better use of user object, increased polling delays

Author: michaelkubiaczyk

cx1client.go

@@ -254,22 +254,22 @@ func (c *Cx1Client) InitializeClient() {
 	}
 
 	c.consts.MigrationPollingMaxSeconds = 300 // 5 min
-	c.consts.MigrationPollingDelaySeconds = 15
+	c.consts.MigrationPollingDelaySeconds = 30
 
 	c.consts.AuditEnginePollingMaxSeconds = 300 // 5 min
-	c.consts.AuditEnginePollingDelaySeconds = 15
+	c.consts.AuditEnginePollingDelaySeconds = 30
 
 	c.consts.AuditScanPollingMaxSeconds = 600 // 10 min
-	c.consts.AuditScanPollingDelaySeconds = 15
+	c.consts.AuditScanPollingDelaySeconds = 30
 
 	c.consts.AuditLanguagePollingMaxSeconds = 300 // 5 min
-	c.consts.AuditLanguagePollingDelaySeconds = 15
+	c.consts.AuditLanguagePollingDelaySeconds = 30
 
 	c.consts.AuditCompilePollingMaxSeconds = 600 // 10 min
-	c.consts.AuditCompilePollingDelaySeconds = 15
+	c.consts.AuditCompilePollingDelaySeconds = 30
 
 	c.consts.ScanPollingMaxSeconds = 0
-	c.consts.ScanPollingDelaySeconds = 15
+	c.consts.ScanPollingDelaySeconds = 30
 
 	c.consts.ProjectApplicationLinkPollingDelaySeconds = 5
 	c.consts.ProjectApplicationLinkPollingMaxSeconds = 300 // 5 min

scans.go

@@ -200,7 +200,7 @@ func (c Cx1Client) GetScanSummariesByID(scanIDs []string) ([]ScanSummary, error)
 
 	if len(ScansSummaries.ScanSum) == 0 {
 		c.logger.Tracef("Failed to parse data, 0-len ScanSum.\n%v", string(data))
-		return []ScanSummary{}, fmt.Errorf("Failed to parse data")
+		return []ScanSummary{}, fmt.Errorf("failed to parse data")
 	}
 
 	return ScansSummaries.ScanSum, nil

types.go

@@ -537,14 +537,16 @@ type Status struct {
 }
 
 type User struct {
-	Enabled   bool    `json:"enabled"`
-	UserID    string  `json:"id,omitempty"`
-	FirstName string  `json:"firstName"`
-	LastName  string  `json:"lastName"`
-	UserName  string  `json:"username"`
-	Email     string  `json:"email"`
-	Groups    []Group `json:"-"` // only returned from regular /auth/realms/../user endpoint, as string IDs
-	Roles     []Role  `json:"-"` // only returned from regular /auth/realms/../user endpoint, as string IDs
+	Enabled      bool    `json:"enabled"`
+	UserID       string  `json:"id,omitempty"`
+	FirstName    string  `json:"firstName"`
+	LastName     string  `json:"lastName"`
+	UserName     string  `json:"username"`
+	Email        string  `json:"email"`
+	Groups       []Group `json:"-"` // only returned from /users/{id}/groups. Use GetUserGroups to fill.
+	FilledGroups bool    `json:"-"` // indicates if the user object has had the Groups array filled.
+	Roles        []Role  `json:"-"` // only returned from /users/{id}/role-mappings. Use GetUserRoles to fill.
+	FilledRoles  bool    `json:"-"` // indicates if the user object has had the Roles array filled.
 }
 
 type WhoAmI struct {

user.go

@@ -12,44 +12,60 @@ func (u WhoAmI) String() string {
 	return fmt.Sprintf("[%v] %v", ShortenGUID(u.UserID), u.Name)
 }
 
-func (u User) HasRole(role *Role) bool {
+func (u User) HasRole(role *Role) (bool, error) {
 	return u.HasRoleByID(role.RoleID)
 }
-func (u User) HasRoleByID(roleID string) bool {
+func (u User) HasRoleByID(roleID string) (bool, error) {
+	if !u.FilledRoles {
+		return false, fmt.Errorf("user roles have not been retrieved, use GetUserRoles(user)")
+	}
+
 	for _, r := range u.Roles {
 		if r.RoleID == roleID {
-			return true
+			return true, nil
 		}
 	}
-	return false
+	return false, nil
 }
-func (u User) HasRoleByName(role string) bool {
+func (u User) HasRoleByName(role string) (bool, error) {
+	if !u.FilledRoles {
+		return false, fmt.Errorf("user roles have not been retrieved, use GetUserRoles(user)")
+	}
+
 	for _, r := range u.Roles {
 		if r.Name == role {
-			return true
+			return true, nil
 		}
 	}
-	return false
+	return false, nil
 }
 
-func (u User) IsInGroup(group *Group) bool {
+func (u User) IsInGroup(group *Group) (bool, error) {
 	return u.IsInGroupByID(group.GroupID)
 }
-func (u User) IsInGroupByID(groupId string) bool {
+func (u User) IsInGroupByID(groupId string) (bool, error) {
+	if !u.FilledGroups {
+		return false, fmt.Errorf("user groups have not been retrieved, use GetUserGroups(user)")
+	}
+
 	for _, g := range u.Groups {
 		if g.GroupID == groupId {
-			return true
+			return true, nil
 		}
 	}
-	return false
+	return false, nil
 }
-func (u User) IsInGroupByName(groupName string) bool {
+func (u User) IsInGroupByName(groupName string) (bool, error) {
+	if !u.FilledGroups {
+		return false, fmt.Errorf("user groups have not been retrieved, use GetUserGroups(user)")
+	}
+
 	for _, g := range u.Groups {
 		if g.Name == groupName {
-			return true
+			return true, nil
 		}
 	}
-	return false
+	return false, nil
 }
 
 func (u *User) AddGroup(client *Cx1Client, group *Group) error {

users.go

@@ -189,6 +189,7 @@ func (c Cx1Client) GetUserGroups(user *User) ([]Group, error) {
 	}
 
 	user.Groups = usergroups
+	user.FilledGroups = true
 
 	return user.Groups, nil
 }
@@ -199,7 +200,12 @@ func (c Cx1Client) AssignUserToGroup(user *User, groupId string) error {
 }
 
 func (c Cx1Client) AssignUserToGroupByID(user *User, groupId string) error {
-	if !user.IsInGroupByID(groupId) {
+	inGroup, err := user.IsInGroupByID(groupId)
+	if err != nil {
+		return err
+	}
+
+	if !inGroup {
 		params := map[string]string{
 			"realm":   c.tenant,
 			"userId":  user.UserID,
@@ -235,7 +241,12 @@ func (c Cx1Client) RemoveUserFromGroup(user *User, groupId string) error {
 }
 
 func (c Cx1Client) RemoveUserFromGroupByID(user *User, groupId string) error {
-	if user.IsInGroupByID(groupId) {
+	inGroup, err := user.IsInGroupByID(groupId)
+	if err != nil {
+		return err
+	}
+
+	if !inGroup {
 		params := map[string]string{
 			"realm":   c.tenant,
 			"userId":  user.UserID,
@@ -282,6 +293,7 @@ func (c Cx1Client) GetUserRoles(user *User) ([]Role, error) {
 	}
 
 	user.Roles = append(appRoles, iamRoles...)
+	user.FilledRoles = true
 
 	return user.Roles, nil
 }