agent: rename test to check

agent/consul/intention_endpoint.go

@@ -254,24 +254,24 @@ func (s *Intention) Match(
 	)
 }
 
-// Test tests a source/destination and returns whether it would be allowed
+// Check tests a source/destination and returns whether it would be allowed
 // or denied based on the current ACL configuration.
 //
 // Note: Whenever the logic for this method is changed, you should take
 // a look at the agent authorize endpoint (agent/agent_endpoint.go) since
 // the logic there is similar.
-func (s *Intention) Test(
+func (s *Intention) Check(
 	args *structs.IntentionQueryRequest,
-	reply *structs.IntentionQueryTestResponse) error {
+	reply *structs.IntentionQueryCheckResponse) error {
 	// Forward maybe
-	if done, err := s.srv.forward("Intention.Test", args, args, reply); done {
+	if done, err := s.srv.forward("Intention.Check", args, args, reply); done {
 		return err
 	}
 
 	// Get the test args, and defensively guard against nil
-	query := args.Test
+	query := args.Check
 	if query == nil {
-		return errors.New("Test must be specified on args")
+		return errors.New("Check must be specified on args")
 	}
 
 	// Build the URI
@@ -322,7 +322,7 @@ func (s *Intention) Test(
 		return errors.New("internal error loading matches")
 	}
 
-	// Test the authorization for each match
+	// Check the authorization for each match
 	for _, ixn := range matches[0] {
 		if auth, ok := uri.Authorize(ixn); ok {
 			reply.Allowed = auth

agent/consul/intention_endpoint_test.go

@@ -1009,8 +1009,8 @@ service "bar" {
 	}
 }
 
-// Test the Test method defaults to allow with no ACL set.
-func TestIntentionTest_defaultNoACL(t *testing.T) {
+// Test the Check method defaults to allow with no ACL set.
+func TestIntentionCheck_defaultNoACL(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -1025,7 +1025,7 @@ func TestIntentionTest_defaultNoACL(t *testing.T) {
 	// Test
 	req := &structs.IntentionQueryRequest{
 		Datacenter: "dc1",
-		Test: &structs.IntentionQueryTest{
+		Check: &structs.IntentionQueryCheck{
 			SourceNS:        "foo",
 			SourceName:      "bar",
 			DestinationNS:   "foo",
@@ -1033,13 +1033,13 @@ func TestIntentionTest_defaultNoACL(t *testing.T) {
 			SourceType:      structs.IntentionSourceConsul,
 		},
 	}
-	var resp structs.IntentionQueryTestResponse
-	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp))
+	var resp structs.IntentionQueryCheckResponse
+	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp))
 	require.True(resp.Allowed)
 }
 
-// Test the Test method defaults to deny with whitelist ACLs.
-func TestIntentionTest_defaultACLDeny(t *testing.T) {
+// Test the Check method defaults to deny with whitelist ACLs.
+func TestIntentionCheck_defaultACLDeny(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -1055,10 +1055,10 @@ func TestIntentionTest_defaultACLDeny(t *testing.T) {
 
 	testrpc.WaitForLeader(t, s1.RPC, "dc1")
 
-	// Test
+	// Check
 	req := &structs.IntentionQueryRequest{
 		Datacenter: "dc1",
-		Test: &structs.IntentionQueryTest{
+		Check: &structs.IntentionQueryCheck{
 			SourceNS:        "foo",
 			SourceName:      "bar",
 			DestinationNS:   "foo",
@@ -1067,13 +1067,13 @@ func TestIntentionTest_defaultACLDeny(t *testing.T) {
 		},
 	}
 	req.Token = "root"
-	var resp structs.IntentionQueryTestResponse
-	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp))
+	var resp structs.IntentionQueryCheckResponse
+	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp))
 	require.False(resp.Allowed)
 }
 
