Skip to content

Commit

Permalink
Merge pull request RedHatInsights#1158 from petracihalova/client-id-r…
Browse files Browse the repository at this point in the history 
…ename

[RHCLOUD-32036] the clientID field renaming
  • Loading branch information
@petracihalova
petracihalova authored Aug 5, 2024
2 parents b5b27cc + 79c4b79 commit 1f4604a
Show file tree
Hide file tree
Showing 8 changed files with 68 additions and 68 deletions.
8 changes: 4 additions & 4 deletions docs/source/specs/openapi.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3305,7 +3305,7 @@
},
"ServiceAccount": {
"required": [
"clientID",
"clientId",
"username",
"type"
],
Expand All @@ -3320,7 +3320,7 @@
"service-account"
]
},
"clientID": {
"clientId": {
"type": "string",
"example": "fe593ba0-9c62-013c-1dc2-6aa2427b506a"
},
Expand All @@ -3345,7 +3345,7 @@
"ServiceAccountIn": {
"required": [
"type",
"clientID"
"clientId"
],
"properties": {
"type": {
Expand All @@ -3354,7 +3354,7 @@
"service-account"
]
},
"clientID": {
"clientId": {
"type": "string",
"example": "fe593ba0-9c62-013c-1dc2-6aa2427b506a"
}
Expand Down
8 changes: 4 additions & 4 deletions rbac/internal/specs/openapi.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1495,7 +1495,7 @@
},
"ServiceAccount": {
"required": [
"clientID",
"clientId",
"username",
"type"
],
Expand All @@ -1510,7 +1510,7 @@
"service-account"
]
},
"clientID": {
"clientId": {
"type": "string",
"example": "fe593ba0-9c62-013c-1dc2-6aa2427b506a"
},
Expand All @@ -1535,7 +1535,7 @@
"ServiceAccountIn": {
"required": [
"type",
"clientID"
"clientId"
],
"properties": {
"type": {
Expand All @@ -1544,7 +1544,7 @@
"service-account"
]
},
"clientID": {
"clientId": {
"type": "string",
"example": "fe593ba0-9c62-013c-1dc2-6aa2427b506a"
}
Expand Down
16 changes: 8 additions & 8 deletions rbac/management/group/view.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@
SERVICE_ACCOUNT_CLIENT_IDS_KEY = "service_account_client_ids"
SERVICE_ACCOUNT_DESCRIPTION_KEY = "service_account_description"
SERVICE_ACCOUNT_NAME_KEY = "service_account_name"
SERVICE_ACCOUNT_USERNAME_FORMAT = "service-account-{clientID}"
SERVICE_ACCOUNT_USERNAME_FORMAT = "service-account-{clientId}"
TYPE_SERVICE_ACCOUNT = "service-account"
VALID_EXCLUDE_VALUES = ["true", "false"]
VALID_GROUP_ROLE_FILTERS = ["role_name", "role_description", "role_display_name", "role_system"]
Expand Down Expand Up @@ -442,14 +442,14 @@ def add_service_accounts(
# Organize them by their client ID.
it_service_accounts_by_client_ids: dict[str, dict] = {}
for it_sa in it_service_accounts:
it_service_accounts_by_client_ids[it_sa["clientID"]] = it_sa
it_service_accounts_by_client_ids[it_sa["clientId"]] = it_sa

# Make sure that the service accounts the user specified are visible by them.
it_sa_client_ids = it_service_accounts_by_client_ids.keys()
invalid_service_accounts: set = set()
for specified_sa in service_accounts:
if specified_sa["clientID"] not in it_sa_client_ids:
invalid_service_accounts.add(specified_sa["clientID"])
if specified_sa["clientId"] not in it_sa_client_ids:
invalid_service_accounts.add(specified_sa["clientId"])

# If we have any invalid service accounts, notify the user.
if len(invalid_service_accounts) > 0:
Expand All @@ -461,15 +461,15 @@ def add_service_accounts(
# Fetch the service account from our database to add it to the group. If it doesn't exist, we create
# it.
for specified_sa in service_accounts:
client_id = specified_sa["clientID"]
client_id = specified_sa["clientId"]
try:
principal = Principal.objects.get(
username__iexact=SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientID=client_id),
username__iexact=SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientId=client_id),
tenant=tenant,
)
except Principal.DoesNotExist:
principal = Principal.objects.create(
username=SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientID=client_id),
username=SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientId=client_id),
service_account_id=client_id,
type=TYPE_SERVICE_ACCOUNT,
tenant=tenant,
Expand All @@ -481,7 +481,7 @@ def add_service_accounts(
group_principal_change_notification_handler(
self.request.user,
group,
SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientID=client_id),
SERVICE_ACCOUNT_USERNAME_FORMAT.format(clientId=client_id),
"added",
)

