Merge branch 'next-release' into 'main'

chore(release): prepare for v0.3.1

See merge request unboundsoftware/shiny/authz_client!236

.gitlab-ci.yml

@@ -1,41 +1,38 @@
-variables:
-  GOCACHE: "${CI_PROJECT_DIR}/_go/cache"
+include:
+- template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml'
+- project: unboundsoftware/ci-templates
+  file: Defaults.gitlab-ci.yml
+- project: unboundsoftware/ci-templates
+  file: Release.gitlab-ci.yml
+- project: unboundsoftware/ci-templates
+  file: Pre-Commit-Go.gitlab-ci.yml
 
-before_script:
-  - mkdir -p ${CI_PROJECT_DIR}/_go/{pkg,bin,cache}
-  - rm -rf /go/pkg || true
-  - mkdir -p /go
-  - ln -s ${CI_PROJECT_DIR}/_go/pkg /go/pkg
-  - ln -s ${CI_PROJECT_DIR}/_go/bin /go/bin
-
-cache:
-  key: "$CI_COMMIT_REF_NAME"
-  paths:
-    - _go
-  untracked: true
+image: amd64/golang:1.25.3@sha256:69d10098be2e990bb1d987daec0e36d18ad287e139450dc7d98a0ded3498888d
 
 stages:
-  - deps
-  - test
+- deps
+- test
 
 deps:
   stage: deps
-  image: golang:1.13
   script:
-    - go get -mod=readonly
+  - go mod download
 
 test:
   stage: test
   dependencies:
-    - deps
-  image: golang:1.13
+  - deps
   script:
-    - go fmt $(go list ./...)
-    - go vet $(go list ./...)
-    - unset "${!CI@}"
-    - CGO_ENABLED=1 go test -p 1 -mod=readonly -race -coverprofile=.testCoverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
-    - go tool cover -html=.testCoverage.txt -o coverage.html
-    - go tool cover -func=.testCoverage.txt
-  artifacts:
-    paths:
-      - coverage.html
+  - CGO_ENABLED=1 go test -mod=readonly -race -coverprofile=coverage.txt -covermode=atomic -coverpkg=$(go list ./... | tr '\n' , | sed 's/,$//') ./...
+  - go tool cover -html=coverage.txt -o coverage.html
+  - go tool cover -func=coverage.txt
+  - curl -Os https://uploader.codecov.io/latest/linux/codecov
+  - chmod +x codecov
+  - ./codecov -t ${CODECOV_TOKEN} -R $CI_PROJECT_DIR -C $CI_COMMIT_SHA -r $CI_PROJECT_PATH
+
+vulnerabilities:
+  stage: test
+  image: amd64/golang:1.25.3@sha256:69d10098be2e990bb1d987daec0e36d18ad287e139450dc7d98a0ded3498888d
+  script:
+  - go install golang.org/x/vuln/cmd/govulncheck@latest
+  - govulncheck ./...

.golangci.yml

@@ -0,0 +1,22 @@
+version: "2"
+run:
+  allow-parallel-runners: true
+linters:
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

.pre-commit-config.yaml

@@ -0,0 +1,46 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v6.0.0
+  hooks:
+  - id: trailing-whitespace
+  - id: end-of-file-fixer
+  - id: check-yaml
+    args:
+    - --allow-multiple-documents
+  - id: check-added-large-files
+- repo: https://gitlab.com/devopshq/gitlab-ci-linter
+  rev: v1.0.6
+  hooks:
+  - id: gitlab-ci-linter
+    args:
+    - --project
+    - unboundsoftware/shiny/authz_client
+- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
+  rev: v9.23.0
+  hooks:
+  - id: commitlint
+    stages: [ commit-msg ]
+    additional_dependencies: [ '@commitlint/config-conventional' ]
+- repo: https://github.com/dnephin/pre-commit-golang
+  rev: v0.5.1
+  hooks:
+  - id: go-mod-tidy
+  - id: go-imports
+    args:
+    - -local
+    - gitlab.com/unboundsoftware/shiny/authz_client
+- repo: https://github.com/lietu/go-pre-commit
+  rev: v1.0.0
+  hooks:
+  - id: go-test
+  - id: gofumpt
+- repo: https://github.com/golangci/golangci-lint
+  rev: v2.6.0
+  hooks:
+  - id: golangci-lint-full
+- repo: https://github.com/gitleaks/gitleaks
+  rev: v8.28.0
+  hooks:
+  - id: gitleaks

