Merge pull request #120 from datadrivers/feat/privilege-enum

feat: use enums for privilege actions
datadrivers · Aug 14, 2023 · 7c58872 · 7c58872
2 parents 2835fa3 + ad65c1b
commit 7c58872
Show file tree

Hide file tree

Showing 12 changed files with 86 additions and 68 deletions.
diff --git a/nexus3/pkg/security/privilege/application.go b/nexus3/pkg/security/privilege/application.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeApplicationService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeApplicationService
 }
 
 func NewSecurityPrivilegeApplicationService(c *client.Client) *SecurityPrivilegeApplicationService {

diff --git a/nexus3/pkg/security/privilege/application_test.go b/nexus3/pkg/security/privilege/application_test.go
@@ -10,7 +10,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func getTestPrivilegeApplication(name string, description string, actions []string, domain string) *schemasecurity.PrivilegeApplication {
+func getTestPrivilegeApplication(name string, description string, actions []schemasecurity.SecurityPrivilegeApplicationActions, domain string) *schemasecurity.PrivilegeApplication {
 	return &schemasecurity.PrivilegeApplication{
 		Name:        name,
 		Description: description,
@@ -25,7 +25,7 @@ func TestApplicationPrivilegeSecurity(t *testing.T) {
 	privilegeService := privilege.NewSecurityPrivilegeService(getTestClient())
 
 	// Create application-privilege object
-	applicationPrivilege := getTestPrivilegeApplication(PrivilegeApplicationName, "demo descrp", []string{"READ"}, "domain")
+	applicationPrivilege := getTestPrivilegeApplication(PrivilegeApplicationName, "demo descrp", []schemasecurity.SecurityPrivilegeApplicationActions{"READ"}, "domain")
 	err := testService.Create(*applicationPrivilege)
 	assert.Nil(t, err)
 
@@ -37,7 +37,7 @@ func TestApplicationPrivilegeSecurity(t *testing.T) {
 	assert.Equal(t, []string{"READ"}, applicationPrivilegeFetched.Actions)
 
 	// Update application-privilege object
-	applicationPrivilege = getTestPrivilegeApplication(PrivilegeApplicationName, "demo descrp updated", []string{"ADD", "READ", "DELETE", "ASSOCIATE"}, "domain")
+	applicationPrivilege = getTestPrivilegeApplication(PrivilegeApplicationName, "demo descrp updated", []schemasecurity.SecurityPrivilegeApplicationActions{"ADD", "READ", "DELETE", "ASSOCIATE"}, "domain")
 	err = testService.Update(PrivilegeApplicationName, *applicationPrivilege)
 	assert.Nil(t, err)
 	applicationPrivilegeFetched, err = privilegeService.Get(PrivilegeApplicationName)

diff --git a/nexus3/pkg/security/privilege/repository_admin.go b/nexus3/pkg/security/privilege/repository_admin.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeRepositoryAdminService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeRepositoryAdminService
 }
 
 func NewSecurityPrivilegeRepositoryAdminService(c *client.Client) *SecurityPrivilegeRepositoryAdminService {

diff --git a/nexus3/pkg/security/privilege/repository_admin_test.go b/nexus3/pkg/security/privilege/repository_admin_test.go
@@ -10,7 +10,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func getTestPrivilegeRepositoryAdmin(name string, description string, actions []string, format string, repository string) *schemasecurity.PrivilegeRepositoryAdmin {
+func getTestPrivilegeRepositoryAdmin(name string, description string, actions []schemasecurity.SecurityPrivilegeRepositoryAdminActions, format string, repository string) *schemasecurity.PrivilegeRepositoryAdmin {
 	return &schemasecurity.PrivilegeRepositoryAdmin{
 		Name:        name,
 		Description: description,
@@ -26,7 +26,7 @@ func TestRepositoryAdminPrivilegeSecurity(t *testing.T) {
 	privilegeService := privilege.NewSecurityPrivilegeService(getTestClient())
 
 	// Create repository-admin-privilege object for already existing Maven repo (was created by Nexus itself)
-	repositoryPrivilege := getTestPrivilegeRepositoryAdmin(PrivilegeRepositoryAdminName, "demo descrp", []string{"BROWSE", "READ"}, "maven2", "maven-snapshots")
+	repositoryPrivilege := getTestPrivilegeRepositoryAdmin(PrivilegeRepositoryAdminName, "demo descrp", []schemasecurity.SecurityPrivilegeRepositoryAdminActions{"BROWSE", "READ"}, "maven2", "maven-snapshots")
 
 	err := testService.Create(*repositoryPrivilege)
 	assert.Nil(t, err)
@@ -41,7 +41,7 @@ func TestRepositoryAdminPrivilegeSecurity(t *testing.T) {
 	assert.Equal(t, "maven-snapshots", repositoryPrivilegeFetched.Repository)
 
