common: sm: iam: move perm handler itf to common iamclient

Signed-off-by: Oleksandr Grytsov <[email protected]>

Author: al1img

src/core/common/config.hpp

@@ -604,10 +604,10 @@
 #endif
 
 /**
- * Certificate secret size.
+ * Secret len.
  */
-#ifndef AOS_CONFIG_TYPES_CERT_SECRET_SIZE
-#define AOS_CONFIG_TYPES_CERT_SECRET_SIZE 64
+#ifndef AOS_CONFIG_TYPES_SECRET_LEN
+#define AOS_CONFIG_TYPES_SECRET_LEN 64
 #endif
 
 /**

src/core/common/iamclient/itf/permhandler.hpp

@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2025 EPAM Systems, Inc.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef AOS_CORE_COMMON_IAMCLIENT_ITF_PERMHANDLER_HPP_
+#define AOS_CORE_COMMON_IAMCLIENT_ITF_PERMHANDLER_HPP_
+
+#include <core/common/types/permissions.hpp>
+
+namespace aos::iamclient {
+
+/**
+ * Permission handler interface.
+ */
+class PermHandlerItf {
+public:
+    /**
+     * Destroys permission handler interface.
+     */
+    virtual ~PermHandlerItf() = default;
+
+    /**
+     * Adds new service instance and its permissions into cache.
+     *
+     * @param instanceIdent instance identification.
+     * @param instancePermissions instance permissions.
+     * @returns RetWithError<StaticString<cSecretLen>>.
+     */
+    virtual RetWithError<StaticString<cSecretLen>> RegisterInstance(
+        const InstanceIdent& instanceIdent, const Array<FunctionServicePermissions>& instancePermissions)
+        = 0;
+
+    /**
+     * Unregisters instance deletes service instance with permissions from cache.
+     *
+     * @param instanceIdent instance identification.
+     * @returns Error.
+     */
+    virtual Error UnregisterInstance(const InstanceIdent& instanceIdent) = 0;
+};
+
+} // namespace aos::iamclient
+
+#endif

src/core/common/iamclient/itf/permprovider.hpp

@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2025 EPAM Systems, Inc.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef AOS_CORE_COMMON_IAMCLIENT_ITF_PERMPROVIDER_HPP_
+#define AOS_CORE_COMMON_IAMCLIENT_ITF_PERMPROVIDER_HPP_
+
+#include <core/common/types/permissions.hpp>
+
+namespace aos::iamclient {
+
+/**
+ * Permission provider interface.
+ */
+class PermProviderItf {
+public:
+    /**
+     * Destroys permission provider interface.
+     */
+    virtual ~PermProviderItf() = default;
+
+    /**
+     * Returns instance ident and permissions by secret and functional server ID.
+     *
+     * @param secret secret.
+     * @param funcServerID functional server ID.
+     * @param[out] instanceIdent result instance ident.
+     * @param[out] servicePermissions result service permission.
+     * @returns Error.
+     */
+    virtual Error GetPermissions(const String& secret, const String& funcServerID, InstanceIdent& instanceIdent,
+        Array<FunctionPermissions>& servicePermissions)
+        = 0;
+};
+
+} // namespace aos::iamclient
+
+#endif

src/core/common/tests/mocks/CMakeLists.txt

@@ -25,6 +25,8 @@ set(HEADERS
     logprovidermock.hpp
     monitoringmock.hpp
     ocispecmock.hpp
+    permhandlermock.hpp
+    permprovidermock.hpp
     spaceallocatormock.hpp
 )
 

src/core/common/tests/mocks/certprovidermock.hpp

@@ -0,0 +1,40 @@
+
+/*
+ * Copyright (C) 2025 EPAM Systems, Inc.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef AOS_CORE_COMMON_TESTS_MOCKS_IAMCLIENTMOCK_HPP_
+#define AOS_CORE_COMMON_TESTS_MOCKS_IAMCLIENTMOCK_HPP_
+
+#include <gmock/gmock.h>
+
+#include <core/common/iamclient/itf/certprovider.hpp>
+
+namespace aos::iamclient {
+
+/**
+ * Certificate listener mock.
+ */
+class CertListenerMock : public CertListenerItf {
+public:
+    MOCK_METHOD(void, OnCertChanged, (const CertInfo& info), (override));
+};
+
+/**
+ * Mocks certificate provider.
+ */
+
+class CertProviderMock : public CertProviderItf {
+public:
+    MOCK_METHOD(Error, GetCert,
+        (const String& certType, const Array<uint8_t>& issuer, const Array<uint8_t>& serial, CertInfo& resCert),
+        (const override));
+    MOCK_METHOD(Error, SubscribeListener, (const String& certType, CertListenerItf& certListener), (override));
+    MOCK_METHOD(Error, UnsubscribeListener, (CertListenerItf & certListener), (override));
+};
+
+} // namespace aos::iamclient
+
+#endif

src/core/iam/tests/mocks/permhandlermock.hpp renamed to src/core/common/tests/mocks/permhandlermock.hpp

