Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: automated move of errors and id from root to kit (#21101) 

Co-authored-by: Sam Arnold <sarnold@influxdata.com>
pull/21098/head
Daniel Moran 2021-03-30 14:10:02 -04:00 committed by GitHub
parent a8183d8cf1
commit 00afd95cb7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
555 changed files with 7962 additions and 6914 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
auth.go
View File

@ -3,25 +3,28 @@ package influxdb
import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
)
// AuthorizationKind is returned by (*Authorization).Kind().
const AuthorizationKind = "authorization"
// ErrUnableToCreateToken sanitized error message for all errors when a user cannot create a token
var ErrUnableToCreateToken = &Error{
var ErrUnableToCreateToken = &errors.Error{
Msg: "unable to create token",
Code: EInvalid,
Code: errors.EInvalid,
}
// Authorization is an authorization. 🎉
type Authorization struct {
ID ID `json:"id"`
ID platform.ID `json:"id"`
Token string `json:"token"`
Status Status `json:"status"`
Description string `json:"description"`
OrgID ID `json:"orgID"`
UserID ID `json:"userID,omitempty"`
OrgID platform.ID `json:"orgID"`
UserID platform.ID `json:"userID,omitempty"`
Permissions []Permission `json:"permissions"`
CRUDLog
}
@ -36,9 +39,9 @@ type AuthorizationUpdate struct {
func (a *Authorization) Valid() error {
for _, p := range a.Permissions {
if p.Resource.OrgID != nil && *p.Resource.OrgID != a.OrgID {
return &Error{
return &errors.Error{
Msg: fmt.Sprintf("permission %s is not for org id %s", p, a.OrgID),
Code: EInvalid,
Code: errors.EInvalid,
}
}
}
@ -49,8 +52,8 @@ func (a *Authorization) Valid() error {
// PermissionSet returns the set of permissions associated with the Authorization.
func (a *Authorization) PermissionSet() (PermissionSet, error) {
if !a.IsActive() {
return nil, &Error{
Code: EUnauthorized,
return nil, &errors.Error{
Code: errors.EUnauthorized,
Msg: "token is inactive",
}
}
@ -69,7 +72,7 @@ func (a *Authorization) IsActive() bool {
}
// GetUserID returns the user id.
func (a *Authorization) GetUserID() ID {
func (a *Authorization) GetUserID() platform.ID {
return a.UserID
}
@ -77,7 +80,7 @@ func (a *Authorization) GetUserID() ID {
func (a *Authorization) Kind() string { return AuthorizationKind }
// Identifier returns the authorizations ID and is used for auditing.
func (a *Authorization) Identifier() ID { return a.ID }
func (a *Authorization) Identifier() platform.ID { return a.ID }
// auth service op
const (
@ -92,7 +95,7 @@ const (
// AuthorizationService represents a service for managing authorization data.
type AuthorizationService interface {
// Returns a single authorization by ID.
FindAuthorizationByID(ctx context.Context, id ID) (*Authorization, error)
FindAuthorizationByID(ctx context.Context, id platform.ID) (*Authorization, error)
// Returns a single authorization by Token.
FindAuthorizationByToken(ctx context.Context, t string) (*Authorization, error)
@ -105,20 +108,20 @@ type AuthorizationService interface {
CreateAuthorization(ctx context.Context, a *Authorization) error
// UpdateAuthorization updates the status and description if available.
UpdateAuthorization(ctx context.Context, id ID, upd *AuthorizationUpdate) (*Authorization, error)
UpdateAuthorization(ctx context.Context, id platform.ID, upd *AuthorizationUpdate) (*Authorization, error)
// Removes a authorization by token.
DeleteAuthorization(ctx context.Context, id ID) error
DeleteAuthorization(ctx context.Context, id platform.ID) error
}
// AuthorizationFilter represents a set of filter that restrict the returned results.
type AuthorizationFilter struct {
Token *string
ID *ID
ID *platform.ID
UserID *ID
UserID *platform.ID
User *string
OrgID *ID
OrgID *platform.ID
Org *string
}

40
authorization/error.go
View File

@ -3,64 +3,64 @@ package authorization
import (
"fmt"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
)
var (
// ErrInvalidAuthID is used when the Authorization's ID cannot be encoded
ErrInvalidAuthID = &influxdb.Error{
Code: influxdb.EInvalid,
ErrInvalidAuthID = &errors.Error{
Code: errors.EInvalid,
Msg: "authorization ID is invalid",
}
// ErrAuthNotFound is used when the specified auth cannot be found
ErrAuthNotFound = &influxdb.Error{
Code: influxdb.ENotFound,
ErrAuthNotFound = &errors.Error{
Code: errors.ENotFound,
Msg: "authorization not found",
}
// NotUniqueIDError occurs when attempting to create an Authorization with an ID that already belongs to another one
NotUniqueIDError = &influxdb.Error{
Code: influxdb.EConflict,
NotUniqueIDError = &errors.Error{
Code: errors.EConflict,
Msg: "ID already exists",
}
// ErrFailureGeneratingID occurs ony when the random number generator
// cannot generate an ID in MaxIDGenerationN times.
ErrFailureGeneratingID = &influxdb.Error{
Code: influxdb.EInternal,
ErrFailureGeneratingID = &errors.Error{
Code: errors.EInternal,
Msg: "unable to generate valid id",
}
// ErrTokenAlreadyExistsError is used when attempting to create an authorization
// with a token that already exists
ErrTokenAlreadyExistsError = &influxdb.Error{
Code: influxdb.EConflict,
ErrTokenAlreadyExistsError = &errors.Error{
Code: errors.EConflict,
Msg: "token already exists",
}
)
// ErrInvalidAuthIDError is used when a service was provided an invalid ID.
func ErrInvalidAuthIDError(err error) *influxdb.Error {
return &influxdb.Error{
Code: influxdb.EInvalid,
func ErrInvalidAuthIDError(err error) *errors.Error {
return &errors.Error{
Code: errors.EInvalid,
Msg: "auth id provided is invalid",
Err: err,
}
}
// ErrInternalServiceError is used when the error comes from an internal system.
func ErrInternalServiceError(err error) *influxdb.Error {
return &influxdb.Error{
Code: influxdb.EInternal,
func ErrInternalServiceError(err error) *errors.Error {
return &errors.Error{
Code: errors.EInternal,
Err: err,
}
}
// UnexpectedAuthIndexError is used when the error comes from an internal system.
func UnexpectedAuthIndexError(err error) *influxdb.Error {
return &influxdb.Error{
Code: influxdb.EInternal,
func UnexpectedAuthIndexError(err error) *errors.Error {
return &errors.Error{
Code: errors.EInternal,
Msg: fmt.Sprintf("unexpected error retrieving auth index; Err: %v", err),
}
}

8
authorization/http_client.go
View File

@ -4,6 +4,8 @@ import (
"context"
"errors"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/pkg/httpc"
)
@ -72,7 +74,7 @@ func (s *AuthorizationClientService) FindAuthorizationByToken(ctx context.Contex
}
// FindAuthorizationByID finds a single Authorization by its ID against a remote influx server.
func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
var b influxdb.Authorization
err := s.Client.
Get(prefixAuthorization, id.String()).
@ -85,7 +87,7 @@ func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context,
}
// UpdateAuthorization updates the status and description if available.
func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
var res authResponse
err := s.Client.
PatchJSON(upd, prefixAuthorization, id.String()).
@ -99,7 +101,7 @@ func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id
}
// DeleteAuthorization removes a authorization by id.
func (s *AuthorizationClientService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error {
func (s *AuthorizationClientService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
return s.Client.
Delete(prefixAuthorization, id.String()).
Do(ctx)

59
authorization/http_server.go
View File

@ -7,6 +7,9 @@ import (
"net/http"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/go-chi/chi"
"github.com/go-chi/chi/middleware"
"github.com/influxdata/influxdb/v2"
@ -17,11 +20,11 @@ import (
// TenantService is used to look up the Organization and User for an Authorization
type TenantService interface {
FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error)
FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error)
FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)
FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error)
FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error)
FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error)
FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error)
FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error)
}
type AuthHandler struct {
@ -126,20 +129,20 @@ func getAuthorizedUser(r *http.Request, ts TenantService) (*influxdb.User, error
type postAuthorizationRequest struct {
Status influxdb.Status `json:"status"`
OrgID influxdb.ID `json:"orgID"`
UserID *influxdb.ID `json:"userID,omitempty"`
OrgID platform.ID `json:"orgID"`
UserID *platform.ID `json:"userID,omitempty"`
Description string `json:"description"`
Permissions []influxdb.Permission `json:"permissions"`
}
type authResponse struct {
ID influxdb.ID `json:"id"`
ID platform.ID `json:"id"`
Token string `json:"token"`
Status influxdb.Status `json:"status"`
Description string `json:"description"`
OrgID influxdb.ID `json:"orgID"`
OrgID platform.ID `json:"orgID"`
Org string `json:"org"`
UserID influxdb.ID `json:"userID"`
UserID platform.ID `json:"userID"`
User string `json:"user"`
Permissions []permissionResponse `json:"permissions"`
Links map[string]string `json:"links"`
@ -181,7 +184,7 @@ func (h *AuthHandler) newAuthResponse(ctx context.Context, a *influxdb.Authoriza
return res, nil
}
func (p *postAuthorizationRequest) toInfluxdb(userID influxdb.ID) *influxdb.Authorization {
func (p *postAuthorizationRequest) toInfluxdb(userID platform.ID) *influxdb.Authorization {
return &influxdb.Authorization{
OrgID: p.OrgID,
Status: p.Status,
@ -250,24 +253,24 @@ func (p *postAuthorizationRequest) SetDefaults() {
func (p *postAuthorizationRequest) Validate() error {
if len(p.Permissions) == 0 {
return &influxdb.Error{
Code: influxdb.EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Msg: "authorization must include permissions",
}
}
for _, perm := range p.Permissions {
if err := perm.Valid(); err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
}
}
}
if !p.OrgID.Valid() {
return &influxdb.Error{
Err: influxdb.ErrInvalidID,
Code: influxdb.EInvalid,
return &errors.Error{
Err: platform.ErrInvalidID,
Code: errors.EInvalid,
Msg: "org id required",
}
}
@ -307,7 +310,7 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
if p.Resource.ID != nil {
name, err := h.getNameForResource(ctx, p.Resource.Type, *p.Resource.ID)
if influxdb.ErrorCode(err) == influxdb.ENotFound {
if errors.ErrorCode(err) == errors.ENotFound {
continue
}
if err != nil {
@ -318,7 +321,7 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
if p.Resource.OrgID != nil {
name, err := h.getNameForResource(ctx, influxdb.OrgsResourceType, *p.Resource.OrgID)
if influxdb.ErrorCode(err) == influxdb.ENotFound {
if errors.ErrorCode(err) == errors.ENotFound {
continue
}
if err != nil {
@ -330,13 +333,13 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
return res, nil
}
func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.ResourceType, id influxdb.ID) (string, error) {
func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.ResourceType, id platform.ID) (string, error) {
if err := resource.Valid(); err != nil {
return "", err
}
if ok := id.Valid(); !ok {
return "", influxdb.ErrInvalidID
return "", platform.ErrInvalidID
}
switch resource {
@ -366,8 +369,8 @@ func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.
func decodePostAuthorizationRequest(ctx context.Context, r *http.Request) (*postAuthorizationRequest, error) {
a := &postAuthorizationRequest{}
if err := json.NewDecoder(r.Body).Decode(a); err != nil {
return nil, &influxdb.Error{
Code: influxdb.EInvalid,
return nil, &errors.Error{
Code: errors.EInvalid,
Msg: "invalid json structure",
Err: err,
}
@ -448,7 +451,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
userID := qp.Get("userID")
if userID != "" {
id, err := influxdb.IDFromString(userID)
id, err := platform.IDFromString(userID)
if err != nil {
return nil, err
}
@ -462,7 +465,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
orgID := qp.Get("orgID")
if orgID != "" {
id, err := influxdb.IDFromString(orgID)
id, err := platform.IDFromString(orgID)
if err != nil {
return nil, err
}
@ -476,7 +479,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
authID := qp.Get("id")
if authID != "" {
id, err := influxdb.IDFromString(authID)
id, err := platform.IDFromString(authID)
if err != nil {
return nil, err
}
@ -489,7 +492,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
func (h *AuthHandler) handleGetAuthorization(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
id, err := influxdb.IDFromString(chi.URLParam(r, "id"))
id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil {
h.log.Info("Failed to decode request", zap.String("handler", "getAuthorization"), zap.Error(err))
h.api.Err(w, r, err)
@ -559,12 +562,12 @@ func (h *AuthHandler) handleUpdateAuthorization(w http.ResponseWriter, r *http.R
}
type updateAuthorizationRequest struct {
ID influxdb.ID
ID platform.ID
*influxdb.AuthorizationUpdate
}
func decodeUpdateAuthorizationRequest(ctx context.Context, r *http.Request) (*updateAuthorizationRequest, error) {
id, err := influxdb.IDFromString(chi.URLParam(r, "id"))
id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil {
return nil, err
}
@ -582,7 +585,7 @@ func decodeUpdateAuthorizationRequest(ctx context.Context, r *http.Request) (*up
// handleDeleteAuthorization is the HTTP handler for the DELETE /api/v2/authorizations/:id route.
func (h *AuthHandler) handleDeleteAuthorization(w http.ResponseWriter, r *http.Request) {
id, err := influxdb.IDFromString(chi.URLParam(r, "id"))
id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil {
h.log.Info("Failed to decode request", zap.String("handler", "deleteAuthorization"), zap.Error(err))
h.api.Err(w, r, err)

49
authorization/http_server_test.go
View File

@ -11,6 +11,9 @@ import (
"sort"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/go-chi/chi"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
@ -68,19 +71,19 @@ func TestService_handlePostAuthorization(t *testing.T) {
},
},
TenantService: &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
Name: "u1",
}, nil
},
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
Name: "o1",
}, nil
},
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: id,
Name: "b1",
@ -246,7 +249,7 @@ func TestService_handleGetAuthorization(t *testing.T) {
name: "get a authorization by id",
fields: fields{
AuthorizationService: &mock.AuthorizationService{
FindAuthorizationByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
FindAuthorizationByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
if id == itesting.MustIDBase16("020f755c3c082000") {
return &influxdb.Authorization{
ID: itesting.MustIDBase16("020f755c3c082000"),
@ -258,7 +261,7 @@ func TestService_handleGetAuthorization(t *testing.T) {
Resource: influxdb.Resource{
Type: influxdb.BucketsResourceType,
OrgID: itesting.IDPtr(itesting.MustIDBase16("020f755c3c083000")),
ID: func() *influxdb.ID {
ID: func() *platform.ID {
id := itesting.MustIDBase16("020f755c3c084000")
return &id
}(),
@ -273,19 +276,19 @@ func TestService_handleGetAuthorization(t *testing.T) {
},
},
TenantService: &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
Name: "u1",
}, nil
},
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
Name: "o1",
}, nil
},
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: id,
Name: "b1",
@ -335,9 +338,9 @@ func TestService_handleGetAuthorization(t *testing.T) {
name: "not found",
fields: fields{
AuthorizationService: &mock.AuthorizationService{
FindAuthorizationByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
FindAuthorizationByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return nil, &errors.Error{
Code: errors.ENotFound,
Msg: "authorization not found",
}
},
@ -439,14 +442,14 @@ func TestService_handleGetAuthorizations(t *testing.T) {
},
},
&tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
Name: id.String(),
}, nil
},
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
Name: id.String(),
@ -531,16 +534,16 @@ func TestService_handleGetAuthorizations(t *testing.T) {
},
},
&tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
if id.String() == "2070616e656d2076" {
return &influxdb.User{
ID: id,
Name: id.String(),
}, nil
}
return nil, &influxdb.Error{}
return nil, &errors.Error{}
},
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
Name: id.String(),
@ -607,20 +610,20 @@ func TestService_handleGetAuthorizations(t *testing.T) {
},
},
&tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
Name: id.String(),
}, nil
},
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
if id.String() == "3070616e656d2076" {
return &influxdb.Organization{
ID: id,
Name: id.String(),
}, nil
}
return nil, &influxdb.Error{}
return nil, &errors.Error{}
},
},
},
@ -759,7 +762,7 @@ func TestService_handleDeleteAuthorization(t *testing.T) {
name: "remove a authorization by id",
fields: fields{
&mock.AuthorizationService{
DeleteAuthorizationFn: func(ctx context.Context, id influxdb.ID) error {
DeleteAuthorizationFn: func(ctx context.Context, id platform.ID) error {
if id == itesting.MustIDBase16("020f755c3c082000") {
return nil
}
@ -780,9 +783,9 @@ func TestService_handleDeleteAuthorization(t *testing.T) {
name: "authorization not found",
fields: fields{
&mock.AuthorizationService{
DeleteAuthorizationFn: func(ctx context.Context, id influxdb.ID) error {
return &influxdb.Error{
Code: influxdb.ENotFound,
DeleteAuthorizationFn: func(ctx context.Context, id platform.ID) error {
return &errors.Error{
Code: errors.ENotFound,
Msg: "authorization not found",
}
},

13
authorization/middleware_auth.go
View File

@ -4,6 +4,9 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/authorizer"
)
@ -50,7 +53,7 @@ func (s *AuthedAuthorizationService) FindAuthorizationByToken(ctx context.Contex
return a, nil
}
func (s *AuthedAuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
func (s *AuthedAuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return nil, err
@ -74,7 +77,7 @@ func (s *AuthedAuthorizationService) FindAuthorizations(ctx context.Context, fil
return authorizer.AuthorizeFindAuthorizations(ctx, as)
}
func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return nil, err
@ -88,7 +91,7 @@ func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id
return s.s.UpdateAuthorization(ctx, id, upd)
}
func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error {
func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return err
@ -106,10 +109,10 @@ func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id
func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error {
for _, p := range ps {
if err := authorizer.IsAllowed(ctx, p); err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
Msg: fmt.Sprintf("permission %s is not allowed", p),
Code: influxdb.EForbidden,
Code: errors.EForbidden,
}
}
}

40
authorization/middleware_auth_test.go
View File

@ -3,6 +3,8 @@ package authorization_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -97,9 +99,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
authorizations: []*influxdb.Authorization{},
},
@ -125,9 +127,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
authorizations: []*influxdb.Authorization{},
},
@ -137,7 +139,7 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -252,9 +254,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -279,9 +281,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -290,7 +292,7 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -300,10 +302,10 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil
}
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error {
m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil
}
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil
}
// set up tenant service
@ -391,9 +393,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -418,9 +420,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -429,7 +431,7 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -439,10 +441,10 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil
}
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error {
m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil
}
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil
}
// set up tenant service