 	// Update repository-admin-privilege object
-	repositoryPrivilege = getTestPrivilegeRepositoryAdmin(PrivilegeRepositoryAdminName, "demo descrp", []string{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots")
+	repositoryPrivilege = getTestPrivilegeRepositoryAdmin(PrivilegeRepositoryAdminName, "demo descrp", []schemasecurity.SecurityPrivilegeRepositoryAdminActions{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots")
 	err = testService.Update(PrivilegeRepositoryAdminName, *repositoryPrivilege)
 	assert.Nil(t, err)
 	repositoryPrivilegeFetched, err = privilegeService.Get(PrivilegeRepositoryAdminName)

diff --git a/nexus3/pkg/security/privilege/repository_content_selector.go b/nexus3/pkg/security/privilege/repository_content_selector.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeContentSelectorService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeContentSelectorService
 }
 
 func NewSecurityPrivilegeContentSelectorService(c *client.Client) *SecurityPrivilegeContentSelectorService {

diff --git a/nexus3/pkg/security/privilege/repository_content_selector_test.go b/nexus3/pkg/security/privilege/repository_content_selector_test.go
@@ -11,7 +11,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func getTestPrivilegeRepositoryContentSelector(name string, description string, actions []string, format string, repository string, contentSelector string) *schemasecurity.PrivilegeRepositoryContentSelector {
+func getTestPrivilegeRepositoryContentSelector(name string, description string, actions []schemasecurity.SecurityPrivilegeRepositoryContentSelectorActions, format string, repository string, contentSelector string) *schemasecurity.PrivilegeRepositoryContentSelector {
 	return &schemasecurity.PrivilegeRepositoryContentSelector{
 		Name:            name,
 		Description:     description,
@@ -43,7 +43,7 @@ func TestContentSelectorPrivilegeSecurity(t *testing.T) {
 	assert.Nil(t, err)
 
 	// Create repository-content-selector-privilege object for already existing Maven repo (was created by Nexus itself)
-	contentSelectorPrivilege := getTestPrivilegeRepositoryContentSelector(privilegeRepositoryContentSelectorName, "descr", []string{"ADD"}, "maven2", "maven-snapshots", contentSelectorName)
+	contentSelectorPrivilege := getTestPrivilegeRepositoryContentSelector(privilegeRepositoryContentSelectorName, "descr", []schemasecurity.SecurityPrivilegeRepositoryContentSelectorActions{"ADD"}, "maven2", "maven-snapshots", contentSelectorName)
 	err = testService.Create(*contentSelectorPrivilege)
 	assert.Nil(t, err)
 
@@ -58,7 +58,7 @@ func TestContentSelectorPrivilegeSecurity(t *testing.T) {
 	assert.Equal(t, contentSelectorName, contentSelectorPrivilegeFetched.ContentSelector)
 
 	// Update repository-content-selector-privilege object
-	contentSelectorPrivilege = getTestPrivilegeRepositoryContentSelector(privilegeRepositoryContentSelectorName, "demo descrp", []string{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots", contentSelectorName)
+	contentSelectorPrivilege = getTestPrivilegeRepositoryContentSelector(privilegeRepositoryContentSelectorName, "demo descrp", []schemasecurity.SecurityPrivilegeRepositoryContentSelectorActions{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots", contentSelectorName)
 	err = testService.Update(privilegeRepositoryContentSelectorName, *contentSelectorPrivilege)
 	assert.Nil(t, err)
 	contentSelectorPrivilegeFetched, err = privilegeService.Get(privilegeRepositoryContentSelectorName)

diff --git a/nexus3/pkg/security/privilege/repository_view.go b/nexus3/pkg/security/privilege/repository_view.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeRepositoryViewService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeRepositoryViewService
 }
 
 func NewSecurityPrivilegeRepositoryViewService(c *client.Client) *SecurityPrivilegeRepositoryViewService {

diff --git a/nexus3/pkg/security/privilege/repository_view_test.go b/nexus3/pkg/security/privilege/repository_view_test.go
@@ -10,7 +10,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func getTestPrivilegeRepository(name string, description string, actions []string, format string, repository string) *schemasecurity.PrivilegeRepositoryView {
+func getTestPrivilegeRepository(name string, description string, actions []schemasecurity.SecurityPrivilegeRepositoryViewActions, format string, repository string) *schemasecurity.PrivilegeRepositoryView {
 	return &schemasecurity.PrivilegeRepositoryView{
 		Name:        name,
 		Description: description,
@@ -26,7 +26,7 @@ func TestRepositoryPrivilegeSecurity(t *testing.T) {
 	privilegeService := privilege.NewSecurityPrivilegeService(getTestClient())
 
