Skip to content

Commit

Permalink
Merge pull request #1133 from babakks/css-6701/rename-user-to-identity
Browse files Browse the repository at this point in the history
CSS-6701 Rename `User` to `Identity`
alesstimec authored Jan 17, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
2 parents a996277 + ce12615 commit 9598679
Showing 99 changed files with 1,517 additions and 1,474 deletions.
8 changes: 4 additions & 4 deletions cmd/jimmctl/cmd/addcloudtocontroller_test.go
Original file line number Diff line number Diff line change
@@ -31,9 +31,9 @@ func (s *addCloudToControllerSuite) SetUpTest(c *gc.C) {
s.jimmSuite.SetUpTest(c)

// We add user bob, who is a JIMM administrator.
err := s.JIMM.Database.UpdateUser(context.Background(), &dbmodel.User{
err := s.JIMM.Database.UpdateIdentity(context.Background(), &dbmodel.Identity{
DisplayName: "Bob",
Username: "bob@external",
Name: "bob@external",
})
c.Assert(err, gc.IsNil)

@@ -51,8 +51,8 @@ func (s *addCloudToControllerSuite) SetUpTest(c *gc.C) {
// We grant user bob administrator access to JIMM and the added
// test-cloud.
bob := openfga.NewUser(
&dbmodel.User{
Username: "bob@external",
&dbmodel.Identity{
Name: "bob@external",
},
s.JIMM.OpenFGAClient,
)
18 changes: 9 additions & 9 deletions cmd/jimmctl/cmd/importcloudcredentials_test.go
Original file line number Diff line number Diff line change
@@ -67,27 +67,27 @@ func (s *importCloudCredentialsSuite) TestImportCloudCredentials(c *gc.C) {
c.Assert(err, gc.IsNil)

cred1 := dbmodel.CloudCredential{
CloudName: "aws",
OwnerUsername: "alice@external",
Name: "test1",
CloudName: "aws",
OwnerIdentityName: "alice@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred1)
c.Assert(err, gc.IsNil)
c.Check(cred1.AuthType, gc.Equals, "access-key")

cred2 := dbmodel.CloudCredential{
CloudName: "aws",
OwnerUsername: "bob@external",
Name: "test1",
CloudName: "aws",
OwnerIdentityName: "bob@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred2)
c.Assert(err, gc.IsNil)
c.Check(cred2.AuthType, gc.Equals, "access-key")

cred3 := dbmodel.CloudCredential{
CloudName: "gce",
OwnerUsername: "charlie@external",
Name: "test1",
CloudName: "gce",
OwnerIdentityName: "charlie@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred3)
c.Assert(err, gc.IsNil)
4 changes: 2 additions & 2 deletions cmd/jimmctl/cmd/importmodel_test.go
Original file line number Diff line number Diff line change
@@ -50,7 +50,7 @@ func (s *importModelSuite) TestImportModelSuperuser(c *gc.C) {
model2.SetTag(names.NewModelTag(m.ModelUUID()))
err = s.JIMM.Database.GetModel(context.Background(), &model2)
c.Assert(err, gc.Equals, nil)
c.Check(model2.OwnerUsername, gc.Equals, "charlie@external")
c.Check(model2.OwnerIdentityName, gc.Equals, "charlie@external")
}

func (s *importModelSuite) TestImportModelFromLocalUser(c *gc.C) {
@@ -78,7 +78,7 @@ func (s *importModelSuite) TestImportModelFromLocalUser(c *gc.C) {
err = s.JIMM.Database.GetModel(context.Background(), &model2)
c.Assert(err, gc.Equals, nil)
c.Check(model2.CreatedAt.After(model.CreatedAt), gc.Equals, true)
c.Check(model2.OwnerUsername, gc.Equals, "alice@external")
c.Check(model2.OwnerIdentityName, gc.Equals, "alice@external")
}

