build(deps): bump github.com/sparetimecoders/goamqp from 0.1.3 to 0.1.4

Bumps [github.com/sparetimecoders/goamqp](https://github.com/sparetimecoders/goamqp) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/sparetimecoders/goamqp/releases)
- [Commits](https://github.com/sparetimecoders/goamqp/compare/v0.1.3...v0.1.4)

.gitlab-ci.yml

@@ -1,41 +1,75 @@
-variables:
-  GOCACHE: "${CI_PROJECT_DIR}/_go/cache"
+include:
+- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
 
-before_script:
-  - mkdir -p ${CI_PROJECT_DIR}/_go/{pkg,bin,cache}
-  - rm -rf /go/pkg || true
-  - mkdir -p /go
-  - ln -s ${CI_PROJECT_DIR}/_go/pkg /go/pkg
-  - ln -s ${CI_PROJECT_DIR}/_go/bin /go/bin
-
-cache:
-  key: "$CI_COMMIT_REF_NAME"
-  paths:
-    - _go
-  untracked: true
+image: golang:1.20.4
 
 stages:
-  - deps
-  - test
+- deps
+- test
+- prepare
+- release
+
+run-pre-commit:
+  stage: .pre
+  image: unbound/pre-commit
+  variables:
+    PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
+  cache:
+  - key:
+      files:
+      - .pre-commit-config.yaml
+    paths:
+    - ${PRE_COMMIT_HOME}
+  script:
+  - pre-commit run --all-files
 
 deps:
   stage: deps
-  image: golang:1.13
   script:
-    - go get -mod=readonly
+  - go mod download
 
 test:
   stage: test
   dependencies:
-    - deps
-  image: golang:1.13
+  - deps
   script:
-    - go fmt $(go list ./...)
-    - go vet $(go list ./...)
-    - unset "${!CI@}"
-    - CGO_ENABLED=1 go test -p 1 -mod=readonly -race -coverprofile=.testCoverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
-    - go tool cover -html=.testCoverage.txt -o coverage.html
-    - go tool cover -func=.testCoverage.txt
+  - CGO_ENABLED=1 go test -mod=readonly -race -coverprofile=coverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
+  - go tool cover -html=coverage.txt -o coverage.html
+  - go tool cover -func=coverage.txt
+  - curl -Os https://uploader.codecov.io/latest/linux/codecov
+  - chmod +x codecov
+  - ./codecov -t ${CODECOV_TOKEN} -R $CI_PROJECT_DIR -C $CI_COMMIT_SHA -r $CI_PROJECT_PATH
+
+vulnerabilities:
+  stage: test
+  image: golang:1.20.4
+  script:
+  - go install golang.org/x/vuln/cmd/govulncheck@latest
+  - govulncheck ./...
+
+prepare_release:
+  image: node:18
+  stage: prepare
+  before_script:
+  - npm install -g conventional-changelog-cli
+  script:
+  - echo "DESCRIPTION=$(conventional-changelog -p conventionalcommits)" > variables.env
   artifacts:
-    paths:
-      - coverage.html
+    reports:
+      dotenv: variables.env
+  rules:
+  - if: $CI_COMMIT_TAG
+
+release:
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  stage: release
+  needs:
+  - job: prepare_release
+    artifacts: true
+  script:
+  - echo "Running release_job for $TAG"
+  release:
+    tag_name: '$CI_COMMIT_TAG'
+    description: '$DESCRIPTION'
+  rules:
+  - if: $CI_COMMIT_TAG

.gitlab/dependabot.yml

@@ -0,0 +1,13 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+- package-ecosystem: "gomod"
+  directory: "/"
+  schedule:
+    interval: "daily"
+  open-pull-requests-limit: 20
+  rebase-strategy: none

