SMQ-3108 - Add support for public and private metadata for users and clients

apidocs/openapi/clients.yaml

@@ -943,10 +943,14 @@ components:
               example: bb7edb32-2eac-4aad-aebe-ed96fe073879
               minimum: 8
               description: Free-form account secret used for acquiring auth token(s).
-        metadata:
+        public_metadata:
           type: object
           example: { "model": "example" }
           description: Arbitrary, object-encoded client's data.
+        private_metadata:
+          type: object
+          example: { "model": "example" }
+          description: Arbitrary, object-encoded client's data, private to the client.
         status:
           type: string
           description: Client Status
@@ -1001,10 +1005,14 @@ components:
               type: string
               example: bb7edb32-2eac-4aad-aebe-ed96fe073879
               description: Client secret password.
-        metadata:
+        public_metadata:
           type: object
           example: { "model": "example" }
           description: Arbitrary, object-encoded client's data.
+        private_metadata:
+          type: object
+          example: { "model": "example" }
+          description: Arbitrary, object-encoded client's data, private to the client.
         status:
           type: string
           description: Client Status
@@ -1058,10 +1066,14 @@ components:
               type: string
               example: ""
               description: Client secret password.
-        metadata:
+        public_metadata:
           type: object
           example: { "model": "example" }
           description: Arbitrary, object-encoded client's data.
+        private_metadata:
+          type: object
+          example: { "model": "example" }
+          description: Arbitrary, object-encoded client's data, private to the client.
         status:
           type: string
           description: Client Status
@@ -1110,13 +1122,18 @@ components:
           type: string
           example: clientName
           description: Client name.
-        metadata:
+        public_metadata:
           type: object
           example: { "role": "general" }
           description: Arbitrary, object-encoded client's data.
+        private_metadata:
+          type: object
+          example: { "role": "general" }
+          description: Arbitrary, object-encoded client's data, priavet to the client.
       required:
         - name
-        - metadata
+        - public_metadata
+        - private_metadata
 
     ClientTags:
       type: object

apidocs/openapi/users.yaml

@@ -711,10 +711,14 @@ components:
           required:
             - username
             - secret
-        metadata:
+        public_metadata:
           type: object
           example: { "domain": "example.com" }
           description: Arbitrary, object-encoded user's data.
+        private_metadata:
+          type: object
+          example: { "domain": "example.com" }
+          description: Arbitrary, object-encoded user's data private to the user.
         profile_picture:
           type: string
           example: "https://example.com/profile.jpg"
@@ -767,10 +771,14 @@ components:
               type: string
               example: john_doe
               description: User's username for example john_doe for Mr John Doe.
-        metadata:
+        public_metadata:
           type: object
           example: { "address": "example" }
           description: Arbitrary, object-encoded user's data.
+        private_metadata:
+          type: object
+          example: { "address": "example" }
+          description: Arbitrary, object-encoded user's data private to the user.
         profile_picture:
           type: string
           example: "https://example.com/profile.jpg"
@@ -891,14 +899,19 @@ components:
           type: string
           example: lastName
           description: User's last name.
-        metadata:
+        public_metadata:
           type: object
           example: { "role": "general" }
           description: Arbitrary, object-encoded user's data.
+        private_metadata:
+          type: object
+          example: { "role": "general" }
+          description: Arbitrary, object-encoded user's data, private to the user.
       required:
         - first_name
         - last_name
-        - metadata
+        - public_metadata
+        - private_metadata
 
     UserTags:
       type: object
@@ -1257,7 +1270,7 @@ components:
 
     Metadata:
       name: metadata
-      description: Metadata filter. Filtering is performed matching the parameter with metadata on top level. Parameter is json.
+      description: Metadata filter. Filtering is performed matching the parameter with public metadata on top level. Parameter is json.
       in: query
       schema:
         type: object
@@ -1339,7 +1352,7 @@ components:
             $ref: "#/components/schemas/UserReqObj"
 
     UserUpdateReq:
-      description: JSON-formated document describing the metadata and name of user to be update
+      description: JSON-formated document describing the name, public and private metadata of user to be update
       required: true
       content:
         application/json:

cli/clients_test.go

@@ -306,7 +306,7 @@ func TestUpdateClientCmd(t *testing.T) {
 		logType       outputLog
 	}{
 		{
-			desc: "update client name and metadata successfully",
+			desc: "update client name and public metadata successfully",
 			args: []string{
 				client.ID,
 				updateCmd,
@@ -316,10 +316,28 @@ func TestUpdateClientCmd(t *testing.T) {
 			},
 			client: smqsdk.Client{
 				Name: "clientName",
-				Metadata: map[string]any{
-					"metadata": map[string]any{
-						"role": "general",
-					},
+				PublicMetadata: map[string]any{
+					"role": "general",
+				},
+				ID:       client.ID,
+				DomainID: client.DomainID,
+				Status:   client.Status,
+			},
+			logType: entityLog,
+		},
+		{
+			desc: "update client name and private metadata successfully",
+			args: []string{
+				client.ID,
+				updateCmd,
+				newNameandMeta,
+				domainID,
+				token,
+			},
+			client: smqsdk.Client{
+				Name: "clientName",
+				PrivateMetadata: map[string]any{
+					"role": "general",
 				},
 				ID:       client.ID,
 				DomainID: client.DomainID,

