mirror of
https://github.com/etcd-io/etcd.git
synced 2024-09-27 06:25:44 +00:00
Merge pull request #4891 from mitake/auth-prefix
*: add Auth prefix to auth related requests and responses
This commit is contained in:
Xiang Li
commit
b0956d5dbf
@ -39,7 +39,7 @@ type AuthStore interface {
|
|||||||
Recover(b backend.Backend)
|
Recover(b backend.Backend)
|
||||||
|
|
||||||
// UserAdd adds a new user
|
// UserAdd adds a new user
|
||||||
UserAdd(r *pb.UserAddRequest) (*pb.UserAddResponse, error)
|
UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type authStore struct {
|
type authStore struct {
|
||||||
@ -64,7 +64,7 @@ func (as *authStore) Recover(be backend.Backend) {
|
|||||||
// TODO(mitake): recovery process
|
// TODO(mitake): recovery process
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *authStore) UserAdd(r *pb.UserAddRequest) (*pb.UserAddResponse, error) {
|
func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {
|
||||||
plog.Noticef("adding a new user: %s", r.Name)
|
plog.Noticef("adding a new user: %s", r.Name)
|
||||||
|
|
||||||
hashed, err := bcrypt.GenerateFromPassword([]byte(r.Password), bcrypt.DefaultCost)
|
hashed, err := bcrypt.GenerateFromPassword([]byte(r.Password), bcrypt.DefaultCost)
|
||||||
@ -79,7 +79,7 @@ func (as *authStore) UserAdd(r *pb.UserAddRequest) (*pb.UserAddResponse, error)
|
|||||||
|
|
||||||
_, vs := tx.UnsafeRange(authUsersBucketName, []byte(r.Name), nil, 0)
|
_, vs := tx.UnsafeRange(authUsersBucketName, []byte(r.Name), nil, 0)
|
||||||
if len(vs) != 0 {
|
if len(vs) != 0 {
|
||||||
return &pb.UserAddResponse{}, rpctypes.ErrUserAlreadyExist
|
return &pb.AuthUserAddResponse{}, rpctypes.ErrUserAlreadyExist
|
||||||
}
|
}
|
||||||
|
|
||||||
newUser := authpb.User{
|
newUser := authpb.User{
|
||||||
@ -97,7 +97,7 @@ func (as *authStore) UserAdd(r *pb.UserAddRequest) (*pb.UserAddResponse, error)
|
|||||||
|
|
||||||
plog.Noticef("added a new user: %s", r.Name)
|
plog.Noticef("added a new user: %s", r.Name)
|
||||||
|
|
||||||
return &pb.UserAddResponse{}, nil
|
return &pb.AuthUserAddResponse{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewAuthStore(be backend.Backend) *authStore {
|
func NewAuthStore(be backend.Backend) *authStore {
|
||||||
|
|||||||
@ -22,7 +22,7 @@ import (
|
|||||||
|
|
||||||
type (
|
type (
|
||||||
AuthEnableResponse pb.AuthEnableResponse
|
AuthEnableResponse pb.AuthEnableResponse
|
||||||
UserAddResponse pb.UserAddResponse
|
AuthUserAddResponse pb.AuthUserAddResponse
|
||||||
)
|
)
|
||||||
|
|
||||||
type Auth interface {
|
type Auth interface {
|
||||||
@ -30,7 +30,7 @@ type Auth interface {
|
|||||||
AuthEnable(ctx context.Context) (*AuthEnableResponse, error)
|
AuthEnable(ctx context.Context) (*AuthEnableResponse, error)
|
||||||
|
|
||||||
// UserAdd adds a new user to an etcd cluster.
|
// UserAdd adds a new user to an etcd cluster.
