status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-09 13:26:07 +00:00
Code Issues Projects Releases Wiki Activity

Rename config entry ACL methods

Browse Source
This commit is contained in:
Kyle Havlovitz 2019-04-22 23:55:11 -07:00
parent 690e9dd2c0
commit fed7595d45
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
agent/consul/config_endpoint.go
View File

@ -36,7 +36,7 @@ func (c *ConfigEntry) Apply(args *structs.ConfigEntryRequest, reply *struct{}) e
if err != nil { if err != nil {
return err return err
} }
if rule != nil && !args.Entry.VerifyWriteACL(rule) { if rule != nil && !args.Entry.CanWrite(rule) {
return acl.ErrPermissionDenied return acl.ErrPermissionDenied
} }
@ -69,7 +69,7 @@ func (c *ConfigEntry) Get(args *structs.ConfigEntryQuery, reply *structs.Indexed
if err != nil { if err != nil {
return err return err
} }
if rule != nil && !lookupEntry.VerifyReadACL(rule) { if rule != nil && !lookupEntry.CanRead(rule) {
return acl.ErrPermissionDenied return acl.ErrPermissionDenied
} }
@ -119,7 +119,7 @@ func (c *ConfigEntry) List(args *structs.ConfigEntryQuery, reply *structs.Indexe
// Filter the entries returned by ACL permissions. // Filter the entries returned by ACL permissions.
filteredEntries := make([]structs.ConfigEntry, 0, len(entries)) filteredEntries := make([]structs.ConfigEntry, 0, len(entries))
for _, entry := range entries { for _, entry := range entries {
if rule != nil && !entry.VerifyReadACL(rule) { if rule != nil && !entry.CanRead(rule) {
continue continue
} }
filteredEntries = append(filteredEntries, entry) filteredEntries = append(filteredEntries, entry)
@ -149,7 +149,7 @@ func (c *ConfigEntry) Delete(args *structs.ConfigEntryRequest, reply *struct{})
if err != nil { if err != nil {
return err return err
} }
if rule != nil && !args.Entry.VerifyWriteACL(rule) { if rule != nil && !args.Entry.CanWrite(rule) {
return acl.ErrPermissionDenied return acl.ErrPermissionDenied
} }

14
agent/structs/config_entry.go
View File

@ -26,10 +26,10 @@ type ConfigEntry interface {
Normalize() error Normalize() error
Validate() error Validate() error
// VerifyReadACL and VerifyWriteACL return whether or not the given Authorizer // CanRead and CanWrite return whether or not the given Authorizer
// has permission to read or write to the config entry, respectively. // has permission to read or write to the config entry, respectively.
VerifyReadACL(acl.Authorizer) bool CanRead(acl.Authorizer) bool
VerifyWriteACL(acl.Authorizer) bool CanWrite(acl.Authorizer) bool
GetRaftIndex() *RaftIndex GetRaftIndex() *RaftIndex
} }
@ -76,11 +76,11 @@ func (e *ServiceConfigEntry) Validate() error {
return nil return nil
} }
func (e *ServiceConfigEntry) VerifyReadACL(rule acl.Authorizer) bool { func (e *ServiceConfigEntry) CanRead(rule acl.Authorizer) bool {
return rule.ServiceRead(e.Name) return rule.ServiceRead(e.Name)
} }
func (e *ServiceConfigEntry) VerifyWriteACL(rule acl.Authorizer) bool { func (e *ServiceConfigEntry) CanWrite(rule acl.Authorizer) bool {
return rule.ServiceWrite(e.Name, nil) return rule.ServiceWrite(e.Name, nil)
} }
@ -140,11 +140,11 @@ func (e *ProxyConfigEntry) Validate() error {
return nil return nil
} }
func (e *ProxyConfigEntry) VerifyReadACL(rule acl.Authorizer) bool { func (e *ProxyConfigEntry) CanRead(rule acl.Authorizer) bool {
return true return true
} }
func (e *ProxyConfigEntry) VerifyWriteACL(rule acl.Authorizer) bool { func (e *ProxyConfigEntry) CanWrite(rule acl.Authorizer) bool {
return rule.OperatorWrite() return rule.OperatorWrite()
} }