Skip to content

Commit

Permalink
refact: to use go-dbw CreateItems, DeleteItems
Browse files Browse the repository at this point in the history
Latest version of go-dbw updated the signature of
CreateItems(...) and DeleteItems(...) on a happy
note this latest version of go-dbw actually does
batch inserts and updates for this functions.
  • Loading branch information
jimlambrt committed Jul 29, 2024
1 parent b0662db commit c6e3a49
Show file tree
Hide file tree
Showing 40 changed files with 421 additions and 414 deletions.
8 changes: 3 additions & 5 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ require (
github.com/hashicorp/vault/api v1.12.0
github.com/iancoleman/strcase v0.3.0
github.com/jackc/pgconn v1.14.3
github.com/jackc/pgx/v4 v4.18.3 // indirect
github.com/jefferai/keyring v1.1.7-0.20220316160357-58a74bb55891
github.com/kr/pretty v0.3.1
github.com/kr/text v0.2.0
Expand Down Expand Up @@ -82,7 +81,7 @@ require (
nhooyr.io/websocket v1.8.10
)

require github.com/hashicorp/go-dbw v0.1.3-0.20240312210008-7ed943176e5b
require github.com/hashicorp/go-dbw v0.1.4-0.20240728230619-2d5c356ada71

require (
github.com/DATA-DOG/go-sqlmock v1.5.2
Expand All @@ -96,7 +95,7 @@ require (
github.com/hashicorp/go-rate v0.0.0-20231204194614-cc8d401f70ab
github.com/hashicorp/go-version v1.6.0
github.com/hashicorp/nodeenrollment v0.2.13
github.com/jackc/pgx/v5 v5.5.5
github.com/jackc/pgx/v5 v5.6.0
github.com/jimlambrt/gldap v0.1.10
github.com/kelseyhightower/envconfig v1.4.0
github.com/miekg/dns v1.1.58
Expand All @@ -110,7 +109,7 @@ require (

require (
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/mattn/go-sqlite3 v2.0.1+incompatible // indirect
github.com/mattn/go-sqlite3 v1.14.22 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
modernc.org/libc v1.41.0 // indirect
modernc.org/mathutil v1.6.0 // indirect
Expand Down Expand Up @@ -190,7 +189,6 @@ require (
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgproto3/v2 v2.3.3 // indirect
github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 // indirect
github.com/jackc/pgtype v1.14.2 // indirect
github.com/jefferai/go-libsecret v0.0.0-20210525195240-b53481abef97 // indirect
github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f // indirect
github.com/jinzhu/gorm v1.9.16 // indirect
Expand Down
104 changes: 6 additions & 98 deletions go.sum

Large diffs are not rendered by default.

78 changes: 39 additions & 39 deletions internal/auth/ldap/auth_method.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,14 +141,14 @@ func (am *AuthMethod) oplog(ctx context.Context, opType oplog.OpType) (oplog.Met
}

type convertedValues struct {
Urls []any
Certs []any
UserEntrySearchConf any
GroupEntrySearchConf any
ClientCertificate any
BindCredential any
AccountAttributeMaps []any
DerefAliases any
Urls []*Url
Certs []*Certificate
UserEntrySearchConf *UserEntrySearchConf
GroupEntrySearchConf *GroupEntrySearchConf
ClientCertificate *ClientCertificate
BindCredential *BindCredential
AccountAttributeMaps []*AccountAttributeMap
DerefAliases *DerefAliases
}

// convertValueObjects converts the embedded value objects. It will return an
Expand Down Expand Up @@ -199,15 +199,15 @@ func (am *AuthMethod) convertValueObjects(ctx context.Context) (*convertedValues
return converted, nil
}

// convertCertificates converts any embedded URLs from []string
// to []any where each slice element is a *Url. It will return an error if the
// AuthMethod's public id is not set.
func (am *AuthMethod) convertUrls(ctx context.Context) ([]any, error) {
// convertUrls converts any embedded URLs from []string to []*Url where each
// slice element is a *Url. It will return an error if the AuthMethod's public
// id is not set.
func (am *AuthMethod) convertUrls(ctx context.Context) ([]*Url, error) {
const op = "ldap.(AuthMethod).convertUrls"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing public id")
}
newValObjs := make([]any, 0, len(am.Urls))
newValObjs := make([]*Url, 0, len(am.Urls))
for priority, u := range am.Urls {
parsed, err := url.Parse(u)
if err != nil {
Expand All @@ -223,14 +223,14 @@ func (am *AuthMethod) convertUrls(ctx context.Context) ([]any, error) {
}