|
||||||
UserAdd(ctx context.Context, name string, password string) (*UserAddResponse, error)
|
UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type auth struct {
|
type auth struct {
|
||||||
@ -54,7 +54,7 @@ func (auth *auth) AuthEnable(ctx context.Context) (*AuthEnableResponse, error) {
|
|||||||
return (*AuthEnableResponse)(resp), err
|
return (*AuthEnableResponse)(resp), err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (auth *auth) UserAdd(ctx context.Context, name string, password string) (*UserAddResponse, error) {
|
func (auth *auth) UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error) {
|
||||||
resp, err := auth.remote.UserAdd(ctx, &pb.UserAddRequest{Name: name, Password: password})
|
resp, err := auth.remote.UserAdd(ctx, &pb.AuthUserAddRequest{Name: name, Password: password})
|
||||||
return (*UserAddResponse)(resp), err
|
return (*AuthUserAddResponse)(resp), err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -42,56 +42,56 @@ func (as *AuthServer) Authenticate(ctx context.Context, r *pb.AuthenticateReques
|
|||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) RoleAdd(ctx context.Context, r *pb.RoleAddRequest) (*pb.RoleAddResponse, error) {
|
func (as *AuthServer) RoleAdd(ctx context.Context, r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) RoleDelete(ctx context.Context, r *pb.RoleDeleteRequest) (*pb.RoleDeleteResponse, error) {
|
func (as *AuthServer) RoleDelete(ctx context.Context, r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) RoleGet(ctx context.Context, r *pb.RoleGetRequest) (*pb.RoleGetResponse, error) {
|
func (as *AuthServer) RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) RoleRevoke(ctx context.Context, r *pb.RoleRevokeRequest) (*pb.RoleRevokeResponse, error) {
|
func (as *AuthServer) RoleRevoke(ctx context.Context, r *pb.AuthRoleRevokeRequest) (*pb.AuthRoleRevokeResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) RoleGrant(ctx context.Context, r *pb.RoleGrantRequest) (*pb.RoleGrantResponse, error) {
|
func (as *AuthServer) RoleGrant(ctx context.Context, r *pb.AuthRoleGrantRequest) (*pb.AuthRoleGrantResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserAdd(ctx context.Context, r *pb.UserAddRequest) (*pb.UserAddResponse, error) {
|
func (as *AuthServer) UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {
|
||||||
return as.authenticator.UserAdd(ctx, r)
|
return as.authenticator.UserAdd(ctx, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserDelete(ctx context.Context, r *pb.UserDeleteRequest) (*pb.UserDeleteResponse, error) {
|
func (as *AuthServer) UserDelete(ctx context.Context, r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserGet(ctx context.Context, r *pb.UserGetRequest) (*pb.UserGetResponse, error) {
|
func (as *AuthServer) UserGet(ctx context.Context, r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserGrant(ctx context.Context, r *pb.UserGrantRequest) (*pb.UserGrantResponse, error) {
|
func (as *AuthServer) UserGrant(ctx context.Context, r *pb.AuthUserGrantRequest) (*pb.AuthUserGrantResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserRevoke(ctx context.Context, r *pb.UserRevokeRequest) (*pb.UserRevokeResponse, error) {
|
func (as *AuthServer) UserRevoke(ctx context.Context, r *pb.AuthUserRevokeRequest) (*pb.AuthUserRevokeResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (as *AuthServer) UserChangePassword(ctx context.Context, r *pb.UserChangePasswordRequest) (*pb.UserChangePasswordResponse, error) {
|
func (as *AuthServer) UserChangePassword(ctx context.Context, r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error) {
|
||||||
plog.Info("not implemented yet")
|
