From a6608b231e7ef0a4d237d6b120d6b1d6e62392e5 Mon Sep 17 00:00:00 2001
From: Vasil Vasilev <vasil.vasilev@bosch.com>
Date: Mon, 27 Nov 2023 18:46:10 +0200
Subject: [PATCH 1/2] Add api key auth, add policy entries replace option,
 update policy only once

Signed-off-by: Vasil Vasilev <vasil.vasilev@bosch.com>
---
 policy-migration/src/config/config.ts   | 26 ++++++++++++++++++++++++-
 policy-migration/src/http/auth.ts       | 13 +++++++++----
 policy-migration/src/migration.ts       | 12 ++++++++++--
 policy-migration/src/model/migration.ts |  6 +++++-
 policy-migration/src/search.ts          | 10 +++++++++-
 5 files changed, 58 insertions(+), 9 deletions(-)

diff --git a/policy-migration/src/config/config.ts b/policy-migration/src/config/config.ts
index dc5d4072..13ebf64b 100644
--- a/policy-migration/src/config/config.ts
+++ b/policy-migration/src/config/config.ts
@@ -25,7 +25,8 @@ type LogLevel = (
 export enum Migration {
   ReplaceSubject = "replaceSubject",
   AddSubject = "addSubject",
-  AddEntry = "addEntry"
+  AddEntry = "addEntry",
+  ReplaceEntries = "replaceEntries"
 }
 
 export type Config = {
@@ -37,10 +38,17 @@ export type Config = {
     readonly secret: string;
     readonly scope: string;
   };
+
   readonly basicAuth: {
     readonly username: string;
     readonly password: string;
   };
+
+  readonly apiKey: {
+    readonly key: string;
+    readonly value: string
+  };
+
   readonly namespaces?: [string];
   readonly filter?: string;
   readonly pageSize: number;
@@ -58,6 +66,22 @@ export type Config = {
   };
 
   readonly migrations: [{ [key: string]: unknown }];
+
+  readonly policyEntries: {
+    [label: string]: {
+      subjects: {
+        [subject: string]: {
+          type: string;
+        };
+      };
+      resources: {
+        [resource: string]: {
+          grant: (string)[];
+          revoke: (string)[];
+        };
+      };
+    };
+  }
 };
 
 const defaults = {
diff --git a/policy-migration/src/http/auth.ts b/policy-migration/src/http/auth.ts
index 8089b1d5..f794f4b8 100644
--- a/policy-migration/src/http/auth.ts
+++ b/policy-migration/src/http/auth.ts
@@ -36,10 +36,15 @@ export class HttpAuth {
       headers.append(
         "Authorization",
         "Basic " +
-          btoa(
-            this.cfg.basicAuth.username + ":" +
-              this.cfg.basicAuth.password,
-          ),
+        btoa(
+          this.cfg.basicAuth.username + ":" +
+          this.cfg.basicAuth.password,
+        ),
+      );
+    } else if (this.cfg.apiKey) {
+      headers.append(
+        this.cfg.apiKey.key,
+        this.cfg.apiKey.value
       );
     }
   }
diff --git a/policy-migration/src/migration.ts b/policy-migration/src/migration.ts
index 6fe3008a..93f284bb 100644
--- a/policy-migration/src/migration.ts
+++ b/policy-migration/src/migration.ts
@@ -17,7 +17,7 @@ import { HttpErrorResponse, MigrationResult, Progress } from "./model/base.ts";
 import { Policy } from "./model/policy.ts";
 import { Search } from "./search.ts";
 import { HttpAuth } from "./http/auth.ts";
-import { AddEntry, AddSubject, ReplaceSubject } from "./model/migration.ts";
+import { AddEntry, AddSubject, ReplaceEntries, ReplaceSubject } from "./model/migration.ts";
 
 /**
  * The policy migration is done in several steps:
@@ -76,7 +76,7 @@ export class PolicyMigration {
     }
   }
 
