Rename authorize to authorize-session (#531)

As pointed out by Rob, this makes it clearer what the action actually is. We were sort of torn on it before, but I've definitely come around to it.
6 years ago · 9237d6f787
parent 0f7444a690
commit 9237d6f787
13 changed files with 52 additions and 52 deletions
--- a/api/targets/custom.go
+++ b/api/targets/custom.go
@ -25,9 +25,9 @@ func (n SessionAuthorizationResult) GetResponseMap() map[string]interface{} {
 	return n.responseMap
 }

-func (c *Client) Authorize(ctx context.Context, targetId string, opt ...Option) (*SessionAuthorizationResult, error) {
+func (c *Client) AuthorizeSession(ctx context.Context, targetId string, opt ...Option) (*SessionAuthorizationResult, error) {
 	if targetId == "" {
-		return nil, fmt.Errorf("empty targetId value passed into Authorize request")
+		return nil, fmt.Errorf("empty targetId value passed into AuthorizeSession request")
 	}

 	opts, apiOpts := getOpts(opt...)
@ -36,9 +36,9 @@ func (c *Client) Authorize(ctx context.Context, targetId string, opt ...Option)
 		return nil, fmt.Errorf("nil client")
 	}

-	req, err := c.client.NewRequest(ctx, "POST", fmt.Sprintf("targets/%s:authorize", targetId), opts.postMap, apiOpts...)
+	req, err := c.client.NewRequest(ctx, "POST", fmt.Sprintf("targets/%s:authorize-session", targetId), opts.postMap, apiOpts...)
 	if err != nil {
-		return nil, fmt.Errorf("error creating Authorize request: %w", err)
+		return nil, fmt.Errorf("error creating AuthorizeSession request: %w", err)
 	}

 	if len(opts.queryMap) > 0 {
@ -51,14 +51,14 @@ func (c *Client) Authorize(ctx context.Context, targetId string, opt ...Option)

 	resp, err := c.client.Do(req)
 	if err != nil {
-		return nil, fmt.Errorf("error performing client request during Authorize call: %w", err)
+		return nil, fmt.Errorf("error performing client request during AuthorizeSession call: %w", err)
 	}

 	sar := new(SessionAuthorizationResult)
 	sar.Item = new(SessionAuthorization)
 	apiErr, err := resp.Decode(sar.Item)
 	if err != nil {
-		return nil, fmt.Errorf("error decoding Authorize response: %w", err)
+		return nil, fmt.Errorf("error decoding AuthorizeSession response: %w", err)
 	}
 	if apiErr != nil {
 		return nil, apiErr
--- a/internal/auth/additional_verification_test.go
+++ b/internal/auth/additional_verification_test.go
@ -45,7 +45,7 @@ func TestAdditionalVerification(t *testing.T) {

 	projRole := iam.TestRole(t, conn, proj.GetPublicId())
 	iam.TestUserRole(t, conn, projRole.PublicId, token.UserId)
-	iam.TestRoleGrant(t, conn, projRole.PublicId, "id=ttcp_1234567890;actions=authorize")
+	iam.TestRoleGrant(t, conn, projRole.PublicId, "id=ttcp_1234567890;actions=authorize-session")

 	type additionalCase struct {
 		name    string
@ -91,7 +91,7 @@ func TestAdditionalVerification(t *testing.T) {
 					name: "good target",
 					opts: []auth.Option{
 						auth.WithId("ttcp_1234567890"),
-						auth.WithAction(action.Authorize),
+						auth.WithAction(action.AuthorizeSession),
 						auth.WithScopeId(proj.PublicId),
 						auth.WithType(resource.Target),
 					},
--- a/internal/cmd/commands.go
+++ b/internal/cmd/commands.go
@ -621,10 +621,10 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) {
 				Command: base.NewCommand(ui),
 			}, nil
 		},
-		"targets authorize": func() (cli.Command, error) {
+		"targets authorize-session": func() (cli.Command, error) {
 			return &targets.Command{
 				Command: base.NewCommand(ui),
-				Func:    "authorize",
+				Func:    "authorize-session",
 			}, nil
 		},
 		"targets read": func() (cli.Command, error) {
--- a/internal/cmd/commands/proxy/proxy.go
+++ b/internal/cmd/commands/proxy/proxy.go
@ -135,7 +135,7 @@ func (c *Command) Help() string {
 		return base.WrapForHelpText([]string{
 			"Usage: boundary connect [options] [args]",
 			"",
-			`  This command performs a target authorization and proxy launch in one command; it is equivalent to sending the output of "boundary targets authorize" into "boundary proxy". See the help output for those commands for more information.`,
+			`  This command performs a target authorization and proxy launch in one command; it is equivalent to sending the output of "boundary targets authorize-session" into "boundary proxy". See the help output for those commands for more information.`,
 			"",
 			"  Example:",
 			"",
@ -412,8 +412,8 @@ func (c *Command) Run(args []string) (retCode int) {
 		}

 		if authzString[0] == '{' {
-			// Attempt to decode the JSON output of an authorize call and pull the
-			// token out of there
+			// Attempt to decode the JSON output of an authorize-session call
+			// and pull the token out of there
 			c.sessionAuthz = new(targets.SessionAuthorization)
 			if err := json.Unmarshal([]byte(authzString), c.sessionAuthz); err == nil {
 				authzString = c.sessionAuthz.AuthorizationToken
@ -438,10 +438,10 @@ func (c *Command) Run(args []string) (retCode int) {
 			opts = append(opts, targets.WithHostId(c.flagHostId))
 		}

