Add support for the "*" permission to pgo create pgorole --permissions

jkatz · Jonathan S. Katz · commit 81603b281ade · 2020-07-30T09:31:20.000-04:00
While "*" has been supported for awhile in the PostgreSQL Operator, one
could not add it while using the `pgo create pgorole --permissions` as
it failed the validation check. This rectifies this oversight and fixes
said bug.

Issue: [ch8909]
diff --git a/apiserver/pgoroleservice/pgoroleimpl.go b/apiserver/pgoroleservice/pgoroleimpl.go
@@ -250,7 +250,7 @@ func validPermissions(perms string) error {
 	fields := strings.Split(perms, ",")
 
 	for _, v := range fields {
-		if apiserver.PermMap[strings.TrimSpace(v)] == "" {
+		if apiserver.PermMap[strings.TrimSpace(v)] == "" && strings.TrimSpace(v) != "*" {
 			return errors.New(v + " not a valid Permission")
 		}
 	}
diff --git a/apiserver/pgoroleservice/pgoroleimpl_test.go b/apiserver/pgoroleservice/pgoroleimpl_test.go
@@ -0,0 +1,55 @@
+package pgoroleservice
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/crunchydata/postgres-operator/internal/apiserver"
+)
+
+func TestValidPermissions(t *testing.T) {
+	apiserver.PermMap = map[string]string{
+		apiserver.CREATE_CLUSTER_PERM:   "yes",
+		apiserver.CREATE_PGBOUNCER_PERM: "yes",
+	}
+
+	t.Run("with valid permission", func(t *testing.T) {
+		perms := apiserver.CREATE_CLUSTER_PERM
+
+		if err := validPermissions(perms); err != nil {
+			t.Errorf("%q should be a valid permission", perms)
+		}
+	})
+
+	t.Run("with multiple valid permissions", func(t *testing.T) {
+		perms := fmt.Sprintf("%s,%s", apiserver.CREATE_CLUSTER_PERM, apiserver.CREATE_PGBOUNCER_PERM)
+
+		if err := validPermissions(perms); err != nil {
+			t.Errorf("%v should be a valid permission", perms)
+		}
+	})
+
+	t.Run("with an invalid permission", func(t *testing.T) {
+		perms := "bogus"
+
+		if err := validPermissions(perms); err == nil {
+			t.Errorf("%q should raise an error", perms)
+		}
+	})
+
+	t.Run("with a mix of valid and invalid permissions", func(t *testing.T) {
+		perms := fmt.Sprintf("%s,%s", apiserver.CREATE_CLUSTER_PERM, "bogus")
+
+		if err := validPermissions(perms); err == nil {
+			t.Errorf("%q should raise an error", perms)
+		}
+	})
+
+	t.Run("with *", func(t *testing.T) {
+		perms := "*"
+
+		if err := validPermissions(perms); err != nil {
+			t.Errorf("%q should be a valid permission", perms)
+		}
+	})
+}

Original file line number	Diff line number	Diff line change
`@@ -250,7 +250,7 @@ func validPermissions(perms string) error {`
`250`	`250`	`fields := strings.Split(perms, ",")`
`251`	`251`
`252`	`252`	`for _, v := range fields {`
`253`		`- if apiserver.PermMap[strings.TrimSpace(v)] == "" {`
	`253`	`+ if apiserver.PermMap[strings.TrimSpace(v)] == "" && strings.TrimSpace(v) != "*" {`
`254`	`254`	`return errors.New(v + " not a valid Permission")`
`255`	`255`	`}`
`256`	`256`	`}`