RBAC: Add userLogin filter to the permission search endpoint (#81137)

* RBAC: Search add user login filter * Switch to a userService resolving instead * Remove unused error * Fallback to use the cache * account for userID filter * Account for the error * snake case * Add test cases * Add api tests * Fix return on error * Re-order imports
2025-02-25 18:55:37 -06:00 · 2024-01-26 09:43:16 +01:00
parent 2e352ba4d6
commit 722b78f3e0
11 changed files with 246 additions and 30 deletions
--- a/pkg/services/accesscontrol/accesscontrol.go
+++ b/pkg/services/accesscontrol/accesscontrol.go
@@ -57,6 +57,7 @@ type SearchOptions struct {
 	ActionPrefix string // Needed for the PoC v1, it's probably going to be removed.
 	Action       string
 	Scope        string
+	UserLogin    string    // Login for which to return information, if none is specified information is returned for all users.
 	UserID       int64     // ID for the user for which to return information, if none is specified information is returned for all users.
 	wildcards    Wildcards // private field computed based on the Scope
 }
@@ -76,6 +77,19 @@ func (s *SearchOptions) Wildcards() []string {
 	return s.wildcards
 }

+func (s *SearchOptions) ResolveUserLogin(ctx context.Context, userSvc user.Service) error {
+	if s.UserLogin == "" {
+		return nil
+	}
+	// Resolve userLogin -> userID
+	dbUsr, err := userSvc.GetByLogin(ctx, &user.GetUserByLoginQuery{LoginOrEmail: s.UserLogin})
+	if err != nil {
+		return err
+	}
+	s.UserID = dbUsr.ID
+	return nil
+}
+
 type SyncUserRolesCommand struct {
 	UserID int64
 	// name of roles the user should have