Skip to content

Commit

Permalink
in jws domain object return service resource ownership (#2613)
Browse files Browse the repository at this point in the history
* in jws domain object return service resource ownership

Signed-off-by: Henry Avetisyan <hga@yahooinc.com>

* allow zms-cli just pass empty string to reset resource ownership

Signed-off-by: Henry Avetisyan <hga@yahooinc.com>

---------

Signed-off-by: Henry Avetisyan <hga@yahooinc.com>
Co-authored-by: Henry Avetisyan <hga@yahooinc.com>
  • Loading branch information
havetisyan and havetisyan authored May 10, 2024
1 parent 3633f0e commit e74c7a9
Show file tree
Hide file tree
Showing 5 changed files with 76 additions and 70 deletions.
26 changes: 14 additions & 12 deletions libs/go/zmscli/domain.go
Original file line number Diff line number Diff line change
Expand Up @@ -1381,18 +1381,20 @@ func (cli Zms) GetAuthHistoryDependencies(dn string) (*string, error) {

func (cli Zms) SetDomainResourceOwnership(dn, resourceOwner string) (*string, error) {
resourceOwnership := zms.ResourceDomainOwnership{}
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "metaowner" {
resourceOwnership.MetaOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
if resourceOwner != "" {
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "metaowner" {
resourceOwnership.MetaOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
}
}
}
err := cli.Zms.PutResourceDomainOwnership(zms.DomainName(dn), cli.AuditRef, &resourceOwnership)
Expand Down
26 changes: 14 additions & 12 deletions libs/go/zmscli/policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -511,18 +511,20 @@ func (cli Zms) ShowPolicies(dn string, tagKey string, tagValue string) (*string,

func (cli Zms) SetPolicyResourceOwnership(dn, pn, resourceOwner string) (*string, error) {
resourceOwnership := zms.ResourcePolicyOwnership{}
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "assertionsowner" {
resourceOwnership.AssertionsOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
if resourceOwner != "" {
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "assertionsowner" {
resourceOwnership.AssertionsOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
}
}
}
err := cli.Zms.PutResourcePolicyOwnership(zms.DomainName(dn), zms.EntityName(pn), cli.AuditRef, &resourceOwnership)
Expand Down
30 changes: 16 additions & 14 deletions libs/go/zmscli/role.go
Original file line number Diff line number Diff line change
Expand Up @@ -985,20 +985,22 @@ func (cli Zms) PutMembershipDecision(dn string, rn string, mbr string, approval

func (cli Zms) SetRoleResourceOwnership(dn, rn, resourceOwner string) (*string, error) {
resourceOwnership := zms.ResourceRoleOwnership{}
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "membersowner" {
resourceOwnership.MembersOwner = zms.SimpleName(parts[1])
} else if parts[0] == "metaowner" {
resourceOwnership.MetaOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
if resourceOwner != "" {
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "membersowner" {
resourceOwnership.MembersOwner = zms.SimpleName(parts[1])
} else if parts[0] == "metaowner" {
resourceOwnership.MetaOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
}
}
}
err := cli.Zms.PutResourceRoleOwnership(zms.DomainName(dn), zms.EntityName(rn), cli.AuditRef, &resourceOwnership)
Expand Down
30 changes: 16 additions & 14 deletions libs/go/zmscli/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -486,20 +486,22 @@ func (cli Zms) DeleteService(dn string, sn string) (*string, error) {

func (cli Zms) SetServiceResourceOwnership(dn, sn, resourceOwner string) (*string, error) {
resourceOwnership := zms.ResourceServiceIdentityOwnership{}
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "publickeysowner" {
resourceOwnership.PublicKeysOwner = zms.SimpleName(parts[1])
} else if parts[0] == "hostsowner" {
resourceOwnership.HostsOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
if resourceOwner != "" {
fields := strings.Split(resourceOwner, ",")
for _, field := range fields {
parts := strings.Split(field, ":")
if len(parts) != 2 {
return nil, errors.New("invalid resource owner format")
}
if parts[0] == "objectowner" {
resourceOwnership.ObjectOwner = zms.SimpleName(parts[1])
} else if parts[0] == "publickeysowner" {
resourceOwnership.PublicKeysOwner = zms.SimpleName(parts[1])
} else if parts[0] == "hostsowner" {
resourceOwnership.HostsOwner = zms.SimpleName(parts[1])
} else {
return nil, errors.New("invalid resource owner format")
}
}
}
err := cli.Zms.PutResourceServiceIdentityOwnership(zms.DomainName(dn), zms.SimpleName(sn), cli.AuditRef, &resourceOwnership)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3384,16 +3384,7 @@ public ServiceIdentity getServiceIdentity(String domainName, String serviceName)
ps.setString(2, serviceName);
try (ResultSet rs = executeQuery(ps, caller)) {
if (rs.next()) {

