Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CSS-6701 Rename User to Identity #1133

Merged
merged 39 commits into from
Jan 17, 2024
Merged

CSS-6701 Rename User to Identity #1133

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
3ac8ea7
Upgrade dbmodel version to v1.6
babakks Jan 11, 2024
761f09e
Rename `User` type `Identity`
babakks Jan 11, 2024
b87010c
Update `Identity` godoc
babakks Jan 11, 2024
852c283
Rename `identity_name` column to `identity`
babakks Jan 11, 2024
a89e77d
Rename `Identity.Username` to `Identity.Name`
babakks Jan 11, 2024
24f6f28
Update foreign-key tag
babakks Jan 11, 2024
aa1040a
Rename `CloudCredential.OwnerUsername` to `OwnerIdentityName`
babakks Jan 11, 2024
2303f29
Rename `CloudDefaults.Username` to `IdentityName`
babakks Jan 11, 2024
fa0456f
Rename `Model.OwnerUsername` to `OwnerIdentityName`
babakks Jan 11, 2024
53c820a
Rename `ApplicationOfferConnection.Username` to `IdentityName`
babakks Jan 11, 2024
9e00838
Rename `UserModelDefaults.Username` to `IdentityName`
babakks Jan 11, 2024
ca49edf
Undo renaming `controllers.admin_user` and `audit_log.user_tag` columns
babakks Jan 11, 2024
b721e12
Update comment with Jira card ID
babakks Jan 11, 2024
bfcfa38
Rename `CloudDefaults.User` to `Identity`
babakks Jan 11, 2024
d2ed00b
Update Gorm magic strings
babakks Jan 12, 2024
e2c435c
Fix more Gorm magic strings
babakks Jan 12, 2024
d4c282c
Fix column name reference
babakks Jan 12, 2024
c1ea33b
Update error message
babakks Jan 12, 2024
64671ae
Rename indexes related to users
babakks Jan 15, 2024
2c4d4a2
Fix constraint name reference
babakks Jan 15, 2024
b497c03
Rename `dbmodel/user*` files to `dbmodel/identity*`
babakks Jan 15, 2024
23182a5
Rename `User` CRUD methods to `Identity`
babakks Jan 15, 2024
4327628
Rename `db/user*` files to `db/identity*`
babakks Jan 15, 2024
6819014
Use default database (`postgres`) for Candid
babakks Jan 16, 2024
64229ab
Renamed UserModelDefaults to IdentityModelDefaults.
alesstimec Jan 15, 2024
158b9d5
Merge pull request #1 from alesstimec/rename-to-identity-user-defaults
alesstimec Jan 16, 2024
a69d6f5
Fixes for identitymodeldefaults.
alesstimec Jan 16, 2024
71e4926
Merge pull request #3 from alesstimec/rename-to-identity-user-default…
alesstimec Jan 16, 2024
1b7ea05
Merge branch 'feature-serviceaccounts' into css-6701/rename-user-to-i…
alesstimec Jan 17, 2024
2d5b9ce
Merge pull request #2 from babakks/use-postgres-default-db-for-candid
babakks Jan 17, 2024
66daacc
Rename misspelled file name
babakks Jan 17, 2024
5bc41e4
Change the ordering of table and column renaming to match others
babakks Jan 17, 2024
226090e
Rename `user_model_defaults_username_fkey` to `identity_*`
babakks Jan 17, 2024
96d2988
Rename `audit_log.user_tag` column to `identity_tag`
babakks Jan 17, 2024
77a2eae
Rename `AuditLog.UserTag` to `IdentityTag`
babakks Jan 17, 2024
418a569
Rename `controllers.admin_user` column to `admin_identity_name`
babakks Jan 17, 2024
9611d80
Rename `Controller.AdminUser` to `AdminIdentityName`
babakks Jan 17, 2024
140e97e
Merge branch 'feature-serviceaccounts' into css-6701/rename-user-to-i…
babakks Jan 17, 2024
ce12615
Rename `dbmodel.User` reference to `dbmodel.Identity`
babakks Jan 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions cmd/jimmctl/cmd/addcloudtocontroller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ func (s *addCloudToControllerSuite) SetUpTest(c *gc.C) {
s.jimmSuite.SetUpTest(c)

