[management] remove ids from policy creation api (#2997)

2025-01-07 22:49:35 +01:00 · 2024-12-27 14:13:36 +01:00 · 2024-12-27 14:13:36 +01:00 · fbce8bb511
commit fbce8bb511
parent 445b626dc8
4 changed files with 90 additions and 31 deletions
--- a/management/server/http/api/openapi.yml
+++ b/management/server/http/api/openapi.yml
@ -725,10 +725,6 @@ components:
    PolicyRuleMinimum:
      type: object
      properties:
-        id:
-          description: Policy rule ID
-          type: string
-          example: ch8i4ug6lnn4g9hqv7mg
        name:
          description: Policy rule name identifier
          type: string
@ -790,6 +786,31 @@ components:
        - end

    PolicyRuleUpdate:
+      allOf:
+        - $ref: '#/components/schemas/PolicyRuleMinimum'
+        - type: object
+          properties:
+            id:
+              description: Policy rule ID
+              type: string
+              example: ch8i4ug6lnn4g9hqv7mg
+            sources:
+              description: Policy rule source group IDs
+              type: array
+              items:
+                type: string
+                example: "ch8i4ug6lnn4g9hqv797"
+            destinations:
+              description: Policy rule destination group IDs
+              type: array
+              items:
+                type: string
+                example: "ch8i4ug6lnn4g9h7v7m0"
+          required:
+            - sources
+            - destinations
+
+    PolicyRuleCreate:
      allOf:
        - $ref: '#/components/schemas/PolicyRuleMinimum'
        - type: object
@ -817,6 +838,10 @@ components:
        - $ref: '#/components/schemas/PolicyRuleMinimum'
        - type: object
          properties:
+            id:
+              description: Policy rule ID
+              type: string
+              example: ch8i4ug6lnn4g9hqv7mg
            sources:
              description: Policy rule source group IDs
              type: array
@ -836,10 +861,6 @@ components:
    PolicyMinimum:
      type: object
      properties:
-        id:
-          description: Policy ID
-          type: string
-          example: ch8i4ug6lnn4g9hqv7mg
        name:
          description: Policy name identifier
          type: string
@ -854,7 +875,6 @@ components:
          example: true
      required:
        - name
-        - description
        - enabled
    PolicyUpdate:
      allOf:
@ -874,11 +894,33 @@ components:
                $ref: '#/components/schemas/PolicyRuleUpdate'
          required:
            - rules
+    PolicyCreate:
+      allOf:
+        - $ref: '#/components/schemas/PolicyMinimum'
+        - type: object
+          properties:
+            source_posture_checks:
+              description: Posture checks ID's applied to policy source groups
+              type: array
+              items:
+                type: string
+                example: "chacdk86lnnboviihd70"
+            rules:
+              description: Policy rule object for policy UI editor
+              type: array
+              items:
+                $ref: '#/components/schemas/PolicyRuleUpdate'
+          required:
+            - rules
    Policy:
      allOf:
        - $ref: '#/components/schemas/PolicyMinimum'
        - type: object
          properties:
+            id:
+              description: Policy ID
+              type: string
+              example: ch8i4ug6lnn4g9hqv7mg
            source_posture_checks:
              description: Posture checks ID's applied to policy source groups
              type: array
@ -2463,7 +2505,7 @@ paths:
        content:
          'application/json':
            schema:
-              $ref: '#/components/schemas/PolicyUpdate'
+              $ref: '#/components/schemas/PolicyCreate'
      responses:
        '200':
          description: A Policy object
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@ -879,7 +879,7 @@ type PersonalAccessTokenRequest struct {
 // Policy defines model for Policy.
 type Policy struct {
 	// Description Policy friendly description
-	Description string `json:"description"`
+	Description *string `json:"description,omitempty"`

 	// Enabled Policy status
 	Enabled bool `json:"enabled"`
@ -897,16 +897,31 @@ type Policy struct {
 	SourcePostureChecks []string `json:"source_posture_checks"`
 }

-// PolicyMinimum defines model for PolicyMinimum.
-type PolicyMinimum struct {
+// PolicyCreate defines model for PolicyCreate.
+type PolicyCreate struct {
 	// Description Policy friendly description
-	Description string `json:"description"`
+	Description *string `json:"description,omitempty"`