return new ServiceIdentity()
.setName(ResourceUtils.serviceResourceName(domainName, serviceName))
.setDescription(saveValue(rs.getString(ZMSConsts.DB_COLUMN_DESCRIPTION)))
.setModified(Timestamp.fromMillis(rs.getTimestamp(ZMSConsts.DB_COLUMN_MODIFIED).getTime()))
.setProviderEndpoint(saveValue(rs.getString(ZMSConsts.DB_COLUMN_PROVIDER_ENDPOINT)))
.setExecutable(saveValue(rs.getString(ZMSConsts.DB_COLUMN_EXECUTABLE)))
.setUser(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_USER)))
.setGroup(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_GROUP)))
.setResourceOwnership(ResourceOwnership.getResourceServiceOwnership(rs.getString(ZMSConsts.DB_COLUMN_RESOURCE_OWNER)));
return saveServiceIdentitySettings(domainName, serviceName, rs);
}
}
} catch (SQLException ex) {
Expand All @@ -3402,6 +3393,20 @@ public ServiceIdentity getServiceIdentity(String domainName, String serviceName)
return null;
}

ServiceIdentity saveServiceIdentitySettings(final String domainName, final String serviceName,
ResultSet rs) throws SQLException {

return new ServiceIdentity()
.setName(ResourceUtils.serviceResourceName(domainName, serviceName))
.setDescription(saveValue(rs.getString(ZMSConsts.DB_COLUMN_DESCRIPTION)))
.setModified(Timestamp.fromMillis(rs.getTimestamp(ZMSConsts.DB_COLUMN_MODIFIED).getTime()))
.setProviderEndpoint(saveValue(rs.getString(ZMSConsts.DB_COLUMN_PROVIDER_ENDPOINT)))
.setExecutable(saveValue(rs.getString(ZMSConsts.DB_COLUMN_EXECUTABLE)))
.setUser(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_USER)))
.setGroup(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_GROUP)))
.setResourceOwnership(ResourceOwnership.getResourceServiceOwnership(rs.getString(ZMSConsts.DB_COLUMN_RESOURCE_OWNER)));
}

int processInsertValue(Integer value) {
return (value == null) ? 0 : value;
}
Expand Down Expand Up @@ -4334,14 +4339,7 @@ void getAthenzDomainServices(String domainName, int domainId, AthenzDomain athen
try (ResultSet rs = executeQuery(ps, caller)) {
while (rs.next()) {
String serviceName = rs.getString(ZMSConsts.DB_COLUMN_NAME);
ServiceIdentity service = new ServiceIdentity()
.setName(ResourceUtils.serviceResourceName(domainName, serviceName))
.setProviderEndpoint(saveValue(rs.getString(ZMSConsts.DB_COLUMN_PROVIDER_ENDPOINT)))
.setDescription(saveValue(rs.getString(ZMSConsts.DB_COLUMN_DESCRIPTION)))
.setExecutable(saveValue(rs.getString(ZMSConsts.DB_COLUMN_EXECUTABLE)))
.setUser(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_USER)))
.setGroup(saveValue(rs.getString(ZMSConsts.DB_COLUMN_SVC_GROUP)))
.setModified(Timestamp.fromMillis(rs.getTimestamp(ZMSConsts.DB_COLUMN_MODIFIED).getTime()));
ServiceIdentity service = saveServiceIdentitySettings(domainName, serviceName, rs);
List<PublicKeyEntry> publicKeys = new ArrayList<>();
service.setPublicKeys(publicKeys);
serviceMap.put(serviceName, service);
Expand Down

0 comments on commit e74c7a9

Please sign in to comment.