8
authorization/middleware_logging.go
View File

@ -5,6 +5,8 @@ import (
"fmt"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"go.uber.org/zap"
)
@ -36,7 +38,7 @@ func (l *AuthLogger) CreateAuthorization(ctx context.Context, a *influxdb.Author
return l.authService.CreateAuthorization(ctx, a)
}
func (l *AuthLogger) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (a *influxdb.Authorization, err error) {
func (l *AuthLogger) FindAuthorizationByID(ctx context.Context, id platform.ID) (a *influxdb.Authorization, err error) {
defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start))
if err != nil {
@ -74,7 +76,7 @@ func (l *AuthLogger) FindAuthorizations(ctx context.Context, filter influxdb.Aut
return l.authService.FindAuthorizations(ctx, filter)
}
func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (a *influxdb.Authorization, err error) {
func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (a *influxdb.Authorization, err error) {
defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start))
if err != nil {
@ -86,7 +88,7 @@ func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id influxdb.ID, up
return l.authService.UpdateAuthorization(ctx, id, upd)
}
func (l *AuthLogger) DeleteAuthorization(ctx context.Context, id influxdb.ID) (err error) {
func (l *AuthLogger) DeleteAuthorization(ctx context.Context, id platform.ID) (err error) {
defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start))
if err != nil {

8
authorization/middleware_metrics.go
View File

@ -3,6 +3,8 @@ package authorization
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/metric"
"github.com/prometheus/client_golang/prometheus"
@ -31,7 +33,7 @@ func (m *AuthMetrics) CreateAuthorization(ctx context.Context, a *influxdb.Autho
return rec(err)
}
func (m *AuthMetrics) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
func (m *AuthMetrics) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
rec := m.rec.Record("find_authorization_by_id")
a, err := m.authService.FindAuthorizationByID(ctx, id)
return a, rec(err)
@ -47,13 +49,13 @@ func (m *AuthMetrics) FindAuthorizations(ctx context.Context, filter influxdb.Au
return a, n, rec(err)
}
func (m *AuthMetrics) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
func (m *AuthMetrics) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
rec := m.rec.Record("update_authorization")
a, err := m.authService.UpdateAuthorization(ctx, id, upd)
return a, rec(err)
}
func (m *AuthMetrics) DeleteAuthorization(ctx context.Context, id influxdb.ID) error {
func (m *AuthMetrics) DeleteAuthorization(ctx context.Context, id platform.ID) error {
rec := m.rec.Record("delete_authorization")
err := m.authService.DeleteAuthorization(ctx, id)
return rec(err)

14
authorization/mock_tenant.go
View File

@ -3,20 +3,22 @@ package authorization
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
// tenantService is a mock implementation of an authorization.tenantService
type tenantService struct {
FindUserByIDFn func(context.Context, influxdb.ID) (*influxdb.User, error)
FindUserByIDFn func(context.Context, platform.ID) (*influxdb.User, error)
FindUserFn func(context.Context, influxdb.UserFilter) (*influxdb.User, error)
FindOrganizationByIDF func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error)
FindOrganizationByIDF func(ctx context.Context, id platform.ID) (*influxdb.Organization, error)
FindOrganizationF func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)
FindBucketByIDFn func(context.Context, influxdb.ID) (*influxdb.Bucket, error)
FindBucketByIDFn func(context.Context, platform.ID) (*influxdb.Bucket, error)
}
// FindUserByID returns a single User by ID.
func (s *tenantService) FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
func (s *tenantService) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return s.FindUserByIDFn(ctx, id)
}
@ -26,7 +28,7 @@ func (s *tenantService) FindUser(ctx context.Context, filter influxdb.UserFilter
}
//FindOrganizationByID calls FindOrganizationByIDF.
func (s *tenantService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
func (s *tenantService) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return s.FindOrganizationByIDF(ctx, id)
}
@ -35,6 +37,6 @@ func (s *tenantService) FindOrganization(ctx context.Context, filter influxdb.Or
return s.FindOrganizationF(ctx, filter)
}
func (s *tenantService) FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
func (s *tenantService) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return s.FindBucketByIDFn(ctx, id)
}

23
authorization/service.go
View File

@ -4,6 +4,9 @@ import (
"context"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kv"
"github.com/influxdata/influxdb/v2/rand"
@ -27,7 +30,7 @@ func NewService(st *Store, ts TenantService) influxdb.AuthorizationService {
func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error {
if err := a.Valid(); err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
}
}
@ -53,7 +56,7 @@ func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authoriza
if a.Token == "" {
token, err := s.tokenGenerator.Token()
if err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
}
}
@ -69,7 +72,7 @@ func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authoriza
})
}
func (s *Service) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
func (s *Service) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
var a *influxdb.Authorization
err := s.store.View(ctx, func(tx kv.Tx) error {
auth, err := s.store.GetAuthorizationByID(ctx, tx, id)
@ -124,7 +127,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
return nil
})
if err != nil {
return nil, 0, &influxdb.Error{
return nil, 0, &errors.Error{
Err: err,
}
}
@ -143,7 +146,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
return nil
})
if err != nil {
return nil, 0, &influxdb.Error{
return nil, 0, &errors.Error{
Err: err,
}
}
@ -162,7 +165,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
})
if err != nil {
return nil, 0, &influxdb.Error{
return nil, 0, &errors.Error{
Err: err,
}
}
@ -171,7 +174,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
}
// UpdateAuthorization updates the status and description if available.
func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
func (s *Service) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
var auth *influxdb.Authorization
err := s.store.View(ctx, func(tx kv.Tx) error {
a, e := s.store.GetAuthorizationByID(ctx, tx, id)
@ -183,8 +186,8 @@ func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *
})
if err != nil {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
return nil, &errors.Error{
Code: errors.ENotFound,
Err: err,
}
}
@ -209,7 +212,7 @@ func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *
return auth, err
}
func (s *Service) DeleteAuthorization(ctx context.Context, id influxdb.ID) error {
func (s *Service) DeleteAuthorization(ctx context.Context, id platform.ID) error {
return s.store.Update(ctx, func(tx kv.Tx) (err error) {
return s.store.DeleteAuthorization(ctx, tx, id)
})

18
authorization/storage.go
View File

@ -3,7 +3,9 @@ package authorization
import (
"context"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2/kit/tracing"
"github.com/influxdata/influxdb/v2/kv"
"github.com/influxdata/influxdb/v2/snowflake"
@ -19,7 +21,7 @@ var (
type Store struct {
kvStore kv.Store
IDGen influxdb.IDGenerator
IDGen platform.IDGenerator
}
func NewStore(kvStore kv.Store) (*Store, error) {
@ -56,7 +58,7 @@ func (s *Store) setup() error {
// generateSafeID attempts to create ids for buckets
// and orgs that are without backslash, commas, and spaces, BUT ALSO do not already exist.
func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (influxdb.ID, error) {
func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (platform.ID, error) {
for i := 0; i < MaxIDGenerationN; i++ {
id := s.IDGen.ID()
@ -75,19 +77,19 @@ func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (in
continue
}
return influxdb.InvalidID(), err
return platform.InvalidID(), err
}
return influxdb.InvalidID(), ErrFailureGeneratingID
return platform.InvalidID(), ErrFailureGeneratingID
}
func (s *Store) uniqueID(ctx context.Context, tx kv.Tx, bucket []byte, id influxdb.ID) error {
func (s *Store) uniqueID(ctx context.Context, tx kv.Tx, bucket []byte, id platform.ID) error {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
encodedID, err := id.Encode()
if err != nil {
return &influxdb.Error{
Code: influxdb.EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Err: err,
}
}

53
authorization/storage_authorization.go
View File

@ -4,6 +4,9 @@ import (
"context"
"encoding/json"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/buger/jsonparser"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kv"
@ -29,8 +32,8 @@ func encodeAuthorization(a *influxdb.Authorization) ([]byte, error) {
case "":
a.Status = influxdb.Active
default:
return nil, &influxdb.Error{
Code: influxdb.EInvalid,
return nil, &errors.Error{
Code: errors.EInvalid,
Msg: "unknown authorization status",
}
}
@ -72,8 +75,8 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
v, err := encodeAuthorization(a)
if err != nil {
return &influxdb.Error{
Code: influxdb.EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Err: err,
}
}
@ -89,8 +92,8 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
}
if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil {
return &influxdb.Error{
Code: influxdb.EInternal,
return &errors.Error{
Code: errors.EInternal,
Err: err,
}
}
@ -101,7 +104,7 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
}
if err := b.Put(encodedID, v); err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
}
}
@ -110,7 +113,7 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
}
// GetAuthorization gets an authorization by its ID from the auth bucket in kv
func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (*influxdb.Authorization, error) {
func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id platform.ID) (*influxdb.Authorization, error) {
encodedID, err := id.Encode()
if err != nil {
return nil, ErrInvalidAuthID
@ -132,8 +135,8 @@ func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id influxdb.
a := &influxdb.Authorization{}
if err := decodeAuthorization(v, a); err != nil {
return nil, &influxdb.Error{
Code: influxdb.EInvalid,
return nil, &errors.Error{
Code: errors.EInvalid,
Err: err,
}
}
@ -150,16 +153,16 @@ func (s *Store) GetAuthorizationByToken(ctx context.Context, tx kv.Tx, token str
// use the token to look up the authorization's ID
idKey, err := idx.Get(authIndexKey(token))
if kv.IsNotFound(err) {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
return nil, &errors.Error{
Code: errors.ENotFound,
Msg: "authorization not found",
}
}
var id influxdb.ID
var id platform.ID
if err := id.Decode(idKey); err != nil {
return nil, &influxdb.Error{
Code: influxdb.EInvalid,
return nil, &errors.Error{
Code: errors.EInvalid,
Err: err,
}
}
@ -221,19 +224,19 @@ func (s *Store) forEachAuthorization(ctx context.Context, tx kv.Tx, pred kv.Curs
}
// UpdateAuthorization updates the status and description only of an authorization
func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID, a *influxdb.Authorization) (*influxdb.Authorization, error) {
func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id platform.ID, a *influxdb.Authorization) (*influxdb.Authorization, error) {
v, err := encodeAuthorization(a)
if err != nil {
return nil, &influxdb.Error{
Code: influxdb.EInvalid,
return nil, &errors.Error{
Code: errors.EInvalid,
Err: err,
}
}
encodedID, err := a.ID.Encode()
if err != nil {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
return nil, &errors.Error{
Code: errors.ENotFound,
Err: err,
}
}
@ -244,8 +247,8 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
}
if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil {
return nil, &influxdb.Error{
Code: influxdb.EInternal,
return nil, &errors.Error{
Code: errors.EInternal,
Err: err,
}
}
@ -256,7 +259,7 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
}
if err := b.Put(encodedID, v); err != nil {
return nil, &influxdb.Error{
return nil, &errors.Error{
Err: err,
}
}
@ -266,7 +269,7 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
}
// DeleteAuthorization removes an authorization from storage
func (s *Store) DeleteAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID) error {
func (s *Store) DeleteAuthorization(ctx context.Context, tx kv.Tx, id platform.ID) error {
a, err := s.GetAuthorizationByID(ctx, tx, id)
if err != nil {
return err
@ -332,7 +335,7 @@ func unique(ctx context.Context, tx kv.Tx, indexBucket, indexKey []byte) error {
}
// uniqueID returns nil if the ID provided is unique, returns an error otherwise
func uniqueID(ctx context.Context, tx kv.Tx, id influxdb.ID) error {
func uniqueID(ctx context.Context, tx kv.Tx, id platform.ID) error {
encodedID, err := id.Encode()
if err != nil {
return ErrInvalidAuthID

43
authorization/storage_authorization_test.go
View File

@ -3,6 +3,7 @@ package authorization_test
import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"reflect"
"testing"
@ -18,10 +19,10 @@ func TestAuth(t *testing.T) {
setup := func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
err := store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{
ID: influxdb.ID(i),
ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i),
UserID: influxdb.ID(i),
OrgID: platform.ID(i),
UserID: platform.ID(i),
Status: influxdb.Active,
})
@ -53,10 +54,10 @@ func TestAuth(t *testing.T) {
expected := []*influxdb.Authorization{}
for i := 1; i <= 10; i++ {
expected = append(expected, &influxdb.Authorization{
ID: influxdb.ID(i),
ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i),
UserID: influxdb.ID(i),
OrgID: platform.ID(i),
UserID: platform.ID(i),
Status: "active",
})
}
@ -66,10 +67,10 @@ func TestAuth(t *testing.T) {
// should not be able to create two authorizations with identical tokens
err = store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{
ID: influxdb.ID(1),
ID: platform.ID(1),
Token: fmt.Sprintf("randomtoken%d", 1),
OrgID: influxdb.ID(1),
UserID: influxdb.ID(1),
OrgID: platform.ID(1),
UserID: platform.ID(1),
})
if err == nil {
t.Fatalf("expected to be unable to create authorizations with identical tokens")
@ -82,14 +83,14 @@ func TestAuth(t *testing.T) {
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
expectedAuth := &influxdb.Authorization{
ID: influxdb.ID(i),
ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i),
UserID: influxdb.ID(i),
OrgID: platform.ID(i),
UserID: platform.ID(i),
Status: influxdb.Active,
}
authByID, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i))
authByID, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil {
t.Fatalf("Unexpectedly could not acquire Authorization by ID [Error]: %v", err)
}
@ -115,14 +116,14 @@ func TestAuth(t *testing.T) {
setup: setup,
update: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
auth, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i))
auth, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil {
t.Fatalf("Could not get authorization [Error]: %v", err)
}
auth.Status = influxdb.Inactive
_, err = store.UpdateAuthorization(context.Background(), tx, influxdb.ID(i), auth)
_, err = store.UpdateAuthorization(context.Background(), tx, platform.ID(i), auth)
if err != nil {
t.Fatalf("Could not get updated authorization [Error]: %v", err)
}
@ -131,16 +132,16 @@ func TestAuth(t *testing.T) {
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
auth, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i))
auth, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil {
t.Fatalf("Could not get authorization [Error]: %v", err)
}
expectedAuth := &influxdb.Authorization{
ID: influxdb.ID(i),
ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i),
UserID: influxdb.ID(i),
OrgID: platform.ID(i),
UserID: platform.ID(i),
Status: influxdb.Inactive,
}
@ -155,7 +156,7 @@ func TestAuth(t *testing.T) {
setup: setup,
update: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
err := store.DeleteAuthorization(context.Background(), tx, influxdb.ID(i))
err := store.DeleteAuthorization(context.Background(), tx, platform.ID(i))
if err != nil {
t.Fatalf("Could not delete authorization [Error]: %v", err)
}
@ -163,7 +164,7 @@ func TestAuth(t *testing.T) {
},
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ {
_, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i))
_, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err == nil {
t.Fatal("Authorization was not deleted correctly")
}

13
authorizer/agent.go
View File

@ -3,6 +3,9 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
)
@ -11,7 +14,7 @@ import (
type AuthAgent struct{}
// OrgPermissions identifies if a user has access to the org by the specified action.
func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, action influxdb.Action, rest ...influxdb.Action) error {
func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID platform.ID, action influxdb.Action, rest ...influxdb.Action) error {
for _, action := range append(rest, action) {
var err error
switch action {
@ -20,7 +23,7 @@ func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, actio
case influxdb.WriteAction:
_, _, err = AuthorizeWriteOrg(ctx, orgID)
default:
err = &influxdb.Error{Code: influxdb.EInvalid, Msg: "invalid action provided: " + string(action)}
err = &errors.Error{Code: errors.EInvalid, Msg: "invalid action provided: " + string(action)}
}
if err != nil {
return err
@ -29,13 +32,13 @@ func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, actio
return nil
}
func (a *AuthAgent) IsWritable(ctx context.Context, orgID influxdb.ID, resType influxdb.ResourceType) error {
func (a *AuthAgent) IsWritable(ctx context.Context, orgID platform.ID, resType influxdb.ResourceType) error {
_, _, resTypeErr := AuthorizeOrgWriteResource(ctx, resType, orgID)
_, _, orgErr := AuthorizeWriteOrg(ctx, orgID)
if resTypeErr != nil && orgErr != nil {
return &influxdb.Error{
Code: influxdb.EUnauthorized,
return &errors.Error{
Code: errors.EUnauthorized,
Msg: "not authorized to create " + string(resType),
}
}

5
authorizer/agent_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing"
"github.com/influxdata/influxdb/v2"
@ -17,7 +18,7 @@ func Test_Agent(t *testing.T) {
tests := []struct {
name string
action influxdb.Action
orgID influxdb.ID
orgID platform.ID
permissions []influxdb.Permission
shouldErr bool
}{
@ -175,7 +176,7 @@ func Test_Agent(t *testing.T) {
tests := []struct {
name string
resourceType influxdb.ResourceType
orgID influxdb.ID
orgID platform.ID
permissions []influxdb.Permission
shouldErr bool
}{

13
authorizer/auth.go
View File

@ -4,6 +4,9 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
)
@ -23,7 +26,7 @@ func NewAuthorizationService(s influxdb.AuthorizationService) *AuthorizationServ
}
// FindAuthorizationByID checks to see if the authorizer on context has read access to the id provided.
func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return nil, err
@ -78,7 +81,7 @@ func (s *AuthorizationService) CreateAuthorization(ctx context.Context, a *influ
}
// UpdateAuthorization checks to see if the authorizer on context has write access to the authorization provided.
func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return nil, err
@ -93,7 +96,7 @@ func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id influ
}
// DeleteAuthorization checks to see if the authorizer on context has write access to the authorization provided.
func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error {
func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil {
return err
@ -111,10 +114,10 @@ func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id influ
func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error {
for _, p := range ps {
if err := IsAllowed(ctx, p); err != nil {
return &influxdb.Error{
return &errors.Error{
Err: err,
Msg: fmt.Sprintf("permission %s is not allowed", p),
Code: influxdb.EForbidden,
Code: errors.EForbidden,
}
}
}

40
authorizer/auth_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -93,9 +95,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
authorizations: []*influxdb.Authorization{},
},
@ -121,9 +123,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
authorizations: []*influxdb.Authorization{},
},
@ -133,7 +135,7 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -241,9 +243,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -268,9 +270,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -279,7 +281,7 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -289,10 +291,10 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil
}
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error {
m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil
}
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil
}
s := authorizer.NewAuthorizationService(m)
@ -372,9 +374,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -399,9 +401,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -410,7 +412,7 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) {
m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{
ID: id,
UserID: 1,
@ -420,10 +422,10 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil
}
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error {
m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil
}
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil
}
s := authorizer.NewAuthorizationService(m)