-// Test the Test method defaults to deny with blacklist ACLs.
-func TestIntentionTest_defaultACLAllow(t *testing.T) {
+// Test the Check method defaults to deny with blacklist ACLs.
+func TestIntentionCheck_defaultACLAllow(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -1089,10 +1089,10 @@ func TestIntentionTest_defaultACLAllow(t *testing.T) {
 
 	testrpc.WaitForLeader(t, s1.RPC, "dc1")
 
-	// Test
+	// Check
 	req := &structs.IntentionQueryRequest{
 		Datacenter: "dc1",
-		Test: &structs.IntentionQueryTest{
+		Check: &structs.IntentionQueryCheck{
 			SourceNS:        "foo",
 			SourceName:      "bar",
 			DestinationNS:   "foo",
@@ -1101,13 +1101,13 @@ func TestIntentionTest_defaultACLAllow(t *testing.T) {
 		},
 	}
 	req.Token = "root"
-	var resp structs.IntentionQueryTestResponse
-	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp))
+	var resp structs.IntentionQueryCheckResponse
+	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp))
 	require.True(resp.Allowed)
 }
 
-// Test the Test method requires service:read permission.
-func TestIntentionTest_aclDeny(t *testing.T) {
+// Test the Check method requires service:read permission.
+func TestIntentionCheck_aclDeny(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -1144,10 +1144,10 @@ service "bar" {
 		require.Nil(msgpackrpc.CallWithCodec(codec, "ACL.Apply", &req, &token))
 	}
 
-	// Test
+	// Check
 	req := &structs.IntentionQueryRequest{
 		Datacenter: "dc1",
-		Test: &structs.IntentionQueryTest{
+		Check: &structs.IntentionQueryCheck{
 			SourceNS:        "foo",
 			SourceName:      "qux",
 			DestinationNS:   "foo",
@@ -1156,13 +1156,13 @@ service "bar" {
 		},
 	}
 	req.Token = token
-	var resp structs.IntentionQueryTestResponse
-	err := msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp)
+	var resp structs.IntentionQueryCheckResponse
+	err := msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp)
 	require.True(acl.IsErrPermissionDenied(err))
 }
 
-// Test the Test method returns allow/deny properly.
-func TestIntentionTest_match(t *testing.T) {
+// Test the Check method returns allow/deny properly.
+func TestIntentionCheck_match(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -1227,10 +1227,10 @@ service "bar" {
 		}
 	}
 
-	// Test
+	// Check
 	req := &structs.IntentionQueryRequest{
 		Datacenter: "dc1",
-		Test: &structs.IntentionQueryTest{
+		Check: &structs.IntentionQueryCheck{
 			SourceNS:        "foo",
 			SourceName:      "qux",
 			DestinationNS:   "foo",
@@ -1239,15 +1239,15 @@ service "bar" {
 		},
 	}
 	req.Token = token
-	var resp structs.IntentionQueryTestResponse
-	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp))
+	var resp structs.IntentionQueryCheckResponse
+	require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp))
 	require.True(resp.Allowed)
 
 	// Test no match for sanity
 	{
 		req := &structs.IntentionQueryRequest{
 			Datacenter: "dc1",
-			Test: &structs.IntentionQueryTest{
+			Check: &structs.IntentionQueryCheck{
 				SourceNS:        "baz",
 				SourceName:      "qux",
 				DestinationNS:   "foo",
@@ -1256,8 +1256,8 @@ service "bar" {
 			},
 		}
 		req.Token = token
-		var resp structs.IntentionQueryTestResponse
-		require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Test", req, &resp))
+		var resp structs.IntentionQueryCheckResponse
+		require.Nil(msgpackrpc.CallWithCodec(codec, "Intention.Check", req, &resp))
 		require.False(resp.Allowed)
 	}
 }

