From 1aa83191bc958ef0c5a9f8bac5b1f4072efe7e45 Mon Sep 17 00:00:00 2001 From: Megan Tran Date: Mon, 6 Nov 2023 09:54:59 -0600 Subject: [PATCH] PLTCONN-4069: Refactoring --- cmd/connector/validate/account_create.go | 8 ++++---- cmd/connector/validate/account_read.go | 19 ++++++++++++++----- cmd/connector/validate/account_update.go | 4 ++-- cmd/connector/validate/check.go | 2 +- cmd/connector/validate/entitlement_read.go | 16 +++++++++++----- cmd/connector/validate/test_conn.go | 4 ++-- cmd/connector/validate/util.go | 4 ---- cmd/connector/validate/validate.go | 2 +- 8 files changed, 35 insertions(+), 24 deletions(-) diff --git a/cmd/connector/validate/account_create.go b/cmd/connector/validate/account_create.go index d3319c0..8d5bc0b 100644 --- a/cmd/connector/validate/account_create.go +++ b/cmd/connector/validate/account_create.go @@ -17,7 +17,7 @@ var accountCreateChecks = []Check{ RequiredCommands: []string{ "std:account:create", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { input := map[string]interface{}{} _, _, err := cc.AccountCreate(ctx, nil, input, nil) if err == nil { @@ -34,7 +34,7 @@ var accountCreateChecks = []Check{ "std:account:read", "std:account:delete", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { input := map[string]interface{}{} for _, field := range spec.AccountCreateTemplate.Fields { if field.Required { @@ -80,7 +80,7 @@ var accountCreateChecks = []Check{ "std:account:read", "std:account:delete", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { input := map[string]interface{}{} for _, field := range spec.AccountCreateTemplate.Fields { input[getFieldName(field)] = genCreateField(field) @@ -125,7 +125,7 @@ var accountCreateChecks = []Check{ "std:account:delete", "std:account:list", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { accountsPreCreate, _, _, err := cc.AccountList(ctx, nil, nil, nil) if err != nil { res.err(err) diff --git a/cmd/connector/validate/account_read.go b/cmd/connector/validate/account_read.go index c4cdc32..863adc7 100644 --- a/cmd/connector/validate/account_read.go +++ b/cmd/connector/validate/account_read.go @@ -3,6 +3,7 @@ package connvalidate import ( "context" "fmt" + "math/rand" "strconv" "github.com/kr/pretty" @@ -19,15 +20,23 @@ var accountReadChecks = []Check{ "std:account:read", "std:account:list", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { accounts, _, _, err := cc.AccountList(ctx, nil, nil, nil) if err != nil { res.err(err) return } - count := 0 + if len(accounts) == 0 { + res.warnf("no entitlements") + return + } + + rand.Shuffle(len(accounts), func(i, j int) { + accounts[i], accounts[j] = accounts[j], accounts[i] + }) + count := int64(0) for _, account := range accounts { - if readLimit && count > accountReadLimit { + if count > readLimit { break } acct, _, err := cc.AccountRead(ctx, account.ID(), account.UniqueID(), nil) @@ -59,7 +68,7 @@ var accountReadChecks = []Check{ RequiredCommands: []string{ "std:account:read", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { _, _, err := cc.AccountRead(ctx, "__sailpoint__not__found__", "", nil) if err == nil { res.errf("expected error for non-existant identity") @@ -73,7 +82,7 @@ var accountReadChecks = []Check{ RequiredCommands: []string{ "std:account:list", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { additionalAttributes := map[string]string{} attrsByName := map[string]connclient.AccountSchemaAttribute{} diff --git a/cmd/connector/validate/account_update.go b/cmd/connector/validate/account_update.go index 414b133..a1d319c 100644 --- a/cmd/connector/validate/account_update.go +++ b/cmd/connector/validate/account_update.go @@ -17,7 +17,7 @@ var accountUpdateChecks = []Check{ "std:account:list", "std:account:update", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { accounts, _, _, err := cc.AccountList(ctx, nil, nil, nil) if err != nil { res.err(err) @@ -72,7 +72,7 @@ var accountUpdateChecks = []Check{ "std:account:update", "std:account:delete", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { entitlementAttr := entitlementAttr(spec) if