feat: add appeal duration options to policy (#225)

* feat: add appeal duration options to policy

* docs: update documentation

* feat: add `0h` check for creating appeal expiration_date

* chore: add comments

* docs: update documentation

* feat: add get policy appeal config api

* feat: add appeal field to policy apis

* feat: add default value for appeal in policies table

* feat: update proto version

* fix: fix tests

* fix: Fix test cases

* feat: initialize the duration_options

* fix: fix test cases

* feat: update proto version

* test: fix test cases

* chore: fix lint failures

* feat: use time.Duration to check if the duration is zero

* docs: update documentation for duration options

* feat(provider): use a pointer for policy.Appeal field

* feat(provider): rename `appeal` to `appeal_config` in policy struct

* rename `policy.Appeal` to `policy.AppealConfig` in both domain and repository models

* refactor: minor code refactor

* docs: update documentation

* feat: add migration queries for policy.appeal_config column

* feat: update proto version

* fix: validate appealconfig

Co-authored-by: Rahmat Hidayat <[email protected]>

Co-authored-by: Vikash <[email protected]>
Co-authored-by: Rahmat Hidayat <[email protected]>

Author: 3 people

Makefile

@@ -2,7 +2,7 @@ NAME="github.com/odpf/guardian"
 LAST_COMMIT := $(shell git rev-parse --short HEAD)
 LAST_TAG := "$(shell git rev-list --tags --max-count=1)"
 APP_VERSION := "$(shell git describe --tags ${LAST_TAG})-next"
-PROTON_COMMIT := "41664917668e2ecd53f46fc6a06b8d27aab57962"
+PROTON_COMMIT := "8266bc0373a9a801a338975c4ce9137a7e7c4fe9"
 
 .PHONY: all build test clean dist vet proto install
 

api/handler/v1beta1/adapter.go

@@ -278,6 +278,20 @@ func (a *adapter) FromPolicyProto(p *guardianv1beta1.Policy) *domain.Policy {
 		}
 	}
 
+	if p.GetAppeal() != nil {
+		var durationOptions []domain.AppealDurationOption
+		for _, d := range p.GetAppeal().GetDurationOptions() {
+			option := domain.AppealDurationOption{
+				Name:  d.GetName(),
+				Value: d.GetValue(),
+			}
+			durationOptions = append(durationOptions, option)
+		}
+		policy.AppealConfig = &domain.PolicyAppealConfig{
+			DurationOptions: durationOptions,
+		}
+	}
+
 	if p.GetCreatedAt() != nil {
 		policy.CreatedAt = p.GetCreatedAt().AsTime()
 	}
@@ -383,6 +397,8 @@ func (a *adapter) ToPolicyProto(p *domain.Policy) (*guardianv1beta1.Policy, erro
 		}
 	}
 
+	policyProto.Appeal = a.ToPolicyAppealConfigProto(p)
+
 	if !p.CreatedAt.IsZero() {
 		policyProto.CreatedAt = timestamppb.New(p.CreatedAt)
 	}
@@ -393,6 +409,25 @@ func (a *adapter) ToPolicyProto(p *domain.Policy) (*guardianv1beta1.Policy, erro
 	return policyProto, nil
 }
 
+func (a *adapter) ToPolicyAppealConfigProto(p *domain.Policy) *guardianv1beta1.PolicyAppealConfig {
+	if p.AppealConfig == nil {
+		return nil
+	}
+
+	policyAppealConfigProto := &guardianv1beta1.PolicyAppealConfig{}
+	var durationOptions []*guardianv1beta1.PolicyAppealConfig_DurationOptions
+	if p.AppealConfig.DurationOptions != nil {
+		for _, d := range p.AppealConfig.DurationOptions {
+			durationOptions = append(durationOptions, &guardianv1beta1.PolicyAppealConfig_DurationOptions{
+				Name:  d.Name,
+				Value: d.Value,
+			})
+		}
+	}
+	policyAppealConfigProto.DurationOptions = durationOptions
+	return policyAppealConfigProto
+}
+
 func (a *adapter) FromResourceProto(r *guardianv1beta1.Resource) *domain.Resource {
 	resource := &domain.Resource{
 		ID:           r.GetId(),

api/handler/v1beta1/grpc.go

@@ -28,6 +28,8 @@ type ProtoAdapter interface {
 	FromPolicyProto(*guardianv1beta1.Policy) *domain.Policy
 	ToPolicyProto(*domain.Policy) (*guardianv1beta1.Policy, error)
 
+	ToPolicyAppealConfigProto(policy *domain.Policy) *guardianv1beta1.PolicyAppealConfig
+
 	FromResourceProto(*guardianv1beta1.Resource) *domain.Resource
 	ToResourceProto(*domain.Resource) (*guardianv1beta1.Resource, error)
 

api/handler/v1beta1/policy.go

@@ -91,3 +91,21 @@ func (s *GRPCServer) UpdatePolicy(ctx context.Context, req *guardianv1beta1.Upda
 		Policy: policyProto,
 	}, nil
 }
+
+func (s *GRPCServer) GetPolicyAppealConfig(ctx context.Context, req *guardianv1beta1.GetPolicyPreferencesRequest) (*guardianv1beta1.GetPolicyPreferencesResponse, error) {
+	p, err := s.policyService.GetOne(ctx, req.GetId(), uint(req.GetVersion()))
+	if err != nil {
+		switch err {
+		case policy.ErrPolicyNotFound:
+			return nil, status.Error(codes.NotFound, "policy not found")
+		default:
+			return nil, status.Errorf(codes.Internal, "failed to retrieve policy: %v", err)
+		}
+	}
+
+	appealConfigProto := s.adapter.ToPolicyAppealConfigProto(p)
+
+	return &guardianv1beta1.GetPolicyPreferencesResponse{
+		Appeal: appealConfigProto,
+	}, nil
+}