agent/http_oss.go

@@ -48,7 +48,7 @@ func init() {
 	registerEndpoint("/v1/connect/ca/roots", []string{"GET"}, (*HTTPServer).ConnectCARoots)
 	registerEndpoint("/v1/connect/intentions", []string{"GET", "POST"}, (*HTTPServer).IntentionEndpoint)
 	registerEndpoint("/v1/connect/intentions/match", []string{"GET"}, (*HTTPServer).IntentionMatch)
-	registerEndpoint("/v1/connect/intentions/test", []string{"GET"}, (*HTTPServer).IntentionTest)
+	registerEndpoint("/v1/connect/intentions/check", []string{"GET"}, (*HTTPServer).IntentionCheck)
 	registerEndpoint("/v1/connect/intentions/", []string{"GET", "PUT", "DELETE"}, (*HTTPServer).IntentionSpecific)
 	registerEndpoint("/v1/coordinate/datacenters", []string{"GET"}, (*HTTPServer).CoordinateDatacenters)
 	registerEndpoint("/v1/coordinate/nodes", []string{"GET"}, (*HTTPServer).CoordinateNodes)

agent/intentions_endpoint.go

@@ -123,9 +123,9 @@ func (s *HTTPServer) IntentionMatch(resp http.ResponseWriter, req *http.Request)
 }
 
 // GET /v1/connect/intentions/test
-func (s *HTTPServer) IntentionTest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
+func (s *HTTPServer) IntentionCheck(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
 	// Prepare args
-	args := &structs.IntentionQueryRequest{Test: &structs.IntentionQueryTest{}}
+	args := &structs.IntentionQueryRequest{Check: &structs.IntentionQueryCheck{}}
 	if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
 		return nil, nil
 	}
@@ -133,9 +133,9 @@ func (s *HTTPServer) IntentionTest(resp http.ResponseWriter, req *http.Request)
 	q := req.URL.Query()
 
 	// Set the source type if set
-	args.Test.SourceType = structs.IntentionSourceConsul
+	args.Check.SourceType = structs.IntentionSourceConsul
 	if sourceType, ok := q["source-type"]; ok && len(sourceType) > 0 {
-		args.Test.SourceType = structs.IntentionSourceType(sourceType[0])
+		args.Check.SourceType = structs.IntentionSourceType(sourceType[0])
 	}
 
 	// Extract the source/destination
@@ -149,14 +149,14 @@ func (s *HTTPServer) IntentionTest(resp http.ResponseWriter, req *http.Request)
 	}
 
 	// We parse them the same way as matches to extract namespace/name
-	args.Test.SourceName = source[0]
-	if args.Test.SourceType == structs.IntentionSourceConsul {
+	args.Check.SourceName = source[0]
+	if args.Check.SourceType == structs.IntentionSourceConsul {
 		entry, err := parseIntentionMatchEntry(source[0])
 		if err != nil {
 			return nil, fmt.Errorf("source %q is invalid: %s", source[0], err)
 		}
-		args.Test.SourceNS = entry.Namespace
-		args.Test.SourceName = entry.Name
+		args.Check.SourceNS = entry.Namespace
+		args.Check.SourceName = entry.Name
 	}
 
 	// The destination is always in the Consul format
@@ -164,11 +164,11 @@ func (s *HTTPServer) IntentionTest(resp http.ResponseWriter, req *http.Request)
 	if err != nil {
 		return nil, fmt.Errorf("destination %q is invalid: %s", destination[0], err)
 	}
-	args.Test.DestinationNS = entry.Namespace
-	args.Test.DestinationName = entry.Name
+	args.Check.DestinationNS = entry.Namespace
+	args.Check.DestinationName = entry.Name
 
-	var reply structs.IntentionQueryTestResponse
-	if err := s.agent.RPC("Intention.Test", args, &reply); err != nil {
+	var reply structs.IntentionQueryCheckResponse
+	if err := s.agent.RPC("Intention.Check", args, &reply); err != nil {
 		return nil, err
 	}
 

agent/intentions_endpoint_test.go

@@ -181,7 +181,7 @@ func TestIntentionsMatch_noName(t *testing.T) {
 	assert.Nil(obj)
 }
 