cli/users_test.go

@@ -657,7 +657,7 @@ func TestUpdateUserCmd(t *testing.T) {
 			case len(tc.args) == 4: // Basic user update
 				sdkCall = sdkMock.On("UpdateUser", mock.Anything, mgsdk.User{
 					FirstName: "new name",
-					Metadata: mgsdk.Metadata{
+					PublicMetadata: mgsdk.Metadata{
 						"key": "value",
 					},
 				}, tc.args[3]).Return(tc.user, tc.sdkErr)

clients/api/http/endpoints.go

@@ -143,9 +143,10 @@ func updateClientEndpoint(svc clients.Service) endpoint.Endpoint {
 		}
 
 		cli := clients.Client{
-			ID:       req.id,
-			Name:     req.Name,
-			Metadata: req.Metadata,
+			ID:              req.id,
+			Name:            req.Name,
+			PublicMetadata:  req.PublicMetadata,
+			PrivateMetadata: req.PrivateMetadata,
 		}
 		client, err := svc.Update(ctx, session, cli)
 		if err != nil {

clients/api/http/endpoints_test.go

@@ -32,16 +32,17 @@ import (
 )
 
 var (
-	secret         = "strongsecret"
-	validCMetadata = clients.Metadata{"role": "client"}
-	ID             = testsutil.GenerateUUID(&testing.T{})
-	client         = clients.Client{
-		ID:          ID,
-		Name:        "clientname",
-		Tags:        []string{"tag1", "tag2"},
-		Credentials: clients.Credentials{Identity: "clientidentity", Secret: secret},
-		Metadata:    validCMetadata,
-		Status:      clients.EnabledStatus,
+	secret        = "strongsecret"
+	validMetadata = clients.Metadata{"role": "client"}
+	ID            = testsutil.GenerateUUID(&testing.T{})
+	client        = clients.Client{
+		ID:              ID,
+		Name:            "clientname",
+		Tags:            []string{"tag1", "tag2"},
+		Credentials:     clients.Credentials{Identity: "clientidentity", Secret: secret},
+		PublicMetadata:  validMetadata,
+		PrivateMetadata: validMetadata,
+		Status:          clients.EnabledStatus,
 	}
 	validToken   = "token"
 	inValidToken = "invalid"
@@ -170,7 +171,7 @@ func TestCreateClient(t *testing.T) {
 					Identity: "[email protected]",
 					Secret:   "12345678",
 				},
-				Metadata: map[string]any{
+				PublicMetadata: map[string]any{
 					"test": make(chan int),
 				},
 			},
@@ -260,8 +261,9 @@ func TestCreateClients(t *testing.T) {
 				Identity: fmt.Sprintf("%[email protected]", namesgen.Generate()),
 				Secret:   secret,
 			},
-			Metadata: clients.Metadata{},
-			Status:   clients.EnabledStatus,
+			PublicMetadata:  clients.Metadata{},
+			PrivateMetadata: clients.Metadata{},
+			Status:          clients.EnabledStatus,
 		}
 		items = append(items, client)
 	}
@@ -362,7 +364,7 @@ func TestCreateClients(t *testing.T) {
 						Identity: "[email protected]",
 						Secret:   "12345678",
 					},
-					Metadata: map[string]any{
+					PublicMetadata: map[string]any{
 						"test": make(chan int),
 					},
 				},
@@ -870,14 +872,14 @@ func TestUpdateClient(t *testing.T) {
 			domainID:    domainID,
 			id:          client.ID,
 			authnRes:    smqauthn.Session{DomainUserID: domainID + "_" + validID, UserID: validID, DomainID: domainID},
-			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, newName, newTag, toJSON(newMetadata)),
+			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, newName, newTag, toJSON(newMetadata)),
 			token:       validToken,
 			contentType: contentType,
 			clientResponse: clients.Client{
-				ID:       client.ID,
-				Name:     newName,
-				Tags:     []string{newTag},
-				Metadata: newMetadata,
+				ID:             client.ID,
+				Name:           newName,
+				Tags:           []string{newTag},
+				PublicMetadata: newMetadata,
 			},
 			status: http.StatusOK,
 