-		sar, err := targetClient.Authorize(c.Context, c.flagTargetId, opts...)
+		sar, err := targetClient.AuthorizeSession(c.Context, c.flagTargetId, opts...)
 		if err != nil {
 			if api.AsServerError(err) != nil {
-				c.UI.Error(fmt.Sprintf("Error from controller when performing authorize on a session against target: %s", err.Error()))
+				c.UI.Error(fmt.Sprintf("Error from controller when performing authorize-session against target: %s", err.Error()))
 				return 1
 			}
 			c.UI.Error(fmt.Sprintf("Error trying to authorize a session against target: %s", err.Error()))
--- a/internal/cmd/commands/targets/target.go
+++ b/internal/cmd/commands/targets/target.go
@ -39,13 +39,13 @@ func (c *Command) Synopsis() string {
 }

 var flagsMap = map[string][]string{
-	"authorize":        {"id", "host-id"},
-	"read":             {"id"},
-	"delete":           {"id"},
-	"list":             {"scope-id"},
-	"add-host-sets":    {"id", "host-set", "version"},
-	"remove-host-sets": {"id", "host-set", "version"},
-	"set-host-sets":    {"id", "host-set", "version"},
+	"authorize-session": {"id", "host-id"},
+	"read":              {"id"},
+	"delete":            {"id"},
+	"list":              {"scope-id"},
+	"add-host-sets":     {"id", "host-set", "version"},
+	"remove-host-sets":  {"id", "host-set", "version"},
+	"set-host-sets":     {"id", "host-set", "version"},
 }

 func (c *Command) Help() string {
@ -118,15 +118,15 @@ func (c *Command) Help() string {
 			"",
 			`      $ boundary targets set-host-sets -id ttcp_1234567890 -host-set hsst_1234567890`,
 		})
-	case "authorize":
+	case "authorize-session":
 		helpStr = base.WrapForHelpText([]string{
-			"Usage: boundary target authorize [options] [args]",
+			"Usage: boundary target authorize-session [options] [args]",
 			"",
 			"  This command allows fetching session authorization credentials against a target. Example:",
 			"",
 			"    Set host-set resources on a tcp-type target:",
 			"",
-			`      $ boundary targets authorize -id ttcp_1234567890`,
+			`      $ boundary targets authorize-session -id ttcp_1234567890`,
 		})
 	default:
 		helpStr = helpMap[c.Func]()
@ -237,7 +237,7 @@ func (c *Command) Run(args []string) int {
 				hostSets = nil
 			}
 		}
-	case "authorize":
+	case "authorize-session":
 		if len(c.flagHostId) != 0 {
 			opts = append(opts, targets.WithHostId(c.flagHostId))
 		}
@ -283,14 +283,14 @@ func (c *Command) Run(args []string) int {
 	case "set-host-sets":
 		result, err = targetClient.SetHostSets(c.Context, c.FlagId, version, hostSets, opts...)
 	case "authorize":
-		sar, err = targetClient.Authorize(c.Context, c.FlagId, opts...)
+		sar, err = targetClient.AuthorizeSession(c.Context, c.FlagId, opts...)
 	}

 	plural := "target"
 	switch c.Func {
 	case "list":
 		plural = "targets"
-	case "authorize":
+	case "authorize-session":
 		plural = "a session against target"
 	}
 	if err != nil {
@ -370,7 +370,7 @@ func (c *Command) Run(args []string) int {
 		}
 		return 0

-	case "authorize":
+	case "authorize-session":
 		sa := sar.GetItem().(*targets.SessionAuthorization)
 		switch base.Format(c.UI) {
 		case "table":
--- a/internal/perms/grants_test.go
+++ b/internal/perms/grants_test.go
@ -54,24 +54,24 @@ func Test_ActionParsingValidation(t *testing.T) {
 		{
 			name: "all valid plus all",
 			input: Grant{
-				actionsBeingParsed: []string{"list", "create", "update", "*", "read", "delete", "authenticate", "authorize"},
+				actionsBeingParsed: []string{"list", "create", "update", "*", "read", "delete", "authenticate", "authorize-session"},
 			},
 			errResult: `"*" cannot be specified with other actions`,
 		},
 		{
 			name: "all valid",
 			input: Grant{
-				actionsBeingParsed: []string{"list", "create", "update", "read", "delete", "authenticate", "authorize"},
+				actionsBeingParsed: []string{"list", "create", "update", "read", "delete", "authenticate", "authorize-session"},
 			},
 			result: Grant{
 				actions: map[action.Type]bool{
-					action.List:         true,
-					action.Create:       true,
-					action.Update:       true,
-					action.Read:         true,
-					action.Delete:       true,
-					action.Authenticate: true,
-					action.Authorize:    true,
+					action.List:             true,
+					action.Create:           true,
+					action.Update:           true,
+					action.Read:             true,
+					action.Delete:           true,
+					action.Authenticate:     true,
+					action.AuthorizeSession: true,
 				},
 			},
 		},
--- a/internal/proto/local/controller/api/services/v1/target_service.proto
+++ b/internal/proto/local/controller/api/services/v1/target_service.proto
@ -87,7 +87,7 @@ service TargetService {
  // AuthorizeSession creates authorization information from a given Target.
  rpc AuthorizeSession(AuthorizeSessionRequest) returns (AuthorizeSessionResponse) {
    option (google.api.http) = {
-      post: "/v1/targets/{id}:authorize"
+      post: "/v1/targets/{id}:authorize-session"
      body: "*"
      response_body: "item"
    };
--- a/internal/servers/controller/handlers/targets/target_service.go
+++ b/internal/servers/controller/handlers/targets/target_service.go
@ -227,10 +227,10 @@ func (s Service) RemoveTargetHostSets(ctx context.Context, req *pbs.RemoveTarget
 }

