1 files changed, 193 insertions, 0 deletions
diff --git a/src/dcm/pkg/module/userpermissions.go b/src/dcm/pkg/module/userpermissions.go
new file mode 100644
index 00000000..cf961a65
--- /dev/null
+++ b/src/dcm/pkg/module/userpermissions.go
@@ -0,0 +1,193 @@
+/*
+* Copyright 2020 Intel Corporation, Inc
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+package module
+
+import (
+    pkgerrors "github.com/pkg/errors"
+)
+
+// UserPermission contains the parameters needed for a user permission
+type UserPermission struct {
+    UserPermissionName      string          `json:"name"`
+    APIGroups               []string        `json:"apiGroups"`
+    Resources               []string        `json:"resources"`
+    Verbs                   []string        `json:"verbs"`
+}
+
+// UserPermissionKey is the key structure that is used in the database
+type UserPermissionKey struct {
+    Project                 string      `json:"project"`
+    LogicalCloudName        string      `json:"logical-cloud-name"`
+    UserPermissionName      string      `json:"upname"`
+}
+
+// UserPermissionManager is an interface that exposes the connection
+// functionality
+type UserPermissionManager interface {
+    CreateUserPerm(project, logicalCloud string, c UserPermission) (UserPermission, error)
+    GetUserPerm(project, logicalCloud, name string) (UserPermission, error)
+    GetAllUserPerms(project, logicalCloud string) ([]UserPermission, error)
+    DeleteUserPerm(project, logicalCloud, name string) error
+    UpdateUserPerm(project, logicalCloud, name string, c UserPermission) (UserPermission, error)
+}
+
+// UserPermissionClient implements the UserPermissionManager
+// It will also be used to maintain some localized state
+type UserPermissionClient struct {
+    storeName   string
+    tagMeta     string
+    util        Utility
+}
+
+// UserPermissionClient returns an instance of the UserPermissionClient
+// which implements the UserPermissionManager
+func NewUserPermissionClient() *UserPermissionClient {
+    service := DBService{}
+    return &UserPermissionClient{
+        storeName:  "orchestrator",
+        tagMeta:    "userpermission",
+        util:       service,
+    }
+}
+
+// Create entry for the User Permission resource in the database
+func (v *UserPermissionClient) CreateUserPerm(project, logicalCloud string, c UserPermission) (UserPermission, error) {
+
+    //Construct key consisting of name
+    key := UserPermissionKey {
+        Project:            project,
+        LogicalCloudName:   logicalCloud,
+        UserPermissionName: c.UserPermissionName,
+    }
+
+    //Check if project exists
+    err := v.util.CheckProject(project)
+    if err != nil {
+        return UserPermission{}, pkgerrors.New("Unable to find the project")
+    }
+    //check if logical cloud exists
+    err = v.util.CheckLogicalCloud(project, logicalCloud)
+    if err != nil {
+        return UserPermission{}, pkgerrors.New("Unable to find the logical cloud")
+    }
+
+    //Check if this User Permission already exists
+    _, err = v.GetUserPerm(project, logicalCloud, c.UserPermissionName)
+    if err == nil {
+        return UserPermission{}, pkgerrors.New("User Permission already exists")
+    }
+
+    err = v.util.DBInsert(v.storeName, key, nil, v.tagMeta, c)
+    if err != nil {
+        return UserPermission{}, pkgerrors.Wrap(err, "Creating DB Entry")
+    }
+
+    return c, nil
+}
+
+// Get returns User Permission for corresponding name
+func (v *UserPermissionClient) GetUserPerm(project, logicalCloud, userPermName string) (UserPermission, error) {
+
+    //Construct the composite key to select the entry
+    key := UserPermissionKey{
+        Project:            project,
+        LogicalCloudName:   logicalCloud,
+        UserPermissionName: userPermName,
+    }
+
+    value, err := v.util.DBFind(v.storeName, key, v.tagMeta)
+    if err != nil {
+        return UserPermission{}, pkgerrors.Wrap(err, "Get User Permission")
+    }
+
+    //value is a byte array
+    if value != nil {
+        up := UserPermission{}
+        err = v.util.DBUnmarshal(value[0], &up)
+        if err != nil {
+            return UserPermission{}, pkgerrors.Wrap(err, "Unmarshaling value")
+        }
+        return up, nil
+    }
+
+    return UserPermission{}, pkgerrors.New("Error getting User Permission")
+}
+
+// GetAll lists all user permissions
+func (v *UserPermissionClient) GetAllUserPerms(project, logicalCloud string) ([]UserPermission, error) {
+    //Construct the composite key to select the entry
+    key := UserPermissionKey {
+        Project:            project,
+        LogicalCloudName:   logicalCloud,
+        UserPermissionName: "",
+    }
+    var resp  []UserPermission
+    values, err := v.util.DBFind(v.storeName, key, v.tagMeta)
+    if err != nil {
+        return []UserPermission{}, pkgerrors.Wrap(err, "Get All User Permissions")
+    }
+
+    for _, value := range values {
+        up := UserPermission{}
+        err = v.util.DBUnmarshal(value, &up)
+        if err != nil {
+            return []UserPermission{}, pkgerrors.Wrap(err, "Unmarshaling value")
+        }
+        resp = append(resp, up)
+    }
+    return resp, nil
+}
+// Delete the User Permission entry from database
+func (v *UserPermissionClient) DeleteUserPerm(project, logicalCloud, userPermName string) error {
+    //Construct the composite key to select the entry
+    key := UserPermissionKey{
+        Project:            project,
+        LogicalCloudName:   logicalCloud,
+        UserPermissionName: userPermName,
+    }
+    err := v.util.DBRemove(v.storeName, key)
+        if err != nil {
+                return pkgerrors.Wrap(err, "Delete User Permission")
+        }
+        return nil
+}
+
+// Update an entry for the User Permission in the database
+func (v *UserPermissionClient) UpdateUserPerm(project, logicalCloud, userPermName string, c UserPermission) (
+    UserPermission, error) {
+
+    key := UserPermissionKey{
+        Project:            project,
+        LogicalCloudName:   logicalCloud,
+        UserPermissionName: userPermName,
+    }
+    //Check for URL name and json permission name mismatch
+    if c.UserPermissionName != userPermName {
+        return UserPermission{}, pkgerrors.New("Update Error - Permission name mismatch")
+    }
+    //Check if this User Permission exists
+    _, err := v.GetUserPerm(project, logicalCloud, userPermName)
+    if err != nil {
+        return UserPermission{}, pkgerrors.New(
+            "Update Error - User Permission doesn't exist")
+    }
+    err = v.util.DBInsert(v.storeName, key, nil, v.tagMeta, c)
+    if err != nil {
+        return UserPermission{}, pkgerrors.Wrap(err, "Updating DB Entry")
+    }
+    return c, nil
+}