 	// Enabled Policy status
 	Enabled bool `json:"enabled"`

-	// Id Policy ID
-	Id *string `json:"id,omitempty"`
+	// Name Policy name identifier
+	Name string `json:"name"`
+
+	// Rules Policy rule object for policy UI editor
+	Rules []PolicyRuleUpdate `json:"rules"`
+
+	// SourcePostureChecks Posture checks ID's applied to policy source groups
+	SourcePostureChecks *[]string `json:"source_posture_checks,omitempty"`
+}
+
+// PolicyMinimum defines model for PolicyMinimum.
+type PolicyMinimum struct {
+	// Description Policy friendly description
+	Description *string `json:"description,omitempty"`
+
+	// Enabled Policy status
+	Enabled bool `json:"enabled"`

 	// Name Policy name identifier
 	Name string `json:"name"`
@ -970,9 +985,6 @@ type PolicyRuleMinimum struct {
 	// Enabled Policy rule status
 	Enabled bool `json:"enabled"`

-	// Id Policy rule ID
-	Id *string `json:"id,omitempty"`
-
 	// Name Policy rule name identifier
 	Name string `json:"name"`

@ -1039,14 +1051,11 @@ type PolicyRuleUpdateProtocol string
 // PolicyUpdate defines model for PolicyUpdate.
 type PolicyUpdate struct {
 	// Description Policy friendly description
-	Description string `json:"description"`
+	Description *string `json:"description,omitempty"`

 	// Enabled Policy status
 	Enabled bool `json:"enabled"`

-	// Id Policy ID
-	Id *string `json:"id,omitempty"`
-
 	// Name Policy name identifier
 	Name string `json:"name"`

@ -1473,7 +1482,7 @@ type PutApiPeersPeerIdJSONRequestBody = PeerRequest
 type PostApiPoliciesJSONRequestBody = PolicyUpdate

 // PutApiPoliciesPolicyIdJSONRequestBody defines body for PutApiPoliciesPolicyId for application/json ContentType.
-type PutApiPoliciesPolicyIdJSONRequestBody = PolicyUpdate
+type PutApiPoliciesPolicyIdJSONRequestBody = PolicyCreate

 // PostApiPostureChecksJSONRequestBody defines body for PostApiPostureChecks for application/json ContentType.
 type PostApiPostureChecksJSONRequestBody = PostureCheckUpdate
--- a/management/server/http/handlers/policies/policies_handler.go
+++ b/management/server/http/handlers/policies/policies_handler.go
@ -133,16 +133,21 @@ func (h *handler) savePolicy(w http.ResponseWriter, r *http.Request, accountID s
 		return
 	}

+	description := ""
+	if req.Description != nil {
+		description = *req.Description
+	}
+
 	policy := &types.Policy{
 		ID:          policyID,
 		AccountID:   accountID,
 		Name:        req.Name,
 		Enabled:     req.Enabled,
-		Description: req.Description,
+		Description: description,
 	}
 	for _, rule := range req.Rules {
 		var ruleID string
-		if rule.Id != nil {
+		if rule.Id != nil && policyID != "" {
 			ruleID = *rule.Id
 		}

@ -370,7 +375,7 @@ func toPolicyResponse(groups []*types.Group, policy *types.Policy) *api.Policy {
 	ap := &api.Policy{
 		Id:                  &policy.ID,
 		Name:                policy.Name,
-		Description:         policy.Description,
+		Description:         &policy.Description,
 		Enabled:             policy.Enabled,
 		SourcePostureChecks: policy.SourcePostureChecks,
 	}
--- a/management/server/http/handlers/policies/policies_handler_test.go
+++ b/management/server/http/handlers/policies/policies_handler_test.go
@ -154,6 +154,7 @@ func TestPoliciesGetPolicy(t *testing.T) {

 func TestPoliciesWritePolicy(t *testing.T) {
 	str := func(s string) *string { return &s }
+	emptyString := ""
 	tt := []struct {
 		name           string
 		expectedStatus int
@ -184,8 +185,9 @@ func TestPoliciesWritePolicy(t *testing.T) {
 			expectedStatus: http.StatusOK,
 			expectedBody:   true,
 			expectedPolicy: &api.Policy{
-				Id:   str("id-was-set"),
-				Name: "Default POSTed Policy",
+				Id:          str("id-was-set"),
+				Name:        "Default POSTed Policy",
+				Description: &emptyString,
 				Rules: []api.PolicyRule{
 					{
 						Id:            str("id-was-set"),
@ -232,8 +234,9 @@ func TestPoliciesWritePolicy(t *testing.T) {
 			expectedStatus: http.StatusOK,
 			expectedBody:   true,
 			expectedPolicy: &api.Policy{
-				Id:   str("id-existed"),
-				Name: "Default POSTed Policy",
+				Id:          str("id-existed"),
+				Name:        "Default POSTed Policy",
+				Description: &emptyString,
 				Rules: []api.PolicyRule{
 					{
 						Id:            str("id-existed"),