implement search functionality for projects with subprojects and assets

Signed-off-by: rafi <refaei.shikho@hotmail.com>

Author: refoo0

controllers/project_controller.go

@@ -368,6 +368,16 @@ func (ProjectController *ProjectController) List(c shared.Context) error {
 	return c.JSON(200, projects)
 }
 
+func (ProjectController *ProjectController) SearchProjectsWithSubProjectsAndAssets(c shared.Context) error {
+
+	results, err := ProjectController.projectService.SearchProjectsWithSubProjectsAndAssetsPaged(c)
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(200, results)
+}
+
 // @Summary Update project
 // @Tags Projects
 // @Security CookieAuth

database/repositories/project_repository.go

@@ -3,6 +3,7 @@ package repositories
 import (
 	"context"
 	"fmt"
+	"strings"
 
 	"github.com/google/uuid"
 	"github.com/l3montree-dev/devguard/database/models"
@@ -112,6 +113,141 @@ func (g *projectRepository) Update(ctx context.Context, tx *gorm.DB, project *mo
 	return g.GetDB(ctx, tx).Save(project).Error
 }
 
+func (g *projectRepository) SearchProjectsWithSubProjectsAndAssetsPaged(ctx context.Context, tx *gorm.DB, allowedAssetIDs []string, allowedProjectIDs []string, parentID *uuid.UUID, orgID uuid.UUID, pageInfo shared.PageInfo, search string, filter []shared.FilterQuery, sort []shared.SortQuery) (shared.Paged[dtos.ProjectDTO], error) {
+	var results []dtos.ProjectAssetDTO
+
+	assetParams := []interface{}{
+		"%" + search + "%",
+		pq.Array(allowedAssetIDs),
+	}
+
+	projectParams := []interface{}{
+		"%" + search + "%",
+		pq.Array(allowedProjectIDs),
+		orgID,
+	}
+
+	// When parentID is set, stop the upward recursion once we reach that project.
+	var assetChainStopCond, projectChainStopCond string
+	var parentStopParam []interface{}
+	if parentID != nil {
+		assetChainStopCond = " WHERE apc.id != ?"
+		projectChainStopCond = " WHERE pc.id != ?"
+		parentStopParam = []interface{}{*parentID}
+	}
+
+	// matching_assets CTE avoids repeating the asset filter (and its params) twice.
+	// asset_project_chain walks up to root projects that contain matching assets.
+	// project_chain walks up to root projects that match the project filter.
+	// Both recursive steps stop at parentID when it is set.
+	cteBlock := `
+WITH RECURSIVE
+matching_assets AS (
+    SELECT * FROM assets a WHERE a.name ILIKE ? AND (a.id = ANY(?) OR a.is_public = true)
+),
+asset_project_chain AS (
+    SELECT pr.*
+    FROM projects pr
+    WHERE pr.id IN (SELECT project_id FROM matching_assets)
+    UNION
+    SELECT pr.*
+    FROM projects pr
+    INNER JOIN asset_project_chain apc ON pr.id = apc.parent_id` + assetChainStopCond + `
+),
+project_chain AS (
+    SELECT p.*
+    FROM projects p
+    WHERE p.name ILIKE ? AND (p.id = ANY(?) OR (p.organization_id = ? AND p.is_public = true))
+    UNION
+    SELECT pr.*
+    FROM projects pr
+    INNER JOIN project_chain pc ON pr.id = pc.parent_id` + projectChainStopCond + `
+),
+combined AS (
+    SELECT 'asset'::text AS resource_type, a.id, a.name, a.slug, a.description,
+           a.project_id, NULL::uuid AS parent_id, NULL::uuid AS organization_id,
+           a.is_public, a.state, a.created_at, a.updated_at
+    FROM matching_assets a
+    UNION ALL
+    SELECT 'project'::text AS resource_type, c.id, c.name, c.slug, c.description,
+           NULL::uuid AS project_id, c.parent_id, c.organization_id,
+           c.is_public, c.state, c.created_at, c.updated_at