entitlementAttr == "" { res.warnf("no entitlement attribute") diff --git a/cmd/connector/validate/check.go b/cmd/connector/validate/check.go index fee388b..6b5a658 100644 --- a/cmd/connector/validate/check.go +++ b/cmd/connector/validate/check.go @@ -24,7 +24,7 @@ type Check struct { // IsDataModifier determines a checking that will modify connectors data after applying IsDataModifier bool - Run func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) + Run func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) // RequiredCommands represents a list of commands that use for this check RequiredCommands []string } diff --git a/cmd/connector/validate/entitlement_read.go b/cmd/connector/validate/entitlement_read.go index fbde182..1dade4b 100644 --- a/cmd/connector/validate/entitlement_read.go +++ b/cmd/connector/validate/entitlement_read.go @@ -2,6 +2,7 @@ package connvalidate import ( "context" + "math/rand" "github.com/kr/pretty" @@ -16,7 +17,7 @@ var entitlementReadChecks = []Check{ RequiredCommands: []string{ "std:entitlement:read", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { _, _, err := cc.EntitlementRead(ctx, "__sailpoint__not__found__", "", "group", nil) if err == nil { res.errf("expected error for non-existant entitlement") @@ -32,7 +33,7 @@ var entitlementReadChecks = []Check{ "std:entitlement:read", "std:entitlement:list", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { entitlements, _, _, err := cc.EntitlementList(ctx, "group", nil, nil, nil) if err != nil { res.err(err) @@ -43,9 +44,14 @@ var entitlementReadChecks = []Check{ res.warnf("no entitlements") return } - count := 0 + + rand.Shuffle(len(entitlements), func(i, j int) { + entitlements[i], entitlements[j] = entitlements[j], entitlements[i] + }) + + count := int64(0) for _, e := range entitlements { - if readLimit && count > accountReadLimit { + if count > readLimit { break } eRead, _, err := cc.EntitlementRead(ctx, e.ID(), e.UniqueID(), "group", nil) @@ -73,7 +79,7 @@ var entitlementReadChecks = []Check{ RequiredCommands: []string{ "std:entitlement:list", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { additionalAttributes := map[string]string{} attrsByName := map[string]connclient.EntitlementSchemaAttribute{} diff --git a/cmd/connector/validate/test_conn.go b/cmd/connector/validate/test_conn.go index 9dc57ae..2433f70 100644 --- a/cmd/connector/validate/test_conn.go +++ b/cmd/connector/validate/test_conn.go @@ -15,7 +15,7 @@ var testConnChecks = []Check{ RequiredCommands: []string{ "std:test-connection", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { err := cc.TestConnectionWithConfig(ctx, json.RawMessage("{}")) if err == nil { res.errf("expected test-connection failure for empty config") @@ -29,7 +29,7 @@ var testConnChecks = []Check{ RequiredCommands: []string{ "std:test-connection", }, - Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit bool) { + Run: func(ctx context.Context, spec *connclient.ConnSpec, cc *connclient.ConnClient, res *CheckResult, readLimit int64) { _, err := cc.TestConnection(ctx) if err != nil { res.err(err) diff --git a/cmd/connector/validate/util.go b/cmd/connector/validate/util.go index 165f76d..adc91c9 100644 --- a/cmd/connector/validate/util.go +++ b/cmd/connector/validate/util.go @@ -12,10 +12,6 @@ import ( connclient "github.com/sailpoint-oss/sailpoint-cli/cmd/connector/client" ) -const ( - accountReadLimit = 8 -) - // entitlementAttr returns the attribute for entitlements func entitlementAttr(spec *connclient.ConnSpec) string { for _, attr := range spec.AccountSchema.Attributes { diff --git a/cmd/connector/validate/validate.go b/cmd/connector/validate/validate.go index 6a4c1f1..5acebdc 100644 --- a/cmd/connector/validate/validate.go +++ b/cmd/connector/validate/validate.go @@ -31,7 +31,7 @@ type Config struct { // ReadLimit specifies whether to limit the number of account read // If ReadLimit set 'true', check for account and entitlement read will only read 8 accounts - ReadLimit bool + ReadLimit int64 } // NewValidator creates a new validator with provided config and ConnClient