.pre-commit-config.yaml

@@ -0,0 +1,43 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.4.0
+  hooks:
+  - id: trailing-whitespace
+  - id: end-of-file-fixer
+  - id: check-yaml
+    args:
+    - --allow-multiple-documents
+  - id: check-added-large-files
+- repo: https://github.com/jumanjihouse/pre-commit-hooks
+  rev: 3.0.0
+  hooks:
+  - id: markdownlint
+- repo: https://gitlab.com/devopshq/gitlab-ci-linter
+  rev: v1.0.3
+  hooks:
+  - id: gitlab-ci-linter
+    args:
+    - --project
+    - unboundsoftware/shiny/authz_client
+- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
+  rev: v9.3.0
+  hooks:
+  - id: commitlint
+    stages: [ commit-msg ]
+    additional_dependencies: [ '@commitlint/config-conventional' ]
+- repo: https://github.com/dnephin/pre-commit-golang
+  rev: v0.5.1
+  hooks:
+  - id: go-mod-tidy
+  - id: go-imports
+    args:
+    - -local
+    - gitlab.com/unboundsoftware/shiny/authz_client
+- repo: https://github.com/lietu/go-pre-commit
+  rev: v0.0.1
+  hooks:
+  - id: go-test
+  - id: golangci-lint
+  - id: gofumpt

README.md

@@ -1,3 +1,4 @@
 # Shiny authz-client
 
-[![Build Status](https://gitlab.com/unboundsoftware/shiny/authz-client/badges/master/pipeline.svg)](https://gitlab.com/unboundsoftware/shiny/authz-client/commits/master)[![coverage report](https://gitlab.com/unboundsoftware/shiny/authz-client/badges/master/coverage.svg)](https://gitlab.com/unboundsoftware/shiny/authz-client/commits/master)
+[![Build Status](https://gitlab.com/unboundsoftware/shiny/authz_client/badges/main/pipeline.svg)](https://gitlab.com/unboundsoftware/shiny/authz_client/commits/main)
+[![codecov](https://codecov.io/gl/unboundsoftware:shiny/authz_client/branch/main/graph/badge.svg?token=AQS7QVLCEQ)](https://codecov.io/gl/unboundsoftware:shiny/authz_client)

client.go

@@ -3,8 +3,11 @@ package client
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
+	"reflect"
+
+	"github.com/sparetimecoders/goamqp"
 )
 
 // CompanyPrivileges contains the privileges for a combination of email address and company id
@@ -18,24 +21,11 @@ type CompanyPrivileges struct {
 	Supplier   bool `json:"supplier"`
 }
 
-// PrivilegeAdded is the event sent when a new privilege is added
-type PrivilegeAdded struct {
-	Email      string `json:"email"`
-	CompanyID  string `json:"companyId"`
-	Admin      bool   `json:"admin"`
-	Company    bool   `json:"company"`
-	Consumer   bool   `json:"consumer"`
-	Time       bool   `json:"time"`
-	Invoicing  bool   `json:"invoicing"`
-	Accounting bool   `json:"accounting"`
-	Supplier   bool   `json:"supplier"`
-}
-
 // PrivilegeHandler processes PrivilegeAdded-events and fetches the initial set of privileges from an authz-service
 type PrivilegeHandler struct {
 	client     *http.Client
 	baseURL    string
-	privileges map[string]map[string]CompanyPrivileges
+	privileges map[string]map[string]*CompanyPrivileges
 }
 
 // OptsFunc is used to configure the PrivilegeHandler
@@ -53,7 +43,7 @@ func New(opts ...OptsFunc) *PrivilegeHandler {
 	handler := &PrivilegeHandler{
 		client:     &http.Client{},
 		baseURL:    "http://authz-service",
-		privileges: map[string]map[string]CompanyPrivileges{},
+		privileges: map[string]map[string]*CompanyPrivileges{},
 	}
 	for _, opt := range opts {
 		opt(handler)
@@ -68,7 +58,7 @@ func (h *PrivilegeHandler) Fetch() error {
 		return err
 	}
 
-	buff, err := ioutil.ReadAll(resp.Body)
+	buff, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return err
 	}
@@ -81,30 +71,60 @@ func (h *PrivilegeHandler) Fetch() error {
 }
 