+    FROM (SELECT * FROM asset_project_chain UNION SELECT * FROM project_chain) c
+)`
+
+	allParams := make([]interface{}, 0, len(assetParams)+len(parentStopParam)+len(projectParams)+len(parentStopParam))
+	allParams = append(allParams, assetParams...)
+	allParams = append(allParams, parentStopParam...)
+	allParams = append(allParams, projectParams...)
+	allParams = append(allParams, parentStopParam...)
+
+	var count int64
+	if err := g.GetDB(ctx, tx).Raw(cteBlock+" SELECT COUNT(*) FROM combined", allParams...).Scan(&count).Error; err != nil {
+		return shared.Paged[dtos.ProjectDTO]{}, err
+	}
+
+	orderClause := "combined.name ASC"
+	if len(sort) > 0 {
+		parts := make([]string, len(sort))
+		for i, s := range sort {
+			parts[i] = s.SQL()
+		}
+		orderClause = strings.Join(parts, ", ")
+	}
+
+	dataSQL := cteBlock + " SELECT * FROM combined ORDER BY " + orderClause + " LIMIT ? OFFSET ?"
+	dataParams := append(allParams, pageInfo.PageSize, (pageInfo.Page-1)*pageInfo.PageSize)
+	if err := g.GetDB(ctx, tx).Raw(dataSQL, dataParams...).Scan(&results).Error; err != nil {
+		return shared.Paged[dtos.ProjectDTO]{}, err
+	}
+
+	return shared.NewPaged(pageInfo, count, transformToProjectDTOs(results)), nil
+}
+
+func transformToProjectDTOs(results []dtos.ProjectAssetDTO) []dtos.ProjectDTO {
+	assetsByProjectID := map[uuid.UUID][]dtos.ProjectAssetDTO{}
+	subprojectsByParentID := map[uuid.UUID][]dtos.ProjectAssetDTO{}
+	var rootProjects []dtos.ProjectAssetDTO
+
+	for _, r := range results {
+		if r.ResourceType == "asset" {
+			assetsByProjectID[r.ProjectID] = append(assetsByProjectID[r.ProjectID], r)
+		} else {
+			if r.ParentID != nil {
+				subprojectsByParentID[*r.ParentID] = append(subprojectsByParentID[*r.ParentID], r)
+			} else {
+				rootProjects = append(rootProjects, r)
+			}
+		}
+	}
+
+	// recursively build SubGroupsAndAssets for a given project ID
+	var buildChildren func(projectID uuid.UUID) []dtos.ProjectAssetDTO
+	buildChildren = func(projectID uuid.UUID) []dtos.ProjectAssetDTO {
+		var children []dtos.ProjectAssetDTO
+		for _, sub := range subprojectsByParentID[projectID] {
+			sub.SubGroupsAndAssets = buildChildren(sub.ID)
+			children = append(children, sub)
+		}
+		children = append(children, assetsByProjectID[projectID]...)
+		return children
+	}
+
+	rootDTOs := make([]dtos.ProjectDTO, 0, len(rootProjects))
+	for _, r := range rootProjects {
+		rootDTOs = append(rootDTOs, dtos.ProjectDTO{
+			ID:                 r.ID,
+			Name:               r.Name,
+			Slug:               r.Slug,
+			Description:        r.Description,
+			IsPublic:           r.IsPublic,
+			SubGroupsAndAssets: buildChildren(r.ID),
+		})
+	}
+
+	return rootDTOs
+}
+
 func (g *projectRepository) ListSubProjectsAndAssets(
 	ctx context.Context,
 	tx *gorm.DB,

dtos/project_dto.go

@@ -69,6 +69,8 @@ type ProjectDTO struct {
 
 	ExternalEntityProviderID *string `json:"externalEntityProviderId,omitempty"`
 	ExternalEntityID         *string `json:"externalEntityId,omitempty"` // only set if this is an external entity
+
+	SubGroupsAndAssets []ProjectAssetDTO `json:"subGroupsAndAsset"`
 }
 
 type ProjectDetailsDTO struct {
@@ -89,4 +91,6 @@ type ProjectAssetDTO struct {
 	State        string     `json:"state"`
 	CreatedAt    time.Time  `json:"createdAt"`
 	UpdatedAt    time.Time  `json:"updatedAt"`
+
+	SubGroupsAndAssets []ProjectAssetDTO `json:"subGroupsAndAsset" gorm:"-"`
 }

