Add Access List title to access request. (#32618)

* Add Access List title to access request. * Add test Squash some bugs
gravitational · Sep 27, 2023 · eb82a9b · eb82a9b
1 parent b3822ab
commit eb82a9b
Show file tree

Hide file tree

Showing 8 changed files with 3,065 additions and 2,719 deletions.
diff --git a/api/proto/teleport/legacy/types/events/events.proto b/api/proto/teleport/legacy/types/events/events.proto
@@ -1341,10 +1341,13 @@ message AccessRequestCreate {
     (gogoproto.jsontag) = "max_duration,omitempty"
   ];
 
-  // PromotedAccessListTitle is the title of the access list that this request
-  // was promoted to. Used by WebUI to display the title of the access list.
+  reserved "PromotedAccessListTitle";
+  reserved 14;
+
+  // PromotedAccessListName is the name of the access list that this request
+  // was promoted to.
   // This field is only populated when the request is in the PROMOTED state.
-  string PromotedAccessListTitle = 14 [(gogoproto.jsontag) = "promoted_access_list_title,omitempty"];
+  string PromotedAccessListName = 15 [(gogoproto.jsontag) = "promoted_access_list_name,omitempty"];
 }
 
 // ResourceID is a unique identifier for a teleport resource. This is duplicated

diff --git a/api/proto/teleport/legacy/types/types.proto b/api/proto/teleport/legacy/types/types.proto
@@ -2054,6 +2054,15 @@ message AccessReviewThreshold {
   uint32 Deny = 4 [(gogoproto.jsontag) = "deny,omitempty"];
 }
 
+// PromotedAccessList is a minimal access list representation used for
+// promoting access requests to access lists.
+message PromotedAccessList {
+  // Name is the name of the access list.
+  string Name = 1 [(gogoproto.jsontag) = "name"];
+  // Title is the title of the access list.
+  string Title = 2 [(gogoproto.jsontag) = "title"];
+}
+
 // AccessReview is a review to be applied to an access request.
 message AccessReview {
   // Author is the teleport username of the review author.
@@ -2082,10 +2091,12 @@ message AccessReview {
   // (internal use only).
   repeated uint32 ThresholdIndexes = 7 [(gogoproto.jsontag) = "i,omitempty"];
 
-  // PromotedAccessListTitle is the title of the access list that this request
-  // was promoted to. Used by WebUI to display the title of the access list.
+  reserved "PromotedAccessListTitle";
+  reserved 8;
+
+  // AccessList is the access list that this request was promoted to.
   // This field is only populated when the request is in the PROMOTED state.
-  string PromotedAccessListTitle = 8 [(gogoproto.jsontag) = "promoted_access_list_title,omitempty"];
+  PromotedAccessList accessList = 9 [(gogoproto.jsontag) = "access_list,omitempty"];
 }
 
 // AccessReviewSubmission encodes the necessary parameters for submitting
@@ -2245,10 +2256,13 @@ message AccessRequestSpecV3 {
     (gogoproto.jsontag) = "session_ttl,omitempty"
   ];
 
+  reserved "PromotedAccessListTitle";
+  reserved 19;
+
   // PromotedAccessListTitle is the title of the access list that this request
   // was promoted to. Used by WebUI to display the title of the access list.
   // This field is only populated when the request is in the PROMOTED state.
-  string PromotedAccessListTitle = 19 [(gogoproto.jsontag) = "promoted_access_list_title,omitempty"];
+  PromotedAccessList accessList = 20 [(gogoproto.jsontag) = "access_list,omitempty"];
 }
 
 // AccessRequestFilter encodes filter params for access requests.

diff --git a/api/types/access_request.go b/api/types/access_request.go
@@ -90,6 +90,12 @@ type AccessRequest interface {
 	GetReviews() []AccessReview
 	// SetReviews sets the list of currently applied access reviews (internal use only).
 	SetReviews([]AccessReview)
+	// GetPromotedAccessListName returns the access list name that this access request
+	// was promoted to.
+	GetPromotedAccessListName() string
+	// SetPromotedAccessListName sets the access list name that this access request
+	// was promoted to.
+	SetPromotedAccessListName(name string)
 	// GetPromotedAccessListTitle returns the access list title that this access request
 	// was promoted to.
 	GetPromotedAccessListTitle() string
@@ -310,14 +316,36 @@ func (r *AccessRequestV3) SetSuggestedReviewers(reviewers []string) {
 	r.Spec.SuggestedReviewers = reviewers
 }
 
+// GetPromotedAccessListName returns PromotedAccessListName.
+func (r *AccessRequestV3) GetPromotedAccessListName() string {
+	if r.Spec.AccessList == nil {
+		return ""
+	}
+	return r.Spec.AccessList.Name
+}
+
+// SetPromotedAccessListName sets PromotedAccessListName.
+func (r *AccessRequestV3) SetPromotedAccessListName(name string) {
+	if r.Spec.AccessList == nil {
+		r.Spec.AccessList = &PromotedAccessList{}
+	}
+	r.Spec.AccessList.Name = name
+}
+
 // GetPromotedAccessListTitle returns PromotedAccessListTitle.
 func (r *AccessRequestV3) GetPromotedAccessListTitle() string {
-	return r.Spec.PromotedAccessListTitle
+	if r.Spec.AccessList == nil {
+		return ""
+	}
+	return r.Spec.AccessList.Title
 }
 
 // SetPromotedAccessListTitle sets PromotedAccessListTitle.
 func (r *AccessRequestV3) SetPromotedAccessListTitle(title string) {
-	r.Spec.PromotedAccessListTitle = title
+	if r.Spec.AccessList == nil {
+		r.Spec.AccessList = &PromotedAccessList{}
+	}
+	r.Spec.AccessList.Title = title
 }
 
 // setStaticFields sets static resource header and metadata fields.
@@ -542,6 +570,22 @@ func (s AccessReview) Check() error {
 	return nil
 }
 
+// GetAccessListName returns the access list name used for the promotion.
+func (s AccessReview) GetAccessListName() string {
+	if s.AccessList == nil {
+		return ""
+	}
+	return s.AccessList.Name
+}
+
+// GetAccessListTitle returns the access list title used for the promotion.
+func (s AccessReview) GetAccessListTitle() string {
+	if s.AccessList == nil {
+		return ""
+	}
+	return s.AccessList.Title
+}
+
 // AccessRequestUpdate encompasses the parameters of a
 // SetAccessRequestState call.
 type AccessRequestUpdate struct {