// We add user bob, who is a JIMM administrator.
err := s.JIMM.Database.UpdateUser(context.Background(), &dbmodel.User{
err := s.JIMM.Database.UpdateIdentity(context.Background(), &dbmodel.Identity{
DisplayName: "Bob",
Username: "bob@external",
Name: "bob@external",
})
c.Assert(err, gc.IsNil)

Expand All @@ -51,8 +51,8 @@ func (s *addCloudToControllerSuite) SetUpTest(c *gc.C) {
// We grant user bob administrator access to JIMM and the added
// test-cloud.
bob := openfga.NewUser(
&dbmodel.User{
Username: "bob@external",
&dbmodel.Identity{
Name: "bob@external",
},
s.JIMM.OpenFGAClient,
)
Expand Down
18 changes: 9 additions & 9 deletions cmd/jimmctl/cmd/importcloudcredentials_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,27 +67,27 @@ func (s *importCloudCredentialsSuite) TestImportCloudCredentials(c *gc.C) {
c.Assert(err, gc.IsNil)

cred1 := dbmodel.CloudCredential{
CloudName: "aws",
OwnerUsername: "alice@external",
Name: "test1",
CloudName: "aws",
OwnerIdentityName: "alice@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred1)
c.Assert(err, gc.IsNil)
c.Check(cred1.AuthType, gc.Equals, "access-key")

cred2 := dbmodel.CloudCredential{
CloudName: "aws",
OwnerUsername: "bob@external",
Name: "test1",
CloudName: "aws",
OwnerIdentityName: "bob@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred2)
c.Assert(err, gc.IsNil)
c.Check(cred2.AuthType, gc.Equals, "access-key")

cred3 := dbmodel.CloudCredential{
CloudName: "gce",
OwnerUsername: "charlie@external",
Name: "test1",
CloudName: "gce",
OwnerIdentityName: "charlie@external",
Name: "test1",
}
err = s.JIMM.Database.GetCloudCredential(context.Background(), &cred3)
c.Assert(err, gc.IsNil)
Expand Down
4 changes: 2 additions & 2 deletions cmd/jimmctl/cmd/importmodel_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func (s *importModelSuite) TestImportModelSuperuser(c *gc.C) {
model2.SetTag(names.NewModelTag(m.ModelUUID()))
err = s.JIMM.Database.GetModel(context.Background(), &model2)
c.Assert(err, gc.Equals, nil)
c.Check(model2.OwnerUsername, gc.Equals, "charlie@external")
c.Check(model2.OwnerIdentityName, gc.Equals, "charlie@external")
}

func (s *importModelSuite) TestImportModelFromLocalUser(c *gc.C) {
Expand Down Expand Up @@ -78,7 +78,7 @@ func (s *importModelSuite) TestImportModelFromLocalUser(c *gc.C) {
err = s.JIMM.Database.GetModel(context.Background(), &model2)
c.Assert(err, gc.Equals, nil)
c.Check(model2.CreatedAt.After(model.CreatedAt), gc.Equals, true)
c.Check(model2.OwnerUsername, gc.Equals, "alice@external")
c.Check(model2.OwnerIdentityName, gc.Equals, "alice@external")
}

func (s *importModelSuite) TestImportModelUnauthorized(c *gc.C) {
Expand Down
32 changes: 16 additions & 16 deletions cmd/jimmctl/cmd/jimmsuite_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ type jimmSuite struct {
Params service.Params
HTTP *httptest.Server
Service *service.Service
AdminUser *dbmodel.User
AdminUser *dbmodel.Identity
ClientStore func() *jjclient.MemStore
JIMM *jimm.JIMM
cancel context.CancelFunc
Expand Down Expand Up @@ -103,11 +103,11 @@ func (s *jimmSuite) SetUpTest(c *gc.C) {
s.ControllerAdmins = []string{"controller-admin"}
s.JujuConnSuite.SetUpTest(c)

