Merge pull request #298 from NorskHelsenett/feature/move-rorresourceo…

…wner-to-separate-package Feature/move rorresourceowner to separate package
NorskHelsenett · Jan 21, 2025 · 42a92ea · 42a92ea
2 parents 01ab604 + e09b310
commit 42a92ea
Show file tree

Hide file tree

Showing 12 changed files with 91 additions and 39 deletions.
diff --git a/docs/rorclient/getting-started.md b/docs/rorclient/getting-started.md
@@ -131,7 +131,7 @@ func (r *RorClient) UpdateVms(ctx context.Context, vmResources []*rortypes.Resou
 		names = append(names, vm.Name)
 		res := rorresources.NewRorResource("VirtualMachine", "general.ror.internal/v1alpha1")
 
-		res.RorMeta.Ownerref = rortypes.RorResourceOwnerReference{
+		res.RorMeta.Ownerref = rorresourceowner.RorResourceOwnerReference{
 			Scope:   aclmodels.Acl2ScopeRor,
 			Subject: aclmodels.Acl2RorSubjectGlobal,
 		}

diff --git a/pkg/apicontracts/apiresourcecontracts/resource_models.go b/pkg/apicontracts/apiresourcecontracts/resource_models.go
@@ -23,7 +23,7 @@ const (
 	ResourceVersionV2 ResourceVersion = "v2"
 )
 
-// Deprecated: Use rortypes.RorResourceOwnerReference instead
+// Deprecated: Use rorresourceowner.RorResourceOwnerReference instead
 // The ResourceOwnerReference or ownereref references the owner og a resource.
 // Its used to chek acl and select resources for valid Scopes.
 type ResourceOwnerReference struct {

diff --git a/pkg/apicontracts/apiresourcecontracts/resourcedef_vulnerabilityevent.go b/pkg/apicontracts/apiresourcecontracts/resourcedef_vulnerabilityevent.go
@@ -1,6 +1,6 @@
 package apiresourcecontracts
 
-import "github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
+import "github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 
 type ResourceVulnerabilityEvent struct {
 	ApiVersion string                         `json:"apiVersion"`
@@ -10,6 +10,6 @@ type ResourceVulnerabilityEvent struct {
 }
 
 type ResourceVulnerabilityEventSpec struct {
-	Owner   rortypes.RorResourceOwnerReference `json:"owner"`
-	Message string                             `json:"message"`
+	Owner   rorresourceowner.RorResourceOwnerReference `json:"owner"`
+	Message string                                     `json:"message"`
 }
diff --git a/pkg/apicontracts/apiresourcecontracts/resourcedef_vulnerabilitywhitelist.go b/pkg/apicontracts/apiresourcecontracts/resourcedef_vulnerabilitywhitelist.go
@@ -1,6 +1,6 @@
 package apiresourcecontracts
 
-import "github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
+import "github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 
 type ResourceVulnerabilityWhitelist struct {
 	ApiVersion string                             `json:"apiVersion"`
@@ -10,6 +10,6 @@ type ResourceVulnerabilityWhitelist struct {
 }
 
 type ResourceVulnerabilityWhitelistSpec struct {
-	Owner   rortypes.RorResourceOwnerReference `json:"owner"`
-	Message string                             `json:"message"`
+	Owner   rorresourceowner.RorResourceOwnerReference `json:"owner"`
+	Message string                                     `json:"message"`
 }
diff --git a/pkg/clients/rorclient/transports/resttransport/v1/resources/hashes.go b/pkg/clients/rorclient/transports/resttransport/v1/resources/hashes.go
@@ -3,10 +3,10 @@ package resources
 import (
 	"github.com/NorskHelsenett/ror/pkg/apicontracts/apiresourcecontracts"
 	"github.com/NorskHelsenett/ror/pkg/clients/rorclient/transports/resttransport/httpclient"
-	"github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 )
 
-func (c *V1Client) GetHashList(ownerref rortypes.RorResourceOwnerReference) (apiresourcecontracts.HashList, error) {
+func (c *V1Client) GetHashList(ownerref rorresourceowner.RorResourceOwnerReference) (apiresourcecontracts.HashList, error) {
 	var hashList apiresourcecontracts.HashList
 	params := []httpclient.HttpTransportClientParams{
 		{Key: httpclient.HttpTransportClientOptsQuery, Value: ownerref.GetQueryParams()},

diff --git a/pkg/clients/rorclient/v1/resources/resources.go b/pkg/clients/rorclient/v1/resources/resources.go
@@ -3,14 +3,14 @@ package resources
 import (
 	"github.com/NorskHelsenett/ror/pkg/apicontracts/apiresourcecontracts"
 	aclmodels "github.com/NorskHelsenett/ror/pkg/models/aclmodels"
-	"github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 )
 