35
authorizer/authorize.go
View File

@ -4,6 +4,9 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
icontext "github.com/influxdata/influxdb/v2/context"
)
@ -16,8 +19,8 @@ func isAllowedAll(a influxdb.Authorizer, permissions []influxdb.Permission) erro
for _, p := range permissions {
if !pset.Allowed(p) {
return &influxdb.Error{
Code: influxdb.EUnauthorized,
return &errors.Error{
Code: errors.EUnauthorized,
Msg: fmt.Sprintf("%s is unauthorized", p),
}
}
@ -61,13 +64,13 @@ func IsAllowedAny(ctx context.Context, permissions []influxdb.Permission) error
return nil
}
}
return &influxdb.Error{
Code: influxdb.EUnauthorized,
return &errors.Error{
Code: errors.EUnauthorized,
Msg: fmt.Sprintf("none of %v is authorized", permissions),
}
}
func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType, rid, oid *influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType, rid, oid *platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
var p *influxdb.Permission
var err error
if rid != nil && oid != nil {
@ -89,7 +92,7 @@ func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType,
return auth, *p, isAllowed(auth, *p)
}
func authorizeReadSystemBucket(ctx context.Context, bid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func authorizeReadSystemBucket(ctx context.Context, bid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return AuthorizeReadOrg(ctx, oid)
}
@ -98,7 +101,7 @@ func authorizeReadSystemBucket(ctx context.Context, bid, oid influxdb.ID) (influ
// AuthorizeRead(ctx, influxdb.BucketsResourceType, b.ID, b.OrgID)
// use:
// AuthorizeReadBucket(ctx, b.Type, b.ID, b.OrgID)
func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
switch bt {
case influxdb.BucketTypeSystem:
return authorizeReadSystemBucket(ctx, bid, oid)
@ -109,54 +112,54 @@ func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid i
// AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID, and orgID).
// NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.
func AuthorizeRead(ctx context.Context, rt influxdb.ResourceType, rid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeRead(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, &rid, &oid)
}
// AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID, and orgID).
// NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.
func AuthorizeWrite(ctx context.Context, rt influxdb.ResourceType, rid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeWrite(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, &rid, &oid)
}
// AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID).
// NOTE: authorization will pass only if the user has a specific permission for the given resource.
func AuthorizeReadResource(ctx context.Context, rt influxdb.ResourceType, rid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeReadResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, &rid, nil)
}
// AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID).
// NOTE: authorization will pass only if the user has a specific permission for the given resource.
func AuthorizeWriteResource(ctx context.Context, rt influxdb.ResourceType, rid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeWriteResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, &rid, nil)
}
// AuthorizeOrgReadResource authorizes the given org to read the resources of the given type.
// NOTE: this is pretty much the same as AuthorizeRead, in the case that the resource ID is ignored.
// Use it in the case that you do not know which resource in particular you want to give access to.
func AuthorizeOrgReadResource(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeOrgReadResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, nil, &oid)
}
// AuthorizeOrgWriteResource authorizes the given org to write the resources of the given type.
// NOTE: this is pretty much the same as AuthorizeWrite, in the case that the resource ID is ignored.
// Use it in the case that you do not know which resource in particular you want to give access to.
func AuthorizeOrgWriteResource(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeOrgWriteResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, nil, &oid)
}
// AuthorizeCreate authorizes a user to create a resource of the given type for the given org.
func AuthorizeCreate(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeCreate(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return AuthorizeOrgWriteResource(ctx, rt, oid)
}
// AuthorizeReadOrg authorizes the user to read the given org.
func AuthorizeReadOrg(ctx context.Context, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeReadOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, influxdb.OrgsResourceType, &oid, nil)
}
// AuthorizeWriteOrg authorizes the user to write the given org.
func AuthorizeWriteOrg(ctx context.Context, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) {
func AuthorizeWriteOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, influxdb.OrgsResourceType, &oid, nil)
}

66
authorizer/authorize_find.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
)
@ -18,10 +20,10 @@ func AuthorizeFindDBRPs(ctx context.Context, rs []*influxdb.DBRPMappingV2) ([]*i
if err != nil {
_, _, err = AuthorizeWrite(ctx, influxdb.BucketsResourceType, r.BucketID, r.OrganizationID)
}
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -36,17 +38,17 @@ func AuthorizeFindAuthorizations(ctx context.Context, rs []*influxdb.Authorizati
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.AuthorizationsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
_, _, err = AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.UserID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -61,10 +63,10 @@ func AuthorizeFindBuckets(ctx context.Context, rs []*influxdb.Bucket) ([]*influx
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeReadBucket(ctx, r.Type, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -79,10 +81,10 @@ func AuthorizeFindDashboards(ctx context.Context, rs []*influxdb.Dashboard) ([]*
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.DashboardsResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -97,10 +99,10 @@ func AuthorizeFindOrganizations(ctx context.Context, rs []*influxdb.Organization
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeReadOrg(ctx, r.ID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -115,10 +117,10 @@ func AuthorizeFindSources(ctx context.Context, rs []*influxdb.Source) ([]*influx
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.SourcesResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -133,10 +135,10 @@ func AuthorizeFindTasks(ctx context.Context, rs []*influxdb.Task) ([]*influxdb.T
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.TasksResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -151,10 +153,10 @@ func AuthorizeFindTelegrafs(ctx context.Context, rs []*influxdb.TelegrafConfig)
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.TelegrafsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -169,10 +171,10 @@ func AuthorizeFindUsers(ctx context.Context, rs []*influxdb.User) ([]*influxdb.U
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.ID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -187,10 +189,10 @@ func AuthorizeFindVariables(ctx context.Context, rs []*influxdb.Variable) ([]*in
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.VariablesResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -205,10 +207,10 @@ func AuthorizeFindScrapers(ctx context.Context, rs []influxdb.ScraperTarget) ([]
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.ScraperResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -223,10 +225,10 @@ func AuthorizeFindLabels(ctx context.Context, rs []*influxdb.Label) ([]*influxdb
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.LabelsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -241,10 +243,10 @@ func AuthorizeFindNotificationRules(ctx context.Context, rs []influxdb.Notificat
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.NotificationRuleResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -259,10 +261,10 @@ func AuthorizeFindNotificationEndpoints(ctx context.Context, rs []influxdb.Notif
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.NotificationEndpointResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
@ -277,10 +279,10 @@ func AuthorizeFindChecks(ctx context.Context, rs []influxdb.Check) ([]influxdb.C
rrs := rs[:0]
for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.ChecksResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized {
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err
}
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)

10
authorizer/bucket.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing"
)
@ -23,7 +25,7 @@ func NewBucketService(s influxdb.BucketService) *BucketService {
}
// FindBucketByID checks to see if the authorizer on context has read access to the id provided.
func (s *BucketService) FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
func (s *BucketService) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -38,7 +40,7 @@ func (s *BucketService) FindBucketByID(ctx context.Context, id influxdb.ID) (*in
}
// FindBucketByName returns a bucket by name for a particular organization.
func (s *BucketService) FindBucketByName(ctx context.Context, orgID influxdb.ID, n string) (*influxdb.Bucket, error) {
func (s *BucketService) FindBucketByName(ctx context.Context, orgID platform.ID, n string) (*influxdb.Bucket, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -93,7 +95,7 @@ func (s *BucketService) CreateBucket(ctx context.Context, b *influxdb.Bucket) er
}
// UpdateBucket checks to see if the authorizer on context has write access to the bucket provided.
func (s *BucketService) UpdateBucket(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
func (s *BucketService) UpdateBucket(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
b, err := s.s.FindBucketByID(ctx, id)
if err != nil {
return nil, err
@ -105,7 +107,7 @@ func (s *BucketService) UpdateBucket(ctx context.Context, id influxdb.ID, upd in
}
// DeleteBucket checks to see if the authorizer on context has write access to the bucket provided.
func (s *BucketService) DeleteBucket(ctx context.Context, id influxdb.ID) error {
func (s *BucketService) DeleteBucket(ctx context.Context, id platform.ID) error {
b, err := s.s.FindBucketByID(ctx, id)
if err != nil {
return err

50
authorizer/bucket_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: id,
OrgID: 10,
@ -75,7 +77,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: id,
OrgID: 10,
@ -94,9 +96,9 @@ func TestBucketService_FindBucketByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -179,9 +181,9 @@ func TestBucketService_FindBucket(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -334,7 +336,7 @@ func TestBucketService_UpdateBucket(t *testing.T) {
BucketService influxdb.BucketService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -351,13 +353,13 @@ func TestBucketService_UpdateBucket(t *testing.T) {
name: "authorized to update bucket",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
}, nil
},
UpdateBucketFn: func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
UpdateBucketFn: func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
@ -392,13 +394,13 @@ func TestBucketService_UpdateBucket(t *testing.T) {
name: "unauthorized to update bucket",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
}, nil
},
UpdateBucketFn: func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
UpdateBucketFn: func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
@ -419,9 +421,9 @@ func TestBucketService_UpdateBucket(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -445,7 +447,7 @@ func TestBucketService_DeleteBucket(t *testing.T) {
BucketService influxdb.BucketService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -462,13 +464,13 @@ func TestBucketService_DeleteBucket(t *testing.T) {
name: "authorized to delete bucket",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
}, nil
},
DeleteBucketFn: func(ctx context.Context, id influxdb.ID) error {
DeleteBucketFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -500,13 +502,13 @@ func TestBucketService_DeleteBucket(t *testing.T) {
name: "unauthorized to delete bucket",
fields: fields{
BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{
ID: 1,
OrgID: 10,
}, nil
},
DeleteBucketFn: func(ctx context.Context, id influxdb.ID) error {
DeleteBucketFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -524,9 +526,9 @@ func TestBucketService_DeleteBucket(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -551,7 +553,7 @@ func TestBucketService_CreateBucket(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -606,9 +608,9 @@ func TestBucketService_CreateBucket(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

12
authorizer/check.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -27,7 +29,7 @@ func NewCheckService(s influxdb.CheckService, urm influxdb.UserResourceMappingSe
}
// FindCheckByID checks to see if the authorizer on context has read access to the id provided.
func (s *CheckService) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
func (s *CheckService) FindCheckByID(ctx context.Context, id platform.ID) (influxdb.Check, error) {
chk, err := s.s.FindCheckByID(ctx, id)
if err != nil {
return nil, err
@ -62,7 +64,7 @@ func (s *CheckService) FindCheck(ctx context.Context, filter influxdb.CheckFilte
}
// CreateCheck checks to see if the authorizer on context has write access to the global check resource.
func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error {
func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.ChecksResourceType, chk.GetOrgID()); err != nil {
return err
}
@ -70,7 +72,7 @@ func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate
}
// UpdateCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) UpdateCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
func (s *CheckService) UpdateCheck(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
chk, err := s.FindCheckByID(ctx, id)
if err != nil {
return nil, err
@ -82,7 +84,7 @@ func (s *CheckService) UpdateCheck(ctx context.Context, id influxdb.ID, upd infl
}
// PatchCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
func (s *CheckService) PatchCheck(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
chk, err := s.FindCheckByID(ctx, id)
if err != nil {
return nil, err
@ -94,7 +96,7 @@ func (s *CheckService) PatchCheck(ctx context.Context, id influxdb.ID, upd influ
}
// DeleteCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) DeleteCheck(ctx context.Context, id influxdb.ID) error {
func (s *CheckService) DeleteCheck(ctx context.Context, id platform.ID) error {
chk, err := s.FindCheckByID(ctx, id)
if err != nil {
return err

64
authorizer/check_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -34,7 +36,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -50,7 +52,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: id,
@ -78,7 +80,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: id,
@ -99,9 +101,9 @@ func TestCheckService_FindCheckByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -275,7 +277,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
CheckService influxdb.CheckService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -292,7 +294,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
name: "authorized to update check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -300,7 +302,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
},
}, nil
},
UpdateCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
UpdateCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -337,7 +339,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
name: "unauthorized to update check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -345,7 +347,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
},
}, nil
},
UpdateCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
UpdateCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -368,9 +370,9 @@ func TestCheckService_UpdateCheck(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -399,7 +401,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
CheckService influxdb.CheckService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -416,7 +418,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
name: "authorized to patch check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -424,7 +426,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
},
}, nil
},
PatchCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
PatchCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -461,7 +463,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
name: "unauthorized to patch check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -469,7 +471,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
},
}, nil
},
PatchCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
PatchCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -492,9 +494,9 @@ func TestCheckService_PatchCheck(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -518,7 +520,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
CheckService influxdb.CheckService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -535,7 +537,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
name: "authorized to delete check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -543,7 +545,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
},
}, nil
},
DeleteCheckFn: func(ctx context.Context, id influxdb.ID) error {
DeleteCheckFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -575,7 +577,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
name: "unauthorized to delete check",
fields: fields{
CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{
Base: check.Base{
ID: 1,
@ -583,7 +585,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
},
}, nil
},
DeleteCheckFn: func(ctx context.Context, id influxdb.ID) error {
DeleteCheckFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -601,9 +603,9 @@ func TestCheckService_DeleteCheck(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -628,7 +630,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -644,7 +646,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
name: "authorized to create check with org owner",
fields: fields{
CheckService: &mock.CheckService{
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error {
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
return nil
},
},
@ -667,7 +669,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
name: "unauthorized to create check",
fields: fields{
CheckService: &mock.CheckService{
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error {
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
return nil
},
},
@ -683,9 +685,9 @@ func TestCheckService_CreateCheck(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

20
authorizer/dashboard.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -22,7 +24,7 @@ func NewDashboardService(s influxdb.DashboardService) *DashboardService {
}
// FindDashboardByID checks to see if the authorizer on context has read access to the id provided.
func (s *DashboardService) FindDashboardByID(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
func (s *DashboardService) FindDashboardByID(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
b, err := s.s.FindDashboardByID(ctx, id)
if err != nil {
return nil, err
@ -53,7 +55,7 @@ func (s *DashboardService) CreateDashboard(ctx context.Context, b *influxdb.Dash
}
// UpdateDashboard checks to see if the authorizer on context has write access to the dashboard provided.
func (s *DashboardService) UpdateDashboard(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
func (s *DashboardService) UpdateDashboard(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
b, err := s.s.FindDashboardByID(ctx, id)
if err != nil {
return nil, err
@ -65,7 +67,7 @@ func (s *DashboardService) UpdateDashboard(ctx context.Context, id influxdb.ID,
}
// DeleteDashboard checks to see if the authorizer on context has write access to the dashboard provided.
func (s *DashboardService) DeleteDashboard(ctx context.Context, id influxdb.ID) error {
func (s *DashboardService) DeleteDashboard(ctx context.Context, id platform.ID) error {
b, err := s.s.FindDashboardByID(ctx, id)
if err != nil {
return err
@ -76,7 +78,7 @@ func (s *DashboardService) DeleteDashboard(ctx context.Context, id influxdb.ID)
return s.s.DeleteDashboard(ctx, id)
}
func (s *DashboardService) AddDashboardCell(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
func (s *DashboardService) AddDashboardCell(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
b, err := s.s.FindDashboardByID(ctx, id)
if err != nil {
return err
@ -87,7 +89,7 @@ func (s *DashboardService) AddDashboardCell(ctx context.Context, id influxdb.ID,
return s.s.AddDashboardCell(ctx, id, c, opts)
}
func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) error {
func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID) error {
b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil {
return err
@ -98,7 +100,7 @@ func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID
return s.s.RemoveDashboardCell(ctx, dashboardID, cellID)
}
func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil {
return nil, err
@ -109,7 +111,7 @@ func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID
return s.s.UpdateDashboardCell(ctx, dashboardID, cellID, upd)
}
func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) (*influxdb.View, error) {
func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID) (*influxdb.View, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil {
return nil, err
@ -120,7 +122,7 @@ func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID
return s.s.GetDashboardCellView(ctx, dashboardID, cellID)
}
func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil {
return nil, err
@ -131,7 +133,7 @@ func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboar
return s.s.UpdateDashboardCellView(ctx, dashboardID, cellID, upd)
}
func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id influxdb.ID, c []*influxdb.Cell) error {
func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id platform.ID, c []*influxdb.Cell) error {
b, err := s.s.FindDashboardByID(ctx, id)
if err != nil {
return err

90
authorizer/dashboard_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
@ -75,7 +77,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
@ -94,9 +96,9 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -249,7 +251,7 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
DashboardService influxdb.DashboardService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -266,13 +268,13 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
name: "authorized to update dashboard",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateDashboardF: func(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
UpdateDashboardF: func(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
@ -307,13 +309,13 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
name: "unauthorized to update dashboard",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateDashboardF: func(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
UpdateDashboardF: func(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
@ -334,9 +336,9 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -360,7 +362,7 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
DashboardService influxdb.DashboardService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -377,13 +379,13 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
name: "authorized to delete dashboard",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteDashboardF: func(ctx context.Context, id influxdb.ID) error {
DeleteDashboardF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -415,13 +417,13 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
name: "unauthorized to delete dashboard",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteDashboardF: func(ctx context.Context, id influxdb.ID) error {
DeleteDashboardF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -439,9 +441,9 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -466,7 +468,7 @@ func TestDashboardService_CreateDashboard(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -521,9 +523,9 @@ func TestDashboardService_CreateDashboard(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -548,7 +550,7 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -564,25 +566,25 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
name: "authorized to write dashboard cells/cell/view",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
}, nil
},
AddDashboardCellF: func(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
AddDashboardCellF: func(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
return nil
},
RemoveDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) error {
RemoveDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID) error {
return nil
},
ReplaceDashboardCellsF: func(ctx context.Context, id influxdb.ID, cs []*influxdb.Cell) error {
ReplaceDashboardCellsF: func(ctx context.Context, id platform.ID, cs []*influxdb.Cell) error {
return nil
},
UpdateDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
UpdateDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
return &influxdb.Cell{}, nil
},
UpdateDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
UpdateDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
return &influxdb.View{}, nil
},
},
@ -605,25 +607,25 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
name: "unauthorized to write dashboard cells/cell/view",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
}, nil
},
AddDashboardCellF: func(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
AddDashboardCellF: func(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
return nil
},
ReplaceDashboardCellsF: func(ctx context.Context, id influxdb.ID, cs []*influxdb.Cell) error {
ReplaceDashboardCellsF: func(ctx context.Context, id platform.ID, cs []*influxdb.Cell) error {
return nil
},
UpdateDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
UpdateDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
return &influxdb.Cell{}, nil
},
RemoveDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) error {
RemoveDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID) error {
return nil
},
UpdateDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
UpdateDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
return &influxdb.View{}, nil
},
},
@ -639,9 +641,9 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -678,7 +680,7 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -694,13 +696,13 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
name: "authorized to read dashboard cells/cell/view",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
}, nil
},
GetDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) (*influxdb.View, error) {
GetDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID) (*influxdb.View, error) {
return &influxdb.View{}, nil
},
},
@ -723,13 +725,13 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
name: "unauthorized to read dashboard cells/cell/view",
fields: fields{
DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) {
FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{
ID: id,
OrganizationID: 10,
}, nil
},
GetDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) (*influxdb.View, error) {
GetDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID) (*influxdb.View, error) {
return &influxdb.View{}, nil
},
},
@ -745,9 +747,9 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

