influxdb/prometheus/auth_service.go

package prometheus

import (
	"context"
	"fmt"
	"time"

	"github.com/influxdata/platform"
	"github.com/prometheus/client_golang/prometheus"
)

// AuthorizationService manages authorizations.
type AuthorizationService struct {
	requestCount         *prometheus.CounterVec
	requestDuration      *prometheus.HistogramVec
	AuthorizationService platform.AuthorizationService
}

// NewAuthorizationService creates an instance of AuthorizationService.
func NewAuthorizationService() *AuthorizationService {
	// TODO: what to make these values
	namespace := "auth"
	subsystem := "prometheus"
	s := &AuthorizationService{
		requestCount: prometheus.NewCounterVec(prometheus.CounterOpts{
			Namespace: namespace,
			Subsystem: subsystem,
			Name:      "requests_total",
			Help:      "Number of http requests received",
		}, []string{"method", "error"}),
		requestDuration: prometheus.NewHistogramVec(prometheus.HistogramOpts{
			Namespace: namespace,
			Subsystem: subsystem,
			Name:      "request_duration_seconds",
			Help:      "Time taken to respond to HTTP request",
			// TODO(desa): determine what spacing these buckets should have.
			Buckets: prometheus.ExponentialBuckets(0.001, 1.5, 25),
		}, []string{"method", "error"}),
	}

	return s
}

// FindAuthorizationByID returns an authorization given a id, records function call latency, and counts function calls.
func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (a *platform.Authorization, err error) {
	defer func(start time.Time) {
		labels := prometheus.Labels{
			"method": "FindAuthorizationByID",
			"error":  fmt.Sprint(err != nil),
		}
		s.requestCount.With(labels).Add(1)
		s.requestDuration.With(labels).Observe(time.Since(start).Seconds())
	}(time.Now())
	return s.AuthorizationService.FindAuthorizationByID(ctx, id)
}

// FindAuthorizationByToken returns an authorization given a token, records function call latency, and counts function calls.
func (s *AuthorizationService) FindAuthorizationByToken(ctx context.Context, t string) (a *platform.Authorization, err error) {
	defer func(start time.Time) {
		labels := prometheus.Labels{
			"method": "FindAuthorizationByToken",
			"error":  fmt.Sprint(err != nil),
		}
		s.requestCount.With(labels).Add(1)
		s.requestDuration.With(labels).Observe(time.Since(start).Seconds())
	}(time.Now())
	return s.AuthorizationService.FindAuthorizationByToken(ctx, t)
}

// FindAuthorizations returns authorizations given a filter, records function call latency, and counts function calls.
func (s *AuthorizationService) FindAuthorizations(ctx context.Context, filter platform.AuthorizationFilter, opt ...platform.FindOptions) (as []*platform.Authorization, i int, err error) {
	defer func(start time.Time) {
		labels := prometheus.Labels{
			"method": "FindAuthorizations",
			"error":  fmt.Sprint(err != nil),
		}
		s.requestCount.With(labels).Add(1)
		s.requestDuration.With(labels).Observe(time.Since(start).Seconds())
	}(time.Now())

	return s.AuthorizationService.FindAuthorizations(ctx, filter, opt...)
}

// CreateAuthorization creates an authorization, records function call latency, and counts function calls.
func (s *AuthorizationService) CreateAuthorization(ctx context.Context, a *platform.Authorization) (err error) {
	defer func(start time.Time) {
		labels := prometheus.Labels{
			"method": "CreateAuthorization",
			"error":  fmt.Sprint(err != nil),
		}
		s.requestCount.With(labels).Add(1)
		s.requestDuration.With(labels).Observe(time.Since(start).Seconds())
	}(time.Now())

	return s.AuthorizationService.CreateAuthorization(ctx, a)
}

// DeleteAuthorization deletes an authorization, records function call latency, and counts function calls.
func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) (err error) {
	defer func(start time.Time) {
		labels := prometheus.Labels{
			"method": "DeleteAuthorization",
			"error":  fmt.Sprint(err != nil),
		}
		s.requestCount.With(labels).Add(1)
		s.requestDuration.With(labels).Observe(time.Since(start).Seconds())
	}(time.Now())