plog.Info("not implemented yet")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|||||||
@ -50,7 +50,7 @@ type applierV3 interface {
|
|||||||
LeaseRevoke(lc *pb.LeaseRevokeRequest) (*pb.LeaseRevokeResponse, error)
|
LeaseRevoke(lc *pb.LeaseRevokeRequest) (*pb.LeaseRevokeResponse, error)
|
||||||
Alarm(*pb.AlarmRequest) (*pb.AlarmResponse, error)
|
Alarm(*pb.AlarmRequest) (*pb.AlarmResponse, error)
|
||||||
AuthEnable() (*pb.AuthEnableResponse, error)
|
AuthEnable() (*pb.AuthEnableResponse, error)
|
||||||
UserAdd(ua *pb.UserAddRequest) (*pb.UserAddResponse, error)
|
UserAdd(ua *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type applierV3backend struct {
|
type applierV3backend struct {
|
||||||
@ -78,8 +78,8 @@ func (s *EtcdServer) applyV3Request(r *pb.InternalRaftRequest) *applyResult {
|
|||||||
ar.resp, ar.err = s.applyV3.Alarm(r.Alarm)
|
ar.resp, ar.err = s.applyV3.Alarm(r.Alarm)
|
||||||
case r.AuthEnable != nil:
|
case r.AuthEnable != nil:
|
||||||
ar.resp, ar.err = s.applyV3.AuthEnable()
|
ar.resp, ar.err = s.applyV3.AuthEnable()
|
||||||
case r.UserAdd != nil:
|
case r.AuthUserAdd != nil:
|
||||||
ar.resp, ar.err = s.applyV3.UserAdd(r.UserAdd)
|
ar.resp, ar.err = s.applyV3.UserAdd(r.AuthUserAdd)
|
||||||
default:
|
default:
|
||||||
panic("not implemented")
|
panic("not implemented")
|
||||||
}
|
}
|
||||||
@ -452,7 +452,7 @@ func (a *applierV3backend) AuthEnable() (*pb.AuthEnableResponse, error) {
|
|||||||
return &pb.AuthEnableResponse{}, nil
|
return &pb.AuthEnableResponse{}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *applierV3backend) UserAdd(r *pb.UserAddRequest) (*pb.UserAddResponse, error) {
|
func (a *applierV3backend) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {
|
||||||
return a.s.AuthStore().UserAdd(r)
|
return a.s.AuthStore().UserAdd(r)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -58,31 +58,31 @@
|
|||||||
AuthEnableRequest
|
AuthEnableRequest
|
||||||
AuthDisableRequest
|
AuthDisableRequest
|
||||||
AuthenticateRequest
|
AuthenticateRequest
|
||||||
UserAddRequest
|
AuthUserAddRequest
|
||||||
UserGetRequest
|
AuthUserGetRequest
|
||||||
UserDeleteRequest
|
AuthUserDeleteRequest
|
||||||
UserChangePasswordRequest
|
AuthUserChangePasswordRequest
|
||||||
UserGrantRequest
|
AuthUserGrantRequest
|
||||||
UserRevokeRequest
|
AuthUserRevokeRequest
|
||||||
RoleAddRequest
|
AuthRoleAddRequest
|
||||||
RoleGetRequest
|
AuthRoleGetRequest
|
||||||
RoleDeleteRequest
|
AuthRoleDeleteRequest
|
||||||
RoleGrantRequest
|
AuthRoleGrantRequest
|
||||||
RoleRevokeRequest
|
AuthRoleRevokeRequest
|
||||||
AuthEnableResponse
|
AuthEnableResponse
|
||||||
AuthDisableResponse
|
AuthDisableResponse
|
||||||
AuthenticateResponse
|
AuthenticateResponse
|
||||||
UserAddResponse
|
AuthUserAddResponse
|
||||||
UserGetResponse
|
AuthUserGetResponse
|
||||||
UserDeleteResponse
|
AuthUserDeleteResponse
|
||||||
UserChangePasswordResponse
|
AuthUserChangePasswordResponse
|
||||||
UserGrantResponse
|
AuthUserGrantResponse
|
||||||
UserRevokeResponse
|
AuthUserRevokeResponse
|
||||||
RoleAddResponse
|
AuthRoleAddResponse
|
||||||
RoleGetResponse
|
AuthRoleGetResponse
|
||||||
RoleDeleteResponse
|
AuthRoleDeleteResponse
|
||||||
RoleGrantResponse
|
AuthRoleGrantResponse
|
||||||
RoleRevokeResponse
|
AuthRoleRevokeResponse
|
||||||
*/
|
*/
|
||||||
package etcdserverpb
|
package etcdserverpb
|
||||||
|
|
||||||
|
|||||||
@ -32,7 +32,7 @@ type InternalRaftRequest struct {
|
|||||||
LeaseCreate *LeaseCreateRequest `protobuf:"bytes,8,opt,name=lease_create" json:"lease_create,omitempty"`
|
LeaseCreate *LeaseCreateRequest `protobuf:"bytes,8,opt,name=lease_create" json:"lease_create,omitempty"`
|
||||||
