auth

Paddy 2015-04-11 Parent:3e8964a914ef Child:73e12d5a1124

157:202e991accc2 Go to Latest

auth/scope.go

Wire up the postgres database for authd. Have authd use the AUTH_PG_DB environment variable to detect support for the postgres *Stores, and if postgres is supported, use it. If postgres isn't supported, fall back on the in-memory store. Also create-if-not-exists the test scopes, instead of panicking when the scope already exists.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "errors"
5 "sort"
6 )
7
8 var (
9 ErrNoScopeStore = errors.New("scopeStore not set in Context")
10 ErrScopeNotFound = errors.New("scope not found")
11 ErrScopeAlreadyExists = errors.New("scope already exists")
12 )
13
14 // Scope represents a limit on the access that a grant provides.
15 type Scope struct {
16 ID string
17 Name string
18 Description string
19 }
20
21 func (s *Scope) ApplyChange(change ScopeChange) {
22 if change.Name != nil {
23 s.Name = *change.Name
24 }
25 if change.Description != nil {
26 s.Description = *change.Description
27 }
28 }
29
30 type sortedScopes []Scope
31
32 func (s sortedScopes) Len() int {
33 return len(s)
34 }
35
36 func (s sortedScopes) Swap(i, j int) {
37 s[i], s[j] = s[j], s[i]
38 }
39
40 func (s sortedScopes) Less(i, j int) bool {
41 return s[i].ID < s[j].ID
42 }
43
44 // ScopeChange represents a change to a Scope.
45 type ScopeChange struct {
46 Name *string
47 Description *string
48 }
49
50 func (s ScopeChange) Empty() bool {
51 return s.Name == nil && s.Description == nil
52 }
53
54 type scopeStore interface {
55 createScopes(scopes []Scope) error
56 getScopes(ids []string) ([]Scope, error)
57 updateScope(id string, change ScopeChange) error
58 removeScopes(ids []string) error
59 listScopes() ([]Scope, error)
60 }
61
62 func (m *memstore) createScopes(scopes []Scope) error {
63 m.scopeLock.Lock()
64 defer m.scopeLock.Unlock()
65
66 for _, scope := range scopes {
67 if _, ok := m.scopes[scope.ID]; ok {
68 return ErrScopeAlreadyExists
69 }
70 }
71 for _, scope := range scopes {
72 m.scopes[scope.ID] = scope
73 }
74 return nil
75 }
76
77 func (m *memstore) getScopes(ids []string) ([]Scope, error) {
78 m.scopeLock.RLock()
79 defer m.scopeLock.RUnlock()
80
81 scopes := []Scope{}
82 for _, id := range ids {
83 scope, ok := m.scopes[id]
84 if !ok {
85 continue
86 }
87 scopes = append(scopes, scope)
88 }
89 sorted := sortedScopes(scopes)
90 sort.Sort(sorted)
91 scopes = sorted
92 return scopes, nil
93 }
94
95 func (m *memstore) updateScope(id string, change ScopeChange) error {
96 m.scopeLock.Lock()
97 defer m.scopeLock.Unlock()
98
99 scope, ok := m.scopes[id]
100 if !ok {
101 return ErrScopeNotFound
102 }
103 scope.ApplyChange(change)
104 m.scopes[id] = scope
105 return nil
106 }
107
108 func (m *memstore) removeScopes(ids []string) error {
109 m.scopeLock.Lock()
110 defer m.scopeLock.Unlock()
111
112 for _, id := range ids {
113 if _, ok := m.scopes[id]; !ok {
114 return ErrScopeNotFound
115 }
116 }
117 for _, id := range ids {
118 delete(m.scopes, id)
119 }
120 return nil
121 }
122
123 func (m *memstore) listScopes() ([]Scope, error) {
124 m.scopeLock.RLock()
125 defer m.scopeLock.RUnlock()
126
127 scopes := []Scope{}
128 for _, scope := range m.scopes {
129 scopes = append(scopes, scope)
130 }
131 sorted := sortedScopes(scopes)
132 sort.Sort(sorted)
133 scopes = sorted
134 return scopes, nil
135 }