10
authorizer/document.go
View File

@ -4,6 +4,8 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -41,14 +43,14 @@ type documentStore struct {
s influxdb.DocumentStore
}
func newDocumentPermission(a influxdb.Action, orgID influxdb.ID, did *influxdb.ID) (*influxdb.Permission, error) {
func newDocumentPermission(a influxdb.Action, orgID platform.ID, did *platform.ID) (*influxdb.Permission, error) {
if did != nil {
return influxdb.NewPermissionAtID(*did, a, influxdb.DocumentsResourceType, orgID)
}
return influxdb.NewPermission(a, influxdb.DocumentsResourceType, orgID)
}
func toPerms(action influxdb.Action, orgs map[influxdb.ID]influxdb.UserType, did *influxdb.ID) ([]influxdb.Permission, error) {
func toPerms(action influxdb.Action, orgs map[platform.ID]influxdb.UserType, did *platform.ID) ([]influxdb.Permission, error) {
ps := make([]influxdb.Permission, 0, len(orgs))
for orgID := range orgs {
p, err := newDocumentPermission(action, orgID, did)
@ -74,7 +76,7 @@ func (s *documentStore) CreateDocument(ctx context.Context, d *influxdb.Document
return s.s.CreateDocument(ctx, d)
}
func (s *documentStore) FindDocument(ctx context.Context, id influxdb.ID) (*influxdb.Document, error) {
func (s *documentStore) FindDocument(ctx context.Context, id platform.ID) (*influxdb.Document, error) {
d, err := s.s.FindDocument(ctx, id)
if err != nil {
return nil, err
@ -89,7 +91,7 @@ func (s *documentStore) FindDocument(ctx context.Context, id influxdb.ID) (*infl
return d, nil
}
func (s *documentStore) FindDocuments(ctx context.Context, oid influxdb.ID) ([]*influxdb.Document, error) {
func (s *documentStore) FindDocuments(ctx context.Context, oid platform.ID) ([]*influxdb.Document, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.DocumentsResourceType, oid); err != nil {
return nil, err
}

8
authorizer/label.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -25,7 +27,7 @@ func NewLabelServiceWithOrg(s influxdb.LabelService, orgIDResolver OrgIDResolver
}
// FindLabelByID checks to see if the authorizer on context has read access to the label id provided.
func (s *LabelService) FindLabelByID(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
func (s *LabelService) FindLabelByID(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
l, err := s.s.FindLabelByID(ctx, id)
if err != nil {
return nil, err
@ -95,7 +97,7 @@ func (s *LabelService) CreateLabelMapping(ctx context.Context, m *influxdb.Label
}
// UpdateLabel checks to see if the authorizer on context has write access to the label provided.
func (s *LabelService) UpdateLabel(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
func (s *LabelService) UpdateLabel(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
l, err := s.s.FindLabelByID(ctx, id)
if err != nil {
return nil, err
@ -107,7 +109,7 @@ func (s *LabelService) UpdateLabel(ctx context.Context, id influxdb.ID, upd infl
}
// DeleteLabel checks to see if the authorizer on context has write access to the label provided.
func (s *LabelService) DeleteLabel(ctx context.Context, id influxdb.ID) error {
func (s *LabelService) DeleteLabel(ctx context.Context, id platform.ID) error {
l, err := s.s.FindLabelByID(ctx, id)
if err != nil {
return err

82
authorizer/label_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -21,7 +23,7 @@ const (
var (
orgOneInfluxID = influxdbtesting.MustIDBase16(orgOneID)
orgSvc = &mock.OrganizationService{
FindResourceOrganizationIDF: func(_ context.Context, _ influxdb.ResourceType, _ influxdb.ID) (influxdb.ID, error) {
FindResourceOrganizationIDF: func(_ context.Context, _ influxdb.ResourceType, _ platform.ID) (platform.ID, error) {
return orgOneInfluxID, nil
},
}
@ -46,7 +48,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -62,7 +64,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: id,
OrgID: orgOneInfluxID,
@ -88,7 +90,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: id,
OrgID: orgOneInfluxID,
@ -107,9 +109,9 @@ func TestLabelService_FindLabelByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -292,7 +294,7 @@ func TestLabelService_UpdateLabel(t *testing.T) {
LabelService influxdb.LabelService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -309,13 +311,13 @@ func TestLabelService_UpdateLabel(t *testing.T) {
name: "authorized to update label",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
}, nil
},
UpdateLabelFn: func(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
UpdateLabelFn: func(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -343,13 +345,13 @@ func TestLabelService_UpdateLabel(t *testing.T) {
name: "unauthorized to update label",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
}, nil
},
UpdateLabelFn: func(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
UpdateLabelFn: func(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -370,9 +372,9 @@ func TestLabelService_UpdateLabel(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -396,7 +398,7 @@ func TestLabelService_DeleteLabel(t *testing.T) {
LabelService influxdb.LabelService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -413,13 +415,13 @@ func TestLabelService_DeleteLabel(t *testing.T) {
name: "authorized to delete label",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
}, nil
},
DeleteLabelFn: func(ctx context.Context, id influxdb.ID) error {
DeleteLabelFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -445,13 +447,13 @@ func TestLabelService_DeleteLabel(t *testing.T) {
name: "unauthorized to delete label",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
}, nil
},
DeleteLabelFn: func(ctx context.Context, id influxdb.ID) error {
DeleteLabelFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -470,9 +472,9 @@ func TestLabelService_DeleteLabel(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -527,9 +529,9 @@ func TestLabelService_CreateLabel(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -551,9 +553,9 @@ func TestLabelService_CreateLabel(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -806,9 +808,9 @@ func TestLabelService_FindResourceLabels(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/020f755c3c083000/buckets/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -853,7 +855,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "authorized to create label mapping",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -894,7 +896,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "unauthorized to create label mapping for resources on which the user does not have write access",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -921,8 +923,8 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.EUnauthorized,
err: &errors.Error{
Code: errors.EUnauthorized,
Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized",
},
},
@ -931,7 +933,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "unauthorized to create label mapping",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -958,9 +960,9 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -1001,7 +1003,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "authorized to delete label mapping",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -1042,7 +1044,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "unauthorized to delete label mapping containing a resources on which the user does not have write access",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -1069,8 +1071,8 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.EUnauthorized,
err: &errors.Error{
Code: errors.EUnauthorized,
Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized",
},
},
@ -1079,7 +1081,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "unauthorized to delete label mapping",
fields: fields{
LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) {
FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{
ID: 1,
OrgID: orgOneInfluxID,
@ -1106,9 +1108,9 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

17
authorizer/notification_endpoint.go
View File

@ -3,6 +3,9 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
)
@ -30,7 +33,7 @@ func NewNotificationEndpointService(
}
// FindNotificationEndpointByID checks to see if the authorizer on context has read access to the id provided.
func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
edp, err := s.s.FindNotificationEndpointByID(ctx, id)
if err != nil {
return nil, err
@ -45,8 +48,8 @@ func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.C
func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Context, filter influxdb.NotificationEndpointFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationEndpoint, int, error) {
// TODO: This is a temporary fix as to not fetch the entire collection when no filter is provided.
if !filter.UserID.Valid() && filter.OrgID == nil {
return nil, 0, &influxdb.Error{
Code: influxdb.EUnauthorized,
return nil, 0, &errors.Error{
Code: errors.EUnauthorized,
Msg: "cannot process a request without a org or user filter",
}
}
@ -61,7 +64,7 @@ func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Cont
}
// CreateNotificationEndpoint checks to see if the authorizer on context has write access to the global notification endpoint resource.
func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID influxdb.ID) error {
func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationEndpointResourceType, edp.GetOrgID()); err != nil {
return err
}
@ -69,7 +72,7 @@ func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Con
}
// UpdateNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) {
func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil {
return nil, err
@ -81,7 +84,7 @@ func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Con
}
// PatchNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil {
return nil, err
@ -93,7 +96,7 @@ func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Cont
}
// DeleteNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) {
func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil {
return nil, 0, err

78
authorizer/notification_endpoint_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -34,7 +36,7 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -50,8 +52,8 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
name: "authorized to access id with org",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
orgID := influxdb.ID(10)
FindNotificationEndpointByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
orgID := platform.ID(10)
return &endpoint.Slack{
Base: endpoint.Base{
ID: &id,
@ -79,8 +81,8 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
name: "unauthorized to access id",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
orgID := influxdb.ID(10)
FindNotificationEndpointByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
orgID := platform.ID(10)
return &endpoint.Slack{
Base: endpoint.Base{
ID: &id,
@ -101,9 +103,9 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -199,7 +201,7 @@ func TestNotificationEndpointService_FindNotificationEndpoints(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission}))
oid := influxdb.ID(10)
oid := platform.ID(10)
edps, _, err := s.FindNotificationEndpoints(ctx, influxdb.NotificationEndpointFilter{OrgID: &oid})
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
@ -215,7 +217,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -232,7 +234,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
name: "authorized to update notificationEndpoint with org owner",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -240,7 +242,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
},
}, nil
},
UpdateNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) {
UpdateNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -277,7 +279,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
name: "unauthorized to update notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -285,7 +287,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
},
}, nil
},
UpdateNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) {
UpdateNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -308,9 +310,9 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -325,7 +327,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateNotificationEndpoint(ctx, tt.args.id, &endpoint.Slack{}, influxdb.ID(1))
_, err := s.UpdateNotificationEndpoint(ctx, tt.args.id, &endpoint.Slack{}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}
@ -336,7 +338,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -353,7 +355,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
name: "authorized to patch notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -361,7 +363,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
},
}, nil
},
PatchNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
PatchNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -398,7 +400,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
name: "unauthorized to patch notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -406,7 +408,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
},
}, nil
},
PatchNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
PatchNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -429,9 +431,9 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -456,7 +458,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -473,7 +475,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
name: "authorized to delete notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -481,7 +483,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
},
}, nil
},
DeleteNotificationEndpointF: func(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) {
DeleteNotificationEndpointF: func(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
return nil, 0, nil
},
},
@ -513,7 +515,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
name: "unauthorized to delete notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) {
FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{
Base: endpoint.Base{
ID: idPtr(1),
@ -521,7 +523,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
},
}, nil
},
DeleteNotificationEndpointF: func(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) {
DeleteNotificationEndpointF: func(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
return nil, 0, nil
},
},
@ -539,9 +541,9 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -568,7 +570,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -584,7 +586,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "authorized to create notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error {
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil
},
},
@ -607,7 +609,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "authorized to create notificationEndpoint with org owner",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error {
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil
},
},
@ -630,7 +632,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "unauthorized to create notificationEndpoint",
fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error {
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil
},
},
@ -646,9 +648,9 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -666,12 +668,12 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
err := s.CreateNotificationEndpoint(ctx, &endpoint.Slack{
Base: endpoint.Base{
OrgID: idPtr(tt.args.orgID)},
}, influxdb.ID(1))
}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}
}
func idPtr(id influxdb.ID) *influxdb.ID {
func idPtr(id platform.ID) *platform.ID {
return &id
}

12
authorizer/notification_rule.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -26,7 +28,7 @@ func NewNotificationRuleStore(s influxdb.NotificationRuleStore, urm influxdb.Use
}
// FindNotificationRuleByID checks to see if the authorizer on context has read access to the id provided.
func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil {
return nil, err
@ -49,7 +51,7 @@ func (s *NotificationRuleStore) FindNotificationRules(ctx context.Context, filte
}
// CreateNotificationRule checks to see if the authorizer on context has write access to the global notification rule resource.
func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID influxdb.ID) error {
func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationRuleResourceType, nr.GetOrgID()); err != nil {
return err
}
@ -57,7 +59,7 @@ func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr i
}
// UpdateNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) {
func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
nr, err := s.FindNotificationRuleByID(ctx, id)
if err != nil {
return nil, err
@ -69,7 +71,7 @@ func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id i
}
// PatchNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil {
return nil, err
@ -81,7 +83,7 @@ func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id in
}
// DeleteNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id influxdb.ID) error {
func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id platform.ID) error {
nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil {
return err

68
authorizer/notification_rule_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -34,7 +36,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -50,7 +52,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: id,
@ -78,7 +80,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: id,
@ -99,9 +101,9 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -275,7 +277,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -292,7 +294,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
name: "authorized to update notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -300,7 +302,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
},
}, nil
},
UpdateNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) {
UpdateNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -337,7 +339,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
name: "unauthorized to update notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -345,7 +347,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
},
}, nil
},
UpdateNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) {
UpdateNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -368,9 +370,9 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -388,7 +390,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
Status: influxdb.Active,
}
_, err := s.UpdateNotificationRule(ctx, tt.args.id, nrc, influxdb.ID(1))
_, err := s.UpdateNotificationRule(ctx, tt.args.id, nrc, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}
@ -399,7 +401,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -416,7 +418,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
name: "authorized to patch notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -424,7 +426,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
},
}, nil
},
PatchNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
PatchNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -461,7 +463,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
name: "unauthorized to patch notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -469,7 +471,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
},
}, nil
},
PatchNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
PatchNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -492,9 +494,9 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -518,7 +520,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -535,7 +537,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
name: "authorized to delete notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -543,7 +545,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
},
}, nil
},
DeleteNotificationRuleF: func(ctx context.Context, id influxdb.ID) error {
DeleteNotificationRuleF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -575,7 +577,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
name: "unauthorized to delete notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) {
FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{
Base: rule.Base{
ID: 1,
@ -583,7 +585,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
},
}, nil
},
DeleteNotificationRuleF: func(ctx context.Context, id influxdb.ID) error {
DeleteNotificationRuleF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -601,9 +603,9 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -628,7 +630,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -644,7 +646,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
name: "authorized to create notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID influxdb.ID) error {
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID platform.ID) error {
return nil
},
},
@ -667,7 +669,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
name: "unauthorized to create notificationRule",
fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID influxdb.ID) error {
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID platform.ID) error {
return nil
},
},
@ -683,9 +685,9 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -708,7 +710,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
Status: influxdb.Active,
}
err := s.CreateNotificationRule(ctx, nrc, influxdb.ID(1))
err := s.CreateNotificationRule(ctx, nrc, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}

8
authorizer/org.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
icontext "github.com/influxdata/influxdb/v2/context"
)
@ -23,7 +25,7 @@ func NewOrgService(s influxdb.OrganizationService) *OrgService {
}
// FindOrganizationByID checks to see if the authorizer on context has read access to the id provided.
func (s *OrgService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
func (s *OrgService) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
if _, _, err := AuthorizeReadOrg(ctx, id); err != nil {
return nil, err
}
@ -74,7 +76,7 @@ func (s *OrgService) CreateOrganization(ctx context.Context, o *influxdb.Organiz
}
// UpdateOrganization checks to see if the authorizer on context has write access to the organization provided.
func (s *OrgService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
func (s *OrgService) UpdateOrganization(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil {
return nil, err
}
@ -82,7 +84,7 @@ func (s *OrgService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd
}
// DeleteOrganization checks to see if the authorizer on context has write access to the organization provided.
func (s *OrgService) DeleteOrganization(ctx context.Context, id influxdb.ID) error {
func (s *OrgService) DeleteOrganization(ctx context.Context, id platform.ID) error {
if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil {
return err
}

40
authorizer/org_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
OrgService: &mock.OrganizationService{
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
}, nil
@ -74,7 +76,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
OrgService: &mock.OrganizationService{
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: id,
}, nil
@ -92,9 +94,9 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -174,9 +176,9 @@ func TestOrgService_FindOrganization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -314,7 +316,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
OrgService influxdb.OrganizationService
}
type args struct {
id influxdb.ID
id platform.ID
permission influxdb.Permission
}
type wants struct {
@ -331,7 +333,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
name: "authorized to update org",
fields: fields{
OrgService: &mock.OrganizationService{
UpdateOrganizationF: func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
UpdateOrganizationF: func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: 1,
}, nil
@ -356,7 +358,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
name: "unauthorized to update org",
fields: fields{
OrgService: &mock.OrganizationService{
UpdateOrganizationF: func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
UpdateOrganizationF: func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
return &influxdb.Organization{
ID: 1,
}, nil
@ -374,9 +376,9 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -400,7 +402,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
OrgService influxdb.OrganizationService
}
type args struct {
id influxdb.ID
id platform.ID
permission influxdb.Permission
}
type wants struct {
@ -417,7 +419,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
name: "authorized to delete org",
fields: fields{
OrgService: &mock.OrganizationService{
DeleteOrganizationF: func(ctx context.Context, id influxdb.ID) error {
DeleteOrganizationF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -440,7 +442,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
name: "unauthorized to delete org",
fields: fields{
OrgService: &mock.OrganizationService{
DeleteOrganizationF: func(ctx context.Context, id influxdb.ID) error {
DeleteOrganizationF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -456,9 +458,9 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -534,9 +536,9 @@ func TestOrgService_CreateOrganization(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

8
authorizer/password.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -17,7 +19,7 @@ func NewPasswordService(svc influxdb.PasswordsService) *PasswordService {
}
// SetPassword overrides the password of a known user.
func (s *PasswordService) SetPassword(ctx context.Context, userID influxdb.ID, password string) error {
func (s *PasswordService) SetPassword(ctx context.Context, userID platform.ID, password string) error {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, userID); err != nil {
return err
}
@ -26,12 +28,12 @@ func (s *PasswordService) SetPassword(ctx context.Context, userID influxdb.ID, p
// ComparePassword checks if the password matches the password recorded.
// Passwords that do not match return errors.
func (s *PasswordService) ComparePassword(ctx context.Context, userID influxdb.ID, password string) error {
func (s *PasswordService) ComparePassword(ctx context.Context, userID platform.ID, password string) error {
panic("not implemented")
}
// CompareAndSetPassword checks the password and if they match
// updates to the new password.
func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID influxdb.ID, old string, new string) error {
func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID platform.ID, old string, new string) error {
panic("not implemented")
}

