acl: remove Server.ResolveTokenToIdentityAndAuthorizer

This method was an alias for ACLResolver.ResolveTokenToIdentityAndAuthorizer. By removing the
method that does nothing the code becomes easier to trace.
This commit is contained in:
Daniel Nephin 2021-07-30 17:48:26 -04:00
parent 695963acb7
commit 25f40de163
4 changed files with 9 additions and 13 deletions

View File

@ -224,7 +224,7 @@ func (s *Server) ResolveRoleFromID(roleID string) (bool, *structs.ACLRole, error
}
func (s *Server) ResolveToken(token string) (acl.Authorizer, error) {
_, authz, err := s.ResolveTokenToIdentityAndAuthorizer(token)
_, authz, err := s.acls.ResolveTokenToIdentityAndAuthorizer(token)
return authz, err
}
@ -235,14 +235,10 @@ func (s *Server) ResolveTokenToIdentity(token string) (structs.ACLIdentity, erro
return s.acls.ResolveTokenToIdentity(token)
}
func (s *Server) ResolveTokenToIdentityAndAuthorizer(token string) (structs.ACLIdentity, acl.Authorizer, error) {
return s.acls.ResolveTokenToIdentityAndAuthorizer(token)
}
// ResolveTokenIdentityAndDefaultMeta retrieves an identity and authorizer for the caller,
// and populates the EnterpriseMeta based on the AuthorizerContext.
func (s *Server) ResolveTokenIdentityAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (structs.ACLIdentity, acl.Authorizer, error) {
identity, authz, err := s.ResolveTokenToIdentityAndAuthorizer(token)
identity, authz, err := s.acls.ResolveTokenToIdentityAndAuthorizer(token)
if err != nil {
return nil, nil, err
}

View File

@ -440,7 +440,7 @@ func (m *Internal) KeyringOperation(
}
// Check ACLs
identity, rule, err := m.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := m.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}

View File

@ -17,7 +17,7 @@ func (op *Operator) AutopilotGetConfiguration(args *structs.DCSpecificRequest, r
}
// This action requires operator read access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}
@ -49,7 +49,7 @@ func (op *Operator) AutopilotSetConfiguration(args *structs.AutopilotSetConfigRe
}
// This action requires operator write access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}
@ -84,7 +84,7 @@ func (op *Operator) ServerHealth(args *structs.DCSpecificRequest, reply *structs
}
// This action requires operator read access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}
@ -151,7 +151,7 @@ func (op *Operator) AutopilotState(args *structs.DCSpecificRequest, reply *autop
}
// This action requires operator read access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}

View File

@ -81,7 +81,7 @@ func (op *Operator) RaftRemovePeerByAddress(args *structs.RaftRemovePeerRequest,
// This is a super dangerous operation that requires operator write
// access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}
@ -134,7 +134,7 @@ func (op *Operator) RaftRemovePeerByID(args *structs.RaftRemovePeerRequest, repl
// This is a super dangerous operation that requires operator write
// access.
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
if err != nil {
return err
}