diff --git a/cmd/dev.go b/cmd/dev.go index b96f7c44..e4264ff9 100644 --- a/cmd/dev.go +++ b/cmd/dev.go @@ -3,6 +3,7 @@ package cmd import ( "encoding/json" "fmt" + "strings" "github.com/charmbracelet/lipgloss/table" "github.com/opentdf/platform/protocol/go/common" @@ -77,6 +78,29 @@ func unMarshalMetadata(m string) *common.MetadataMutable { return nil } +func getMetadata(labels []string) *common.MetadataMutable { + var metadata *common.MetadataMutable + if len(labels) > 0 { + metadata.Labels = map[string]string{} + for _, label := range labels { + kv := strings.Split(label, "=") + if len(kv) != 2 { + cli.ExitWithError("Invalid label format", nil) + } + metadata.Labels[kv[0]] = kv[1] + } + return metadata + } + return nil +} + +func getMetadataUpdateBehavior() common.MetadataUpdateEnum { + if forceReplaceMetadataLabels { + return common.MetadataUpdateEnum_METADATA_UPDATE_ENUM_REPLACE + } + return common.MetadataUpdateEnum_METADATA_UPDATE_ENUM_EXTEND +} + // HandleSuccess prints a success message according to the configured format (styled table or JSON) func HandleSuccess(command *cobra.Command, id string, t *table.Table, policyObject interface{}) { if TructlCfg.Output.Format == config.OutputJSON || configFlagOverrides.OutputFormatJSON { diff --git a/cmd/policy-attributes.go b/cmd/policy-attributes.go index b75eb25c..c271d901 100644 --- a/cmd/policy-attributes.go +++ b/cmd/policy-attributes.go @@ -9,8 +9,12 @@ import ( "github.com/spf13/cobra" ) +// TODO: add metadata to outputs once [https://github.com/opentdf/tructl/issues/73] is addressed + var ( - attrValues []string + attrValues []string + metadataLabels []string + forceReplaceMetadataLabels bool policy_attributeCommands = []string{ policy_attributesCreateCmd.Use, @@ -44,8 +48,9 @@ used to define the access controls based on subject encodings and entity entitle rule := flagHelper.GetRequiredString("rule") values := flagHelper.GetStringSlice("values", attrValues, cli.FlagHelperStringSliceOptions{}) namespace := flagHelper.GetRequiredString("namespace") + metadataLabels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) - attr, err := h.CreateAttribute(name, rule, namespace) + attr, err := h.CreateAttribute(name, rule, namespace, getMetadata(metadataLabels)) if err != nil { cli.ExitWithError("Could not create attribute", err) } @@ -194,8 +199,9 @@ used to define the access controls based on subject encodings and entity entitle flagHelper := cli.NewFlagHelper(cmd) id := flagHelper.GetRequiredString("id") + labels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) - if a, err := h.UpdateAttribute(id); err != nil { + if a, err := h.UpdateAttribute(id, getMetadata(labels), getMetadataUpdateBehavior()); err != nil { cli.ExitWithError("Could not update attribute", err) } else { HandleSuccess(cmd, id, nil, a) @@ -214,6 +220,7 @@ func init() { policy_attributesCreateCmd.Flags().StringSliceVarP(&attrValues, "values", "v", []string{}, "Values of the attribute") policy_attributesCreateCmd.Flags().StringP("namespace", "s", "", "Namespace of the attribute") policy_attributesCreateCmd.Flags().StringP("description", "d", "", "Description of the attribute") + policy_attributesCreateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Labels for the attribute") // Get an attribute policy_attributesCmd.AddCommand(policy_attributeGetCmd) @@ -225,6 +232,8 @@ func init() { // Update an attribute policy_attributesCmd.AddCommand(policy_attributeUpdateCmd) policy_attributeUpdateCmd.Flags().StringP("id", "i", "", "Id of the attribute") + policy_attributeUpdateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional new metadata 'labels' in the format: key=value") + policy_attributeUpdateCmd.Flags().BoolVar(&forceReplaceMetadataLabels, "force-replace-labels", false, "Destructively replace entire set of existing metadata 'labels' with any provided to this command.") // Delete an attribute policy_attributesCmd.AddCommand(policy_attributesDeleteCmd) diff --git a/cmd/policy-namespaces.go b/cmd/policy-namespaces.go index dfc0d268..bd9abafa 100644 --- a/cmd/policy-namespaces.go +++ b/cmd/policy-namespaces.go @@ -8,6 +8,8 @@ import ( "github.com/spf13/cobra" ) +// TODO: add metadata to outputs once [https://github.com/opentdf/tructl/issues/73] is addressed + var ( policy_namespacesCommands = []string{ policy_namespacesCreateCmd.Use, @@ -88,8 +90,9 @@ or different attributes tied to each. flagHelper := cli.NewFlagHelper(cmd) name := flagHelper.GetRequiredString("name") + metadataLabels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) - created, err := h.CreateNamespace(name) + created, err := h.CreateNamespace(name, getMetadata(metadataLabels)) if err != nil { cli.ExitWithError("Could not create namespace", err) } @@ -145,17 +148,18 @@ or different attributes tied to each. defer h.Close() flagHelper := cli.NewFlagHelper(cmd) - id := flagHelper.GetRequiredString("id") - name := flagHelper.GetRequiredString("name") + labels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) ns, err := h.UpdateNamespace( id, - name, + getMetadata(labels), + getMetadataUpdateBehavior(), ) if err != nil { cli.ExitWithError("Could not update namespace", err) } + t := cli.NewTabular().Rows([][]string{ {"Id", ns.Id}, {"Name", ns.Name}, @@ -175,10 +179,12 @@ func init() { policy_namespacesCmd.AddCommand(policy_namespacesCreateCmd) policy_namespacesCreateCmd.Flags().StringP("name", "n", "", "Name value of the namespace") + policy_namespacesCreateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional metadata 'labels' in the format: key=value") policy_namespacesCmd.AddCommand(policy_namespaceUpdateCmd) policy_namespaceUpdateCmd.Flags().StringP("id", "i", "", "Id of the namespace") - policy_namespaceUpdateCmd.Flags().StringP("name", "n", "", "Name value of the namespace") + policy_namespaceUpdateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional new metadata 'labels' in the format: key=value") + policy_namespaceUpdateCmd.Flags().BoolVar(&forceReplaceMetadataLabels, "force-replace-labels", false, "Destructively replace entire set of existing metadata 'labels' with any provided to this command.") policy_namespacesCmd.AddCommand(policy_namespaceDeleteCmd) policy_namespaceDeleteCmd.Flags().StringP("id", "i", "", "Id of the namespace") diff --git a/cmd/policy-resource_mappings.go b/cmd/policy-resource_mappings.go index 2dd38527..8fe9bc68 100644 --- a/cmd/policy-resource_mappings.go +++ b/cmd/policy-resource_mappings.go @@ -2,188 +2,182 @@ package cmd import ( _ "embed" + "strings" + + "github.com/opentdf/tructl/docs/man" + "github.com/opentdf/tructl/pkg/cli" + "github.com/spf13/cobra" ) -// TODO: add metadata to outputs once [https://github.com/opentdf/tructl/issues/30] is addressed +// TODO: add metadata to outputs once [https://github.com/opentdf/tructl/issues/73] is addressed var ( -// policy_resource_mappingsTerms []string - -// policy_resource_mappingsCmd = &cobra.Command{ -// Use: man.PolicyResourceMappings["en"].Command, -// Aliases: man.PolicyResourceMappings["en"].Aliases, -// Short: man.PolicyResourceMappings["en"].ShortWithSubCommands([]string{ -// policy_resource_mappingsCreateCmd.Use, -// policy_resource_mappingsGetCmd.Use, -// policy_resource_mappingsListCmd.Use, -// policy_resource_mappingsUpdateCmd.Use, -// policy_resource_mappingsDeleteCmd.Use, -// }), -// Long: man.PolicyResourceMappings["en"].Long, -// } - -// policy_resource_mappingsCreateCmd = &cobra.Command{ -// Use: "create", -// Short: "Create resource mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// attrId := flagHelper.GetRequiredString("attribute-value-id") -// terms := flagHelper.GetStringSlice("terms", policy_resource_mappingsTerms, cli.FlagHelperStringSliceOptions{ -// Min: 1, -// }) -// metadataLabels := flagHelper.GetStringSlice("label", newMetadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) - -// resourceMapping, err := h.CreateResourceMapping(attrId, terms, getMetadata(metadataLabels)) -// if err != nil { -// cli.ExitWithError("Failed to create