LeaseRevoke *LeaseRevokeRequest `protobuf:"bytes,9,opt,name=lease_revoke" json:"lease_revoke,omitempty"`
|
LeaseRevoke *LeaseRevokeRequest `protobuf:"bytes,9,opt,name=lease_revoke" json:"lease_revoke,omitempty"`
|
||||||
AuthEnable *AuthEnableRequest `protobuf:"bytes,10,opt,name=auth_enable" json:"auth_enable,omitempty"`
|
AuthEnable *AuthEnableRequest `protobuf:"bytes,10,opt,name=auth_enable" json:"auth_enable,omitempty"`
|
||||||
UserAdd *UserAddRequest `protobuf:"bytes,11,opt,name=user_add" json:"user_add,omitempty"`
|
AuthUserAdd *AuthUserAddRequest `protobuf:"bytes,11,opt,name=auth_user_add" json:"auth_user_add,omitempty"`
|
||||||
Alarm *AlarmRequest `protobuf:"bytes,12,opt,name=alarm" json:"alarm,omitempty"`
|
Alarm *AlarmRequest `protobuf:"bytes,12,opt,name=alarm" json:"alarm,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -161,11 +161,11 @@ func (m *InternalRaftRequest) MarshalTo(data []byte) (int, error) {
|
|||||||
}
|
}
|
||||||
i += n9
|
i += n9
|
||||||
}
|
}
|
||||||
if m.UserAdd != nil {
|
if m.AuthUserAdd != nil {
|
||||||
data[i] = 0x5a
|
data[i] = 0x5a
|
||||||
i++
|
i++
|
||||||
i = encodeVarintRaftInternal(data, i, uint64(m.UserAdd.Size()))
|
i = encodeVarintRaftInternal(data, i, uint64(m.AuthUserAdd.Size()))
|
||||||
n10, err := m.UserAdd.MarshalTo(data[i:])
|
n10, err := m.AuthUserAdd.MarshalTo(data[i:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
@ -271,8 +271,8 @@ func (m *InternalRaftRequest) Size() (n int) {
|
|||||||
l = m.AuthEnable.Size()
|
l = m.AuthEnable.Size()
|
||||||
n += 1 + l + sovRaftInternal(uint64(l))
|
n += 1 + l + sovRaftInternal(uint64(l))
|
||||||
}
|
}
|
||||||
if m.UserAdd != nil {
|
if m.AuthUserAdd != nil {
|
||||||
l = m.UserAdd.Size()
|
l = m.AuthUserAdd.Size()
|
||||||
n += 1 + l + sovRaftInternal(uint64(l))
|
n += 1 + l + sovRaftInternal(uint64(l))
|
||||||
}
|
}
|
||||||
if m.Alarm != nil {
|
if m.Alarm != nil {
|
||||||
@ -648,7 +648,7 @@ func (m *InternalRaftRequest) Unmarshal(data []byte) error {
|
|||||||
iNdEx = postIndex
|
iNdEx = postIndex
|
||||||
case 11:
|
case 11:
|
||||||
if wireType != 2 {
|
if wireType != 2 {
|
||||||
return fmt.Errorf("proto: wrong wireType = %d for field UserAdd", wireType)
|
return fmt.Errorf("proto: wrong wireType = %d for field AuthUserAdd", wireType)
|
||||||
}
|
}
|
||||||
var msglen int
|
var msglen int
|
||||||
for shift := uint(0); ; shift += 7 {
|
for shift := uint(0); ; shift += 7 {
|
||||||
@ -672,10 +672,10 @@ func (m *InternalRaftRequest) Unmarshal(data []byte) error {
|
|||||||
if postIndex > l {
|
if postIndex > l {
|
||||||
return io.ErrUnexpectedEOF
|
return io.ErrUnexpectedEOF
|
||||||
}
|
}
|
||||||
if m.UserAdd == nil {
|
if m.AuthUserAdd == nil {
|
||||||
m.UserAdd = &UserAddRequest{}
|
m.AuthUserAdd = &AuthUserAddRequest{}
|
||||||
}
|
}
|
||||||
if err := m.UserAdd.Unmarshal(data[iNdEx:postIndex]); err != nil {
|
if err := m.AuthUserAdd.Unmarshal(data[iNdEx:postIndex]); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
iNdEx = postIndex
|
iNdEx = postIndex
|
||||||
|
|||||||
@ -26,7 +26,7 @@ message InternalRaftRequest {
|
|||||||
LeaseRevokeRequest lease_revoke = 9;
|
LeaseRevokeRequest lease_revoke = 9;
|
||||||
|
|
||||||
AuthEnableRequest auth_enable = 10;
|
AuthEnableRequest auth_enable = 10;
|
||||||
UserAddRequest user_add = 11;
|
AuthUserAddRequest auth_user_add = 11;
|
||||||
|
|
||||||
AlarmRequest alarm = 12;
|
AlarmRequest alarm = 12;
|
||||||
}
|
}
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@ -94,37 +94,37 @@ service Auth {
|
|||||||
rpc Authenticate(AuthenticateRequest) returns (AuthenticateResponse) {}
|
rpc Authenticate(AuthenticateRequest) returns (AuthenticateResponse) {}
|
||||||
|
|
||||||
// UserAdd adds a new user.