.version

@@ -0,0 +1 @@
+{"version":"v0.3.1"}

CHANGELOG.md

@@ -0,0 +1,384 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [0.3.1] - 2025-11-02
+
+### 🐛 Bug Fixes
+
+- Change to write lock for thread safety in json unmarshal
+
+### ⚙️ Miscellaneous Tasks
+
+- *(deps)* Update golang:1.25.1 docker digest to 53f7808
+- *(deps)* Update pre-commit hook lietu/go-pre-commit to v1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.5.0
+- *(deps)* Update golang:1.25.1 docker digest to 12640a4
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.23.0
+- *(deps)* Update dependency go to v1.25.2
+- *(deps)* Update golang docker tag to v1.25.2
+- *(deps)* Update dependency go to v1.25.3
+- *(deps)* Update golang docker tag to v1.25.3
+- Add default configuration for git-cliff
+- *(deps)* Update golang:1.25.3 docker digest to 69d1009
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.6.0
+
+## [0.3.0] - 2025-09-06
+
+### 🚀 Features
+
+- *(ci)* Add defaults pipeline template for CI workflow
+- Add salary privilege to privilege management system
+
+### 🐛 Bug Fixes
+
+- *(deps)* Update module github.com/sparetimecoders/goamqp to v0.3.3
+- *(deps)* Update module github.com/stretchr/testify to v1.11.0
+- *(deps)* Update module github.com/stretchr/testify to v1.11.1
+
+### ⚙️ Miscellaneous Tasks
+
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.4
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.5
+- *(deps)* Update golang:1.24.2 docker digest to bf7899c
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.25.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.25.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.1.6
+- *(deps)* Update dependency go to v1.24.3
+- *(deps)* Update golang docker tag to v1.24.3
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.26.0
+- *(deps)* Update golang:1.24.3 docker digest to f255a7d
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.27.0
+- *(deps)* Update dependency go to v1.24.4
+- *(deps)* Update golang docker tag to v1.24.4
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.27.1
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.27.2
+- *(deps)* Update golang:1.24.4 docker digest to 3494bbe
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.2.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.2.1
+- *(deps)* Update golang:1.24.4 docker digest to 9f820b6
+- *(deps)* Update dependency go to v1.24.5
+- *(deps)* Update golang docker tag to v1.24.5
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.2.2
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.28.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.3.0
+- *(deps)* Update golang:1.24.5 docker digest to 0a156a4
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.3.1
+- *(deps)* Update dependency go to v1.24.6
+- *(deps)* Update golang docker tag to v1.24.6
+- *(deps)* Update pre-commit hook pre-commit/pre-commit-hooks to v6
+- *(deps)* Update golang:1.24.6 docker digest to 958bfd1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.4.0
+- *(deps)* Update golang docker tag to v1.25.0
+- *(deps)* Update dependency go to v1.25.0
+- *(deps)* Update golang:1.25.0 docker digest to f6b9e1a
+- *(deps)* Update dependency go to v1.25.1
+- *(deps)* Update golang docker tag to v1.25.1
+
+## [0.2.0] - 2025-04-11
+
+### 🚀 Features
+
+- Add timeout configuration to golangci-lint
+- Add setup method for privilege event consumers
+
+### 🐛 Bug Fixes
+
+- *(deps)* Update module github.com/stretchr/testify to v1.10.0
+- *(ci)* Update go image to amd64 architecture version
+- *(deps)* Update module github.com/sparetimecoders/goamqp to v0.3.2
+
+### 🚜 Refactor
+
+- *(ci)* Remove pre-commit job and add new template
+
+### ⚙️ Miscellaneous Tasks
+
+- *(deps)* Update pre-commit hook pre-commit/pre-commit-hooks to v5
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.20.1
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.21.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.21.1
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.21.2
+- *(deps)* Pin golang docker tag to ad5c126
+- *(deps)* Pin unbound/pre-commit docker tag to 92fce44
+- *(deps)* Update golang docker tag to v1.23.3
+- *(deps)* Update unbound/pre-commit docker digest to 596abf5
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.62.0
+- *(deps)* Update golang:1.23.3 docker digest to 8956c08
+- *(deps)* Update unbound/pre-commit docker digest to e78425c
+- *(deps)* Update golang:1.23.3 docker digest to 3694e36
+- *(deps)* Update golang:1.23.3 docker digest to b2ca381
+- *(deps)* Update golang:1.23.3 docker digest to 2660218
+- *(deps)* Update golang:1.23.3 docker digest to c2d828f
+- *(deps)* Update golang:1.23.3 docker digest to 73f06be
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.62.2
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.19.0
+- *(deps)* Update golang:1.23.3 docker digest to ee5f0ad
+- *(deps)* Update golang:1.23.3 docker digest to b4aabba
+- *(deps)* Update golang:1.23.3 docker digest to 2b01164
+- *(deps)* Update golang:1.23.3 docker digest to 017ec6b
+- *(deps)* Update golang docker tag to v1.23.4
+- *(deps)* Update golang:1.23.4 docker digest to 574185e
+- *(deps)* Update golang:1.23.4 docker digest to 7003184
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.20.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.21.3
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.21.4
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.22.0
+- *(deps)* Update golang:1.23.4 docker digest to 7ea4c9d
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.22.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.63.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.63.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.63.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.63.3
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.63.4
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.23.0
+- *(deps)* Update golang:1.23.4 docker digest to 3b1a7de
+- *(deps)* Update golang:1.23.4 docker digest to 08e1417
+- *(deps)* Update golang:1.23.4 docker digest to 585103a
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.23.1
+- *(deps)* Update golang:1.23.4 docker digest to 5305905
+- *(deps)* Update golang:1.23.4 docker digest to 9820aca
+- *(deps)* Update golang docker tag to v1.23.5
+- *(deps)* Update golang:1.23.5 docker digest to 8c10f21
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.23.2
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.23.3
+- *(deps)* Update golang:1.23.5 docker digest to e213430
+- *(deps)* Update golang docker tag to v1.23.6
+- *(deps)* Update golang:1.23.6 docker digest to 958bd2e
+- *(deps)* Update golang:1.23.6 docker digest to 9271129
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.2
+- *(deps)* Update golang docker tag to v1.24.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.4
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.5
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.21.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.24.0
+- *(deps)* Update golang:1.24.0 docker digest to 4a3f101