api/handler/v1beta1/policy_test.go

@@ -117,6 +117,12 @@ func (s *GrpcHandlersSuite) TestGetPolicy() {
 				Config:   map[string]interface{}{"foo": "bar"},
 				Schema:   map[string]string{"foo": "bar"},
 			},
+			AppealConfig: &domain.PolicyAppealConfig{
+				DurationOptions: []domain.AppealDurationOption{
+					{Name: "1 Day", Value: "24h"},
+					{Name: "3 Days", Value: "72h"},
+				},
+			},
 			CreatedAt: timeNow,
 			UpdatedAt: timeNow,
 		}
@@ -160,6 +166,12 @@ func (s *GrpcHandlersSuite) TestGetPolicy() {
 					Config:   expectedIAMConfig,
 					Schema:   dummyPolicy.IAM.Schema,
 				},
+				Appeal: &guardianv1beta1.PolicyAppealConfig{
+					DurationOptions: []*guardianv1beta1.PolicyAppealConfig_DurationOptions{
+						{Name: "1 Day", Value: "24h"},
+						{Name: "3 Days", Value: "72h"},
+					},
+				},
 				CreatedAt: timestamppb.New(timeNow),
 				UpdatedAt: timestamppb.New(timeNow),
 			},
@@ -273,6 +285,12 @@ func (s *GrpcHandlersSuite) TestCreatePolicy() {
 				Config:   map[string]interface{}{"foo": "bar"},
 				Schema:   map[string]string{"foo": "bar"},
 			},
+			AppealConfig: &domain.PolicyAppealConfig{
+				DurationOptions: []domain.AppealDurationOption{
+					{Name: "1 Day", Value: "24h"},
+					{Name: "3 Days", Value: "72h"},
+				},
+			},
 		}
 		expectedVersion := uint(1)
 		expectedIAMConfig, err := structpb.NewValue(expectedPolicy.IAM.Config)
@@ -318,6 +336,12 @@ func (s *GrpcHandlersSuite) TestCreatePolicy() {
 					Config:   expectedIAMConfig,
 					Schema:   expectedPolicy.IAM.Schema,
 				},
+				Appeal: &guardianv1beta1.PolicyAppealConfig{
+					DurationOptions: []*guardianv1beta1.PolicyAppealConfig_DurationOptions{
+						{Name: "1 Day", Value: "24h"},
+						{Name: "3 Days", Value: "72h"},
+					},
+				},
 				CreatedAt: timestamppb.New(timeNow),
 				UpdatedAt: timestamppb.New(timeNow),
 			},
@@ -369,6 +393,12 @@ func (s *GrpcHandlersSuite) TestCreatePolicy() {
 					Config:   expectedIAMConfig,
 					Schema:   expectedPolicy.IAM.Schema,
 				},
+				Appeal: &guardianv1beta1.PolicyAppealConfig{
+					DurationOptions: []*guardianv1beta1.PolicyAppealConfig_DurationOptions{
+						{Name: "1 Day", Value: "24h"},
+						{Name: "3 Days", Value: "72h"},
+					},
+				},
 			},
 		}
 		res, err := s.grpcServer.CreatePolicy(context.Background(), req)
@@ -455,6 +485,12 @@ func (s *GrpcHandlersSuite) TestUpdatePolicy() {
 				Config:   map[string]interface{}{"foo": "bar"},
 				Schema:   map[string]string{"foo": "bar"},
 			},
+			AppealConfig: &domain.PolicyAppealConfig{
+				DurationOptions: []domain.AppealDurationOption{
+					{Name: "1 Day", Value: "24h"},
+					{Name: "3 Days", Value: "72h"},
+				},
+			},
 		}
 		expectedVersion := uint(1)
 		expectedIAMConfig, err := structpb.NewValue(expectedPolicy.IAM.Config)
@@ -497,6 +533,12 @@ func (s *GrpcHandlersSuite) TestUpdatePolicy() {
 					Config:   expectedIAMConfig,
 					Schema:   expectedPolicy.IAM.Schema,
 				},
+				Appeal: &guardianv1beta1.PolicyAppealConfig{
+					DurationOptions: []*guardianv1beta1.PolicyAppealConfig_DurationOptions{
+						{Name: "1 Day", Value: "24h"},
+						{Name: "3 Days", Value: "72h"},
+					},
+				},
 				CreatedAt: timestamppb.New(timeNow),
 				UpdatedAt: timestamppb.New(timeNow),
 			},
@@ -545,6 +587,12 @@ func (s *GrpcHandlersSuite) TestUpdatePolicy() {
 					Config:   expectedIAMConfig,
 					Schema:   expectedPolicy.IAM.Schema,
 				},
+				Appeal: &guardianv1beta1.PolicyAppealConfig{
+					DurationOptions: []*guardianv1beta1.PolicyAppealConfig_DurationOptions{
+						{Name: "1 Day", Value: "24h"},
+						{Name: "3 Days", Value: "72h"},
+					},
+				},
 			},
 		}
 		res, err := s.grpcServer.UpdatePolicy(context.Background(), req)