Skip to content

Commit

Permalink
Return a different error message if --provisioning flag is not set
Browse files Browse the repository at this point in the history
  • Loading branch information
@mchavez
mchavez committed Sep 23, 2024
1 parent 0760b29 commit b25e864
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 19 deletions.
14 changes: 8 additions & 6 deletions internal/connector/noop_provisioner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,26 +10,28 @@ import (

type noopProvisioner struct{}

const ProvisioningNotEnabledMsg = "error: provisioning is not enabled. try running with --provisioning"

func (n *noopProvisioner) Grant(ctx context.Context, req *v2.GrantManagerServiceGrantRequest) (*v2.GrantManagerServiceGrantResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}

func (n *noopProvisioner) Revoke(ctx context.Context, req *v2.GrantManagerServiceRevokeRequest) (*v2.GrantManagerServiceRevokeResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}

func (n *noopProvisioner) CreateResource(ctx context.Context, request *v2.CreateResourceRequest) (*v2.CreateResourceResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}

func (n *noopProvisioner) DeleteResource(ctx context.Context, request *v2.DeleteResourceRequest) (*v2.DeleteResourceResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}

func (n *noopProvisioner) RotateCredential(ctx context.Context, request *v2.RotateCredentialRequest) (*v2.RotateCredentialResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}

func (n *noopProvisioner) CreateAccount(ctx context.Context, request *v2.CreateAccountRequest) (*v2.CreateAccountResponse, error) {
return nil, status.Error(codes.FailedPrecondition, "provisioning is not enabled")
return nil, status.Error(codes.FailedPrecondition, ProvisioningNotEnabledMsg)
}
6 changes: 6 additions & 0 deletions pkg/cli/commands.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ import (
"github.com/spf13/cobra"
"github.com/spf13/viper"
"go.uber.org/zap"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/types/known/anypb"
Expand Down Expand Up @@ -65,6 +67,7 @@ func MakeMainCommand(
}

daemonMode := v.GetString("client-id") != "" || isService()
isProvisioning := v.GetString("grant-entitlement") != "" || v.GetString("revoke-grant") != ""
if daemonMode {
if v.GetString("client-id") == "" {
return fmt.Errorf("client-id is required in service mode")
Expand All @@ -83,6 +86,9 @@ func MakeMainCommand(
opts = append(opts, connectorrunner.WithFullSyncDisabled())
}
} else {
if isProvisioning && !v.GetBool("provisioning") {
return status.Error(codes.Unimplemented, connector.ProvisioningNotEnabledMsg)
}
switch {
case v.GetString("grant-entitlement") != "":
opts = append(opts,
Expand Down
22 changes: 9 additions & 13 deletions pkg/connectorbuilder/connectorbuilder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/types/known/timestamppb"

"github.com/conductorone/baton-sdk/internal/connector"
v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
"github.com/conductorone/baton-sdk/pkg/annotations"
"github.com/conductorone/baton-sdk/pkg/crypto"
Expand Down Expand Up @@ -535,10 +536,8 @@ func (b *builderImpl) Grant(ctx context.Context, request *v2.GrantManagerService
start := b.nowFunc()
tt := tasks.GrantType
l := ctxzap.Extract(ctx)

rt := request.Entitlement.Resource.Id.ResourceType
provisioner, ok := b.resourceProvisioners[rt]
if ok {
if provisioner, ok := b.resourceProvisioners[rt]; ok {
annos, err := provisioner.Grant(ctx, request.Principal, request.Entitlement)
if err != nil {
l.Error("error: grant failed", zap.Error(err))
Expand All @@ -550,8 +549,7 @@ func (b *builderImpl) Grant(ctx context.Context, request *v2.GrantManagerService
return &v2.GrantManagerServiceGrantResponse{Annotations: annos}, nil
}

provisionerV2, ok := b.resourceProvisionersV2[rt]
if ok {
if provisionerV2, ok := b.resourceProvisionersV2[rt]; ok {
grants, annos, err := provisionerV2.Grant(ctx, request.Principal, request.Entitlement)
if err != nil {
l.Error("error: grant failed", zap.Error(err))
Expand All @@ -563,26 +561,24 @@ func (b *builderImpl) Grant(ctx context.Context, request *v2.GrantManagerService
return &v2.GrantManagerServiceGrantResponse{Annotations: annos, Grants: grants}, nil
}

l.Error("error: resource type does not have provisioner configured", zap.String("resource_type", rt))
l.Error(connector.ProvisioningNotEnabledMsg, zap.String("resource_type", rt))
b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start))
return nil, fmt.Errorf("error: resource type does not have provisioner configured")
return nil, fmt.Errorf(connector.ProvisioningNotEnabledMsg)
}

func (b *builderImpl) Revoke(ctx context.Context, request *v2.GrantManagerServiceRevokeRequest) (*v2.GrantManagerServiceRevokeResponse, error) {
start := b.nowFunc()
tt := tasks.RevokeType

l := ctxzap.Extract(ctx)

rt := request.Grant.Entitlement.Resource.Id.ResourceType
provisioner, ok := b.resourceProvisioners[rt]
if ok {
if provisioner, ok := b.resourceProvisioners[rt]; ok {
annos, err := provisioner.Revoke(ctx, request.Grant)
if err != nil {
l.Error("error: revoke failed", zap.Error(err))
b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start))
return nil, fmt.Errorf("error: revoke failed: %w", err)
}

return &v2.GrantManagerServiceRevokeResponse{Annotations: annos}, nil
}

Expand All @@ -599,9 +595,9 @@ func (b *builderImpl) Revoke(ctx context.Context, request *v2.GrantManagerServic
return &v2.GrantManagerServiceRevokeResponse{Annotations: annos}, nil
}

l.Error("error: resource type does not have provisioner configured", zap.String("resource_type", rt))
l.Error(connector.ProvisioningNotEnabledMsg, zap.String("resource_type", rt))
b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start))
return nil, status.Error(codes.Unimplemented, "resource type does not have provisioner configured")
return nil, status.Error(codes.Unimplemented, connector.ProvisioningNotEnabledMsg)
}

// GetAsset streams the asset to the client.
Expand Down

0 comments on commit b25e864

Please sign in to comment.