CurrentAccountIndication: extend with "is_admin" field

kamu-data · Jan 10, 2024 · ef80fae · ef80fae
1 parent 5a4af2d
commit ef80fae
Show file tree

Hide file tree

Showing 6 changed files with 55 additions and 38 deletions.
diff --git a/src/adapter/http/src/http_server_dataset_router.rs b/src/adapter/http/src/http_server_dataset_router.rs
@@ -85,24 +85,18 @@ pub async fn platform_token_validate_handler(
     let current_account_subject = catalog.get_one::<CurrentAccountSubject>().unwrap();
 
     match current_account_subject.as_ref() {
-        CurrentAccountSubject::Logged(_) => {
-            return axum::response::Response::builder()
-                .status(http::StatusCode::OK)
-                .body(Default::default())
-                .unwrap()
-        }
-        CurrentAccountSubject::Anonymous(reason) => {
-            return axum::response::Response::builder()
-                .status(match reason {
-                    AnonymousAccountReason::AuthenticationExpired => http::StatusCode::UNAUTHORIZED,
-                    AnonymousAccountReason::AuthenticationInvalid => http::StatusCode::BAD_REQUEST,
-                    AnonymousAccountReason::NoAuthenticationProvided => {
-                        http::StatusCode::BAD_REQUEST
-                    }
-                })
-                .body(Default::default())
-                .unwrap();
-        }
+        CurrentAccountSubject::Logged(_) => axum::response::Response::builder()
+            .status(http::StatusCode::OK)
+            .body(Default::default())
+            .unwrap(),
+        CurrentAccountSubject::Anonymous(reason) => axum::response::Response::builder()
+            .status(match reason {
+                AnonymousAccountReason::AuthenticationExpired => http::StatusCode::UNAUTHORIZED,
+                AnonymousAccountReason::AuthenticationInvalid => http::StatusCode::BAD_REQUEST,
+                AnonymousAccountReason::NoAuthenticationProvided => http::StatusCode::BAD_REQUEST,
+            })
+            .body(Default::default())
+            .unwrap(),
     }
 }
 

diff --git a/src/app/cli/src/app.rs b/src/app/cli/src/app.rs
@@ -42,18 +42,20 @@ pub async fn run(
     workspace_layout: WorkspaceLayout,
     matches: clap::ArgMatches,
 ) -> Result<(), CLIError> {
-    // Always capture backtraces for logging - we will separately decide wheter to
-    // display them to the user based on verbocity level
+    // Always capture backtraces for logging - we will separately decide whether to
+    // display them to the user based on verbosity level
     if std::env::var_os("RUST_BACKTRACE").is_none() {
         std::env::set_var("RUST_BACKTRACE", "1");
     }
 
     let workspace_svc = WorkspaceService::new(Arc::new(workspace_layout.clone()));
     let workspace_version = workspace_svc.workspace_version()?;
+    let config = load_config(&workspace_layout);
 
     let current_account = accounts::AccountService::current_account_indication(
         &matches,
         workspace_svc.is_multi_tenant_workspace(),
+        config.users.as_ref().unwrap(),
     );
 
     prepare_run_dir(&workspace_layout.run_info_dir);
@@ -85,7 +87,6 @@ pub async fn run(
             "Initializing kamu-cli"
         );
 
-        let config = load_config(&workspace_layout);
         register_config_in_catalog(
             &config,
             &mut base_catalog_builder,
@@ -315,7 +316,6 @@ fn load_config(workspace_layout: &WorkspaceLayout) -> config::CLIConfig {
     config
 }
 
-// Public only for tests
 pub fn register_config_in_catalog(
     config: &config::CLIConfig,
     catalog_builder: &mut CatalogBuilder,

diff --git a/src/app/cli/src/cli_commands.rs b/src/app/cli/src/cli_commands.rs
@@ -12,6 +12,7 @@ use opendatafabric::*;
 use url::Url;
 
 use crate::commands::*;
+use crate::config::UsersConfig;
 use crate::{accounts, odf_server, CommandInterpretationFailed, WorkspaceService};
 
 pub fn get_command(
@@ -22,12 +23,15 @@ pub fn get_command(
     let command: Box<dyn Command> = match arg_matches.subcommand() {
         Some(("add", submatches)) => {
             let workspace_svc = cli_catalog.get_one::<WorkspaceService>()?;
+            let user_config = cli_catalog.get_one::<UsersConfig>()?;
+
             Box::new(AddCommand::new(
                 cli_catalog.get_one()?,
                 cli_catalog.get_one()?,
                 accounts::AccountService::current_account_indication(
                     &arg_matches,
                     workspace_svc.is_multi_tenant_workspace(),
+                    user_config.as_ref(),
                 ),
                 submatches
                     .get_many("manifest")
@@ -182,12 +186,15 @@ pub fn get_command(
         },
         Some(("list", submatches)) => {
             let workspace_svc = cli_catalog.get_one::<WorkspaceService>()?;
+            let user_config = cli_catalog.get_one::<UsersConfig>()?;
+
             Box::new(ListCommand::new(
                 cli_catalog.get_one()?,
                 cli_catalog.get_one()?,
                 accounts::AccountService::current_account_indication(
                     &arg_matches,
                     workspace_svc.is_multi_tenant_workspace(),
+                    user_config.as_ref(),
                 ),
                 accounts::AccountService::related_account_indication(submatches),
                 cli_catalog.get_one()?,