 type ResourceInterface interface {
 	GetClusterOrderByUid(uid string, ownerSubject aclmodels.Acl2Subject, scope aclmodels.Acl2Scope) (*apiresourcecontracts.ResourceClusterOrder, error)
 	GetClusterOrders(ownerSubject aclmodels.Acl2Subject, scope aclmodels.Acl2Scope) ([]*apiresourcecontracts.ResourceClusterOrder, error)
 	UpdateClusterOrder(clusterOrder *apiresourcecontracts.ResourceUpdateModel) error
-	GetHashList(ownerref rortypes.RorResourceOwnerReference) (apiresourcecontracts.HashList, error)
+	GetHashList(ownerref rorresourceowner.RorResourceOwnerReference) (apiresourcecontracts.HashList, error)
 	GetTanzuKubernetesClusterByUid(uid, ownerSubject string, scope aclmodels.Acl2Scope) (*apiresourcecontracts.ResourceTanzuKubernetesCluster, error)
 
 	GetApplicationByUid(uid, ownerSubject string, scope aclmodels.Acl2Scope) (*apiresourcecontracts.ResourceApplication, error)

diff --git a/pkg/config/rorclientconfig/rorconfig.go b/pkg/config/rorclientconfig/rorconfig.go
@@ -19,7 +19,7 @@ import (
 	"github.com/NorskHelsenett/ror/pkg/config/rorversion"
 
 	aclmodels "github.com/NorskHelsenett/ror/pkg/models/aclmodels"
-	"github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 
 	"github.com/NorskHelsenett/ror/pkg/rlog"
 )
@@ -249,8 +249,8 @@ func (a *RorClientConfig) GetRorClient() *rorclient.RorClient {
 	return a.rorClient
 }
 
-func (a *RorClientConfig) CreateOwnerref() rortypes.RorResourceOwnerReference {
-	return rortypes.RorResourceOwnerReference{
+func (a *RorClientConfig) CreateOwnerref() rorresourceowner.RorResourceOwnerReference {
+	return rorresourceowner.RorResourceOwnerReference{
 		Scope:   aclmodels.Acl2ScopeCluster,
 		Subject: aclmodels.Acl2Subject(a.GetClusterId()),
 	}

diff --git a/pkg/models/aclmodels/rorresourceowner/types.go b/pkg/models/aclmodels/rorresourceowner/types.go
@@ -0,0 +1,48 @@
+package rorresourceowner
+
+import (
+	"errors"
+
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels"
+)
+
+var (
+	// aclmodels.ErrInvalidScope is returned when the scope is invalid
+	ErrInvalidScope   = errors.New("invalid scope")
+	ErrInvalidSubject = errors.New("invalid subject")
+)
+
+// The RorResourceOwnerReference or ownereref references the owner og a resource.
+// Its used to chek acl and select resources for valid Scopes.
+type RorResourceOwnerReference struct {
+	Scope   aclmodels.Acl2Scope   `json:"scope"`   // cluster, workspace,...
+	Subject aclmodels.Acl2Subject `json:"subject"` // ror id eg clusterId or workspaceName
+}
+
+// Validate validates the ResourceOwnerReference
+func (r *RorResourceOwnerReference) Validate() (bool, error) {
+	if r.Scope == "" {
+		return false, ErrInvalidScope
+	}
+	if r.Subject == "" {
+		return false, ErrInvalidSubject
+	}
+	if !r.Scope.IsValid() {
+		return false, ErrInvalidScope
+	}
+	if !r.Subject.HasValidScope(r.Scope) {
+		return false, ErrInvalidScope
+	}
+	return true, nil
+}
+
+func (r RorResourceOwnerReference) String() string {
+	return string(r.Scope) + ":" + string(r.Subject)
+}
+
+func (r RorResourceOwnerReference) GetQueryParams() map[string]string {
+	response := make(map[string]string)
+	response["ownerScope"] = string(r.Scope)
+	response["ownerSubject"] = string(r.Subject)
+	return response
+}
diff --git a/pkg/rorresources/resourcequery.go b/pkg/rorresources/resourcequery.go
@@ -4,8 +4,9 @@ import (
 	"cmp"
 	"slices"
 