11
authorizer/password_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing"
"github.com/influxdata/influxdb/v2"
@ -14,7 +15,7 @@ import (
func TestPasswordService(t *testing.T) {
t.Run("SetPassword", func(t *testing.T) {
t.Run("user with permissions should proceed", func(t *testing.T) {
userID := influxdb.ID(1)
userID := platform.ID(1)
permission := influxdb.Permission{
Action: influxdb.WriteAction,
@ -25,7 +26,7 @@ func TestPasswordService(t *testing.T) {
}
fakeSVC := mock.NewPasswordsService()
fakeSVC.SetPasswordFn = func(_ context.Context, _ influxdb.ID, _ string) error {
fakeSVC.SetPasswordFn = func(_ context.Context, _ platform.ID, _ string) error {
return nil
}
s := authorizer.NewPasswordService(fakeSVC)
@ -37,8 +38,8 @@ func TestPasswordService(t *testing.T) {
})
t.Run("user without permissions should proceed", func(t *testing.T) {
goodUserID := influxdb.ID(1)
badUserID := influxdb.ID(3)
goodUserID := platform.ID(1)
badUserID := platform.ID(3)
tests := []struct {
name string
@ -82,7 +83,7 @@ func TestPasswordService(t *testing.T) {
for _, tt := range tests {
fn := func(t *testing.T) {
fakeSVC := &mock.PasswordsService{
SetPasswordFn: func(_ context.Context, _ influxdb.ID, _ string) error {
SetPasswordFn: func(_ context.Context, _ platform.ID, _ string) error {
return nil
},
}

4
authorizer/restore.go
View File

@ -4,6 +4,8 @@ import (
"context"
"io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing"
)
@ -33,7 +35,7 @@ func (b RestoreService) RestoreKVStore(ctx context.Context, r io.Reader) error {
return b.s.RestoreKVStore(ctx, r)
}
func (b RestoreService) RestoreBucket(ctx context.Context, id influxdb.ID, dbi []byte) (shardIDMap map[uint64]uint64, err error) {
func (b RestoreService) RestoreBucket(ctx context.Context, id platform.ID, dbi []byte) (shardIDMap map[uint64]uint64, err error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()

10
authorizer/scraper.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -28,7 +30,7 @@ func NewScraperTargetStoreService(s influxdb.ScraperTargetStoreService,
}
// GetTargetByID checks to see if the authorizer on context has read access to the id provided.
func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
st, err := s.s.GetTargetByID(ctx, id)
if err != nil {
return nil, err
@ -52,7 +54,7 @@ func (s *ScraperTargetStoreService) ListTargets(ctx context.Context, filter infl
}
// AddTarget checks to see if the authorizer on context has write access to the global scraper target resource.
func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error {
func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.ScraperResourceType, st.OrgID); err != nil {
return err
}
@ -63,7 +65,7 @@ func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.
}
// UpdateTarget checks to see if the authorizer on context has write access to the scraper target provided.
func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) {
func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
st, err := s.s.GetTargetByID(ctx, upd.ID)
if err != nil {
return nil, err
@ -78,7 +80,7 @@ func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influ
}
// RemoveTarget checks to see if the authorizer on context has write access to the scraper target provided.
func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id influxdb.ID) error {
func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id platform.ID) error {
st, err := s.s.GetTargetByID(ctx, id)
if err != nil {
return err

72
authorizer/scraper_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: id,
OrgID: 10,
@ -75,7 +77,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: id,
OrgID: 10,
@ -94,9 +96,9 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -249,8 +251,8 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
ScraperTargetStoreService influxdb.ScraperTargetStoreService
}
type args struct {
id influxdb.ID
bucketID influxdb.ID
id platform.ID
bucketID platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -267,14 +269,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "authorized to update scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
BucketID: 100,
}, nil
},
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) {
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
@ -318,14 +320,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "unauthorized to update scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
BucketID: 100,
}, nil
},
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) {
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
@ -348,9 +350,9 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -358,14 +360,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "unauthorized to write to bucket",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
BucketID: 100,
}, nil
},
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) {
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
@ -388,9 +390,9 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -404,7 +406,7 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateTarget(ctx, &influxdb.ScraperTarget{ID: tt.args.id, BucketID: tt.args.bucketID}, influxdb.ID(1))
_, err := s.UpdateTarget(ctx, &influxdb.ScraperTarget{ID: tt.args.id, BucketID: tt.args.bucketID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}
@ -415,7 +417,7 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
ScraperTargetStoreService influxdb.ScraperTargetStoreService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -432,13 +434,13 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
name: "authorized to delete scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
}, nil
},
RemoveTargetF: func(ctx context.Context, id influxdb.ID) error {
RemoveTargetF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -470,13 +472,13 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
name: "unauthorized to delete scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) {
GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{
ID: 1,
OrgID: 10,
}, nil
},
RemoveTargetF: func(ctx context.Context, id influxdb.ID) error {
RemoveTargetF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -494,9 +496,9 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -522,8 +524,8 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
}
type args struct {
permissions []influxdb.Permission
orgID influxdb.ID
bucketID influxdb.ID
orgID platform.ID
bucketID platform.ID
}
type wants struct {
err error
@ -539,7 +541,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "authorized to create scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error {
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil
},
},
@ -572,7 +574,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "unauthorized to create scraper",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error {
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil
},
},
@ -598,9 +600,9 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -608,7 +610,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "unauthorized to write to bucket",
fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error {
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil
},
},
@ -634,9 +636,9 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -650,7 +652,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
err := s.AddTarget(ctx, &influxdb.ScraperTarget{OrgID: tt.args.orgID, BucketID: tt.args.bucketID}, influxdb.ID(1))
err := s.AddTarget(ctx, &influxdb.ScraperTarget{OrgID: tt.args.orgID, BucketID: tt.args.bucketID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}

14
authorizer/secret.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -22,7 +24,7 @@ func NewSecretService(s influxdb.SecretService) *SecretService {
}
// LoadSecret checks to see if the authorizer on context has read access to the secret key provided.
func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, key string) (string, error) {
func (s *SecretService) LoadSecret(ctx context.Context, orgID platform.ID, key string) (string, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return "", err
}
@ -34,7 +36,7 @@ func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, key s
}
// GetSecretKeys checks to see if the authorizer on context has read access to all the secrets belonging to orgID.
func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([]string, error) {
func (s *SecretService) GetSecretKeys(ctx context.Context, orgID platform.ID) ([]string, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return []string{}, err
}
@ -46,7 +48,7 @@ func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([
}
// PutSecret checks to see if the authorizer on context has write access to the secret key provided.
func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, key string, val string) error {
func (s *SecretService) PutSecret(ctx context.Context, orgID platform.ID, key string, val string) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err
}
@ -58,7 +60,7 @@ func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, key st
}
// PutSecrets checks to see if the authorizer on context has read and write access to the secret keys provided.
func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
func (s *SecretService) PutSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error {
// PutSecrets operates on intersection between m and keys beloging to orgID.
// We need to have read access to those secrets since it deletes the secrets (within the intersection) that have not be overridden.
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
@ -75,7 +77,7 @@ func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map
}
// PatchSecrets checks to see if the authorizer on context has write access to the secret keys provided.
func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
func (s *SecretService) PatchSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error {
if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err
}
@ -87,7 +89,7 @@ func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m m
}
// DeleteSecret checks to see if the authorizer on context has write access to the secret keys provided.
func (s *SecretService) DeleteSecret(ctx context.Context, orgID influxdb.ID, keys ...string) error {
func (s *SecretService) DeleteSecret(ctx context.Context, orgID platform.ID, keys ...string) error {
if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err
}

130
authorizer/secret_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"testing"
"github.com/google/go-cmp/cmp"
@ -25,7 +27,7 @@ func TestSecretService_LoadSecret(t *testing.T) {
}
type args struct {
permission influxdb.Permission
org influxdb.ID
org platform.ID
key string
}
type wants struct {
@ -42,12 +44,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "authorized to access secret within org",
fields: fields{
SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) {
LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" {
return "val", nil
}
return "", &influxdb.Error{
Code: influxdb.ENotFound,
return "", &errors.Error{
Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound,
}
},
@ -62,7 +64,7 @@ func TestSecretService_LoadSecret(t *testing.T) {
},
},
key: "key",
org: influxdb.ID(10),
org: platform.ID(10),
},
wants: wants{
err: nil,
@ -72,12 +74,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "cannot access not existing secret",
fields: fields{
SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) {
LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" {
return "val", nil
}
return "", &influxdb.Error{
Code: influxdb.ENotFound,
return "", &errors.Error{
Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound,
}
},
@ -92,11 +94,11 @@ func TestSecretService_LoadSecret(t *testing.T) {
},
},
key: "not existing",
org: influxdb.ID(10),
org: platform.ID(10),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound,
},
},
@ -105,12 +107,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "unauthorized to access secret within org",
fields: fields{
SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) {
LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" {
return "val", nil
}
return "", &influxdb.Error{
Code: influxdb.ENotFound,
return "", &errors.Error{
Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound,
}
},
@ -124,13 +126,13 @@ func TestSecretService_LoadSecret(t *testing.T) {
ID: influxdbtesting.IDPtr(10),
},
},
org: influxdb.ID(2),
org: platform.ID(2),
key: "key",
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/0000000000000002/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -155,7 +157,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
}
type args struct {
permission influxdb.Permission
org influxdb.ID
org platform.ID
}
type wants struct {
err error
@ -172,7 +174,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "authorized to see all secrets within an org",
fields: fields{
SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) {
GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string{
"0000000000000001secret1",
"0000000000000001secret2",
@ -189,7 +191,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(1),
},
},
org: influxdb.ID(1),
org: platform.ID(1),
},
wants: wants{
secrets: []string{
@ -203,7 +205,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "unauthorized to see all secrets within an org",
fields: fields{
SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) {
GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string{
"0000000000000002secret1",
"0000000000000002secret2",
@ -220,11 +222,11 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(1),
},
},
org: influxdb.ID(2),
org: platform.ID(2),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.EUnauthorized,
err: &errors.Error{
Code: errors.EUnauthorized,
Msg: "read:orgs/0000000000000002/secrets is unauthorized",
},
secrets: []string{},
@ -234,9 +236,9 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "errors when there are not secret into an org",
fields: fields{
SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) {
return []string(nil), &influxdb.Error{
Code: influxdb.ENotFound,
GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string(nil), &errors.Error{
Code: errors.ENotFound,
Msg: "organization has no secret keys",
}
},
@ -250,11 +252,11 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(10),
},
},
org: influxdb.ID(10),
org: platform.ID(10),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: "organization has no secret keys",
},
secrets: []string{},
@ -284,7 +286,7 @@ func TestSecretService_PatchSecrets(t *testing.T) {
SecretService influxdb.SecretService
}
type args struct {
org influxdb.ID
org platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -301,13 +303,13 @@ func TestSecretService_PatchSecrets(t *testing.T) {
name: "authorized to patch secrets",
fields: fields{
SecretService: &mock.SecretService{
PatchSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PatchSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
},
args: args{
org: influxdb.ID(1),
org: platform.ID(1),
permissions: []influxdb.Permission{
{
Action: influxdb.WriteAction,
@ -326,13 +328,13 @@ func TestSecretService_PatchSecrets(t *testing.T) {
name: "unauthorized to update secret",
fields: fields{
SecretService: &mock.SecretService{
PatchSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PatchSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
},
args: args{
org: influxdb.ID(1),
org: platform.ID(1),
permissions: []influxdb.Permission{
{
Action: influxdb.ReadAction,
@ -344,9 +346,9 @@ func TestSecretService_PatchSecrets(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000001/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -371,7 +373,7 @@ func TestSecretService_DeleteSecret(t *testing.T) {
SecretService influxdb.SecretService
}
type args struct {
org influxdb.ID
org platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -388,13 +390,13 @@ func TestSecretService_DeleteSecret(t *testing.T) {
name: "authorized to delete secret",
fields: fields{
SecretService: &mock.SecretService{
DeleteSecretFn: func(ctx context.Context, orgID influxdb.ID, keys ...string) error {
DeleteSecretFn: func(ctx context.Context, orgID platform.ID, keys ...string) error {
return nil
},
},
},
args: args{
org: influxdb.ID(1),
org: platform.ID(1),
permissions: []influxdb.Permission{
{
Action: influxdb.WriteAction,
@ -413,7 +415,7 @@ func TestSecretService_DeleteSecret(t *testing.T) {
name: "unauthorized to delete secret",
fields: fields{
SecretService: &mock.SecretService{
DeleteSecretFn: func(ctx context.Context, orgID influxdb.ID, keys ...string) error {
DeleteSecretFn: func(ctx context.Context, orgID platform.ID, keys ...string) error {
return nil
},
},
@ -431,9 +433,9 @@ func TestSecretService_DeleteSecret(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -458,7 +460,7 @@ func TestSecretService_PutSecret(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -474,13 +476,13 @@ func TestSecretService_PutSecret(t *testing.T) {
name: "authorized to put a secret",
fields: fields{
SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error {
PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil
},
},
},
args: args{
orgID: influxdb.ID(10),
orgID: platform.ID(10),
permission: influxdb.Permission{
Action: influxdb.WriteAction,
Resource: influxdb.Resource{
@ -497,7 +499,7 @@ func TestSecretService_PutSecret(t *testing.T) {
name: "unauthorized to put a secret",
fields: fields{
SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error {
PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil
},
},
@ -513,9 +515,9 @@ func TestSecretService_PutSecret(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -540,7 +542,7 @@ func TestSecretService_PutSecrets(t *testing.T) {
}
type args struct {
permissions []influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -556,13 +558,13 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "authorized to put secrets",
fields: fields{
SecretService: &mock.SecretService{
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
},
args: args{
orgID: influxdb.ID(10),
orgID: platform.ID(10),
permissions: []influxdb.Permission{
{
Action: influxdb.WriteAction,
@ -588,13 +590,13 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets",
fields: fields{
SecretService: &mock.SecretService{
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
},
args: args{
orgID: influxdb.ID(2),
orgID: platform.ID(2),
permissions: []influxdb.Permission{
{
Action: influxdb.WriteAction,
@ -613,9 +615,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/0000000000000002/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -623,10 +625,10 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets without read access to their org",
fields: fields{
SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error {
PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil
},
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
@ -644,9 +646,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -654,10 +656,10 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets without write access to their org",
fields: fields{
SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error {
PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil
},
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil
},
},
@ -675,9 +677,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

8
authorizer/source.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -34,7 +36,7 @@ func (s *SourceService) DefaultSource(ctx context.Context) (*influxdb.Source, er
}
// FindSourceByID checks to see if the authorizer on context has read access to the id provided.
func (s *SourceService) FindSourceByID(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
func (s *SourceService) FindSourceByID(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
src, err := s.s.FindSourceByID(ctx, id)
if err != nil {
return nil, err
@ -64,7 +66,7 @@ func (s *SourceService) CreateSource(ctx context.Context, src *influxdb.Source)
}
// UpdateSource checks to see if the authorizer on context has write access to the source provided.
func (s *SourceService) UpdateSource(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
func (s *SourceService) UpdateSource(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
src, err := s.s.FindSourceByID(ctx, id)
if err != nil {
return nil, err
@ -76,7 +78,7 @@ func (s *SourceService) UpdateSource(ctx context.Context, id influxdb.ID, upd in
}
// DeleteSource checks to see if the authorizer on context has write access to the source provided.
func (s *SourceService) DeleteSource(ctx context.Context, id influxdb.ID) error {
func (s *SourceService) DeleteSource(ctx context.Context, id platform.ID) error {
src, err := s.s.FindSourceByID(ctx, id)
if err != nil {
return err

50
authorizer/source_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -91,9 +93,9 @@ func TestSourceService_DefaultSource(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -118,7 +120,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -134,7 +136,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: id,
OrganizationID: 10,
@ -160,7 +162,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: id,
OrganizationID: 10,
@ -179,9 +181,9 @@ func TestSourceService_FindSourceByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -333,7 +335,7 @@ func TestSourceService_UpdateSource(t *testing.T) {
SourceService influxdb.SourceService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -350,13 +352,13 @@ func TestSourceService_UpdateSource(t *testing.T) {
name: "authorized to update source",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateSourceFn: func(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
UpdateSourceFn: func(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
@ -391,13 +393,13 @@ func TestSourceService_UpdateSource(t *testing.T) {
name: "unauthorized to update source",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateSourceFn: func(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
UpdateSourceFn: func(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
@ -418,9 +420,9 @@ func TestSourceService_UpdateSource(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -444,7 +446,7 @@ func TestSourceService_DeleteSource(t *testing.T) {
SourceService influxdb.SourceService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -461,13 +463,13 @@ func TestSourceService_DeleteSource(t *testing.T) {
name: "authorized to delete source",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteSourceFn: func(ctx context.Context, id influxdb.ID) error {
DeleteSourceFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -499,13 +501,13 @@ func TestSourceService_DeleteSource(t *testing.T) {
name: "unauthorized to delete source",
fields: fields{
SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) {
FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteSourceFn: func(ctx context.Context, id influxdb.ID) error {
DeleteSourceFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -523,9 +525,9 @@ func TestSourceService_DeleteSource(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -550,7 +552,7 @@ func TestSourceService_CreateSource(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -605,9 +607,9 @@ func TestSourceService_CreateSource(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

