SMQ-2686 - Fix channel journals (#2685)

Signed-off-by: Felix Gateru <felix.gateru@gmail.com>

channels/events/events.go

@@ -14,7 +14,7 @@ import (
 )
 
 const (
-	channelPrefix       = "channels."
+	channelPrefix       = "channel."
 	channelCreate       = channelPrefix + "create"
 	channelUpdate       = channelPrefix + "update"
 	channelChangeStatus = channelPrefix + "change_status"

journal/journal.go

@@ -10,7 +10,6 @@ import (
 
 	apiutil "github.com/absmach/supermq/api/http/util"
 	smqauthn "github.com/absmach/supermq/pkg/authn"
-	"github.com/absmach/supermq/pkg/policies"
 )
 
 type EntityType uint8
@@ -46,20 +45,6 @@ func (e EntityType) String() string {
 	}
 }
 
-// AuthString returns the entity type as a string for authorization.
-func (e EntityType) AuthString() string {
-	switch e {
-	case UserEntity:
-		return policies.UserType
-	case GroupEntity, ChannelEntity:
-		return policies.GroupType
-	case ClientEntity:
-		return policies.ClientType
-	default:
-		return ""
-	}
-}
-
 // ToEntityType converts string value to a valid entity type.
 func ToEntityType(entityType string) (EntityType, error) {
 	switch entityType {
@@ -81,8 +66,10 @@ func (e EntityType) Query() string {
 	switch e {
 	case UserEntity:
 		return "((operation LIKE 'user.%' AND attributes->>'id' = :entity_id) OR (attributes->>'user_id' = :entity_id))"
-	case GroupEntity, ChannelEntity:
+	case GroupEntity:
 		return "((operation LIKE 'group.%' AND attributes->>'id' = :entity_id) OR (attributes->>'group_id' = :entity_id))"
+	case ChannelEntity:
+		return "((operation LIKE 'channel.%' AND attributes->>'id' = :entity_id) OR (attributes->>'channel_id' = :entity_id) OR (jsonb_exists_any(attributes->'channel_ids', array[:entity_id])))"
 	case ClientEntity:
 		return "((operation LIKE 'client.%' AND attributes->>'id' = :entity_id) OR (attributes->>'client_id' = :entity_id))"
 	default:

journal/journal_test.go

@@ -61,39 +61,33 @@ func TestEntityType(t *testing.T) {
 		desc        string
 		e           journal.EntityType
 		str         string
-		authString  string
 		queryString string
 	}{
 		{
-			desc:       "UserEntity",
-			e:          journal.UserEntity,
-			str:        "user",
-			authString: "user",
+			desc: "UserEntity",
+			e:    journal.UserEntity,
+			str:  "user",
 		},
 		{
-			desc:       "ClientEntity",
-			e:          journal.ClientEntity,
-			str:        "client",
-			authString: "client",
+			desc: "ClientEntity",
+			e:    journal.ClientEntity,
+			str:  "client",
 		},
 		{
-			desc:       "GroupEntity",
-			e:          journal.GroupEntity,
-			str:        "group",
-			authString: "group",
+			desc: "GroupEntity",
+			e:    journal.GroupEntity,
+			str:  "group",
 		},
 		{
-			desc:       "ChannelEntity",
-			e:          journal.ChannelEntity,
-			str:        "channel",
-			authString: "group",
+			desc: "ChannelEntity",
+			e:    journal.ChannelEntity,
+			str:  "channel",
 		},
 	}
 
 	for _, tc := range cases {
 		t.Run(tc.desc, func(t *testing.T) {
 			assert.Equal(t, tc.str, tc.e.String())
-			assert.Equal(t, tc.authString, tc.e.AuthString())
 			assert.NotEmpty(t, tc.e.Query())
 		})
 	}

journal/middleware/authorization.go

@@ -37,12 +37,12 @@ func (am *authorizationMiddleware) Save(ctx context.Context, journal journal.Jou
 
 func (am *authorizationMiddleware) RetrieveAll(ctx context.Context, session smqauthn.Session, page journal.Page) (journal.JournalsPage, error) {
 	permission := readPermission
-	objectType := page.EntityType.AuthString()
+	objectType := page.EntityType.String()
 	object := page.EntityID
 	subject := session.DomainUserID
 
 	// If the entity is a user, we need to check if the user is an admin
-	if page.EntityType.AuthString() == policies.UserType {
+	if page.EntityType.String() == policies.UserType {
 		permission = policies.AdminPermission
 		objectType = policies.PlatformType
 		object = policies.SuperMQObject