	return s.AuthorizationService.DeleteAuthorization(ctx, id)
}

func (s *AuthorizationService) PrometheusCollectors() []prometheus.Collector {
	return []prometheus.Collector{
		s.requestCount,
		s.requestDuration,
	}
}
migrate(platform): move public dependencies into platform migrate(context): move context package to platform migrate(kit/errors): move errors package to platform migrate(mock): move mock package to platform migrate(prometheus): move prometheus package to platform migrate(rand): move rand package to platform migrate(snowflake): move snowflake package to platform migrate(testing): move testing package to platform migrate(zap): move zap package to platform migrate(http): move http package to platform migrate(platform): rename base package idpe to platform git(base): add gitignore dep: add dependencies migrate(platform): remove consumer.go migrate(platform): make secret things private again 2018-05-14 16:26:38 +00:00			`package prometheus`

			`import (`
			`"context"`
			`"fmt"`
			`"time"`

			`"github.com/influxdata/platform"`
			`"github.com/prometheus/client_golang/prometheus"`
			`)`

			`// AuthorizationService manages authorizations.`
			`type AuthorizationService struct {`
			`requestCount *prometheus.CounterVec`
			`requestDuration *prometheus.HistogramVec`
			`AuthorizationService platform.AuthorizationService`
			`}`

			`// NewAuthorizationService creates an instance of AuthorizationService.`
			`func NewAuthorizationService() *AuthorizationService {`
			`// TODO: what to make these values`
			`namespace := "auth"`
			`subsystem := "prometheus"`
			`s := &AuthorizationService{`
			`requestCount: prometheus.NewCounterVec(prometheus.CounterOpts{`
			`Namespace: namespace,`
			`Subsystem: subsystem,`
			`Name: "requests_total",`
			`Help: "Number of http requests received",`
			`}, []string{"method", "error"}),`
			`requestDuration: prometheus.NewHistogramVec(prometheus.HistogramOpts{`
			`Namespace: namespace,`
			`Subsystem: subsystem,`
			`Name: "request_duration_seconds",`
			`Help: "Time taken to respond to HTTP request",`
			`// TODO(desa): determine what spacing these buckets should have.`
			`Buckets: prometheus.ExponentialBuckets(0.001, 1.5, 25),`
			`}, []string{"method", "error"}),`
			`}`

