status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

v2tenancy: make CE specific version of `resource.Registration` (#20681)

This commit is contained in:
Semir Patel 2024-02-20 17:38:06 -06:00 committed by GitHub
parent 943426bc79
commit 8ba919f913
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 38 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
internal/resource/registry.go
View File

@ -10,8 +10,6 @@ import (
"strings" "strings"
"sync" "sync"
"google.golang.org/protobuf/proto"
"github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/internal/storage" "github.com/hashicorp/consul/internal/storage"
"github.com/hashicorp/consul/proto-public/pbresource" "github.com/hashicorp/consul/proto-public/pbresource"
@ -53,37 +51,6 @@ type ValidationHook func(*pbresource.Resource) error
// the data gets reencoded and stored back to the Data field. // the data gets reencoded and stored back to the Data field.
type MutationHook func(*pbresource.Resource) error type MutationHook func(*pbresource.Resource) error
type Registration struct {
// Type is the GVK of the resource type.
Type *pbresource.Type
// Proto is the resource's protobuf message type.
Proto proto.Message
// ACLs are hooks called to perform authorization on RPCs.
// The hooks can assume that Validate has been called.
ACLs *ACLHooks
// Validate is called to structurally validate the resource (e.g.
// check for required fields). Validate can assume that Mutate
// has been called.
Validate ValidationHook
// Mutate is called to fill out any autogenerated fields (e.g. UUIDs) or
// apply defaults before validation. Mutate can assume that
// Resource.ID is populated and has non-empty tenancy fields. This does
// not mean those tenancy fields actually exist.
Mutate MutationHook
// Scope describes the tenancy scope of a resource.
Scope Scope
// LicenseFeature is an optional enterprise license feature that the
// resource type is associated with. A string form of license.Feature
// from the consul-licensing module is expected.
LicenseFeature string
}
var ErrNeedResource = errors.New("authorization check requires the entire resource") var ErrNeedResource = errors.New("authorization check requires the entire resource")
type ACLAuthorizeReadHook func(acl.Authorizer, *acl.AuthorizerContext, *pbresource.ID, *pbresource.Resource) error type ACLAuthorizeReadHook func(acl.Authorizer, *acl.AuthorizerContext, *pbresource.ID, *pbresource.Resource) error

38
internal/resource/registry_ce.go Normal file
View File

@ -0,0 +1,38 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
//go:build !consulent
package resource
import (
"google.golang.org/protobuf/proto"
"github.com/hashicorp/consul/proto-public/pbresource"
)
type Registration struct {
// Type is the GVK of the resource type.
Type *pbresource.Type
// Proto is the resource's protobuf message type.
Proto proto.Message
// ACLs are hooks called to perform authorization on RPCs.
// The hooks can assume that Validate has been called.
ACLs *ACLHooks
// Validate is called to structurally validate the resource (e.g.
// check for required fields). Validate can assume that Mutate
// has been called.
Validate ValidationHook
// Mutate is called to fill out any autogenerated fields (e.g. UUIDs) or
// apply defaults before validation. Mutate can assume that
// Resource.ID is populated and has non-empty tenancy fields. This does
// not mean those tenancy fields actually exist.
Mutate MutationHook
// Scope describes the tenancy scope of a resource.
Scope Scope
}