diff options
Diffstat (limited to 'app/jobs/create_sparkle.go')
| -rw-r--r-- | app/jobs/create_sparkle.go | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/app/jobs/create_sparkle.go b/app/jobs/create_sparkle.go new file mode 100644 index 0000000..3a03b1f --- /dev/null +++ b/app/jobs/create_sparkle.go @@ -0,0 +1,75 @@ +package jobs + +import ( + "context" + "strings" + + v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" + "github.com/authzed/authzed-go/v1" + "github.com/containerd/log" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls" +) + +type CreateSparkle struct { + client *authzed.Client + ctx context.Context +} + +func NewCreateSparkle(ctx context.Context, client *authzed.Client) Job[*domain.Sparkle] { + return &CreateSparkle{ + client: client, + ctx: ctx, + } +} + +func (job *CreateSparkle) Run(item *domain.Sparkle) { + response, err := job.client.WriteRelationships(job.ctx, job.requestFor(item)) + if err != nil { + pls.LogErrorNow(job.ctx, err) + } + pls.LogNow(job.ctx, log.Fields{"response": response}) +} + +func (job *CreateSparkle) requestFor(sparkle *domain.Sparkle) *v1.WriteRelationshipsRequest { + resource := sparkle.ToGID().ToObjectReference() + + return &v1.WriteRelationshipsRequest{ + Updates: []*v1.RelationshipUpdate{ + &v1.RelationshipUpdate{ + Operation: v1.RelationshipUpdate_OPERATION_CREATE, + Relationship: &v1.Relationship{ + Resource: resource, + Relation: "sparkler", + Subject: sparkle.Author.ToSubjectReference(), + }, + }, + &v1.RelationshipUpdate{ + Operation: v1.RelationshipUpdate_OPERATION_CREATE, + Relationship: &v1.Relationship{ + Resource: resource, + Relation: "sparklee", + Subject: &v1.SubjectReference{ + Object: &v1.ObjectReference{ + ObjectType: "user", + ObjectId: strings.TrimPrefix(sparkle.Sparklee, "@"), + }, + }, + }, + }, + &v1.RelationshipUpdate{ + Operation: v1.RelationshipUpdate_OPERATION_CREATE, + Relationship: &v1.Relationship{ + Resource: resource, + Relation: "reader", + Subject: &v1.SubjectReference{ + Object: &v1.ObjectReference{ + ObjectType: "user", + ObjectId: "*", + }, + }, + }, + }, + }, + } +} |