			`return s`
			`}`

feat(platform): add boltdb implementation of services feat(platform): add id to authorization feat(platform): add user arg to CreateAuthorization method on auth svc migrate(platform): move idp command to platform directory This comit did not move the ifql command as it depends on the query service which has yet to be migrated. feat(platform): add optional user name to authorization struct feat(platform): add organization name to bucket struct Additionally allow filtering buckets by organization name. feat(prom): ensure that prom auth svc implement base interface feat(prometheus): add user to create authorization method feat(prom): drop user string from create authorization feat(zap): ensure that zap auth svc implements base service interface feat(zap): add user to create authorization method feat(zap): drop user string from create authorization feat(http): add ids to authorization service feat(http): ensure that http authoriztaion service implements auth svc interface feat(http): use authorization ids in authorization handler squash(http): add check for http status accepted in authorization service feat(http): clean up authorization service and handlers feat(http): drop user string from create authorization fix(http): normalize the http authorization service feat(http): normalize bucket service and handler methods Additonally, we added support for DELETE bucket feat(http): add delete user handler Additionally, there was a bit of general cleanup feat(http): add delete route for organization handler and service Did a bit of additional cleanup of the http code. test(testing): add service conformance tests test(testing): add organization service conformance tests test(testing): add conformance test for orgs service Additionally, there was a bit of cleanup in the users service tests test(testing): add conformance test for authorizations service test(testing): update auth tests to validate that user exists test(testing): update authorization conformance tests with user name test(testing): update bucket conformance tests to include organizations feat(bolt): add bolt implementation services feat(bolt): add bolt implementation of organization service feat(bolt): add bolt implementation of users service feat(bolt): add bolt implementation of authorization service feat(bolt): add user to create authorization method feat(bolt): drop user string from create authorization fix(bolt): set user name on authorization after put feat(bolt): update bucket servie to include organizations feat(bolt): add dependent destroy of resources feat(cmd/idpd): use bolt services in platform server feat(cmd/idpd): use bolt organization service in platform server feat(cmd/idpd): use bolt users service in plaform server feat(cmd/idpd): use bolt client as authorization service feat(cmd/idp): show user name in output of auth sub command feat(cmd/idp): clean up bucket subcommand of idp command fix(cmd/idp): normalize idp command output for users fix(cmd/idp): normalize auth subcommand output feat(cmd/idp): add support for delete organiztion command migrate(idp): move ifql subcommand of idp to platform 2018-05-16 18:59:35 +00:00			`// FindAuthorizationByID returns an authorization given a id, records function call latency, and counts function calls.`
			`func (s AuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (a platform.Authorization, err error) {`
			`defer func(start time.Time) {`
			`labels := prometheus.Labels{`
chore(prometheus): don't use global prometheus registry And add tests. 2018-07-11 22:30:07 +00:00			`"method": "FindAuthorizationByID",`
feat(platform): add boltdb implementation of services feat(platform): add id to authorization feat(platform): add user arg to CreateAuthorization method on auth svc migrate(platform): move idp command to platform directory This comit did not move the ifql command as it depends on the query service which has yet to be migrated. feat(platform): add optional user name to authorization struct feat(platform): add organization name to bucket struct Additionally allow filtering buckets by organization name. feat(prom): ensure that prom auth svc implement base interface feat(prometheus): add user to create authorization method feat(prom): drop user string from create authorization feat(zap): ensure that zap auth svc implements base service interface feat(zap): add user to create authorization method feat(zap): drop user string from create authorization feat(http): add ids to authorization service feat(http): ensure that http authoriztaion service implements auth svc interface feat(http): use authorization ids in authorization handler squash(http): add check for http status accepted in authorization service feat(http): clean up authorization service and handlers feat(http): drop user string from create authorization fix(http): normalize the http authorization service feat(http): normalize bucket service and handler methods Additonally, we added support for DELETE bucket feat(http): add delete user handler Additionally, there was a bit of general cleanup feat(http): add delete route for organization handler and service Did a bit of additional cleanup of the http code. test(testing): add service conformance tests test(testing): add organization service conformance tests test(testing): add conformance test for orgs service Additionally, there was a bit of cleanup in the users service tests test(testing): add conformance test for authorizations service test(testing): update auth tests to validate that user exists test(testing): update authorization conformance tests with user name test(testing): update bucket conformance tests to include organizations feat(bolt): add bolt implementation services feat(bolt): add bolt implementation of organization service feat(bolt): add bolt implementation of users service feat(bolt): add bolt implementation of authorization service feat(bolt): add user to create authorization method feat(bolt): drop user string from create authorization fix(bolt): set user name on authorization after put feat(bolt): update bucket servie to include organizations feat(bolt): add dependent destroy of resources feat(cmd/idpd): use bolt services in platform server feat(cmd/idpd): use bolt organization service in platform server feat(cmd/idpd): use bolt users service in plaform server feat(cmd/idpd): use bolt client as authorization service feat(cmd/idp): show user name in output of auth sub command feat(cmd/idp): clean up bucket subcommand of idp command fix(cmd/idp): normalize idp command output for users fix(cmd/idp): normalize auth subcommand output feat(cmd/idp): add support for delete organiztion command migrate(idp): move ifql subcommand of idp to platform 2018-05-16 18:59:35 +00:00			`"error": fmt.Sprint(err != nil),`
			`}`
			`s.requestCount.With(labels).Add(1)`
			`s.requestDuration.With(labels).Observe(time.Since(start).Seconds())`
			`}(time.Now())`
			`return s.AuthorizationService.FindAuthorizationByID(ctx, id)`
			`}`

