Added teams functionality

redhat-cop · Feb 20, 2022 · e48143c · e48143c
1 parent bbc6894
commit e48143c
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 18 deletions.
diff --git a/plugin/path_role.go b/plugin/path_role.go
@@ -152,6 +152,10 @@ func (b *quayBackend) pathRolesRead(ctx context.Context, req *logical.Request, d
 		respData["repositories"] = entry.Repositories
 	}
 
+	if entry.Teams != nil {
+		respData["teams"] = entry.Teams
+	}
+
 	if storagePath == rolesStoragePath {
 		respData["ttl"] = entry.TTL.Seconds()
 		respData["max_ttl"] = entry.MaxTTL.Seconds()
@@ -203,6 +207,15 @@ func (b *quayBackend) pathRolesWrite(ctx context.Context, req *logical.Request,
 		roleEntry.Repositories = &parsedRepositories
 	}
 
+	if teamsRaw, ok := data.GetOk("teams"); ok {
+		parsedTeams := make(map[string]TeamRole, 0)
+		err := jsonutil.DecodeJSON([]byte(teamsRaw.(string)), &parsedTeams)
+		if err != nil {
+			return logical.ErrorResponse("error parsing repositories '%s': %s", teamsRaw.(string), err.Error()), nil
+		}
+		roleEntry.Teams = &parsedTeams
+	}
+
 	if ttlRaw, ok := data.GetOk("ttl"); ok {
 		roleEntry.TTL = time.Duration(ttlRaw.(int)) * time.Second
 	}
@@ -348,6 +361,13 @@ func defaultFieldSchemas() map[string]*framework.FieldSchema {
 				Name: "Repositories",
 			},
 		},
+		"teams": {
+			Type:        framework.TypeString,
+			Description: "Permissions to apply to teams",
+			DisplayAttrs: &framework.DisplayAttributes{
+				Name: "Repositories",
+			},
+		},
 	}
 
 }
@@ -376,6 +396,10 @@ func (p *Permission) String() string {
 	return string(*p)
 }
 
+func (t *TeamRole) String() string {
+	return string(*t)
+}
+
 const pathRoleHelpSynopsis = `Manages the Vault role for generating Quay robot accounts.`
 const pathRoleHelpDescription = "This path allows you to read and write roles used to generate Quay robot accounts."
 const pathStaticRoleHelpSynopsis = `Manages the Vault role for generating static Quay robot accounts.`

diff --git a/plugin/quay_robot.go b/plugin/quay_robot.go
@@ -131,14 +131,12 @@ func (*quayBackend) assembleTeams(role *quayRoleEntry) map[string]*qc.Team {
 	// Build Teams
 	if role.Teams != nil {
 		for teamName, team := range *role.Teams {
-			teamRole := mapTeamRole(team)
 
-			if len(teamRole) > 0 {
-				teams[teamName] = &qc.Team{
-					Name: teamName,
-					Role: teamRole,
-				}
+			teams[teamName] = &qc.Team{
+				Name: teamName,
+				Role: qc.QuayTeamRole(team.String()),
 			}
+
 		}
 	}
 
@@ -153,18 +151,6 @@ func (*quayBackend) assembleTeams(role *quayRoleEntry) map[string]*qc.Team {
 	return teams
 }
 
-func mapTeamRole(teamRole TeamRole) qc.QuayTeamRole {
-	switch teamRole {
-	case TeamRoleAdmin:
-		return qc.QuayTeamRoleAdmin
-	case TeamRoleCreator:
-		return qc.QuayTeamRoleCreator
-	case TeamRoleMember:
-		return qc.QuayTeamRoleMember
-	}
-	return ""
-}
-
 func isRobotAccountInPrototypeByRole(prototypes []qc.Prototype, robotAccount string, role string) bool {
 
 	for _, prototype := range prototypes {