 // Process privilege-related events and update the internal state
-func (h *PrivilegeHandler) Process(msg interface{}) bool {
-	if ev, ok := msg.(*PrivilegeAdded); ok {
-		h.setPrivileges(ev)
-		return true
+func (h *PrivilegeHandler) Process(msg interface{}, _ goamqp.Headers) (interface{}, error) {
+	switch ev := msg.(type) {
+	case *UserAdded:
+		if priv, exists := h.privileges[ev.Email]; exists {
+			priv[ev.CompanyID] = &CompanyPrivileges{}
+		} else {
+			h.privileges[ev.Email] = map[string]*CompanyPrivileges{
+				ev.CompanyID: {},
+			}
+		}
+		return nil, nil
+	case *UserRemoved:
+		if priv, exists := h.privileges[ev.Email]; exists {
+			delete(priv, ev.CompanyID)
+		}
+		return nil, nil
+	case *PrivilegeAdded:
+		h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, true)
+		return nil, nil
+	case *PrivilegeRemoved:
+		h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, false)
+		return nil, nil
+	default:
+		fmt.Printf("Got unexpected message type (%s): '%+v'\n", reflect.TypeOf(msg).String(), msg)
+		return nil, fmt.Errorf("unexpected event type: '%s'", reflect.TypeOf(msg))
 	}
-	return false
 }
 
-func (h *PrivilegeHandler) setPrivileges(ev *PrivilegeAdded) {
-	if priv, exists := h.privileges[ev.Email]; exists {
-		priv[ev.CompanyID] = CompanyPrivileges{
-			Admin:      ev.Admin,
-			Company:    ev.Company,
-			Consumer:   ev.Consumer,
-			Time:       ev.Time,
-			Invoicing:  ev.Invoicing,
-			Accounting: ev.Accounting,
-			Supplier:   ev.Supplier,
+func (h *PrivilegeHandler) setPrivileges(email, companyId string, privilege Privilege, set bool) {
+	if priv, exists := h.privileges[email]; exists {
+		if c, exists := priv[companyId]; exists {
+			switch privilege {
+			case PrivilegeAdmin:
+				c.Admin = set
+			case PrivilegeCompany:
+				c.Company = set
+			case PrivilegeConsumer:
+				c.Consumer = set
+			case PrivilegeTime:
+				c.Time = set
+			case PrivilegeInvoicing:
+				c.Invoicing = set
+			case PrivilegeAccounting:
+				c.Accounting = set
+			case PrivilegeSupplier:
+				c.Supplier = set
+			}
+		} else {
+			priv[companyId] = &CompanyPrivileges{}
+			h.setPrivileges(email, companyId, privilege, set)
 		}
 	} else {
-		h.privileges[ev.Email] = map[string]CompanyPrivileges{
-			ev.CompanyID: {},
-		}
-		h.setPrivileges(ev)
+		h.privileges[email] = map[string]*CompanyPrivileges{}
+		h.setPrivileges(email, companyId, privilege, set)
 	}
 }
 
@@ -113,10 +133,21 @@ func (h *PrivilegeHandler) CompaniesByUser(email string, predicate func(privileg
 	var result []string
 	if p, exists := h.privileges[email]; exists {
 		for k, v := range p {
-			if predicate(v) {
+			if predicate(*v) {
 				result = append(result, k)
 			}
 		}
 	}
 	return result
 }
+
+// IsAllowed return true if the provided predicate return true for the privileges matching the provided email and companyID, return false otherwise
+func (h *PrivilegeHandler) IsAllowed(email, companyID string, predicate func(privileges CompanyPrivileges) bool) bool {
+	if p, exists := h.privileges[email]; exists {
+		if v, exists := p[companyID]; exists {
+			return predicate(*v)
+		}
+	}
+
+	return false
+}

client_test.go

@@ -2,18 +2,97 @@ package client
 
 import (
 	"fmt"
-	"github.com/stretchr/testify/assert"
 	"net/http"
 	"net/http/httptest"
+	"sort"
 	"testing"
+
+	"github.com/sparetimecoders/goamqp"
+	"github.com/stretchr/testify/assert"
 )
 
 func TestPrivilegeHandler_Process_InvalidType(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process("abc")
+	result, err := handler.Process("abc", goamqp.Headers{})
 