resource mapping", err) -// } - -// fmt.Println(cli.SuccessMessage("Resource mapping created")) -// fmt.Println(cli.NewTabular().Rows([][]string{ -// {"Id", resourceMapping.Id}, -// {"Attribute Value Id", resourceMapping.AttributeValue.Id}, -// {"Attribute Value", resourceMapping.AttributeValue.Value}, -// {"Terms", strings.Join(resourceMapping.Terms, ", ")}, -// }...).Render()) -// }, -// } - -// policy_resource_mappingsGetCmd = &cobra.Command{ -// Use: "get", -// Short: "Get resource mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") - -// resourceMapping, err := h.GetResourceMapping(id) -// if err != nil { -// cli.ExitWithError("Failed to get resource mapping", err) -// } - -// fmt.Println(cli.NewTabular().Rows([][]string{ -// {"Id", resourceMapping.Id}, -// {"Attribute Value Id", resourceMapping.AttributeValue.Id}, -// {"Attribute Value", resourceMapping.AttributeValue.Value}, -// {"Terms", strings.Join(resourceMapping.Terms, ", ")}, -// }...).Render()) -// }, -// } - -// policy_resource_mappingsListCmd = &cobra.Command{ -// Use: "list", -// Short: "List resource mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// r, err := h.ListResourceMappings() -// if err != nil { -// cli.ExitWithError("Failed to list resource mappings", err) -// } - -// t := cli.NewTable() -// t.Headers("Id", "Attribute Value Id", "Attribute Value", "Terms") -// for _, resourceMapping := range r { -// t.Row(resourceMapping.Id, resourceMapping.AttributeValue.Id, resourceMapping.AttributeValue.Value, strings.Join(resourceMapping.Terms, ", ")) -// } -// fmt.Println(t.Render()) -// }, -// } - -// policy_resource_mappingsUpdateCmd = &cobra.Command{ -// Use: "update", -// Short: "Update resource mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") -// attrValueId := flagHelper.GetOptionalString("attribute-value-id") -// terms := flagHelper.GetStringSlice("terms", policy_resource_mappingsTerms, cli.FlagHelperStringSliceOptions{}) -// newLabels := flagHelper.GetStringSlice("label-new", newMetadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) -// replacedLabels := flagHelper.GetStringSlice("label-replace", updatedMetadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) - -// metadata, behavior := processUpdateMetadata(newLabels, replacedLabels, func() (*common.Metadata, error) { -// rm, err := h.GetResourceMapping(id) -// if err != nil { -// errMsg := fmt.Sprintf("Could not find resource mapping (%s)", id) -// cli.ExitWithNotFoundError(errMsg, err) -// cli.ExitWithError(errMsg, err) -// } -// return rm.Metadata, nil -// }, -// ) - -// resourceMapping, err := h.UpdateResourceMapping(id, attrValueId, terms, metadata, behavior) -// if err != nil { -// cli.ExitWithError("Failed to update resource mapping", err) -// } - -// fmt.Println(cli.SuccessMessage("Resource mapping updated")) -// fmt.Println(cli.NewTabular().Rows([][]string{ -// {"Id", resourceMapping.Id}, -// {"Attribute Value Id", resourceMapping.AttributeValue.Id}, -// {"Attribute Value", resourceMapping.AttributeValue.Value}, -// {"Terms", strings.Join(resourceMapping.Terms, ", ")}, -// }...).Render()) -// }, -// } - -// policy_resource_mappingsDeleteCmd = &cobra.Command{ -// Use: "delete", -// Short: "Delete resource mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") - -// cli.ConfirmDelete("resource-mapping", id) - -// resourceMapping, err := h.DeleteResourceMapping(id) -// if err != nil { -// cli.ExitWithError("Failed to delete resource mapping", err) -// } - -// fmt.Println(cli.SuccessMessage("Resource mapping deleted")) -// fmt.Println(cli.NewTabular().Rows([][]string{ -// {"Id", resourceMapping.Id}, -// {"Attribute Value Id", resourceMapping.AttributeValue.Id}, -// {"Attribute Value", resourceMapping.AttributeValue.Value}, -// {"Terms", strings.Join(resourceMapping.Terms, ", ")}, -// }...).Render()) -// }, -// } + policy_resource_mappingsTerms []string + + policy_resource_mappingsCmd = &cobra.Command{ + Use: man.PolicyResourceMappings["en"].Command, + Aliases: man.PolicyResourceMappings["en"].Aliases, + Short: man.PolicyResourceMappings["en"].ShortWithSubCommands([]string{ + policy_resource_mappingsCreateCmd.Use, + policy_resource_mappingsGetCmd.Use, + policy_resource_mappingsListCmd.Use, + policy_resource_mappingsUpdateCmd.Use, + policy_resource_mappingsDeleteCmd.Use, + }), + Long: man.PolicyResourceMappings["en"].Long, + } + + policy_resource_mappingsCreateCmd = &cobra.Command{ + Use: "create", + Short: "Create resource mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + attrId := flagHelper.GetRequiredString("attribute-value-id") + terms := flagHelper.GetStringSlice("terms", policy_resource_mappingsTerms, cli.FlagHelperStringSliceOptions{ + Min: 1, + }) + metadataLabels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) + + resourceMapping, err := h.CreateResourceMapping(attrId, terms, getMetadata(metadataLabels)) + if err != nil { + cli.ExitWithError("Failed to create resource mapping", err) + } + + t := cli.NewTabular().Rows([][]string{ + {"Id", resourceMapping.Id}, + {"Attribute Value Id", resourceMapping.AttributeValue.Id}, + {"Attribute Value", resourceMapping.AttributeValue.Value}, + {"Terms", strings.Join(resourceMapping.Terms, ", ")}, + }...) + HandleSuccess(cmd, resourceMapping.Id, t, resourceMapping) + }, + } + + policy_resource_mappingsGetCmd = &cobra.Command{ + Use: "get", + Short: "Get resource mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + + resourceMapping, err := h.GetResourceMapping(id) + if err != nil { + cli.ExitWithError("Failed to get resource mapping", err) + } + + t := cli.NewTabular().Rows([][]string{ + {"Id", resourceMapping.Id}, + {"Attribute Value Id", resourceMapping.AttributeValue.Id}, + {"Attribute Value", resourceMapping.AttributeValue.Value}, + {"Terms", strings.Join(resourceMapping.Terms, ", ")}, + }...) + HandleSuccess(cmd, resourceMapping.Id, t, resourceMapping) + }, + } + + policy_resource_mappingsListCmd = &cobra.Command{ + Use: "list", + Short: "List resource mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + rmList, err := h.ListResourceMappings() + if err != nil { + cli.ExitWithError("Failed to list resource mappings", err) + } + + t := cli.NewTable() + t.Headers("Id", "Attribute Value Id", "Attribute Value", "Terms") + for _, resourceMapping := range rmList { + t.Row(resourceMapping.Id, resourceMapping.AttributeValue.Id, resourceMapping.AttributeValue.Value, strings.Join(resourceMapping.Terms, ", ")) + } + HandleSuccess(cmd, "", t, rmList) + }, + } + + policy_resource_mappingsUpdateCmd = &cobra.Command{ + Use: "update", + Short: "Update resource mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + attrValueId := flagHelper.GetOptionalString("attribute-value-id") + terms := flagHelper.GetStringSlice("terms", policy_resource_mappingsTerms, cli.FlagHelperStringSliceOptions{}) + labels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) + + resourceMapping, err := h.UpdateResourceMapping(id, attrValueId, terms, getMetadata(labels), getMetadataUpdateBehavior()) + if err != nil { + cli.ExitWithError("Failed to update resource mapping", err) + } + + t := cli.NewTabular().Rows([][]string{ + {"Id", resourceMapping.Id}, + {"Attribute Value Id", resourceMapping.AttributeValue.Id}, + {"Attribute Value", resourceMapping.AttributeValue.Value}, + {"Terms", strings.Join(resourceMapping.Terms, ", ")}, + }...) + HandleSuccess(cmd, resourceMapping.Id, t, resourceMapping) + }, + } + + policy_resource_mappingsDeleteCmd = &cobra.Command{ + Use: "delete", + Short: "Delete resource mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + + cli.ConfirmDelete("resource-mapping", id) + + resourceMapping, err := h.DeleteResourceMapping(id) + if err != nil { + cli.ExitWithError("Failed to delete resource mapping", err) + } + + t := cli.NewTabular().Rows([][]string{ + {"Id", resourceMapping.Id}, + {"Attribute Value Id", resourceMapping.AttributeValue.Id}, + {"Attribute