Address reviews

Signed-off-by: Oğuzhan Durgun <[email protected]>
cerbos · Apr 8, 2024 · c5eac16 · c5eac16
1 parent 9eafa0f
commit c5eac16
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 56 deletions.
diff --git a/cerbos/client.go b/cerbos/client.go
@@ -44,8 +44,8 @@ type PrincipalContext interface {
 type AdminClient interface {
 	AddOrUpdatePolicy(ctx context.Context, policies *PolicySet) error
 	AuditLogs(ctx context.Context, opts AuditLogOptions) (<-chan *AuditLogEntry, error)
-	ListPolicies(ctx context.Context, opts ...ListPoliciesOption) ([]string, error)
-	InspectPolicies(ctx context.Context, opts ...InspectPoliciesOption) (*responsev1.InspectPoliciesResponse, error)
+	ListPolicies(ctx context.Context, opts ...FilterOption) ([]string, error)
+	InspectPolicies(ctx context.Context, opts ...FilterOption) (*responsev1.InspectPoliciesResponse, error)
 	GetPolicy(ctx context.Context, ids ...string) ([]*policyv1.Policy, error)
 	DisablePolicy(ctx context.Context, ids ...string) (uint32, error)
 	EnablePolicy(ctx context.Context, ids ...string) (uint32, error)

diff --git a/cerbos/grpc_admin.go b/cerbos/grpc_admin.go
@@ -170,10 +170,16 @@ func (c *GRPCAdminClient) auditLogs(ctx context.Context, opts AuditLogOptions) (
 	return resp, nil
 }
 
-func (c *GRPCAdminClient) ListPolicies(ctx context.Context, opts ...ListPoliciesOption) ([]string, error) {
-	req := &requestv1.ListPoliciesRequest{}
+func (c *GRPCAdminClient) ListPolicies(ctx context.Context, opts ...FilterOption) ([]string, error) {
+	options := &FilterOptions{}
 	for _, opt := range opts {
-		opt(req)
+		opt(options)
+	}
+	req := &requestv1.ListPoliciesRequest{
+		IncludeDisabled: options.IncludeDisabled,
+		NameRegexp:      options.NameRegexp,
+		ScopeRegexp:     options.ScopeRegexp,
+		VersionRegexp:   options.VersionRegexp,
 	}
 	if err := internal.Validate(req); err != nil {
 		return nil, fmt.Errorf("could not validate list policies request: %w", err)
@@ -187,10 +193,16 @@ func (c *GRPCAdminClient) ListPolicies(ctx context.Context, opts ...ListPolicies
 	return p.PolicyIds, nil
 }
 
-func (c *GRPCAdminClient) InspectPolicies(ctx context.Context, opts ...InspectPoliciesOption) (*responsev1.InspectPoliciesResponse, error) {
-	req := &requestv1.InspectPoliciesRequest{}
+func (c *GRPCAdminClient) InspectPolicies(ctx context.Context, opts ...FilterOption) (*responsev1.InspectPoliciesResponse, error) {
+	options := &FilterOptions{}
 	for _, opt := range opts {
-		opt(req)
+		opt(options)
+	}
+	req := &requestv1.InspectPoliciesRequest{
+		IncludeDisabled: options.IncludeDisabled,
+		NameRegexp:      options.NameRegexp,
+		ScopeRegexp:     options.ScopeRegexp,
+		VersionRegexp:   options.VersionRegexp,
 	}
 	if err := internal.Validate(req); err != nil {
 		return nil, fmt.Errorf("could not validate get inspect policies request: %w", err)