// convertCertificates converts any embedded certificates from []string
// to []any where each slice element is a *Certificate. It will return an error
// if the AuthMethod's public id is not set.
func (am *AuthMethod) convertCertificates(ctx context.Context) ([]any, error) {
// to []*Certificate. It will return an error if the AuthMethod's public id is
// not set.
func (am *AuthMethod) convertCertificates(ctx context.Context) ([]*Certificate, error) {
const op = "ldap.(AuthMethod).convertCertificates"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing public id")
}
newValObjs := make([]any, 0, len(am.Certificates))
newValObjs := make([]*Certificate, 0, len(am.Certificates))
for _, cert := range am.Certificates {
obj, err := NewCertificate(ctx, am.PublicId, cert)
if err != nil {
Expand All @@ -242,9 +242,9 @@ func (am *AuthMethod) convertCertificates(ctx context.Context) ([]any, error) {
}

// convertUserEntrySearchConf converts an embedded user entry search fields
// into an any type. It will return an error if the AuthMethod's public id is
// not set.
func (am *AuthMethod) convertUserEntrySearchConf(ctx context.Context) (any, error) {
// into an *UserEntrySearchConf type. It will return an error if the
// AuthMethod's public id is not set.
func (am *AuthMethod) convertUserEntrySearchConf(ctx context.Context) (*UserEntrySearchConf, error) {
const op = "ldap.(AuthMethod).convertUserEntrySearchConf"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing public id")
Expand All @@ -257,9 +257,9 @@ func (am *AuthMethod) convertUserEntrySearchConf(ctx context.Context) (any, erro
}

// convertGroupEntrySearchConf converts an embedded group entry search fields
// into an any type. It will return an error if the AuthMethod's public id is
// not set.
func (am *AuthMethod) convertGroupEntrySearchConf(ctx context.Context) (any, error) {
// into an *GroupEntrySearchConf type. It will return an error if the
// AuthMethod's public id is not set.
func (am *AuthMethod) convertGroupEntrySearchConf(ctx context.Context) (*GroupEntrySearchConf, error) {
const op = "ldap.(AuthMethod).convertGroupEntrySearchConf"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing public id")
Expand All @@ -272,9 +272,9 @@ func (am *AuthMethod) convertGroupEntrySearchConf(ctx context.Context) (any, err
}

// convertClientCertificate converts an embedded client certificate entry into
// an any type. It will return an error if the AuthMethod's public id is not
// set.
func (am *AuthMethod) convertClientCertificate(ctx context.Context) (any, error) {
// an *ClientCertificate type. It will return an error if the AuthMethod's
// public id is not set.
func (am *AuthMethod) convertClientCertificate(ctx context.Context) (*ClientCertificate, error) {
const op = "ldap.(AuthMethod).convertClientCertificate"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing auth method id")
Expand All @@ -287,9 +287,9 @@ func (am *AuthMethod) convertClientCertificate(ctx context.Context) (any, error)
}

// convertBindCredential converts an embedded bind credential entry into
// an any type. It will return an error if the AuthMethod's public id is not
// set.
func (am *AuthMethod) convertBindCredential(ctx context.Context) (any, error) {
// an *BindCredential type. It will return an error if the AuthMethod's public
// id is not set.
func (am *AuthMethod) convertBindCredential(ctx context.Context) (*BindCredential, error) {
const op = "ldap.(AuthMethod).convertBindCredentials"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing auth method id")
Expand All @@ -302,9 +302,9 @@ func (am *AuthMethod) convertBindCredential(ctx context.Context) (any, error) {
}

// convertDerefAliases converts an embedded deref aliases entry into
// an any type. It will return an error if the AuthMethod's public id is not
// set.
func (am *AuthMethod) convertDerefAliases(ctx context.Context) (any, error) {
// an *DerefAliases type. It will return an error if the AuthMethod's public id
// is not set.
func (am *AuthMethod) convertDerefAliases(ctx context.Context) (*DerefAliases, error) {
const op = "ldap.(AuthMethod).convertDerefAliases"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing auth method id")
Expand All @@ -317,15 +317,15 @@ func (am *AuthMethod) convertDerefAliases(ctx context.Context) (any, error) {
}

