fix(account): validate environment name when loading a group

Adds a check to ensure each environment in a group has a name. Updates tests to cover the case where the environment name is missing and adds a corresponding test YAML file.

Author: Kirdock

pkg/account/persistence/loader/load_test.go

@@ -408,4 +408,10 @@ func TestLoad(t *testing.T) {
 		assert.Error(t, err)
 		assert.Contains(t, err.Error(), "policy definition is ambiguous")
 	})
+
+	t.Run("Loading a group with a missing environment name produces an error", func(t *testing.T) {
+		_, err := Load(afero.NewOsFs(), "testdata/group-missing-env-name.yaml")
+		assert.Error(t, err)
+		assert.Contains(t, err.Error(), "missing required field 'environment'")
+	})
 }

pkg/account/persistence/loader/testdata/group-missing-env-name.yaml

@@ -0,0 +1,12 @@
+groups:
+  - name: My Group
+    id: my-group
+
+    environments:
+      # Missing environment name
+      - permissions:
+          - View environment
+        policies:
+          - View environment
+          - type: reference
+            id: my-policy

pkg/account/persistence/loader/validate.go

@@ -202,10 +202,8 @@ func validateGroup(g types.Group) error {
 	}
 
 	for _, env := range g.Environment {
-		for _, policyRef := range env.Policies {
-			if err := validatePolicyBinding(policyRef); err != nil {
-				return err
-			}
+		if err := validateGroupEnvironment(env, g.ID); err != nil {
+			return err
 		}
 	}
 
@@ -221,6 +219,18 @@ func validateGroup(g types.Group) error {
 	return nil
 }
 
+func validateGroupEnvironment(env types.Environment, groupID string) error {
+	if env.Name == "" {
+		return fmt.Errorf("missing required field 'environment' for 'environments' in group '%s'", groupID)
+	}
+	for _, policyRef := range env.Policies {
+		if err := validatePolicyBinding(policyRef); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 func validateBoundary(b types.Boundary) error {
 	if b.ID == "" {
 		return errors.New("missing required field 'id' for boundary")