Value", resourceMapping.AttributeValue.Value}, + {"Terms", strings.Join(resourceMapping.Terms, ", ")}, + }...) + HandleSuccess(cmd, resourceMapping.Id, t, resourceMapping) + }, + } ) func init() { - // policyCmd.AddCommand(policy_resource_mappingsCmd) + policyCmd.AddCommand(policy_resource_mappingsCmd) - // policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsCreateCmd) - // policy_resource_mappingsCreateCmd.Flags().String("attribute-value-id", "", "Attribute Value ID") - // policy_resource_mappingsCreateCmd.Flags().StringSliceVar(&policy_resource_mappingsTerms, "terms", []string{}, "Synonym terms") - // policy_resource_mappingsCreateCmd.Flags().StringSliceVarP(&newMetadataLabels, "label", "l", []string{}, "Optional metadata 'labels' in the format: key=value") + policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsCreateCmd) + policy_resource_mappingsCreateCmd.Flags().String("attribute-value-id", "", "Attribute Value ID") + policy_resource_mappingsCreateCmd.Flags().StringSliceVar(&policy_resource_mappingsTerms, "terms", []string{}, "Synonym terms") + policy_resource_mappingsCreateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional metadata 'labels' in the format: key=value") - // policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsGetCmd) - // policy_resource_mappingsGetCmd.Flags().String("id", "", "Resource Mapping ID") + policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsGetCmd) + policy_resource_mappingsGetCmd.Flags().String("id", "", "Resource Mapping ID") - // policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsListCmd) + policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsListCmd) - // policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsUpdateCmd) - // policy_resource_mappingsUpdateCmd.Flags().String("id", "", "Resource Mapping ID") - // policy_resource_mappingsUpdateCmd.Flags().String("attribute-value-id", "", "Attribute Value ID") - // policy_resource_mappingsUpdateCmd.Flags().StringSliceVar(&policy_resource_mappingsTerms, "terms", []string{}, "Synonym terms") - // policy_resource_mappingsUpdateCmd.Flags().StringSliceVarP(&newMetadataLabels, "label-new", "n", []string{}, "Optional metadata 'labels' in the format: key=value") - // policy_resource_mappingsUpdateCmd.Flags().StringSliceVarP(&updatedMetadataLabels, "label-replace", "r", []string{}, "Optional metadata 'labels' in the format: key=value. Note: providing one destructively replaces entire set of labels.") + policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsUpdateCmd) + policy_resource_mappingsUpdateCmd.Flags().String("id", "", "Resource Mapping ID") + policy_resource_mappingsUpdateCmd.Flags().String("attribute-value-id", "", "Attribute Value ID") + policy_resource_mappingsUpdateCmd.Flags().StringSliceVar(&policy_resource_mappingsTerms, "terms", []string{}, "Synonym terms") + policy_resource_mappingsUpdateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional metadata 'labels' in the format: key=value") + policy_resource_mappingsUpdateCmd.Flags().BoolVar(&forceReplaceMetadataLabels, "force-replace-labels", false, "Destructively replace entire set of existing metadata 'labels' with any provided to this command.") - // policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsDeleteCmd) - // policy_resource_mappingsDeleteCmd.Flags().String("id", "", "Resource Mapping ID") + policy_resource_mappingsCmd.AddCommand(policy_resource_mappingsDeleteCmd) + policy_resource_mappingsDeleteCmd.Flags().String("id", "", "Resource Mapping ID") } diff --git a/cmd/policy-subject_condition_sets.go b/cmd/policy-subject_condition_sets.go new file mode 100644 index 00000000..1d619dd0 --- /dev/null +++ b/cmd/policy-subject_condition_sets.go @@ -0,0 +1 @@ +package cmd diff --git a/cmd/policy-subject_mappings.go b/cmd/policy-subject_mappings.go index 96b92054..ac9077ae 100644 --- a/cmd/policy-subject_mappings.go +++ b/cmd/policy-subject_mappings.go @@ -1,215 +1,327 @@ package cmd +import ( + "encoding/json" + "fmt" + "strings" + + "github.com/opentdf/platform/protocol/go/policy" + "github.com/opentdf/tructl/pkg/cli" + "github.com/spf13/cobra" +) + +// TODO: add metadata to outputs once [https://github.com/opentdf/tructl/issues/73] is addressed + var ( -// policy_subject_mappingsCmds = []string{ -// policy_subject_mappingCreateCmd.Use, -// policy_subject_mappingGetCmd.Use, -// policy_subject_mappingsListCmd.Use, -// policy_subject_mappingUpdateCmd.Use, -// policy_subject_mappingDeleteCmd.Use, -// } - -// subjectValues []string - -// policy_subject_mappingsCmd = &cobra.Command{ -// Use: "subject-mappings", -// Short: "Manage subject mappings [" + strings.Join(policy_subject_mappingsCmds, ", ") + "]", -// Long: ` -// Subject Mappings - commands to manage relationships between subjects (PEs, NPEs, etc) and attributes. - -// For example: a subject mapping could be created such that the AcmeCorp engineering -// team member named "Alice" is "IN" the value "Engineering" for attribute "Teams" in -// namespace "acmecorp.com", but is not mapped to the attribute value "Sales" within the -// same attribute and namespace. -// `, -// } - -// policy_subject_mappingGetCmd = &cobra.Command{ -// Use: "get", -// Short: "Get a subject mapping by id", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") - -// mapping, err := h.GetSubjectMapping(id) -// if err != nil { -// errMsg := fmt.Sprintf("Could not find subject mapping (%s)", id) -// cli.ExitWithNotFoundError(errMsg, err) -// cli.ExitWithError(errMsg, err) -// } - -// rows := [][]string{ -// {"Id", mapping.Id}, -// {"Subject Attribute", mapping.SubjectAttribute}, -// {"Operator", handlers.GetSubjectMappingOperatorChoiceFromEnum(mapping.Operator)}, -// {"Subject Values", strings.Join(mapping.SubjectValues, ", ")}, -// } - -// if mdRows := getMetadataRows(mapping.Metadata); mdRows != nil { -// rows = append(rows, mdRows...) -// } - -// HandleSuccess(cmd, id, cli.NewTabular().Rows(rows...), mapping) -// }, -// } - -// policy_subject_mappingsListCmd = &cobra.Command{ -// Use: "list", -// Short: "List subject mappings", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// list, err := h.ListSubjectMappings() -// if err != nil { -// cli.ExitWithError("Could not get subject mappings", err) -// } - -// t := cli.NewTable().Width(180) -// t.Headers("Id", "Subject Attribute", "Operator", "Subject Values", "Attribute Value ID") -// for _, sm := range list { -// rowCells := []string{ -// sm.Id, -// // sm.SubjectAttribute, -// // handlers.GetSubjectMappingOperatorChoiceFromEnum(sm.Operator), -// // strings.Join(sm.SubjectValues, ", "), -// sm.AttributeValue.Id, -// } -// t.Row(rowCells...) -// } -// HandleSuccess(cmd, "", t, list) -// }, -// } - -// policy_subject_mappingCreateCmd = &cobra.Command{ -// Use: "create", -// Short: "Create a new subject mapping", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// attrValueId := flagHelper.GetRequiredString("attribute-value-id") -// subjectAttribute := flagHelper.GetRequiredString("subject-attribute") -// subjectValues := flagHelper.GetStringSlice("subject-values", subjectValues, cli.FlagHelperStringSliceOptions{Min: 1}) -// operator := flagHelper.GetRequiredString("operator") - -// m := flagHelper.GetOptionalString("metadata") -// metadata := unMarshalMetadata(m) - -// mapping, err := h.CreateNewSubjectMapping(attrValueId, subjectAttribute, subjectValues, operator, metadata) -// if err != nil { -// cli.ExitWithError("Could not create subject mapping", err) -// } - -// rows := [][]string{ -// {"Id", mapping.Id}, -// {"Subject Attribute", mapping.SubjectAttribute}, -// {"Operator", handlers.GetSubjectMappingOperatorChoiceFromEnum(mapping.Operator)}, -// {"Subject Values", strings.Join(mapping.SubjectValues, ", ")}, -// {"Attribute Value Id", mapping.AttributeValue.Id}, -// } - -// if mdRows := getMetadataRows(mapping.Metadata); mdRows != nil { -// rows = append(rows, mdRows...) -// } - -// HandleSuccess(cmd, mapping.Id, -// cli.NewTabular(). -// Rows(rows...), mapping) -// }, -// } - -// policy_subject_mappingDeleteCmd = &cobra.Command{ -// Use: "delete", -// Short: "Delete a subject mapping by id", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") - -// sm, err := h.GetSubjectMapping(id) -// if err != nil { -// errMsg := fmt.Sprintf("Could not find subject mapping (%s)", id) -// cli.ExitWithNotFoundError(errMsg, err) -// cli.ExitWithError(errMsg, err) -// } - -// cli.ConfirmDelete("subject mapping", sm.Id) - -// if err := h.DeleteSubjectMapping(id); err != nil { -// errMsg := fmt.Sprintf("Could not delete subject mapping (%s)", id) -// cli.ExitWithNotFoundError(errMsg, err) -// cli.ExitWithError(errMsg, err) -// } - -// // TODO: handle json output once service sends back deleted subject mapping -// cli.PrintSuccessTable(cmd, id, nil) -// }, -// } - -// policy_subject_mappingUpdateCmd = &cobra.Command{ -// Use: "update", -// Short: "Update a subject mapping", -// Run: func(cmd *cobra.Command, args []string) { -// h := cli.NewHandler(cmd) -// defer h.Close() - -// flagHelper := cli.NewFlagHelper(cmd) -// id := flagHelper.GetRequiredString("id") -// attrValueId := flagHelper.GetRequiredString("attribute-value-id") -// subjectAttribute := flagHelper.GetRequiredString("subject-attribute") -// subjectValues := flagHelper.GetStringSlice("subject-values", subjectValues, cli.FlagHelperStringSliceOptions{Min: 1}) -// operator := flagHelper.GetRequiredString("operator") - -// m := flagHelper.GetOptionalString("metadata") -// metadata := unMarshalMetadata(m) - -// if _, err := h.UpdateSubjectMapping( -// id, -// attrValueId, -// subjectAttribute, -// subjectValues, -// operator, -// metadata, -// ); err != nil { -// cli.ExitWithError("Could not update subject mapping", err) -// } - -// // TODO: handle json output once service sends back updated subject mapping -// fmt.Println(cli.SuccessMessage(fmt.Sprintf("Subject mapping id: (%s) updated.", id))) -// }, -// } + policy_subject_mappingsCmds = []string{ + policy_subject_mappingCreateCmd.Use, + policy_subject_mappingGetCmd.Use, + policy_subject_mappingsListCmd.Use, + policy_subject_mappingUpdateCmd.Use, + policy_subject_mappingDeleteCmd.Use, + } + + standardActions []string + customActions []string + + policy_subject_mappingsCmd = &cobra.Command{ + Use: "subject-mappings", + Short: "Manage subject mappings [" + strings.Join(policy_subject_mappingsCmds, ", ") + "]", + Long: ` +Subject Mappings - relations between Attribute Values and Subject Condition Sets that define the allowed Actions. + +If a User's properties match a Subject Condition Set, the corresponding Subject Mapping provides them a set of allowed Actions +on any Resource (data) containing the mapped Attribute Value. + + Attribute Value <------ Subject Mapping -------> Subject Condition Set + + Subject Mapping: + - Attribute Value: associated Attribute Value that the Subject Mapping Actions are relevant to + - Actions: permitted Actions a Subject can take on Resources containing the Attribute Value + - Subject Condition Set: associated logical structure of external fields and values to match a Subject + +Platform consumption flow: +Subject/User -> IdP/LDAP's External Fields & Values -> SubjectConditionSet -> SubjectMapping w/ Actions -> AttributeValue + +Note: SubjectConditionSets are reusable among SubjectMappings and are available under separate 'policy' commands. +`, + } + + policy_subject_mappingGetCmd = &cobra.Command{ + Use: "get", + Short: "Get a subject mapping by id", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + + mapping, err := h.GetSubjectMapping(id) + if err != nil { + errMsg := fmt.Sprintf("Could not find subject mapping (%s)", id) + cli.ExitWithNotFoundError(errMsg, err) + cli.ExitWithError(errMsg, err) + } + + var actionsJSON []byte + if actionsJSON, err = json.Marshal(mapping.Actions); err != nil { + cli.ExitWithError("Error marshalling subject mapping actions", err) + } + + var subjectSetsJSON []byte + if subjectSetsJSON, err = json.Marshal(mapping.SubjectConditionSet.SubjectSets); err != nil { + cli.ExitWithError("Error marshalling subject condition set", err) + } + + rows := [][]string{ + {"Id", mapping.Id}, + {"Subject AttrVal: Id", mapping.AttributeValue.Id}, + {"Subject AttrVal: Value", mapping.AttributeValue.Value}, + {"Actions", string(actionsJSON)}, + {"Subject Condition Set: Id", mapping.SubjectConditionSet.Id}, + {"Subject Condition Set", string(subjectSetsJSON)}, + } + + if mdRows := getMetadataRows(mapping.Metadata); mdRows != nil { + rows = append(rows, mdRows...) + } + + t := cli.NewTabular().Rows(rows...) + HandleSuccess(cmd, mapping.Id, t, mapping) + }, + } + + policy_subject_mappingsListCmd = &cobra.Command{ + Use: "list", + Short: "List subject mappings", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + list, err := h.ListSubjectMappings() + if err != nil { + cli.ExitWithError("Could not get subject mappings", err) + } + + t := cli.NewTable().Width(180) + t.Headers("Id", "Subject AttrVal: Id", "Subject AttrVal: Value", "Actions", "Subject Condition Set: Id", "Subject Condition Set") + for _, sm := range list { + var actionsJSON []byte + if actionsJSON, err = json.Marshal(sm.Actions); err != nil { + cli.ExitWithError("Error marshalling subject mapping actions", err) + } + + var subjectSetsJSON []byte + if subjectSetsJSON, err = json.Marshal(sm.SubjectConditionSet.SubjectSets); err != nil { + cli.ExitWithError("Error marshalling subject condition set", err) + } + + rowCells := []string{ + sm.Id, + sm.AttributeValue.Id, + sm.AttributeValue.Value, + string(actionsJSON), + sm.SubjectConditionSet.Id, + string(subjectSetsJSON), + } + t.Row(rowCells...) + } + HandleSuccess(cmd, "", t, list) + }, + } + + policy_subject_mappingCreateCmd = &cobra.Command{ + Use: "create", + Short: "Create a new subject mapping", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + attrValueId := flagHelper.GetRequiredString("attribute-value-id") + standardActions := flagHelper.GetStringSlice("action-standard", standardActions, cli.FlagHelperStringSliceOptions{Min: 0}) + customActions := flagHelper.GetStringSlice("action-custom", customActions, cli.FlagHelperStringSliceOptions{Min: 0}) + existingSCSId := flagHelper.GetOptionalString("subject-condition-set-id") + // TODO: do we need to support creating a SM & SCS simultaneously? If so, it gets more complex. + // newScs := flagHelper.GetOptionalString("new-subject-condition-set") + metadataLabels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) + + // validations + if len(standardActions) == 0 && len(customActions) == 0 { + cli.ExitWithError("At least one Standard or Custom Action [--action-standard, --action-custom] is required", nil) + } + if len(standardActions) > 0 { + for _, a := range standardActions { + a = strings.ToUpper(a) + if a != "DECRYPT" && a != "TRANSMIT" { + cli.ExitWithError(fmt.Sprintf("Invalid Standard Action: '%s'. Must be one of [ENCRYPT, TRANSMIT].", a), nil) + } + } + } + actions := getFullActionsList(standardActions, customActions) + + mapping, err := h.CreateNewSubjectMapping(attrValueId, actions, existingSCSId, nil, getMetadata(metadataLabels)) + if err != nil { + cli.ExitWithError("Could not create subject mapping", err) + } + + var actionsJSON []byte + if actionsJSON, err = json.Marshal(mapping.Actions); err != nil { + cli.ExitWithError("Error marshalling subject mapping actions", err) + } + + var subjectSetsJSON []byte + if subjectSetsJSON, err = json.Marshal(mapping.SubjectConditionSet.SubjectSets); err != nil { + cli.ExitWithError("Error marshalling subject condition set", err) + } + + rows := [][]string{ + {"Id", mapping.Id}, + {"Subject AttrVal: Id", mapping.AttributeValue.Id}, + {"Actions", string(actionsJSON)}, + {"Subject Condition Set: Id", mapping.SubjectConditionSet.Id}, + {"Subject Condition Set", string(subjectSetsJSON)}, + {"Attribute Value Id", mapping.AttributeValue.Id}, + } + + if mdRows := getMetadataRows(mapping.Metadata); mdRows != nil { + rows = append(rows, mdRows...) + } + + t := cli.NewTabular().Rows(rows...) + HandleSuccess(cmd, mapping.Id, t, mapping) + }, + } + + policy_subject_mappingDeleteCmd = &cobra.Command{ + Use: "delete", + Short: "Delete a subject mapping by id", + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + + sm, err := h.GetSubjectMapping(id) + if err != nil { + errMsg := fmt.Sprintf("Could not find subject mapping (%s)", id) + cli.ExitWithNotFoundError(errMsg, err) + cli.ExitWithError(errMsg, err) + } + + cli.ConfirmDelete("subject mapping", sm.Id) + + deleted, err := h.DeleteSubjectMapping(id) + if err != nil { + errMsg := fmt.Sprintf("Could not delete subject mapping (%s)", id) + cli.ExitWithNotFoundError(errMsg, err) + cli.ExitWithError(errMsg, err) + } + HandleSuccess(cmd, id, nil, deleted) + }, + } + + policy_subject_mappingUpdateCmd = &cobra.Command{ + Use: "update", + Short: "Update a subject mapping", + Long: ` +Update a Subject Mapping by id. +'Actions' are updated in place, destructively replacing the current set. If you want to add or remove actions, you must provide the +full set of actions on update. `, + Run: func(cmd *cobra.Command, args []string) { + h := cli.NewHandler(cmd) + defer h.Close() + + flagHelper := cli.NewFlagHelper(cmd) + id := flagHelper.GetRequiredString("id") + standardActions := flagHelper.GetStringSlice("action-standard", standardActions, cli.FlagHelperStringSliceOptions{Min: 0}) + customActions := flagHelper.GetStringSlice("action-custom", customActions, cli.FlagHelperStringSliceOptions{Min: 0}) + scsId := flagHelper.GetOptionalString("subject-condition-set-id") + labels := flagHelper.GetStringSlice("label", metadataLabels, cli.FlagHelperStringSliceOptions{Min: 0}) + + if len(standardActions) > 0 { + for _, a := range standardActions { + a = strings.ToUpper(a) + if a != "DECRYPT" && a != "TRANSMIT" { + cli.ExitWithError(fmt.Sprintf("Invalid Standard Action: '%s'. Must be one of [ENCRYPT, TRANSMIT]. Other actions must be custom.", a), nil) + } + } + } + actions := getFullActionsList(standardActions, customActions) + + updated, err := h.UpdateSubjectMapping( + id, + scsId, + actions, + getMetadata(labels), + getMetadataUpdateBehavior(), + ) + if err != nil { + cli.ExitWithError("Could not update subject mapping", err) + } + + HandleSuccess(cmd, id, nil, updated) + }, + } ) +func getSubjectMappingMappingActionEnumFromChoice(readable string) policy.Action_StandardAction { + switch readable { + case "DECRYPT": + return policy.Action_STANDARD_ACTION_DECRYPT + case "TRANSMIT": + return policy.Action_STANDARD_ACTION_TRANSMIT + default: + return policy.Action_STANDARD_ACTION_UNSPECIFIED + } +} + +func getFullActionsList(standardActions, customActions []string) []*policy.Action { + actions := []*policy.Action{} + for _, a := range standardActions { + actions = append(actions, &policy.Action{ + Value: &policy.Action_Standard{ + Standard: getSubjectMappingMappingActionEnumFromChoice(a), + }, + }) + } + for _, a := range customActions { + actions = append(actions, &policy.Action{ + Value: &policy.Action_Custom{ + Custom: a, + }, + }) + } + return actions +} + func init() { - // policyCmd.AddCommand(policy_subject_mappingsCmd) - - // policy_subject_mappingsCmd.AddCommand(policy_subject_mappingGetCmd) - // policy_subject_mappingGetCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") - - // policy_subject_mappingsCmd.AddCommand(policy_subject_mappingsListCmd) - - // policy_subject_mappingsCmd.AddCommand(policy_subject_mappingCreateCmd) - // policy_subject_mappingCreateCmd.Flags().StringP("attribute-value-id", "a", "", "Id of the attribute value") - // policy_subject_mappingCreateCmd.Flags().StringP("subject-attribute", "s", "", "Subject attribute") - // policy_subject_mappingCreateCmd.Flags().StringSliceVarP(&subjectValues, "subject-values", "v", []string{}, "Subject values") - // policy_subject_mappingCreateCmd.Flags().StringP("operator", "o", "", "Operator") - // policy_subject_mappingCreateCmd.Flags().StringP("metadata", "m", "", "Metadata (optional): labels and description") - - // policy_subject_mappingsCmd.AddCommand(policy_subject_mappingUpdateCmd) - // policy_subject_mappingUpdateCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") - // policy_subject_mappingUpdateCmd.Flags().StringP("attribute-value-id", "a", "", "Id of the attribute value") - // policy_subject_mappingUpdateCmd.Flags().StringP("subject-attribute", "s", "", "Subject attribute") - // policy_subject_mappingUpdateCmd.Flags().StringSliceVarP(&subjectValues, "subject-values", "v", []string{}, "Subject values") - // policy_subject_mappingUpdateCmd.Flags().StringP("operator", "o", "", "Operator: [IN, NOT_IN]") - // policy_subject_mappingUpdateCmd.Flags().StringP("metadata", "m", "", "Metadata (optional): labels and description") - - // policy_subject_mappingsCmd.AddCommand(policy_subject_mappingDeleteCmd) - // policy_subject_mappingDeleteCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") + policyCmd.AddCommand(policy_subject_mappingsCmd) + + policy_subject_mappingsCmd.AddCommand(policy_subject_mappingGetCmd) + policy_subject_mappingGetCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") + + policy_subject_mappingsCmd.AddCommand(policy_subject_mappingsListCmd) + + policy_subject_mappingsCmd.AddCommand(policy_subject_mappingCreateCmd) + policy_subject_mappingCreateCmd.Flags().StringP("attribute-value-id", "a", "", "Id of the mapped Attribute Value") + policy_subject_mappingCreateCmd.Flags().StringSliceVarP(&standardActions, "action-standard", "s", []string{}, "Standard Action: [DECRYPT, TRANSMIT]") + policy_subject_mappingCreateCmd.Flags().StringSliceVarP(&customActions, "action-custom", "c", []string{}, "Custom Action") + policy_subject_mappingCreateCmd.Flags().String("subject-condition-set-id", "", "Pre-existing Subject Condition Set Id") + // TODO: do we need to support creating a SM & SCS simultaneously? If so, it gets more complex. + // policy_subject_mappingCreateCmd.Flags().StringP("new-subject-condition-set", "scs", "", "New Subject Condition Set (optional)") + policy_subject_mappingCreateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional metadata 'labels' in the format: key=value") + + policy_subject_mappingsCmd.AddCommand(policy_subject_mappingUpdateCmd) + policy_subject_mappingUpdateCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") + policy_subject_mappingUpdateCmd.Flags().StringSliceVarP(&standardActions, "action-standard", "s", []string{}, "Standard Action: [DECRYPT, TRANSMIT]. Note: destructively replaces existing Actions.") + policy_subject_mappingUpdateCmd.Flags().StringSliceVarP(&customActions, "action-custom", "c", []string{}, "Custom Action. Note: destructively replaces existing Actions.") + policy_subject_mappingUpdateCmd.Flags().String("subject-condition-set-id", "", "Updated Subject Condition Set Id") + policy_subject_mappingUpdateCmd.Flags().StringSliceVarP(&metadataLabels, "label", "l", []string{}, "Optional new metadata 'labels' in the format: key=value") + policy_subject_mappingUpdateCmd.Flags().BoolVar(&forceReplaceMetadataLabels, "force-replace-labels", false, "Destructively replace entire set of existing metadata 'labels' with any provided to this command.") + + policy_subject_mappingsCmd.AddCommand(policy_subject_mappingDeleteCmd) + policy_subject_mappingDeleteCmd.Flags().StringP("id", "i", "", "Id of the subject mapping") } diff --git a/go.mod b/go.mod index 4ff3ddcf..e2c5c902 100644 --- a/go.mod +++ b/go.mod @@ -8,10 +8,15 @@ require ( github.com/charmbracelet/bubbletea v0.25.0 github.com/charmbracelet/huh v0.3.0 github.com/charmbracelet/lipgloss v0.10.0 + github.com/creasty/defaults v1.7.0 + github.com/golang-jwt/jwt/v4 v4.5.0 github.com/muesli/reflow v0.3.0 github.com/opentdf/platform/protocol/go v0.0.0-20240314151303-79519c9c870f github.com/opentdf/platform/sdk v0.0.0-20240314151303-79519c9c870f github.com/spf13/cobra v1.8.0 + github.com/spf13/viper v1.18.2 + github.com/zalando/go-keyring v0.2.4 + golang.org/x/oauth2 v0.16.0 google.golang.org/grpc v1.62.1 ) @@ -25,9 +30,7 @@ require ( github.com/catppuccin/go v0.2.0 // indirect github.com/containerd/console v1.0.4 // indirect github.com/coreos/go-oidc/v3 v3.9.0 // indirect - github.com/creasty/defaults v1.7.0 // indirect github.com/danieljoos/wincred v1.2.0 // indirect - github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-jose/go-jose/v3 v3.0.3 // indirect @@ -35,8 +38,6 @@ require ( github.com/go-logr/stdr v1.2.2 // indirect github.com/goccy/go-json v0.10.2 // indirect github.com/godbus/dbus/v5 v5.1.0 // indirect - github.com/golang-jwt/jwt v3.2.2+incompatible // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/uuid v1.6.