diff --git a/internal/api/adapters/db/db.go b/internal/api/adapters/db/db.go index f552d051..ef708872 100644 --- a/internal/api/adapters/db/db.go +++ b/internal/api/adapters/db/db.go @@ -24,7 +24,7 @@ func NewDB(conn *gorm.DB) *DB { // RunMigrations ... func (db *DB) RunMigrations() error { return db.conn.AutoMigrate( - &models.Team{}, + &authz.Team{}, &authz.User{}, &authz.Role{}, &authz.Permission{}, @@ -36,8 +36,6 @@ func (db *DB) RunMigrations() error { &models.Account{}, &models.System{}, &models.Tag{}, - &models.Ownership{}, - &models.Allow{}, &models.Cluster{}, &models.SigningKeyGroup{}, ) diff --git a/internal/api/adapters/db/teams.go b/internal/api/adapters/db/teams.go index 3c8a20bb..ee0d7f95 100644 --- a/internal/api/adapters/db/teams.go +++ b/internal/api/adapters/db/teams.go @@ -3,25 +3,26 @@ package db import ( "context" + authz "github.com/zeiss/fiber-authz" "github.com/zeiss/typhoon/internal/api/models" ) // CreateTeam creates a new team. -func (db *DB) CreateTeam(ctx context.Context, team *models.Team) error { +func (db *DB) CreateTeam(ctx context.Context, team *authz.Team) error { return db.conn.WithContext(ctx).Create(team).Error } // GetTeam retrieves a team by its ID. -func (db *DB) GetTeam(ctx context.Context, team *models.Team) error { +func (db *DB) GetTeam(ctx context.Context, team *authz.Team) error { return db.conn.WithContext(ctx).First(team).Error } // DeleteTeam deletes a team by its ID. -func (db *DB) DeleteTeam(ctx context.Context, team *models.Team) error { +func (db *DB) DeleteTeam(ctx context.Context, team *authz.Team) error { return db.conn.WithContext(ctx).Delete(team).Error } // ListTeams retrieves all teams. -func (db *DB) ListTeams(ctx context.Context, pagination *models.Pagination[models.Team]) error { +func (db *DB) ListTeams(ctx context.Context, pagination *models.Pagination[authz.Team]) error { return db.conn.WithContext(ctx).Scopes(models.Paginate(&pagination.Rows, pagination, db.conn)).Find(&pagination.Rows).Error } diff --git a/internal/api/controllers/teams.go b/internal/api/controllers/teams.go index dc539923..33c12b25 100644 --- a/internal/api/controllers/teams.go +++ b/internal/api/controllers/teams.go @@ -39,13 +39,13 @@ var _ TeamsController = (*teamsController)(nil) // TeamsController ... type TeamsController interface { // CreateTeam ... - CreateTeam(ctx context.Context, cmd CreateTeamCommand) (models.Team, error) + CreateTeam(ctx context.Context, cmd CreateTeamCommand) (authz.Team, error) // DeleteTeam ... DeleteTeam(ctx context.Context, cmd DeleteTeamCommand) error // GetTeam ... - GetTeam(ctx context.Context, query GetTeamQuery) (models.Team, error) + GetTeam(ctx context.Context, query GetTeamQuery) (authz.Team, error) // ListTeams ... - ListTeams(ctx context.Context, query ListTeamsQuery) (models.Pagination[models.Team], error) + ListTeams(ctx context.Context, query ListTeamsQuery) (models.Pagination[authz.Team], error) } type teamsController struct { @@ -58,12 +58,10 @@ func NewTeamsController(db ports.Teams) *teamsController { } // CreateTeam ... -func (c *teamsController) CreateTeam(ctx context.Context, cmd CreateTeamCommand) (models.Team, error) { - team := models.Team{ - Team: &authz.Team{ - Name: cmd.Name, - Description: utils.StrPtr(cmd.Description), - }, +func (c *teamsController) CreateTeam(ctx context.Context, cmd CreateTeamCommand) (authz.Team, error) { + team := authz.Team{ + Name: cmd.Name, + Description: utils.StrPtr(cmd.Description), } err := c.db.CreateTeam(ctx, &team) @@ -76,21 +74,17 @@ func (c *teamsController) CreateTeam(ctx context.Context, cmd CreateTeamCommand) // DeleteTeam ... func (c *teamsController) DeleteTeam(ctx context.Context, cmd DeleteTeamCommand) error { - team := models.Team{ - Team: &authz.Team{ - ID: cmd.ID, - }, + team := authz.Team{ + ID: cmd.ID, } return c.db.DeleteTeam(ctx, &team) } // GetTeam ... -func (c *teamsController) GetTeam(ctx context.Context, query GetTeamQuery) (models.Team, error) { - team := models.Team{ - Team: &authz.Team{ - ID: query.ID, - }, +func (c *teamsController) GetTeam(ctx context.Context, query GetTeamQuery) (authz.Team, error) { + team := authz.Team{ + ID: query.ID, } err := c.db.GetTeam(ctx, &team) @@ -102,8 +96,8 @@ func (c *teamsController) GetTeam(ctx context.Context, query GetTeamQuery) (mode } // ListTeams ... -func (c *teamsController) ListTeams(ctx context.Context, query ListTeamsQuery) (models.Pagination[models.Team], error) { - pagination := models.Pagination[models.Team]{ +func (c *teamsController) ListTeams(ctx context.Context, query ListTeamsQuery) (models.Pagination[authz.Team], error) { + pagination := models.Pagination[authz.Team]{ Offset: query.Offset, Limit: query.Limit, Search: query.Search, diff --git a/internal/api/models/allow.go b/internal/api/models/allow.go deleted file mode 100644 index 952f1ab9..00000000 --- a/internal/api/models/allow.go +++ /dev/null @@ -1,39 +0,0 @@ -package models - -import ( - "time" - - "github.com/google/uuid" - "gorm.io/gorm" -) - -// AllowableType is a polymorphic type for allow. -type AllowableType string - -// OwnableType are the different types of ownable resources. -const ( - // TeamAllowable is a team. - TeamAllowable AllowableType = "team" - // UserAllowable is a user. - UserAllowable AllowableType = "user" -) - -// Allow ... -type Allow struct { - // ID is the unique identifier for the ownership. - ID int `json:"id" gorm:"primary_key"` - // AllowableID is the unique identifier for the resource allowed to. - AllowableID uuid.UUID `json:"owner_id"` - // AllowableType is the type of the resource that is allowed to. - AllowableType string `json:"owner_type"` - // TeamID is the . - TeamID uuid.UUID `json:"team_id"` - // Team is the team that is allowed to. - Team Team `json:"team" gorm:"foreignKey:TeamID"` - // CreatedAt is the time the ownership was created. - CreatedAt time.Time `json:"created_at"` - // UpdatedAt is the time the ownership was updated. - UpdatedAt time.Time `json:"updated_at"` - // DeletedAt is the time the ownership was deleted. - DeletedAt gorm.DeletedAt `json:"deleted_at"` -} diff --git a/internal/api/models/ownership.go b/internal/api/models/ownership.go deleted file mode 100644 index 8d2f2d46..00000000 --- a/internal/api/models/ownership.go +++ /dev/null @@ -1,43 +0,0 @@ -package models - -import ( - "time" - - "github.com/google/uuid" - "gorm.io/gorm" -) - -// OwnableType is a polymorphic type for ownership. -type OwnableType string - -// OwnableType are the different types of ownable resources. -const ( - // SystemOwnable is a system. - SystemOwnable OwnableType = "system" - // AccountOwnable is an account. - AccountOwnable OwnableType = "account" - // OperatorOwnable is an operator. - OperatorOwnable OwnableType = "operator" - // UserOwnable is a user. - UserOwnable OwnableType = "user" -) - -// Ownership ... -type Ownership struct { - // ID is the unique identifier for the ownership. - ID int `json:"id" gorm:"primary_key"` - // OwnableID is the unique identifier for . - OwnableID uuid.UUID `json:"owner_id"` - // OwnableType is the type of the owner. - OwnableType string `json:"owner_type"` - // TeamID is the identifier of the team. - TeamID uuid.UUID `json:"team_id"` - // Team is the team that this is owned by. - Team Team `json:"team" gorm:"foreignKey:TeamID"` - // CreatedAt is the time the ownership was created. - CreatedAt time.Time `json:"created_at"` - // UpdatedAt is the time the ownership was updated. - UpdatedAt time.Time `json:"updated_at"` - // DeletedAt is the time the ownership was deleted. - DeletedAt gorm.DeletedAt `json:"deleted_at"` -} diff --git a/internal/api/models/system.go b/internal/api/models/system.go index 87a1d65b..c0d3d1a9 100644 --- a/internal/api/models/system.go +++ b/internal/api/models/system.go @@ -25,23 +25,13 @@ type System struct { Name string `json:"name" gorm:"unique" validate:"required,min=3,max=128"` // Description is the description of the system. Description string `json:"description" validate:"max=1024"` - // Clusters