Reduce cognitive complexity in DeleteAccount and getNetworkResourcesRoutesToSync

2026-04-15 23:06:38 +00:00 · 2026-04-10 17:25:08 +02:00
parent aa856357eb
commit 762bf9fa4c
2 changed files with 74 additions and 53 deletions
--- a/management/server/account.go
+++ b/management/server/account.go
@@ -805,37 +805,8 @@ func (am *DefaultAccountManager) DeleteAccount(ctx context.Context, accountID, u
 		return status.Errorf(status.Internal, "failed to build user infos for account %s: %v", accountID, err)
 	}

-	for _, otherUser := range account.Users {
-		if otherUser.Id == userID {
-			continue
-		}
-
-		if otherUser.IsServiceUser {
-			err = am.deleteServiceUser(ctx, accountID, userID, otherUser)
-			if err != nil {
-				return err
-			}
-			continue
-		}
-
-		userInfo, ok := userInfosMap[otherUser.Id]
-		if !ok {
-			return status.Errorf(status.NotFound, "user info not found for user %s", otherUser.Id)
-		}
-
-		_, deleteUserErr := am.deleteRegularUser(ctx, accountID, userID, userInfo)
-		if deleteUserErr != nil {
-			return deleteUserErr
-		}
-	}
-
-	userInfo, ok := userInfosMap[userID]
-	if ok {
-		_, err = am.deleteRegularUser(ctx, accountID, userID, userInfo)
-		if err != nil {
-			log.WithContext(ctx).Errorf("failed deleting user %s. error: %s", userID, err)
-			return err
-		}
+	if err = am.deleteAccountUsers(ctx, accountID, userID, account.Users, userInfosMap); err != nil {
+		return err
 	}

 	err = am.Store.DeleteAccount(ctx, account)
@@ -853,6 +824,40 @@ func (am *DefaultAccountManager) DeleteAccount(ctx context.Context, accountID, u
 	return nil
 }

+func (am *DefaultAccountManager) deleteAccountUsers(ctx context.Context, accountID, initiatorUserID string, users map[string]*types.User, userInfosMap map[string]*types.UserInfo) error {
+	for _, otherUser := range users {
+		if otherUser.Id == initiatorUserID {
+			continue
+		}
+
+		if otherUser.IsServiceUser {
+			if err := am.deleteServiceUser(ctx, accountID, initiatorUserID, otherUser); err != nil {
+				return err
+			}
+			continue
+		}
+
+		userInfo, ok := userInfosMap[otherUser.Id]
+		if !ok {
+			return status.Errorf(status.NotFound, "user info not found for user %s", otherUser.Id)
+		}
+
+		if _, err := am.deleteRegularUser(ctx, accountID, initiatorUserID, userInfo); err != nil {
+			return err
+		}
+	}
+
+	userInfo, ok := userInfosMap[initiatorUserID]
+	if ok {
+		if _, err := am.deleteRegularUser(ctx, accountID, initiatorUserID, userInfo); err != nil {
+			log.WithContext(ctx).Errorf("failed deleting user %s. error: %s", initiatorUserID, err)
+			return err
+		}
+	}
+
+	return nil
+}
+
 // AccountExists checks if an account exists.
 func (am *DefaultAccountManager) AccountExists(ctx context.Context, accountID string) (bool, error) {
 	return am.Store.AccountExists(ctx, store.LockingStrengthNone, accountID)
--- a/management/server/types/networkmap_components.go
+++ b/management/server/types/networkmap_components.go
@@ -747,33 +747,49 @@ func (c *NetworkMapComponents) getNetworkResourcesRoutesToSync(peerID string) (b
 			}
 		}

-		addedResourceRoute := false
-		for _, policy := range c.ResourcePoliciesMap[resource.ID] {
-			var peers []string
-			if policy.Rules[0].SourceResource.Type == ResourceTypePeer && policy.Rules[0].SourceResource.ID != "" {
-				peers = []string{policy.Rules[0].SourceResource.ID}
-			} else {
-				peers = c.getUniquePeerIDsFromGroupsIDs(policy.SourceGroups())
-			}
-			if addSourcePeers {
-				for _, pID := range c.getPostureValidPeers(peers, policy.SourcePostureChecks) {
-					allSourcePeers[pID] = struct{}{}
-				}
-			} else if slices.Contains(peers, peerID) && c.ValidatePostureChecksOnPeer(peerID, policy.SourcePostureChecks) {
-				for peerId, router := range networkRoutingPeers {
-					routes = append(routes, c.getNetworkResourcesRoutes(resource, peerId, router)...)
-				}
-				addedResourceRoute = true
-			}
-			if addedResourceRoute {
-				break
-			}
-		}
+		newRoutes := c.processResourcePolicies(peerID, resource, networkRoutingPeers, addSourcePeers, allSourcePeers)
+		routes = append(routes, newRoutes...)
 	}

 	return isRoutingPeer, routes, allSourcePeers
 }

+func (c *NetworkMapComponents) processResourcePolicies(
+	peerID string,
+	resource *resourceTypes.NetworkResource,
+	networkRoutingPeers map[string]*routerTypes.NetworkRouter,
+	addSourcePeers bool,
+	allSourcePeers map[string]struct{},
+) []*route.Route {
+	var routes []*route.Route
+
+	for _, policy := range c.ResourcePoliciesMap[resource.ID] {
+		peers := c.getResourcePolicyPeers(policy)
+		if addSourcePeers {
+			for _, pID := range c.getPostureValidPeers(peers, policy.SourcePostureChecks) {
+				allSourcePeers[pID] = struct{}{}
+			}
+			continue
+		}
+
+		if slices.Contains(peers, peerID) && c.ValidatePostureChecksOnPeer(peerID, policy.SourcePostureChecks) {
+			for peerId, router := range networkRoutingPeers {
+				routes = append(routes, c.getNetworkResourcesRoutes(resource, peerId, router)...)
+			}
+			break
+		}
+	}
+
+	return routes
+}
+
+func (c *NetworkMapComponents) getResourcePolicyPeers(policy *Policy) []string {
+	if policy.Rules[0].SourceResource.Type == ResourceTypePeer && policy.Rules[0].SourceResource.ID != "" {
+		return []string{policy.Rules[0].SourceResource.ID}
+	}
+	return c.getUniquePeerIDsFromGroupsIDs(policy.SourceGroups())
+}
+
 func (c *NetworkMapComponents) getNetworkResourcesRoutes(resource *resourceTypes.NetworkResource, peerID string, router *routerTypes.NetworkRouter) []*route.Route {
 	resourceAppliedPolicies := c.ResourcePoliciesMap[resource.ID]