mirror of https://github.com/status-im/consul.git
acl: Return the parent with GetACLPolicy
This commit is contained in:
parent
ef171ca344
commit
2fe94709e6
14
acl/cache.go
14
acl/cache.go
|
@ -14,6 +14,7 @@ type FaultFunc func(id string) (string, string, error)
|
||||||
// aclEntry allows us to store the ACL with it's policy ID
|
// aclEntry allows us to store the ACL with it's policy ID
|
||||||
type aclEntry struct {
|
type aclEntry struct {
|
||||||
ACL ACL
|
ACL ACL
|
||||||
|
Parent string
|
||||||
PolicyID string
|
PolicyID string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -72,23 +73,24 @@ func (c *Cache) ruleID(rules string) string {
|
||||||
|
|
||||||
// GetACLPolicy is used to get the potentially cached ACL
|
// GetACLPolicy is used to get the potentially cached ACL
|
||||||
// policy. If not cached, it will be generated and then cached.
|
// policy. If not cached, it will be generated and then cached.
|
||||||
func (c *Cache) GetACLPolicy(id string) (*Policy, error) {
|
func (c *Cache) GetACLPolicy(id string) (string, *Policy, error) {
|
||||||
// Check for a cached acl
|
// Check for a cached acl
|
||||||
if raw, ok := c.aclCache.Get(id); ok {
|
if raw, ok := c.aclCache.Get(id); ok {
|
||||||
cached := raw.(aclEntry)
|
cached := raw.(aclEntry)
|
||||||
if raw, ok := c.ruleCache.Get(cached.PolicyID); ok {
|
if raw, ok := c.ruleCache.Get(cached.PolicyID); ok {
|
||||||
return raw.(*Policy), nil
|
return cached.Parent, raw.(*Policy), nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Fault in the rules
|
// Fault in the rules
|
||||||
_, rules, err := c.faultfn(id)
|
parent, rules, err := c.faultfn(id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return "", nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get cached
|
// Get cached
|
||||||
return c.GetPolicy(rules)
|
policy, err := c.GetPolicy(rules)
|
||||||
|
return parent, policy, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetACL is used to get a potentially cached ACL policy.
|
// GetACL is used to get a potentially cached ACL policy.
|
||||||
|
@ -139,7 +141,7 @@ func (c *Cache) GetACL(id string) (ACL, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Cache and return the ACL
|
// Cache and return the ACL
|
||||||
c.aclCache.Add(id, aclEntry{compiled, ruleID})
|
c.aclCache.Add(id, aclEntry{compiled, parentID, ruleID})
|
||||||
return compiled, nil
|
return compiled, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -182,19 +182,25 @@ func TestCache_GetACLPolicy(t *testing.T) {
|
||||||
t.Fatalf("err: %v", err)
|
t.Fatalf("err: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
p2, err := c.GetACLPolicy("foo")
|
parent, p2, err := c.GetACLPolicy("foo")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("err: %v", err)
|
t.Fatalf("err: %v", err)
|
||||||
}
|
}
|
||||||
|
if parent != "deny" {
|
||||||
|
t.Fatalf("bad: %v", parent)
|
||||||
|
}
|
||||||
|
|
||||||
if p2 != p {
|
if p2 != p {
|
||||||
t.Fatalf("expected cached policy")
|
t.Fatalf("expected cached policy")
|
||||||
}
|
}
|
||||||
|
|
||||||
p3, err := c.GetACLPolicy("bar")
|
parent, p3, err := c.GetACLPolicy("bar")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("err: %v", err)
|
t.Fatalf("err: %v", err)
|
||||||
}
|
}
|
||||||
|
if parent != "deny" {
|
||||||
|
t.Fatalf("bad: %v", parent)
|
||||||
|
}
|
||||||
|
|
||||||
if p3 != p {
|
if p3 != p {
|
||||||
t.Fatalf("expected cached policy")
|
t.Fatalf("expected cached policy")
|
||||||
|
|
Loading…
Reference in New Issue