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.6
+- *(deps)* Update golang docker tag to v1.24.1
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.22.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.7
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.64.8
+- *(deps)* Update golang:1.24.1 docker digest to 5ecf333
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.24.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.0.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v2.0.2
+- *(deps)* Update golang docker tag to v1.24.2
+- *(deps)* Update golang:1.24.2 docker digest to aebb7df
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.24.3
+
+## [0.1.4] - 2024-10-05
+
+### 🐛 Bug Fixes
+
+- *(deps)* Update module github.com/stretchr/testify to v1.9.0
+- *(deps)* Update module github.com/sparetimecoders/goamqp to v0.3.1
+
+### ⚙️ Miscellaneous Tasks
+
+- Update to Go 1.21.6
+- Update to Go 1.22.0
+- *(deps)* Update node.js to v20
+- *(deps)* Update pre-commit hook devopshq/gitlab-ci-linter to v1.0.6
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.11.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.56.2
+- *(deps)* Update pre-commit hook lietu/go-pre-commit to v0.1.0
+- *(deps)* Update pre-commit hook pre-commit/pre-commit-hooks to v4.5.0
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.12.0
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.13.0
+- *(deps)* Update golang docker tag to v1.22.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.57.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.57.1
+- Add gitleaks to pre-commit setup
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.18.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.57.2
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.14.0
+- *(deps)* Update golang docker tag to v1.22.2
+- *(deps)* Update pre-commit hook pre-commit/pre-commit-hooks to v4.6.0
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.15.0
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.16.0
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.58.0
+- *(deps)* Update golang docker tag to v1.22.3
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.58.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.58.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.59.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.18.3
+- *(deps)* Update golang docker tag to v1.22.4
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.59.1
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.18.4
+- *(deps)* Update golang docker tag to v1.22.5
+- *(deps)* Update golang docker tag to v1.22.6
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.60.1
+- *(deps)* Update golang docker tag to v1.23.0
+- Update golangci-lint to use full version
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.60.2
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.60.3
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.17.0
+- *(deps)* Update golang docker tag to v1.23.1
+- *(deps)* Update pre-commit hook golangci/golangci-lint to v1.61.0
+- *(deps)* Update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.18.0
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.19.1
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.19.2
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.19.3
+- *(deps)* Update golang docker tag to v1.23.2
+- *(deps)* Update pre-commit hook gitleaks/gitleaks to v8.20.0
+- Add release flow
+- Remove old release job
+
+### Build
+
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.2.1 to 0.3.0
+
+## [0.1.3] - 2023-12-26
+
+### 🐛 Bug Fixes
+
+- Prohibit concurrent read/write
+
+### ⚙️ Miscellaneous Tasks
+
+- Update Go version
+- Make releases handle multi-line release notes
+- Update to Go 1.20.7
+- Update pre-commit versions
+- Update to Golang 1.21.0
+- Update to Go 1.21.1 for vulnerabilities
+- Use 1.21.1 in go.mod for Dependabot
+- Update to go 1.21.3 and remove patch level
+- Update version of Go
+
+### Build
+
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.1.4 to 0.1.5
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.1.5 to 0.2.0
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.2.0 to 0.2.1
+
+## [0.1.2] - 2023-06-04
+
+### ⚙️ Miscellaneous Tasks
+
+- Update pre-commit and fix golangci-lint
+- Update golangci-lint
+
+### Build
+
+- *(deps)* Bump github.com/stretchr/testify from 1.8.2 to 1.8.3
+- *(deps)* Bump github.com/stretchr/testify from 1.8.3 to 1.8.4
+
+## [0.1.1] - 2023-05-11
+
+### 🐛 Bug Fixes
+
+- Run builds with Go 1.19.2 to fix vulnerabilities
+
+### ⚙️ Miscellaneous Tasks
+
+- Add vulnerability-check
+- Replace deprecated ioutil.ReadAll
+- Add pre-commit and remove those checks from test step
+- Add local module to pre-commit config
+- Add release handling
+- Update to Go 1.19.5
+- Change dependabot rebase strategy
+- Update to golang 1.20.1
+- Update Go verion for vulnerabilities scan
+- Update to Go 1.20.3
+- Update Go version and fix gitlabci lint
+
+### Build
+
+- *(deps)* Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.1.1 to 0.1.2
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.1.2 to 0.1.3
+- *(deps)* Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
+- *(deps)* Bump github.com/sparetimecoders/goamqp from 0.1.3 to 0.1.4
+
+## [0.1.0] - 2022-07-20
+
+### 🐛 Bug Fixes
+
+- Pipeline
+
+### ⚙️ Miscellaneous Tasks
+
+- Add dependabot config
+- *(deps)* Bump gitlab.com/sparetimecoders/goamqp from 0.3.1 to 0.3.2
+- *(deps)* Bump github.com/stretchr/testify from 1.4.0 to 1.7.0
+- Remove dependabot-standalone
+- Change to codecov binary instead of bash uploader
+- *(deps)* Bump gitlab.com/sparetimecoders/goamqp from 0.3.2 to 0.4.0
+- Switch to moved goamqp
+
+### Build
+
+- Add params to codecov
+- *(deps)* Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
+- *(deps)* Bump gitlab.com/sparetimecoders/goamqp from 0.4.0 to 0.5.0
+- *(deps)* Bump github.com/stretchr/testify from 1.7.1 to 1.7.2
+- *(deps)* Bump github.com/stretchr/testify from 1.7.2 to 1.7.4
+- *(deps)* Bump github.com/stretchr/testify from 1.7.4 to 1.7.5
+- *(deps)* Bump github.com/stretchr/testify from 1.7.5 to 1.8.0
+
+## [0.0.8] - 2021-05-15
+
+### ⚙️ Miscellaneous Tasks
+
+- Add codecov upload
+- Simplify pipeline
+- Change coverage badge to codecov.io
+- Add CI workflows
+- Rename master -> main
+- Group imports
+- Update to latest version of goamqp
+
+## [0.0.7] - 2020-04-12
+
+### 🐛 Bug Fixes
+
+- Update to Go 1.14 to fix test errors
+- Use go mod download
+- Sort companies before comparing since map-iteration is not stable
+
+## [0.0.6] - 2020-04-12
+
+### 🐛 Bug Fixes
+
+- Path to repo
+
+### ⚙️ Miscellaneous Tasks
+
+- Add tests
+- Modify event structure
+
+## [0.0.5] - 2019-12-31
+
+### 🚀 Features
+
+- Add handling of removed privilege
+
+## [0.0.4] - 2019-12-08
+
+### 🚀 Features
+
+- Add name and registration number to event
+
+## [0.0.3] - 2019-11-22
+
+### 🐛 Bug Fixes
+
+- Print unexpected messages
+
+## [0.0.2] - 2019-11-06
+
+### 🚀 Features
+
+- Initial version
+
+### 🐛 Bug Fixes
+
+- Rename module
+
+<!-- generated by git-cliff -->

