From a40f936f375d98b15feaea9cdbf228bae7a652cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Toma=C5=BE=20Jerman?= <tomaz.jerman121@gmail.com>
Date: Tue, 17 Nov 2020 15:38:52 +0100
Subject: [PATCH] Yaml decoder tweaks based on resources & store

---
 pkg/envoy/yaml/compose_chart.go  |  6 ++++-
 pkg/envoy/yaml/compose_module.go |  4 ++-
 pkg/envoy/yaml/compose_record.go |  4 +++
 pkg/envoy/yaml/document.go       | 26 ++++++++++++++++++-
 pkg/envoy/yaml/rbac_rules.go     | 43 +++++++++++++++++++++++++++++---
 pkg/envoy/yaml/user.go           |  3 ---
 6 files changed, 76 insertions(+), 10 deletions(-)

diff --git a/pkg/envoy/yaml/compose_chart.go b/pkg/envoy/yaml/compose_chart.go
index 96c062ac0..af15b0fc7 100644
--- a/pkg/envoy/yaml/compose_chart.go
+++ b/pkg/envoy/yaml/compose_chart.go
@@ -124,7 +124,11 @@ func (wrap *composeChart) UnmarshalYAML(n *yaml.Node) (err error) {
 }
 
 func (wrap composeChart) MarshalEnvoy() ([]resource.Interface, error) {
-	rs := resource.NewComposeChart(wrap.res, wrap.refNamespace)
+	vv := make([]string, 0, len(wrap.refReportModules))
+	for _, v := range wrap.refReportModules {
+		vv = append(vv, v)
+	}
+	rs := resource.NewComposeChart(wrap.res, wrap.refNamespace, vv)
 	return envoy.CollectNodes(
 		rs,
 		wrap.rbac.bindResource(rs),
diff --git a/pkg/envoy/yaml/compose_module.go b/pkg/envoy/yaml/compose_module.go
index 910d54bd6..6075b9d6d 100644
--- a/pkg/envoy/yaml/compose_module.go
+++ b/pkg/envoy/yaml/compose_module.go
@@ -148,7 +148,9 @@ func (set *composeModuleFieldSet) UnmarshalYAML(n *yaml.Node) error {
 			}
 
 			wrap.res.Name = k.Value
-			wrap.res.Label = k.Value
+			if wrap.res.Label == "" {
+				wrap.res.Label = k.Value
+			}
 		}
 
 		*set = append(*set, wrap)
diff --git a/pkg/envoy/yaml/compose_record.go b/pkg/envoy/yaml/compose_record.go
index 5e0574a05..5f1e732e6 100644
--- a/pkg/envoy/yaml/compose_record.go
+++ b/pkg/envoy/yaml/compose_record.go
@@ -120,6 +120,10 @@ func (wset composeRecordSet) MarshalEnvoy() ([]resource.Interface, error) {
 		}
 
 		n := resource.NewComposeRecordSet(walker, w.nsRef, w.modRef)
+		for _, r := range w.rr {
+			n.IDMap[r.ID] = 0
+		}
+
 		nn = append(nn, n)
 	}
 
diff --git a/pkg/envoy/yaml/document.go b/pkg/envoy/yaml/document.go
index b2cf81b2e..88b12a09d 100644
--- a/pkg/envoy/yaml/document.go
+++ b/pkg/envoy/yaml/document.go
@@ -3,6 +3,7 @@ package yaml
 import (
 	"context"
 
+	"github.com/cortezaproject/corteza-server/pkg/envoy"
 	"github.com/cortezaproject/corteza-server/pkg/envoy/resource"
 	"gopkg.in/yaml.v3"
 )
@@ -52,8 +53,31 @@ func (doc *Document) UnmarshalYAML(n *yaml.Node) (err error) {
 func (doc *Document) Decode(ctx context.Context, l loader) ([]resource.Interface, error) {
 	nn := make([]resource.Interface, 0, 100)
 