@@ -886,7 +888,7 @@ func TestUpdateClient(t *testing.T) {
 		{
 			desc:        "update client with invalid token",
 			id:          client.ID,
-			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, newName, newTag, toJSON(newMetadata)),
+			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, newName, newTag, toJSON(newMetadata)),
 			domainID:    domainID,
 			token:       inValidToken,
 			contentType: contentType,
@@ -897,7 +899,7 @@ func TestUpdateClient(t *testing.T) {
 		{
 			desc:        "update client with empty token",
 			id:          client.ID,
-			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, newName, newTag, toJSON(newMetadata)),
+			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, newName, newTag, toJSON(newMetadata)),
 			domainID:    domainID,
 			token:       "",
 			contentType: contentType,
@@ -907,7 +909,7 @@ func TestUpdateClient(t *testing.T) {
 		{
 			desc:        "update client with invalid contentype",
 			id:          client.ID,
-			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, newName, newTag, toJSON(newMetadata)),
+			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, newName, newTag, toJSON(newMetadata)),
 			domainID:    domainID,
 			token:       validToken,
 			authnRes:    smqauthn.Session{DomainUserID: domainID + "_" + validID, UserID: validID, DomainID: domainID},
@@ -931,7 +933,7 @@ func TestUpdateClient(t *testing.T) {
 		{
 			desc:        "update client with empty id",
 			id:          " ",
-			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, newName, newTag, toJSON(newMetadata)),
+			data:        fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, newName, newTag, toJSON(newMetadata)),
 			domainID:    domainID,
 			token:       validToken,
 			authnRes:    smqauthn.Session{DomainUserID: domainID + "_" + validID, UserID: validID, DomainID: domainID},
@@ -944,7 +946,7 @@ func TestUpdateClient(t *testing.T) {
 			desc:           "update client with name that is too long",
 			id:             client.ID,
 			authnRes:       smqauthn.Session{DomainUserID: domainID + "_" + validID, UserID: validID, DomainID: domainID},
-			data:           fmt.Sprintf(`{"name":"%s","tags":["%s"],"metadata":%s}`, strings.Repeat("a", api.MaxNameSize+1), newTag, toJSON(newMetadata)),
+			data:           fmt.Sprintf(`{"name":"%s","tags":["%s"],"public_metadata":%s}`, strings.Repeat("a", api.MaxNameSize+1), newTag, toJSON(newMetadata)),
 			domainID:       domainID,
 			token:          validToken,
 			contentType:    contentType,

clients/api/http/requests.go

@@ -112,10 +112,11 @@ func (req listMembersReq) validate() error {
 }
 
 type updateClientReq struct {
-	id       string
-	Name     string         `json:"name,omitempty"`
-	Metadata map[string]any `json:"metadata,omitempty"`
-	Tags     []string       `json:"tags,omitempty"`
+	id              string
+	Name            string         `json:"name,omitempty"`
+	PublicMetadata  map[string]any `json:"public_metadata,omitempty"`
+	PrivateMetadata map[string]any `json:"private_metadata,omitempty"`
+	Tags            []string       `json:"tags,omitempty"`
 }
 
 func (req updateClientReq) validate() error {

clients/clients.go

@@ -153,18 +153,19 @@ type Cache interface {
 // Client Struct represents a client.
 
 type Client struct {
-	ID          string      `json:"id"`
-	Name        string      `json:"name,omitempty"`
-	Tags        []string    `json:"tags,omitempty"`
-	Domain      string      `json:"domain_id,omitempty"`
-	ParentGroup string      `json:"parent_group_id,omitempty"`
-	Credentials Credentials `json:"credentials,omitempty"`
-	Metadata    Metadata    `json:"metadata,omitempty"`
-	CreatedAt   time.Time   `json:"created_at,omitempty"`
-	UpdatedAt   time.Time   `json:"updated_at,omitempty"`
-	UpdatedBy   string      `json:"updated_by,omitempty"`
-	Status      Status      `json:"status,omitempty"` // 1 for enabled, 0 for disabled
-	Identity    string      `json:"identity,omitempty"`
+	ID              string      `json:"id"`
+	Name            string      `json:"name,omitempty"`
+	Tags            []string    `json:"tags,omitempty"`
+	Domain          string      `json:"domain_id,omitempty"`
+	ParentGroup     string      `json:"parent_group_id,omitempty"`
+	Credentials     Credentials `json:"credentials,omitempty"`
+	PublicMetadata  Metadata    `json:"public_metadata,omitempty"`
+	PrivateMetadata Metadata    `json:"private_metadata,omitempty"`
+	CreatedAt       time.Time   `json:"created_at,omitempty"`
+	UpdatedAt       time.Time   `json:"updated_at,omitempty"`
+	UpdatedBy       string      `json:"updated_by,omitempty"`
+	Status          Status      `json:"status,omitempty"` // 1 for enabled, 0 for disabled
+	Identity        string      `json:"identity,omitempty"`
 	// Extended
 	ParentGroupPath           string                    `json:"parent_group_path,omitempty"`
 	RoleID                    string                    `json:"role_id,omitempty"`