feat: permit logic in project create/delete/list

auth/src/lib.rs

@@ -24,8 +24,8 @@ pub async fn start(pool: PgPool, args: StartArgs) -> io::Result<()> {
         .with_pg_pool(pool)
         .with_stripe_client(stripe::Client::new(args.stripe_secret_key))
         .with_permissions_client(permit::Client::new(
-            args.permit_api_uri,
-            args.permit_pdp_uri,
+            args.permit_api_uri.to_string(),
+            args.permit_pdp_uri.to_string(),
             "default".to_string(),
             args.permit_env,
             args.permit_api_key,

backends/Cargo.toml

@@ -24,8 +24,8 @@ opentelemetry-appender-tracing = { workspace = true }
 opentelemetry-http = { workspace = true }
 opentelemetry-otlp = { workspace = true }
 pin-project = { workspace = true }
-permit-client-rs = { git = "https://github.com/shuttle-hq/permit-client-rs" }
-permit-pdp-client-rs = { git = "https://github.com/shuttle-hq/permit-pdp-client-rs" }
+permit-client-rs = { git = "https://github.com/shuttle-hq/permit-client-rs", rev = "27c7759" }
+permit-pdp-client-rs = { git = "https://github.com/shuttle-hq/permit-pdp-client-rs", rev = "37c7296" }
 portpicker = { workspace = true, optional = true }
 reqwest = { workspace = true, features = ["json"] }
 # keep locked to not accidentally invalidate someone's project name

backends/src/client/permit.rs

@@ -1,6 +1,5 @@
 use anyhow::Error;
 use async_trait::async_trait;
-use http::Uri;
 use permit_client_rs::{
     apis::{
         resource_instances_api::{create_resource_instance, delete_resource_instance},
@@ -60,21 +59,27 @@ pub struct Client {
 
 impl Client {
     pub fn new(
-        api_uri: Uri,
-        pdp_uri: Uri,
+        api_uri: String,
+        pdp_uri: String,
         proj_id: String,
         env_id: String,
         api_key: String,
     ) -> Self {
         Self {
             api: permit_client_rs::apis::configuration::Configuration {
-                base_path: api_uri.to_string(),
+                base_path: api_uri
+                    .strip_suffix('/')
+                    .map(ToOwned::to_owned)
+                    .unwrap_or(api_uri),
                 user_agent: None,
                 bearer_access_token: Some(api_key.clone()),
                 ..Default::default()
             },
             pdp: permit_pdp_client_rs::apis::configuration::Configuration {
-                base_path: pdp_uri.to_string(),
+                base_path: pdp_uri
+                    .strip_suffix('/')
+                    .map(ToOwned::to_owned)
+                    .unwrap_or(pdp_uri),
                 user_agent: None,
                 bearer_access_token: Some(api_key),
                 ..Default::default()
@@ -478,10 +483,10 @@ mod tests {
         async fn setup() -> Self {
             let api_key = env::var("PERMIT_API_KEY").expect("PERMIT_API_KEY to be set. You can copy the testing API key from the Testing environment on Permit.io.");
             let client = Client::new(
-                "https://api.eu-central-1.permit.io".parse().unwrap(),
-                "http://localhost:7000".parse().unwrap(),
-                "default".to_string(),
-                "testing".to_string(),
+                "https://api.eu-central-1.permit.io".to_owned(),
+                "http://localhost:7000".to_owned(),
+                "default".to_owned(),
+                "testing".to_owned(),
                 api_key,
             );
 

docker-compose.dev.yml

@@ -68,7 +68,9 @@ services:
       - "--stripe-secret-key=${STRIPE_SECRET_KEY}"
       # used only for local development
       - "--jwt-signing-private-key=LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1DNENBUUF3QlFZREsyVndCQ0lFSUR5V0ZFYzhKYm05NnA0ZGNLTEwvQWNvVUVsbUF0MVVKSTU4WTc4d1FpWk4KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo="
-      - "--permit-api=https://api.eu-central-1.permit.io"
+      - "--permit-api-uri=https://api.eu-central-1.permit.io"
+      - "--permit-pdp-uri=http://permit-pdp:7000"
+      - "--permit-env=${SHUTTLE_ENV}"
       - "--permit-api-key=${PERMIT_API_KEY}"
   otel-collector:
     ports:

docker-compose.yml

@@ -280,7 +280,7 @@ services:
     image: docker.io/permitio/pdp-v2:0.2.37
     restart: always
     environment:
-      - PDP_CONTROL_PLANE=${PERMIT_API}
+      - PDP_CONTROL_PLANE=https://api.eu-central-1.permit.io
       - PDP_API_KEY=${PERMIT_API_KEY}
     ports:
       - 7000:7000

gateway/src/api/latest.rs

@@ -104,7 +104,7 @@ async fn get_project(
     State(RouterState { service, .. }): State<RouterState>,
     ScopedUser { scope, .. }: ScopedUser,
 ) -> Result<AxumJson<project::Response>, Error> {
-    let project = service.find_project(&scope).await?;
+    let project = service.get_project(&scope).await?;
     let idle_minutes = project.state.idle_minutes();
 