func (s *importModelSuite) TestImportModelUnauthorized(c *gc.C) {
32 changes: 16 additions & 16 deletions cmd/jimmctl/cmd/jimmsuite_test.go
Original file line number Diff line number Diff line change
@@ -39,7 +39,7 @@ type jimmSuite struct {
Params service.Params
HTTP *httptest.Server
Service *service.Service
AdminUser *dbmodel.User
AdminUser *dbmodel.Identity
ClientStore func() *jjclient.MemStore
JIMM *jimm.JIMM
cancel context.CancelFunc
@@ -103,11 +103,11 @@ func (s *jimmSuite) SetUpTest(c *gc.C) {
s.ControllerAdmins = []string{"controller-admin"}
s.JujuConnSuite.SetUpTest(c)

s.AdminUser = &dbmodel.User{
Username: "alice@external",
s.AdminUser = &dbmodel.Identity{
Name: "alice@external",
LastLogin: db.Now(),
}
err = s.JIMM.Database.GetUser(ctx, s.AdminUser)
err = s.JIMM.Database.GetIdentity(ctx, s.AdminUser)
c.Assert(err, gc.Equals, nil)

alice := openfga.NewUser(s.AdminUser, ofgaClient)
@@ -183,12 +183,12 @@ func (s *jimmSuite) userBakeryClient(username string) *httpbakery.Client {

func (s *jimmSuite) AddController(c *gc.C, name string, info *api.Info) {
ctl := &dbmodel.Controller{
UUID: info.ControllerUUID,
Name: name,
AdminUser: info.Tag.Id(),
AdminPassword: info.Password,
CACertificate: info.CACert,
Addresses: nil,
UUID: info.ControllerUUID,
Name: name,
AdminIdentityName: info.Tag.Id(),
AdminPassword: info.Password,
CACertificate: info.CACert,
Addresses: nil,
}
ctl.Addresses = make(dbmodel.HostPorts, 0, len(info.Addrs))
for _, addr := range info.Addrs {
@@ -207,11 +207,11 @@ func (s *jimmSuite) AddController(c *gc.C, name string, info *api.Info) {

func (s *jimmSuite) UpdateCloudCredential(c *gc.C, tag names.CloudCredentialTag, cred jujuparams.CloudCredential) {
ctx := context.Background()
u := dbmodel.User{
Username: tag.Owner().Id(),
u := dbmodel.Identity{
Name: tag.Owner().Id(),
}
user := openfga.NewUser(&u, s.JIMM.OpenFGAClient)
err := s.JIMM.Database.GetUser(ctx, &u)
err := s.JIMM.Database.GetIdentity(ctx, &u)
c.Assert(err, gc.Equals, nil)
_, err = s.JIMM.UpdateCloudCredential(ctx, user, jimm.UpdateCloudCredentialArgs{
CredentialTag: tag,
@@ -224,12 +224,12 @@ func (s *jimmSuite) UpdateCloudCredential(c *gc.C, tag names.CloudCredentialTag,
func (s *jimmSuite) AddModel(c *gc.C, owner names.UserTag, name string, cloud names.CloudTag, region string, cred names.CloudCredentialTag) names.ModelTag {
ctx := context.Background()
u := openfga.NewUser(
&dbmodel.User{
Username: owner.Id(),
&dbmodel.Identity{
Name: owner.Id(),
},
s.OFGAClient,
)
err := s.JIMM.Database.GetUser(ctx, u.User)
err := s.JIMM.Database.GetIdentity(ctx, u.Identity)
c.Assert(err, gc.Equals, nil)
mi, err := s.JIMM.AddModel(ctx, u, &jimm.ModelCreateArgs{
Name: name,
12 changes: 6 additions & 6 deletions cmd/jimmctl/cmd/purge_logs_test.go
Original file line number Diff line number Diff line change
@@ -59,16 +59,16 @@ func (s *purgeLogsSuite) TestPurgeLogsFromDb(c *gc.C) {
ctx := context.Background()
relativeNow := time.Now().AddDate(-1, 0, 0)
ale := dbmodel.AuditLogEntry{
Time: relativeNow.UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}
ale_past := dbmodel.AuditLogEntry{
Time: relativeNow.AddDate(0, 0, -1).UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.AddDate(0, 0, -1).UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}
ale_future := dbmodel.AuditLogEntry{
Time: relativeNow.AddDate(0, 0, 5).UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.AddDate(0, 0, 5).UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}

