Yaml decoder tweaks based on resources & store
This commit is contained in:
Tomaž Jerman
parent
ea8f38ef73
commit
a40f936f37
@ -124,7 +124,11 @@ func (wrap *composeChart) UnmarshalYAML(n *yaml.Node) (err error) {
|
||||
}
|
||||
|
||||
func (wrap composeChart) MarshalEnvoy() ([]resource.Interface, error) {
|
||||
rs := resource.NewComposeChart(wrap.res, wrap.refNamespace)
|
||||
vv := make([]string, 0, len(wrap.refReportModules))
|
||||
for _, v := range wrap.refReportModules {
|
||||
vv = append(vv, v)
|
||||
}
|
||||
rs := resource.NewComposeChart(wrap.res, wrap.refNamespace, vv)
|
||||
return envoy.CollectNodes(
|
||||
rs,
|
||||
wrap.rbac.bindResource(rs),
|
||||
|
||||
@ -148,7 +148,9 @@ func (set *composeModuleFieldSet) UnmarshalYAML(n *yaml.Node) error {
|
||||
}
|
||||
|
||||
wrap.res.Name = k.Value
|
||||
wrap.res.Label = k.Value
|
||||
if wrap.res.Label == "" {
|
||||
wrap.res.Label = k.Value
|
||||
}
|
||||
}
|
||||
|
||||
*set = append(*set, wrap)
|
||||
|
||||
@ -120,6 +120,10 @@ func (wset composeRecordSet) MarshalEnvoy() ([]resource.Interface, error) {
|
||||
}
|
||||
|
||||
n := resource.NewComposeRecordSet(walker, w.nsRef, w.modRef)
|
||||
for _, r := range w.rr {
|
||||
n.IDMap[r.ID] = 0
|
||||
}
|
||||
|
||||
nn = append(nn, n)
|
||||
}
|
||||
|
||||
|
||||
@ -3,6 +3,7 @@ package yaml
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/cortezaproject/corteza-server/pkg/envoy"
|
||||
"github.com/cortezaproject/corteza-server/pkg/envoy/resource"
|
||||
"gopkg.in/yaml.v3"
|
||||
)
|
||||
@ -52,8 +53,31 @@ func (doc *Document) UnmarshalYAML(n *yaml.Node) (err error) {
|
||||
func (doc *Document) Decode(ctx context.Context, l loader) ([]resource.Interface, error) {
|
||||
nn := make([]resource.Interface, 0, 100)
|
||||
|
||||
mm := make([]envoy.Marshaller, 0, 20)
|
||||
if doc.compose != nil {
|
||||
if tmp, err := doc.compose.MarshalEnvoy(); err != nil {
|
||||
mm = append(mm, doc.compose)
|
||||
}
|
||||
if doc.roles != nil {
|
||||
mm = append(mm, doc.roles)
|
||||
}
|
||||
if doc.users != nil {
|
||||
mm = append(mm, doc.users)
|
||||
}
|
||||
if doc.applications != nil {
|
||||
mm = append(mm, doc.applications)
|
||||
}
|
||||
if doc.settings != nil {
|
||||
mm = append(mm, doc.settings)
|
||||
}
|
||||
if doc.rbac != nil {
|
||||
mm = append(mm, doc.rbac)
|
||||
}
|
||||
if doc.users != nil {
|
||||
mm = append(mm, doc.users)
|
||||
}
|
||||
|
||||
for _, m := range mm {
|
||||
if tmp, err := m.MarshalEnvoy(); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
nn = append(nn, tmp...)
|
||||
|
||||
@ -2,6 +2,7 @@ package yaml
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/cortezaproject/corteza-server/pkg/envoy/resource"
|
||||
"github.com/cortezaproject/corteza-server/pkg/rbac"
|
||||
@ -59,10 +60,10 @@ func (rr rbacRuleSet) decodeRbac(a rbac.Access, rules *yaml.Node) (rbacRuleSet,
|
||||
res: &rbac.Rule{
|
||||
Access: a,
|
||||
Operation: rbac.Operation(op.Value),
|
||||
Resource: rbac.Resource(res),
|
||||
},
|
||||
refRole: roleRef,
|
||||
}
|
||||
rule.SetResource(res)
|
||||
rr = append(rr, rule)
|
||||
return nil
|
||||
})
|
||||
@ -85,15 +86,15 @@ func (rr rbacRuleSet) decodeRbac(a rbac.Access, rules *yaml.Node) (rbacRuleSet,
|
||||
}
|
||||
|
||||
func (rr rbacRuleSet) bindResource(resI resource.Interface) rbacRuleSet {
|
||||
res := &resource.Ref{
|
||||
ref := &resource.Ref{
|
||||
ResourceType: resI.ResourceType(),
|
||||
Identifiers: resI.Identifiers(),
|
||||
}
|
||||
|
||||
rtr := make(rbacRuleSet, 0, len(rr))
|
||||
for _, r := range rr {
|
||||
r = r
|
||||
r.resRef = res
|
||||
r.SetResource(ref.ResourceType)
|
||||
r.resRef = ref
|
||||
rtr = append(rtr, r)
|
||||
}
|
||||
|
||||
@ -132,3 +133,37 @@ func (rr rbacRuleSet) MarshalEnvoy() ([]resource.Interface, error) {
|
||||
}
|
||||
return nn, nil
|
||||
}
|
||||
|
||||
func (r *rbacRule) SetResource(res string) {
|
||||
if res == "" {
|
||||
return
|
||||
}
|
||||
|
||||
sp := ":"
|
||||
|
||||
res = strings.TrimSpace(res)
|
||||
res = strings.TrimRight(res, sp)
|
||||
rr := strings.Split(res, sp)
|
||||
|
||||
// When len is 1; only top-level defined (system, compose, messaging)
|
||||
if len(rr) == 1 {
|
||||
r.res.Resource = rbac.Resource(res)
|
||||
return
|
||||
}
|
||||
|
||||
// When len is 2; top-level and sub level defined (compose:namespace, system:user, ...)
|
||||
if len(rr) == 2 {
|
||||
r.res.Resource = rbac.Resource(res + sp)
|
||||
return
|
||||
}
|
||||
|
||||
//When len is 3; both levels defined; resource ref also provided
|
||||
if len(rr) == 3 {
|
||||
res = strings.Join(rr[0:2], sp) + sp
|
||||
r.resRef = &resource.Ref{
|
||||
ResourceType: strings.Join(rr[0:2], sp) + sp,
|
||||
Identifiers: resource.MakeIdentifiers(rr[2]),
|
||||
}
|
||||
r.res.Resource = rbac.Resource(res)
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,9 +12,6 @@ type (
|
||||
// when user is at least partially defined
|
||||
res *types.User `yaml:",inline"`
|
||||
|
||||
// all known modules on a user
|
||||
modules composeModuleSet
|
||||
|
||||
// module's RBAC rules
|
||||
rbac rbacRuleSet
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user