README.md

@@ -1,3 +1,4 @@
 # Shiny authz-client
 
-[![Build Status](https://gitlab.com/unboundsoftware/shiny/authz-client/badges/master/pipeline.svg)](https://gitlab.com/unboundsoftware/shiny/authz-client/commits/master)[![coverage report](https://gitlab.com/unboundsoftware/shiny/authz-client/badges/master/coverage.svg)](https://gitlab.com/unboundsoftware/shiny/authz-client/commits/master)
+[![Build Status](https://gitlab.com/unboundsoftware/shiny/authz_client/badges/main/pipeline.svg)](https://gitlab.com/unboundsoftware/shiny/authz_client/commits/main)
+[![codecov](https://codecov.io/gl/unboundsoftware:shiny/authz_client/branch/main/graph/badge.svg?token=AQS7QVLCEQ)](https://codecov.io/gl/unboundsoftware:shiny/authz_client)

client.go

@@ -3,9 +3,12 @@ package client
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"reflect"
+	"sync"
+
+	"github.com/sparetimecoders/goamqp"
 )
 
 // CompanyPrivileges contains the privileges for a combination of email address and company id
@@ -17,36 +20,15 @@ type CompanyPrivileges struct {
 	Invoicing  bool `json:"invoicing"`
 	Accounting bool `json:"accounting"`
 	Supplier   bool `json:"supplier"`
-}
-
-// PrivilegeAdded is the event sent when a new privilege is added
-type PrivilegeAdded struct {
-	Email              string `json:"email"`
-	CompanyID          string `json:"companyId"`
-	Name               string `json:"name"`
-	RegistrationNumber string `json:"registrationNumber"`
-	Admin              bool   `json:"admin"`
-	Company            bool   `json:"company"`
-	Consumer           bool   `json:"consumer"`
-	Time               bool   `json:"time"`
-	Invoicing          bool   `json:"invoicing"`
-	Accounting         bool   `json:"accounting"`
-	Supplier           bool   `json:"supplier"`
-}
-
-// PrivilegeRemoved is the event sent when a privilege is removed
-type PrivilegeRemoved struct {
-	Email              string `json:"email"`
-	CompanyID          string `json:"companyId"`
-	Name               string `json:"name"`
-	RegistrationNumber string `json:"registrationNumber"`
+	Salary     bool `json:"salary"`
 }
 
 // PrivilegeHandler processes PrivilegeAdded-events and fetches the initial set of privileges from an authz-service
 type PrivilegeHandler struct {
+	*sync.RWMutex
 	client     *http.Client
 	baseURL    string
-	privileges map[string]map[string]CompanyPrivileges
+	privileges map[string]map[string]*CompanyPrivileges
 }
 