// convertAccountAttributeMaps converts the embedded account attribute maps from
// []string to []interface{} where each slice element is a *AccountAttributeMap. It
// will return an error if the AuthMethod's public id is not set or it can
// convert the account attribute maps.
func (am *AuthMethod) convertAccountAttributeMaps(ctx context.Context) ([]any, error) {
// []string to []*AccountAttributeMap. It will return an error if the
// AuthMethod's public id is not set or it can convert the account attribute
// maps.
func (am *AuthMethod) convertAccountAttributeMaps(ctx context.Context) ([]*AccountAttributeMap, error) {
const op = "ldap.(AuthMethod).convertAccountAttributeMaps"
if am.PublicId == "" {
return nil, errors.New(ctx, errors.InvalidPublicId, op, "missing public id")
}
newInterfaces := make([]any, 0, len(am.AccountAttributeMaps))
acctAttribMaps := make([]*AccountAttributeMap, 0, len(am.AccountAttributeMaps))
const (
from = 0
to = 1
Expand All @@ -343,7 +343,7 @@ func (am *AuthMethod) convertAccountAttributeMaps(ctx context.Context) ([]any, e
if err != nil {
return nil, errors.Wrap(ctx, err, op)
}
newInterfaces = append(newInterfaces, obj)
acctAttribMaps = append(acctAttribMaps, obj)
}
return newInterfaces, nil
return acctAttribMaps, nil
}
27 changes: 22 additions & 5 deletions internal/auth/ldap/auth_method_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -348,17 +348,17 @@ func Test_convertValueObjects(t *testing.T) {
testCerts := []string{pem}
c, err := NewCertificate(testCtx, testPublicId, pem)
require.NoError(t, err)
testCertificates := []any{c}
testCertificates := []*Certificate{c}

testUrls := make([]any, 0, len(testLdapServers))
testUrls := make([]*Url, 0, len(testLdapServers))
for priority, uu := range TestConvertToUrls(t, testLdapServers...) {
u, err := NewUrl(testCtx, testPublicId, priority+1, uu)
require.NoError(t, err)
testUrls = append(testUrls, u)
}

testAttrMaps := []string{"email_address=email", "display_name=fullName"}
testAccountAttributeMaps := make([]any, 0, len(testAttrMaps))
testAccountAttributeMaps := make([]*AccountAttributeMap, 0, len(testAttrMaps))
acms, err := ParseAccountAttributeMaps(testCtx, testAttrMaps...)
require.NoError(t, err)
for _, m := range acms {
Expand Down Expand Up @@ -618,6 +618,23 @@ func (a converted) Less(i, j int) bool {
}

func testSortConverted(t *testing.T, c *convertedValues) {
sort.Sort(converted(c.Urls))
sort.Sort(converted(c.Certs))
t.Helper()
sort.Sort(sortableUrls(c.Urls))
sort.Sort(sortableCerts(c.Certs))
}

type sortableUrls []*Url

func (u sortableUrls) Len() int { return len(u) }
func (u sortableUrls) Swap(i, j int) { u[i], u[j] = u[j], u[i] }
func (u sortableUrls) Less(i, j int) bool {
return u[i].GetServerUrl() < u[j].GetServerUrl()
}

type sortableCerts []*Certificate

func (c sortableCerts) Len() int { return len(c) }
func (c sortableCerts) Swap(i, j int) { c[i], c[j] = c[j], c[i] }
func (c sortableCerts) Less(i, j int) bool {
return c[i].GetCert() < c[j].GetCert()
}
12 changes: 2 additions & 10 deletions internal/auth/ldap/repository_auth_method_create.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,20 +68,12 @@ func (r *Repository) CreateAuthMethod(ctx context.Context, am *AuthMethod, opt .
}

