audit pool manual hook db hits

Signed-off-by: Matt Siwiec <rizzza@users.noreply.github.com>
infratographer · Oct 24, 2023 · 7e364de · 7e364de
1 parent 511314c
commit 7e364de
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 40 deletions.
diff --git a/internal/manualhooks/hooks.go b/internal/manualhooks/hooks.go
@@ -486,6 +486,10 @@ func OriginHooks() []ent.Hook {
 								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.LocationID)
 							}
 
+							if !slices.Contains(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.ProviderID) {
+								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.ProviderID)
+							}
+
 							if !slices.Contains(msg.AdditionalSubjectIDs, port.LoadBalancerID) {
 								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.LoadBalancerID)
 							}
@@ -558,6 +562,10 @@ func OriginHooks() []ent.Hook {
 							if !slices.Contains(additionalSubjects, port.Edges.LoadBalancer.LocationID) {
 								additionalSubjects = append(additionalSubjects, port.Edges.LoadBalancer.LocationID)
 							}
+
+							if !slices.Contains(additionalSubjects, port.Edges.LoadBalancer.ProviderID) {
+								additionalSubjects = append(additionalSubjects, port.Edges.LoadBalancer.ProviderID)
+							}
 						}
 					}
 
@@ -749,44 +757,37 @@ func PoolHooks() []ent.Hook {
 						return retValue, err
 					}
 
-					addSubjPorts, err := m.Client().Port.Query().Where(port.HasPoolsWith(pool.IDEQ(objID))).All(ctx)
+					addSubjPorts, err := m.Client().Port.Query().WithLoadBalancer().WithPools(func(q *generated.PoolQuery) {
+						q.WithOrigins()
+					}).Where(port.HasPoolsWith(pool.IDEQ(objID))).All(ctx)
 					if err == nil {
 						for _, port := range addSubjPorts {
+							for _, pool := range port.Edges.Pools {
+								for _, origin := range pool.Edges.Origins {
+									if !slices.Contains(msg.AdditionalSubjectIDs, origin.ID) {
+										msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, origin.ID)
+									}
+								}
+							}
+
 							if !slices.Contains(msg.AdditionalSubjectIDs, port.ID) && objID != port.ID {
 								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.ID)
 							}
 
 							if !slices.Contains(msg.AdditionalSubjectIDs, port.LoadBalancerID) {
 								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.LoadBalancerID)
 							}
-						}
-					}
 
-					addSubjOrigins, err := m.Client().Origin.Query().Where(origin.HasPoolWith(pool.IDEQ(objID))).All(ctx)
-					if err == nil {
-						for _, origin := range addSubjOrigins {
-							if !slices.Contains(msg.AdditionalSubjectIDs, origin.ID) && objID != origin.ID {
-								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, origin.ID)
+							if !slices.Contains(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.LocationID) {
+								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.LocationID)
 							}
 
-							if !slices.Contains(msg.AdditionalSubjectIDs, origin.PoolID) {
-								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, origin.PoolID)
+							if !slices.Contains(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.ProviderID) {
+								msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, port.Edges.LoadBalancer.ProviderID)
 							}
 						}
 					}
 
-					lbs := getLoadBalancerIDs(ctx, objID, msg.AdditionalSubjectIDs)
-					for _, lb := range lbs {
-						lb, err := m.Client().LoadBalancer.Get(ctx, lb)
-						if err != nil {
-							return nil, fmt.Errorf("failed to get loadbalancer to lookup location %s", lb)
-						}
-
-						if !slices.Contains(msg.AdditionalSubjectIDs, lb.LocationID) {
-							msg.AdditionalSubjectIDs = append(msg.AdditionalSubjectIDs, lb.LocationID)
-						}
-					}
-
 					if len(relationships) != 0 {
 						if err := permissions.CreateAuthRelationships(ctx, "load-balancer-pool", objID, relationships...); err != nil {
 							return nil, fmt.Errorf("relationship request failed with error: %w", err)
@@ -822,9 +823,17 @@ func PoolHooks() []ent.Hook {
 
 					additionalSubjects = append(additionalSubjects, dbObj.OwnerID)
 
