v1.4.0 // indirect
 	github.com/kr/pretty v0.1.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
-	github.com/mattn/go-isatty v0.0.18 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
 	github.com/muesli/termenv v0.15.2 // indirect
 	github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/rivo/uniseg v0.4.4 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	golang.org/x/crypto v0.15.0 // indirect
-	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
-	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/crypto v0.16.0 // indirect
+	golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb // indirect
+	golang.org/x/sys v0.15.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -30,8 +30,8 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
 github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
-github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98=
-github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
 github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
 github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
@@ -52,8 +52,9 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/r3labs/diff v1.1.0 h1:V53xhrbTHrWFWq3gI4b94AjgEJOerO1+1l0xyHOBi8M=
 github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
+github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
 github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
@@ -64,16 +65,16 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
-golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
+golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb h1:c0vyKkb6yr3KR7jEfJaOSv4lG7xPkbN6r52aJz1d8a8=
+golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
-golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

diff --git a/pkg/app/okta_neo4j.go b/pkg/app/okta_neo4j.go
diff --git a/pkg/infra/neo4j/neo4j_client.go b/pkg/infra/neo4j/neo4j_client.go
@@ -13,6 +13,7 @@ type Neo4jClient interface {
 	Connect() neo4j.SessionWithContext
 	Close() error
 	CreateNodes([]string, []map[string]interface{}) ([]map[string]interface{}, error)
+	CreateRelationsAtoB([]string, []string, []string, []map[string]interface{}) ([]map[string]interface{}, error)
 }
 
 // Session is an interface for a Neo4j database session.
@@ -37,8 +38,9 @@ func (c *neo4jClient) setUpDb(session neo4j.SessionWithContext) {
 	c.log.Info("Flushing the database")
 	session.Run(context.TODO(), "MATCH (n) DETACH DELETE n;", nil)
 	c.log.Info("Creating indexes")
-	session.Run(context.TODO(), "CREATE CONSTRAINT IF NOT EXISTS ON (u:User) ASSERT u.Id IS UNIQUE;", nil)
-	session.Run(context.TODO(), "CREATE CONSTRAINT IF NOT EXISTS ON (g:Group) ASSERT g.Id IS UNIQUE;", nil)
+	session.Run(context.TODO(), "CREATE CONSTRAINT IF NOT EXISTS ON (u:User) ASSERT u.User_Id IS UNIQUE;", nil)
+	session.Run(context.TODO(), "CREATE CONSTRAINT IF NOT EXISTS ON (g:Group) ASSERT g.Group_Id IS UNIQUE;", nil)
+	session.Run(context.TODO(), "CREATE CONSTRAINT IF NOT EXISTS ON (g:Rule) ASSERT r.GroupRule_Id IS UNIQUE;", nil)
 }
 
 func NewNeo4jClient(dbUri, username, password string) Neo4jClient {
@@ -68,11 +70,23 @@ func (c *neo4jClient) Close() error {
 }
 
 func (c *neo4jClient) CreateNodes(labels []string, properties []map[string]interface{}) ([]map[string]interface{}, error) {
-	c.log.Debug("Creating new nodes", "count", len(labels), "params", properties)
+	c.log.Debug("Creating new nodes", "count", len(properties), "params", properties)
 	c.log.Info("Creating new nodes", "count", len(properties))
 	nodeIDs, err := orm.CreateNodes(c.Connect(), labels, properties)
 	if err != nil {
 		c.log.Error("Failed creating nodes on Neo4J", "err", err)
 	}
+	c.log.Debug("Created nodes", "count", len(nodeIDs), "ids", nodeIDs)
 	return nodeIDs, err
 }
+
+func (c *neo4jClient) CreateRelationsAtoB(labels []string, aLabels []string, bLabels []string, properties []map[string]interface{}) ([]map[string]interface{}, error) {
+	c.log.Debug("Creating new relationships", "count", len(properties), "params", properties)
+	c.log.Info("Creating new relationships", "count", len(properties))
+	relIDs, err := orm.CreateRelationsAtoB(c.Connect(), labels, aLabels, bLabels, properties)
+	if err != nil {
+		c.log.Error("Failed creating relationships on Neo4J", "err", err)
+	}
+	c.log.Debug("Created relationships", "count", len(relIDs), "ids", relIDs)
+	return relIDs, err
+}
diff --git a/pkg/infra/neo4j/orm/orm.go b/pkg/infra/neo4j/orm/orm.go
@@ -11,7 +11,7 @@ import (
 func CreateNodes(session neo4j.SessionWithContext, labels []string, properties []map[string]interface{}) ([]map[string]interface{}, error) {
 	ctx := context.TODO()
 	result, err := session.ExecuteWrite(ctx, func(tx neo4j.ManagedTransaction) (interface{}, error) {
-		createNodeQuery := fmt.Sprintf("UNWIND $propsList AS props CREATE (n:%s) SET n += props RETURN id(n) as id", labelString(labels))
+		createNodeQuery := fmt.Sprintf("UNWIND $propsList AS props CREATE (n:%s) SET n += props RETURN id(n) as id", flatLabels(labels))
 		parameters := map[string]interface{}{"propsList": filteredProperties(properties)}
 		result, err := tx.Run(ctx, createNodeQuery, parameters)
 		if err != nil {
@@ -28,6 +28,29 @@ func CreateNodes(session neo4j.SessionWithContext, labels []string, properties [
 	return result.([]map[string]interface{}), err
 }
 
+func CreateRelationsAtoB(session neo4j.SessionWithContext, labels []string, aLabels []string, bLabels []string, properties []map[string]interface{}) ([]map[string]interface{}, error) {
+	ctx := context.TODO()
+	result, err := session.ExecuteWrite(ctx, func(tx neo4j.ManagedTransaction) (interface{}, error) {
+		createRelationQuery := fmt.Sprintf(`UNWIND $propsList AS props MATCH (a:%s), (b:%s) 
+											WHERE a[props.left_key] = props.left_value AND b[props.right_key] = props.right_value
+											CREATE (a)-[r:%s]->(b)
+											SET r += apoc.map.fromPairs([[props.left_key, props.left_value], [props.right_key, props.right_value]])
+											RETURN id(r) as id`, flatLabels(aLabels), flatLabels(bLabels), flatLabels(labels))
+		parameters := map[string]interface{}{"propsList": properties}
+		result, err := tx.Run(ctx, createRelationQuery, parameters)
+		if err != nil {
+			return nil, err
+		}
+		return collectResults(result, ctx)
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	return result.([]map[string]interface{}), err
+}
+
 func filteredProperties(properties []map[string]interface{}) []map[string]interface{} {
 	filteredProperties := make([]map[string]interface{}, 0, len(properties))
 	for _, props := range properties {
@@ -63,6 +86,6 @@ func isPrimitive(value interface{}) bool {
 	}
 }
 
-func labelString(labels []string) string {
+func flatLabels(labels []string) string {
 	return strings.Join(labels, ":")
 }