-	assert.False(t, result)
+	assert.Nil(t, result)
+	assert.EqualError(t, err, "unexpected event type: 'string'")
+}
+
+func TestPrivilegeHandler_Process_PrivilegeRemoved(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAdmin,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return privileges.Admin
+	})
+
+	assert.Equal(t, []string{"abc-123"}, companies)
+
+	result, err = handler.Process(&PrivilegeRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAdmin,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return privileges.Admin
+	})
+
+	assert.Empty(t, companies)
+}
+
+func TestPrivilegeHandler_Process_UserAdded_And_UserRemoved(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result, err := handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	result, err = handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-456",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	sort.Strings(companies)
+	assert.Equal(t, []string{"abc-123", "abc-456"}, companies)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-456",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	assert.Empty(t, companies)
 }
 
 func TestPrivilegeHandler_GetCompanies_Email_Not_Found(t *testing.T) {
@@ -29,41 +108,48 @@ func TestPrivilegeHandler_GetCompanies_Email_Not_Found(t *testing.T) {
 func TestPrivilegeHandler_GetCompanies_No_Companies_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      false,
-		Company:    false,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
 		return privileges.Admin
 	})
 
 	assert.Empty(t, companies)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+
+	assert.Equal(t, []string{"abc-123"}, companies)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	assert.Empty(t, companies)
 }
 
 func TestPrivilegeHandler_GetCompanies_Company_With_Company_Access_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      false,
-		Company:    true,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeCompany,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
 		return privileges.Company
@@ -75,26 +161,83 @@ func TestPrivilegeHandler_GetCompanies_Company_With_Company_Access_Found(t *test
 func TestPrivilegeHandler_GetCompanies_Company_With_Admin_Access_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      true,
-		Company:    false,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeConsumer,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
-		return privileges.Admin
+		return privileges.Consumer
 	})
 
 	assert.Equal(t, []string{"abc-123"}, companies)
 }
 
+func TestPrivilegeHandler_IsAllowed_Return_False_If_No_Privileges(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Company
+	})
+
+	assert.False(t, result)
+}
+
+func TestPrivilegeHandler_IsAllowed_Return_True_If_Privilege_Exists(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeTime,
+	}, goamqp.Headers{})
+
+	result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Time
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeInvoicing,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Invoicing
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAccounting,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Accounting
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeSupplier,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Supplier
+	})
+
+	assert.True(t, result)
+}
+
 func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(500)
@@ -106,7 +249,7 @@ func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
 	server.Close()
 
 	err := handler.Fetch()
-	assert.EqualError(t, err, fmt.Sprintf("Get http://%s/authz: dial tcp %s: connect: connection refused", baseURL, baseURL))
+	assert.EqualError(t, err, fmt.Sprintf("Get \"http://%s/authz\": dial tcp %s: connect: connection refused", baseURL, baseURL))
 }
 
 func TestPrivilegeHandler_Fetch_Error_Unreadable_Body(t *testing.T) {
@@ -160,7 +303,7 @@ func TestPrivilegeHandler_Fetch_Valid(t *testing.T) {
 
 	err := handler.Fetch()
 	assert.NoError(t, err)
-	expectedPrivileges := map[string]map[string]CompanyPrivileges{
+	expectedPrivileges := map[string]map[string]*CompanyPrivileges{
 		"jim@example.org": {
 			"00010203-0405-4607-8809-0a0b0c0d0e0f": {
 				Admin:      false,

events.go

@@ -0,0 +1,62 @@
+package client
+
+// UserAdded is the event sent when a new user is added to a company
+type UserAdded struct {
+	Email     string `json:"email"`
+	CompanyID string `json:"companyId"`
+}
+
+// UserRemoved is the event sent when a user is removed from a company
+type UserRemoved struct {
+	Email     string `json:"email"`
+	CompanyID string `json:"companyId"`
+}
+
+// Privilege is an enumeration of all available privileges
+type Privilege string
+
+const (
+	PrivilegeAdmin      = "ADMIN"
+	PrivilegeCompany    = "COMPANY"
+	PrivilegeConsumer   = "CONSUMER"
+	PrivilegeTime       = "TIME"
+	PrivilegeInvoicing  = "INVOICING"
+	PrivilegeAccounting = "ACCOUNTING"
+	PrivilegeSupplier   = "SUPPLIER"
+)
+
+var AllPrivilege = []Privilege{
+	PrivilegeAdmin,
+	PrivilegeCompany,
+	PrivilegeConsumer,
+	PrivilegeTime,
+	PrivilegeInvoicing,
+	PrivilegeAccounting,
+	PrivilegeSupplier,
+}
+
+func (e Privilege) IsValid() bool {
+	switch e {
+	case PrivilegeAdmin, PrivilegeCompany, PrivilegeConsumer, PrivilegeTime, PrivilegeInvoicing, PrivilegeAccounting, PrivilegeSupplier:
+		return true
+	}
+	return false
+}
+
+func (e Privilege) String() string {
+	return string(e)
+}
+
+// PrivilegeAdded is the event sent when a new privilege is added
+type PrivilegeAdded struct {
+	Email     string    `json:"email"`
+	CompanyID string    `json:"companyId"`
+	Privilege Privilege `json:"privilege"`
+}
+
+// PrivilegeRemoved is the event sent when a privilege is removed
+type PrivilegeRemoved struct {
+	Email     string    `json:"email"`
+	CompanyID string    `json:"companyId"`
+	Privilege Privilege `json:"privilege"`
+}