Expand Down
6 changes: 3 additions & 3 deletions rbac/management/principal/it_service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,7 @@ def _is_service_account_valid(self, user: User, client_id: str) -> bool:
service_accounts: list[dict] = self.request_service_accounts(bearer_token=user.bearer_token)

for sa in service_accounts:
if client_id == sa.get("clientID"):
if client_id == sa.get("clientId"):
return True

return False
Expand Down Expand Up @@ -451,7 +451,7 @@ def _transform_incoming_payload(self, service_account_from_it_service: dict) ->
created_at = service_account_from_it_service.get("createdAt")

if client_id:
service_account["clientID"] = client_id
service_account["clientId"] = client_id

if name:
service_account["name"] = name
Expand Down Expand Up @@ -484,7 +484,7 @@ def _merge_principals_it_service_accounts(

for it_service_account in it_service_accounts:
try:
sa_principal = service_account_principals[it_service_account["clientID"]]
sa_principal = service_account_principals[it_service_account["clientId"]]

if username_only and username_only == "true":
service_accounts.append({"username": sa_principal.username}) # type: ignore
Expand Down
10 changes: 5 additions & 5 deletions rbac/management/principal/serializer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,14 @@ class PrincipalInputSerializer(serializers.Serializer):
"""Serializer for the Principal model."""

username = serializers.CharField(required=False, max_length=150)
clientID = serializers.UUIDField(required=False, source="service_account_id")
clientId = serializers.UUIDField(required=False, source="service_account_id")
type = serializers.CharField(required=False)

def validate(self, data: OrderedDict):
"""
Assert that the correct fields are specified.
Assert that when the specified type is 'service-account', the corresponding 'clientID' field
Assert that when the specified type is 'service-account', the corresponding 'clientId' field
has been specified.
"""
# If the "type" has not been specified, we assume it is a user principal.
Expand All @@ -57,7 +57,7 @@ def validate(self, data: OrderedDict):
return data
elif data["type"] == "service-account":
if "service_account_id" not in data:
raise ValidationError(code="missing", message="the clientID field is required for service accounts")
raise ValidationError(code="missing", message="the clientId field is required for service accounts")

return data
else:
Expand All @@ -68,13 +68,13 @@ def validate(self, data: OrderedDict):
class Meta:
"""Metadata for the serializer."""

fields = ("username", "clientID", "type")
fields = ("username", "clientId", "type")


class ServiceAccountSerializer(serializers.Serializer):
"""Serializer for Service Account."""

clientID = serializers.UUIDField()
clientId = serializers.UUIDField()
name = serializers.CharField()
description = serializers.CharField(allow_null=True, required=False)
owner = serializers.CharField()
Expand Down
36 changes: 18 additions & 18 deletions tests/management/group/test_view.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -392,7 +392,7 @@ def test_read_group_list_success(self):
"management.principal.it_service.ITService.request_service_accounts",
return_value=[
{
"clientID": "b7a82f30-bcef-013c-2452-6aa2427b506c",
"clientId": "b7a82f30-bcef-013c-2452-6aa2427b506c",
"name": f"service_account_name",
"description": f"Service Account description",
"owner": "jsmith",
Expand Down Expand Up @@ -2105,7 +2105,7 @@ def test_get_group_service_account_success(self, mock_request):
for uuid in self.sa_client_ids:
mocked_values.append(
{
"clientID": uuid,
"clientId": uuid,
"name": f"service_account_name_{uuid.split('-')[0]}",
"description": f"Service Account description {uuid.split('-')[0]}",
"owner": "jsmith",
Expand All @@ -2129,11 +2129,11 @@ def test_get_group_service_account_success(self, mock_request):
sa = response.data.get("data")[0]
self.assertCountEqual(
list(sa.keys()),
["clientID", "name", "description", "owner", "time_created", "type", "username"],
["clientId", "name", "description", "owner", "time_created", "type", "username"],
)

for mock_sa in mocked_values:
if mock_sa["clientID"] == sa.get("clientID"):
if mock_sa["clientId"] == sa.get("clientId"):
self.assertEqual(sa.get("name"), mock_sa["name"])
self.assertEqual(sa.get("description"), mock_sa["description"])
self.assertEqual(sa.get("owner"), mock_sa["owner"])
Expand All @@ -2147,7 +2147,7 @@ def test_get_group_service_account_empty_response(self, mock_request):
uuid = self.sa_client_ids[0]
mock_request.return_value = [
{
"clientID": uuid,
"clientId": uuid,
"name": f"service_account_name_{uuid.split('-')[0]}",
"description": f"Service Account description {uuid.split('-')[0]}",
"owner": "jsmith",
Expand All @@ -2174,7 +2174,7 @@ def test_get_group_service_account_valid_limit_offset(self, mock_request):
for uuid in self.sa_client_ids:
mocked_values.append(
{
"clientID": uuid,
"clientId": uuid,
"name": f"service_account_name_{uuid.split('-')[0]}",
"description": f"Service Account description {uuid.split('-')[0]}",
"owner": "jsmith",
Expand Down Expand Up @@ -2220,7 +2220,7 @@ def test_get_group_service_account_invalid_limit_offset(self, mock_request):
for uuid in self.sa_client_ids:
mocked_values.append(
{
"clientID": uuid,
"clientId": uuid,
"name": f"service_account_name_{uuid.split('-')[0]}",
"description": f"Service Account description {uuid.split('-')[0]}",
"owner": "jsmith",
Expand Down Expand Up @@ -2577,7 +2577,7 @@ def test_get_group_service_account_filter_by_username_success(self, mock_request
for uuid in [uuid1, uuid2]:
mocked_values.append(
{
"clientID": uuid,
"clientId": uuid,
"name": f"service_account_name_{uuid.split('-')[0]}",
"description": f"Service Account description {uuid.split('-')[0]}",
"owner": "jsmith",
Expand Down Expand Up @@ -2615,7 +2615,7 @@ def test_get_group_service_account_filter_by_username_success(self, mock_request
self.assertEqual(len(response.data.get("data")), 1)

