Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

auth: cleanup get perm func

Browse Source
This commit is contained in:
Xiang Li 2016-06-10 16:36:51 -07:00
parent 3eab6bef6a
commit f99ff5d513
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
auth/range_perm_cache.go
View File

@ -73,7 +73,7 @@ func mergeRangePerms(perms []*rangePerm) []*rangePerm {
return merged
}
func (as *authStore) makeUnifiedPerms(tx backend.BatchTx, userName string) *unifiedRangePermissions {
func getMergedPerms(tx backend.BatchTx, userName string) *unifiedRangePermissions {
user := getUser(tx, userName)
if user == nil {
plog.Errorf("invalid user name %s", userName)
@ -92,18 +92,26 @@ func (as *authStore) makeUnifiedPerms(tx backend.BatchTx, userName string) *unif
if len(perm.RangeEnd) == 0 {
continue
}
rp := &rangePerm{begin: string(perm.Key), end: string(perm.RangeEnd)}
if perm.PermType == authpb.READWRITE || perm.PermType == authpb.READ {
readPerms = append(readPerms, &rangePerm{begin: string(perm.Key), end: string(perm.RangeEnd)})
}
switch perm.PermType {
case authpb.READWRITE:
readPerms = append(readPerms, rp)
writePerms = append(writePerms, rp)
if perm.PermType == authpb.READWRITE || perm.PermType == authpb.WRITE {
writePerms = append(writePerms, &rangePerm{begin: string(perm.Key), end: string(perm.RangeEnd)})
case authpb.READ:
readPerms = append(readPerms, rp)
case authpb.WRITE:
writePerms = append(writePerms, rp)
}
}
}
return &unifiedRangePermissions{readPerms: mergeRangePerms(readPerms), writePerms: mergeRangePerms(writePerms)}
return &unifiedRangePermissions{
readPerms: mergeRangePerms(readPerms),
writePerms: mergeRangePerms(writePerms),
}
}
func checkCachedPerm(cachedPerms *unifiedRangePermissions, userName string, key, rangeEnd string, write, read bool) bool {
@ -137,7 +145,7 @@ func (as *authStore) isRangeOpPermitted(tx backend.BatchTx, userName string, key
return checkCachedPerm(as.rangePermCache[userName], userName, key, rangeEnd, write, read)
}
perms := as.makeUnifiedPerms(tx, userName)
perms := getMergedPerms(tx, userName)
if perms == nil {
plog.Errorf("failed to create a unified permission of user %s", userName)
return false