is the clusters that are associated with the system. Clusters []Cluster `json:"clusters" gorm:"foreignKey:SystemID"` - // Operator is the operator this is associated with this system to operate. Operator Operator `json:"operator" gorm:"foreignKey:OperatorID"` OperatorID uuid.UUID `json:"operator_id"` - // Tags is the tags that are associated with the system. Tags []*Tag `json:"tags" gorm:"polymorphic:Taggable;polymorphicValue:system;"` - - // OwnedBy is the owner of the account. This is usually a team. - OwnedBy Ownership `json:"owned_by" gorm:"polymorphic:Ownable;polymorphicValue:system;"` - - // AllowedBy is the allowed by of the account. This is usually a team. - AllowedBy []Allow `json:"allowed_by" gorm:"polymorphic:Allowable;polymorphicValue:system;"` - // CreatedAt is the time the system was created. CreatedAt time.Time `json:"created_at"` // UpdatedAt is the time the system was updated. diff --git a/internal/api/models/team.go b/internal/api/models/team.go deleted file mode 100644 index 818afd15..00000000 --- a/internal/api/models/team.go +++ /dev/null @@ -1,12 +0,0 @@ -package models - -import ( - authz "github.com/zeiss/fiber-authz" -) - -// Team ... -type Team struct { - *authz.Team - // The systems that the teams have access to. - Systems []*System `gorm:"many2many:team_systems;"` -} diff --git a/internal/api/ports/teams.go b/internal/api/ports/teams.go index f807e773..526ae0c0 100644 --- a/internal/api/ports/teams.go +++ b/internal/api/ports/teams.go @@ -3,17 +3,18 @@ package ports import ( "context" + authz "github.com/zeiss/fiber-authz" "github.com/zeiss/typhoon/internal/api/models" ) // Teams is the interface that wraps the methods to access data. type Teams interface { // CreateTeam creates a new team. - CreateTeam(ctx context.Context, team *models.Team) error + CreateTeam(ctx context.Context, team *authz.Team) error // GetTeam returns the team with the given id. - GetTeam(ctx context.Context, team *models.Team) error + GetTeam(ctx context.Context, team *authz.Team) error // DeleteTeam deletes the team with the given id. - DeleteTeam(ctx context.Context, team *models.Team) error + DeleteTeam(ctx context.Context, team *authz.Team) error // ListTeams returns all teams. - ListTeams(ctx context.Context, pagination *models.Pagination[models.Team]) error + ListTeams(ctx context.Context, pagination *models.Pagination[authz.Team]) error } diff --git a/pkg/apis/dto/teams.go b/pkg/apis/dto/teams.go index 6c6b66b2..cdf425c2 100644 --- a/pkg/apis/dto/teams.go +++ b/pkg/apis/dto/teams.go @@ -1,6 +1,7 @@ package dto import ( + authz "github.com/zeiss/fiber-authz" "github.com/zeiss/typhoon/internal/api/controllers" "github.com/zeiss/typhoon/internal/api/models" "github.com/zeiss/typhoon/internal/utils" @@ -16,7 +17,7 @@ func FromCreateTeamRequest(req openapi.CreateTeamRequestObject) controllers.Crea } // ToCreateTeamResponse ... -func ToCreateTeamResponse(team models.Team) openapi.CreateTeam201JSONResponse { +func ToCreateTeamResponse(team authz.Team) openapi.CreateTeam201JSONResponse { res := openapi.CreateTeam201JSONResponse{} res.Id = utils.PtrUUID(team.ID) res.Name = team.Name @@ -35,7 +36,7 @@ func FromGetTeamRequest(req openapi.GetTeamRequestObject) controllers.GetTeamQue } // ToGetTeamResponse ... -func ToGetTeamResponse(team models.Team) openapi.GetTeam200JSONResponse { +func ToGetTeamResponse(team authz.Team) openapi.GetTeam200JSONResponse { res := openapi.GetTeam200JSONResponse{} res.Id = utils.PtrUUID(team.ID) res.Name = team.Name @@ -65,7 +66,7 @@ func FromListTeamsRequest(req openapi.ListTeamsRequestObject) controllers.ListTe } // ToListTeamsResponse ... -func ToListTeamsResponse(pagination models.Pagination[models.Team]) openapi.ListTeams200JSONResponse { +func ToListTeamsResponse(pagination models.Pagination[authz.Team]) openapi.ListTeams200JSONResponse { res := openapi.ListTeams200JSONResponse{} res.Limit = utils.PtrInt(pagination.Limit) res.Offset = utils.PtrInt(pagination.Offset)