s.AdminUser = &dbmodel.User{
Username: "alice@external",
s.AdminUser = &dbmodel.Identity{
Name: "alice@external",
LastLogin: db.Now(),
}
err = s.JIMM.Database.GetUser(ctx, s.AdminUser)
err = s.JIMM.Database.GetIdentity(ctx, s.AdminUser)
c.Assert(err, gc.Equals, nil)

alice := openfga.NewUser(s.AdminUser, ofgaClient)
Expand Down Expand Up @@ -183,12 +183,12 @@ func (s *jimmSuite) userBakeryClient(username string) *httpbakery.Client {

func (s *jimmSuite) AddController(c *gc.C, name string, info *api.Info) {
ctl := &dbmodel.Controller{
UUID: info.ControllerUUID,
Name: name,
AdminUser: info.Tag.Id(),
AdminPassword: info.Password,
CACertificate: info.CACert,
Addresses: nil,
UUID: info.ControllerUUID,
Name: name,
AdminIdentityName: info.Tag.Id(),
AdminPassword: info.Password,
CACertificate: info.CACert,
Addresses: nil,
}
ctl.Addresses = make(dbmodel.HostPorts, 0, len(info.Addrs))
for _, addr := range info.Addrs {
Expand All @@ -207,11 +207,11 @@ func (s *jimmSuite) AddController(c *gc.C, name string, info *api.Info) {

func (s *jimmSuite) UpdateCloudCredential(c *gc.C, tag names.CloudCredentialTag, cred jujuparams.CloudCredential) {
ctx := context.Background()
u := dbmodel.User{
Username: tag.Owner().Id(),
u := dbmodel.Identity{
Name: tag.Owner().Id(),
}
user := openfga.NewUser(&u, s.JIMM.OpenFGAClient)
err := s.JIMM.Database.GetUser(ctx, &u)
err := s.JIMM.Database.GetIdentity(ctx, &u)
c.Assert(err, gc.Equals, nil)
_, err = s.JIMM.UpdateCloudCredential(ctx, user, jimm.UpdateCloudCredentialArgs{
CredentialTag: tag,
Expand All @@ -224,12 +224,12 @@ func (s *jimmSuite) UpdateCloudCredential(c *gc.C, tag names.CloudCredentialTag,
func (s *jimmSuite) AddModel(c *gc.C, owner names.UserTag, name string, cloud names.CloudTag, region string, cred names.CloudCredentialTag) names.ModelTag {
ctx := context.Background()
u := openfga.NewUser(
&dbmodel.User{
Username: owner.Id(),
&dbmodel.Identity{
Name: owner.Id(),
},
s.OFGAClient,
)
err := s.JIMM.Database.GetUser(ctx, u.User)
err := s.JIMM.Database.GetIdentity(ctx, u.Identity)
c.Assert(err, gc.Equals, nil)
mi, err := s.JIMM.AddModel(ctx, u, &jimm.ModelCreateArgs{
Name: name,
Expand Down
12 changes: 6 additions & 6 deletions cmd/jimmctl/cmd/purge_logs_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,16 +59,16 @@ func (s *purgeLogsSuite) TestPurgeLogsFromDb(c *gc.C) {
ctx := context.Background()
relativeNow := time.Now().AddDate(-1, 0, 0)
ale := dbmodel.AuditLogEntry{
Time: relativeNow.UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}
ale_past := dbmodel.AuditLogEntry{
Time: relativeNow.AddDate(0, 0, -1).UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.AddDate(0, 0, -1).UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}
ale_future := dbmodel.AuditLogEntry{
Time: relativeNow.AddDate(0, 0, 5).UTC().Round(time.Millisecond),
UserTag: names.NewUserTag("alice@external").String(),
Time: relativeNow.AddDate(0, 0, 5).UTC().Round(time.Millisecond),
IdentityTag: names.NewUserTag("alice@external").String(),
}

err := s.JIMM.Database.Migrate(context.Background(), false)
Expand Down
50 changes: 25 additions & 25 deletions cmd/jimmctl/cmd/relation_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -255,23 +255,23 @@ func (s *relationSuite) TestRemoveRelation(c *gc.C) {
}