err := s.JIMM.Database.Migrate(context.Background(), false)
50 changes: 25 additions & 25 deletions cmd/jimmctl/cmd/relation_test.go
Original file line number Diff line number Diff line change
@@ -255,23 +255,23 @@ func (s *relationSuite) TestRemoveRelation(c *gc.C) {
}

type environment struct {
users []dbmodel.User
users []dbmodel.Identity
clouds []dbmodel.Cloud
credentials []dbmodel.CloudCredential
controllers []dbmodel.Controller
models []dbmodel.Model
applicationOffers []dbmodel.ApplicationOffer
}

func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmodel.User) *environment {
func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmodel.Identity) *environment {
env := environment{}

u1 := dbmodel.User{
Username: "eve@external",
u1 := dbmodel.Identity{
Name: "eve@external",
}
c.Assert(db.DB.Create(&u1).Error, gc.IsNil)

env.users = []dbmodel.User{u, u1}
env.users = []dbmodel.Identity{u, u1}

cloud := dbmodel.Cloud{
Name: "test-cloud",
@@ -300,10 +300,10 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
env.controllers = []dbmodel.Controller{controller}

cred := dbmodel.CloudCredential{
Name: "test-credential-1",
CloudName: cloud.Name,
OwnerUsername: u.Username,
AuthType: "empty",
Name: "test-credential-1",
CloudName: cloud.Name,
OwnerIdentityName: u.Name,
AuthType: "empty",
}
err = db.SetCloudCredential(ctx, &cred)
c.Assert(err, gc.Equals, nil)
@@ -315,7 +315,7 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
String: "acdbf3e5-67e1-42a2-a2dc-64505265c030",
Valid: true,
},
OwnerUsername: u.Username,
OwnerIdentityName: u.Name,
ControllerID: controller.ID,
CloudRegionID: cloud.Regions[0].ID,
CloudCredentialID: cred.ID,
@@ -327,7 +327,7 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
offer := dbmodel.ApplicationOffer{
ID: 1,
UUID: "436b2264-d8f8-4e24-b16f-dd43c4116528",
URL: env.controllers[0].Name + ":" + env.models[0].OwnerUsername + "/" + env.models[0].Name + ".testoffer1",
URL: env.controllers[0].Name + ":" + env.models[0].OwnerIdentityName + "/" + env.models[0].Name + ".testoffer1",
Name: "testoffer1",
ModelID: model.ID,
Model: model,
@@ -353,11 +353,11 @@ func (s *relationSuite) TestListRelations(c *gc.C) {
}

relations := []apiparams.RelationshipTuple{{
Object: "user-" + env.users[0].Username,
Object: "user-" + env.users[0].Name,
Relation: "member",
TargetObject: "group-group-1",
}, {
Object: "user-" + env.users[1].Username,
Object: "user-" + env.users[1].Name,
Relation: "member",
TargetObject: "group-group-2",
}, {
@@ -371,11 +371,11 @@ func (s *relationSuite) TestListRelations(c *gc.C) {
}, {
Object: "group-group-1#member",
Relation: "administrator",
TargetObject: "model-" + env.controllers[0].Name + ":" + env.models[0].OwnerUsername + "/" + env.models[0].Name,
TargetObject: "model-" + env.controllers[0].Name + ":" + env.models[0].OwnerIdentityName + "/" + env.models[0].Name,
}, {
Object: "user-" + env.users[1].Username,
Object: "user-" + env.users[1].Name,
Relation: "administrator",
TargetObject: "applicationoffer-" + env.controllers[0].Name + ":" + env.applicationOffers[0].Model.OwnerUsername + "/" + env.applicationOffers[0].Model.Name + "." + env.applicationOffers[0].Name,
TargetObject: "applicationoffer-" + env.controllers[0].Name + ":" + env.applicationOffers[0].Model.OwnerIdentityName + "/" + env.applicationOffers[0].Model.Name + "." + env.applicationOffers[0].Name,
}}
for _, relation := range relations {
_, err := cmdtesting.RunCommand(c, cmd.NewAddRelationCommandForTesting(s.ClientStore(), bClient), relation.Object, relation.Relation, relation.TargetObject)
@@ -448,8 +448,8 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
err = db.GetGroup(ctx, &group)
c.Assert(err, gc.IsNil)

u := dbmodel.User{
Username: petname.Generate(2, "-") + "@external",
u := dbmodel.Identity{
Name: petname.Generate(2, "-") + "@external",
}
c.Assert(db.DB.Create(&u).Error, gc.IsNil)

