state: use constants and add tests for acl-policies table

This commit is contained in:
Daniel Nephin 2021-03-16 14:53:56 -04:00
parent 0b0ec7f081
commit 340462dd72
6 changed files with 55 additions and 17 deletions

View File

@ -228,7 +228,7 @@ func (s *Restore) ACLToken(token *structs.ACLToken) error {
// ACLPolicies is used when saving a snapshot // ACLPolicies is used when saving a snapshot
func (s *Snapshot) ACLPolicies() (memdb.ResultIterator, error) { func (s *Snapshot) ACLPolicies() (memdb.ResultIterator, error) {
iter, err := s.tx.Get("acl-policies", "id") iter, err := s.tx.Get(tableACLPolicies, indexID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -1212,8 +1212,8 @@ func (s *Store) ACLPolicyBatchGet(ws memdb.WatchSet, ids []string) (uint64, stru
} }
// We are specifically not wanting to call aclPolicyMaxIndex here as we always want the // We are specifically not wanting to call aclPolicyMaxIndex here as we always want the
// index entry for the "acl-policies" table. // index entry for the tableACLPolicies table.
idx := maxIndexTxn(tx, "acl-policies") idx := maxIndexTxn(tx, tableACLPolicies)
return idx, policies, nil return idx, policies, nil
} }

View File

@ -1,9 +1,10 @@
package state package state
import ( import (
memdb "github.com/hashicorp/go-memdb"
"github.com/hashicorp/consul/agent/consul/stream" "github.com/hashicorp/consul/agent/consul/stream"
"github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/structs"
memdb "github.com/hashicorp/go-memdb"
) )
// aclChangeUnsubscribeEvent creates and returns stream.UnsubscribeEvents that // aclChangeUnsubscribeEvent creates and returns stream.UnsubscribeEvents that
@ -27,7 +28,7 @@ func aclChangeUnsubscribeEvent(tx ReadTxn, changes Changes) ([]stream.Event, err
} }
secretIDs = appendSecretIDsFromTokenIterator(secretIDs, tokens) secretIDs = appendSecretIDsFromTokenIterator(secretIDs, tokens)
case "acl-policies": case tableACLPolicies:
policy := changeObject(change).(*structs.ACLPolicy) policy := changeObject(change).(*structs.ACLPolicy)
tokens, err := aclTokenListByPolicy(tx, policy.ID, &policy.EnterpriseMeta) tokens, err := aclTokenListByPolicy(tx, policy.ID, &policy.EnterpriseMeta)
if err != nil { if err != nil {

View File

@ -11,11 +11,11 @@ import (
) )
func aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error { func aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error {
if err := tx.Insert("acl-policies", policy); err != nil { if err := tx.Insert(tableACLPolicies, policy); err != nil {
return fmt.Errorf("failed inserting acl policy: %v", err) return fmt.Errorf("failed inserting acl policy: %v", err)
} }
if err := indexUpdateMaxTxn(tx, policy.ModifyIndex, "acl-policies"); err != nil { if err := indexUpdateMaxTxn(tx, policy.ModifyIndex, tableACLPolicies); err != nil {
return fmt.Errorf("failed updating acl policies index: %v", err) return fmt.Errorf("failed updating acl policies index: %v", err)
} }
@ -23,32 +23,32 @@ func aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error {
} }
func aclPolicyGetByID(tx ReadTxn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { func aclPolicyGetByID(tx ReadTxn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) {
return tx.FirstWatch("acl-policies", "id", id) return tx.FirstWatch(tableACLPolicies, indexID, id)
} }
func aclPolicyGetByName(tx ReadTxn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { func aclPolicyGetByName(tx ReadTxn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) {
return tx.FirstWatch("acl-policies", "name", name) return tx.FirstWatch(tableACLPolicies, indexName, name)
} }
func aclPolicyList(tx ReadTxn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { func aclPolicyList(tx ReadTxn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) {
return tx.Get("acl-policies", "id") return tx.Get(tableACLPolicies, indexID)
} }
func aclPolicyDeleteWithPolicy(tx *txn, policy *structs.ACLPolicy, idx uint64) error { func aclPolicyDeleteWithPolicy(tx *txn, policy *structs.ACLPolicy, idx uint64) error {
// remove the policy // remove the policy
if err := tx.Delete("acl-policies", policy); err != nil { if err := tx.Delete(tableACLPolicies, policy); err != nil {
return fmt.Errorf("failed deleting acl policy: %v", err) return fmt.Errorf("failed deleting acl policy: %v", err)
} }
// update the overall acl-policies index // update the overall acl-policies index
if err := indexUpdateMaxTxn(tx, idx, "acl-policies"); err != nil { if err := indexUpdateMaxTxn(tx, idx, tableACLPolicies); err != nil {
return fmt.Errorf("failed updating acl policies index: %v", err) return fmt.Errorf("failed updating acl policies index: %v", err)
} }
return nil return nil
} }
func aclPolicyMaxIndex(tx ReadTxn, _ *structs.ACLPolicy, _ *structs.EnterpriseMeta) uint64 { func aclPolicyMaxIndex(tx ReadTxn, _ *structs.ACLPolicy, _ *structs.EnterpriseMeta) uint64 {
return maxIndexTxn(tx, "acl-policies") return maxIndexTxn(tx, tableACLPolicies)
} }
func aclPolicyUpsertValidateEnterprise(*txn, *structs.ACLPolicy, *structs.ACLPolicy) error { func aclPolicyUpsertValidateEnterprise(*txn, *structs.ACLPolicy, *structs.ACLPolicy) error {