 // OptsFunc is used to configure the PrivilegeHandler
@@ -62,9 +44,10 @@ func WithBaseURL(url string) OptsFunc {
 // New creates a new PrivilegeHandler. Pass OptsFuncs to configure.
 func New(opts ...OptsFunc) *PrivilegeHandler {
 	handler := &PrivilegeHandler{
+		RWMutex:    &sync.RWMutex{},
 		client:     &http.Client{},
 		baseURL:    "http://authz-service",
-		privileges: map[string]map[string]CompanyPrivileges{},
+		privileges: map[string]map[string]*CompanyPrivileges{},
 	}
 	for _, opt := range opts {
 		opt(handler)
@@ -79,11 +62,13 @@ func (h *PrivilegeHandler) Fetch() error {
 		return err
 	}
 
-	buff, err := ioutil.ReadAll(resp.Body)
+	buff, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return err
 	}
 
+	h.Lock()
+	defer h.Unlock()
 	err = json.Unmarshal(buff, &h.privileges)
 	if err != nil {
 		return err
@@ -91,52 +76,91 @@ func (h *PrivilegeHandler) Fetch() error {
 	return nil
 }
 
+func (h *PrivilegeHandler) Setup() []goamqp.Setup {
+	return []goamqp.Setup{
+		goamqp.TransientEventStreamConsumer("User.Added", h.Process, UserAdded{}),
+		goamqp.TransientEventStreamConsumer("User.Removed", h.Process, UserRemoved{}),
+		goamqp.TransientEventStreamConsumer("Privilege.Added", h.Process, PrivilegeAdded{}),
+		goamqp.TransientEventStreamConsumer("Privilege.Removed", h.Process, PrivilegeRemoved{}),
+	}
+}
+
 // Process privilege-related events and update the internal state
-func (h *PrivilegeHandler) Process(msg interface{}) bool {
+func (h *PrivilegeHandler) Process(msg interface{}, _ goamqp.Headers) (interface{}, error) {
 	switch ev := msg.(type) {
+	case *UserAdded:
+		if priv, exists := h.privileges[ev.Email]; exists {
+			priv[ev.CompanyID] = &CompanyPrivileges{}
+		} else {
+			h.Lock()
+			defer h.Unlock()
+			h.privileges[ev.Email] = map[string]*CompanyPrivileges{
+				ev.CompanyID: {},
+			}
+		}
+		return nil, nil
+	case *UserRemoved:
+		if priv, exists := h.privileges[ev.Email]; exists {
+			h.Lock()
+			defer h.Unlock()
+			delete(priv, ev.CompanyID)
+		}
+		return nil, nil
 	case *PrivilegeAdded:
-		h.setPrivileges(ev)
-		return true
+		h.Lock()
+		defer h.Unlock()
+		h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, true)
+		return nil, nil
 	case *PrivilegeRemoved:
-		h.removePrivileges(ev)
-		return true
+		h.Lock()
+		defer h.Unlock()
+		h.setPrivileges(ev.Email, ev.CompanyID, ev.Privilege, false)
+		return nil, nil
 	default:
 		fmt.Printf("Got unexpected message type (%s): '%+v'\n", reflect.TypeOf(msg).String(), msg)
-		return false
+		return nil, fmt.Errorf("unexpected event type: '%s'", reflect.TypeOf(msg))
 	}
 }
 
-func (h *PrivilegeHandler) setPrivileges(ev *PrivilegeAdded) {
-	if priv, exists := h.privileges[ev.Email]; exists {
-		priv[ev.CompanyID] = CompanyPrivileges{
-			Admin:      ev.Admin,
-			Company:    ev.Company,
-			Consumer:   ev.Consumer,
-			Time:       ev.Time,
-			Invoicing:  ev.Invoicing,
-			Accounting: ev.Accounting,
-			Supplier:   ev.Supplier,
+func (h *PrivilegeHandler) setPrivileges(email, companyId string, privilege Privilege, set bool) {
+	if priv, exists := h.privileges[email]; exists {
+		if c, exists := priv[companyId]; exists {
+			switch privilege {
+			case PrivilegeAdmin:
+				c.Admin = set
+			case PrivilegeCompany:
+				c.Company = set
+			case PrivilegeConsumer:
+				c.Consumer = set
+			case PrivilegeTime:
+				c.Time = set
+			case PrivilegeInvoicing:
+				c.Invoicing = set
+			case PrivilegeAccounting:
+				c.Accounting = set
+			case PrivilegeSupplier:
+				c.Supplier = set
+			case PrivilegeSalary:
+				c.Salary = set
+			}
+		} else {
+			priv[companyId] = &CompanyPrivileges{}
+			h.setPrivileges(email, companyId, privilege, set)
 		}
 	} else {
-		h.privileges[ev.Email] = map[string]CompanyPrivileges{
-			ev.CompanyID: {},
-		}
-		h.setPrivileges(ev)
-	}
-}
-
-func (h *PrivilegeHandler) removePrivileges(ev *PrivilegeRemoved) {
-	if priv, exists := h.privileges[ev.Email]; exists {
-		delete(priv, ev.CompanyID)
+		h.privileges[email] = map[string]*CompanyPrivileges{}
+		h.setPrivileges(email, companyId, privilege, set)
 	}
 }
 
