Increase scope coverage

Signed-off-by: nyagamunene <[email protected]>
absmach · Nov 7, 2024 · 2b465a8 · 2b465a8
1 parent c939889
commit 2b465a8
Show file tree

Hide file tree

Showing 2 changed files with 105 additions and 19 deletions.
diff --git a/auth/bolt/pat.go b/auth/bolt/pat.go
@@ -468,6 +468,24 @@ func scopeToKeyValue(scope auth.Scope) (map[string][]byte, error) {
 			kv[k] = v
 		}
 	}
+	for opType, scopeValue := range scope.Dashboard {
+		tempKV, err := scopeEntryToKeyValue(auth.PlatformDashBoardScope, "", auth.DomainNullScope, opType, scopeValue.Values()...)
+		if err != nil {
+			return nil, err
+		}
+		for k, v := range tempKV {
+			kv[k] = v
+		}
+	}
+	for opType, scopeValue := range scope.Messaging {
+		tempKV, err := scopeEntryToKeyValue(auth.PlatformMesagingScope, "", auth.DomainNullScope, opType, scopeValue.Values()...)
+		if err != nil {
+			return nil, err
+		}
+		for k, v := range tempKV {
+			kv[k] = v
+		}
+	}
 	for domainID, domainScope := range scope.Domains {
 		for opType, scopeValue := range domainScope.DomainManagement {
 			tempKV, err := scopeEntryToKeyValue(auth.PlatformDomainsScope, domainID, auth.DomainManagementScope, opType, scopeValue.Values()...)
@@ -534,6 +552,10 @@ func scopeRootKey(platformEntityType auth.PlatformEntityType, optionalDomainID s
 	switch platformEntityType {
 	case auth.PlatformUsersScope:
 		rootKey.WriteString(op)
+	case auth.PlatformDashBoardScope:
+		rootKey.WriteString(op)
+	case auth.PlatformMesagingScope:
+		rootKey.WriteString(op)
 	case auth.PlatformDomainsScope:
 		if optionalDomainID == "" {
 			return "", fmt.Errorf("failed to add platform %s scope: invalid domain id", platformEntityType.String())
@@ -613,6 +635,18 @@ func parseKeyValueToScope(kv map[string][]byte) (auth.Scope, error) {
 					return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err)
 				}
 
+			case auth.PlatformDashBoardScope:
+				scope.Dashboard, err = parseOperation(platformEntityType, scope.Dashboard, key, keyParts, value)
+				if err != nil {
+					return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err)
+				}
+
+			case auth.PlatformMesagingScope:
+				scope.Messaging, err = parseOperation(platformEntityType, scope.Messaging, key, keyParts, value)
+				if err != nil {
+					return auth.Scope{}, errors.Wrap(repoerr.ErrViewEntity, err)
+				}
+
 			case auth.PlatformDomainsScope:
 				if len(keyParts) < 6 {
 					return auth.Scope{}, fmt.Errorf("invalid scope key format: %s", key)
@@ -724,7 +758,7 @@ func validateOperation(platformEntityType auth.PlatformEntityType, opScope auth.
 		switch platformEntityType {
 		case auth.PlatformDomainsScope:
 			expectedKeyPartsLength = 7
-		case auth.PlatformUsersScope:
+		case auth.PlatformUsersScope, auth.PlatformDashBoardScope, auth.PlatformMesagingScope:
 			expectedKeyPartsLength = 5
 		default:
 			return fmt.Errorf("invalid platform entity type : %s", platformEntityType.String())
@@ -733,7 +767,7 @@ func validateOperation(platformEntityType auth.PlatformEntityType, opScope auth.
 		switch platformEntityType {
 		case auth.PlatformDomainsScope:
 			expectedKeyPartsLength = 6
-		case auth.PlatformUsersScope:
+		case auth.PlatformUsersScope, auth.PlatformDashBoardScope, auth.PlatformMesagingScope:
 			expectedKeyPartsLength = 4
 		default:
 			return fmt.Errorf("invalid platform entity type : %s", platformEntityType.String())

diff --git a/auth/pat.go b/auth/pat.go
@@ -23,14 +23,22 @@ const (
 	ListOp
 	UpdateOp
 	DeleteOp
+	ShareOp
+	UnshareOp
+	PublishOp
+	SubscribeOp
 )
 
 const (
-	createOpStr = "create"
-	readOpStr   = "read"
-	listOpStr   = "list"
-	updateOpStr = "update"
-	deleteOpStr = "delete"
+	createOpStr    = "create"
+	readOpStr      = "read"
+	listOpStr      = "list"
+	updateOpStr    = "update"
+	deleteOpStr    = "delete"
+	shareOpStr     = "share"
+	UnshareOpStr   = "unshare"
+	PublishOpStr   = "publish"
+	SubscribeOpStr = "subscribe"
 )
 