-					addSubjPorts, err := m.Client().Port.Query().Where(port.HasPoolsWith(pool.IDEQ(objID))).All(ctx)
+					addSubjPorts, err := m.Client().Port.Query().WithLoadBalancer().Where(port.HasPoolsWith(pool.IDEQ(objID))).All(ctx)
 					if err == nil {
 						for _, port := range addSubjPorts {
+							if !slices.Contains(additionalSubjects, port.Edges.LoadBalancer.LocationID) {
+								additionalSubjects = append(additionalSubjects, port.Edges.LoadBalancer.LocationID)
+							}
+
+							if !slices.Contains(additionalSubjects, port.Edges.LoadBalancer.ProviderID) {
+								additionalSubjects = append(additionalSubjects, port.Edges.LoadBalancer.ProviderID)
+							}
+
 							if !slices.Contains(additionalSubjects, port.LoadBalancerID) {
 								additionalSubjects = append(additionalSubjects, port.LoadBalancerID)
 							}
@@ -836,18 +845,6 @@ func PoolHooks() []ent.Hook {
 						SubjectID: dbObj.OwnerID,
 					})
 
-					lbs := getLoadBalancerIDs(ctx, objID, additionalSubjects)
-					for _, lb := range lbs {
-						lb, err := m.Client().LoadBalancer.Get(ctx, lb)
-						if err != nil {
-							return nil, fmt.Errorf("failed to get loadbalancer to lookup location %s", lb)
-						}
-
-						if !slices.Contains(additionalSubjects, lb.LocationID) {
-							additionalSubjects = append(additionalSubjects, lb.LocationID)
-						}
-					}
-
 					// we have all the info we need, now complete the mutation before we process the event
 					retValue, err := next.Mutate(ctx, m)
 					if err != nil {

diff --git a/internal/manualhooks/hooks_test.go b/internal/manualhooks/hooks_test.go
@@ -133,7 +133,7 @@ func Test_OriginCreateHook(t *testing.T) {
 	msg := testutils.ChannelReceiveWithTimeout[events.Message[events.ChangeMessage]](t, changesChannel, defaultTimeout)
 
 	// Assert
-	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID}
+	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID, lb.ProviderID}
 	actualAdditionalSubjectIDs := msg.Message().AdditionalSubjectIDs
 
 	assert.ElementsMatch(t, expectedAdditionalSubjectIDs, actualAdditionalSubjectIDs)
@@ -161,7 +161,7 @@ func Test_OriginUpdateHook(t *testing.T) {
 	msg := testutils.ChannelReceiveWithTimeout[events.Message[events.ChangeMessage]](t, changesChannel, defaultTimeout)
 
 	// Assert
-	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID}
+	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID, lb.ProviderID}
 	actualAdditionalSubjectIDs := msg.Message().AdditionalSubjectIDs
 
 	assert.ElementsMatch(t, expectedAdditionalSubjectIDs, actualAdditionalSubjectIDs)
@@ -189,7 +189,7 @@ func Test_OriginDeleteHook(t *testing.T) {
 	msg := testutils.ChannelReceiveWithTimeout[events.Message[events.ChangeMessage]](t, changesChannel, defaultTimeout)
 
 	// Assert
-	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID}
+	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID, lb.ProviderID}
 	actualAdditionalSubjectIDs := msg.Message().AdditionalSubjectIDs
 
 	assert.ElementsMatch(t, expectedAdditionalSubjectIDs, actualAdditionalSubjectIDs)
@@ -240,7 +240,7 @@ func Test_PoolUpdateHook(t *testing.T) {
 	msg := testutils.ChannelReceiveWithTimeout[events.Message[events.ChangeMessage]](t, changesChannel, defaultTimeout)
 
 	// Assert
-	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.ID, pool.OwnerID, lb.ID, lb.LocationID, origin.ID, port.ID}
+	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.OwnerID, lb.ID, lb.LocationID, lb.ProviderID, origin.ID, port.ID}
 	actualAdditionalSubjectIDs := msg.Message().AdditionalSubjectIDs
 
 	assert.ElementsMatch(t, expectedAdditionalSubjectIDs, actualAdditionalSubjectIDs)
@@ -267,7 +267,7 @@ func Test_PoolDeleteHook(t *testing.T) {
 	msg := testutils.ChannelReceiveWithTimeout[events.Message[events.ChangeMessage]](t, changesChannel, defaultTimeout)
 
 	// Assert
-	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.OwnerID, lb.ID, lb.LocationID}
+	expectedAdditionalSubjectIDs := []gidx.PrefixedID{pool.OwnerID, lb.ID, lb.LocationID, lb.ProviderID}
 	actualAdditionalSubjectIDs := msg.Message().AdditionalSubjectIDs
 
 	assert.ElementsMatch(t, expectedAdditionalSubjectIDs, actualAdditionalSubjectIDs)