1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
package app
import (
"context"
"net/http"
"os"
v1 "github.com/authzed/authzed-go/proto/authzed/api/v1"
"github.com/authzed/authzed-go/v1"
"github.com/rs/zerolog"
"github.com/xlgmokha/x/pkg/env"
"github.com/xlgmokha/x/pkg/event"
"github.com/xlgmokha/x/pkg/ioc"
"github.com/xlgmokha/x/pkg/log"
"github.com/xlgmokha/x/pkg/mapper"
"github.com/xlgmokha/x/pkg/x"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/dashboard"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/db"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/authz"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
)
func init() {
c := ioc.Default
ioc.RegisterSingleton[*zerolog.Logger](c, func() *zerolog.Logger {
return log.New(os.Stdout, log.Fields{"app": "sparkled"})
})
ioc.RegisterSingleton[*authzed.Client](c, func() *authzed.Client {
return authz.NewSpiceDBClient(
context.Background(),
env.Fetch("ZED_ENDPOINT", ":50051"),
env.Fetch("ZED_TOKEN", "secret"),
)
})
ioc.Register[authz.CheckPermissionService](c, func() authz.CheckPermissionService {
return ioc.MustResolve[*authzed.Client](c)
})
ioc.RegisterSingleton[*event.Aggregator](c, func() *event.Aggregator {
return x.New[*event.Aggregator](event.WithDefaults())
})
ioc.Register[*event.TypedAggregator[*domain.Sparkle]](c, func() *event.TypedAggregator[*domain.Sparkle] {
return x.New[*event.TypedAggregator[*domain.Sparkle]](event.WithAggregator[*domain.Sparkle](
ioc.MustResolve[*event.Aggregator](c),
))
})
ioc.RegisterSingleton[domain.Repository[*domain.Sparkle]](c, func() domain.Repository[*domain.Sparkle] {
return db.NewRepository[*domain.Sparkle](ioc.MustResolve[*event.TypedAggregator[*domain.Sparkle]](c))
})
ioc.RegisterSingleton[*http.ServeMux](c, func() *http.ServeMux {
return http.NewServeMux()
})
ioc.Register[*dashboard.Controller](c, func() *dashboard.Controller {
return dashboard.New()
})
ioc.Register[*sparkles.Controller](c, func() *sparkles.Controller {
return sparkles.New(
ioc.MustResolve[domain.Repository[*domain.Sparkle]](c),
ioc.MustResolve[authz.CheckPermissionService](c),
)
})
ioc.RegisterSingleton[*http.Client](c, func() *http.Client {
return &http.Client{
Transport: &web.Transport{
Logger: ioc.MustResolve[*zerolog.Logger](c),
},
}
})
http.DefaultClient = ioc.MustResolve[*http.Client](c)
mapper.Register[*http.Request, log.Fields](func(r *http.Request) log.Fields {
return log.Fields{
"host": r.URL.Host,
"method": r.Method,
"path": r.URL.Path,
"remote_host": r.RemoteAddr,
"request_id": r.Header.Get("x-request-id"),
}
})
ioc.MustResolve[*event.TypedAggregator[*domain.Sparkle]](c).SubscribeTo("after.create", func(item *domain.Sparkle) {
client := ioc.MustResolve[*authzed.Client](c)
client.WriteRelationships(context.Background(), &v1.WriteRelationshipsRequest{
Updates: []*v1.RelationshipUpdate{
&v1.RelationshipUpdate{
Operation: v1.RelationshipUpdate_OPERATION_CREATE,
Relationship: &v1.Relationship{
Resource: item.ToObjectReference(),
Relation: "sparkler",
Subject: item.Author.ToSubjectReference(),
},
},
&v1.RelationshipUpdate{
Operation: v1.RelationshipUpdate_OPERATION_CREATE,
Relationship: &v1.Relationship{
Resource: item.ToObjectReference(),
Relation: "sparklee",
Subject: &v1.SubjectReference{
Object: &v1.ObjectReference{
ObjectType: "user",
ObjectId: item.Sparklee,
},
},
},
},
&v1.RelationshipUpdate{
Operation: v1.RelationshipUpdate_OPERATION_CREATE,
Relationship: &v1.Relationship{
Resource: item.ToObjectReference(),
Relation: "reader",
Subject: &v1.SubjectReference{
Object: &v1.ObjectReference{
ObjectType: "user",
ObjectId: "*",
},
},
},
},
},
})
})
}
|