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect @@ -61,7 +62,6 @@ require ( github.com/muesli/termenv v0.15.2 // indirect github.com/opentdf/backend-go v0.1.17 // indirect github.com/pelletier/go-toml/v2 v2.1.0 // indirect - github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/rivo/uniseg v0.4.7 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect github.com/sagikazarmark/locafero v0.4.0 // indirect @@ -72,26 +72,21 @@ require ( github.com/spf13/afero v1.11.0 // indirect github.com/spf13/cast v1.6.0 // indirect github.com/spf13/pflag v1.0.5 // indirect - github.com/spf13/viper v1.18.2 // indirect github.com/subosito/gotenv v1.6.0 // indirect github.com/virtru/access-pdp v1.11.0 // indirect - github.com/zalando/go-keyring v0.2.3 // indirect - go.opentelemetry.io/otel v1.21.0 // indirect - go.opentelemetry.io/otel/metric v1.21.0 // indirect - go.opentelemetry.io/otel/trace v1.21.0 // indirect + go.opentelemetry.io/otel v1.24.0 // indirect + go.opentelemetry.io/otel/metric v1.24.0 // indirect + go.opentelemetry.io/otel/trace v1.24.0 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.26.0 // indirect + go.uber.org/zap v1.27.0 // indirect golang.org/x/crypto v0.21.0 // indirect - golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect + golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect golang.org/x/net v0.22.0 // indirect - golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sync v0.6.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/tools v0.16.1 // indirect google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240311173647-c811ad7063a7 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 // indirect google.golang.org/protobuf v1.33.0 // indirect diff --git a/go.sum b/go.sum index 2c6abdd0..1a446025 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,3 @@ -buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.32.0-20231115204500-e097f827e652.1 h1:u0olL4yf2p7Tl5jfsAK5keaFi+JFJuv1CDHrbiXkxkk= -buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.32.0-20231115204500-e097f827e652.1/go.mod h1:tiTMKD8j6Pd/D2WzREoweufjzaJKHZg35f/VGcZ2v3I= buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240221180331-f05a6f4403ce.1 h1:0nWhrRcnkgw1kwJ7xibIO8bqfOA7pBzBjGCDBxIHch8= buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240221180331-f05a6f4403ce.1/go.mod h1:Tgn5bgL220vkFOI0KPStlcClPeOJzAv4uT+V8JXGUnw= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= @@ -12,6 +10,8 @@ github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migc github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w= +github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8= +github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= github.com/adrg/frontmatter v0.2.0 h1:/DgnNe82o03riBd1S+ZDjd43wAmC6W35q67NHeLkPd4= github.com/adrg/frontmatter v0.2.0/go.mod h1:93rQCj3z3ZlwyxxpQioRKC1wDLto4aXHrbqIsnH9wmE= github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0= @@ -24,20 +24,14 @@ github.com/catppuccin/go v0.2.0 h1:ktBeIrIP42b/8FGiScP9sgrWOss3lw0Z5SktRoithGA= github.com/catppuccin/go v0.2.0/go.mod h1:8IHJuMGaUUjQM82qBrGNBv7LFq6JI3NnQCF6MOlZjpc= github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= -github.com/charmbracelet/bubbles v0.17.2-0.20240108170749-ec883029c8e6 h1:6nVCV8pqGaeyxetur3gpX3AAaiyKgzjIoCPV3NXKZBE= -github.com/charmbracelet/bubbles v0.17.2-0.20240108170749-ec883029c8e6/go.mod h1:9HxZWlkCqz2PRwsCbYl7a3KXvGzFaDHpYbSYMJ+nE3o= github.com/charmbracelet/bubbles v0.18.0 h1:PYv1A036luoBGroX6VWjQIE9Syf2Wby2oOl/39KLfy0= github.com/charmbracelet/bubbles v0.18.0/go.mod h1:08qhZhtIwzgrtBjAcJnij1t1H0ZRjwHyGsy6AL11PSw= github.com/charmbracelet/bubbletea v0.25.0 h1:bAfwk7jRz7FKFl9RzlIULPkStffg5k6pNt5dywy4TcM= github.com/charmbracelet/bubbletea v0.25.0/go.mod h1:EN3QDR1T5ZdWmdfDzYcqOCAps45+QIJbLOBxmVNWNNg= github.com/charmbracelet/huh v0.3.0 h1:CxPplWkgW2yUTDDG0Z4S5HH8SJOosWHd4LxCvi0XsKE= github.com/charmbracelet/huh v0.3.0/go.mod h1:fujUdKX8tC45CCSaRQdw789O6uaCRwx8l2NDyKfC4jA= -github.com/charmbracelet/lipgloss v0.9.1 h1:PNyd3jvaJbg4jRHKWXnCj1akQm4rh8dbEzN1p/u1KWg= -github.com/charmbracelet/lipgloss v0.9.1/go.mod h1:1mPmG4cxScwUQALAAnacHaigiiHB9Pmr+v1VEawJl6I= github.com/charmbracelet/lipgloss v0.10.0 h1:KWeXFSexGcfahHX+54URiZGkBFazf70JNMtwg/AFW3s= github.com/charmbracelet/lipgloss v0.10.0/go.mod h1:Wig9DSfvANsxqkRsqj6x87irdy123SR4dOXlKa91ciE= -github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= -github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= github.com/containerd/console v1.0.4 h1:F2g4+oChYvBTsASRTz8NP6iIAi97J3TtSAsLbIFn4ro= github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= github.com/containerd/containerd v1.7.12 h1:+KQsnv4VnzyxWcfO9mlxxELaoztsDEjOuCMPAuPqgU0= @@ -69,10 +63,10 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= -github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -88,17 +82,12 @@ github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= @@ -125,14 +114,10 @@ github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJGdI8= -github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/httprc v1.0.5 h1:bsTfiH8xaKOJPrg1R+E3iE/AWZr/x0Phj9PBTG/OLUk= github.com/lestrrat-go/httprc v1.0.5/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx/v2 v2.0.19 h1:ekv1qEZE6BVct89QA+pRF6+4pCpfVrOnEJnTnT4RXoY= -github.com/lestrrat-go/jwx/v2 v2.0.19/go.mod h1:l3im3coce1lL2cDeAjqmaR+Awx+X8Ih+2k8BuHNJ4CU= github.com/lestrrat-go/jwx/v2 v2.0.21 h1:jAPKupy4uHgrHFEdjVjNkUgoBKtVDgrQPB/h55FHrR0= github.com/lestrrat-go/jwx/v2 v2.0.21/go.mod h1:09mLW8zto6bWL9GbwnqAli+ArLf+5M33QLQPDggkUWM= github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= @@ -176,18 +161,10 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= -github.com/opentdf/backend-go v0.1.16 h1:t7OD3ShBCeuAZWUKZNYJJBfC01d4X0EL5a6J1UnIdx4= -github.com/opentdf/backend-go v0.1.16/go.mod h1:4RAZ3K19YOJkpxSh4jl6vtjOUkK3H/zqA32LeBf3CDQ= github.com/opentdf/backend-go v0.1.17 h1:RA/9Mj7OKycnvOrkIZTJCsSyROCcioXzzqMUlnCxP48= github.com/opentdf/backend-go v0.1.17/go.mod h1:4RAZ3K19YOJkpxSh4jl6vtjOUkK3H/zqA32LeBf3CDQ= -github.com/opentdf/platform/protocol/go v0.0.0-20240301211102-04107b3757a9 h1:7E2tnDEZjIwHys0gPPs56Emf+sw1dKXmr+Ho/n/jH8M= -github.com/opentdf/platform/protocol/go v0.0.0-20240301211102-04107b3757a9/go.mod h1:O0Wolf3NAhKII0hfDcEPtpsXe/VcUI7Lq/rNqh8I7Wk= github.com/opentdf/platform/protocol/go v0.0.0-20240314151303-79519c9c870f h1:+xE7MKFotF15VAEzvgx8LEK/ysx0RuZhoOc6vnKOr8Q= github.com/opentdf/platform/protocol/go v0.0.0-20240314151303-79519c9c870f/go.mod h1:qwJ2OQqNVtucVgkLlZhz6O1I1fxqHTXrl5HVRu9AO4Y= -github.com/opentdf/platform/sdk v0.0.0-20240301211102-04107b3757a9 h1:NY4GcZ5IETFH2NyexuEENgkL79ZiSQNaZhzs9OkozaI= -github.com/opentdf/platform/sdk v0.0.0-20240301211102-04107b3757a9/go.mod h1:ugS04emTB9g96A4sqNjOFVn0Ip4B/VVYQ+eAKD7OFxM= -github.com/opentdf/platform/sdk v0.0.0-20240305152130-b34c2fe9ad70 h1:FjKH+bwYRho7mJqPjX3vFnZu5jv7sjdupPhAI37xYgM= -github.com/opentdf/platform/sdk v0.0.0-20240305152130-b34c2fe9ad70/go.mod h1:secHYA6In0KqYB67IzB6b/GdFciPPSZUsjAXjvWkuU0= github.com/opentdf/platform/sdk v0.0.0-20240314151303-79519c9c870f h1:T7z84OKFYYX59KHAB3ifcu1EUUQT1kcCthADLihvSA4= github.com/opentdf/platform/sdk v0.0.0-20240314151303-79519c9c870f/go.mod h1:7HLs/qMMlM3aTf6alULPgXet/AYzc4EySv94GRoA50Q= github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4= @@ -201,8 +178,6 @@ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= @@ -236,13 +211,15 @@ github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/testcontainers/testcontainers-go v0.28.0 h1:1HLm9qm+J5VikzFDYhOd+Zw12NtOl+8drH2E8nTY1r8= @@ -256,65 +233,48 @@ github.com/virtru/access-pdp v1.11.0/go.mod h1:7OkDvrJX9qtzZ8KYFv7uvbp3IuhJZBqjV github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw= github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= -github.com/zalando/go-keyring v0.2.3 h1:v9CUu9phlABObO4LPWycf+zwMG7nlbb3t/B5wa97yms= -github.com/zalando/go-keyring v0.2.3/go.mod h1:HL4k+OXQfJUWaMnqyuSOc0drfGPX2b51Du6K+MRgZMk= +github.com/zalando/go-keyring v0.2.4 h1:wi2xxTqdiwMKbM6TWwi+uJCG/Tum2UV0jqaQhCa9/68= +github.com/zalando/go-keyring v0.2.4/go.mod h1:HL4k+OXQfJUWaMnqyuSOc0drfGPX2b51Du6K+MRgZMk= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 h1:x8Z78aZx8cOF0+Kkazoc7lwUNMGy0LrzEMxTm4BbTxg= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0/go.mod h1:62CPTSry9QZtOaSsE3tOzhx6LzDhHnXJ6xHeMNNiM6Q= -go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= -go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo= go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= -go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= -go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= -go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= -go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI= go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= -golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ= +golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= -golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc= golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= -golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= -golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -324,8 +284,6 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -333,8 +291,6 @@ golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9sn golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= -golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= @@ -350,39 +306,25 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe h1:USL2DhxfgRchafRvt/wYyyQNzwgL7ZiURcozOE/Pkvo= -google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:cc8bqMqtv9gMOr0zHg2Vzff5ULhhL2IXP4sbcn32Dro= -google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 h1:ImUcDPHjTrAqNhlOkSocDLfG9rrNHH7w7uoKWPaWZ8s= -google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7/go.mod h1:/3XmxOjePkvmKrHuBy4zNFw7IzxJXtAgdpXi8Ll990U= -google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 h1:x9PwdEgd11LgK+orcck69WVRo7DezSO4VUMPI4xpc8A= -google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014/go.mod h1:rbHMSEDyoYX62nRVLOCc4Qt1HbsdytAYoVwgjiOhF3I= google.golang.org/genproto/googleapis/api v0.0.0-20240311173647-c811ad7063a7 h1:oqta3O3AnlWbmIE3bFnWbu4bRxZjfbWCp0cKSuZh01E= google.golang.org/genproto/googleapis/api v0.0.0-20240311173647-c811ad7063a7/go.mod h1:VQW3tUculP/D4B+xVCo+VgSq8As6wA9ZjHl//pmk+6s= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe h1:bQnxqljG/wqi4NTXu2+DJ3n7APcEA882QZ1JvhQAq9o= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 h1:8EeVk1VKMD+GD/neyEHGmz7pFblqPjHoi+PGQIlLx2s= google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= -google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= -google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/go-jose/go-jose.v2 v2.6.2 h1:Rl5+9rA0kG3vsO1qhncMPRT5eHICihAMQYJkD7u/i4M= -gopkg.in/go-jose/go-jose.v2 v2.6.2/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= gopkg.in/go-jose/go-jose.v2 v2.6.3 h1:nt80fvSDlhKWQgSWyHyy5CfmlQr+asih51R8PTWNKKs= gopkg.in/go-jose/go-jose.v2 v2.6.3/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= diff --git a/pkg/handlers/attribute.go b/pkg/handlers/attribute.go index fa85857a..9fefa7c7 100644 --- a/pkg/handlers/attribute.go +++ b/pkg/handlers/attribute.go @@ -49,7 +49,7 @@ func (h Handler) ListAttributes() ([]*policy.Attribute, error) { return resp.Attributes, err } -func (h Handler) CreateAttribute(name string, rule string, namespace string) (*policy.Attribute, error) { +func (h Handler) CreateAttribute(name string, rule string, namespace string, metadata *common.MetadataMutable) (*policy.Attribute, error) { r, err := GetAttributeRuleFromReadableString(rule) if err != nil { return nil, err @@ -59,6 +59,7 @@ func (h Handler) CreateAttribute(name string, rule string, namespace string) (*p NamespaceId: namespace, Name: name, Rule: r, + Metadata: metadata, } resp, err := h.sdk.Attributes.CreateAttribute(h.ctx, attrReq) @@ -76,13 +77,16 @@ func (h Handler) CreateAttribute(name string, rule string, namespace string) (*p }, nil } +// TODO: verify updation behavior func (h *Handler) UpdateAttribute( id string, - fns ...func(*common.MetadataMutable) *common.MetadataMutable, + metadata *common.MetadataMutable, + behavior common.MetadataUpdateEnum, ) (*attributes.UpdateAttributeResponse, error) { return h.sdk.Attributes.UpdateAttribute(h.ctx, &attributes.UpdateAttributeRequest{ - Id: id, - Metadata: buildMetadata(&common.MetadataMutable{}, fns...), + Id: id, + Metadata: metadata, + MetadataUpdateBehavior: behavior, }) } diff --git a/pkg/handlers/kas-registry.go b/pkg/handlers/kas-registry.go index 72d25c1f..07416006 100644 --- a/pkg/handlers/kas-registry.go +++ b/pkg/handlers/kas-registry.go @@ -16,62 +16,47 @@ func (h Handler) GetKasRegistryEntry(id string) (*kasregistry.KeyAccessServer, e return resp.KeyAccessServer, nil } -// ListKasRegistryEntries lists the KeyAccessServer entries in the project. func (h Handler) ListKasRegistryEntries() ([]*kasregistry.KeyAccessServer, error) { - // Create a request to list the KeyAccessServer entries. req := &kasregistry.ListKeyAccessServersRequest{} - // List the KeyAccessServer entries using the SDK. resp, err := h.sdk.KeyAccessServerRegistry.ListKeyAccessServers(h.ctx, req) if err != nil { return nil, err } - // Return the list of KeyAccessServer entries. return resp.KeyAccessServers, nil } -// CreateKasRegistryEntry creates a KeyAccessServer entry in the project. -// map[string]interface{} used to handle arbitarily structured metadata func (h Handler) CreateKasRegistryEntry(uri string, publicKey *kasregistry.PublicKey, metadata *common.MetadataMutable) (*kasregistry.KeyAccessServer, error) { - // Create a request to create a KeyAccessServer entry. req := &kasregistry.CreateKeyAccessServerRequest{ Uri: uri, PublicKey: publicKey, Metadata: metadata, } - // Create the KeyAccessServer entry using the SDK. resp, err := h.sdk.KeyAccessServerRegistry.CreateKeyAccessServer(h.ctx, req) if err != nil { return nil, err } - // Return the created KeyAccessServer entry. return resp.KeyAccessServer, nil } -// UpdateKasRegistryEntry updates a KeyAccessServer entry in the project. -// note: we are specifically building the request on the otherside, due to so manu of the options being optional +// TODO: verify updation behavior func (h Handler) UpdateKasRegistryEntry(id string, kasUpdateReq *kasregistry.UpdateKeyAccessServerRequest) (*kasregistry.KeyAccessServer, error) { - // Update the KeyAccessServer entry using the SDK. resp, err := h.sdk.KeyAccessServerRegistry.UpdateKeyAccessServer(h.ctx, kasUpdateReq) if err != nil { return nil, err } - // Return the updated KeyAccess Server entry. return resp.KeyAccessServer, nil } -// DeleteKasRegistryEntry deletes a KeyAccessServer entry from the project. func (h Handler) DeleteKasRegistryEntry(id string) error { - // Create a request to delete a KeyAccessServer entry. req := &kasregistry.DeleteKeyAccessServerRequest{ Id: id, } - // Delete the KeyAccessServer entry using the SDK. _, err := h.sdk.KeyAccessServerRegistry.DeleteKeyAccessServer(h.ctx, req) if err != nil { return err diff --git a/pkg/handlers/namespaces.go b/pkg/handlers/namespaces.go index 651c6787..58a9e69b 100644 --- a/pkg/handlers/namespaces.go +++ b/pkg/handlers/namespaces.go @@ -1,6 +1,7 @@ package handlers import ( + "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/namespaces" ) @@ -25,9 +26,10 @@ func (h