[management] users roles endpoint

management/server/users/manager.go

@@ -1,27 +1,31 @@
 package users
 
+//go:generate go run github.com/golang/mock/mockgen -package users -destination=manager_mock.go -source=./manager.go -build_flags=-mod=mod
+
 import (
 	"context"
-	"errors"
 
+	"github.com/netbirdio/netbird/management/server/permissions"
+	"github.com/netbirdio/netbird/management/server/permissions/roles"
+	"github.com/netbirdio/netbird/management/server/status"
 	"github.com/netbirdio/netbird/management/server/store"
 	"github.com/netbirdio/netbird/management/server/types"
 )
 
 type Manager interface {
 	GetUser(ctx context.Context, userID string) (*types.User, error)
+	GetRoles(ctx context.Context, accountId, userId string) (map[types.UserRole]roles.RolePermissions, error)
 }
 
 type managerImpl struct {
-	store store.Store
+	store              store.Store
+	permissionsManager permissions.Manager
 }
 
-type managerMock struct {
-}
-
-func NewManager(store store.Store) Manager {
+func NewManager(store store.Store, permissionsManager permissions.Manager) Manager {
 	return &managerImpl{
-		store: store,
+		store:              store,
+		permissionsManager: permissionsManager,
 	}
 }
 
@@ -29,21 +33,23 @@ func (m *managerImpl) GetUser(ctx context.Context, userID string) (*types.User,
 	return m.store.GetUserByUserID(ctx, store.LockingStrengthShare, userID)
 }
 
-func NewManagerMock() Manager {
-	return &managerMock{}
-}
-
-func (m *managerMock) GetUser(ctx context.Context, userID string) (*types.User, error) {
-	switch userID {
-	case "adminUser":
-		return &types.User{Id: userID, Role: types.UserRoleAdmin}, nil
-	case "regularUser":
-		return &types.User{Id: userID, Role: types.UserRoleUser}, nil
-	case "ownerUser":
-		return &types.User{Id: userID, Role: types.UserRoleOwner}, nil
-	case "billingUser":
-		return &types.User{Id: userID, Role: types.UserRoleBillingAdmin}, nil
-	default:
-		return nil, errors.New("user not found")
+func (m *managerImpl) GetRoles(ctx context.Context, accountId, userId string) (map[types.UserRole]roles.RolePermissions, error) {
+	user, err := m.store.GetUserByUserID(ctx, store.LockingStrengthShare, userId)
+	if err != nil {
+		return nil, err
 	}
+
+	if user.IsBlocked() {
+		return nil, status.NewUserBlockedError()
+	}
+
+	if user.IsServiceUser {
+		return nil, status.NewPermissionDeniedError()
+	}
+
+	if err := m.permissionsManager.ValidateAccountAccess(ctx, accountId, user, false); err != nil {
+		return nil, err
+	}
+
+	return m.permissionsManager.GetPermissions(ctx), nil
 }

management/server/users/manager_mock.go

@@ -0,0 +1,51 @@
+// Code generated by MockGen. DO NOT EDIT.
+// Source: ./manager.go
+
+// Package users is a generated GoMock package.
+package users
+
+import (
+	context "context"
+	reflect "reflect"
+
+	gomock "github.com/golang/mock/gomock"
+	types "github.com/netbirdio/netbird/management/server/types"
+)
+
+// MockManager is a mock of Manager interface.
+type MockManager struct {
+	ctrl     *gomock.Controller
+	recorder *MockManagerMockRecorder
+}
+
+// MockManagerMockRecorder is the mock recorder for MockManager.
+type MockManagerMockRecorder struct {
+	mock *MockManager
+}
+
+// NewMockManager creates a new mock instance.
+func NewMockManager(ctrl *gomock.Controller) *MockManager {
+	mock := &MockManager{ctrl: ctrl}
+	mock.recorder = &MockManagerMockRecorder{mock}
+	return mock
+}
+
+// EXPECT returns an object that allows the caller to indicate expected use.
+func (m *MockManager) EXPECT() *MockManagerMockRecorder {
+	return m.recorder
+}
+
+// GetUser mocks base method.
+func (m *MockManager) GetUser(ctx context.Context, userID string) (*types.User, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "GetUser", ctx, userID)
+	ret0, _ := ret[0].(*types.User)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// GetUser indicates an expected call of GetUser.
+func (mr *MockManagerMockRecorder) GetUser(ctx, userID interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUser", reflect.TypeOf((*MockManager)(nil).GetUser), ctx, userID)
+}