 func (ot OperationType) String() string {
@@ -45,6 +53,14 @@ func (ot OperationType) String() string {
 		return updateOpStr
 	case DeleteOp:
 		return deleteOpStr
+	case ShareOp:
+		return shareOpStr
+	case UnshareOp:
+		return UnshareOpStr
+	case PublishOp:
+		return PublishOpStr
+	case SubscribeOp:
+		return SubscribeOpStr
 	default:
 		return fmt.Sprintf("unknown operation type %d", ot)
 	}
@@ -70,6 +86,14 @@ func ParseOperationType(ot string) (OperationType, error) {
 		return UpdateOp, nil
 	case deleteOpStr:
 		return DeleteOp, nil
+	case shareOpStr:
+		return ShareOp, nil
+	case UnshareOpStr:
+		return UnshareOp, nil
+	case PublishOpStr:
+		return PublishOp, nil
+	case SubscribeOpStr:
+		return SubscribeOp, nil
 	default:
 		return 0, fmt.Errorf("unknown operation type %s", ot)
 	}
@@ -163,11 +187,15 @@ type PlatformEntityType uint32
 const (
 	PlatformUsersScope PlatformEntityType = iota
 	PlatformDomainsScope
+	PlatformDashBoardScope
+	PlatformMesagingScope
 )
 
 const (
-	platformUsersScopeStr   = "users"
-	platformDomainsScopeStr = "domains"
+	platformUsersScopeStr     = "users"
+	platformDomainsScopeStr   = "domains"
+	PlatformDashBoardScopeStr = "dashboard"
+	PlatformMesagingScopeStr  = "messaging"
 )
 
 func (pet PlatformEntityType) String() string {
@@ -176,6 +204,10 @@ func (pet PlatformEntityType) String() string {
 		return platformUsersScopeStr
 	case PlatformDomainsScope:
 		return platformDomainsScopeStr
+	case PlatformDashBoardScope:
+		return PlatformDashBoardScopeStr
+	case PlatformMesagingScope:
+		return PlatformMesagingScopeStr
 	default:
 		return fmt.Sprintf("unknown platform entity type %d", pet)
 	}
@@ -501,14 +533,12 @@ func (ds *DomainScope) Check(domainEntityType DomainEntityType, operation Operat
 // Example Scope as JSON
 //
 //	{
-//	    "platform": {
-//	        "users": {
-//	            "create": {},
-//	            "read": {},
-//	            "list": {},
-//	            "update": {},
-//	            "delete": {}
-//	        }
+//	    "users": {
+//	            "create": ["*"],
+//	            "read": ["*"],
+//	            "list": ["*"],
+//	            "update": ["*"],
+//	            "delete": ["*"]
 //	    },
 //	    "domains": {
 //	        "domain_1": {
@@ -531,8 +561,10 @@ func (ds *DomainScope) Check(domainEntityType DomainEntityType, operation Operat
 //	    }
 //	}
 type Scope struct {
-	Users   OperationScope         `json:"users,omitempty"`
-	Domains map[string]DomainScope `json:"domains,omitempty"`
+	Users     OperationScope         `json:"users,omitempty"`
+	Domains   map[string]DomainScope `json:"domains,omitempty"`
+	Dashboard OperationScope         `json:"dashboard,omitempty"`
+	Messaging OperationScope         `json:"messaging,omitempty"`
 }
 
 // Add entry in Domain scope.
@@ -545,6 +577,14 @@ func (s *Scope) Add(platformEntityType PlatformEntityType, optionalDomainID stri
 		if err := s.Users.Add(operation, entityIDs...); err != nil {
 			return fmt.Errorf("failed to add platform %s scope: %w", platformEntityType.String(), err)
 		}
+	case PlatformDashBoardScope:
+		if err := s.Dashboard.Add(operation, entityIDs...); err != nil {
+			return fmt.Errorf("failed to add platform %s scope: %w", platformEntityType.String(), err)
+		}
+	case PlatformMesagingScope:
+		if err := s.Messaging.Add(operation, entityIDs...); err != nil {
+			return fmt.Errorf("failed to add platform %s scope: %w", platformEntityType.String(), err)
+		}
 	case PlatformDomainsScope:
 		if optionalDomainID == "" {
 			return fmt.Errorf("failed to add platform %s scope: invalid domain id", platformEntityType.String())
@@ -577,6 +617,14 @@ func (s *Scope) Delete(platformEntityType PlatformEntityType, optionalDomainID s
 		if err := s.Users.Delete(operation, entityIDs...); err != nil {
 			return fmt.Errorf("failed to delete platform %s scope: %w", platformEntityType.String(), err)
 		}
+	case PlatformDashBoardScope:
+		if err := s.Dashboard.Delete(operation, entityIDs...); err != nil {
+			return fmt.Errorf("failed to delete platform %s scope: %w", platformEntityType.String(), err)
+		}
+	case PlatformMesagingScope:
+		if err := s.Messaging.Delete(operation, entityIDs...); err != nil {
+			return fmt.Errorf("failed to delete platform %s scope: %w", platformEntityType.String(), err)
+		}
 	case PlatformDomainsScope:
 		if optionalDomainID == "" {
 			return fmt.Errorf("failed to delete platform %s scope: invalid domain id", platformEntityType.String())
@@ -602,6 +650,10 @@ func (s *Scope) Check(platformEntityType PlatformEntityType, optionalDomainID st
 	switch platformEntityType {
 	case PlatformUsersScope:
 		return s.Users.Check(operation, entityIDs...)
+	case PlatformDashBoardScope:
+		return s.Dashboard.Check(operation, entityIDs...)
+	case PlatformMesagingScope:
+		return s.Messaging.Check(operation, entityIDs...)
 	case PlatformDomainsScope:
 		ds, ok := s.Domains[optionalDomainID]
 		if !ok {