diff --git a/internal/permissions/assignments.go b/internal/permissions/assignments.go index 9958e92..2c8eadf 100644 --- a/internal/permissions/assignments.go +++ b/internal/permissions/assignments.go @@ -27,7 +27,7 @@ type roleAssignmentData struct { // AssignRole assigns the provided member ID to the given role ID. func (c *client) AssignRole(ctx context.Context, roleID gidx.PrefixedID, memberID gidx.PrefixedID) error { - path := fmt.Sprintf("/api/v1/roles/%s/assignments", roleID.String()) + path := fmt.Sprintf(permsPathRoleAssignmentsFormat, roleID.String()) body, err := encodeJSON(RoleAssign{ SubjectID: memberID.String(), @@ -51,7 +51,7 @@ func (c *client) AssignRole(ctx context.Context, roleID gidx.PrefixedID, memberI // UnassignRole removes the provided member ID from the given role ID. func (c *client) UnassignRole(ctx context.Context, roleID gidx.PrefixedID, memberID gidx.PrefixedID) error { - path := fmt.Sprintf("/api/v1/roles/%s/assignments", roleID.String()) + path := fmt.Sprintf(permsPathRoleAssignmentsFormat, roleID.String()) body, err := encodeJSON(RoleAssign{ SubjectID: memberID.String(), @@ -75,7 +75,7 @@ func (c *client) UnassignRole(ctx context.Context, roleID gidx.PrefixedID, membe // ListRoleAssignments lists all assignments for the given role. func (c *client) ListRoleAssignments(ctx context.Context, roleID gidx.PrefixedID) ([]gidx.PrefixedID, error) { - path := fmt.Sprintf("/api/v1/roles/%s/assignments", roleID.String()) + path := fmt.Sprintf(permsPathRoleAssignmentsFormat, roleID.String()) var response roleAssignmentData diff --git a/internal/permissions/client.go b/internal/permissions/client.go index e449d1b..8aa75bb 100644 --- a/internal/permissions/client.go +++ b/internal/permissions/client.go @@ -17,9 +17,17 @@ import ( ) const ( - defaultPermissionsURL = "https://permissions-api.hollow-a.sv15.metalkube.net" - defaultHTTPClientTimeout = 5 * time.Second + + defaultPermissionsURL = "https://permissions-api.hollow-a.sv15.metalkube.net" + permsPathAllow = "/api/v1/allow" + + permsPathResourceRelationshipsFormat = "/api/v1/resources/%s/relationships" + permsPathResourceRelationshipsFrom = "/api/v1/relationships/from/" + permsPathResourceRelationshipsTo = "/api/v1/relationships/to/" + permsPathResourceRolesFormat = "/api/v1/resources/%s/roles" + + permsPathRoleAssignmentsFormat = "/api/v1/roles/%s/assignments" ) // DefaultHTTPClient is the default HTTP client for the Permissions Client. diff --git a/internal/permissions/relationships.go b/internal/permissions/relationships.go index fe7d744..fa59927 100644 --- a/internal/permissions/relationships.go +++ b/internal/permissions/relationships.go @@ -34,7 +34,7 @@ type ResourceRelationshipDeleteResponse struct { // DeleteResourceRelationship deletes the provided resources relationship to the given subject id. func (c *client) DeleteResourceRelationship(ctx context.Context, resourceID gidx.PrefixedID, relation string, relatedResourceID gidx.PrefixedID) error { - path := fmt.Sprintf("/api/v1/resources/%s/relationships", resourceID.String()) + path := fmt.Sprintf(permsPathResourceRelationshipsFormat, resourceID.String()) body, err := encodeJSON(ResourceRelationshipRequest{ Relation: relation, @@ -63,7 +63,7 @@ func (c *client) ListResourceRelationshipsFrom(ctx context.Context, resourceID g Data []resourceRelationship `json:"data"` } - if _, err := c.DoRequest(ctx, http.MethodGet, fmt.Sprintf("/api/v1/relationships/from/%s", resourceID.String()), nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode. + if _, err := c.DoRequest(ctx, http.MethodGet, permsPathResourceRelationshipsFrom+resourceID.String(), nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode. return nil, err } @@ -90,7 +90,7 @@ func (c *client) ListResourceRelationshipsTo(ctx context.Context, resourceID gid Data []resourceRelationship `json:"data"` } - if _, err := c.DoRequest(ctx, http.MethodGet, fmt.Sprintf("/api/v1/relationships/to/%s", resourceID.String()), nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode. + if _, err := c.DoRequest(ctx, http.MethodGet, permsPathResourceRelationshipsTo+resourceID.String(), nil, &response); err != nil { // nolint:bodyclose // closed by Do on json decode. return nil, err } diff --git a/internal/permissions/roles.go b/internal/permissions/roles.go index 08ad258..89a0ea2 100644 --- a/internal/permissions/roles.go +++ b/internal/permissions/roles.go @@ -35,7 +35,7 @@ type ResourceRole struct { // CreateRole creates a role on the given resource id with the provided actions. func (c *client) CreateRole(ctx context.Context, resourceID gidx.PrefixedID, actions []string) (gidx.PrefixedID, error) { - path := fmt.Sprintf("/api/v1/resources/%s/roles", resourceID.String()) + path := fmt.Sprintf(permsPathResourceRolesFormat, resourceID.String()) body, err := encodeJSON(ResourceRoleCreate{ Actions: actions, @@ -77,7 +77,7 @@ func (c *client) DeleteRole(ctx context.Context, roleID gidx.PrefixedID) error { // ListResourceRoles fetches all roles assigned to the provided resource. func (c *client) ListResourceRoles(ctx context.Context, resourceID gidx.PrefixedID) (ResourceRoles, error) { - path := fmt.Sprintf("/api/v1/resources/%s/roles", resourceID.String()) + path := fmt.Sprintf(permsPathResourceRolesFormat, resourceID.String()) var response struct { Data ResourceRoles `json:"data"`