type environment struct {
users []dbmodel.User
users []dbmodel.Identity
clouds []dbmodel.Cloud
credentials []dbmodel.CloudCredential
controllers []dbmodel.Controller
models []dbmodel.Model
applicationOffers []dbmodel.ApplicationOffer
}

func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmodel.User) *environment {
func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmodel.Identity) *environment {
env := environment{}

u1 := dbmodel.User{
Username: "eve@external",
u1 := dbmodel.Identity{
Name: "eve@external",
}
c.Assert(db.DB.Create(&u1).Error, gc.IsNil)

env.users = []dbmodel.User{u, u1}
env.users = []dbmodel.Identity{u, u1}

cloud := dbmodel.Cloud{
Name: "test-cloud",
Expand Down Expand Up @@ -300,10 +300,10 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
env.controllers = []dbmodel.Controller{controller}

cred := dbmodel.CloudCredential{
Name: "test-credential-1",
CloudName: cloud.Name,
OwnerUsername: u.Username,
AuthType: "empty",
Name: "test-credential-1",
CloudName: cloud.Name,
OwnerIdentityName: u.Name,
AuthType: "empty",
}
err = db.SetCloudCredential(ctx, &cred)
c.Assert(err, gc.Equals, nil)
Expand All @@ -315,7 +315,7 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
String: "acdbf3e5-67e1-42a2-a2dc-64505265c030",
Valid: true,
},
OwnerUsername: u.Username,
OwnerIdentityName: u.Name,
ControllerID: controller.ID,
CloudRegionID: cloud.Regions[0].ID,
CloudCredentialID: cred.ID,
Expand All @@ -327,7 +327,7 @@ func initializeEnvironment(c *gc.C, ctx context.Context, db *db.Database, u dbmo
offer := dbmodel.ApplicationOffer{
ID: 1,
UUID: "436b2264-d8f8-4e24-b16f-dd43c4116528",
URL: env.controllers[0].Name + ":" + env.models[0].OwnerUsername + "/" + env.models[0].Name + ".testoffer1",
URL: env.controllers[0].Name + ":" + env.models[0].OwnerIdentityName + "/" + env.models[0].Name + ".testoffer1",
Name: "testoffer1",
ModelID: model.ID,
Model: model,
Expand All @@ -353,11 +353,11 @@ func (s *relationSuite) TestListRelations(c *gc.C) {
}

relations := []apiparams.RelationshipTuple{{
Object: "user-" + env.users[0].Username,
Object: "user-" + env.users[0].Name,
Relation: "member",
TargetObject: "group-group-1",
}, {
Object: "user-" + env.users[1].Username,
Object: "user-" + env.users[1].Name,
Relation: "member",
TargetObject: "group-group-2",
}, {
Expand All @@ -371,11 +371,11 @@ func (s *relationSuite) TestListRelations(c *gc.C) {
}, {
Object: "group-group-1#member",
Relation: "administrator",
TargetObject: "model-" + env.controllers[0].Name + ":" + env.models[0].OwnerUsername + "/" + env.models[0].Name,
TargetObject: "model-" + env.controllers[0].Name + ":" + env.models[0].OwnerIdentityName + "/" + env.models[0].Name,
}, {
Object: "user-" + env.users[1].Username,
Object: "user-" + env.users[1].Name,
Relation: "administrator",
TargetObject: "applicationoffer-" + env.controllers[0].Name + ":" + env.applicationOffers[0].Model.OwnerUsername + "/" + env.applicationOffers[0].Model.Name + "." + env.applicationOffers[0].Name,
TargetObject: "applicationoffer-" + env.controllers[0].Name + ":" + env.applicationOffers[0].Model.OwnerIdentityName + "/" + env.applicationOffers[0].Model.Name + "." + env.applicationOffers[0].Name,
}}
for _, relation := range relations {
_, err := cmdtesting.RunCommand(c, cmd.NewAddRelationCommandForTesting(s.ClientStore(), bClient), relation.Object, relation.Relation, relation.TargetObject)
Expand Down Expand Up @@ -448,8 +448,8 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
err = db.GetGroup(ctx, &group)
c.Assert(err, gc.IsNil)

u := dbmodel.User{
Username: petname.Generate(2, "-") + "@external",
u := dbmodel.Identity{
Name: petname.Generate(2, "-") + "@external",
}
c.Assert(db.DB.Create(&u).Error, gc.IsNil)