+	mm := make([]envoy.Marshaller, 0, 20)
 	if doc.compose != nil {
-		if tmp, err := doc.compose.MarshalEnvoy(); err != nil {
+		mm = append(mm, doc.compose)
+	}
+	if doc.roles != nil {
+		mm = append(mm, doc.roles)
+	}
+	if doc.users != nil {
+		mm = append(mm, doc.users)
+	}
+	if doc.applications != nil {
+		mm = append(mm, doc.applications)
+	}
+	if doc.settings != nil {
+		mm = append(mm, doc.settings)
+	}
+	if doc.rbac != nil {
+		mm = append(mm, doc.rbac)
+	}
+	if doc.users != nil {
+		mm = append(mm, doc.users)
+	}
+
+	for _, m := range mm {
+		if tmp, err := m.MarshalEnvoy(); err != nil {
 			return nil, err
 		} else {
 			nn = append(nn, tmp...)
diff --git a/pkg/envoy/yaml/rbac_rules.go b/pkg/envoy/yaml/rbac_rules.go
index fc841edb5..b040bfbc8 100644
--- a/pkg/envoy/yaml/rbac_rules.go
+++ b/pkg/envoy/yaml/rbac_rules.go
@@ -2,6 +2,7 @@ package yaml
 
 import (
 	"fmt"
+	"strings"
 
 	"github.com/cortezaproject/corteza-server/pkg/envoy/resource"
 	"github.com/cortezaproject/corteza-server/pkg/rbac"
@@ -59,10 +60,10 @@ func (rr rbacRuleSet) decodeRbac(a rbac.Access, rules *yaml.Node) (rbacRuleSet,
 				res: &rbac.Rule{
 					Access:    a,
 					Operation: rbac.Operation(op.Value),
-					Resource:  rbac.Resource(res),
 				},
 				refRole: roleRef,
 			}
+			rule.SetResource(res)
 			rr = append(rr, rule)
 			return nil
 		})
@@ -85,15 +86,15 @@ func (rr rbacRuleSet) decodeRbac(a rbac.Access, rules *yaml.Node) (rbacRuleSet,
 }
 
 func (rr rbacRuleSet) bindResource(resI resource.Interface) rbacRuleSet {
-	res := &resource.Ref{
+	ref := &resource.Ref{
 		ResourceType: resI.ResourceType(),
 		Identifiers:  resI.Identifiers(),
 	}
 
 	rtr := make(rbacRuleSet, 0, len(rr))
 	for _, r := range rr {
-		r = r
-		r.resRef = res
+		r.SetResource(ref.ResourceType)
+		r.resRef = ref
 		rtr = append(rtr, r)
 	}
 
@@ -132,3 +133,37 @@ func (rr rbacRuleSet) MarshalEnvoy() ([]resource.Interface, error) {
 	}
 	return nn, nil
 }
+
+func (r *rbacRule) SetResource(res string) {
+	if res == "" {
+		return
+	}
+
+	sp := ":"
+
+	res = strings.TrimSpace(res)
+	res = strings.TrimRight(res, sp)
+	rr := strings.Split(res, sp)
+
+	// When len is 1; only top-level defined (system, compose, messaging)
+	if len(rr) == 1 {
+		r.res.Resource = rbac.Resource(res)
+		return
+	}
+
+	// When len is 2; top-level and sub level defined (compose:namespace, system:user, ...)
+	if len(rr) == 2 {
+		r.res.Resource = rbac.Resource(res + sp)
+		return
+	}
+
+	//When len is 3; both levels defined; resource ref also provided
+	if len(rr) == 3 {
+		res = strings.Join(rr[0:2], sp) + sp
+		r.resRef = &resource.Ref{
+			ResourceType: strings.Join(rr[0:2], sp) + sp,
+			Identifiers:  resource.MakeIdentifiers(rr[2]),
+		}
+		r.res.Resource = rbac.Resource(res)
+	}
+}
diff --git a/pkg/envoy/yaml/user.go b/pkg/envoy/yaml/user.go
index d0a9123fa..8ebb2e040 100644
--- a/pkg/envoy/yaml/user.go
+++ b/pkg/envoy/yaml/user.go
@@ -12,9 +12,6 @@ type (
 		// when user is at least partially defined
 		res *types.User `yaml:",inline"`
 
-		// all known modules on a user
-		modules composeModuleSet
-
 		// module's RBAC rules
 		rbac rbacRuleSet
 	}