migrate(platform): move public dependencies into platform migrate(context): move context package to platform migrate(kit/errors): move errors package to platform migrate(mock): move mock package to platform migrate(prometheus): move prometheus package to platform migrate(rand): move rand package to platform migrate(snowflake): move snowflake package to platform migrate(testing): move testing package to platform migrate(zap): move zap package to platform migrate(http): move http package to platform migrate(platform): rename base package idpe to platform git(base): add gitignore dep: add dependencies migrate(platform): remove consumer.go migrate(platform): make secret things private again 2018-05-14 16:26:38 +00:00			`// FindAuthorizationByToken returns an authorization given a token, records function call latency, and counts function calls.`
			`func (s AuthorizationService) FindAuthorizationByToken(ctx context.Context, t string) (a platform.Authorization, err error) {`
			`defer func(start time.Time) {`
			`labels := prometheus.Labels{`
chore(prometheus): don't use global prometheus registry And add tests. 2018-07-11 22:30:07 +00:00			`"method": "FindAuthorizationByToken",`
migrate(platform): move public dependencies into platform migrate(context): move context package to platform migrate(kit/errors): move errors package to platform migrate(mock): move mock package to platform migrate(prometheus): move prometheus package to platform migrate(rand): move rand package to platform migrate(snowflake): move snowflake package to platform migrate(testing): move testing package to platform migrate(zap): move zap package to platform migrate(http): move http package to platform migrate(platform): rename base package idpe to platform git(base): add gitignore dep: add dependencies migrate(platform): remove consumer.go migrate(platform): make secret things private again 2018-05-14 16:26:38 +00:00			`"error": fmt.Sprint(err != nil),`
			`}`
			`s.requestCount.With(labels).Add(1)`
			`s.requestDuration.With(labels).Observe(time.Since(start).Seconds())`
			`}(time.Now())`
			`return s.AuthorizationService.FindAuthorizationByToken(ctx, t)`
			`}`

			`// FindAuthorizations returns authorizations given a filter, records function call latency, and counts function calls.`
			`func (s AuthorizationService) FindAuthorizations(ctx context.Context, filter platform.AuthorizationFilter, opt ...platform.FindOptions) (as []platform.Authorization, i int, err error) {`
			`defer func(start time.Time) {`
			`labels := prometheus.Labels{`
			`"method": "FindAuthorizations",`
			`"error": fmt.Sprint(err != nil),`
			`}`
			`s.requestCount.With(labels).Add(1)`
			`s.requestDuration.With(labels).Observe(time.Since(start).Seconds())`
			`}(time.Now())`

			`return s.AuthorizationService.FindAuthorizations(ctx, filter, opt...)`
			`}`

			`// CreateAuthorization creates an authorization, records function call latency, and counts function calls.`
			`func (s AuthorizationService) CreateAuthorization(ctx context.Context, a platform.Authorization) (err error) {`
			`defer func(start time.Time) {`
			`labels := prometheus.Labels{`
			`"method": "CreateAuthorization",`
			`"error": fmt.Sprint(err != nil),`
			`}`
			`s.requestCount.With(labels).Add(1)`
			`s.requestDuration.With(labels).Observe(time.Since(start).Seconds())`
			`}(time.Now())`

			`return s.AuthorizationService.CreateAuthorization(ctx, a)`
			`}`

			`// DeleteAuthorization deletes an authorization, records function call latency, and counts function calls.`
Refinements to delete authorization refactoring and tests 2018-07-25 15:26:45 +00:00			`func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) (err error) {`
migrate(platform): move public dependencies into platform migrate(context): move context package to platform migrate(kit/errors): move errors package to platform migrate(mock): move mock package to platform migrate(prometheus): move prometheus package to platform migrate(rand): move rand package to platform migrate(snowflake): move snowflake package to platform migrate(testing): move testing package to platform migrate(zap): move zap package to platform migrate(http): move http package to platform migrate(platform): rename base package idpe to platform git(base): add gitignore dep: add dependencies migrate(platform): remove consumer.go migrate(platform): make secret things private again 2018-05-14 16:26:38 +00:00			`defer func(start time.Time) {`
			`labels := prometheus.Labels{`
			`"method": "DeleteAuthorization",`
			`"error": fmt.Sprint(err != nil),`
			`}`
			`s.requestCount.With(labels).Add(1)`
			`s.requestDuration.With(labels).Observe(time.Since(start).Seconds())`
			`}(time.Now())`