 	// Create repository-privilege object for already existing Maven repo (was created by Nexus itself)
-	repositoryPrivilege := getTestPrivilegeRepository(privilegeRepositoryName, "demo descrp", []string{"BROWSE", "READ"}, "maven2", "maven-snapshots")
+	repositoryPrivilege := getTestPrivilegeRepository(privilegeRepositoryName, "demo descrp", []schemasecurity.SecurityPrivilegeRepositoryViewActions{"BROWSE", "READ"}, "maven2", "maven-snapshots")
 
 	err := testService.Create(*repositoryPrivilege)
 	assert.Nil(t, err)
@@ -41,7 +41,7 @@ func TestRepositoryPrivilegeSecurity(t *testing.T) {
 	assert.Equal(t, "maven-snapshots", repositoryPrivilegeFetched.Repository)
 
 	// Update repository-privilege object
-	repositoryPrivilege = getTestPrivilegeRepository(privilegeRepositoryName, "demo descrp", []string{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots")
+	repositoryPrivilege = getTestPrivilegeRepository(privilegeRepositoryName, "demo descrp", []schemasecurity.SecurityPrivilegeRepositoryViewActions{"BROWSE", "READ", "EDIT", "ADD", "DELETE"}, "maven2", "maven-snapshots")
 	err = testService.Update(privilegeRepositoryName, *repositoryPrivilege)
 	assert.Nil(t, err)
 	repositoryPrivilegeFetched, err = privilegeService.Get(privilegeRepositoryName)

diff --git a/nexus3/pkg/security/privilege/script.go b/nexus3/pkg/security/privilege/script.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeScriptService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeScriptService
 }
 
 func NewSecurityPrivilegeScriptService(c *client.Client) *SecurityPrivilegeScriptService {

diff --git a/nexus3/pkg/security/privilege/script_test.go b/nexus3/pkg/security/privilege/script_test.go
@@ -6,7 +6,6 @@ import (
 
 	"github.com/datadrivers/go-nexus-client/nexus3"
 	"github.com/datadrivers/go-nexus-client/nexus3/pkg/client"
-	"github.com/datadrivers/go-nexus-client/nexus3/pkg/security"
 	"github.com/datadrivers/go-nexus-client/nexus3/pkg/security/privilege"
 	"github.com/datadrivers/go-nexus-client/nexus3/pkg/tools"
 	"github.com/datadrivers/go-nexus-client/nexus3/schema"
@@ -35,29 +34,13 @@ func getTestPrivilegeScript(name string) *schema.Script {
 	}
 }
 
-func getScriptService() *nexus3.ScriptService {
-	return nexus3.NewScriptService(getTestClient())
-}
-
-func getUserService() *security.SecurityUserService {
-	return security.NewSecurityUserService(getTestClient())
-}
-
 func getTestClient() *client.Client {
 	if testClient != nil {
 		return testClient
 	}
 	return client.NewClient(getDefaultConfig())
 }
 
-// func getPrivilegeScriptService() *schemasecurity.PrivilegeScript {
-// 	return privilege.NewSecurityPrivilegeScriptService(getTestClient())
-// }
-
-// func getPrivilegeService() *schemasecurity.Privilege {
-// 	return privilege.NewSecurityPrivilegeService(getTestClient())
-// }
-
 func getTestService() *privilege.SecurityPrivilegeScriptService {
 	return privilege.NewSecurityPrivilegeScriptService(getTestClient())
 }
@@ -66,7 +49,7 @@ func getSecurityPrivilegeService() *privilege.SecurityPrivilegeService {
 	return privilege.NewSecurityPrivilegeService(getTestClient())
 }
 
