From 43360eb216f95135b37ad71f7ea97f9f508b0eb7 Mon Sep 17 00:00:00 2001 From: freddygv Date: Wed, 27 Oct 2021 10:47:57 -0600 Subject: [PATCH] Rework acl exports interface --- acl/acl.go | 10 +++++++--- agent/consul/acl.go | 4 ++-- agent/consul/acl_oss.go | 4 ++-- agent/structs/config_entry_exports.go | 17 +++++++++++++++++ 4 files changed, 28 insertions(+), 7 deletions(-) diff --git a/acl/acl.go b/acl/acl.go index a59f380446..ff605ade41 100644 --- a/acl/acl.go +++ b/acl/acl.go @@ -14,9 +14,13 @@ type Config struct { EnterpriseConfig } -type PartitionExportInfo interface { - // DownstreamPartitions returns the list of partitions the given service has been exported to. - DownstreamPartitions(service string, anyService bool, ctx *AuthorizerContext) []string +type ExportFetcher interface { + // ExportsForPartition returns the config entry defining exports for a partition + ExportsForPartition(partition string) PartitionExports +} + +type PartitionExports struct { + Data map[string]map[string][]string } // GetWildcardName will retrieve the configured wildcard name or provide a default diff --git a/agent/consul/acl.go b/agent/consul/acl.go index 6d3414ce3b..c659e7b37f 100644 --- a/agent/consul/acl.go +++ b/agent/consul/acl.go @@ -1906,6 +1906,6 @@ func filterACL(r *ACLResolver, token string, subj interface{}) error { type partitionInfoNoop struct{} -func (p *partitionInfoNoop) DownstreamPartitions(service string, anyService bool, ctx *acl.AuthorizerContext) []string { - return []string{} +func (p *partitionInfoNoop) ExportsForPartition(partition string) acl.PartitionExports { + return acl.PartitionExports{} } diff --git a/agent/consul/acl_oss.go b/agent/consul/acl_oss.go index f601f4ce17..ba24ee6776 100644 --- a/agent/consul/acl_oss.go +++ b/agent/consul/acl_oss.go @@ -15,11 +15,11 @@ func (s *Server) replicationEnterpriseMeta() *structs.EnterpriseMeta { return structs.ReplicationEnterpriseMeta() } -func serverPartitionInfo(s *Server) acl.PartitionExportInfo { +func serverPartitionInfo(s *Server) acl.ExportFetcher { return &partitionInfoNoop{} } -func newACLConfig(_ acl.PartitionExportInfo, _ hclog.Logger) *acl.Config { +func newACLConfig(_ acl.ExportFetcher, _ hclog.Logger) *acl.Config { return &acl.Config{ WildcardName: structs.WildcardSpecifier, } diff --git a/agent/structs/config_entry_exports.go b/agent/structs/config_entry_exports.go index 48490b6ca5..5ae15ca686 100644 --- a/agent/structs/config_entry_exports.go +++ b/agent/structs/config_entry_exports.go @@ -39,6 +39,23 @@ type ServiceConsumer struct { Partition string } +func (e *PartitionExportsConfigEntry) ToMap() map[string]map[string][]string { + resp := make(map[string]map[string][]string) + for _, svc := range e.Services { + if _, ok := resp[svc.Namespace]; !ok { + resp[svc.Namespace] = make(map[string][]string) + } + if _, ok := resp[svc.Namespace][svc.Name]; !ok { + consumers := make([]string, 0, len(svc.Consumers)) + for _, c := range svc.Consumers { + consumers = append(consumers, c.Partition) + } + resp[svc.Namespace][svc.Name] = consumers + } + } + return resp +} + func (e *PartitionExportsConfigEntry) Clone() *PartitionExportsConfigEntry { e2 := *e e2.Services = make([]ExportedService, len(e.Services))