-func TestIntentionsTest_basic(t *testing.T) {
+func TestIntentionsCheck_basic(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -219,9 +219,9 @@ func TestIntentionsTest_basic(t *testing.T) {
 		req, _ := http.NewRequest("GET",
 			"/v1/connect/intentions/test?source=foo/bar&destination=foo/baz", nil)
 		resp := httptest.NewRecorder()
-		obj, err := a.srv.IntentionTest(resp, req)
+		obj, err := a.srv.IntentionCheck(resp, req)
 		require.Nil(err)
-		value := obj.(*structs.IntentionQueryTestResponse)
+		value := obj.(*structs.IntentionQueryCheckResponse)
 		require.False(value.Allowed)
 	}
 
@@ -230,14 +230,14 @@ func TestIntentionsTest_basic(t *testing.T) {
 		req, _ := http.NewRequest("GET",
 			"/v1/connect/intentions/test?source=foo/bar&destination=bar/qux", nil)
 		resp := httptest.NewRecorder()
-		obj, err := a.srv.IntentionTest(resp, req)
+		obj, err := a.srv.IntentionCheck(resp, req)
 		require.Nil(err)
-		value := obj.(*structs.IntentionQueryTestResponse)
+		value := obj.(*structs.IntentionQueryCheckResponse)
 		require.True(value.Allowed)
 	}
 }
 
-func TestIntentionsTest_noSource(t *testing.T) {
+func TestIntentionsCheck_noSource(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -248,13 +248,13 @@ func TestIntentionsTest_noSource(t *testing.T) {
 	req, _ := http.NewRequest("GET",
 		"/v1/connect/intentions/test?destination=B", nil)
 	resp := httptest.NewRecorder()
-	obj, err := a.srv.IntentionTest(resp, req)
+	obj, err := a.srv.IntentionCheck(resp, req)
 	require.NotNil(err)
 	require.Contains(err.Error(), "'source' not set")
 	require.Nil(obj)
 }
 
-func TestIntentionsTest_noDestination(t *testing.T) {
+func TestIntentionsCheck_noDestination(t *testing.T) {
 	t.Parallel()
 
 	require := require.New(t)
@@ -265,7 +265,7 @@ func TestIntentionsTest_noDestination(t *testing.T) {
 	req, _ := http.NewRequest("GET",
 		"/v1/connect/intentions/test?source=B", nil)
 	resp := httptest.NewRecorder()
-	obj, err := a.srv.IntentionTest(resp, req)
+	obj, err := a.srv.IntentionCheck(resp, req)
 	require.NotNil(err)
 	require.Contains(err.Error(), "'destination' not set")
 	require.Nil(obj)

agent/structs/intention.go

@@ -261,9 +261,9 @@ type IntentionQueryRequest struct {
 	// resolving wildcards.
 	Match *IntentionQueryMatch
 
-	// Test is non-nil if we're performing a test query. A test will
+	// Check is non-nil if we're performing a test query. A test will
 	// return allowed/deny based on an exact match.
-	Test *IntentionQueryTest
+	Check *IntentionQueryCheck
 
 	// Options for queries
 	QueryOptions
@@ -317,8 +317,8 @@ type IntentionMatchEntry struct {
 	Name      string
 }
 
-// IntentionQueryTest are the parameters for performing a test request.
-type IntentionQueryTest struct {
+// IntentionQueryCheck are the parameters for performing a test request.
+type IntentionQueryCheck struct {
 	// SourceNS, SourceName, DestinationNS, and DestinationName are the
 	// source and namespace, respectively, for the test. These must be
 	// exact values.
@@ -332,12 +332,12 @@ type IntentionQueryTest struct {
 // GetACLPrefix returns the prefix to look up the ACL policy for this
 // request, and a boolean noting whether the prefix is valid to check
 // or not. You must check the ok value before using the prefix.
-func (q *IntentionQueryTest) GetACLPrefix() (string, bool) {
+func (q *IntentionQueryCheck) GetACLPrefix() (string, bool) {
 	return q.DestinationName, q.DestinationName != ""
 }
 
-// IntentionQueryTestResponse is the response for a test request.
-type IntentionQueryTestResponse struct {
+// IntentionQueryCheckResponse is the response for a test request.
+type IntentionQueryCheckResponse struct {
 	Allowed bool
 }