datasource/etcd/role.go - servicecomb-service-center - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package etcd

 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"strconv"
 	"time"

 	"github.com/go-chassis/cari/rbac"

 	"github.com/apache/servicecomb-service-center/datasource"
 	"github.com/apache/servicecomb-service-center/datasource/etcd/client"
 	"github.com/apache/servicecomb-service-center/datasource/etcd/path"
 	"github.com/apache/servicecomb-service-center/pkg/etcdsync"
 	"github.com/apache/servicecomb-service-center/pkg/log"
 	"github.com/apache/servicecomb-service-center/pkg/util"
 )

 func (ds *DataSource) CreateRole(ctx context.Context, r *rbac.Role) error {
 	lock, err := etcdsync.Lock("/role-creating/"+r.Name, -1, false)
 	if err != nil {
 		return fmt.Errorf("role %s is creating", r.Name)
 	}
 	defer func() {
 		err := lock.Unlock()
 		if err != nil {
 			log.Error("can not release role lock", err)
 		}
 	}()
 	key := path.GenerateRBACRoleKey(r.Name)
 	exist, err := datasource.Instance().RoleExist(ctx, r.Name)
 	if err != nil {
 		log.Error("can not save role info", err)
 		return err
 	}
 	if exist {
 		return datasource.ErrRoleDuplicated
 	}
 	r.ID = util.GenerateUUID()
 	r.CreateTime = strconv.FormatInt(time.Now().Unix(), 10)
 	r.UpdateTime = r.CreateTime
 	value, err := json.Marshal(r)
 	if err != nil {
 		log.Error("role info is invalid", err)
 		return err
 	}
 	err = client.PutBytes(ctx, key, value)
 	if err != nil {
 		log.Error("can not save account info", err)
 		return err
 	}
 	log.Info("create new role: " + r.ID)
 	return nil
 }

 func (ds *DataSource) RoleExist(ctx context.Context, name string) (bool, error) {
 	resp, err := client.Instance().Do(ctx, client.GET,
 		client.WithStrKey(path.GenerateRBACRoleKey(name)))
 	if err != nil {
 		return false, err
 	}
 	if resp.Count == 0 {
 		return false, nil
 	}
 	return true, nil
 }
 func (ds *DataSource) GetRole(ctx context.Context, name string) (*rbac.Role, error) {
 	resp, err := client.Instance().Do(ctx, client.GET,
 		client.WithStrKey(path.GenerateRBACRoleKey(name)))
 	if err != nil {
 		return nil, err
 	}
 	if resp.Count == 0 {
 		return nil, datasource.ErrRoleNotExist
 	}
 	if resp.Count != 1 {
 		return nil, client.ErrNotUnique
 	}
 	role := &rbac.Role{}
 	err = json.Unmarshal(resp.Kvs[0].Value, role)
 	if err != nil {
 		log.Errorf(err, "role info format invalid")
 		return nil, err
 	}
 	return role, nil
 }
 func (ds *DataSource) ListRole(ctx context.Context) ([]*rbac.Role, int64, error) {
 	resp, err := client.Instance().Do(ctx, client.GET,
 		client.WithStrKey(path.GenerateRBACRoleKey("")), client.WithPrefix())
 	if err != nil {
 		return nil, 0, err
 	}
 	roles := make([]*rbac.Role, 0, resp.Count)
 	for _, v := range resp.Kvs {
 		r := &rbac.Role{}
 		err = json.Unmarshal(v.Value, r)
 		if err != nil {
 			log.Error("role info format invalid:", err)
 			continue //do not fail if some role is invalid
 		}

 		roles = append(roles, r)
 	}
 	return roles, resp.Count, nil
 }
 func (ds *DataSource) DeleteRole(ctx context.Context, name string) (bool, error) {
 	exists, err := RoleBindingExists(ctx, name)
 	if err != nil {
 		log.Error("", err)
 		return false, err
 	}
 	if exists {
 		return false, datasource.ErrRoleBindingExist
 	}
 	resp, err := client.Instance().Do(ctx, client.DEL,
 		client.WithStrKey(path.GenerateRBACRoleKey(name)))
 	if err != nil {
 		return false, err
 	}
 	return resp.Succeeded, nil
 }
 func RoleBindingExists(ctx context.Context, role string) (bool, error) {
 	_, total, err := client.List(ctx, path.GenRoleAccountPrefixIdxKey(role))
 	if err != nil {
 		log.Error("", err)
 		return false, err
 	}
 	return total > 0, nil
 }
 func (ds *DataSource) UpdateRole(ctx context.Context, name string, role *rbac.Role) error {
 	role.UpdateTime = strconv.FormatInt(time.Now().Unix(), 10)
 	value, err := json.Marshal(role)
 	if err != nil {
 		log.Errorf(err, "role info is invalid")
 		return err
 	}
 	_, err = client.Instance().Do(ctx, client.PUT,
 		client.WithStrKey(path.GenerateRBACRoleKey(name)),
 		client.WithValue(value))
 	return err
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package etcd

	import (
	"context"
	"encoding/json"
	"fmt"
	"strconv"
	"time"