|
// UserAdd adds a new user.
|
||||||
rpc UserAdd(UserAddRequest) returns (UserAddResponse) {}
|
rpc UserAdd(AuthUserAddRequest) returns (AuthUserAddResponse) {}
|
||||||
|
|
||||||
// UserGet gets a detailed information of a user or lists entire users.
|
// UserGet gets a detailed information of a user or lists entire users.
|
||||||
rpc UserGet(UserGetRequest) returns (UserGetResponse) {}
|
rpc UserGet(AuthUserGetRequest) returns (AuthUserGetResponse) {}
|
||||||
|
|
||||||
// UserDelete deletes a specified user.
|
// UserDelete deletes a specified user.
|
||||||
rpc UserDelete(UserDeleteRequest) returns (UserDeleteResponse) {}
|
rpc UserDelete(AuthUserDeleteRequest) returns (AuthUserDeleteResponse) {}
|
||||||
|
|
||||||
// UserChangePassword changes password of a specified user.
|
// UserChangePassword changes password of a specified user.
|
||||||
rpc UserChangePassword(UserChangePasswordRequest) returns (UserChangePasswordResponse) {}
|
rpc UserChangePassword(AuthUserChangePasswordRequest) returns (AuthUserChangePasswordResponse) {}
|
||||||
|
|
||||||
// UserGrant grants a role to a specified user.
|
// UserGrant grants a role to a specified user.
|
||||||
rpc UserGrant(UserGrantRequest) returns (UserGrantResponse) {}
|
rpc UserGrant(AuthUserGrantRequest) returns (AuthUserGrantResponse) {}
|
||||||
|
|
||||||
// UserRevoke revokes a role of specified user.
|
// UserRevoke revokes a role of specified user.
|
||||||
rpc UserRevoke(UserRevokeRequest) returns (UserRevokeResponse) {}
|
rpc UserRevoke(AuthUserRevokeRequest) returns (AuthUserRevokeResponse) {}
|
||||||
|
|
||||||
// RoleAdd adds a new role.
|
// RoleAdd adds a new role.
|
||||||
rpc RoleAdd(RoleAddRequest) returns (RoleAddResponse) {}
|
rpc RoleAdd(AuthRoleAddRequest) returns (AuthRoleAddResponse) {}
|
||||||
|
|
||||||
// RoleGet gets a detailed information of a role or lists entire roles.
|
// RoleGet gets a detailed information of a role or lists entire roles.
|
||||||
rpc RoleGet(RoleGetRequest) returns (RoleGetResponse) {}
|
rpc RoleGet(AuthRoleGetRequest) returns (AuthRoleGetResponse) {}
|
||||||
|
|
||||||
// RoleDelete deletes a specified role.
|
// RoleDelete deletes a specified role.
|
||||||
rpc RoleDelete(RoleDeleteRequest) returns (RoleDeleteResponse) {}
|
rpc RoleDelete(AuthRoleDeleteRequest) returns (AuthRoleDeleteResponse) {}
|
||||||
|
|
||||||
// RoleGrant grants a permission of a specified key or range to a specified role.