 // CompaniesByUser return a slice of company ids matching the provided email and predicate func
 func (h *PrivilegeHandler) CompaniesByUser(email string, predicate func(privileges CompanyPrivileges) bool) []string {
+	h.RLock()
+	defer h.RUnlock()
 	var result []string
 	if p, exists := h.privileges[email]; exists {
 		for k, v := range p {
-			if predicate(v) {
+			if predicate(*v) {
 				result = append(result, k)
 			}
 		}
@@ -146,9 +170,11 @@ func (h *PrivilegeHandler) CompaniesByUser(email string, predicate func(privileg
 
 // IsAllowed return true if the provided predicate return true for the privileges matching the provided email and companyID, return false otherwise
 func (h *PrivilegeHandler) IsAllowed(email, companyID string, predicate func(privileges CompanyPrivileges) bool) bool {
+	h.RLock()
+	defer h.RUnlock()
 	if p, exists := h.privileges[email]; exists {
 		if v, exists := p[companyID]; exists {
-			return predicate(v)
+			return predicate(*v)
 		}
 	}
 

client_test.go

@@ -2,18 +2,97 @@ package client
 
 import (
 	"fmt"
-	"github.com/stretchr/testify/assert"
 	"net/http"
 	"net/http/httptest"
+	"sort"
 	"testing"
+
+	"github.com/sparetimecoders/goamqp"
+	"github.com/stretchr/testify/assert"
 )
 
 func TestPrivilegeHandler_Process_InvalidType(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process("abc")
+	result, err := handler.Process("abc", goamqp.Headers{})
 
-	assert.False(t, result)
+	assert.Nil(t, result)
+	assert.EqualError(t, err, "unexpected event type: 'string'")
+}
+
+func TestPrivilegeHandler_Process_PrivilegeRemoved(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAdmin,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return privileges.Admin
+	})
+
+	assert.Equal(t, []string{"abc-123"}, companies)
+
+	result, err = handler.Process(&PrivilegeRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAdmin,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return privileges.Admin
+	})
+
+	assert.Empty(t, companies)
+}
+
+func TestPrivilegeHandler_Process_UserAdded_And_UserRemoved(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result, err := handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	result, err = handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-456",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	sort.Strings(companies)
+	assert.Equal(t, []string{"abc-123", "abc-456"}, companies)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-456",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	assert.Empty(t, companies)
 }
 
 func TestPrivilegeHandler_GetCompanies_Email_Not_Found(t *testing.T) {
@@ -29,41 +108,48 @@ func TestPrivilegeHandler_GetCompanies_Email_Not_Found(t *testing.T) {
 func TestPrivilegeHandler_GetCompanies_No_Companies_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      false,
-		Company:    false,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&UserAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
 		return privileges.Admin
 	})
 
 	assert.Empty(t, companies)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+
+	assert.Equal(t, []string{"abc-123"}, companies)
+
+	result, err = handler.Process(&UserRemoved{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
+
+	companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
+		return true
+	})
+	assert.Empty(t, companies)
 }
 
 func TestPrivilegeHandler_GetCompanies_Company_With_Company_Access_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      false,
-		Company:    true,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeCompany,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
 		return privileges.Company
@@ -75,26 +161,95 @@ func TestPrivilegeHandler_GetCompanies_Company_With_Company_Access_Found(t *test
 func TestPrivilegeHandler_GetCompanies_Company_With_Admin_Access_Found(t *testing.T) {
 	handler := New(WithBaseURL("base"))
 
-	result := handler.Process(&PrivilegeAdded{
-		Email:      "jim@example.org",
-		CompanyID:  "abc-123",
-		Admin:      true,
-		Company:    false,
-		Consumer:   false,
-		Time:       false,
-		Invoicing:  false,
-		Accounting: false,
-		Supplier:   false,
-	})
-	assert.True(t, result)
+	result, err := handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeConsumer,
+	}, goamqp.Headers{})
+	assert.Nil(t, result)
+	assert.NoError(t, err)
 
 	companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
-		return privileges.Admin
+		return privileges.Consumer
 	})
 
 	assert.Equal(t, []string{"abc-123"}, companies)
 }
 
+func TestPrivilegeHandler_IsAllowed_Return_False_If_No_Privileges(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Company
+	})
+
+	assert.False(t, result)
+}
+
+func TestPrivilegeHandler_IsAllowed_Return_True_If_Privilege_Exists(t *testing.T) {
+	handler := New(WithBaseURL("base"))
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeTime,
+	}, goamqp.Headers{})
+
+	result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Time
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeInvoicing,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Invoicing
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeAccounting,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Accounting
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeSupplier,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Supplier
+	})
+
+	assert.True(t, result)
+
+	_, _ = handler.Process(&PrivilegeAdded{
+		Email:     "jim@example.org",
+		CompanyID: "abc-123",
+		Privilege: PrivilegeSalary,
+	}, goamqp.Headers{})
+
+	result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
+		return privileges.Salary
+	})
+
+	assert.True(t, result)
+}
+
 func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(500)
@@ -106,7 +261,7 @@ func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
 	server.Close()
 