sa = response.data.get("data")[0]
self.assertEqual(sa.get("clientID"), uuid2)
self.assertEqual(sa.get("clientId"), uuid2)
self.assertEqual(sa.get("username"), "service-account-" + uuid2)

# Test that 0 SA is returned for SA with "r" in username
Expand Down Expand Up @@ -2890,7 +2890,7 @@ def test_group_service_account_with_user_administrator_role_add_principals(
# Create the test data to add a service account and a regular user to the group.
test_data = {
"principals": [
{"clientID": new_sa_principal.service_account_id, "type": "service-account"},
{"clientId": new_sa_principal.service_account_id, "type": "service-account"},
{"username": new_principal.username},
]
}
Expand Down Expand Up @@ -3184,7 +3184,7 @@ def test_group_user_with_user_administrator_role_add_principals(self, request_fi
# Create the test data to add a service account and a regular user to the group.
test_data = {
"principals": [
{"clientID": new_sa_principal.service_account_id, "type": "service-account"},
{"clientId": new_sa_principal.service_account_id, "type": "service-account"},
{"username": new_principal.username},
]
}
Expand Down Expand Up @@ -3718,7 +3718,7 @@ def test_list_service_account_principals_in_group_with_User_Access_Admin_success
sa_uuid = sa_principal.service_account_id
mocked_values = [
{
"clientID": sa_uuid,
"clientId": sa_uuid,
"name": f"Service Account name",
"description": f"Service Account description",
"owner": "jsmith",
Expand Down Expand Up @@ -3798,7 +3798,7 @@ def test_add_service_account_principal_in_group_without_User_Access_Admin_fail(s
sa_uuid = sa_principal.service_account_id
mocked_values = [
{
"clientID": sa_uuid,
"clientId": sa_uuid,
"name": f"Service Account name",
"description": f"Service Account description",
"owner": "jsmith",
Expand All @@ -3812,7 +3812,7 @@ def test_add_service_account_principal_in_group_without_User_Access_Admin_fail(s
url = reverse("group-principals", kwargs={"uuid": test_group.uuid})
client = APIClient()

request_body = {"principals": [{"clientID": sa_uuid, "type": "service-account"}]}
request_body = {"principals": [{"clientId": sa_uuid, "type": "service-account"}]}

response = client.post(url, request_body, format="json", **self.headers_user_based_principal)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
Expand Down Expand Up @@ -3888,7 +3888,7 @@ def test_add_service_account_principal_in_group_with_User_Access_Admin_success(s
sa_uuid = sa_principal.service_account_id
mocked_values = [
{
"clientID": sa_uuid,
"clientId": sa_uuid,
"name": f"Service Account name",
"description": f"Service Account description",
"owner": "jsmith",
Expand All @@ -3902,7 +3902,7 @@ def test_add_service_account_principal_in_group_with_User_Access_Admin_success(s
url = reverse("group-principals", kwargs={"uuid": test_group.uuid})
client = APIClient()

request_body = {"principals": [{"clientID": sa_uuid, "type": "service-account"}]}
request_body = {"principals": [{"clientId": sa_uuid, "type": "service-account"}]}

response = client.post(url, request_body, format="json", **self.headers_user_based_principal)
self.assertEqual(response.status_code, status.HTTP_200_OK)
Expand Down Expand Up @@ -3995,7 +3995,7 @@ def test_add_service_account_principal_in_group_with_User_Access_Admin_fail(self
sa_uuid = sa_principal.service_account_id
mocked_values = [
{
"clientID": sa_uuid,
"clientId": sa_uuid,
"name": f"Service Account name",
"description": f"Service Account description",
"owner": "jsmith",
Expand All @@ -4009,7 +4009,7 @@ def test_add_service_account_principal_in_group_with_User_Access_Admin_fail(self
url = reverse("group-principals", kwargs={"uuid": test_group.uuid})
client = APIClient()

request_body = {"principals": [{"clientID": sa_uuid, "type": "service-account"}]}
request_body = {"principals": [{"clientId": sa_uuid, "type": "service-account"}]}

response = client.post(url, request_body, format="json", **self.headers_user_based_principal)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
Expand Down
Loading

0 comments on commit 1f4604a

Please sign in to comment.