|
// RoleGrant grants a permission of a specified key or range to a specified role.
|
||||||
rpc RoleGrant(RoleGrantRequest) returns (RoleGrantResponse) {}
|
rpc RoleGrant(AuthRoleGrantRequest) returns (AuthRoleGrantResponse) {}
|
||||||
|
|
||||||
// RoleRevoke revokes a key or range permission of a specified role.
|
// RoleRevoke revokes a key or range permission of a specified role.
|
||||||
rpc RoleRevoke(RoleRevokeRequest) returns (RoleRevokeResponse) {}
|
rpc RoleRevoke(AuthRoleRevokeRequest) returns (AuthRoleRevokeResponse) {}
|
||||||
}
|
}
|
||||||
|
|
||||||
message ResponseHeader {
|
message ResponseHeader {
|
||||||
@ -476,39 +476,39 @@ message AuthDisableRequest {
|
|||||||
message AuthenticateRequest {
|
message AuthenticateRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserAddRequest {
|
message AuthUserAddRequest {
|
||||||
string name = 1;
|
string name = 1;
|
||||||
string password = 2;
|
string password = 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserGetRequest {
|
message AuthUserGetRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserDeleteRequest {
|
message AuthUserDeleteRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserChangePasswordRequest {
|
message AuthUserChangePasswordRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserGrantRequest {
|
message AuthUserGrantRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserRevokeRequest {
|
message AuthUserRevokeRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleAddRequest {
|
message AuthRoleAddRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleGetRequest {
|
message AuthRoleGetRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleDeleteRequest {
|
message AuthRoleDeleteRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleGrantRequest {
|
message AuthRoleGrantRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleRevokeRequest {
|
message AuthRoleRevokeRequest {
|
||||||
}
|
}
|
||||||
|
|
||||||
message AuthEnableResponse {
|
message AuthEnableResponse {
|
||||||
@ -523,46 +523,46 @@ message AuthenticateResponse {
|
|||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserAddResponse {
|
message AuthUserAddResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserGetResponse {
|
message AuthUserGetResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserDeleteResponse {
|
message AuthUserDeleteResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserChangePasswordResponse {
|
message AuthUserChangePasswordResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserGrantResponse {
|
message AuthUserGrantResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message UserRevokeResponse {
|
message AuthUserRevokeResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleAddResponse {
|
message AuthRoleAddResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleGetResponse {
|
message AuthRoleGetResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleDeleteResponse {
|
message AuthRoleDeleteResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleGrantResponse {
|
message AuthRoleGrantResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
message RoleRevokeResponse {
|
message AuthRoleRevokeResponse {
|
||||||
ResponseHeader header = 1;
|
ResponseHeader header = 1;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -53,7 +53,7 @@ type Lessor interface {
|
|||||||
|
|
||||||
type Authenticator interface {
|
type Authenticator interface {
|
||||||
AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error)
|
AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*pb.AuthEnableResponse, error)
|
||||||
UserAdd(ctx context.Context, r *pb.UserAddRequest) (*pb.UserAddResponse, error)
|
UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *EtcdServer) Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error) {
|
func (s *EtcdServer) Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error) {
|
||||||
@ -180,12 +180,12 @@ func (s *EtcdServer) AuthEnable(ctx context.Context, r *pb.AuthEnableRequest) (*
|
|||||||
return result.resp.(*pb.AuthEnableResponse), result.err
|
return result.resp.(*pb.AuthEnableResponse), result.err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *EtcdServer) UserAdd(ctx context.Context, r *pb.UserAddRequest) (*pb.UserAddResponse, error) {
|
func (s *EtcdServer) UserAdd(ctx context.Context, r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {
|
||||||
result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{UserAdd: r})
|
result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthUserAdd: r})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return result.resp.(*pb.UserAddResponse), result.err
|
return result.resp.(*pb.AuthUserAddResponse), result.err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *EtcdServer) processInternalRaftRequest(ctx context.Context, r pb.InternalRaftRequest) (*applyResult, error) {
|
func (s *EtcdServer) processInternalRaftRequest(ctx context.Context, r pb.InternalRaftRequest) (*applyResult, error) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user