27
authorizer/task.go
View File

@ -4,6 +4,9 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing"
"go.uber.org/zap"
@ -20,13 +23,13 @@ func (ae *authError) AuthzError() error {
}
var (
ErrInactiveTask = &influxdb.Error{
Code: influxdb.EInvalid,
ErrInactiveTask = &errors.Error{
Code: errors.EInvalid,
Msg: "inactive task",
}
ErrFailedPermission = &influxdb.Error{
Code: influxdb.EInvalid,
ErrFailedPermission = &errors.Error{
Code: errors.EInvalid,
Msg: "unauthorized",
}
)
@ -46,7 +49,7 @@ func NewTaskService(log *zap.Logger, ts influxdb.TaskService) influxdb.TaskServi
}
func (ts *taskServiceValidator) processPermissionError(a influxdb.Authorizer, p influxdb.Permission, err error, loggerFields ...zap.Field) error {
if influxdb.ErrorCode(err) == influxdb.EUnauthorized {
if errors.ErrorCode(err) == errors.EUnauthorized {
ts.log.With(loggerFields...).Info("Authorization failed",
zap.String("user_id", a.GetUserID().String()),
zap.String("auth_kind", a.Kind()),
@ -58,7 +61,7 @@ func (ts *taskServiceValidator) processPermissionError(a influxdb.Authorizer, p
return err
}
func (ts *taskServiceValidator) FindTaskByID(ctx context.Context, id influxdb.ID) (*influxdb.Task, error) {
func (ts *taskServiceValidator) FindTaskByID(ctx context.Context, id platform.ID) (*influxdb.Task, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -103,7 +106,7 @@ func (ts *taskServiceValidator) CreateTask(ctx context.Context, t influxdb.TaskC
return ts.TaskService.CreateTask(ctx, t)
}
func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id influxdb.ID, upd influxdb.TaskUpdate) (*influxdb.Task, error) {
func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id platform.ID, upd influxdb.TaskUpdate) (*influxdb.Task, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -121,7 +124,7 @@ func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id influxdb.ID,
return ts.TaskService.UpdateTask(ctx, id, upd)
}
func (ts *taskServiceValidator) DeleteTask(ctx context.Context, id influxdb.ID) error {
func (ts *taskServiceValidator) DeleteTask(ctx context.Context, id platform.ID) error {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -171,7 +174,7 @@ func (ts *taskServiceValidator) FindRuns(ctx context.Context, filter influxdb.Ru
return ts.TaskService.FindRuns(ctx, filter)
}
func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID influxdb.ID) (*influxdb.Run, error) {
func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID platform.ID) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -189,7 +192,7 @@ func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID i
return ts.TaskService.FindRunByID(ctx, taskID, runID)
}
func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID influxdb.ID) error {
func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID platform.ID) error {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -207,7 +210,7 @@ func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID inf
return ts.TaskService.CancelRun(ctx, taskID, runID)
}
func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID influxdb.ID) (*influxdb.Run, error) {
func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID platform.ID) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -229,7 +232,7 @@ func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID infl
return ts.TaskService.RetryRun(ctx, taskID, runID)
}
func (ts *taskServiceValidator) ForceRun(ctx context.Context, taskID influxdb.ID, scheduledFor int64) (*influxdb.Run, error) {
func (ts *taskServiceValidator) ForceRun(ctx context.Context, taskID platform.ID, scheduledFor int64) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()

21
authorizer/task_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing"
"time"
@ -52,7 +53,7 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
}
}
func mockTaskService(orgID, taskID, runID influxdb.ID) influxdb.TaskService {
func mockTaskService(orgID, taskID, runID platform.ID) influxdb.TaskService {
task := influxdb.Task{
ID: taskID,
OrganizationID: orgID,
@ -79,7 +80,7 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
}
return &mock.TaskService{
FindTaskByIDFn: func(context.Context, influxdb.ID) (*influxdb.Task, error) {
FindTaskByIDFn: func(context.Context, platform.ID) (*influxdb.Task, error) {
return &task, nil
},
FindTasksFn: func(context.Context, influxdb.TaskFilter) ([]*influxdb.Task, int, error) {
@ -89,10 +90,10 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
taskCopy := task
return &taskCopy, nil
},
UpdateTaskFn: func(context.Context, influxdb.ID, influxdb.TaskUpdate) (*influxdb.Task, error) {
UpdateTaskFn: func(context.Context, platform.ID, influxdb.TaskUpdate) (*influxdb.Task, error) {
return &task, nil
},
DeleteTaskFn: func(context.Context, influxdb.ID) error {
DeleteTaskFn: func(context.Context, platform.ID) error {
return nil
},
FindLogsFn: func(context.Context, influxdb.LogFilter) ([]*influxdb.Log, int, error) {
@ -101,16 +102,16 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
FindRunsFn: func(context.Context, influxdb.RunFilter) ([]*influxdb.Run, int, error) {
return []*influxdb.Run{&run}, 1, nil
},
FindRunByIDFn: func(context.Context, influxdb.ID, influxdb.ID) (*influxdb.Run, error) {
FindRunByIDFn: func(context.Context, platform.ID, platform.ID) (*influxdb.Run, error) {
return &run, nil
},
CancelRunFn: func(context.Context, influxdb.ID, influxdb.ID) error {
CancelRunFn: func(context.Context, platform.ID, platform.ID) error {
return nil
},
RetryRunFn: func(context.Context, influxdb.ID, influxdb.ID) (*influxdb.Run, error) {
RetryRunFn: func(context.Context, platform.ID, platform.ID) (*influxdb.Run, error) {
return &run, nil
},
ForceRunFn: func(context.Context, influxdb.ID, int64) (*influxdb.Run, error) {
ForceRunFn: func(context.Context, platform.ID, int64) (*influxdb.Run, error) {
return &run, nil
},
}
@ -118,8 +119,8 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
func TestValidations(t *testing.T) {
var (
taskID = influxdb.ID(0x7456)
runID = influxdb.ID(0x402)
taskID = platform.ID(0x7456)
runID = platform.ID(0x402)
otherOrg = &influxdb.Organization{Name: "other_org"}
)

10
authorizer/telegraf.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -24,7 +26,7 @@ func NewTelegrafConfigService(s influxdb.TelegrafConfigStore, urm influxdb.UserR
}
// FindTelegrafConfigByID checks to see if the authorizer on context has read access to the id provided.
func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
tc, err := s.s.FindTelegrafConfigByID(ctx, id)
if err != nil {
return nil, err
@ -47,7 +49,7 @@ func (s *TelegrafConfigService) FindTelegrafConfigs(ctx context.Context, filter
}
// CreateTelegrafConfig checks to see if the authorizer on context has write access to the global telegraf config resource.
func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error {
func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.TelegrafsResourceType, tc.OrgID); err != nil {
return err
}
@ -55,7 +57,7 @@ func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *in
}
// UpdateTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.
func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) {
func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
tc, err := s.FindTelegrafConfigByID(ctx, id)
if err != nil {
return nil, err
@ -67,7 +69,7 @@ func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id inf
}
// DeleteTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.
func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id influxdb.ID) error {
func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id platform.ID) error {
tc, err := s.FindTelegrafConfigByID(ctx, id)
if err != nil {
return err

54
authorizer/telegraf_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: id,
OrgID: 10,
@ -75,7 +77,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: id,
OrgID: 10,
@ -94,9 +96,9 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -248,7 +250,7 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
TelegrafConfigStore influxdb.TelegrafConfigStore
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -265,13 +267,13 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
name: "authorized to update telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
}, nil
},
UpdateTelegrafConfigF: func(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) {
UpdateTelegrafConfigF: func(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
@ -306,13 +308,13 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
name: "unauthorized to update telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
}, nil
},
UpdateTelegrafConfigF: func(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) {
UpdateTelegrafConfigF: func(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
@ -333,9 +335,9 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -348,7 +350,7 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateTelegrafConfig(ctx, tt.args.id, &influxdb.TelegrafConfig{}, influxdb.ID(1))
_, err := s.UpdateTelegrafConfig(ctx, tt.args.id, &influxdb.TelegrafConfig{}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}
@ -359,7 +361,7 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
TelegrafConfigStore influxdb.TelegrafConfigStore
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -376,13 +378,13 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
name: "authorized to delete telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
}, nil
},
DeleteTelegrafConfigF: func(ctx context.Context, id influxdb.ID) error {
DeleteTelegrafConfigF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -414,13 +416,13 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
name: "unauthorized to delete telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) {
FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{
ID: 1,
OrgID: 10,
}, nil
},
DeleteTelegrafConfigF: func(ctx context.Context, id influxdb.ID) error {
DeleteTelegrafConfigF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -438,9 +440,9 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -465,7 +467,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -481,7 +483,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
name: "authorized to create telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error {
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
return nil
},
},
@ -504,7 +506,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
name: "unauthorized to create telegraf",
fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error {
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
return nil
},
},
@ -520,9 +522,9 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -535,7 +537,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission}))
err := s.CreateTelegrafConfig(ctx, &influxdb.TelegrafConfig{OrgID: tt.args.orgID}, influxdb.ID(1))
err := s.CreateTelegrafConfig(ctx, &influxdb.TelegrafConfig{OrgID: tt.args.orgID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
})
}

6
authorizer/urm.go
View File

@ -3,11 +3,13 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
type OrgIDResolver interface {
FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id influxdb.ID) (influxdb.ID, error)
FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id platform.ID) (platform.ID, error)
}
type URMService struct {
@ -41,7 +43,7 @@ func (s *URMService) CreateUserResourceMapping(ctx context.Context, m *influxdb.
return s.s.CreateUserResourceMapping(ctx, m)
}
func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID influxdb.ID, userID influxdb.ID) error {
func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID platform.ID, userID platform.ID) error {
f := influxdb.UserResourceMappingFilter{ResourceID: resourceID, UserID: userID}
urms, _, err := s.s.FindUserResourceMappings(ctx, f)
if err != nil {

14
authorizer/urm_test.go
View File

@ -2,6 +2,8 @@ package authorizer_test
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"testing"
"github.com/google/go-cmp/cmp"
@ -13,10 +15,10 @@ import (
)
type OrgService struct {
OrgID influxdb.ID
OrgID platform.ID
}
func (s *OrgService) FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id influxdb.ID) (influxdb.ID, error) {
func (s *OrgService) FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id platform.ID) (platform.ID, error) {
return s.OrgID, nil
}
@ -169,7 +171,7 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error {
return nil
},
DeleteMappingFn: func(ctx context.Context, rid, uid influxdb.ID) error {
DeleteMappingFn: func(ctx context.Context, rid, uid platform.ID) error {
return nil
},
FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) {
@ -204,7 +206,7 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error {
return nil
},
DeleteMappingFn: func(ctx context.Context, rid, uid influxdb.ID) error {
DeleteMappingFn: func(ctx context.Context, rid, uid platform.ID) error {
return nil
},
FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) {
@ -228,9 +230,9 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

15
authorizer/user.go
View File

@ -3,6 +3,9 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
)
@ -22,7 +25,7 @@ func NewUserService(s influxdb.UserService) *UserService {
}
// FindUserByID checks to see if the authorizer on context has read access to the id provided.
func (s *UserService) FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
func (s *UserService) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error) {
if _, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, id); err != nil {
return nil, err
}
@ -61,7 +64,7 @@ func (s *UserService) CreateUser(ctx context.Context, o *influxdb.User) error {
}
// UpdateUser checks to see if the authorizer on context has write access to the user provided.
func (s *UserService) UpdateUser(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
func (s *UserService) UpdateUser(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil {
return nil, err
}
@ -69,16 +72,16 @@ func (s *UserService) UpdateUser(ctx context.Context, id influxdb.ID, upd influx
}
// DeleteUser checks to see if the authorizer on context has write access to the user provided.
func (s *UserService) DeleteUser(ctx context.Context, id influxdb.ID) error {
func (s *UserService) DeleteUser(ctx context.Context, id platform.ID) error {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil {
return err
}
return s.s.DeleteUser(ctx, id)
}
func (s *UserService) FindPermissionForUser(ctx context.Context, uid influxdb.ID) (influxdb.PermissionSet, error) {
return nil, &influxdb.Error{
Code: influxdb.EInternal,
func (s *UserService) FindPermissionForUser(ctx context.Context, uid platform.ID) (influxdb.PermissionSet, error) {
return nil, &errors.Error{
Code: errors.EInternal,
Msg: "not implemented",
}
}

40
authorizer/user_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestUserService_FindUserByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestUserService_FindUserByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
UserService: &mock.UserService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
}, nil
@ -74,7 +76,7 @@ func TestUserService_FindUserByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
UserService: &mock.UserService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{
ID: id,
}, nil
@ -92,9 +94,9 @@ func TestUserService_FindUserByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -175,9 +177,9 @@ func TestUserService_FindUser(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -315,7 +317,7 @@ func TestUserService_UpdateUser(t *testing.T) {
UserService influxdb.UserService
}
type args struct {
id influxdb.ID
id platform.ID
permission influxdb.Permission
}
type wants struct {
@ -332,7 +334,7 @@ func TestUserService_UpdateUser(t *testing.T) {
name: "authorized to update user",
fields: fields{
UserService: &mock.UserService{
UpdateUserFn: func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
UpdateUserFn: func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
return &influxdb.User{
ID: 1,
}, nil
@ -357,7 +359,7 @@ func TestUserService_UpdateUser(t *testing.T) {
name: "unauthorized to update user",
fields: fields{
UserService: &mock.UserService{
UpdateUserFn: func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
UpdateUserFn: func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
return &influxdb.User{
ID: 1,
}, nil
@ -375,9 +377,9 @@ func TestUserService_UpdateUser(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -401,7 +403,7 @@ func TestUserService_DeleteUser(t *testing.T) {
UserService influxdb.UserService
}
type args struct {
id influxdb.ID
id platform.ID
permission influxdb.Permission
}
type wants struct {
@ -418,7 +420,7 @@ func TestUserService_DeleteUser(t *testing.T) {
name: "authorized to delete user",
fields: fields{
UserService: &mock.UserService{
DeleteUserFn: func(ctx context.Context, id influxdb.ID) error {
DeleteUserFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -441,7 +443,7 @@ func TestUserService_DeleteUser(t *testing.T) {
name: "unauthorized to delete user",
fields: fields{
UserService: &mock.UserService{
DeleteUserFn: func(ctx context.Context, id influxdb.ID) error {
DeleteUserFn: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -457,9 +459,9 @@ func TestUserService_DeleteUser(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -535,9 +537,9 @@ func TestUserService_CreateUser(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:users is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

8
authorizer/variable.go
View File

@ -3,6 +3,8 @@ package authorizer
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
)
@ -22,7 +24,7 @@ func NewVariableService(s influxdb.VariableService) *VariableService {
}
// FindVariableByID checks to see if the authorizer on context has read access to the id provided.
func (s *VariableService) FindVariableByID(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
func (s *VariableService) FindVariableByID(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
v, err := s.s.FindVariableByID(ctx, id)
if err != nil {
return nil, err
@ -53,7 +55,7 @@ func (s *VariableService) CreateVariable(ctx context.Context, v *influxdb.Variab
}
// UpdateVariable checks to see if the authorizer on context has write access to the variable provided.
func (s *VariableService) UpdateVariable(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
func (s *VariableService) UpdateVariable(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
v, err := s.FindVariableByID(ctx, id)
if err != nil {
return nil, err
@ -77,7 +79,7 @@ func (s *VariableService) ReplaceVariable(ctx context.Context, m *influxdb.Varia
}
// DeleteVariable checks to see if the authorizer on context has write access to the variable provided.
func (s *VariableService) DeleteVariable(ctx context.Context, id influxdb.ID) error {
func (s *VariableService) DeleteVariable(ctx context.Context, id platform.ID) error {
v, err := s.FindVariableByID(ctx, id)
if err != nil {
return err

54
authorizer/variable_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import (
"bytes"
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort"
"testing"
@ -33,7 +35,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
}
type args struct {
permission influxdb.Permission
id influxdb.ID
id platform.ID
}
type wants struct {
err error
@ -49,7 +51,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
name: "authorized to access id",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: id,
OrganizationID: 10,
@ -75,7 +77,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
name: "unauthorized to access id",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: id,
OrganizationID: 10,
@ -94,9 +96,9 @@ func TestVariableService_FindVariableByID(t *testing.T) {
id: 1,
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "read:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -248,7 +250,7 @@ func TestVariableService_UpdateVariable(t *testing.T) {
VariableService influxdb.VariableService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -265,13 +267,13 @@ func TestVariableService_UpdateVariable(t *testing.T) {
name: "authorized to update variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateVariableF: func(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
UpdateVariableF: func(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
@ -306,13 +308,13 @@ func TestVariableService_UpdateVariable(t *testing.T) {
name: "unauthorized to update variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
}, nil
},
UpdateVariableF: func(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
UpdateVariableF: func(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
@ -333,9 +335,9 @@ func TestVariableService_UpdateVariable(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -376,7 +378,7 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
name: "authorized to replace variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
@ -418,7 +420,7 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
name: "unauthorized to replace variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
@ -445,9 +447,9 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -471,7 +473,7 @@ func TestVariableService_DeleteVariable(t *testing.T) {
VariableService influxdb.VariableService
}
type args struct {
id influxdb.ID
id platform.ID
permissions []influxdb.Permission
}
type wants struct {
@ -488,13 +490,13 @@ func TestVariableService_DeleteVariable(t *testing.T) {
name: "authorized to delete variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteVariableF: func(ctx context.Context, id influxdb.ID) error {
DeleteVariableF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -526,13 +528,13 @@ func TestVariableService_DeleteVariable(t *testing.T) {
name: "unauthorized to delete variable",
fields: fields{
VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) {
FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{
ID: 1,
OrganizationID: 10,
}, nil
},
DeleteVariableF: func(ctx context.Context, id influxdb.ID) error {
DeleteVariableF: func(ctx context.Context, id platform.ID) error {
return nil
},
},
@ -550,9 +552,9 @@ func TestVariableService_DeleteVariable(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},
@ -577,7 +579,7 @@ func TestVariableService_CreateVariable(t *testing.T) {
}
type args struct {
permission influxdb.Permission
orgID influxdb.ID
orgID platform.ID
}
type wants struct {
err error
@ -632,9 +634,9 @@ func TestVariableService_CreateVariable(t *testing.T) {
},
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables is unauthorized",
Code: influxdb.EUnauthorized,
Code: errors.EUnauthorized,
},
},
},

