Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdserver/auth: cache auth enable result

Browse Source
This commit is contained in:
Xiang Li 2015-08-20 16:13:27 -07:00
parent da9a12b97c
commit 11a689d063
3 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etcdserver/auth/auth.go
View File

@ -93,6 +93,7 @@ type store struct {
server doer server doer
timeout time.Duration timeout time.Duration
ensuredOnce bool ensuredOnce bool
enabled *bool
} }
type User struct { type User struct {
@ -398,6 +399,8 @@ func (s *store) EnableAuth() error {
} }
err = s.enableAuth() err = s.enableAuth()
if err == nil { if err == nil {
b := true
s.enabled = &b
plog.Noticef("auth: enabled auth") plog.Noticef("auth: enabled auth")
} else { } else {
plog.Errorf("error enabling auth (%v)", err) plog.Errorf("error enabling auth (%v)", err)
@ -411,6 +414,8 @@ func (s *store) DisableAuth() error {
} }
err := s.disableAuth() err := s.disableAuth()
if err == nil { if err == nil {
b := false
s.enabled = &b
plog.Noticef("auth: disabled auth") plog.Noticef("auth: disabled auth")
} else { } else {
plog.Errorf("error disabling auth (%v)", err) plog.Errorf("error disabling auth (%v)", err)

6
etcdserver/auth/auth_requests.go
View File

@ -85,10 +85,15 @@ func (s *store) detectAuth() bool {
if s.server == nil { if s.server == nil {
return false return false
} }
if s.enabled != nil {
return *s.enabled
}
value, err := s.requestResource("/enabled", false) value, err := s.requestResource("/enabled", false)
if err != nil { if err != nil {
if e, ok := err.(*etcderr.Error); ok { if e, ok := err.(*etcderr.Error); ok {
if e.ErrorCode == etcderr.EcodeKeyNotFound { if e.ErrorCode == etcderr.EcodeKeyNotFound {
b := false
s.enabled = &b
return false return false
} }
} }
@ -102,6 +107,7 @@ func (s *store) detectAuth() bool {
plog.Errorf("internal bookkeeping value for enabled isn't valid JSON (%v)", err) plog.Errorf("internal bookkeeping value for enabled isn't valid JSON (%v)", err)
return false return false
} }
s.enabled = &u
return u return u
} }

23
etcdserver/auth/auth_test.go
View File

@ -210,7 +210,7 @@ func TestAllUsers(t *testing.T) {
} }
expected := []string{"cat", "dog"} expected := []string{"cat", "dog"}
s := store{d, testTimeout, false} s := store{server: d, timeout: testTimeout, ensuredOnce: false}
users, err := s.AllUsers() users, err := s.AllUsers()
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -238,7 +238,7 @@ func TestGetAndDeleteUser(t *testing.T) {
} }
expected := User{User: "cat", Roles: []string{"animal"}} expected := User{User: "cat", Roles: []string{"animal"}}
s := store{d, testTimeout, false} s := store{server: d, timeout: testTimeout, ensuredOnce: false}
out, err := s.GetUser("cat") out, err := s.GetUser("cat")
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -275,7 +275,7 @@ func TestAllRoles(t *testing.T) {
} }
expected := []string{"animal", "human", "root"} expected := []string{"animal", "human", "root"}
s := store{d, testTimeout, false} s := store{server: d, timeout: testTimeout, ensuredOnce: false}
out, err := s.AllRoles() out, err := s.AllRoles()
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -303,7 +303,7 @@ func TestGetAndDeleteRole(t *testing.T) {
} }
expected := Role{Role: "animal"} expected := Role{Role: "animal"}
s := store{d, testTimeout, false} s := store{server: d, timeout: testTimeout, ensuredOnce: false}
out, err := s.GetRole("animal") out, err := s.GetRole("animal")
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -350,7 +350,7 @@ func TestEnsure(t *testing.T) {
}, },
} }
s := store{d, testTimeout, false} s := store{server: d, timeout: testTimeout, ensuredOnce: false}
err := s.ensureAuthDirectories() err := s.ensureAuthDirectories()
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -410,7 +410,7 @@ func TestCreateAndUpdateUser(t *testing.T) {
update := User{User: "cat", Grant: []string{"pet"}} update := User{User: "cat", Grant: []string{"pet"}}
expected := User{User: "cat", Roles: []string{"animal", "pet"}} expected := User{User: "cat", Roles: []string{"animal", "pet"}}
s := store{d, testTimeout, true} s := store{server: d, timeout: testTimeout, ensuredOnce: true}
out, created, err := s.CreateOrUpdateUser(user) out, created, err := s.CreateOrUpdateUser(user)
if created == false { if created == false {
t.Error("Should have created user, instead updated?") t.Error("Should have created user, instead updated?")
@ -465,7 +465,7 @@ func TestUpdateRole(t *testing.T) {
update := Role{Role: "animal", Grant: &Permissions{KV: RWPermission{Read: []string{}, Write: []string{"/animal"}}}} update := Role{Role: "animal", Grant: &Permissions{KV: RWPermission{Read: []string{}, Write: []string{"/animal"}}}}
expected := Role{Role: "animal", Permissions: Permissions{KV: RWPermission{Read: []string{"/animal"}, Write: []string{"/animal"}}}} expected := Role{Role: "animal", Permissions: Permissions{KV: RWPermission{Read: []string{"/animal"}, Write: []string{"/animal"}}}}
s := store{d, testTimeout, true} s := store{server: d, timeout: testTimeout, ensuredOnce: true}
out, err := s.UpdateRole(update) out, err := s.UpdateRole(update)
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -496,7 +496,7 @@ func TestCreateRole(t *testing.T) {
} }
r := Role{Role: "animal", Permissions: Permissions{KV: RWPermission{Read: []string{"/animal"}, Write: []string{}}}} r := Role{Role: "animal", Permissions: Permissions{KV: RWPermission{Read: []string{"/animal"}, Write: []string{}}}}
s := store{d, testTimeout, true} s := store{server: d, timeout: testTimeout, ensuredOnce: true}
err := s.CreateRole(Role{Role: "root"}) err := s.CreateRole(Role{Role: "root"})
if err == nil { if err == nil {
t.Error("Should error creating root role") t.Error("Should error creating root role")
@ -562,7 +562,7 @@ func TestEnableAuth(t *testing.T) {
}, },
explicitlyEnabled: false, explicitlyEnabled: false,
} }
s := store{d, testTimeout, true} s := store{server: d, timeout: testTimeout, ensuredOnce: true}
err := s.EnableAuth() err := s.EnableAuth()
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)
@ -605,11 +605,14 @@ func TestDisableAuth(t *testing.T) {
}, },
explicitlyEnabled: false, explicitlyEnabled: false,
} }
s := store{d, testTimeout, true} s := store{server: d, timeout: testTimeout, ensuredOnce: true}
err := s.DisableAuth() err := s.DisableAuth()
if err == nil { if err == nil {
t.Error("Expected error; already disabled") t.Error("Expected error; already disabled")
} }
// clear cache
s.enabled = nil
err = s.DisableAuth() err = s.DisableAuth()
if err != nil { if err != nil {
t.Error("Unexpected error", err) t.Error("Unexpected error", err)