Expand All @@ -476,10 +476,10 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
c.Assert(err, gc.IsNil)

cred := dbmodel.CloudCredential{
Name: petname.Generate(2, "-"),
CloudName: cloud.Name,
OwnerUsername: u.Username,
AuthType: "empty",
Name: petname.Generate(2, "-"),
CloudName: cloud.Name,
OwnerIdentityName: u.Name,
AuthType: "empty",
}
err = db.SetCloudCredential(ctx, &cred)
c.Assert(err, gc.IsNil)
Expand All @@ -490,7 +490,7 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
String: id.String(),
Valid: true,
},
OwnerUsername: u.Username,
OwnerIdentityName: u.Name,
ControllerID: controller.ID,
CloudRegionID: cloud.Regions[0].ID,
CloudCredentialID: cred.ID,
Expand Down Expand Up @@ -522,8 +522,8 @@ func (s *relationSuite) TestCheckRelationViaSuperuser(c *gc.C) {
c.Assert(err, gc.IsNil)

// Test reader is OK
userToCheck := "user-" + u.Username
modelToCheck := "model-" + controller.Name + ":" + u.Username + "/" + model.Name
userToCheck := "user-" + u.Name
modelToCheck := "model-" + controller.Name + ":" + u.Name + "/" + model.Name
cmdCtx, err := cmdtesting.RunCommand(
c,
cmd.NewCheckRelationCommandForTesting(s.ClientStore(), bClient),
Expand Down
6 changes: 3 additions & 3 deletions discharger.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,8 +106,8 @@ func (md *macaroonDischarger) checkThirdPartyCaveat(ctx context.Context, req *ht
offerTag := jimmnames.NewApplicationOfferTag(offerUUID)

user := openfga.NewUser(
&dbmodel.User{
Username: userTag.Id(),
&dbmodel.Identity{
Name: userTag.Id(),
},
md.ofgaClient,
)
Expand All @@ -124,6 +124,6 @@ func (md *macaroonDischarger) checkThirdPartyCaveat(ctx context.Context, req *ht
checkers.TimeBeforeCaveat(time.Now().Add(defaultDischargeExpiry)),
}, nil
}
zapctx.Debug(ctx, "macaroon dishcharge denied", zap.String("user", user.Username), zap.String("offer", offerUUID))
zapctx.Debug(ctx, "macaroon dishcharge denied", zap.String("user", user.Name), zap.String("offer", offerUUID))
return nil, httpbakery.ErrPermissionDenied
}
4 changes: 2 additions & 2 deletions internal/auth/jujuauth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,8 @@ func (a JujuAuthenticator) Authenticate(ctx context.Context, req *jujuparams.Log
if ut.IsLocal() {
ut = ut.WithDomain("external")
}
u := &dbmodel.User{
Username: ut.Id(),
u := &dbmodel.Identity{
Name: ut.Id(),
DisplayName: ut.Name(),
}
// Note: Previously here we would grant a user superuser permission if they were part of
Expand Down
12 changes: 6 additions & 6 deletions internal/auth/jujuauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,8 @@ func TestAuthenticateLogin(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "alice@external",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "alice@external",
DisplayName: "alice",
})
}
Expand Down Expand Up @@ -102,8 +102,8 @@ func TestAuthenticateLoginWithDomain(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "alice@mydomain",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "alice@mydomain",
DisplayName: "alice",
})
}
Expand Down Expand Up @@ -146,8 +146,8 @@ func TestAuthenticateLoginSuperuser(t *testing.T) {
c.Assert(err, qt.IsNil)
c.Check(u.LastLogin.Valid, qt.Equals, false)
u.LastLogin = sql.NullTime{}
c.Check(u.User, qt.DeepEquals, &dbmodel.User{
Username: "bob@external",
c.Check(u.Identity, qt.DeepEquals, &dbmodel.Identity{
Name: "bob@external",
DisplayName: "bob",
})
}
Expand Down
Loading