45
authz.go
View File

@ -5,6 +5,9 @@ import (
"fmt"
"os"
"path/filepath"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
)
var (
@ -22,10 +25,10 @@ type Authorizer interface {
PermissionSet() (PermissionSet, error)
// ID returns an identifier used for auditing.
Identifier() ID
Identifier() platform.ID
// GetUserID returns the user id.
GetUserID() ID
GetUserID() platform.ID
// Kind metadata for auditing.
Kind() string
@ -74,8 +77,8 @@ type ResourceType string
// Resource is an authorizable resource.
type Resource struct {
Type ResourceType `json:"type"`
ID *ID `json:"id,omitempty"`
OrgID *ID `json:"orgID,omitempty"`
ID *platform.ID `json:"id,omitempty"`
OrgID *platform.ID `json:"orgID,omitempty"`
}
// String stringifies a resource
@ -330,33 +333,33 @@ func (p Permission) String() string {
// Valid checks if there the resource and action provided is known.
func (p *Permission) Valid() error {
if err := p.Resource.Valid(); err != nil {
return &Error{
Code: EInvalid,
return &errors2.Error{
Code: errors2.EInvalid,
Err: err,
Msg: "invalid resource type for permission",
}
}
if err := p.Action.Valid(); err != nil {
return &Error{
Code: EInvalid,
return &errors2.Error{
Code: errors2.EInvalid,
Err: err,
Msg: "invalid action type for permission",
}
}
if p.Resource.OrgID != nil && !p.Resource.OrgID.Valid() {
return &Error{
Code: EInvalid,
Err: ErrInvalidID,
return &errors2.Error{
Code: errors2.EInvalid,
Err: platform.ErrInvalidID,
Msg: "invalid org id for permission",
}
}
if p.Resource.ID != nil && !p.Resource.ID.Valid() {
return &Error{
Code: EInvalid,
Err: ErrInvalidID,
return &errors2.Error{
Code: errors2.EInvalid,
Err: platform.ErrInvalidID,
Msg: "invalid id for permission",
}
}
@ -365,7 +368,7 @@ func (p *Permission) Valid() error {
}
// NewPermission returns a permission with provided arguments.
func NewPermission(a Action, rt ResourceType, orgID ID) (*Permission, error) {
func NewPermission(a Action, rt ResourceType, orgID platform.ID) (*Permission, error) {
p := &Permission{
Action: a,
Resource: Resource{
@ -378,7 +381,7 @@ func NewPermission(a Action, rt ResourceType, orgID ID) (*Permission, error) {
}
// NewResourcePermission returns a permission with provided arguments.
func NewResourcePermission(a Action, rt ResourceType, rid ID) (*Permission, error) {
func NewResourcePermission(a Action, rt ResourceType, rid platform.ID) (*Permission, error) {
p := &Permission{
Action: a,
Resource: Resource{
@ -402,7 +405,7 @@ func NewGlobalPermission(a Action, rt ResourceType) (*Permission, error) {
}
// NewPermissionAtID creates a permission with the provided arguments.
func NewPermissionAtID(id ID, a Action, rt ResourceType, orgID ID) (*Permission, error) {
func NewPermissionAtID(id platform.ID, a Action, rt ResourceType, orgID platform.ID) (*Permission, error) {
p := &Permission{
Action: a,
Resource: Resource{
@ -438,7 +441,7 @@ func ReadAllPermissions() []Permission {
}
// OwnerPermissions are the default permissions for those who own a resource.
func OwnerPermissions(orgID ID) []Permission {
func OwnerPermissions(orgID platform.ID) []Permission {
ps := []Permission{}
for _, r := range AllResourceTypes {
for _, a := range actions {
@ -453,7 +456,7 @@ func OwnerPermissions(orgID ID) []Permission {
}
// MePermissions is the permission to read/write myself.
func MePermissions(userID ID) []Permission {
func MePermissions(userID platform.ID) []Permission {
ps := []Permission{}
for _, a := range actions {
ps = append(ps, Permission{Action: a, Resource: Resource{Type: UsersResourceType, ID: &userID}})
@ -463,7 +466,7 @@ func MePermissions(userID ID) []Permission {
}
// MemberPermissions are the default permissions for those who can see a resource.
func MemberPermissions(orgID ID) []Permission {
func MemberPermissions(orgID platform.ID) []Permission {
ps := []Permission{}
for _, r := range AllResourceTypes {
if r == OrgsResourceType {
@ -477,6 +480,6 @@ func MemberPermissions(orgID ID) []Permission {
}
// MemberPermissions are the default permissions for those who can see a resource.
func MemberBucketPermission(bucketID ID) Permission {
func MemberBucketPermission(bucketID platform.ID) Permission {
return Permission{Action: ReadAction, Resource: Resource{Type: BucketsResourceType, ID: &bucketID}}
}

7
authz_test.go
View File

@ -1,6 +1,7 @@
package influxdb_test
import (
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"testing"
platform "github.com/influxdata/influxdb/v2"
@ -279,7 +280,7 @@ func TestPermission_Valid(t *testing.T) {
Action: platform.WriteAction,
Resource: platform.Resource{
Type: platform.BucketsResourceType,
ID: func() *platform.ID { id := platform.InvalidID(); return &id }(),
ID: func() *platform2.ID { id := platform2.InvalidID(); return &id }(),
OrgID: influxdbtesting.IDPtr(1),
},
},
@ -431,7 +432,7 @@ func TestPermission_String(t *testing.T) {
}
}
func validID() *platform.ID {
id := platform.ID(100)
func validID() *platform2.ID {
id := platform2.ID(100)
return &id
}

4
backup.go
View File

@ -4,6 +4,8 @@ import (
"context"
"io"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
)
const (
@ -25,7 +27,7 @@ type RestoreService interface {
RestoreKVStore(ctx context.Context, r io.Reader) error
// RestoreKVStore restores the metadata database.
RestoreBucket(ctx context.Context, id ID, rpiData []byte) (shardIDMap map[uint64]uint64, err error)
RestoreBucket(ctx context.Context, id platform.ID, rpiData []byte) (shardIDMap map[uint64]uint64, err error)
// RestoreShard uploads a backup file for a single shard.
RestoreShard(ctx context.Context, shardID uint64, r io.Reader) error

9
backup/backup.go
View File

@ -10,6 +10,9 @@ import (
"path/filepath"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/bolt"
"github.com/influxdata/influxdb/v2/tenant"
@ -20,12 +23,12 @@ import (
type Request struct {
// Organization to backup.
// If not set, all orgs will be included.
OrgID influxdb.ID
OrgID platform.ID
Org string
// Bucket to backup.
// If not set, all buckets within the org filter will be included.
BucketID influxdb.ID
BucketID platform.ID
Bucket string
// Path to the directory where backup files should be written.
@ -210,7 +213,7 @@ func (r *backupRunner) backupShard(ctx context.Context, shardInfo *influxdb.Mani
_ = gw.Close()
_ = f.Close()
if influxdb.ErrorCode(err) == influxdb.ENotFound {
if errors.ErrorCode(err) == errors.ENotFound {
r.log.Warn("Shard removed during backup", zap.Uint64("id", shardInfo.ShardID))
return nil
}

4
bolt/bbolt.go
View File

@ -7,6 +7,8 @@ import (
"path/filepath"
"time"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/rand"
"github.com/influxdata/influxdb/v2/snowflake"
@ -22,7 +24,7 @@ type Client struct {
db *bolt.DB
log *zap.Logger
IDGenerator platform.IDGenerator
IDGenerator platform2.IDGenerator
TokenGenerator platform.TokenGenerator
platform.TimeGenerator

25
bolt/id.go
View File

@ -5,7 +5,8 @@ import (
"fmt"
"math/rand"
platform "github.com/influxdata/influxdb/v2"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
bolt "go.etcd.io/bbolt"
"go.uber.org/zap"
)
@ -16,7 +17,7 @@ var (
errIDNotFound = errors.New("source not found")
)
var _ platform.IDGenerator = (*Client)(nil)
var _ platform2.IDGenerator = (*Client)(nil)
func (c *Client) initializeID(tx *bolt.Tx) error {
if _, err := tx.CreateBucketIfNotExists(idsBucket); err != nil {
@ -38,9 +39,9 @@ func (c *Client) initializeID(tx *bolt.Tx) error {
}
// ID retrieves the unique ID for this influx instance.
func (c *Client) ID() platform.ID {
func (c *Client) ID() platform2.ID {
// if any error occurs return a random number
id := platform.ID(rand.Int63())
id := platform2.ID(rand.Int63())
err := c.db.View(func(tx *bolt.Tx) error {
val, err := c.getID(tx)
if err != nil {
@ -58,23 +59,23 @@ func (c *Client) ID() platform.ID {
return id
}
func (c *Client) getID(tx *bolt.Tx) (platform.ID, error) {
func (c *Client) getID(tx *bolt.Tx) (platform2.ID, error) {
v := tx.Bucket(idsBucket).Get(idKey)
if len(v) == 0 {
return platform.InvalidID(), errIDNotFound
return platform2.InvalidID(), errIDNotFound
}
return decodeID(v)
}
func decodeID(val []byte) (platform.ID, error) {
if len(val) < platform.IDLength {
func decodeID(val []byte) (platform2.ID, error) {
if len(val) < platform2.IDLength {
// This should not happen.
return platform.InvalidID(), fmt.Errorf("provided value is too short to contain an ID. Please report this error")
return platform2.InvalidID(), fmt.Errorf("provided value is too short to contain an ID. Please report this error")
}
var id platform.ID
if err := id.Decode(val[:platform.IDLength]); err != nil {
return platform.InvalidID(), err
var id platform2.ID
if err := id.Decode(val[:platform2.IDLength]); err != nil {
return platform2.InvalidID(), err
}
return id, nil
}

4
bolt/id_test.go
View File

@ -2,9 +2,9 @@ package bolt_test
import (
"context"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"testing"
platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
)
@ -15,7 +15,7 @@ func TestID(t *testing.T) {
}
defer closeFn()
testID := platform.ID(70000)
testID := platform2.ID(70000)
c.IDGenerator = mock.NewIDGenerator(testID.String(), t)
if err := c.Open(context.Background()); err != nil {

25
bucket.go
View File

@ -5,6 +5,9 @@ import (
"fmt"
"strings"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
)
const (
@ -29,8 +32,8 @@ const InfiniteRetention = 0
// Bucket is a bucket. 🎉
type Bucket struct {
ID ID `json:"id,omitempty"`
OrgID ID `json:"orgID,omitempty"`
ID platform.ID `json:"id,omitempty"`
OrgID platform.ID `json:"orgID,omitempty"`
Type BucketType `json:"type"`
Name string `json:"name"`
Description string `json:"description"`
@ -79,7 +82,7 @@ var (
// BucketService represents a service for managing bucket data.
type BucketService interface {
// FindBucketByID returns a single bucket by ID.
FindBucketByID(ctx context.Context, id ID) (*Bucket, error)
FindBucketByID(ctx context.Context, id platform.ID) (*Bucket, error)
// FindBucket returns the first bucket that matches filter.
FindBucket(ctx context.Context, filter BucketFilter) (*Bucket, error)
@ -93,11 +96,11 @@ type BucketService interface {
// UpdateBucket updates a single bucket with changeset.
// Returns the new bucket state after update.
UpdateBucket(ctx context.Context, id ID, upd BucketUpdate) (*Bucket, error)
UpdateBucket(ctx context.Context, id platform.ID, upd BucketUpdate) (*Bucket, error)
// DeleteBucket removes a bucket by ID.
DeleteBucket(ctx context.Context, id ID) error
FindBucketByName(ctx context.Context, orgID ID, name string) (*Bucket, error)
DeleteBucket(ctx context.Context, id platform.ID) error
FindBucketByName(ctx context.Context, orgID platform.ID, name string) (*Bucket, error)
}
// BucketUpdate represents updates to a bucket.
@ -111,9 +114,9 @@ type BucketUpdate struct {
// BucketFilter represents a set of filter that restrict the returned results.
type BucketFilter struct {
ID *ID
ID *platform.ID
Name *string
OrganizationID *ID
OrganizationID *platform.ID
Org *string
}
@ -159,9 +162,9 @@ func (f BucketFilter) String() string {
return "[" + strings.Join(parts, ", ") + "]"
}
func ErrInternalBucketServiceError(op string, err error) *Error {
return &Error{
Code: EInternal,
func ErrInternalBucketServiceError(op string, err error) *errors.Error {
return &errors.Error{
Code: errors.EInternal,
Msg: fmt.Sprintf("unexpected error in buckets; Err: %v", err),
Op: op,
Err: err,

41
check.go
View File

@ -3,6 +3,9 @@ package influxdb
import (
"context"
"encoding/json"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
)
// consts for checks config.
@ -16,22 +19,22 @@ type Check interface {
Valid(lang FluxLanguageService) error
Type() string
ClearPrivateData()
SetTaskID(ID)
GetTaskID() ID
GetOwnerID() ID
SetOwnerID(ID)
SetTaskID(platform.ID)
GetTaskID() platform.ID
GetOwnerID() platform.ID
SetOwnerID(platform.ID)
GenerateFlux(lang FluxLanguageService) (string, error)
json.Marshaler
CRUDLogSetter
SetID(id ID)
SetOrgID(id ID)
SetID(id platform.ID)
SetOrgID(id platform.ID)
SetName(name string)
SetDescription(description string)
GetID() ID
GetID() platform.ID
GetCRUDLog() CRUDLog
GetOrgID() ID
GetOrgID() platform.ID
GetName() string
GetDescription() string
}
@ -49,7 +52,7 @@ var (
// CheckService represents a service for managing checks.
type CheckService interface {
// FindCheckByID returns a single check by ID.
FindCheckByID(ctx context.Context, id ID) (Check, error)
FindCheckByID(ctx context.Context, id platform.ID) (Check, error)
// FindCheck returns the first check that matches filter.
FindCheck(ctx context.Context, filter CheckFilter) (Check, error)
@ -59,18 +62,18 @@ type CheckService interface {
FindChecks(ctx context.Context, filter CheckFilter, opt ...FindOptions) ([]Check, int, error)
// CreateCheck creates a new check and sets b.ID with the new identifier.
CreateCheck(ctx context.Context, c CheckCreate, userID ID) error
CreateCheck(ctx context.Context, c CheckCreate, userID platform.ID) error
// UpdateCheck updates the whole check.
// Returns the new check state after update.
UpdateCheck(ctx context.Context, id ID, c CheckCreate) (Check, error)
UpdateCheck(ctx context.Context, id platform.ID, c CheckCreate) (Check, error)
// PatchCheck updates a single bucket with changeset.
// Returns the new check state after update.
PatchCheck(ctx context.Context, id ID, upd CheckUpdate) (Check, error)
PatchCheck(ctx context.Context, id platform.ID, upd CheckUpdate) (Check, error)
// DeleteCheck will delete the check by id.
DeleteCheck(ctx context.Context, id ID) error
DeleteCheck(ctx context.Context, id platform.ID) error
}
// CheckUpdate are properties than can be updated on a check
@ -89,15 +92,15 @@ type CheckCreate struct {
// Valid returns err is the update is invalid.
func (n *CheckUpdate) Valid() error {
if n.Name != nil && *n.Name == "" {
return &Error{
Code: EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Msg: "Check Name can't be empty",
}
}
if n.Description != nil && *n.Description == "" {
return &Error{
Code: EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Msg: "Check Description can't be empty",
}
}
@ -113,9 +116,9 @@ func (n *CheckUpdate) Valid() error {
// CheckFilter represents a set of filters that restrict the returned results.
type CheckFilter struct {
ID *ID
ID *platform.ID
Name *string
OrgID *ID
OrgID *platform.ID
Org *string
UserResourceMappingFilter
}

45
checks/service.go
View File

@ -4,6 +4,9 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing"
"github.com/influxdata/influxdb/v2/kv"
@ -26,7 +29,7 @@ type Service struct {
tasks influxdb.TaskService
timeGenerator influxdb.TimeGenerator
idGenerator influxdb.IDGenerator
idGenerator platform.IDGenerator
checkStore *kv.IndexStore
}
@ -83,7 +86,7 @@ func newCheckStore() *kv.IndexStore {
}
// FindCheckByID retrieves a check by id.
func (s *Service) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.Check, error) {
func (s *Service) FindCheckByID(ctx context.Context, id platform.ID) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -103,7 +106,7 @@ func (s *Service) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.C
return c, nil
}
func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (influxdb.Check, error) {
func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id platform.ID) (influxdb.Check, error) {
chkVal, err := s.checkStore.FindEnt(ctx, tx, kv.Entity{PK: kv.EncID(id)})
if err != nil {
return nil, err
@ -111,7 +114,7 @@ func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (
return chkVal.(influxdb.Check), nil
}
func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID influxdb.ID, name string) (influxdb.Check, error) {
func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID platform.ID, name string) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -119,8 +122,8 @@ func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID influxdb.
UniqueKey: kv.Encode(kv.EncID(orgID), kv.EncString(name)),
})
if kv.IsNotFound(err) {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
return nil, &errors.Error{
Code: errors.ENotFound,
Err: err,
}
}
@ -186,8 +189,8 @@ func (s *Service) FindCheck(ctx context.Context, filter influxdb.CheckFilter) (i
}
if c == nil {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
return nil, &errors.Error{
Code: errors.ENotFound,
Msg: "check not found",
}
}
@ -227,7 +230,7 @@ func (s *Service) FindChecks(ctx context.Context, filter influxdb.CheckFilter, o
if filter.Org != nil {
o, err := s.orgs.FindOrganization(ctx, influxdb.OrganizationFilter{Name: filter.Org})
if err != nil {
return nil, 0, &influxdb.Error{Err: err}
return nil, 0, &errors.Error{Err: err}
}
filter.OrgID = &o.ID
@ -270,7 +273,7 @@ func (s *Service) FindChecks(ctx context.Context, filter influxdb.CheckFilter, o
}
// CreateCheck creates a influxdb check and sets ID.
func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userID influxdb.ID) (err error) {
func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userID platform.ID) (err error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -280,8 +283,8 @@ func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userI
if c.GetOrgID().Valid() {
if _, err := s.orgs.FindOrganizationByID(ctx, c.GetOrgID()); err != nil {
return &influxdb.Error{
Code: influxdb.ENotFound,
return &errors.Error{
Code: errors.ENotFound,
Op: influxdb.OpCreateCheck,
Err: err,
}
@ -301,8 +304,8 @@ func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userI
// create task initially in inactive state
t, err := s.createCheckTask(ctx, c)
if err != nil {
return &influxdb.Error{
Code: influxdb.EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Msg: "Could not create task from check",
Err: err,
}
@ -378,7 +381,7 @@ func (s *Service) putCheck(ctx context.Context, tx kv.Tx, c influxdb.Check, opts
}
// PatchCheck updates a check according the parameters set on upd.
func (s *Service) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
func (s *Service) PatchCheck(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -408,7 +411,7 @@ func (s *Service) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.C
}
// UpdateCheck updates the check.
func (s *Service) UpdateCheck(ctx context.Context, id influxdb.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
func (s *Service) UpdateCheck(ctx context.Context, id platform.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -453,7 +456,7 @@ func (s *Service) updateCheckTask(ctx context.Context, chk influxdb.CheckCreate)
return err
}
func (s *Service) patchCheckTask(ctx context.Context, taskID influxdb.ID, upd influxdb.CheckUpdate) error {
func (s *Service) patchCheckTask(ctx context.Context, taskID platform.ID, upd influxdb.CheckUpdate) error {
tu := influxdb.TaskUpdate{
Description: upd.Description,
}
@ -469,7 +472,7 @@ func (s *Service) patchCheckTask(ctx context.Context, taskID influxdb.ID, upd in
return nil
}
func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id influxdb.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id platform.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish()
@ -483,8 +486,8 @@ func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id influxdb.ID, chk
if chk.GetName() != current.GetName() {
c0, err := s.findCheckByName(ctx, tx, current.GetOrgID(), chk.GetName())
if err == nil && c0.GetID() != id {
return nil, &influxdb.Error{
Code: influxdb.EConflict,
return nil, &errors.Error{
Code: errors.EConflict,
Msg: "check name is not unique",
}
}
@ -542,7 +545,7 @@ func (s *Service) patchCheck(ctx context.Context, tx kv.Tx, check influxdb.Check
}
// DeleteCheck deletes a check and prunes it from the index.
func (s *Service) DeleteCheck(ctx context.Context, id influxdb.ID) error {
func (s *Service) DeleteCheck(ctx context.Context, id platform.ID) error {
ch, err := s.FindCheckByID(ctx, id)
if err != nil {
return err