 	err := handler.Fetch()
-	assert.EqualError(t, err, fmt.Sprintf("Get http://%s/authz: dial tcp %s: connect: connection refused", baseURL, baseURL))
+	assert.EqualError(t, err, fmt.Sprintf("Get \"http://%s/authz\": dial tcp %s: connect: connection refused", baseURL, baseURL))
 }
 
 func TestPrivilegeHandler_Fetch_Error_Unreadable_Body(t *testing.T) {
@@ -146,7 +301,8 @@ func TestPrivilegeHandler_Fetch_Valid(t *testing.T) {
       "time": true,
       "invoicing": true,
       "accounting": false,
-      "supplier": false
+      "supplier": false,
+      "salary": true
     }
   }
 }`
@@ -160,7 +316,7 @@ func TestPrivilegeHandler_Fetch_Valid(t *testing.T) {
 
 	err := handler.Fetch()
 	assert.NoError(t, err)
-	expectedPrivileges := map[string]map[string]CompanyPrivileges{
+	expectedPrivileges := map[string]map[string]*CompanyPrivileges{
 		"jim@example.org": {
 			"00010203-0405-4607-8809-0a0b0c0d0e0f": {
 				Admin:      false,
@@ -170,6 +326,7 @@ func TestPrivilegeHandler_Fetch_Valid(t *testing.T) {
 				Invoicing:  true,
 				Accounting: false,
 				Supplier:   false,
+				Salary:     true,
 			},
 		},
 	}

cliff.toml

@@ -0,0 +1,80 @@
+# git-cliff ~ default configuration file
+# https://git-cliff.org/docs/configuration
+#
+# Lines starting with "#" are comments.
+# Configuration options are organized into tables and keys.
+# See documentation for more information on available options.
+
+[changelog]
+# template for the changelog header
+header = """
+# Changelog\n
+All notable changes to this project will be documented in this file.\n
+"""
+# template for the changelog body
+# https://keats.github.io/tera/docs/#introduction
+body = """
+{% if version %}\
+    ## [{{ version | trim_start_matches(pat="v") }}] - {{ timestamp | date(format="%Y-%m-%d") }}
+{% else %}\
+    ## [unreleased]
+{% endif %}\
+{% for group, commits in commits | group_by(attribute="group") %}
+    ### {{ group | striptags | trim | upper_first }}
+    {% for commit in commits %}
+        - {% if commit.scope %}*({{ commit.scope }})* {% endif %}\
+            {% if commit.breaking %}[**breaking**] {% endif %}\
+            {{ commit.message | upper_first }}\
+    {% endfor %}
+{% endfor %}\n
+"""
+# template for the changelog footer
+footer = """
+<!-- generated by git-cliff -->
+"""
+# remove the leading and trailing s
+trim = true
+# postprocessors
+postprocessors = [
+  # { pattern = '<REPO>', replace = "https://github.com/orhun/git-cliff" }, # replace repository URL
+]
+# render body even when there are no releases to process
+# render_always = true
+# output file path
+# output = "test.md"
+
+[git]
+# parse the commits based on https://www.conventionalcommits.org
+conventional_commits = true
+# filter out the commits that are not conventional
+filter_unconventional = true
+# process each line of a commit as an individual commit
+split_commits = false
+# regex for preprocessing the commit messages
+commit_preprocessors = [
+  # Replace issue numbers
+  #{ pattern = '\((\w+\s)?#([0-9]+)\)', replace = "([#${2}](<REPO>/issues/${2}))"},
+  # Check spelling of the commit with https://github.com/crate-ci/typos
+  # If the spelling is incorrect, it will be automatically fixed.
+  #{ pattern = '.*', replace_command = 'typos --write-changes -' },
+]
+# regex for parsing and grouping commits
+commit_parsers = [
+  { message = "^feat", group = "<!-- 0 -->🚀 Features" },
+  { message = "^fix", group = "<!-- 1 -->🐛 Bug Fixes" },
+  { message = "^doc", group = "<!-- 3 -->📚 Documentation" },
+  { message = "^perf", group = "<!-- 4 -->⚡ Performance" },
+  { message = "^refactor", group = "<!-- 2 -->🚜 Refactor" },
+  { message = "^style", group = "<!-- 5 -->🎨 Styling" },
+  { message = "^test", group = "<!-- 6 -->🧪 Testing" },
+  { message = "^chore\\(release\\): prepare for", skip = true },
+  { message = "^chore|^ci", group = "<!-- 7 -->⚙️ Miscellaneous Tasks" },
+  { body = ".*security", group = "<!-- 8 -->🛡️ Security" },
+  { message = "^revert", group = "<!-- 9 -->◀️ Revert" },
+]
+# filter out the commits that are not matched by commit parsers
+filter_commits = false
+# sort the tags topologically
+topo_order = false
+# sort the commits inside sections by oldest/newest order
+sort_commits = "oldest"

