move commitcheck report permission under repo

2023-08-28 19:37:32 -07:00 · 2023-08-28 19:37:32 -07:00 · 94dc365d3e
parent 6ca2a6924d
commit 94dc365d3e
5 changed files with 13 additions and 20 deletions
--- a/go.mod
+++ b/go.mod
@ -21,7 +21,7 @@ require (
 	github.com/gotidy/ptr v1.3.0
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
 	github.com/guregu/null v4.0.0+incompatible
-	github.com/harness/go-rbac v0.0.0-20230409233212-ca97fe90aac8
+	github.com/harness/go-rbac v0.0.0-20230829014129-c9b217856ea2
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/jmoiron/sqlx v1.3.3
 	github.com/joho/godotenv v1.3.0
--- a/go.sum
+++ b/go.sum
@ -267,8 +267,8 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf
 github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/guregu/null v4.0.0+incompatible h1:4zw0ckM7ECd6FNNddc3Fu4aty9nTlpkkzH7dPn4/4Gw=
 github.com/guregu/null v4.0.0+incompatible/go.mod h1:ePGpQaN9cw0tj45IR5E5ehMvsFlLlQZAkkOXZurJ3NM=
-github.com/harness/go-rbac v0.0.0-20230409233212-ca97fe90aac8 h1:sQzaA/ithB9mCXTC5VeC4XTWmQ531Tefbgxr1X4y7WU=
-github.com/harness/go-rbac v0.0.0-20230409233212-ca97fe90aac8/go.mod h1:uGgBgSZPgyygG5rWzoYsKIQ8TM4zt5yQq9nreznWvOI=
+github.com/harness/go-rbac v0.0.0-20230829014129-c9b217856ea2 h1:M1Jd2uEKl4YW9g/6vzN1qo06d5dshYYdwxlhOTUSnh4=
+github.com/harness/go-rbac v0.0.0-20230829014129-c9b217856ea2/go.mod h1:uGgBgSZPgyygG5rWzoYsKIQ8TM4zt5yQq9nreznWvOI=
 github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
 github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
--- a/internal/api/controller/check/check_report.go
+++ b/internal/api/controller/check/check_report.go
@ -68,7 +68,7 @@ func (in *ReportInput) Validate() error {
 				in.Payload.Kind)
 		}

-		payloadDataJSON, err := sanitizeJsonPayload(in.Payload.Data, &types.CheckPayloadText{})
+		payloadDataJSON, err := sanitizeJSONPayload(in.Payload.Data, &types.CheckPayloadText{})
 		if err != nil {
 			return err
 		}
@ -79,7 +79,7 @@ func (in *ReportInput) Validate() error {
 	return nil
 }

-func sanitizeJsonPayload(source json.RawMessage, data any) (json.RawMessage, error) {
+func sanitizeJSONPayload(source json.RawMessage, data any) (json.RawMessage, error) {
 	if len(source) == 0 {
 		return json.Marshal(data) // marshal the empty object
 	}
@ -118,7 +118,7 @@ func (c *Controller) Report(
 	in *ReportInput,
 	metadata map[string]string,
 ) (*types.Check, error) {
-	repo, err := c.getRepoCheckAccess(ctx, session, repoRef, enum.PermissionCommitCheckReport)
+	repo, err := c.getRepoCheckAccess(ctx, session, repoRef, enum.PermissionRepoReportCommitCheck)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access access to repo: %w", err)
 	}
--- a/types/enum/membership_role.go
+++ b/types/enum/membership_role.go
@ -31,7 +31,7 @@ var membershipRoleReaderPermissions = slices.Clip(slices.Insert([]Permission{},
 ))

 var membershipRoleExecutorPermissions = slices.Clip(slices.Insert(membershipRoleReaderPermissions, 0,
-	PermissionCommitCheckReport,
+	PermissionRepoReportCommitCheck,
 	PermissionPipelineExecute,
 	PermissionSecretAccess,
 	PermissionConnectorAccess,
@ -46,7 +46,7 @@ var membershipRoleSpaceOwnerPermissions = slices.Clip(slices.Insert(membershipRo
 	PermissionRepoEdit,
 	PermissionRepoDelete,
 	PermissionRepoPush,
-	PermissionCommitCheckReport,
+	PermissionRepoReportCommitCheck,

 	PermissionSpaceEdit,
 	PermissionSpaceCreate,
--- a/types/enum/permission.go
+++ b/types/enum/permission.go
@ -17,7 +17,6 @@ const (
 	ResourceTypeSecret         ResourceType = "SECRET"
 	ResourceTypeConnector      ResourceType = "CONNECTOR"
 	ResourceTypeTemplate       ResourceType = "TEMPLATE"
-	//   ResourceType_Branch ResourceType = "BRANCH"
 )

 // Permission represents the different types of permissions a principal can have.
@ -37,10 +36,11 @@ const (
 	/*
 		----- REPOSITORY -----
 	*/
-	PermissionRepoView   Permission = "repo_view"
-	PermissionRepoEdit   Permission = "repo_edit"
-	PermissionRepoDelete Permission = "repo_delete"
-	PermissionRepoPush   Permission = "repo_push"
+	PermissionRepoView              Permission = "repo_view"
+	PermissionRepoEdit              Permission = "repo_edit"
+	PermissionRepoDelete            Permission = "repo_delete"
+	PermissionRepoPush              Permission = "repo_push"
+	PermissionRepoReportCommitCheck Permission = "repo_reportCommitCheck"
 )

 const (
@ -114,10 +114,3 @@ const (
 	PermissionTemplateDelete Permission = "template_delete"
 	PermissionTemplateAccess Permission = "template_access"
 )
-
-const (
-	/*
-		----- COMMIT CHECK -----
-	*/
-	PermissionCommitCheckReport Permission = "commitCheck_report"
-)