initial client interface refactor

pkg/services/accesscontrol/dualwrite/reconciler.go

@@ -27,9 +27,10 @@ type TupleCollector func(ctx context.Context, tuples map[string][]*openfgav1.Tup
 // We should rewrite the migration after we have "migrated" all possible actions
 // into our schema.
 type ZanzanaReconciler struct {
-	lock   *serverlock.ServerLockService
-	log    log.Logger
-	client zanzana.Client
+	lock      *serverlock.ServerLockService
+	log       log.Logger
+	client    zanzana.Client
+	extclient zanzana.ExtensionClient
 	// collectors are one time best effort migrations that gives up on first conflict.
 	// These are deprecated and everything should move be resourceReconcilers that are periodically synced
 	// between grafana db and zanzana store.
@@ -39,7 +40,7 @@ type ZanzanaReconciler struct {
 	reconcilers []resourceReconciler
 }
 
-func NewZanzanaReconciler(client zanzana.Client, store db.DB, lock *serverlock.ServerLockService, collectors ...TupleCollector) *ZanzanaReconciler {
+func NewZanzanaReconciler(client zanzana.Client, extclient zanzana.ExtensionClient, store db.DB, lock *serverlock.ServerLockService, collectors ...TupleCollector) *ZanzanaReconciler {
 	// Append shared collectors that is used by both enterprise and oss
 	collectors = append(
 		collectors,
@@ -55,6 +56,7 @@ func NewZanzanaReconciler(client zanzana.Client, store db.DB, lock *serverlock.S
 
 	return &ZanzanaReconciler{
 		client:     client,
+		extclient:  extclient,
 		lock:       lock,
 		log:        log.New("zanzana.reconciler"),
 		collectors: collectors,

pkg/services/authz/zanzana/client.go

@@ -6,10 +6,12 @@ import (
 
 	"google.golang.org/grpc"
 
+	authzlib "github.com/grafana/authlib/authz"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/services/authz/zanzana/client"
+	authzextv1 "github.com/grafana/grafana/pkg/services/authz/zanzana/proto/v1"
 	"github.com/grafana/grafana/pkg/setting"
 )
 
@@ -21,6 +23,11 @@ type Client interface {
 	Write(ctx context.Context, in *openfgav1.WriteRequest) error
 }
 
+type ExtensionClient interface {
+	authzlib.AccessChecker
+	Write(ctx context.Context, req *authzextv1.WriteRequest) (*authzextv1.WriteResponse, error)
+}
+
 func NewClient(ctx context.Context, cc grpc.ClientConnInterface, cfg *setting.Cfg) (*client.Client, error) {
 	return client.New(
 		ctx,

pkg/services/authz/zanzana/client/extension_client.go

@@ -0,0 +1,28 @@
+package client
+
+import (
+	"context"
+
+	"google.golang.org/grpc"
+
+	"github.com/grafana/grafana/pkg/infra/log"
+	authzextv1 "github.com/grafana/grafana/pkg/services/authz/zanzana/proto/v1"
+)
+
+type ExtensionClient struct {
+	logger log.Logger
+	client authzextv1.AuthzExtentionServiceClient
+}
+
+func NewExtensionAuthzClient(ctx context.Context, cc grpc.ClientConnInterface) (*ExtensionClient, error) {
+	c := &ExtensionClient{
+		client: authzextv1.NewAuthzExtentionServiceClient(cc),
+	}
+
+	return c, nil
+}
+
+func (c *ExtensionClient) Write(ctx context.Context, req *authzextv1.WriteRequest) (*authzextv1.WriteResponse, error) {
+	res, err := c.client.Write(ctx, req)
+	return res, err
+}

pkg/services/authz/zanzana/server/authz_server.go

@@ -3,8 +3,9 @@ package server
 import (
 	"context"
 
-	authzextv1 "github.com/grafana/grafana/pkg/services/authz/zanzana/proto/v1"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
+
+	authzextv1 "github.com/grafana/grafana/pkg/services/authz/zanzana/proto/v1"
 )
 
 var _ authzextv1.AuthzExtentionServiceServer = (*Server)(nil)
@@ -14,12 +15,18 @@ func NewAuthz(openfga openfgav1.OpenFGAServiceServer) *Server {
 }
 
 type Server struct {
-	authzextv1.UnsafeAuthzExtentionServiceServer
+	authzextv1.UnimplementedAuthzExtentionServiceServer
 
 	openfga openfgav1.OpenFGAServiceServer
 }
 
 // Write implements v1.AuthzExtentionServiceServer.
-func (s *Server) Write(context.Context, *authzextv1.WriteRequest) (*authzextv1.WriteResponse, error) {
-	panic("unimplemented")
+func (s *Server) Write(ctx context.Context, req *authzextv1.WriteRequest) (*authzextv1.WriteResponse, error) {
+	// TODO: Construct OpenFGA write request
+	writeReq := &openfgav1.WriteRequest{}
+	_, err := s.openfga.Write(ctx, writeReq)
+	if err != nil {
+		return nil, err
+	}
+	return &authzextv1.WriteResponse{}, nil
 }