if cv.BindCredential != nil {
bc, ok := cv.BindCredential.(*BindCredential)
if !ok {
return nil, errors.New(ctx, errors.Internal, op, fmt.Sprintf("invalid type (%T) is not a bind credential", cv.BindCredential))
}
if err := bc.encrypt(ctx, dbWrapper); err != nil {
if err := cv.BindCredential.encrypt(ctx, dbWrapper); err != nil {
return nil, errors.Wrap(ctx, err, op, errors.WithMsg("failed to encrypt bind credential"))
}
}
if cv.ClientCertificate != nil {
cc, ok := cv.ClientCertificate.(*ClientCertificate)
if !ok {
return nil, errors.New(ctx, errors.Internal, op, fmt.Sprintf("invalid type (%T) is not a client certificate", cv.ClientCertificate))
}
if err := cc.encrypt(ctx, dbWrapper); err != nil {
if err := cv.ClientCertificate.encrypt(ctx, dbWrapper); err != nil {
return nil, errors.Wrap(ctx, err, op, errors.WithMsg("failed to encrypt client certificate"))
}
}
Expand Down
30 changes: 27 additions & 3 deletions internal/auth/ldap/repository_auth_method_update.go
Original file line number Diff line number Diff line change
Expand Up @@ -155,18 +155,42 @@ func (r *Repository) UpdateAuthMethod(ctx context.Context, am *AuthMethod, versi
if err != nil {
return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithMsg("unable to get database wrapper"))
}
addUrls, deleteUrls, err := valueObjectChanges(ctx, origAm.PublicId, UrlVO, am.Urls, origAm.Urls, dbMask, nullFields)
au, du, err := valueObjectChanges(ctx, origAm.PublicId, UrlVO, am.Urls, origAm.Urls, dbMask, nullFields)
if err != nil {
return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithMsg("unable to update urls"))
}
addCerts, deleteCerts, err := valueObjectChanges(ctx, origAm.PublicId, CertificateVO, am.Certificates, origAm.Certificates, dbMask, nullFields)
addUrls := []*Url{}
for _, u := range au {
addUrls = append(addUrls, u.(*Url))
}
deleteUrls := []*Url{}
for _, u := range du {
deleteUrls = append(deleteUrls, u.(*Url))
}
ac, dc, err := valueObjectChanges(ctx, origAm.PublicId, CertificateVO, am.Certificates, origAm.Certificates, dbMask, nullFields)
if err != nil {
return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithMsg("unable to update certificates"))
}
addMaps, deleteMaps, err := valueObjectChanges(ctx, origAm.PublicId, AccountAttributeMapsVO, am.AccountAttributeMaps, origAm.AccountAttributeMaps, dbMask, nullFields)
deleteCerts := []*Certificate{}
for _, c := range dc {
deleteCerts = append(deleteCerts, c.(*Certificate))
}
addCerts := []*Certificate{}
for _, c := range ac {
addCerts = append(addCerts, c.(*Certificate))
}
addM, deleteM, err := valueObjectChanges(ctx, origAm.PublicId, AccountAttributeMapsVO, am.AccountAttributeMaps, origAm.AccountAttributeMaps, dbMask, nullFields)
if err != nil {
return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithMsg("unable to update account attribute maps"))
}
addMaps := []*AccountAttributeMap{}
for _, m := range addM {
addMaps = append(addMaps, m.(*AccountAttributeMap))
}
deleteMaps := []*AccountAttributeMap{}
for _, m := range deleteM {
deleteMaps = append(deleteMaps, m.(*AccountAttributeMap))
}

combinedMasks := append(dbMask, nullFields...)

Expand Down
13 changes: 4 additions & 9 deletions internal/auth/ldap/repository_authenticate.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,18 +117,13 @@ func (r *Repository) Authenticate(ctx context.Context, authMethodId, loginName,
}

for _, attrMap := range attrMaps {
aam, ok := attrMap.(*AccountAttributeMap)
if !ok {
return nil, errors.New(ctx, errors.Internal, op, "failed to convert attribute map into AccountAttributeMap type")
}

switch aam.ToAttribute {
switch attrMap.ToAttribute {
case DefaultEmailAttribute:
emailAttr = aam.FromAttribute
emailAttr = attrMap.FromAttribute
case DefaultFullNameAttribute:
fullNameAttr = aam.FromAttribute
fullNameAttr = attrMap.FromAttribute
default:
return nil, errors.New(ctx, errors.InvalidParameter, op, fmt.Sprintf("invalid to attribute %q", aam.ToAttribute))
return nil, errors.New(ctx, errors.InvalidParameter, op, fmt.Sprintf("invalid to attribute %q", attrMap.ToAttribute))
}
}

Expand Down
Loading

0 comments on commit c6e3a49

Please sign in to comment.