[#64] engine: Add user and group targets

Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This commit is contained in:
Evgenii Stratonikov 2024-04-09 18:10:56 +03:00
parent 530248de75
commit 0e69e48511
3 changed files with 55 additions and 7 deletions

View file

@ -21,7 +21,7 @@ func NewInmemoryMorphRuleChainStorage() engine.MorphRuleChainStorage {
func (s *inmemoryMorphRuleChainStorage) AddMorphRuleChain(name chain.Name, target engine.Target, c *chain.Chain) (_ util.Uint256, _ uint32, err error) { func (s *inmemoryMorphRuleChainStorage) AddMorphRuleChain(name chain.Name, target engine.Target, c *chain.Chain) (_ util.Uint256, _ uint32, err error) {
switch target.Type { switch target.Type {
case engine.Namespace, engine.Container: case engine.Namespace, engine.Container, engine.User, engine.Group:
_, err = s.storage.AddOverride(name, target, c) _, err = s.storage.AddOverride(name, target, c)
default: default:
err = engine.ErrUnknownTarget err = engine.ErrUnknownTarget
@ -31,7 +31,7 @@ func (s *inmemoryMorphRuleChainStorage) AddMorphRuleChain(name chain.Name, targe
func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChain(name chain.Name, target engine.Target, chainID chain.ID) (_ util.Uint256, _ uint32, err error) { func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChain(name chain.Name, target engine.Target, chainID chain.ID) (_ util.Uint256, _ uint32, err error) {
switch target.Type { switch target.Type {
case engine.Namespace, engine.Container: case engine.Namespace, engine.Container, engine.User, engine.Group:
err = s.storage.RemoveOverride(name, target, chainID) err = s.storage.RemoveOverride(name, target, chainID)
default: default:
err = engine.ErrUnknownTarget err = engine.ErrUnknownTarget
@ -41,7 +41,7 @@ func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChain(name chain.Name, ta
func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChainsByTarget(name chain.Name, target engine.Target) (_ util.Uint256, _ uint32, err error) { func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChainsByTarget(name chain.Name, target engine.Target) (_ util.Uint256, _ uint32, err error) {
switch target.Type { switch target.Type {
case engine.Namespace, engine.Container: case engine.Namespace, engine.Container, engine.User, engine.Group:
err = s.storage.RemoveOverridesByTarget(name, target) err = s.storage.RemoveOverridesByTarget(name, target)
default: default:
err = engine.ErrUnknownTarget err = engine.ErrUnknownTarget
@ -51,7 +51,7 @@ func (s *inmemoryMorphRuleChainStorage) RemoveMorphRuleChainsByTarget(name chain
func (s *inmemoryMorphRuleChainStorage) ListMorphRuleChains(name chain.Name, target engine.Target) ([]*chain.Chain, error) { func (s *inmemoryMorphRuleChainStorage) ListMorphRuleChains(name chain.Name, target engine.Target) ([]*chain.Chain, error) {
switch target.Type { switch target.Type {
case engine.Namespace, engine.Container: case engine.Namespace, engine.Container, engine.User, engine.Group:
return s.storage.ListOverrides(name, target) return s.storage.ListOverrides(name, target)
default: default:
} }

View file

@ -37,6 +37,8 @@ type TargetType rune
const ( const (
Namespace TargetType = 'n' Namespace TargetType = 'n'
Container TargetType = 'c' Container TargetType = 'c'
User TargetType = 'u'
Group TargetType = 'g'
) )
type Target struct { type Target struct {
@ -48,6 +50,8 @@ type Target struct {
type RequestTarget struct { type RequestTarget struct {
Namespace *Target Namespace *Target
Container *Target Container *Target
User *Target
Groups []Target
} }
func NewRequestTargetWithNamespace(namespace string) RequestTarget { func NewRequestTargetWithNamespace(namespace string) RequestTarget {
@ -73,6 +77,24 @@ func NewRequestTarget(namespace, container string) RequestTarget {
} }
} }
func NewRequestTargetExtended(namespace, container, user string, groups []string) RequestTarget {
nt := NamespaceTarget(namespace)
ct := ContainerTarget(container)
u := UserTarget(user)
rt := RequestTarget{
Namespace: &nt,
Container: &ct,
User: &u,
}
if len(groups) != 0 {
rt.Groups = make([]Target, len(groups))
for i := range groups {
rt.Groups[i] = GroupTarget(groups[i])
}
}
return rt
}
func (rt *RequestTarget) Targets() (targets []Target) { func (rt *RequestTarget) Targets() (targets []Target) {
if rt.Namespace != nil { if rt.Namespace != nil {
targets = append(targets, *rt.Namespace) targets = append(targets, *rt.Namespace)
@ -80,6 +102,12 @@ func (rt *RequestTarget) Targets() (targets []Target) {
if rt.Container != nil { if rt.Container != nil {
targets = append(targets, *rt.Container) targets = append(targets, *rt.Container)
} }
if rt.User != nil {
targets = append(targets, *rt.User)
}
if len(rt.Groups) != 0 {
targets = append(targets, rt.Groups...)
}
return return
} }
@ -97,6 +125,20 @@ func ContainerTarget(container string) Target {
} }
} }
func UserTarget(user string) Target {
return Target{
Type: User,
Name: user,
}
}
func GroupTarget(group string) Target {
return Target{
Type: Group,
Name: group,
}
}
// MorphRuleChainStorageReader is the interface that provides read-only methods to receive // MorphRuleChainStorageReader is the interface that provides read-only methods to receive
// data like chains, target or admin from a chain storage. // data like chains, target or admin from a chain storage.
type MorphRuleChainStorageReader interface { type MorphRuleChainStorageReader interface {

View file

@ -205,10 +205,16 @@ func prefixedChainName(name chain.Name, chainID chain.ID) []byte {
} }
func policyKind(typ engine.TargetType) (policy.Kind, error) { func policyKind(typ engine.TargetType) (policy.Kind, error) {
if typ == engine.Namespace { switch typ {
case engine.Namespace:
return policy.Namespace, nil return policy.Namespace, nil
} else if typ == engine.Container { case engine.Container:
return policy.Container, nil return policy.Container, nil
} case engine.User:
return policy.Kind(engine.User), nil
case engine.Group:
return policy.Kind(engine.Group), nil
default:
return policy.Kind(0), ErrEngineTargetTypeUnsupported return policy.Kind(0), ErrEngineTargetTypeUnsupported
} }
}