Handler) ListNamespaces() ([]*policy.Namespace, error) { return resp.Namespaces, nil } -func (h Handler) CreateNamespace(name string) (*policy.Namespace, error) { +func (h Handler) CreateNamespace(name string, metadata *common.MetadataMutable) (*policy.Namespace, error) { resp, err := h.sdk.Namespaces.CreateNamespace(h.ctx, &namespaces.CreateNamespaceRequest{ - Name: name, + Name: name, + Metadata: metadata, }) if err != nil { return nil, err @@ -36,9 +38,11 @@ func (h Handler) CreateNamespace(name string) (*policy.Namespace, error) { return resp.Namespace, nil } -func (h Handler) UpdateNamespace(id string, name string) (*policy.Namespace, error) { +func (h Handler) UpdateNamespace(id string, metadata *common.MetadataMutable, behavior common.MetadataUpdateEnum) (*policy.Namespace, error) { resp, err := h.sdk.Namespaces.UpdateNamespace(h.ctx, &namespaces.UpdateNamespaceRequest{ - Id: id, + Id: id, + Metadata: metadata, + MetadataUpdateBehavior: behavior, }) if err != nil { return nil, err diff --git a/pkg/handlers/resourceMappings.go b/pkg/handlers/resourceMappings.go index 3b4321ff..df23eb66 100644 --- a/pkg/handlers/resourceMappings.go +++ b/pkg/handlers/resourceMappings.go @@ -3,6 +3,7 @@ package handlers import ( "context" + "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/resourcemapping" ) @@ -13,10 +14,11 @@ type ResourceMapping struct { Terms []string } -func (h *Handler) CreateResourceMapping(attributeId string, terms []string) (*policy.ResourceMapping, error) { +func (h *Handler) CreateResourceMapping(attributeId string, terms []string, metadata *common.MetadataMutable) (*policy.ResourceMapping, error) { res, err := h.sdk.ResourceMapping.CreateResourceMapping(context.Background(), &resourcemapping.CreateResourceMappingRequest{ AttributeValueId: attributeId, Terms: terms, + Metadata: metadata, }) if err != nil { return nil, err @@ -45,11 +47,14 @@ func (h *Handler) ListResourceMappings() ([]*policy.ResourceMapping, error) { return res.ResourceMappings, nil } -func (h *Handler) UpdateResourceMapping(id string, attrValueId string, terms []string) (*policy.ResourceMapping, error) { +// TODO: verify updation behavior +func (h *Handler) UpdateResourceMapping(id string, attrValueId string, terms []string, metadata *common.MetadataMutable, behavior common.MetadataUpdateEnum) (*policy.ResourceMapping, error) { res, err := h.sdk.ResourceMapping.UpdateResourceMapping(context.Background(), &resourcemapping.UpdateResourceMappingRequest{ - Id: id, - AttributeValueId: attrValueId, - Terms: terms, + Id: id, + AttributeValueId: attrValueId, + Terms: terms, + Metadata: metadata, + MetadataUpdateBehavior: behavior, }) if err != nil { return nil, err diff --git a/pkg/handlers/sdk.go b/pkg/handlers/sdk.go index ee9ba537..4c7c6fc8 100644 --- a/pkg/handlers/sdk.go +++ b/pkg/handlers/sdk.go @@ -28,7 +28,7 @@ func New(platformEndpoint string) (Handler, error) { // scopes := []string{"email"} // create the sdk with the client credentials - //NOTE FROM AVERY: The below line is commented out because although it should work, the SDK + // NOTE FROM AVERY: The below line is commented out because although it should work, the SDK // is having trouble with the "WithClientCredentials" endpoint // so although the commented out line should work, and will work in the future, today it doesn't, so // to facilitate development, we're leaving it commented, until the SDK is fixed, and using the insecure connection instead @@ -49,16 +49,6 @@ func (h Handler) Close() error { return h.sdk.Close() } -// Replace the description in the metadata -func (h Handler) WithDescriptionMetadata(metadata *common.Metadata, description string) func() *common.Metadata { - return func() *common.Metadata { - nextMetadata := &common.Metadata{ - Labels: metadata.Labels, - } - return nextMetadata - } -} - // Replace all labels in the metadata func (h Handler) WithReplaceLabelsMetadata(metadata *common.MetadataMutable, labels map[string]string) func(*common.MetadataMutable) *common.MetadataMutable { return func(*common.MetadataMutable) *common.MetadataMutable { diff --git a/pkg/handlers/subjectmappings.go b/pkg/handlers/subjectmappings.go index a9f30993..6123883f 100644 --- a/pkg/handlers/subjectmappings.go +++ b/pkg/handlers/subjectmappings.go @@ -1,10 +1,6 @@ package handlers import ( - "fmt" - "slices" - "strings" - "github.com/opentdf/platform/protocol/go/common" "github.com/opentdf/platform/protocol/go/policy" "github.com/opentdf/platform/protocol/go/policy/subjectmapping" @@ -22,68 +18,42 @@ func (h Handler) GetSubjectMapping(id string) (*policy.SubjectMapping, error) { resp, err := h.sdk.SubjectMapping.GetSubjectMapping(h.ctx, &subjectmapping.GetSubjectMappingRequest{ Id: id, }) - if err != nil { - return nil, err - } - - return resp.SubjectMapping, nil + return resp.SubjectMapping, err } func (h Handler) ListSubjectMappings() ([]*policy.SubjectMapping, error) { resp, err := h.sdk.SubjectMapping.ListSubjectMappings(h.ctx, &subjectmapping.ListSubjectMappingsRequest{}) - if err != nil { - return nil, err - } - return resp.SubjectMappings, nil + return resp.SubjectMappings, err } -func (h Handler) CreateNewSubjectMapping(attributeValueId string, subjectAttribute string, subjectValues []string, operator string, metadata *common.MetadataMutable) (*policy.SubjectMapping, error) { - if !slices.Contains(SubjectMappingOperatorEnumChoices, operator) { - return nil, fmt.Errorf("Invalid operator. Must be one of [%s]" + strings.Join(SubjectMappingOperatorEnumChoices, ", ")) - } - +func (h Handler) CreateNewSubjectMapping(attrValId string, actions []*policy.Action, existingSCSId string, newScs *subjectmapping.SubjectConditionSetCreate, m *common.MetadataMutable) (*policy.SubjectMapping, error) { resp, err := h.sdk.SubjectMapping.CreateSubjectMapping(h.ctx, &subjectmapping.CreateSubjectMappingRequest{ - AttributeValueId: attributeValueId, - // SubjectAttribute: subjectAttribute, - // SubjectValues: subjectValues, - // Operator: GetSubjectMappingOperatorFromChoice(operator), - Metadata: metadata, + AttributeValueId: attrValId, + Actions: actions, + ExistingSubjectConditionSetId: existingSCSId, + NewSubjectConditionSet: newScs, + Metadata: m, }) - if err != nil { - return nil, err - } - - return resp.SubjectMapping, nil + return resp.SubjectMapping, err } -func (h Handler) UpdateSubjectMapping(id string, attributeValueId string, subjectAttribute string, subjectValues []string, operator string, metadata *common.MetadataMutable) (*policy.SubjectMapping, error) { - if !slices.Contains(SubjectMappingOperatorEnumChoices, operator) { - return nil, fmt.Errorf("Invalid operator. Must be one of [%s]" + strings.Join(SubjectMappingOperatorEnumChoices, ", ")) - } - +func (h Handler) UpdateSubjectMapping(id string, updatedSCSId string, updatedActions []*policy.Action, metadata *common.MetadataMutable, metadataBehavior common.MetadataUpdateEnum) (*policy.SubjectMapping, error) { resp, err := h.sdk.SubjectMapping.UpdateSubjectMapping(h.ctx, &subjectmapping.UpdateSubjectMappingRequest{ - Id: id, - // SubjectAttribute: subjectAttribute, - // SubjectValues: subjectValues, - // Operator: GetSubjectMappingOperatorFromChoice(operator), - Metadata: metadata, + Id: id, + SubjectConditionSetId: updatedSCSId, + Actions: updatedActions, + MetadataUpdateBehavior: metadataBehavior, + Metadata: metadata, }) - if err != nil { - return nil, err - } - return resp.SubjectMapping, nil + return resp.SubjectMapping, err } -func (h Handler) DeleteSubjectMapping(id string) error { - _, err := h.sdk.SubjectMapping.DeleteSubjectMapping(h.ctx, &subjectmapping.DeleteSubjectMappingRequest{ +func (h Handler) DeleteSubjectMapping(id string) (*policy.SubjectMapping, error) { + resp, err := h.sdk.SubjectMapping.DeleteSubjectMapping(h.ctx, &subjectmapping.DeleteSubjectMappingRequest{ Id: id, }) - if err != nil { - return err - } - - return nil + return resp.SubjectMapping, err } func GetSubjectMappingOperatorFromChoice(readable string) policy.SubjectMappingOperatorEnum {