Merge pull request #78 from bosch-io/feature/policy-migration-updates

Feature/policy migration updates

policy-migration/src/config/config.ts

@@ -25,7 +25,8 @@ type LogLevel = (
 export enum Migration {
   ReplaceSubject = "replaceSubject",
   AddSubject = "addSubject",
-  AddEntry = "addEntry"
+  AddEntry = "addEntry",
+  ReplaceEntries = "replaceEntries"
 }
 
 export type Config = {
@@ -37,10 +38,17 @@ export type Config = {
     readonly secret: string;
     readonly scope: string;
   };
+
   readonly basicAuth: {
     readonly username: string;
     readonly password: string;
   };
+
+  readonly apiKey: {
+    readonly key: string;
+    readonly value: string
+  };
+
   readonly namespaces?: [string];
   readonly filter?: string;
   readonly pageSize: number;
@@ -58,6 +66,22 @@ export type Config = {
   };
 
   readonly migrations: [{ [key: string]: unknown }];
+
+  readonly policyEntries: {
+    [label: string]: {
+      subjects: {
+        [subject: string]: {
+          type: string;
+        };
+      };
+      resources: {
+        [resource: string]: {
+          grant: (string)[];
+          revoke: (string)[];
+        };
+      };
+    };
+  }
 };
 
 const defaults = {

policy-migration/src/http/auth.ts

@@ -36,10 +36,15 @@ export class HttpAuth {
       headers.append(
         "Authorization",
         "Basic " +
-          btoa(
-            this.cfg.basicAuth.username + ":" +
-              this.cfg.basicAuth.password,
-          ),
+        btoa(
+          this.cfg.basicAuth.username + ":" +
+          this.cfg.basicAuth.password,
+        ),
+      );
+    } else if (this.cfg.apiKey) {
+      headers.append(
+        this.cfg.apiKey.key,
+        this.cfg.apiKey.value
       );
     }
   }

policy-migration/src/migration.ts

@@ -17,7 +17,7 @@ import { HttpErrorResponse, MigrationResult, Progress } from "./model/base.ts";
 import { Policy } from "./model/policy.ts";
 import { Search } from "./search.ts";
 import { HttpAuth } from "./http/auth.ts";
-import { AddEntry, AddSubject, ReplaceSubject } from "./model/migration.ts";
+import { AddEntry, AddSubject, ReplaceEntries, ReplaceSubject } from "./model/migration.ts";
 
 /**
  * The policy migration is done in several steps:
@@ -222,6 +222,8 @@ export class MigrationStep {
         return this.addSubject(policy, step as AddSubject);
       case Migration.AddEntry:
         return this.addEntry(policy, step as AddEntry);
+      case Migration.ReplaceEntries:
+        return this.replaceEntries(policy, step as ReplaceEntries)
       default:
         this.logger.info(`Unknown migration ${label}. Ignoring.`);
         return false;
@@ -263,4 +265,9 @@ export class MigrationStep {
     }
     return changed;
   }
+
+  private replaceEntries(policy: Policy, replaceEntries: ReplaceEntries) {
+    policy.entries = replaceEntries.policyEntries;
+    return true;
+  }
 }

policy-migration/src/model/migration.ts

@@ -33,4 +33,8 @@ export type AddEntry = {
   label: string;
   entry: PolicyEntry;
   replace: boolean;
-};
+};
+
+export type ReplaceEntries = {
+  policyEntries: { [label: string]: PolicyEntry };
+}

policy-migration/src/search.ts

@@ -82,8 +82,15 @@ export class Search {
         this.completed = true;
       }
 
+      const policiesMap: Map<String, Policy> = new Map<String, Policy>();
+      sr.items.forEach((item) => {
+        policiesMap.set(item._policy.policyId, item._policy);
+      });
       const policies: Policy[] = [];
-      sr.items.forEach((item) => policies.push(item._policy));
+      policiesMap.forEach((value, _) => {
+        policies.push(value);
+      });
+
       return policies;
     });
   }