diff --git a/src/app/cli/src/services/accounts/account_service.rs b/src/app/cli/src/services/accounts/account_service.rs
@@ -50,16 +50,16 @@ impl AccountService {
         }
     }
 
-    fn default_account_name(multitenant_workspace: bool) -> String {
-        if multitenant_workspace {
+    fn default_account_name(multi_tenant_workspace: bool) -> String {
+        if multi_tenant_workspace {
             whoami::username()
         } else {
             String::from(auth::DEFAULT_ACCOUNT_NAME)
         }
     }
 
-    fn default_user_name(multitenant_workspace: bool) -> String {
-        if multitenant_workspace {
+    fn default_user_name(multi_tenant_workspace: bool) -> String {
+        if multi_tenant_workspace {
             whoami::realname()
         } else {
             String::from(auth::DEFAULT_ACCOUNT_NAME)
@@ -68,13 +68,13 @@ impl AccountService {
 
     pub fn current_account_indication(
         arg_matches: &ArgMatches,
-        multitenant_workspace: bool,
+        multi_tenant_workspace: bool,
+        users_config: &UsersConfig,
     ) -> CurrentAccountIndication {
-        let default_account_name: String =
-            AccountService::default_account_name(multitenant_workspace);
-        let default_user_name: String = AccountService::default_user_name(multitenant_workspace);
+        let (current_account, user_name, specified_explicitly) = {
+            let default_account_name = AccountService::default_account_name(multi_tenant_workspace);
+            let default_user_name = AccountService::default_user_name(multi_tenant_workspace);
 
-        let (current_account, user_name, specified_explicitly) =
             if let Some(account) = arg_matches.get_one::<String>("account") {
                 (
                     account.clone(),
@@ -88,9 +88,20 @@ impl AccountService {
                 )
             } else {
                 (default_account_name, default_user_name, false)
-            };
+            }
+        };
+
+        let is_admin = if multi_tenant_workspace {
+            users_config
+                .predefined
+                .iter()
+                .find(|a| a.account_name.as_str().eq(&current_account))
+                .map_or(false, |a| a.is_admin)
+        } else {
+            true
+        };
 
-        CurrentAccountIndication::new(current_account, user_name, specified_explicitly)
+        CurrentAccountIndication::new(current_account, user_name, specified_explicitly, is_admin)
     }
 
     pub fn related_account_indication(sub_matches: &ArgMatches) -> RelatedAccountIndication {

diff --git a/src/app/cli/src/services/accounts/models.rs b/src/app/cli/src/services/accounts/models.rs
@@ -42,10 +42,16 @@ pub struct CurrentAccountIndication {
     pub account_name: AccountName,
     pub user_name: String,
     pub specified_explicitly: bool,
+    is_admin: bool,
 }
 
 impl CurrentAccountIndication {
-    pub fn new<A, U>(account_name: A, user_name: U, specified_explicitly: bool) -> Self
+    pub fn new<A, U>(
+        account_name: A,
+        user_name: U,
+        specified_explicitly: bool,
+        is_admin: bool,
+    ) -> Self
     where
         A: Into<String>,
         U: Into<String>,
@@ -54,6 +60,7 @@ impl CurrentAccountIndication {
             account_name: AccountName::try_from(account_name.into()).unwrap(),
             user_name: user_name.into(),
             specified_explicitly,
+            is_admin,
         }
     }
 
@@ -62,9 +69,7 @@ impl CurrentAccountIndication {
     }
 
     pub fn to_current_account_subject(&self) -> CurrentAccountSubject {
-        let is_admin = true;
-
-        CurrentAccountSubject::logged(AccountName::from(self.account_name.clone()), is_admin)
+        CurrentAccountSubject::logged(AccountName::from(self.account_name.clone()), self.is_admin)
     }
 }
 

diff --git a/src/app/cli/src/services/config/models.rs b/src/app/cli/src/services/config/models.rs
@@ -333,7 +333,7 @@ impl UsersConfig {
                 account_type: AccountType::User,
                 display_name: String::from(auth::DEFAULT_ACCOUNT_NAME),
                 avatar_url: Some(String::from(auth::DEFAULT_AVATAR_URL)),
-                is_admin: false,
+                is_admin: true,
             }],
             allow_login_unknown: Some(false),
         }