feat: connect rpc client to inversion of control container

4 files changed, 18 insertions, 2 deletions

diff --git a/.runway/env-production.yml b/.runway/env-production.yml
index fd18897..75e1802 100644
--- a/.runway/env-production.yml
+++ b/.runway/env-production.yml
@@ -1,3 +1,4 @@
 APP_ENV: "production"
+AUTHZD_HOST: "https://authzd.runway.gitlab.net"
 OAUTH_CLIENT_ID: "75656280b7ca60223b060b57c4eb98a8a324878531efeccafc1d25709dbee5c9"
 OIDC_ISSUER: "https://gitlab.com"
diff --git a/.runway/env-staging.yml b/.runway/env-staging.yml
index 7a1192f..3ccc33e 100644
--- a/.runway/env-staging.yml
+++ b/.runway/env-staging.yml
@@ -1,3 +1,4 @@
 APP_ENV: "production"
+AUTHZD_HOST: "https://authzd.staging.runway.gitlab.net"
 OAUTH_CLIENT_ID: "786e37c8d2207d200f735379ad52579c452948222f9affc7a45e74bd7074ad3c"
 OIDC_ISSUER: "https://staging.gitlab.com"
diff --git a/app/controllers/sparkles/controller.go b/app/controllers/sparkles/controller.go
index bd7264e..ccf68b1 100644
--- a/app/controllers/sparkles/controller.go
+++ b/app/controllers/sparkles/controller.go
@@ -3,10 +3,12 @@ package sparkles
 import (
 	"net/http"
 
+	"github.com/xlgmokha/x/pkg/ioc"
 	"github.com/xlgmokha/x/pkg/log"
 	"github.com/xlgmokha/x/pkg/mapper"
 	"github.com/xlgmokha/x/pkg/serde"
 	"github.com/xlgmokha/x/pkg/x"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd.git/pkg/rpc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/middleware"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
@@ -25,7 +27,7 @@ func (c *Controller) MountTo(mux *http.ServeMux) {
 	mux.Handle("POST /sparkles", x.Middleware[http.Handler](
 		http.HandlerFunc(c.Create),
 		middleware.RequireUser(),
-		// middleware.RequirePermission("create_sparkle", nil),
+		middleware.RequirePermission("create_sparkle", ioc.MustResolve[rpc.Ability](ioc.Default)),
 	))
 
 	// This is a temporary endpoint to restore a backup
diff --git a/app/init.go b/app/init.go
index d9ca3de..a88fa4f 100644
--- a/app/init.go
+++ b/app/init.go
@@ -7,8 +7,10 @@ import (
 
 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/rs/zerolog"
+	"github.com/xlgmokha/x/pkg/env"
 	"github.com/xlgmokha/x/pkg/ioc"
 	"github.com/xlgmokha/x/pkg/log"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd.git/pkg/rpc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/dashboard"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles"
@@ -45,7 +47,11 @@ func init() {
 		}
 	})
 	ioc.Register[*oidc.Provider](ioc.Default, func() *oidc.Provider {
-		ctx := context.WithValue(context.Background(), oauth2.HTTPClient, ioc.MustResolve[*http.Client](ioc.Default))
+		ctx := context.WithValue(
+			context.Background(),
+			oauth2.HTTPClient,
+			ioc.MustResolve[*http.Client](ioc.Default),
+		)
 		return web.NewOIDCProvider(ctx, cfg.OIDCIssuer, func(err error) {
 			ioc.MustResolve[*zerolog.Logger](ioc.Default).Err(err).Send()
 		})
@@ -55,6 +61,12 @@ func init() {
 			ClientID: cfg.OAuthClientID,
 		}
 	})
+	ioc.Register[rpc.Ability](ioc.Default, func() rpc.Ability {
+		return rpc.NewAbilityProtobufClient(
+			env.Fetch("AUTHZD_HOST", ""),
+			ioc.MustResolve[*http.Client](ioc.Default),
+		)
+	})
 
 	http.DefaultClient = ioc.MustResolve[*http.Client](ioc.Default)
 }