diff --git a/authorization/authorization_integration_test.go b/authorization/authorization_integration_test.go index 62e2af15..004a507b 100644 --- a/authorization/authorization_integration_test.go +++ b/authorization/authorization_integration_test.go @@ -891,6 +891,367 @@ var _ = Describe("Authorized", func() { }), }))) }) + + It("IsAuthorizedDTWithExternalProperty", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + digitalTwin := &authorizationpb.DigitalTwin{ + Id: integration.Node3, + } + + resources := integration.Resource10 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorized( + context.Background(), + digitalTwin, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(true), + })), + }), + })), + }), + })), + }), + }))) + }) + + It("IsAuthorizedDTWithoutExternalProperty", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + digitalTwin := &authorizationpb.DigitalTwin{ + Id: integration.Node3, + } + + resources := integration.Resource12 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorized( + context.Background(), + digitalTwin, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(false), + })), + }), + })), + }), + })), + }), + }))) + }) + + It("IsAuthorizedDTWithWrongExternalProperty", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + digitalTwin := &authorizationpb.DigitalTwin{ + Id: integration.Node3, + } + + resources := integration.Resource13 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorized( + context.Background(), + digitalTwin, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(MatchError(ContainSubstring( + "server was unable to complete the request"))) + Expect(resp).To(BeNil()) + }) + + It("IsAuthorizedDTWithExternalPropertyAgainstPolicy", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + digitalTwin := &authorizationpb.DigitalTwin{ + Id: integration.Node3, + } + + resources := integration.Resource11 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorized( + context.Background(), + digitalTwin, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(false), + })), + }), + })), + }), + })), + }), + }))) + }) + + It("IsAuthorizedExternalIdWithExternalProperty", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + externalID := &authorizationpb.ExternalID{ + Type: "Person", + ExternalId: integration.Subject2, + } + + resources := integration.Resource14 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorizedByExternalID( + context.Background(), + externalID, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(true), + })), + }), + })), + }), + })), + }), + }))) + }) + + It("IsAuthorizedExternalIdWithExternalPropertyAgainstPolicy", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + externalID := &authorizationpb.ExternalID{ + Type: "Person", + ExternalId: integration.Subject2, + } + + resources := integration.Resource11 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorizedByExternalID( + context.Background(), + externalID, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(false), + })), + }), + })), + }), + })), + }), + }))) + }) + + It("IsAuthorizedPropertyWithExternalProperty", func() { + var err error + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + digitalTwinProperty := &authorizationpb.Property{ + Type: "email", + Value: objectpb.String(integration.EmailGood), + } + + resources := integration.Resource14 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + resp, err := authorizationClient.IsAuthorizedByProperty( + context.Background(), + digitalTwinProperty, + resources, + inputParams, + policyTags, + retry.WithMax(5), + ) + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + + decision := resources[0].Type + resource := resources[0].ExternalId + action := resources[0].Actions[0] + + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action: PointTo(MatchFields(IgnoreExtras, Fields{ + "Allow": Equal(true), + })), + }), + })), + }), + })), + }), + }))) + }) }) Describe("WhatAuthorized", func() { @@ -1558,5 +1919,66 @@ var _ = Describe("Authorized", func() { }), }))) }) + + It("WhoAuthorizedWithExternalProperty", func() { + var err error + + authorizationClient, err := integration.InitConfigAuthorization() + Expect(err).To(Succeed()) + + resources := integration.ResourceWho4 + // To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier. + inputParams := map[string]*authorizationpb.InputParam{ + "auditLog": { + Value: &authorizationpb.InputParam_StringValue{ + StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier), + }, + }, + } + var policyTags []string + + req := &authorizationpb.WhoAuthorizedRequest{ + Resources: resources, + InputParams: inputParams, + PolicyTags: policyTags, + } + + resp, err := authorizationClient.WhoAuthorized( + context.Background(), + req, + retry.WithMax(5), + ) + + decision := resources[0].Type + resource := resources[0].ExternalId + action0 := resources[0].Actions[0] + action1 := resources[0].Actions[1] + + Expect(err).To(Succeed()) + Expect(resp).NotTo(BeNil()) + Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{ + "DecisionTime": Not(BeNil()), + "Decisions": MatchAllKeys(Keys{ + decision: PointTo(MatchFields(IgnoreExtras, Fields{ + "Resources": MatchAllKeys(Keys{ + resource: PointTo(MatchFields(IgnoreExtras, Fields{ + "Actions": MatchAllKeys(Keys{ + action0: PointTo(MatchFields(IgnoreExtras, Fields{ + "Subjects": MatchAllElementsWithIndex(IndexIdentity, Elements{ + "0": PointTo(MatchFields(IgnoreExtras, Fields{ + "ExternalId": Equal(integration.Subject1), + })), + }), + })), + action1: PointTo(MatchFields(IgnoreExtras, Fields{ + "Subjects": BeEmpty(), + })), + }), + })), + }), + })), + }), + }))) + }) }) }) diff --git a/examples/authorization/cmd/is_authorized.go b/examples/authorization/cmd/is_authorized.go index ab8740fb..c1179ef8 100644 --- a/examples/authorization/cmd/is_authorized.go +++ b/examples/authorization/cmd/is_authorized.go @@ -81,9 +81,9 @@ var withDigitalTwinCmd = &cobra.Command{ resources := []*authorizationpb.IsAuthorizedRequest_Resource{ { - ExternalId: "resourceID", - Type: "Type", - Actions: []string{"ACTION"}, + ExternalId: "Truck1", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, }, } inputParams := map[string]*authorizationpb.InputParam{} @@ -117,9 +117,9 @@ var withPropertyCmd = &cobra.Command{ resources := []*authorizationpb.IsAuthorizedRequest_Resource{ { - ExternalId: "resourceID", - Type: "Type", - Actions: []string{"ACTION"}, + ExternalId: "Truck2", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, }, } inputParams := map[string]*authorizationpb.InputParam{} @@ -163,9 +163,9 @@ var withExternalIDCmd = &cobra.Command{ resources := []*authorizationpb.IsAuthorizedRequest_Resource{ { - ExternalId: "resourceID", - Type: "Type", - Actions: []string{"ACTION"}, + ExternalId: "Truck4", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, }, } inputParams := map[string]*authorizationpb.InputParam{} diff --git a/examples/authorization/cmd/what_authorized.go b/examples/authorization/cmd/what_authorized.go index d297c535..84d3e147 100644 --- a/examples/authorization/cmd/what_authorized.go +++ b/examples/authorization/cmd/what_authorized.go @@ -77,8 +77,7 @@ var whatWithDigitalTwinCmd = &cobra.Command{ } resourceTypes := []*authorizationpb.WhatAuthorizedRequest_ResourceType{ - {Type: "TypeA"}, - {Type: "TypeB", Actions: []string{"ACTION"}}, + {Type: "Truck", Actions: []string{"SUBSCRIBES_TO"}}, } inputParams := map[string]*authorizationpb.InputParam{} var policyTags []string @@ -153,8 +152,7 @@ var whatWithExternalIDCmd = &cobra.Command{ fmt.Scanln(&(externalID.ExternalId)) resourceTypes := []*authorizationpb.WhatAuthorizedRequest_ResourceType{ - {Type: "TypeA", Actions: []string{"ACTION1", "ACTION2"}}, - {Type: "TypeB", Actions: []string{"ACTION"}}, + {Type: "Truck", Actions: []string{"SUBSCRIBES_TO"}}, } inputParams := map[string]*authorizationpb.InputParam{} diff --git a/examples/authorization/cmd/who_authorized.go b/examples/authorization/cmd/who_authorized.go index 30272780..e72c256c 100644 --- a/examples/authorization/cmd/who_authorized.go +++ b/examples/authorization/cmd/who_authorized.go @@ -32,9 +32,9 @@ var whoAuthorizedCmd = &cobra.Command{ Run: func(cmd *cobra.Command, args []string) { resources := []*authorizationpb.WhoAuthorizedRequest_Resource{ { - ExternalId: "resourceID", - Type: "Type", - Actions: []string{"ACTION"}, + ExternalId: "Truck1", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO", "OWNS"}, }, } inputParams := map[string]*authorizationpb.InputParam{} diff --git a/examples/config/cmd/authorization.go b/examples/config/cmd/authorization.go new file mode 100644 index 00000000..283c588b --- /dev/null +++ b/examples/config/cmd/authorization.go @@ -0,0 +1,110 @@ +// Copyright (c) 2024 IndyKite +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package cmd + +import ( + "context" + "fmt" + "log" + + "github.com/spf13/cobra" + + "github.com/indykite/indykite-sdk-go/config" + configpb "github.com/indykite/indykite-sdk-go/gen/indykite/config/v1beta1" +) + +var authorizationPolicyConfigCmd = &cobra.Command{ + Use: "authorizationPolicy", + Short: "AuthorizationPolicy config", +} + +var createAuthorizationPolicyConfigCmd = &cobra.Command{ + Use: "create", + Short: "Create AuthorizationPolicy config", + Run: func(cmd *cobra.Command, args []string) { + jsonInput := `{"meta":{"policyVersion":"1.0-indykite"},"subject":{"type":"Person"},"actions":["SUBSCRIBES_TO"],"resource":{"type":"Truck"},"condition":{"cypher":"MATCH (subject:Person)-[:BELONGS_TO]->(:Organization)-[:OWNS]->(resource:Truck)-[HAS]->(p:Property:External {type: 'echo', value: '2024'}) "}}` + configuration := &configpb.AuthorizationPolicyConfig{ + Policy: jsonInput, + Status: configpb.AuthorizationPolicyConfig_STATUS_ACTIVE, + Tags: []string{}, + } + createReq, _ := config.NewCreate("like-real-config-node-name") + createReq.ForLocation("gid:AAAAAguDnAAAAAAAAAAAAAAA") + createReq.WithDisplayName("Like real ConfigNode Name") + createReq.WithAuthorizationPolicyConfig(configuration) + + resp, err := client.CreateConfigNode(context.Background(), createReq) + if err != nil { + log.Fatalf("failed to invoke operation on IndyKite Client %v", err) + } + fmt.Println(jsonp.Format(resp)) + + readReq, _ := config.NewRead(resp.Id) + readResp, err := client.ReadConfigNode(context.Background(), readReq) + if err != nil { + log.Fatalf("failed to invoke operation on IndyKite Client %v", err) + } + fmt.Println(jsonp.Format(readResp)) + }, +} + +var updateAuthorizationPolicyConfigCmd = &cobra.Command{ + Use: "update", + Short: "Update AuthorizationPolicy config", + Run: func(cmd *cobra.Command, args []string) { + jsonInput := `{"meta":{"policyVersion":"1.0-indykite"},"subject":{"type":"Person"},"actions":["SUBSCRIBES_TO"],"resource":{"type":"Asset"},"condition":{"cypher":"MATCH (subject:Person)-[:BELONGS_TO]->(:Organization)-[:OWNS]->(resource:Truck)-[HAS]->(Truck:Property:External {type: echo, value: '2024'}) "}}` + configuration := &configpb.AuthorizationPolicyConfig{ + Policy: jsonInput, + Status: configpb.AuthorizationPolicyConfig_STATUS_ACTIVE, + Tags: []string{"TagA", "TagB"}, + } + updateReq, _ := config.NewUpdate("gid:AAAAFo7ukfFQHkBjtiQQZiE2zb8") + updateReq.WithAuthorizationPolicyConfig(configuration) + updateReq.WithDescription("Desc1") + + resp, err := client.UpdateConfigNode(context.Background(), updateReq) + if err != nil { + log.Fatalf("failed to invoke operation on IndyKite Client %v", err) + } + fmt.Println(jsonp.Format(resp)) + + readReq, _ := config.NewRead(resp.Id) + readResp, err := client.ReadConfigNode(context.Background(), readReq) + if err != nil { + log.Fatalf("failed to invoke operation on IndyKite Client %v", err) + } + fmt.Println(jsonp.Format(readResp)) + }, +} + +var deleteAuthorizationPolicyConfigCmd = &cobra.Command{ + Use: "delete", + Short: "Delete AuthorizationPolicy configuration", + Run: func(cmd *cobra.Command, args []string) { + deleteReq, _ := config.NewDelete("gid:AAAAFvTeAqwrRUinglaK7B891aI") + resp, err := client.DeleteConfigNode(context.Background(), deleteReq) + if err != nil { + log.Fatalf("failed to invoke operation on IndyKite Client %v", err) + } + fmt.Println(jsonp.Format(resp)) + }, +} + +func init() { + rootCmd.AddCommand(authorizationPolicyConfigCmd) + authorizationPolicyConfigCmd.AddCommand(createAuthorizationPolicyConfigCmd) + authorizationPolicyConfigCmd.AddCommand(updateAuthorizationPolicyConfigCmd) + authorizationPolicyConfigCmd.AddCommand(deleteAuthorizationPolicyConfigCmd) +} diff --git a/examples/config/cmd/external_data_resolver_config.go b/examples/config/cmd/external_data_resolver_config.go index 01c6591a..2f7da936 100644 --- a/examples/config/cmd/external_data_resolver_config.go +++ b/examples/config/cmd/external_data_resolver_config.go @@ -35,19 +35,16 @@ var createExternalDataResolverConfigCmd = &cobra.Command{ Short: "Create ExternalDataResolver config", Run: func(cmd *cobra.Command, args []string) { configuration := &configpb.ExternalDataResolverConfig{ - Url: "https://example.com/source2", - Method: "GET", - Headers: map[string]*configpb.ExternalDataResolverConfig_Header{ - "Authorization": {Values: []string{"Bearer edolkUTY"}}, - "Content-Type": {Values: []string{"application/json"}}, - }, + Url: "http://super-octo-waffle.indykite.com/magic?data=2024", + Method: "GET", + Headers: map[string]*configpb.ExternalDataResolverConfig_Header{}, RequestType: configpb.ExternalDataResolverConfig_CONTENT_TYPE_JSON, - RequestPayload: []byte(`{"key": "value"}`), + RequestPayload: []byte(``), ResponseType: configpb.ExternalDataResolverConfig_CONTENT_TYPE_JSON, - ResponseSelector: ".", + ResponseSelector: ".echo", } createReq, _ := config.NewCreate("like-real-config-node-name2") - createReq.ForLocation("gid:AAAAABBBBB_uiuiu144KNUI1245") + createReq.ForLocation("gid:AAAAAguAAAAAAAAAAAAAAAAAAAA") createReq.WithDisplayName("Like real ConfigNode Name2") createReq.WithExternalDataResolverConfig(configuration) @@ -71,18 +68,16 @@ var updateExternalDataResolverConfigCmd = &cobra.Command{ Short: "Update ExternalDataResolver config", Run: func(cmd *cobra.Command, args []string) { configuration := &configpb.ExternalDataResolverConfig{ - Url: "https://example.com/source", - Method: "GET", - Headers: map[string]*configpb.ExternalDataResolverConfig_Header{ - "Authorization": {Values: []string{"Bearer edyUTY"}}, - "Content-Type": {Values: []string{"application/json"}}, - }, + Url: "http://super-octo-waffle.indykite.com/magic?data=2024", + Method: "GET", + Headers: map[string]*configpb.ExternalDataResolverConfig_Header{}, RequestType: configpb.ExternalDataResolverConfig_CONTENT_TYPE_JSON, - RequestPayload: []byte(`{"key": "value"}`), + RequestPayload: []byte(``), ResponseType: configpb.ExternalDataResolverConfig_CONTENT_TYPE_JSON, - ResponseSelector: ".", + ResponseSelector: ".echo", } - updateReq, _ := config.NewUpdate("gid:id-of-existing-config") + updateReq, _ := config.NewUpdate("gid:AAAAIZISzhPyS0i-hT-OnuiGkKE") + updateReq.WithDescription("Desc2") updateReq.WithExternalDataResolverConfig(configuration) resp, err := client.UpdateConfigNode(context.Background(), updateReq) @@ -104,7 +99,7 @@ var deleteExternalDataResolverConfigCmd = &cobra.Command{ Use: "delete", Short: "Delete ExternalDataResolver configuration", Run: func(cmd *cobra.Command, args []string) { - deleteReq, _ := config.NewDelete("gid:id-of-existing-config") + deleteReq, _ := config.NewDelete("gid:AAAAIWWRI5nLaEkjhFBa4v8Gi-4") resp, err := client.DeleteConfigNode(context.Background(), deleteReq) if err != nil { log.Fatalf("failed to invoke operation on IndyKite Client %v", err) diff --git a/examples/ingest/cmd/batch_delete_nodes.go b/examples/ingest/cmd/batch_delete_nodes.go index 2718b47d..cb565112 100644 --- a/examples/ingest/cmd/batch_delete_nodes.go +++ b/examples/ingest/cmd/batch_delete_nodes.go @@ -33,17 +33,12 @@ var batchDeleteNodesCmd = &cobra.Command{ Run: func(cmd *cobra.Command, args []string) { nodeMatch1 := &ingestpb.NodeMatch{ - ExternalId: "0000", - Type: "Employee", - } - - nodeMatch2 := &ingestpb.NodeMatch{ - ExternalId: "0001", - Type: "Truck", + ExternalId: "tyUjk78Hnm", + Type: "Asset", } nodes := []*ingestpb.NodeMatch{ - nodeMatch1, nodeMatch2, + nodeMatch1, } resp, err := client.BatchDeleteNodes(context.Background(), nodes) if err != nil { diff --git a/examples/ingest/cmd/batch_upsert_nodes.go b/examples/ingest/cmd/batch_upsert_nodes.go index 015f13f3..19df18d4 100644 --- a/examples/ingest/cmd/batch_upsert_nodes.go +++ b/examples/ingest/cmd/batch_upsert_nodes.go @@ -20,7 +20,6 @@ import ( "log" "github.com/spf13/cobra" - "google.golang.org/protobuf/types/known/timestamppb" knowledgeobjects "github.com/indykite/indykite-sdk-go/gen/indykite/knowledge/objects/v1beta1" objects "github.com/indykite/indykite-sdk-go/gen/indykite/objects/v1beta2" @@ -35,58 +34,31 @@ var batchUpsertNodesCmd = &cobra.Command{ Run: func(cmd *cobra.Command, args []string) { node1 := &knowledgeobjects.Node{ - ExternalId: "741258", - Type: "Person", - IsIdentity: true, + ExternalId: "Truck5", + Type: "Truck", + IsIdentity: false, Properties: []*knowledgeobjects.Property{ { - Type: "email", + Type: "color", Value: &objects.Value{ Type: &objects.Value_StringValue{ - StringValue: "elias@yahoo.com", - }, - }, - Metadata: &knowledgeobjects.Metadata{ - AssuranceLevel: 1, - VerificationTime: timestamppb.Now(), - Source: "Myself", - CustomMetadata: map[string]*objects.Value{ - "customdata": { - Type: &objects.Value_StringValue{StringValue: "SomeCustomData"}, - }, + StringValue: "green", }, }, }, { - Type: "last_name", + Type: "vin", Value: &objects.Value{ Type: &objects.Value_StringValue{ - StringValue: "mushu", + StringValue: "loOknjmkiY", }, }, }, { - Type: "first_name", - Value: &objects.Value{ - Type: &objects.Value_StringValue{ - StringValue: "colias", - }, - }, - }, - }, - Tags: []string{"Sitea", "Siteb"}, - } - - node2 := &knowledgeobjects.Node{ - ExternalId: "789456", - Type: "Car", - IsIdentity: false, - Properties: []*knowledgeobjects.Property{ - { - Type: "plateNumber", - Value: &objects.Value{ - Type: &objects.Value_StringValue{ - StringValue: "NO8521", + Type: "echo", + ExternalValue: &knowledgeobjects.ExternalValue{ + Resolver: &knowledgeobjects.ExternalValue_Id{ + Id: "gid:AAAAIWWRI5nLaEkjhFBa4v8Gi-4", }, }, }, @@ -95,7 +67,7 @@ var batchUpsertNodesCmd = &cobra.Command{ } nodes := []*knowledgeobjects.Node{ - node1, node2, + node1, } resp, err := client.BatchUpsertNodes(context.Background(), nodes) if err != nil { diff --git a/examples/ingest/cmd/batch_upsert_relationships.go b/examples/ingest/cmd/batch_upsert_relationships.go index 291d44d6..d3bf6d34 100644 --- a/examples/ingest/cmd/batch_upsert_relationships.go +++ b/examples/ingest/cmd/batch_upsert_relationships.go @@ -20,11 +20,8 @@ import ( "log" "github.com/spf13/cobra" - "google.golang.org/protobuf/types/known/timestamppb" ingestpb "github.com/indykite/indykite-sdk-go/gen/indykite/ingest/v1beta3" - knowledgeobjects "github.com/indykite/indykite-sdk-go/gen/indykite/knowledge/objects/v1beta1" - objects "github.com/indykite/indykite-sdk-go/gen/indykite/objects/v1beta2" ) // batch upsert relationships represents the command for ingesting up to 250 relationships @@ -37,60 +34,18 @@ var batchUpsertRelationshipsCmd = &cobra.Command{ relationship1 := &ingestpb.Relationship{ Source: &ingestpb.NodeMatch{ - ExternalId: "741258", - Type: "Person", + ExternalId: "hWMnbVvabONvwYG", + Type: "Organization", }, Target: &ingestpb.NodeMatch{ - ExternalId: "963258", - Type: "Car", - }, - Type: "OWNS", - Properties: []*knowledgeobjects.Property{ - { - Type: "linked", - Value: &objects.Value{ - Type: &objects.Value_StringValue{ - StringValue: "12345", - }, - }, - Metadata: &knowledgeobjects.Metadata{ - AssuranceLevel: 1, - VerificationTime: timestamppb.Now(), - Source: "Myself", - CustomMetadata: map[string]*objects.Value{ - "customdata": { - Type: &objects.Value_StringValue{StringValue: "SomeCustomData"}, - }, - }, - }, - }, - }, - } - - relationship2 := &ingestpb.Relationship{ - Source: &ingestpb.NodeMatch{ - ExternalId: "0002", - Type: "Employee", - }, - Target: &ingestpb.NodeMatch{ - ExternalId: "0003", + ExternalId: "Truck5", Type: "Truck", }, - Type: "SERVICES", - Properties: []*knowledgeobjects.Property{ - { - Type: "linked", - Value: &objects.Value{ - Type: &objects.Value_StringValue{ - StringValue: "678910", - }, - }, - }, - }, + Type: "OWNS", } relationships := []*ingestpb.Relationship{ - relationship1, relationship2, + relationship1, } resp, err := client.BatchUpsertRelationships(context.Background(), relationships) if err != nil { diff --git a/test/constants.go b/test/constants.go index a4f89b43..87d1e765 100644 --- a/test/constants.go +++ b/test/constants.go @@ -129,6 +129,46 @@ var ( }, } + Resource10 = []*authorizationpb.IsAuthorizedRequest_Resource{ + { + ExternalId: "Truck1", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, + }, + } + + Resource11 = []*authorizationpb.IsAuthorizedRequest_Resource{ + { + ExternalId: "Truck3", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, + }, + } + + Resource12 = []*authorizationpb.IsAuthorizedRequest_Resource{ + { + ExternalId: "Truck4", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, + }, + } + + Resource13 = []*authorizationpb.IsAuthorizedRequest_Resource{ + { + ExternalId: "Truck5", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, + }, + } + + Resource14 = []*authorizationpb.IsAuthorizedRequest_Resource{ + { + ExternalId: "Truck2", + Type: "Truck", + Actions: []string{"SUBSCRIBES_TO"}, + }, + } + ResourceType1 = []*authorizationpb.WhatAuthorizedRequest_ResourceType{ {Type: "Asset", Actions: []string{"SUBSCRIBES_TO"}}, } @@ -153,11 +193,15 @@ var ( {ExternalId: "pFlpMtkWqCPXVue", Type: "Asset", Actions: []string{"DEMANDS", "REPELS"}}, } + ResourceWho4 = []*authorizationpb.WhoAuthorizedRequest_Resource{ + {ExternalId: "Truck1", Type: "Truck", Actions: []string{"SUBSCRIBES_TO", "OWNS"}}, + } + NodeBad = "id" NodeNotInDB = "gid:AAAAGaiIPzg6L0DKkbIh22crsFg" Node1 = "gid:AAAAHJsPjaxKk0WchnF4wH3Hg10" Node2 = "gid:AAAAHO-ocNjhAU1dlkF_1QG22Uo" - Node3 = "gid:AAAAHNdVLTx1-ExZnjv7nVyRiQc" + Node3 = "gid:AAAAHCV9T0p2sU63pJmKD0HZzM8" Node4 = "gid:AAAAHH50iSkNRkZni9C12Ed-7fk" Node5 = "gid:AAAAHIJg29h5dErYihm_ZRLDB_Y" @@ -176,6 +220,11 @@ var ( Car1Ext = "9658744" Car2 = "gid:AAAAHM1Lc0CS5EJxpM5QuRUAnrc" Car2Ext = "963258" + Truck1 = "Truck1" + Truck2 = "Truck2" + Truck3 = "Truck3" + Truck4 = "Truck4" + Truck5 = "Truck5" Subject1 = "dilZWYdFcmXiojC" Subject2 = "fVcaUxJqmOkyOTX"