View File

@ -0,0 +1,35 @@
// +build !consulent
package state
import "github.com/hashicorp/consul/agent/structs"
func testIndexerTableACLPolicies() map[string]indexerTestCase {
obj := &structs.ACLPolicy{
ID: "123e4567-e89b-12d3-a456-426614174abc",
Name: "PoLiCyNaMe",
}
encodedID := []byte{0x12, 0x3e, 0x45, 0x67, 0xe8, 0x9b, 0x12, 0xd3, 0xa4, 0x56, 0x42, 0x66, 0x14, 0x17, 0x4a, 0xbc}
return map[string]indexerTestCase{
indexID: {
read: indexValue{
source: obj.ID,
expected: encodedID,
},
write: indexValue{
source: obj,
expected: encodedID,
},
},
indexName: {
read: indexValue{
source: []interface{}{"PolicyName"},
expected: []byte("policyname\x00"),
},
write: indexValue{
source: obj,
expected: []byte("policyname\x00"),
},
},
}
}

View File

@ -7,13 +7,14 @@ import (
"testing" "testing"
"time" "time"
memdb "github.com/hashicorp/go-memdb"
"github.com/hashicorp/go-uuid"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/lib" "github.com/hashicorp/consul/lib"
pbacl "github.com/hashicorp/consul/proto/pbacl" pbacl "github.com/hashicorp/consul/proto/pbacl"
memdb "github.com/hashicorp/go-memdb"
"github.com/hashicorp/go-uuid"
"github.com/stretchr/testify/require"
) )
const ( const (
@ -3801,7 +3802,7 @@ func TestStateStore_ACLPolicies_Snapshot_Restore(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, uint64(2), idx) require.Equal(t, uint64(2), idx)
require.ElementsMatch(t, policies, res) require.ElementsMatch(t, policies, res)
require.Equal(t, uint64(2), s.maxIndex("acl-policies")) require.Equal(t, uint64(2), s.maxIndex(tableACLPolicies))
}() }()
} }

View File

@ -128,6 +128,7 @@ func TestNewDBSchema_Indexers(t *testing.T) {
require.NoError(t, schema.Validate()) require.NoError(t, schema.Validate())
var testcases = map[string]func() map[string]indexerTestCase{ var testcases = map[string]func() map[string]indexerTestCase{
tableACLPolicies: testIndexerTableACLPolicies,
tableChecks: testIndexerTableChecks, tableChecks: testIndexerTableChecks,
tableServices: testIndexerTableServices, tableServices: testIndexerTableServices,
tableNodes: testIndexerTableNodes, tableNodes: testIndexerTableNodes,