     let response = project::Response {
@@ -130,22 +130,35 @@ async fn check_project_name(
 
 async fn get_projects_list(
     State(RouterState { service, .. }): State<RouterState>,
-    User { id: name, .. }: User,
-    Query(PaginationDetails { page, limit }): Query<PaginationDetails>,
+    User { id, .. }: User,
+    Query(PaginationDetails { limit, .. }): Query<PaginationDetails>,
 ) -> Result<AxumJson<Vec<project::Response>>, Error> {
     let limit = limit.unwrap_or(u32::MAX);
-    let page = page.unwrap_or(0);
-    let projects = service
-        // The `offset` is page size * amount of pages
-        .iter_user_projects_detailed(&name, limit * page, limit)
-        .await?
-        .map(|project| project::Response {
-            id: project.0.to_uppercase(),
-            name: project.1.to_string(),
-            idle_minutes: project.2.idle_minutes(),
-            state: project.2.into(),
-        })
-        .collect();
+
+    let mut projects = vec![];
+    for p in service
+        .permit_client
+        .get_user_projects(&id)
+        .await
+        .map_err(|e| {
+            dbg!(e);
+            Error::from(ErrorKind::Internal)
+        })?
+        .into_iter()
+        .take(limit as usize)
+    {
+        let name = p.resource.expect("project resource").key;
+        let project = service.get_project(name.as_str()).await?;
+        let idle_minutes = project.state.idle_minutes();
+
+        let response = project::Response {
+            id: project.project_id,
+            name,
+            state: project.state.into(),
+            idle_minutes,
+        };
+        projects.push(response);
+    }
 
     Ok(AxumJson(projects))
 }
@@ -176,7 +189,7 @@ async fn create_project(
     let project = service
         .create_project(
             project_name.clone(),
-            id,
+            &id,
             claim.is_admin(),
             can_create_project,
             if is_cch_project {
@@ -188,6 +201,12 @@ async fn create_project(
         .await?;
     let idle_minutes = project.state.idle_minutes();
 
+    service
+        .permit_client
+        .create_project(&id, &project.project_id)
+        .await
+        .map_err(|_| Error::from(ErrorKind::Internal))?;
+
     service
         .new_task()
         .project(project_name.clone())
@@ -216,7 +235,7 @@ async fn destroy_project(
         ..
     }: ScopedUser,
 ) -> Result<AxumJson<project::Response>, Error> {
-    let project = service.find_project(&project_name).await?;
+    let project = service.get_project(&project_name).await?;
     let idle_minutes = project.state.idle_minutes();
 
     let mut response = project::Response {
@@ -264,7 +283,7 @@ async fn delete_project(
     }
 
     let project_name = scoped_user.scope.clone();
-    let project = state.service.find_project(&project_name).await?;
+    let project = state.service.get_project(&project_name).await?;
 
     let project_id =
         Ulid::from_string(&project.project_id).expect("stored project id to be a valid ULID");
@@ -307,7 +326,7 @@ async fn delete_project(
         // Wait for the project to be ready
         handle.await;
 
-        let new_state = state.service.find_project(&project_name).await?;
+        let new_state = state.service.get_project(&project_name).await?;
 
         if !new_state.state.is_ready() {
             return Err(Error::from_kind(ErrorKind::ProjectCorrupted));
@@ -380,6 +399,13 @@ async fn delete_project(
         .await?;
     task.await;
 
+    state
+        .service
+        .permit_client
+        .delete_project(&project.project_id)
+        .await
+        .map_err(|_| Error::from(ErrorKind::Internal))?;
+
     service.delete_project(&project_name).await?;
 
     Ok(AxumJson("project successfully deleted".to_owned()))

gateway/src/main.rs

@@ -83,8 +83,8 @@ async fn start(
             db,
             fs,
             Box::new(permit::Client::new(
-                args.context.permit_api_uri,
-                args.context.permit_pdp_uri,
+                args.context.permit_api_uri.to_string(),
+                args.context.permit_pdp_uri.to_string(),
                 "default".to_owned(),
                 args.context.permit_env,
                 args.context.permit_api_key,

gateway/src/project.rs

@@ -1845,7 +1845,7 @@ pub mod exec {
             .await
             .expect("could not list projects")
         {
-            match gateway.find_project(&project_name).await.unwrap().state {
+            match gateway.get_project(&project_name).await.unwrap().state {
                 Project::Errored(ProjectError { ctx: Some(ctx), .. }) => {
                     if let Some(container) = ctx.container() {
                         if let Ok(container) = gateway
@@ -1939,7 +1939,7 @@ pub mod exec {
             .expect("could not list cch projects")
         {
             if let Project::Ready(ProjectReady { container, .. }) =
-                gateway.find_project(&project_name).await.unwrap().state
+                gateway.get_project(&project_name).await.unwrap().state
             {
                 if let Ok(container) = gateway
                     .context()