acl: update GetPolicyByName method implementation (#11055)

2021-09-28 20:16:27 +05:30 · 2021-09-28 20:16:27 +05:30 · 981ef464d6
parent 9ef6490533
commit 981ef464d6
3 changed files with 46 additions and 18 deletions
--- a/command/acl/acl_helpers.go
+++ b/command/acl/acl_helpers.go
@ -71,23 +71,26 @@ func GetPolicyIDFromPartial(client *api.Client, partialID string) (string, error
 	return policyID, nil
 }

-func GetPolicyIDByName(client *api.Client, name string) (string, error) {
+func GetPolicyByName(client *api.Client, name string) (*api.ACLPolicy, error) {
 	if name == "" {
-		return "", fmt.Errorf("No name specified")
+		return nil, fmt.Errorf("No name specified")
 	}

-	policies, _, err := client.ACL().PolicyList(nil)
+	policy, _, err := client.ACL().PolicyReadByName(name, nil)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to find policy with name %s: %w", name, err)
+	}
+
+	return policy, nil
+}
+
+func GetPolicyIDByName(client *api.Client, name string) (string, error) {
+	policy, err := GetPolicyByName(client, name)
 	if err != nil {
 		return "", err
 	}

-	for _, policy := range policies {
-		if policy.Name == name {
-			return policy.ID, nil
-		}
-	}
-
-	return "", fmt.Errorf("No such policy with name %s", name)
+	return policy.ID, nil
 }

 func GetRulesFromLegacyToken(client *api.Client, tokenID string, isSecret bool) (string, error) {
--- a/command/acl/policy/read/policy_read.go
+++ b/command/acl/policy/read/policy_read.go
@ -5,6 +5,7 @@ import (
 	"fmt"
 	"strings"

+	"github.com/hashicorp/consul/api"
 	"github.com/hashicorp/consul/command/acl"
 	"github.com/hashicorp/consul/command/acl/policy"
 	"github.com/hashicorp/consul/command/flags"
@ -67,19 +68,26 @@ func (c *cmd) Run(args []string) int {
 	}

 	var policyID string
+	var pol *api.ACLPolicy
 	if c.policyID != "" {
 		policyID, err = acl.GetPolicyIDFromPartial(client, c.policyID)
+		if err != nil {
+			c.UI.Error(fmt.Sprintf("Error determining policy ID: %v", err))
+			return 1
+		}
+		pol, _, err = client.ACL().PolicyRead(policyID, nil)
 	} else {
-		policyID, err = acl.GetPolicyIDByName(client, c.policyName)
-	}
-	if err != nil {
-		c.UI.Error(fmt.Sprintf("Error determining policy ID: %v", err))
-		return 1
+		pol, err = acl.GetPolicyByName(client, c.policyName)
 	}

-	p, _, err := client.ACL().PolicyRead(policyID, nil)
 	if err != nil {
-		c.UI.Error(fmt.Sprintf("Error reading policy %q: %v", policyID, err))
+		var errArg string
+		if c.policyID != "" {
+			errArg = fmt.Sprintf("id:%s", policyID)
+		} else {
+			errArg = fmt.Sprintf("name:%s", c.policyName)
+		}
+		c.UI.Error(fmt.Sprintf("Error reading policy %q: %v", errArg, err))
 		return 1
 	}

@ -88,7 +96,7 @@ func (c *cmd) Run(args []string) int {
 		c.UI.Error(err.Error())
 		return 1
 	}
-	out, err := formatter.FormatPolicy(p)
+	out, err := formatter.FormatPolicy(pol)
 	if err != nil {
 		c.UI.Error(err.Error())
 		return 1
--- a/command/acl/policy/read/policy_read_test.go
+++ b/command/acl/policy/read/policy_read_test.go
@ -53,6 +53,7 @@ func TestPolicyReadCommand(t *testing.T) {
 	)
 	assert.NoError(err)

+	// Test querying by id field
 	args := []string{
 		"-http-addr=" + a.HTTPAddr(),
 		"-token=root",
@ -66,6 +67,22 @@ func TestPolicyReadCommand(t *testing.T) {
 	output := ui.OutputWriter.String()
 	assert.Contains(output, fmt.Sprintf("test-policy"))
 	assert.Contains(output, policy.ID)
+
+	// Test querying by name field
+	argsName := []string{
+		"-http-addr=" + a.HTTPAddr(),
+		"-token=root",
+		"-name=test-policy",
+	}
+
+	cmd = New(ui)
+	code = cmd.Run(argsName)
+	assert.Equal(code, 0)
+	assert.Empty(ui.ErrorWriter.String())
+
+	output = ui.OutputWriter.String()
+	assert.Contains(output, fmt.Sprintf("test-policy"))
+	assert.Contains(output, policy.ID)
 }

 func TestPolicyReadCommand_JSON(t *testing.T) {