-func getTestScriptPrivilege(name string, description string, actions []string, scriptName string) *schemasecurity.PrivilegeScript {
+func getTestScriptPrivilege(name string, description string, actions []schemasecurity.SecurityPrivilegeScriptActions, scriptName string) *schemasecurity.PrivilegeScript {
 	return &schemasecurity.PrivilegeScript{
 		Name:        name,
 		Description: description,
@@ -81,8 +64,8 @@ func TestScriptPrivilegeSecurity(t *testing.T) {
 	testService := getTestService()
 	securityPrivilegeService := getSecurityPrivilegeService()
 	scriptService := nexus3.NewScriptService(getTestClient())
-	scriptPrivilegePre := getTestScriptPrivilege(privilegeScriptName, "pre description", []string{"BROWSE"}, scriptName)
-	scriptPrivilegePost := getTestScriptPrivilege(privilegeScriptName, "post description", []string{"BROWSE", "READ", "EDIT", "ADD", "DELETE", "RUN"}, scriptName)
+	scriptPrivilegePre := getTestScriptPrivilege(privilegeScriptName, "pre description", []schemasecurity.SecurityPrivilegeScriptActions{"BROWSE"}, scriptName)
+	scriptPrivilegePost := getTestScriptPrivilege(privilegeScriptName, "post description", []schemasecurity.SecurityPrivilegeScriptActions{"BROWSE", "READ", "EDIT", "ADD", "DELETE", "RUN"}, scriptName)
 
 	// Create a test script
 	err := scriptService.Create(getTestPrivilegeScript(scriptName))

diff --git a/nexus3/pkg/security/privilege/wildcard.go b/nexus3/pkg/security/privilege/wildcard.go
@@ -15,8 +15,6 @@ const (
 
 type SecurityPrivilegeWildcardService struct {
 	client *client.Client
-
-	// Script *SecurityPrivilegeWildcardService
 }
 
 func NewSecurityPrivilegeWildcardService(c *client.Client) *SecurityPrivilegeWildcardService {

diff --git a/nexus3/schema/security/privilege.go b/nexus3/schema/security/privilege.go
@@ -36,8 +36,55 @@ const (
 	PrivilegeTypeRepositoryView  = "repository-view"
 	PrivilegeTypeScript          = "script"
 	PrivilegeTypeWildcard        = "wildcard"
+
+	// See https://help.sonatype.com/repomanager3/nexus-repository-administration/access-control/privileges#Privileges-PrivilegeActions for reference
+	ActionCreate = "CREATE"
+	ActionAdd    = "ADD"
+	ActionRead   = "READ"
+	ActionUpdate = "UPDATE"
+	ActionDelete = "DELETE"
+	ActionBrowse = "BROWSE"
+	ActionRun    = "RUN"
+	ActionEdit   = "EDIT"
+
+	SecurityPrivilegeApplicationActionBrowse SecurityPrivilegeApplicationActions = ActionBrowse
+	SecurityPrivilegeApplicationActionRead   SecurityPrivilegeApplicationActions = ActionRun
+	SecurityPrivilegeApplicationActionEdit   SecurityPrivilegeApplicationActions = ActionEdit
+	SecurityPrivilegeApplicationActionAdd    SecurityPrivilegeApplicationActions = ActionAdd
+	SecurityPrivilegeApplicationActionDelete SecurityPrivilegeApplicationActions = ActionDelete
+
+	SecurityPrivilegeRepositoryAdminBrowse SecurityPrivilegeRepositoryAdminActions = ActionBrowse
+	SecurityPrivilegeRepositoryAdminRead   SecurityPrivilegeRepositoryAdminActions = ActionRead
+	SecurityPrivilegeRepositoryAdminEdit   SecurityPrivilegeRepositoryAdminActions = ActionEdit
+	SecurityPrivilegeRepositoryAdminAdd    SecurityPrivilegeRepositoryAdminActions = ActionAdd
+	SecurityPrivilegeRepositoryAdminDelete SecurityPrivilegeRepositoryAdminActions = ActionDelete
+
+	SecurityPrivilegeRepositoryContentSelectorBrowse SecurityPrivilegeRepositoryContentSelectorActions = ActionBrowse
+	SecurityPrivilegeRepositoryContentSelectorRead   SecurityPrivilegeRepositoryContentSelectorActions = ActionRead
+	SecurityPrivilegeRepositoryContentSelectorEdit   SecurityPrivilegeRepositoryContentSelectorActions = ActionEdit
+	SecurityPrivilegeRepositoryContentSelectorAdd    SecurityPrivilegeRepositoryContentSelectorActions = ActionAdd
+	SecurityPrivilegeRepositoryContentSelectorDelete SecurityPrivilegeRepositoryContentSelectorActions = ActionDelete
+
+	SecurityPrivilegeRepositoryViewBrowse SecurityPrivilegeRepositoryViewActions = ActionBrowse
+	SecurityPrivilegeRepositoryViewRead   SecurityPrivilegeRepositoryViewActions = ActionRead
+	SecurityPrivilegeRepositoryViewEdit   SecurityPrivilegeRepositoryViewActions = ActionEdit
+	SecurityPrivilegeRepositoryViewAdd    SecurityPrivilegeRepositoryViewActions = ActionAdd
+	SecurityPrivilegeRepositoryViewDelete SecurityPrivilegeRepositoryViewActions = ActionDelete
+
+	SecurityPrivilegeScriptAdd    SecurityPrivilegeScriptActions = ActionAdd
+	SecurityPrivilegeScriptRead   SecurityPrivilegeScriptActions = ActionRead
+	SecurityPrivilegeScriptDelete SecurityPrivilegeScriptActions = ActionDelete
+	SecurityPrivilegeScriptBrowse SecurityPrivilegeScriptActions = ActionBrowse
+	SecurityPrivilegeScriptRun    SecurityPrivilegeScriptActions = ActionRun
+	SecurityPrivilegeScriptEdit   SecurityPrivilegeScriptActions = ActionEdit
 )
 