events.go

@@ -0,0 +1,64 @@
+package client
+
+// UserAdded is the event sent when a new user is added to a company
+type UserAdded struct {
+	Email     string `json:"email"`
+	CompanyID string `json:"companyId"`
+}
+
+// UserRemoved is the event sent when a user is removed from a company
+type UserRemoved struct {
+	Email     string `json:"email"`
+	CompanyID string `json:"companyId"`
+}
+
+// Privilege is an enumeration of all available privileges
+type Privilege string
+
+const (
+	PrivilegeAdmin      = "ADMIN"
+	PrivilegeCompany    = "COMPANY"
+	PrivilegeConsumer   = "CONSUMER"
+	PrivilegeTime       = "TIME"
+	PrivilegeInvoicing  = "INVOICING"
+	PrivilegeAccounting = "ACCOUNTING"
+	PrivilegeSupplier   = "SUPPLIER"
+	PrivilegeSalary     = "SALARY"
+)
+
+var AllPrivilege = []Privilege{
+	PrivilegeAdmin,
+	PrivilegeCompany,
+	PrivilegeConsumer,
+	PrivilegeTime,
+	PrivilegeInvoicing,
+	PrivilegeAccounting,
+	PrivilegeSupplier,
+	PrivilegeSalary,
+}
+
+func (e Privilege) IsValid() bool {
+	switch e {
+	case PrivilegeAdmin, PrivilegeCompany, PrivilegeConsumer, PrivilegeTime, PrivilegeInvoicing, PrivilegeAccounting, PrivilegeSupplier, PrivilegeSalary:
+		return true
+	}
+	return false
+}
+
+func (e Privilege) String() string {
+	return string(e)
+}
+
+// PrivilegeAdded is the event sent when a new privilege is added
+type PrivilegeAdded struct {
+	Email     string    `json:"email"`
+	CompanyID string    `json:"companyId"`
+	Privilege Privilege `json:"privilege"`
+}
+
+// PrivilegeRemoved is the event sent when a privilege is removed
+type PrivilegeRemoved struct {
+	Email     string    `json:"email"`
+	CompanyID string    `json:"companyId"`
+	Privilege Privilege `json:"privilege"`
+}

events_test.go

@@ -0,0 +1,110 @@
+package client
+
+import "testing"
+
+func TestPrivilege_IsValid(t *testing.T) {
+	tests := []struct {
+		name string
+		e    Privilege
+		want bool
+	}{
+		{
+			name: "Admin",
+			e:    "ADMIN",
+			want: true,
+		},
+		{
+			name: "Company",
+			e:    "COMPANY",
+			want: true,
+		},
+		{
+			name: "Consumer",
+			e:    "CONSUMER",
+			want: true,
+		},
+		{
+			name: "Time",
+			e:    "TIME",
+			want: true,
+		},
+		{
+			name: "Invoicing",
+			e:    "INVOICING",
+			want: true,
+		},
+		{
+			name: "Accounting",
+			e:    "ACCOUNTING",
+			want: true,
+		},
+		{
+			name: "Supplier",
+			e:    "SUPPLIER",
+			want: true,
+		},
+		{
+			name: "Invalid",
+			e:    "BLUTTI",
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.e.IsValid(); got != tt.want {
+				t.Errorf("IsValid() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestPrivilege_String(t *testing.T) {
+	tests := []struct {
+		name string
+		e    Privilege
+		want string
+	}{
+		{
+			name: "Admin",
+			e:    "ADMIN",
+			want: "ADMIN",
+		},
+		{
+			name: "Company",
+			e:    "COMPANY",
+			want: "COMPANY",
+		},
+		{
+			name: "Consumer",
+			e:    "CONSUMER",
+			want: "CONSUMER",
+		},
+		{
+			name: "Time",
+			e:    "TIME",
+			want: "TIME",
+		},
+		{
+			name: "Invoicing",
+			e:    "INVOICING",
+			want: "INVOICING",
+		},
+		{
+			name: "Accounting",
+			e:    "ACCOUNTING",
+			want: "ACCOUNTING",
+		},
+		{
+			name: "Supplier",
+			e:    "SUPPLIER",
+			want: "SUPPLIER",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.e.String(); got != tt.want {
+				t.Errorf("String() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

go.mod

@@ -1,5 +1,19 @@
 module gitlab.com/unboundsoftware/shiny/authz_client
 
-go 1.13
+go 1.22.12
 
-require github.com/stretchr/testify v1.4.0
+toolchain go1.25.3
+
+require (
+	github.com/sparetimecoders/goamqp v0.3.3
+	github.com/stretchr/testify v1.11.1
+)
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rabbitmq/amqp091-go v1.10.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -1,11 +1,20 @@
-github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw=
+github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o=
+github.com/sparetimecoders/goamqp v0.3.3 h1:z/nfTPmrjeU/rIVuNOgsVLCimp3WFoNFvS3ZzXRJ6HE=
+github.com/sparetimecoders/goamqp v0.3.3/go.mod h1:W9NRCpWLE+Vruv2dcRSbszNil2O826d2Nv6kAkETW5o=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

renovate.json

@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ]
+}