router/org_router.go

@@ -78,6 +78,7 @@ func NewOrgRouter(
 	organizationRouter.GET("/members/", orgController.Members)
 	organizationRouter.GET("/integrations/finish-installation/", integrationController.FinishInstallation)
 	organizationRouter.GET("/projects/", projectController.List)
+	organizationRouter.GET("/projects/search/", projectController.SearchProjectsWithSubProjectsAndAssets)
 	organizationRouter.GET("/integrations/repositories/", integrationController.ListRepositories)
 
 	organizationUpdateAccessControlRequired := organizationRouter.Group("", middlewares.NeededScope([]string{"manage"}), middlewares.OrganizationAccessControlMiddleware(shared.ObjectOrganization, shared.ActionUpdate))

services/project_service.go

@@ -177,6 +177,35 @@ func (s *projectService) projectsForUser(c shared.Context, projectsIdsStr []stri
 	return projectIDsSlice, parentID, nil
 }
 
+func (s *projectService) SearchProjectsWithSubProjectsAndAssetsPaged(c shared.Context) (shared.Paged[dtos.ProjectDTO], error) {
+	rbac := shared.GetRBAC(c)
+	parentIDStr := c.QueryParam("parentId")
+	var parentID *uuid.UUID
+	if parentIDStr != "" {
+		tmp, err := uuid.Parse(parentIDStr)
+		if err != nil {
+			return shared.Paged[dtos.ProjectDTO]{}, echo.NewHTTPError(400, "invalid parentId").WithInternal(err)
+		}
+		parentID = &tmp
+	}
+
+	allowedAssetIDs, err := rbac.GetAllAssetsForUser(shared.GetSession(c).GetUserID())
+	if err != nil {
+		return shared.Paged[dtos.ProjectDTO]{}, echo.NewHTTPError(500, "could not get allowed assets for user").WithInternal(err)
+	}
+	allowedProjectIDs, err := rbac.GetAllProjectsForUser(shared.GetSession(c).GetUserID())
+	if err != nil {
+		return shared.Paged[dtos.ProjectDTO]{}, echo.NewHTTPError(500, "could not get allowed projects for user").WithInternal(err)
+	}
+
+	projects, err := s.projectRepository.SearchProjectsWithSubProjectsAndAssetsPaged(c.Request().Context(), nil, allowedAssetIDs, allowedProjectIDs, parentID, shared.GetOrg(c).GetID(), shared.GetPageInfo(c), c.QueryParam("search"), shared.GetFilterQuery(c), shared.GetSortQuery(c))
+	if err != nil {
+		return shared.Paged[dtos.ProjectDTO]{}, err
+	}
+
+	return projects, nil
+}
+
 func (s *projectService) ListAllowedSubProjectsAndAssetsPaged(c shared.Context) (shared.Paged[dtos.ProjectAssetDTO], error) {
 
 	rbac := shared.GetRBAC(c)

shared/common_interfaces.go

@@ -103,6 +103,7 @@ type ProjectRepository interface {
 	EnableCommunityManagedPolicies(ctx context.Context, tx DB, projectID uuid.UUID) error
 	UpsertSplit(ctx context.Context, tx DB, externalProviderID string, projects []*models.Project) ([]*models.Project, []*models.Project, error)
 	ListSubProjectsAndAssets(ctx context.Context, tx DB, allowedAssetIDs []string, allowedProjectIDs []uuid.UUID, parentID *uuid.UUID, orgID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[dtos.ProjectAssetDTO], error)
+	SearchProjectsWithSubProjectsAndAssetsPaged(ctx context.Context, tx DB, allowedAssetIDs []string, allowedProjectIDs []string, parentID *uuid.UUID, orgID uuid.UUID, pageInfo PageInfo, search string, filter []FilterQuery, sort []SortQuery) (Paged[dtos.ProjectDTO], error)
 }
 
 type Verifier interface {
@@ -360,6 +361,7 @@ type ProjectService interface {
 	GetDirectChildProjects(ctx context.Context, projectID uuid.UUID) ([]models.Project, error)
 	CreateProject(ctx Context, project *models.Project) error
 	BootstrapProject(ctx context.Context, rbac AccessControl, project *models.Project) error
+	SearchProjectsWithSubProjectsAndAssetsPaged(c Context) (Paged[dtos.ProjectDTO], error)
 }
 
 type InTotoVerifierService interface {