+type SecurityPrivilegeApplicationActions string
+type SecurityPrivilegeRepositoryAdminActions string
+type SecurityPrivilegeRepositoryContentSelectorActions string
+type SecurityPrivilegeRepositoryViewActions string
+type SecurityPrivilegeScriptActions string
+
 var (
 	// PrivilegeDomains represents a string slice of supported privilege domains
 	PrivilegeDomains []string = []string{
@@ -96,18 +143,18 @@ type Privilege struct {
 }
 
 type PrivilegeScript struct {
-	Name        string   `json:"name"`
-	Description string   `json:"description"`
-	Actions     []string `json:"actions,omitempty"`
-	ScriptName  string   `json:"scriptName,omitempty"`
+	Name        string                           `json:"name"`
+	Description string                           `json:"description"`
+	Actions     []SecurityPrivilegeScriptActions `json:"actions,omitempty"`
+	ScriptName  string                           `json:"scriptName,omitempty"`
 }
 
 type PrivilegeRepositoryView struct {
-	Name        string   `json:"name"`
-	Description string   `json:"description,omitempty"`
-	Actions     []string `json:"actions"`
-	Format      string   `json:"format"`
-	Repository  string   `json:"repository"`
+	Name        string                                   `json:"name"`
+	Description string                                   `json:"description,omitempty"`
+	Actions     []SecurityPrivilegeRepositoryViewActions `json:"actions"`
+	Format      string                                   `json:"format"`
+	Repository  string                                   `json:"repository"`
 }
 
 type PrivilegeWildcard struct {
@@ -117,25 +164,25 @@ type PrivilegeWildcard struct {
 }
 
 type PrivilegeRepositoryAdmin struct {
-	Name        string   `json:"name"`
-	Description string   `json:"description,omitempty"`
-	Actions     []string `json:"actions"`
-	Format      string   `json:"format"`
-	Repository  string   `json:"repository"`
+	Name        string                                    `json:"name"`
+	Description string                                    `json:"description,omitempty"`
+	Actions     []SecurityPrivilegeRepositoryAdminActions `json:"actions"`
+	Format      string                                    `json:"format"`
+	Repository  string                                    `json:"repository"`
 }
 
 type PrivilegeRepositoryContentSelector struct {
-	Name            string   `json:"name"`
-	Description     string   `json:"description,omitempty"`
-	Actions         []string `json:"actions"`
-	Format          string   `json:"format"`
-	Repository      string   `json:"repository"`
-	ContentSelector string   `json:"contentSelector"`
+	Name            string                                              `json:"name"`
+	Description     string                                              `json:"description,omitempty"`
+	Actions         []SecurityPrivilegeRepositoryContentSelectorActions `json:"actions"`
+	Format          string                                              `json:"format"`
+	Repository      string                                              `json:"repository"`
+	ContentSelector string                                              `json:"contentSelector"`
 }
 
 type PrivilegeApplication struct {
-	Name        string   `json:"name"`
-	Description string   `json:"description,omitempty"`
-	Actions     []string `json:"actions"`
-	Domain      string   `json:"domain"`
+	Name        string                                `json:"name"`
+	Description string                                `json:"description,omitempty"`
+	Actions     []SecurityPrivilegeApplicationActions `json:"actions"`
+	Domain      string                                `json:"domain"`
 }