diff --git a/cerbos/grpc_admin_test.go b/cerbos/grpc_admin_test.go
@@ -161,7 +161,7 @@ func TestAdminClient(t *testing.T) {
 	t.Run("ListPolicies", func(t *testing.T) {
 		testCases := []struct {
 			name    string
-			options []ListPoliciesOption
+			options []FilterOption
 			want    map[string]string
 		}{
 			{
@@ -170,7 +170,7 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "NameRegexp",
-				options: []ListPoliciesOption{WithNameRegexp("leave_req")},
+				options: []FilterOption{WithNameRegexp("leave_req")},
 				want: map[string]string{
 					"resource.leave_request.v20210210":           "",
 					"resource.leave_request.vdefault":            "",
@@ -181,7 +181,7 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "ScopeRegexp",
-				options: []ListPoliciesOption{WithScopeRegexp("acme")},
+				options: []FilterOption{WithScopeRegexp("acme")},
 				want: map[string]string{
 					"principal.donald_duck.vdefault/acme":        "",
 					"principal.donald_duck.vdefault/acme.hr":     "",
@@ -192,14 +192,14 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "VersionRegexp",
-				options: []ListPoliciesOption{WithVersionRegexp(`\d+`)},
+				options: []FilterOption{WithVersionRegexp(`\d+`)},
 				want: map[string]string{
 					"resource.leave_request.v20210210": "",
 				},
 			},
 			{
 				name:    "AllRegexp",
-				options: []ListPoliciesOption{WithNameRegexp(`.*`), WithScopeRegexp(`.*`), WithVersionRegexp("def")},
+				options: []FilterOption{WithNameRegexp(`.*`), WithScopeRegexp(`.*`), WithVersionRegexp("def")},
 				want: map[string]string{
 					"principal.donald_duck.vdefault":             "",
 					"principal.donald_duck.vdefault/acme":        "",
@@ -228,7 +228,7 @@ func TestAdminClient(t *testing.T) {
 	t.Run("InspectPolicies", func(t *testing.T) {
 		testCases := []struct {
 			name    string
-			options []InspectPoliciesOption
+			options []FilterOption
 			want    map[string][]string
 		}{
 			{
@@ -246,7 +246,7 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "NameRegexp",
-				options: []InspectPoliciesOption{InspectPoliciesWithNameRegexp("leave_req")},
+				options: []FilterOption{WithNameRegexp("leave_req")},
 				want: map[string][]string{
 					"resource.leave_request.v20210210":           {"*", "approve", "create", "defer", "delete", "remind", "view", "view:*", "view:public"},
 					"resource.leave_request.vdefault":            {"*"},
@@ -257,7 +257,7 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "ScopeRegexp",
-				options: []InspectPoliciesOption{InspectPoliciesWithScopeRegexp("acme")},
+				options: []FilterOption{WithScopeRegexp("acme")},
 				want: map[string][]string{
 					"principal.donald_duck.vdefault/acme":        {"*"},
 					"principal.donald_duck.vdefault/acme.hr":     {"view:*"},
@@ -268,14 +268,14 @@ func TestAdminClient(t *testing.T) {
 			},
 			{
 				name:    "VersionRegexp",
-				options: []InspectPoliciesOption{InspectPoliciesWithVersionRegexp(`\d+`)},
+				options: []FilterOption{WithVersionRegexp(`\d+`)},
 				want: map[string][]string{
 					"resource.leave_request.v20210210": {"*", "approve", "create", "defer", "delete", "remind", "view", "view:*", "view:public"},
 				},
 			},
 			{
 				name:    "AllRegexp",
-				options: []InspectPoliciesOption{InspectPoliciesWithNameRegexp(`.*`), InspectPoliciesWithScopeRegexp(`.*`), InspectPoliciesWithVersionRegexp("def")},
+				options: []FilterOption{WithNameRegexp(`.*`), WithScopeRegexp(`.*`), WithVersionRegexp("def")},
 				want: map[string][]string{
 					"principal.donald_duck.vdefault":             {"*"},
 					"principal.donald_duck.vdefault/acme":        {"*"},

diff --git a/cerbos/model.go b/cerbos/model.go
@@ -1212,54 +1212,39 @@ type PlanResourcesResponse struct {
 }
 
 type (
-	ListPoliciesOption    func(*requestv1.ListPoliciesRequest)
-	InspectPoliciesOption func(*requestv1.InspectPoliciesRequest)
+	FilterOptions struct {
+		NameRegexp      string
+		ScopeRegexp     string
+		VersionRegexp   string
+		IncludeDisabled bool
+	}
+	// FilterOption allows filtering policies while calling InspectPolicies and ListPolicies.
+	FilterOption func(*FilterOptions)
+	// ListPoliciesOption allows filtering policies while calling ListPolicies
+	// Deprecated: ListPoliciesOption is deprecated, use FilterOption instead.
+	ListPoliciesOption FilterOption
 )
 
-func WithIncludeDisabled() ListPoliciesOption {
-	return func(request *requestv1.ListPoliciesRequest) {
-		request.IncludeDisabled = true
+func WithIncludeDisabled() FilterOption {
+	return func(fo *FilterOptions) {
+		fo.IncludeDisabled = true
 	}
 }
 
-func WithNameRegexp(re string) ListPoliciesOption {
-	return func(request *requestv1.ListPoliciesRequest) {
-		request.NameRegexp = re
+func WithNameRegexp(re string) FilterOption {
+	return func(fo *FilterOptions) {
+		fo.NameRegexp = re
 	}
 }
 
-func WithScopeRegexp(re string) ListPoliciesOption {
-	return func(request *requestv1.ListPoliciesRequest) {
-		request.ScopeRegexp = re
+func WithScopeRegexp(re string) FilterOption {
+	return func(fo *FilterOptions) {
+		fo.ScopeRegexp = re
 	}
 }
 
-func WithVersionRegexp(v string) ListPoliciesOption {
-	return func(request *requestv1.ListPoliciesRequest) {
-		request.VersionRegexp = v
-	}
-}
-
-func InspectPoliciesWithIncludeDisabled() InspectPoliciesOption {
-	return func(request *requestv1.InspectPoliciesRequest) {
-		request.IncludeDisabled = true
-	}
-}
-
-func InspectPoliciesWithNameRegexp(re string) InspectPoliciesOption {
-	return func(request *requestv1.InspectPoliciesRequest) {
-		request.NameRegexp = re
-	}
-}
-
-func InspectPoliciesWithScopeRegexp(re string) InspectPoliciesOption {
-	return func(request *requestv1.InspectPoliciesRequest) {
-		request.ScopeRegexp = re
-	}
-}
-
-func InspectPoliciesWithVersionRegexp(v string) InspectPoliciesOption {
-	return func(request *requestv1.InspectPoliciesRequest) {
-		request.VersionRegexp = v
+func WithVersionRegexp(v string) FilterOption {
+	return func(fo *FilterOptions) {
+		fo.VersionRegexp = v
 	}
 }