	"github.com/go-chassis/cari/rbac"

	"github.com/apache/servicecomb-service-center/datasource"
	"github.com/apache/servicecomb-service-center/datasource/etcd/client"
	"github.com/apache/servicecomb-service-center/datasource/etcd/path"
	"github.com/apache/servicecomb-service-center/pkg/etcdsync"
	"github.com/apache/servicecomb-service-center/pkg/log"
	"github.com/apache/servicecomb-service-center/pkg/util"
	)

	func (ds DataSource) CreateRole(ctx context.Context, r rbac.Role) error {
	lock, err := etcdsync.Lock("/role-creating/"+r.Name, -1, false)
	if err != nil {
	return fmt.Errorf("role %s is creating", r.Name)
	}
	defer func() {
	err := lock.Unlock()
	if err != nil {
	log.Error("can not release role lock", err)
	}
	}()
	key := path.GenerateRBACRoleKey(r.Name)
	exist, err := datasource.Instance().RoleExist(ctx, r.Name)
	if err != nil {
	log.Error("can not save role info", err)
	return err
	}
	if exist {
	return datasource.ErrRoleDuplicated
	}
	r.ID = util.GenerateUUID()
	r.CreateTime = strconv.FormatInt(time.Now().Unix(), 10)
	r.UpdateTime = r.CreateTime
	value, err := json.Marshal(r)
	if err != nil {
	log.Error("role info is invalid", err)
	return err
	}
	err = client.PutBytes(ctx, key, value)
	if err != nil {
	log.Error("can not save account info", err)
	return err
	}
	log.Info("create new role: " + r.ID)
	return nil
	}

	func (ds *DataSource) RoleExist(ctx context.Context, name string) (bool, error) {
	resp, err := client.Instance().Do(ctx, client.GET,
	client.WithStrKey(path.GenerateRBACRoleKey(name)))
	if err != nil {
	return false, err
	}
	if resp.Count == 0 {
	return false, nil
	}
	return true, nil
	}
	func (ds DataSource) GetRole(ctx context.Context, name string) (rbac.Role, error) {
	resp, err := client.Instance().Do(ctx, client.GET,
	client.WithStrKey(path.GenerateRBACRoleKey(name)))
	if err != nil {
	return nil, err
	}
	if resp.Count == 0 {
	return nil, datasource.ErrRoleNotExist
	}
	if resp.Count != 1 {
	return nil, client.ErrNotUnique
	}
	role := &rbac.Role{}
	err = json.Unmarshal(resp.Kvs[0].Value, role)
	if err != nil {
	log.Errorf(err, "role info format invalid")
	return nil, err
	}
	return role, nil
	}
	func (ds DataSource) ListRole(ctx context.Context) ([]rbac.Role, int64, error) {
	resp, err := client.Instance().Do(ctx, client.GET,
	client.WithStrKey(path.GenerateRBACRoleKey("")), client.WithPrefix())
	if err != nil {
	return nil, 0, err
	}
	roles := make([]*rbac.Role, 0, resp.Count)
	for _, v := range resp.Kvs {
	r := &rbac.Role{}
	err = json.Unmarshal(v.Value, r)
	if err != nil {
	log.Error("role info format invalid:", err)
	continue //do not fail if some role is invalid
	}

	roles = append(roles, r)
	}
	return roles, resp.Count, nil
	}
	func (ds *DataSource) DeleteRole(ctx context.Context, name string) (bool, error) {
	exists, err := RoleBindingExists(ctx, name)
	if err != nil {
	log.Error("", err)
	return false, err
	}
	if exists {
	return false, datasource.ErrRoleBindingExist
	}
	resp, err := client.Instance().Do(ctx, client.DEL,
	client.WithStrKey(path.GenerateRBACRoleKey(name)))
	if err != nil {
	return false, err
	}
	return resp.Succeeded, nil
	}
	func RoleBindingExists(ctx context.Context, role string) (bool, error) {
	_, total, err := client.List(ctx, path.GenRoleAccountPrefixIdxKey(role))
	if err != nil {
	log.Error("", err)
	return false, err
	}
	return total > 0, nil
	}
	func (ds DataSource) UpdateRole(ctx context.Context, name string, role rbac.Role) error {
	role.UpdateTime = strconv.FormatInt(time.Now().Unix(), 10)
	value, err := json.Marshal(role)
	if err != nil {
	log.Errorf(err, "role info is invalid")
	return err
	}
	_, err = client.Instance().Do(ctx, client.PUT,
	client.WithStrKey(path.GenerateRBACRoleKey(name)),
	client.WithValue(value))
	return err
	}