feat(platform): add boltdb implementation of services feat(platform): add id to authorization feat(platform): add user arg to CreateAuthorization method on auth svc migrate(platform): move idp command to platform directory This comit did not move the ifql command as it depends on the query service which has yet to be migrated. feat(platform): add optional user name to authorization struct feat(platform): add organization name to bucket struct Additionally allow filtering buckets by organization name. feat(prom): ensure that prom auth svc implement base interface feat(prometheus): add user to create authorization method feat(prom): drop user string from create authorization feat(zap): ensure that zap auth svc implements base service interface feat(zap): add user to create authorization method feat(zap): drop user string from create authorization feat(http): add ids to authorization service feat(http): ensure that http authoriztaion service implements auth svc interface feat(http): use authorization ids in authorization handler squash(http): add check for http status accepted in authorization service feat(http): clean up authorization service and handlers feat(http): drop user string from create authorization fix(http): normalize the http authorization service feat(http): normalize bucket service and handler methods Additonally, we added support for DELETE bucket feat(http): add delete user handler Additionally, there was a bit of general cleanup feat(http): add delete route for organization handler and service Did a bit of additional cleanup of the http code. test(testing): add service conformance tests test(testing): add organization service conformance tests test(testing): add conformance test for orgs service Additionally, there was a bit of cleanup in the users service tests test(testing): add conformance test for authorizations service test(testing): update auth tests to validate that user exists test(testing): update authorization conformance tests with user name test(testing): update bucket conformance tests to include organizations feat(bolt): add bolt implementation services feat(bolt): add bolt implementation of organization service feat(bolt): add bolt implementation of users service feat(bolt): add bolt implementation of authorization service feat(bolt): add user to create authorization method feat(bolt): drop user string from create authorization fix(bolt): set user name on authorization after put feat(bolt): update bucket servie to include organizations feat(bolt): add dependent destroy of resources feat(cmd/idpd): use bolt services in platform server feat(cmd/idpd): use bolt organization service in platform server feat(cmd/idpd): use bolt users service in plaform server feat(cmd/idpd): use bolt client as authorization service feat(cmd/idp): show user name in output of auth sub command feat(cmd/idp): clean up bucket subcommand of idp command fix(cmd/idp): normalize idp command output for users fix(cmd/idp): normalize auth subcommand output feat(cmd/idp): add support for delete organiztion command migrate(idp): move ifql subcommand of idp to platform 2018-05-16 18:59:35 +00:00			`return s.AuthorizationService.DeleteAuthorization(ctx, id)`
migrate(platform): move public dependencies into platform migrate(context): move context package to platform migrate(kit/errors): move errors package to platform migrate(mock): move mock package to platform migrate(prometheus): move prometheus package to platform migrate(rand): move rand package to platform migrate(snowflake): move snowflake package to platform migrate(testing): move testing package to platform migrate(zap): move zap package to platform migrate(http): move http package to platform migrate(platform): rename base package idpe to platform git(base): add gitignore dep: add dependencies migrate(platform): remove consumer.go migrate(platform): make secret things private again 2018-05-14 16:26:38 +00:00			`}`
chore(prometheus): don't use global prometheus registry And add tests. 2018-07-11 22:30:07 +00:00
			`func (s *AuthorizationService) PrometheusCollectors() []prometheus.Collector {`
			`return []prometheus.Collector{`
			`s.requestCount,`
			`s.requestDuration,`
			`}`
			`}`