 func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSessionRequest) (*pbs.AuthorizeSessionResponse, error) {
-	if err := validateAuthorizeRequest(req); err != nil {
+	if err := validateAuthorizeSessionRequest(req); err != nil {
 		return nil, err
 	}
-	authResults := s.authResult(ctx, req.GetId(), action.Authorize)
+	authResults := s.authResult(ctx, req.GetId(), action.AuthorizeSession)
 	if authResults.Error != nil {
 		return nil, authResults.Error
 	}
@ -857,7 +857,7 @@ func validateRemoveRequest(req *pbs.RemoveTargetHostSetsRequest) error {
 	return nil
 }

-func validateAuthorizeRequest(req *pbs.AuthorizeSessionRequest) error {
+func validateAuthorizeSessionRequest(req *pbs.AuthorizeSessionRequest) error {
 	badFields := map[string]string{}
 	if !handlers.ValidId(target.TcpTargetPrefix, req.GetId()) {
 		badFields["id"] = "Incorrectly formatted identifier."
--- a/internal/types/action/action.go
+++ b/internal/types/action/action.go
@ -14,7 +14,7 @@ const (
 	Delete           Type = 5
 	Authenticate     Type = 6
 	All              Type = 7
-	Authorize        Type = 8
+	AuthorizeSession Type = 8
 	AddGrants        Type = 9
 	RemoveGrants     Type = 10
 	SetGrants        Type = 11
@ -47,7 +47,7 @@ var Map = map[string]Type{
 	Delete.String():           Delete,
 	Authenticate.String():     Authenticate,
 	All.String():              All,
-	Authorize.String():        Authorize,
+	AuthorizeSession.String(): AuthorizeSession,
 	AddGrants.String():        AddGrants,
 	RemoveGrants.String():     RemoveGrants,
 	SetGrants.String():        SetGrants,
@ -82,7 +82,7 @@ func (a Type) String() string {
 		"delete",
 		"authenticate",
 		"*",
-		"authorize",
+		"authorize-session",
 		"add-grants",
 		"remove-grants",
 		"set-grants",
--- a/internal/types/action/action_test.go
+++ b/internal/types/action/action_test.go
@ -44,8 +44,8 @@ func TestAction(t *testing.T) {
 			want:   "*",
 		},
 		{
-			action: Authorize,
-			want:   "authorize",
+			action: AuthorizeSession,
+			want:   "authorize-session",
 		},
 		{
 			action: AddGrants,
--- a/internal/website/permstable/permstable.go
+++ b/internal/website/permstable/permstable.go
@ -733,10 +733,10 @@ var target = &Resource{
 					},
 				},
 				&Action{
-					Name:        "authorize",
+					Name:        "authorize-session",
 					Description: "Authorize a session via the target",
 					Examples: []string{
-						"id=<id>;actions=authorize",
+						"id=<id>;actions=authorize-session",
 					},
 				},
 			),
--- a/website/content/docs/common-workflows/manage-sessions.mdx
+++ b/website/content/docs/common-workflows/manage-sessions.mdx
@ -20,7 +20,7 @@ For this example, we're going to authorize that you are able to connect to a tar
 <Tab heading="CLI">

 ```bash
-$ boundary targets authorize -id ttcp_1234567890
+$ boundary targets authorize-session -id ttcp_1234567890

 Target information:
    Authorization Token:   $LONG_STRING_OF_TEXT
--- a/website/content/docs/concepts/permissions.mdx
+++ b/website/content/docs/concepts/permissions.mdx
@ -1189,10 +1189,10 @@ wildcard or templated grant strings.
              <li><code>id=&lt;id&gt;;actions=remove-host-sets</code></li>
            </ul>
          <li>
-            <code>authorize</code>: Authorize a session via the target
+            <code>authorize-session</code>: Authorize a session via the target
          </li>
            <ul>
-              <li><code>id=&lt;id&gt;;actions=authorize</code></li>
+              <li><code>id=&lt;id&gt;;actions=authorize-session</code></li>
            </ul>
        </ul>
      </td>