2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2022-09-26 16:50:17 +00:00
|
|
|
package proxycfgglue
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/hashicorp/go-memdb"
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/acl"
|
|
|
|
"github.com/hashicorp/consul/agent/cache"
|
|
|
|
cachetype "github.com/hashicorp/consul/agent/cache-types"
|
|
|
|
"github.com/hashicorp/consul/agent/consul/watch"
|
|
|
|
"github.com/hashicorp/consul/agent/proxycfg"
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
2023-02-17 21:14:46 +00:00
|
|
|
"github.com/hashicorp/consul/proto/private/pbpeering"
|
2022-09-26 16:50:17 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// CachePeeringList satisfies the proxycfg.PeeringList interface by sourcing
|
|
|
|
// data from the agent cache.
|
|
|
|
func CachePeeringList(c *cache.Cache) proxycfg.PeeringList {
|
|
|
|
return &cacheProxyDataSource[*cachetype.PeeringListRequest]{c, cachetype.PeeringListName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerPeeringList satisfies the proxycfg.PeeringList interface by sourcing
|
|
|
|
// data from a blocking query against the server's state store.
|
|
|
|
func ServerPeeringList(deps ServerDataSourceDeps) proxycfg.PeeringList {
|
|
|
|
return &serverPeeringList{deps}
|
|
|
|
}
|
|
|
|
|
|
|
|
type serverPeeringList struct {
|
|
|
|
deps ServerDataSourceDeps
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *serverPeeringList) Notify(ctx context.Context, req *cachetype.PeeringListRequest, correlationID string, ch chan<- proxycfg.UpdateEvent) error {
|
|
|
|
entMeta := structs.DefaultEnterpriseMetaInPartition(req.Request.Partition)
|
|
|
|
|
|
|
|
return watch.ServerLocalNotify(ctx, correlationID, s.deps.GetStore,
|
|
|
|
func(ws memdb.WatchSet, store Store) (uint64, *pbpeering.PeeringListResponse, error) {
|
|
|
|
var authzCtx acl.AuthorizerContext
|
|
|
|
authz, err := s.deps.ACLResolver.ResolveTokenAndDefaultMeta(req.Token, entMeta, &authzCtx)
|
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
if err := authz.ToAllowAuthorizer().PeeringReadAllowed(&authzCtx); err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
index, peerings, err := store.PeeringList(ws, *entMeta)
|
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
return index, &pbpeering.PeeringListResponse{
|
|
|
|
Index: index,
|
|
|
|
Peerings: peerings,
|
|
|
|
}, nil
|
|
|
|
},
|
|
|
|
dispatchBlockingQueryUpdate[*pbpeering.PeeringListResponse](ch),
|
|
|
|
)
|
|
|
|
}
|