mirror of
https://github.com/etcd-io/etcd.git
synced 2024-09-27 06:25:44 +00:00
enhanced authBackend to support authReadTx
This commit is contained in:
ahrtr
@@ -60,15 +60,25 @@ func (abe *authBackend) ForceCommit() {
|
||||
abe.be.ForceCommit()
|
||||
}
|
||||
|
||||
func (abe *authBackend) ReadTx() auth.AuthReadTx {
|
||||
return &authReadTx{tx: abe.be.ReadTx(), lg: abe.lg}
|
||||
}
|
||||
|
||||
func (abe *authBackend) BatchTx() auth.AuthBatchTx {
|
||||
return &authBatchTx{tx: abe.be.BatchTx(), lg: abe.lg}
|
||||
}
|
||||
|
||||
type authReadTx struct {
|
||||
tx backend.ReadTx
|
||||
lg *zap.Logger
|
||||
}
|
||||
|
||||
type authBatchTx struct {
|
||||
tx backend.BatchTx
|
||||
lg *zap.Logger
|
||||
}
|
||||
|
||||
var _ auth.AuthReadTx = (*authReadTx)(nil)
|
||||
var _ auth.AuthBatchTx = (*authBatchTx)(nil)
|
||||
|
||||
func (atx *authBatchTx) UnsafeSaveAuthEnabled(enabled bool) {
|
||||
@@ -86,22 +96,13 @@ func (atx *authBatchTx) UnsafeSaveAuthRevision(rev uint64) {
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeReadAuthEnabled() bool {
|
||||
_, vs := atx.tx.UnsafeRange(Auth, AuthEnabledKeyName, nil, 0)
|
||||
if len(vs) == 1 {
|
||||
if bytes.Equal(vs[0], authEnabled) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeReadAuthEnabled()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeReadAuthRevision() uint64 {
|
||||
_, vs := atx.tx.UnsafeRange(Auth, AuthRevisionKeyName, nil, 0)
|
||||
if len(vs) != 1 {
|
||||
// this can happen in the initialization phase
|
||||
return 0
|
||||
}
|
||||
return binary.BigEndian.Uint64(vs[0])
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeReadAuthRevision()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) Lock() {
|
||||
@@ -111,3 +112,30 @@ func (atx *authBatchTx) Lock() {
|
||||
func (atx *authBatchTx) Unlock() {
|
||||
atx.tx.Unlock()
|
||||
}
|
||||
|
||||
func (atx *authReadTx) UnsafeReadAuthEnabled() bool {
|
||||
_, vs := atx.tx.UnsafeRange(Auth, AuthEnabledKeyName, nil, 0)
|
||||
if len(vs) == 1 {
|
||||
if bytes.Equal(vs[0], authEnabled) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func (atx *authReadTx) UnsafeReadAuthRevision() uint64 {
|
||||
_, vs := atx.tx.UnsafeRange(Auth, AuthRevisionKeyName, nil, 0)
|
||||
if len(vs) != 1 {
|
||||
// this can happen in the initialization phase
|
||||
return 0
|
||||
}
|
||||
return binary.BigEndian.Uint64(vs[0])
|
||||
}
|
||||
|
||||
func (atx *authReadTx) Lock() {
|
||||
atx.tx.RLock()
|
||||
}
|
||||
|
||||
func (atx *authReadTx) Unlock() {
|
||||
atx.tx.RUnlock()
|
||||
}
|
||||
|
||||
@@ -32,17 +32,8 @@ func (abe *authBackend) GetRole(roleName string) *authpb.Role {
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeGetRole(roleName string) *authpb.Role {
|
||||
_, vs := atx.tx.UnsafeRange(AuthRoles, []byte(roleName), nil, 0)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
role := &authpb.Role{}
|
||||
err := role.Unmarshal(vs[0])
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.Role'", zap.Error(err))
|
||||
}
|
||||
return role
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeGetRole(roleName)
|
||||
}
|
||||
|
||||
func (abe *authBackend) GetAllRoles() []*authpb.Role {
|
||||
@@ -53,21 +44,8 @@ func (abe *authBackend) GetAllRoles() []*authpb.Role {
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeGetAllRoles() []*authpb.Role {
|
||||
_, vs := atx.tx.UnsafeRange(AuthRoles, []byte{0}, []byte{0xff}, -1)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
roles := make([]*authpb.Role, len(vs))
|
||||
for i := range vs {
|
||||
role := &authpb.Role{}
|
||||
err := role.Unmarshal(vs[i])
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.Role'", zap.Error(err))
