Rework acl exports interface

2021-10-27 10:47:57 -06:00 · 2021-10-27 10:47:57 -06:00 · 592965d61e
parent b290dbba89
commit 592965d61e
4 changed files with 28 additions and 7 deletions
--- a/acl/acl.go
+++ b/acl/acl.go
@ -14,9 +14,13 @@ type Config struct {
 	EnterpriseConfig
 }

-type PartitionExportInfo interface {
-	// DownstreamPartitions returns the list of partitions the given service has been exported to.
-	DownstreamPartitions(service string, anyService bool, ctx *AuthorizerContext) []string
+type ExportFetcher interface {
+	// ExportsForPartition returns the config entry defining exports for a partition
+	ExportsForPartition(partition string) PartitionExports
+}
+
+type PartitionExports struct {
+	Data map[string]map[string][]string
 }

 // GetWildcardName will retrieve the configured wildcard name or provide a default
--- a/agent/consul/acl.go
+++ b/agent/consul/acl.go
@ -1906,6 +1906,6 @@ func filterACL(r *ACLResolver, token string, subj interface{}) error {

 type partitionInfoNoop struct{}

-func (p *partitionInfoNoop) DownstreamPartitions(service string, anyService bool, ctx *acl.AuthorizerContext) []string {
-	return []string{}
+func (p *partitionInfoNoop) ExportsForPartition(partition string) acl.PartitionExports {
+	return acl.PartitionExports{}
 }
--- a/agent/consul/acl_oss.go
+++ b/agent/consul/acl_oss.go
@ -15,11 +15,11 @@ func (s *Server) replicationEnterpriseMeta() *structs.EnterpriseMeta {
 	return structs.ReplicationEnterpriseMeta()
 }

-func serverPartitionInfo(s *Server) acl.PartitionExportInfo {
+func serverPartitionInfo(s *Server) acl.ExportFetcher {
 	return &partitionInfoNoop{}
 }

-func newACLConfig(_ acl.PartitionExportInfo, _ hclog.Logger) *acl.Config {
+func newACLConfig(_ acl.ExportFetcher, _ hclog.Logger) *acl.Config {
 	return &acl.Config{
 		WildcardName: structs.WildcardSpecifier,
 	}
--- a/agent/structs/config_entry_exports.go
+++ b/agent/structs/config_entry_exports.go
@ -39,6 +39,23 @@ type ServiceConsumer struct {
 	Partition string
 }

+func (e *PartitionExportsConfigEntry) ToMap() map[string]map[string][]string {
+	resp := make(map[string]map[string][]string)
+	for _, svc := range e.Services {
+		if _, ok := resp[svc.Namespace]; !ok {
+			resp[svc.Namespace] = make(map[string][]string)
+		}
+		if _, ok := resp[svc.Namespace][svc.Name]; !ok {
+			consumers := make([]string, 0, len(svc.Consumers))
+			for _, c := range svc.Consumers {
+				consumers = append(consumers, c.Partition)
+			}
+			resp[svc.Namespace][svc.Name] = consumers
+		}
+	}
+	return resp
+}
+
 func (e *PartitionExportsConfigEntry) Clone() *PartitionExportsConfigEntry {
 	e2 := *e
 	e2.Services = make([]ExportedService, len(e.Services))