@@ -476,10 +476,10 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
c.Assert(err, gc.IsNil)

cred := dbmodel.CloudCredential{
Name: petname.Generate(2, "-"),
CloudName: cloud.Name,
OwnerUsername: u.Username,
AuthType: "empty",
Name: petname.Generate(2, "-"),
CloudName: cloud.Name,
OwnerIdentityName: u.Name,
AuthType: "empty",
}
err = db.SetCloudCredential(ctx, &cred)
c.Assert(err, gc.IsNil)
@@ -490,7 +490,7 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
String: id.String(),
Valid: true,
},
OwnerUsername: u.Username,
OwnerIdentityName: u.Name,
ControllerID: controller.ID,
CloudRegionID: cloud.Regions[0].ID,
CloudCredentialID: cred.ID,
@@ -522,8 +522,8 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
c.Assert(err, gc.IsNil)

// Test reader is OK
userToCheck := "user-" + u.Username
modelToCheck := "model-" + controller.Name + ":" + u.Username + "/" + model.Name
userToCheck := "user-" + u.Name
modelToCheck := "model-" + controller.Name + ":" + u.Name + "/" + model.Name
cmdCtx, err := cmdtesting.RunCommand(
c,
cmd.NewCheckRelationCommandForTesting(s.ClientStore(), bClient),
6 changes: 3 additions & 3 deletions discharger.go
Original file line number Diff line number Diff line change
@@ -106,8 +106,8 @@ func (md *macaroonDischarger) checkThirdPartyCaveat(ctx context.Context, req *ht
offerTag := jimmnames.NewApplicationOfferTag(offerUUID)

user := openfga.NewUser(
&dbmodel.User{
Username: userTag.Id(),
&dbmodel.Identity{
Name: userTag.Id(),
},
md.ofgaClient,
)
@@ -124,6 +124,6 @@ func (md *macaroonDischarger) checkThirdPartyCaveat(ctx context.Context, req *ht
checkers.TimeBeforeCaveat(time.Now().Add(defaultDischargeExpiry)),
}, nil
}
zapctx.Debug(ctx, "macaroon dishcharge denied", zap.String("user", user.Username), zap.String("offer", offerUUID))
zapctx.Debug(ctx, "macaroon dishcharge denied", zap.String("user", user.Name), zap.String("offer", offerUUID))
return nil, httpbakery.ErrPermissionDenied
}
4 changes: 2 additions & 2 deletions internal/auth/jujuauth.go
Original file line number Diff line number Diff line change
@@ -71,8 +71,8 @@ func (a JujuAuthenticator) Authenticate(ctx context.Context, req *jujuparams.Log
if ut.IsLocal() {
ut = ut.WithDomain("external")
}
u := &dbmodel.User{
Username: ut.Id(),
u := &dbmodel.Identity{
Name: ut.Id(),
DisplayName: ut.Name(),
}
// Note: Previously here we would grant a user superuser permission if they were part of
12 changes: 6 additions & 6 deletions internal/auth/jujuauth_test.go
Original file line number Diff line number Diff line change
@@ -59,8 +59,8 @@ func TestAuthenticateLogin(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "alice@external",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "alice@external",
DisplayName: "alice",
})
}
@@ -102,8 +102,8 @@ func TestAuthenticateLoginWithDomain(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "alice@mydomain",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "alice@mydomain",
DisplayName: "alice",
})
}
@@ -146,8 +146,8 @@ func TestAuthenticateLoginSuperuser(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "bob@external",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "bob@external",
DisplayName: "bob",
})
}
Loading

0 comments on commit 9598679

Please sign in to comment.