-	"github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 )
 
 const (
@@ -42,15 +43,15 @@ type ResourceQueryOrder struct {
 }
 
 type ResourceQuery struct {
-	VersionKind      schema.GroupVersionKind              `json:"versionkind,omitempty"`      // memory
-	Uids             []string                             `json:"uids,omitempty"`             // memory
-	OwnerRefs        []rortypes.RorResourceOwnerReference `json:"ownerrefs,omitempty"`        // memory
-	Fields           []string                             `json:"fields,omitempty"`           // post or db
-	Order            []ResourceQueryOrder                 `json:"order,omitempty"`            // post or db
-	Filters          []ResourceQueryFilter                `json:"filters,omitempty"`          // db
-	Offset           int                                  `json:"offset,omitempty"`           // post or db
-	Limit            int                                  `json:"limit,omitempty"`            // post or db
-	RelatedResources []ResourceQuery                      `json:"relatedresources,omitempty"` // memory or db
+	VersionKind      schema.GroupVersionKind                      `json:"versionkind,omitempty"`      // memory
+	Uids             []string                                     `json:"uids,omitempty"`             // memory
+	OwnerRefs        []rorresourceowner.RorResourceOwnerReference `json:"ownerrefs,omitempty"`        // memory
+	Fields           []string                                     `json:"fields,omitempty"`           // post or db
+	Order            []ResourceQueryOrder                         `json:"order,omitempty"`            // post or db
+	Filters          []ResourceQueryFilter                        `json:"filters,omitempty"`          // db
+	Offset           int                                          `json:"offset,omitempty"`           // post or db
+	Limit            int                                          `json:"limit,omitempty"`            // post or db
+	RelatedResources []ResourceQuery                              `json:"relatedresources,omitempty"` // memory or db
 }
 
 func NewResourceQuery() *ResourceQuery {

diff --git a/pkg/rorresources/resourceset.go b/pkg/rorresources/resourceset.go
@@ -3,9 +3,8 @@ package rorresources
 import (
 	"encoding/json"
 
-	"github.com/NorskHelsenett/ror/pkg/rorresources/rortypes"
-
 	"github.com/NorskHelsenett/ror/pkg/helpers/stringhelper"
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 	"github.com/NorskHelsenett/ror/pkg/rlog"
 )
 
@@ -159,7 +158,7 @@ func (r *ResourceSet) FilterByAPIVersionKind(apiVersion string, kind string) *Re
 }
 
 // FilterByOwnerReference returns a ResourceSet filtered by ownerreference.
-func (r *ResourceSet) FilterByOwnerReference(ownerRef rortypes.RorResourceOwnerReference) *ResourceSet {
+func (r *ResourceSet) FilterByOwnerReference(ownerRef rorresourceowner.RorResourceOwnerReference) *ResourceSet {
 	var response ResourceSet
 
 	for _, resource := range r.Resources {

diff --git a/pkg/rorresources/rortypes/resource_common_models.go b/pkg/rorresources/rortypes/resource_common_models.go
@@ -4,8 +4,8 @@ package rortypes
 import (
 	"errors"
 
-	aclmodels "github.com/NorskHelsenett/ror/pkg/models/aclmodels"
-
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels"
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -38,13 +38,13 @@ type CommonResource struct {
 
 // ResourceRorMeta represents the metadata stored by ror
 type ResourceRorMeta struct {
-	Version      string                    `json:"version,omitempty"`
-	LastReported string                    `json:"lastReported,omitempty"`
-	Internal     bool                      `json:"internal,omitempty"`
-	Hash         string                    `json:"hash,omitempty"`
-	Ownerref     RorResourceOwnerReference `json:"ownerref,omitempty"`
-	Action       ResourceAction            `json:"action,omitempty"`
-	Tags         []ResourceTag             `json:"tags,omitempty"`
+	Version      string                                     `json:"version,omitempty"`
+	LastReported string                                     `json:"lastReported,omitempty"`
+	Internal     bool                                       `json:"internal,omitempty"`
+	Hash         string                                     `json:"hash,omitempty"`
+	Ownerref     rorresourceowner.RorResourceOwnerReference `json:"ownerref,omitempty"`
+	Action       ResourceAction                             `json:"action,omitempty"`
+	Tags         []ResourceTag                              `json:"tags,omitempty"`
 }
 
 type ResourceTag struct {

diff --git a/pkg/rorresources/rortypes/resourcedef_vulnerabilityevent.go b/pkg/rorresources/rortypes/resourcedef_vulnerabilityevent.go
@@ -1,10 +1,14 @@
 package rortypes
 
+import (
+	"github.com/NorskHelsenett/ror/pkg/models/aclmodels/rorresourceowner"
+)
+
 type ResourceVulnerabilityEvent struct {
 	Spec ResourceVulnerabilityEventSpec `json:"spec"`
 }
 
 type ResourceVulnerabilityEventSpec struct {
-	Owner   RorResourceOwnerReference `json:"owner"`
-	Message string                    `json:"message"`
+	Owner   rorresourceowner.RorResourceOwnerReference `json:"owner"`
+	Message string                                     `json:"message"`
 }