@@ -9,9 +9,9 @@
 
 #include <gmock/gmock.h>
 
-#include <core/iam/permhandler/permhandler.hpp>
+#include <core/common/iamclient/itf/permhandler.hpp>
 
-namespace aos::iam::permhandler {
+namespace aos::iamclient {
 
 /**
  * Permission handler mock.
@@ -21,10 +21,8 @@ class PermHandlerMock : public PermHandlerItf {
     MOCK_METHOD(RetWithError<StaticString<cSecretLen>>, RegisterInstance,
         (const InstanceIdent&, const Array<FunctionServicePermissions>&), (override));
     MOCK_METHOD(Error, UnregisterInstance, (const InstanceIdent&), (override));
-    MOCK_METHOD(
-        Error, GetPermissions, (const String&, const String&, InstanceIdent&, Array<FunctionPermissions>&), (override));
 };
 
-} // namespace aos::iam::permhandler
+} // namespace aos::iamclient
 
 #endif

src/core/common/tests/mocks/permprovidermock.hpp

@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2024 EPAM Systems, Inc.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef AOS_CORE_IAM_TESTS_MOCKS_PERMHANDLERMOCK_HPP_
+#define AOS_CORE_IAM_TESTS_MOCKS_PERMHANDLERMOCK_HPP_
+
+#include <gmock/gmock.h>
+
+#include <core/common/iamclient/itf/permprovider.hpp>
+
+namespace aos::iamclient {
+
+/**
+ * Permission provider mock.
+ */
+class PermProviderMock : public PermProviderItf {
+public:
+    MOCK_METHOD(
+        Error, GetPermissions, (const String&, const String&, InstanceIdent&, Array<FunctionPermissions>&), (override));
+};
+
+} // namespace aos::iamclient
+
+#endif

src/core/common/types/certificates.hpp

@@ -57,8 +57,8 @@ struct CertIdent {
  * Node secret.
  */
 struct NodeSecret {
-    StaticString<cIDLen>          mNodeID;
-    StaticString<cCertSecretSize> mSecret;
+    StaticString<cIDLen>     mNodeID;
+    StaticString<cSecretLen> mSecret;
 
     /**
      * Compares node secrets.

src/core/common/types/common.hpp

@@ -89,9 +89,9 @@ constexpr auto cLabelNameLen = AOS_CONFIG_TYPES_LABEL_NAME_LEN;
 constexpr auto cMaxNumNodeLabels = AOS_CONFIG_TYPES_MAX_NUM_NODE_LABELS;
 
 /**
- * Certificate secret size.
+ * Secret len.
  */
-constexpr auto cCertSecretSize = AOS_CONFIG_TYPES_CERT_SECRET_SIZE;
+constexpr auto cSecretLen = AOS_CONFIG_TYPES_SECRET_LEN;
 
 /*
  * OS type len.

src/core/common/types/permissions.hpp

@@ -71,6 +71,29 @@ struct FunctionServicePermissions {
     StaticArray<FunctionPermissions, cFunctionsMaxCount> mPermissions;
 };
 
+/**
+ * Instance permissions.
+ */
+struct InstancePermissions : public InstanceIdent {
+    StaticString<cSecretLen>                                      mSecret;
+    StaticArray<FunctionServicePermissions, cFuncServiceMaxCount> mFuncServicePerms;
+
+    /**
+     * Creates instance permissions.
+     *
+     * @param instanceIdent instance ident.
+     * @param secret secret.
+     * @param funcServicePerms functional service permissions.
+     */
+    InstancePermissions(const InstanceIdent& instanceIdent, const String& secret,
+        const Array<FunctionServicePermissions>& funcServicePerms)
+        : InstanceIdent(instanceIdent)
+        , mSecret(secret)
+        , mFuncServicePerms(funcServicePerms)
+    {
+    }
+};
+
 } // namespace aos
 
 #endif