|
||||
}
|
||||
roles[i] = role
|
||||
}
|
||||
return roles
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeGetAllRoles()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafePutRole(role *authpb.Role) {
|
||||
@@ -86,3 +64,35 @@ func (atx *authBatchTx) UnsafePutRole(role *authpb.Role) {
|
||||
func (atx *authBatchTx) UnsafeDeleteRole(rolename string) {
|
||||
atx.tx.UnsafeDelete(AuthRoles, []byte(rolename))
|
||||
}
|
||||
|
||||
func (atx *authReadTx) UnsafeGetRole(roleName string) *authpb.Role {
|
||||
_, vs := atx.tx.UnsafeRange(AuthRoles, []byte(roleName), nil, 0)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
role := &authpb.Role{}
|
||||
err := role.Unmarshal(vs[0])
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.Role'", zap.Error(err))
|
||||
}
|
||||
return role
|
||||
}
|
||||
|
||||
func (atx *authReadTx) UnsafeGetAllRoles() []*authpb.Role {
|
||||
_, vs := atx.tx.UnsafeRange(AuthRoles, []byte{0}, []byte{0xff}, -1)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
roles := make([]*authpb.Role, len(vs))
|
||||
for i := range vs {
|
||||
role := &authpb.Role{}
|
||||
err := role.Unmarshal(vs[i])
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.Role'", zap.Error(err))
|
||||
}
|
||||
roles[i] = role
|
||||
}
|
||||
return roles
|
||||
}
|
||||
|
||||
@@ -27,6 +27,35 @@ func (abe *authBackend) GetUser(username string) *authpb.User {
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeGetUser(username string) *authpb.User {
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeGetUser(username)
|
||||
}
|
||||
|
||||
func (abe *authBackend) GetAllUsers() []*authpb.User {
|
||||
tx := abe.BatchTx()
|
||||
tx.Lock()
|
||||
defer tx.Unlock()
|
||||
return tx.UnsafeGetAllUsers()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeGetAllUsers() []*authpb.User {
|
||||
arx := &authReadTx{tx: atx.tx, lg: atx.lg}
|
||||
return arx.UnsafeGetAllUsers()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafePutUser(user *authpb.User) {
|
||||
b, err := user.Marshal()
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.User'", zap.Error(err))
|
||||
}
|
||||
atx.tx.UnsafePut(AuthUsers, user.Name, b)
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeDeleteUser(username string) {
|
||||
atx.tx.UnsafeDelete(AuthUsers, []byte(username))
|
||||
}
|
||||
|
||||
func (atx *authReadTx) UnsafeGetUser(username string) *authpb.User {
|
||||
_, vs := atx.tx.UnsafeRange(AuthUsers, []byte(username), nil, 0)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
@@ -44,14 +73,7 @@ func (atx *authBatchTx) UnsafeGetUser(username string) *authpb.User {
|
||||
return user
|
||||
}
|
||||
|
||||
func (abe *authBackend) GetAllUsers() []*authpb.User {
|
||||
tx := abe.BatchTx()
|
||||
tx.Lock()
|
||||
defer tx.Unlock()
|
||||
return tx.UnsafeGetAllUsers()
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeGetAllUsers() []*authpb.User {
|
||||
func (atx *authReadTx) UnsafeGetAllUsers() []*authpb.User {
|
||||
_, vs := atx.tx.UnsafeRange(AuthUsers, []byte{0}, []byte{0xff}, -1)
|
||||
if len(vs) == 0 {
|
||||
return nil
|
||||
@@ -68,15 +90,3 @@ func (atx *authBatchTx) UnsafeGetAllUsers() []*authpb.User {
|
||||
}
|
||||
return users
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafePutUser(user *authpb.User) {
|
||||
b, err := user.Marshal()
|
||||
if err != nil {
|
||||
atx.lg.Panic("failed to unmarshal 'authpb.User'", zap.Error(err))
|
||||
}
|
||||
atx.tx.UnsafePut(AuthUsers, user.Name, b)
|
||||
}
|
||||
|
||||
func (atx *authBatchTx) UnsafeDeleteUser(username string) {
|
||||
atx.tx.UnsafeDelete(AuthUsers, []byte(username))
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user