Add in audit review recurrence presets. (#32843)

Access Lists now have audit review recurrence presets. These allow users to specify review frequencies of 1, 3, 6, or 12 months, and specify the 1st, 15th, or last days of the target month. Presets have been used for their simplicity over other various recurrence definition mechanisms, as these presets are much clearer than many of the other options.
gravitational · Oct 3, 2023 · 049363b · 049363b
1 parent 6483245
commit 049363b
Show file tree

Hide file tree

Showing 18 changed files with 913 additions and 311 deletions.
diff --git a/api/client/events_test.go b/api/client/events_test.go
@@ -16,8 +16,8 @@ package client
 
 import (
 	"testing"
-	"time"
 
+	"github.com/jonboulle/clockwork"
 	"github.com/stretchr/testify/require"
 	"google.golang.org/protobuf/proto"
 
@@ -32,6 +32,7 @@ import (
 // primarily to catch potential issues with using our "mixed" gogo + regular protobuf
 // strategy.
 func TestEventEqual(t *testing.T) {
+	clock := clockwork.NewFakeClock()
 	app1, err := types.NewAppV3(types.Metadata{
 		Name: "app1",
 	}, types.AppSpecV3{
@@ -56,8 +57,8 @@ func TestEventEqual(t *testing.T) {
 	})
 	require.NoError(t, err)
 
-	accessList1 := newAccessList(t, "1")
-	accessList2 := newAccessList(t, "2")
+	accessList1 := newAccessList(t, "1", clock)
+	accessList2 := newAccessList(t, "2", clock)
 
 	tests := []struct {
 		name     string
@@ -158,7 +159,7 @@ func TestEventEqual(t *testing.T) {
 	}
 }
 
-func newAccessList(t *testing.T, name string) *accesslist.AccessList {
+func newAccessList(t *testing.T, name string, clock clockwork.Clock) *accesslist.AccessList {
 	t.Helper()
 
 	accessList, err := accesslist.NewAccessList(
@@ -179,7 +180,7 @@ func newAccessList(t *testing.T, name string) *accesslist.AccessList {
 				},
 			},
 			Audit: accesslist.Audit{
-				Frequency: time.Hour,
+				NextAuditDate: clock.Now(),
 			},
 			MembershipRequires: accesslist.Requires{
 				Roles: []string{"mrole1", "mrole2"},