-  private onNext(policies: Policy[]): void {
+  private onNext(policies: Policy[]) {
     policies
       .filter((p) => !this.progress.has(p.policyId)) // filter already processed policies
       .forEach((policy) => {
@@ -222,6 +222,8 @@ export class MigrationStep {
         return this.addSubject(policy, step as AddSubject);
       case Migration.AddEntry:
         return this.addEntry(policy, step as AddEntry);
+      case Migration.ReplaceEntries:
+        return this.replaceEntries(policy, step as ReplaceEntries)
       default:
         this.logger.info(`Unknown migration ${label}. Ignoring.`);
         return false;
@@ -263,4 +265,10 @@ export class MigrationStep {
     }
     return changed;
   }
+
+  private replaceEntries(policy: Policy, replaceEntries: ReplaceEntries) {
+    // this.logger.debug(JSON.stringify(replaceEntries, null, 4));
+    policy.entries = replaceEntries.policyEntries;
+    return true;
+  }
 }
diff --git a/policy-migration/src/model/migration.ts b/policy-migration/src/model/migration.ts
index 0b8e06a6..a1d26a2f 100644
--- a/policy-migration/src/model/migration.ts
+++ b/policy-migration/src/model/migration.ts
@@ -33,4 +33,8 @@ export type AddEntry = {
   label: string;
   entry: PolicyEntry;
   replace: boolean;
-};
\ No newline at end of file
+};
+
+export type ReplaceEntries = {
+  policyEntries: { [label: string]: PolicyEntry };
+}
\ No newline at end of file
diff --git a/policy-migration/src/search.ts b/policy-migration/src/search.ts
index 57ceeb9e..91a4030f 100644
--- a/policy-migration/src/search.ts
+++ b/policy-migration/src/search.ts
@@ -82,8 +82,16 @@ export class Search {
         this.completed = true;
       }
 
+      const policiesMap: Map<String, Policy> = new Map<String, Policy>();
+      sr.items.forEach((item) => {
+        policiesMap.set(item._policy.policyId, item._policy);
+        this.logger.debug(`Thing found: ${item.thingId}`);
+      });
       const policies: Policy[] = [];
-      sr.items.forEach((item) => policies.push(item._policy));
+      policiesMap.forEach((value, _) => {
+        policies.push(value);
+      });
+
       return policies;
     });
   }

From 43f0557a741098afb113a3bfec3e3c1b4daab1c0 Mon Sep 17 00:00:00 2001
From: Vasil Vasilev <vasil.vasilev@bosch.com>
Date: Tue, 28 Nov 2023 15:00:07 +0200
Subject: [PATCH 2/2] cleanup

Signed-off-by: Vasil Vasilev <vasil.vasilev@bosch.com>
---
 policy-migration/src/migration.ts       | 3 +--
 policy-migration/src/model/migration.ts | 2 +-
 policy-migration/src/search.ts          | 1 -
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/policy-migration/src/migration.ts b/policy-migration/src/migration.ts
index 93f284bb..1cd9862d 100644
--- a/policy-migration/src/migration.ts
+++ b/policy-migration/src/migration.ts
@@ -76,7 +76,7 @@ export class PolicyMigration {
     }
   }
 
-  private onNext(policies: Policy[]) {
+  private onNext(policies: Policy[]): void {
     policies
       .filter((p) => !this.progress.has(p.policyId)) // filter already processed policies
       .forEach((policy) => {
@@ -267,7 +267,6 @@ export class MigrationStep {
   }
 
   private replaceEntries(policy: Policy, replaceEntries: ReplaceEntries) {
-    // this.logger.debug(JSON.stringify(replaceEntries, null, 4));
     policy.entries = replaceEntries.policyEntries;
     return true;
   }
diff --git a/policy-migration/src/model/migration.ts b/policy-migration/src/model/migration.ts
index a1d26a2f..a7d4dacc 100644
--- a/policy-migration/src/model/migration.ts
+++ b/policy-migration/src/model/migration.ts
@@ -37,4 +37,4 @@ export type AddEntry = {
 
 export type ReplaceEntries = {
   policyEntries: { [label: string]: PolicyEntry };
-}
\ No newline at end of file
+}
diff --git a/policy-migration/src/search.ts b/policy-migration/src/search.ts
index 91a4030f..630e4077 100644
--- a/policy-migration/src/search.ts
+++ b/policy-migration/src/search.ts
@@ -85,7 +85,6 @@ export class Search {
       const policiesMap: Map<String, Policy> = new Map<String, Policy>();
       sr.items.forEach((item) => {
         policiesMap.set(item._policy.policyId, item._policy);
-        this.logger.debug(`Thing found: ${item.thingId}`);
       });
       const policies: Policy[] = [];
       policiesMap.forEach((value, _) => {