From 1962b49971cf1602ed5ee20b33193e10022cf8cb Mon Sep 17 00:00:00 2001
From: Patrick Bajao <ebajao@gitlab.com>
Date: Thu, 8 Aug 2019 15:29:33 +0800
Subject: Implement AuthorizedPrincipals command

Build this command when `Executable` name is
`gitlab-shell-authorized-principals-check`. Feature flag is the
same name.
---
 .../command/commandargs/authorized_principals.go   | 50 ++++++++++++++++++++++
 go/internal/command/commandargs/command_args.go    |  2 +
 .../command/commandargs/command_args_test.go       | 23 ++++++++++
 3 files changed, 75 insertions(+)
 create mode 100644 go/internal/command/commandargs/authorized_principals.go

(limited to 'go/internal/command/commandargs')

diff --git a/go/internal/command/commandargs/authorized_principals.go b/go/internal/command/commandargs/authorized_principals.go
new file mode 100644
index 0000000..746ae3f
--- /dev/null
+++ b/go/internal/command/commandargs/authorized_principals.go
@@ -0,0 +1,50 @@
+package commandargs
+
+import (
+	"errors"
+	"fmt"
+)
+
+type AuthorizedPrincipals struct {
+	Arguments  []string
+	KeyId      string
+	Principals []string
+}
+
+func (ap *AuthorizedPrincipals) Parse() error {
+	if err := ap.validate(); err != nil {
+		return err
+	}
+
+	ap.KeyId = ap.Arguments[0]
+	ap.Principals = ap.Arguments[1:]
+
+	return nil
+}
+
+func (ap *AuthorizedPrincipals) GetArguments() []string {
+	return ap.Arguments
+}
+
+func (ap *AuthorizedPrincipals) validate() error {
+	argsSize := len(ap.Arguments)
+
+	if argsSize < 2 {
+		return errors.New(fmt.Sprintf("# Insufficient arguments. %d. Usage\n#\tgitlab-shell-authorized-principals-check <key-id> <principal1> [<principal2>...]", argsSize))
+	}
+
+	keyId := ap.Arguments[0]
+	principals := ap.Arguments[1:]
+
+	if keyId == "" {
+		return errors.New("# No key_id provided")
+	}
+
+	for _, principal := range principals {
+		if principal == "" {
+			return errors.New("# An invalid principal was provided")
+		}
+	}
+
+	return nil
+}
diff --git a/go/internal/command/commandargs/command_args.go b/go/internal/command/commandargs/command_args.go
index dfdf8e5..4831134 100644
--- a/go/internal/command/commandargs/command_args.go
+++ b/go/internal/command/commandargs/command_args.go
@@ -19,6 +19,8 @@ func Parse(e *executable.Executable, arguments []string) (CommandArgs, error) {
 		args = &Shell{Arguments: arguments}
 	case executable.AuthorizedKeysCheck:
 		args = &AuthorizedKeys{Arguments: arguments}
+	case executable.AuthorizedPrincipalsCheck:
+		args = &AuthorizedPrincipals{Arguments: arguments}
 	}
 
 	if err := args.Parse(); err != nil {
diff --git a/go/internal/command/commandargs/command_args_test.go b/go/internal/command/commandargs/command_args_test.go
index e981c22..9f1575d 100644
--- a/go/internal/command/commandargs/command_args_test.go
+++ b/go/internal/command/commandargs/command_args_test.go
@@ -124,6 +124,11 @@ func TestParseSuccess(t *testing.T) {
 			executable:   &executable.Executable{Name: executable.AuthorizedKeysCheck},
 			arguments:    []string{"git", "git", "key"},
 			expectedArgs: &AuthorizedKeys{Arguments: []string{"git", "git", "key"}, ExpectedUser: "git", ActualUser: "git", Key: "key"},
+		}, {
+			desc:         "It parses authorized-principals command",
+			executable:   &executable.Executable{Name: executable.AuthorizedPrincipalsCheck},
+			arguments:    []string{"key", "principal-1", "principal-2"},
+			expectedArgs: &AuthorizedPrincipals{Arguments: []string{"key", "principal-1", "principal-2"}, KeyId: "key", Principals: []string{"principal-1", "principal-2"}},
 		}, {
 			desc:         "Unknown executable",
 			executable:   &executable.Executable{Name: "unknown"},
@@ -193,6 +198,24 @@ func TestParseFailure(t *testing.T) {
 			arguments:     []string{"user", "user", ""},
 			expectedError: "# No key provided",
 		},
+		{
+			desc:          "With not enough arguments for the AuthorizedPrincipalsCheck",
+			executable:    &executable.Executable{Name: executable.AuthorizedPrincipalsCheck},
+			arguments:     []string{"key"},
+			expectedError: "# Insufficient arguments. 1. Usage\n#\tgitlab-shell-authorized-principals-check <key-id> <principal1> [<principal2>...]",
+		},
+		{
+			desc:          "With missing key_id for the AuthorizedPrincipalsCheck",
+			executable:    &executable.Executable{Name: executable.AuthorizedPrincipalsCheck},
+			arguments:     []string{"", "principal"},
+			expectedError: "# No key_id provided",
+		},
+		{
+			desc:          "With blank principal for the AuthorizedPrincipalsCheck",
+			executable:    &executable.Executable{Name: executable.AuthorizedPrincipalsCheck},
+			arguments:     []string{"key", "principal", ""},
+			expectedError: "# An invalid principal was provided",
+		},
 	}
 
 	for _, tc := range testCases {
-- 
cgit v1.2.1