events_test.go

@@ -0,0 +1,110 @@
+package client
+
+import "testing"
+
+func TestPrivilege_IsValid(t *testing.T) {
+	tests := []struct {
+		name string
+		e    Privilege
+		want bool
+	}{
+		{
+			name: "Admin",
+			e:    "ADMIN",
+			want: true,
+		},
+		{
+			name: "Company",
+			e:    "COMPANY",
+			want: true,
+		},
+		{
+			name: "Consumer",
+			e:    "CONSUMER",
+			want: true,
+		},
+		{
+			name: "Time",
+			e:    "TIME",
+			want: true,
+		},
+		{
+			name: "Invoicing",
+			e:    "INVOICING",
+			want: true,
+		},
+		{
+			name: "Accounting",
+			e:    "ACCOUNTING",
+			want: true,
+		},
+		{
+			name: "Supplier",
+			e:    "SUPPLIER",
+			want: true,
+		},
+		{
+			name: "Invalid",
+			e:    "BLUTTI",
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.e.IsValid(); got != tt.want {
+				t.Errorf("IsValid() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestPrivilege_String(t *testing.T) {
+	tests := []struct {
+		name string
+		e    Privilege
+		want string
+	}{
+		{
+			name: "Admin",
+			e:    "ADMIN",
+			want: "ADMIN",
+		},
+		{
+			name: "Company",
+			e:    "COMPANY",
+			want: "COMPANY",
+		},
+		{
+			name: "Consumer",
+			e:    "CONSUMER",
+			want: "CONSUMER",
+		},
+		{
+			name: "Time",
+			e:    "TIME",
+			want: "TIME",
+		},
+		{
+			name: "Invoicing",
+			e:    "INVOICING",
+			want: "INVOICING",
+		},
+		{
+			name: "Accounting",
+			e:    "ACCOUNTING",
+			want: "ACCOUNTING",
+		},
+		{
+			name: "Supplier",
+			e:    "SUPPLIER",
+			want: "SUPPLIER",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.e.String(); got != tt.want {
+				t.Errorf("String() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

go.mod

@@ -1,5 +1,17 @@
 module gitlab.com/unboundsoftware/shiny/authz_client
 
-go 1.13
+go 1.19
 
-require github.com/stretchr/testify v1.4.0
+require (
+	github.com/sparetimecoders/goamqp v0.1.4
+	github.com/stretchr/testify v1.8.2
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rabbitmq/amqp091-go v1.8.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -1,11 +1,33 @@
-github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rabbitmq/amqp091-go v1.8.1 h1:RejT1SBUim5doqcL6s7iN6SBmsQqyTgXb1xMlH0h1hA=
+github.com/rabbitmq/amqp091-go v1.8.1/go.mod h1:+jPrT9iY2eLjRaMSRHUhc3z14E/l85kv/f+6luSD3pc=
+github.com/sparetimecoders/goamqp v0.1.4 h1:zNvnCJYb5vraMx+OJCCuPIaXP8ub3Et15ff8ylZrPkY=
+github.com/sparetimecoders/goamqp v0.1.4/go.mod h1:WUJIWrbwl6rWxbfQTsy/doY7yHQL55L7M89k7ry6ouU=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
+go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=