87
checks/service_external_test.go
View File

@ -8,6 +8,9 @@ import (
"testing"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"github.com/influxdata/flux/ast"
@ -174,7 +177,7 @@ var taskCmpOptions = cmp.Options{
// CheckFields will include the IDGenerator, and checks
type CheckFields struct {
IDGenerator influxdb.IDGenerator
IDGenerator platform.IDGenerator
TimeGenerator influxdb.TimeGenerator
TaskService influxdb.TaskService
Checks []influxdb.Check
@ -240,11 +243,11 @@ func CreateCheck(
t *testing.T,
) {
type args struct {
userID influxdb.ID
userID platform.ID
check influxdb.Check
}
type wants struct {
err *influxdb.Error
err *errors.Error
checks []influxdb.Check
tasks []*influxdb.Task
}
@ -369,7 +372,7 @@ func CreateCheck(
name: "basic create check",
fields: CheckFields{
IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID {
IDFn: func() platform.ID {
return MustIDBase16(checkTwoID)
},
},
@ -453,7 +456,7 @@ func CreateCheck(
name: "names should be unique within an organization",
fields: CheckFields{
IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID {
IDFn: func() platform.ID {
return MustIDBase16(checkTwoID)
},
},
@ -508,8 +511,8 @@ func CreateCheck(
checks: []influxdb.Check{
deadman1,
},
err: &influxdb.Error{
Code: influxdb.EConflict,
err: &errors.Error{
Code: errors.EConflict,
Op: influxdb.OpCreateCheck,
Msg: "check is not unique",
},
@ -519,7 +522,7 @@ func CreateCheck(
name: "names should not be unique across organizations",
fields: CheckFields{
IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID {
IDFn: func() platform.ID {
return MustIDBase16(checkTwoID)
},
},
@ -670,8 +673,8 @@ func CreateCheck(
},
wants: wants{
checks: []influxdb.Check{},
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: "organization not found",
Op: influxdb.OpCreateCheck,
},
@ -716,10 +719,10 @@ func FindCheckByID(
t *testing.T,
) {
type args struct {
id influxdb.ID
id platform.ID
}
type wants struct {
err *influxdb.Error
err *errors.Error
check influxdb.Check
}
@ -768,8 +771,8 @@ func FindCheckByID(
id: MustIDBase16(threeID),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Op: influxdb.OpFindCheckByID,
Msg: "check not found",
},
@ -799,11 +802,11 @@ func FindChecks(
t *testing.T,
) {
type args struct {
ID influxdb.ID
ID platform.ID
name string
organization string
OrgID influxdb.ID
userID influxdb.ID
OrgID platform.ID
userID platform.ID
findOptions influxdb.FindOptions
}
@ -1034,10 +1037,10 @@ func DeleteCheck(
) {
type args struct {
ID string
userID influxdb.ID
userID platform.ID
}
type wants struct {
err *influxdb.Error
err *errors.Error
checks []influxdb.Check
}
@ -1108,10 +1111,10 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
userID: MustIDBase16(sixID),
},
wants: wants{
err: &influxdb.Error{
err: &errors.Error{
Op: influxdb.OpDeleteCheck,
Msg: "check not found",
Code: influxdb.ENotFound,
Code: errors.ENotFound,
},
checks: []influxdb.Check{
deadman1,
@ -1148,12 +1151,12 @@ func FindCheck(
) {
type args struct {
name string
OrgID influxdb.ID
OrgID platform.ID
}
type wants struct {
check influxdb.Check
err *influxdb.Error
err *errors.Error
}
tests := []struct {
@ -1204,8 +1207,8 @@ func FindCheck(
OrgID: MustIDBase16(orgOneID),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Op: influxdb.OpFindCheck,
Msg: "check not found",
},
@ -1227,8 +1230,8 @@ func FindCheck(
OrgID: MustIDBase16(orgOneID),
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Op: influxdb.OpFindCheck,
Msg: "check not found",
},
@ -1265,7 +1268,7 @@ func UpdateCheck(
t *testing.T,
) {
type args struct {
id influxdb.ID
id platform.ID
check influxdb.Check
}
type wants struct {
@ -1495,8 +1498,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
},
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.EConflict,
err: &errors.Error{
Code: errors.EConflict,
Msg: "check name is not unique",
},
},
@ -1527,11 +1530,11 @@ func PatchCheck(
t *testing.T,
) {
type args struct {
id influxdb.ID
id platform.ID
upd influxdb.CheckUpdate
}
type wants struct {
err *influxdb.Error
err *errors.Error
check influxdb.Check
}
@ -1667,8 +1670,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
},
},
wants: wants{
err: &influxdb.Error{
Code: influxdb.EConflict,
err: &errors.Error{
Code: errors.EConflict,
Msg: "check entity update conflicts with an existing entity",
},
},
@ -1692,8 +1695,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
}
// MustIDBase16 is an helper to ensure a correct ID is built during testing.
func MustIDBase16(s string) influxdb.ID {
id, err := influxdb.IDFromString(s)
func MustIDBase16(s string) platform.ID {
id, err := platform.IDFromString(s)
if err != nil {
panic(err)
}
@ -1720,18 +1723,18 @@ func ErrorsEqual(t *testing.T, actual, expected error) {
t.Errorf("expected error %s but received nil", expected.Error())
}
if influxdb.ErrorCode(expected) != influxdb.ErrorCode(actual) {
if errors.ErrorCode(expected) != errors.ErrorCode(actual) {
t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual)
t.Errorf("expected error code %q but received %q", influxdb.ErrorCode(expected), influxdb.ErrorCode(actual))
t.Errorf("expected error code %q but received %q", errors.ErrorCode(expected), errors.ErrorCode(actual))
}
if influxdb.ErrorMessage(expected) != influxdb.ErrorMessage(actual) {
if errors.ErrorMessage(expected) != errors.ErrorMessage(actual) {
t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual)
t.Errorf("expected error message %q but received %q", influxdb.ErrorMessage(expected), influxdb.ErrorMessage(actual))
t.Errorf("expected error message %q but received %q", errors.ErrorMessage(expected), errors.ErrorMessage(actual))
}
}
func influxErrsEqual(t *testing.T, expected *influxdb.Error, actual error) {
func influxErrsEqual(t *testing.T, expected *errors.Error, actual error) {
t.Helper()
if expected != nil {
@ -1746,7 +1749,7 @@ func influxErrsEqual(t *testing.T, expected *influxdb.Error, actual error) {
require.NoError(t, actual)
return
}
iErr, ok := actual.(*influxdb.Error)
iErr, ok := actual.(*errors.Error)
require.True(t, ok)
assert.Equal(t, expected.Code, iErr.Code)
assert.Truef(t, strings.HasPrefix(iErr.Error(), expected.Error()), "expected: %s got err: %s", expected.Error(), actual.Error())

6
cmd/chronograf-migrator/dashboard.go
View File

@ -8,6 +8,8 @@ import (
"strings"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/flux/ast"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/chronograf"
@ -379,7 +381,7 @@ func convertQueries(qs []chronograf.DashboardQuery) []influxdb.DashboardQuery {
type dbrpMapper struct{}
// FindBy returns the dbrp mapping for the specified ID.
func (d dbrpMapper) FindByID(ctx context.Context, orgID influxdb.ID, id influxdb.ID) (*influxdb.DBRPMappingV2, error) {
func (d dbrpMapper) FindByID(ctx context.Context, orgID platform.ID, id platform.ID) (*influxdb.DBRPMappingV2, error) {
return nil, errors.New("mapping not found")
}
@ -399,6 +401,6 @@ func (d dbrpMapper) Update(ctx context.Context, dbrp *influxdb.DBRPMappingV2) er
}
// Delete removes a dbrp mapping.
func (d dbrpMapper) Delete(ctx context.Context, orgID influxdb.ID, id influxdb.ID) error {
func (d dbrpMapper) Delete(ctx context.Context, orgID platform.ID, id platform.ID) error {
return errors.New("dbrpMapper does not support deleting mappings")
}

30
cmd/influx/authorization.go
View File

@ -4,6 +4,8 @@ import (
"context"
"io"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/authorization"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -11,13 +13,13 @@ import (
)
type token struct {
ID platform.ID `json:"id"`
Description string `json:"description"`
Token string `json:"token"`
Status string `json:"status"`
UserName string `json:"userName"`
UserID platform.ID `json:"userID"`
Permissions []string `json:"permissions"`
ID platform2.ID `json:"id"`
Description string `json:"description"`
Token string `json:"token"`
Status string `json:"status"`
UserName string `json:"userName"`
UserID platform2.ID `json:"userID"`
Permissions []string `json:"permissions"`
}
func cmdAuth(f *globalFlags, opt genericCLIOpts) *cobra.Command {
@ -163,7 +165,7 @@ func authorizationCreateF(cmd *cobra.Command, args []string) error {
var permissions []platform.Permission
for _, bp := range bucketPerms {
for _, p := range bp.perms {
var id platform.ID
var id platform2.ID
if err := id.DecodeFromString(p); err != nil {
return err
}
@ -340,7 +342,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
var filter platform.AuthorizationFilter
if authCRUDFlags.id != "" {
fID, err := platform.IDFromString(authCRUDFlags.id)
fID, err := platform2.IDFromString(authCRUDFlags.id)
if err != nil {
return err
}
@ -350,7 +352,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
filter.User = &authorizationFindFlags.user
}
if authorizationFindFlags.userID != "" {
uID, err := platform.IDFromString(authorizationFindFlags.userID)
uID, err := platform2.IDFromString(authorizationFindFlags.userID)
if err != nil {
return err
}
@ -360,7 +362,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
filter.Org = &authorizationFindFlags.org.name
}
if authorizationFindFlags.org.id != "" {
oID, err := platform.IDFromString(authorizationFindFlags.org.id)
oID, err := platform2.IDFromString(authorizationFindFlags.org.id)
if err != nil {
return err
}
@ -428,7 +430,7 @@ func authorizationDeleteF(cmd *cobra.Command, args []string) error {
return err
}
id, err := platform.IDFromString(authCRUDFlags.id)
id, err := platform2.IDFromString(authCRUDFlags.id)
if err != nil {
return err
}
@ -495,7 +497,7 @@ func authorizationActiveF(cmd *cobra.Command, args []string) error {
return err
}
var id platform.ID
var id platform2.ID
if err := id.DecodeFromString(authCRUDFlags.id); err != nil {
return err
}
@ -563,7 +565,7 @@ func authorizationInactiveF(cmd *cobra.Command, args []string) error {
return err
}
var id platform.ID
var id platform2.ID
if err := id.DecodeFromString(authCRUDFlags.id); err != nil {
return err
}

7
cmd/influx/backup.go
View File

@ -4,7 +4,8 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/backup"
"github.com/influxdata/influxdb/v2/http"
influxlogger "github.com/influxdata/influxdb/v2/logger"
@ -73,14 +74,14 @@ func (b *cmdBackupBuilder) backupRunE(cmd *cobra.Command, _ []string) error {
InsecureSkipVerify: flags.skipVerify,
}
var orgID influxdb.ID
var orgID platform.ID
if b.org.id != "" {
if err := orgID.DecodeFromString(b.org.id); err != nil {
return err
}
}
var bucketID influxdb.ID
var bucketID platform.ID
if b.bucketID != "" {
if err := bucketID.DecodeFromString(b.bucketID); err != nil {
return err

12
cmd/influx/bucket.go
View File

@ -4,6 +4,8 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/tenant"
@ -138,7 +140,7 @@ func (b *cmdBucketBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
return err
}
var id influxdb.ID
var id platform.ID
var filter influxdb.BucketFilter
if b.id == "" && b.name != "" {
if err = b.org.validOrgFlags(&flags); err != nil {
@ -146,7 +148,7 @@ func (b *cmdBucketBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
}
filter.Name = &b.name
if b.org.id != "" {
if filter.OrganizationID, err = influxdb.IDFromString(b.org.id); err != nil {
if filter.OrganizationID, err = platform.IDFromString(b.org.id); err != nil {
return err
}
} else if b.org.name != "" {
@ -213,14 +215,14 @@ func (b *cmdBucketBuilder) cmdListRunEFn(cmd *cobra.Command, args []string) erro
filter.Name = &b.name
}
if b.id != "" {
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err)
}
filter.ID = id
}
if b.org.id != "" {
orgID, err := influxdb.IDFromString(b.org.id)
orgID, err := platform.IDFromString(b.org.id)
if err != nil {
return fmt.Errorf("failed to decode org id %q: %v", b.org.id, err)
}
@ -272,7 +274,7 @@ func (b *cmdBucketBuilder) cmdUpdateRunEFn(cmd *cobra.Command, args []string) er
return err
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err)
}

64
cmd/influx/bucket_test.go
View File

@ -10,6 +10,8 @@ import (
"testing"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
"github.com/spf13/cobra"
@ -18,7 +20,7 @@ import (
)
func TestCmdBucket(t *testing.T) {
orgID := influxdb.ID(9000)
orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.BucketService) bucketSVCsFn {
return func() (influxdb.BucketService, influxdb.OrganizationService, error) {
@ -142,39 +144,39 @@ func TestCmdBucket(t *testing.T) {
t.Run("delete", func(t *testing.T) {
tests := []struct {
name string
expectedID influxdb.ID
expectedID platform.ID
flags []string
}{
{
name: "with description and retention period",
expectedID: influxdb.ID(1),
flags: []string{"--id=" + influxdb.ID(1).String()},
expectedID: platform.ID(1),
flags: []string{"--id=" + platform.ID(1).String()},
},
{
name: "shorts",
expectedID: influxdb.ID(1),
flags: []string{"-i=" + influxdb.ID(1).String()},
expectedID: platform.ID(1),
flags: []string{"-i=" + platform.ID(1).String()},
},
{
name: "with name and org name",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flags: []string{"--name=n1", "--org=org1"},
},
{
name: "with name and org name short",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flags: []string{"-n=n1", "-o=org1"},
},
{
name: "with name and org id",
expectedID: influxdb.ID(1),
flags: []string{"--name=n1", "--org-id=" + influxdb.ID(3).String()},
expectedID: platform.ID(1),
flags: []string{"--name=n1", "--org-id=" + platform.ID(3).String()},
},
}
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewBucketService()
svc.FindBucketByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) {
svc.FindBucketByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ID: id}, nil
}
svc.FindBucketFn = func(ctx context.Context, filter influxdb.BucketFilter) (*influxdb.Bucket, error) {
@ -186,7 +188,7 @@ func TestCmdBucket(t *testing.T) {
}
return nil, nil
}
svc.DeleteBucketFn = func(ctx context.Context, id influxdb.ID) error {
svc.DeleteBucketFn = func(ctx context.Context, id platform.ID) error {
if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
}
@ -226,8 +228,8 @@ func TestCmdBucket(t *testing.T) {
t.Run("list", func(t *testing.T) {
type called struct {
name string
id influxdb.ID
orgID influxdb.ID
id platform.ID
orgID platform.ID
org string
}
@ -240,15 +242,15 @@ func TestCmdBucket(t *testing.T) {
}{
{
name: "org id",
flags: []string{"--org-id=" + influxdb.ID(3).String()},
flags: []string{"--org-id=" + platform.ID(3).String()},
envVars: envVarsZeroMap,
expected: called{orgID: 3},
},
{
name: "id",
flags: []string{
"--id=" + influxdb.ID(2).String(),
"--org-id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(2).String(),
"--org-id=" + platform.ID(3).String(),
},
envVars: envVarsZeroMap,
expected: called{
@ -273,7 +275,7 @@ func TestCmdBucket(t *testing.T) {
flags: []string{
"-o=rg",
"-n=name1",
"-i=" + influxdb.ID(1).String(),
"-i=" + platform.ID(1).String(),
},
envVars: envVarsZeroMap,
expected: called{org: "rg", name: "name1", id: 1},
@ -284,31 +286,31 @@ func TestCmdBucket(t *testing.T) {
"INFLUX_ORG": "rg",
"INFLUX_BUCKET_NAME": "name1",
},
flags: []string{"-i=" + influxdb.ID(1).String()},
flags: []string{"-i=" + platform.ID(1).String()},
expected: called{org: "rg", name: "name1", id: 1},
},
{
name: "env vars 2",
envVars: map[string]string{
"INFLUX_ORG": "",
"INFLUX_ORG_ID": influxdb.ID(2).String(),
"INFLUX_ORG_ID": platform.ID(2).String(),
"INFLUX_BUCKET_NAME": "name1",
},
flags: []string{"-i=" + influxdb.ID(1).String()},
flags: []string{"-i=" + platform.ID(1).String()},
expected: called{orgID: 2, name: "name1", id: 1},
},
{
name: "ls alias",
command: "ls",
envVars: envVarsZeroMap,
flags: []string{"--org-id=" + influxdb.ID(3).String()},
flags: []string{"--org-id=" + platform.ID(3).String()},
expected: called{orgID: 3},
},
{
name: "find alias",
command: "find",
envVars: envVarsZeroMap,
flags: []string{"--org-id=" + influxdb.ID(3).String()},
flags: []string{"--org-id=" + platform.ID(3).String()},
expected: called{orgID: 3},
},
}
@ -374,7 +376,7 @@ func TestCmdBucket(t *testing.T) {
{
name: "basic just name",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
},
expected: influxdb.BucketUpdate{
@ -384,7 +386,7 @@ func TestCmdBucket(t *testing.T) {
{
name: "with all fields",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
"--description=desc",
"--retention=1m",
@ -398,7 +400,7 @@ func TestCmdBucket(t *testing.T) {
{
name: "shorts",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"-n=new name",
"-d=desc",
"-r=1m",
@ -412,7 +414,7 @@ func TestCmdBucket(t *testing.T) {
{
name: "env var",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"-d=desc",
"-r=1m",
},
@ -426,7 +428,7 @@ func TestCmdBucket(t *testing.T) {
{
name: "shard-group duration",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"--shard-group-duration=1m",
},
expected: influxdb.BucketUpdate{
@ -437,9 +439,9 @@ func TestCmdBucket(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.BucketUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewBucketService()
svc.UpdateBucketFn = func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
svc.UpdateBucketFn = func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id)
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
}
if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)

5
cmd/influx/config.go
View File

@ -5,7 +5,8 @@ import (
"net/url"
"path/filepath"
"github.com/influxdata/influxdb/v2"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/spf13/cobra"
)
@ -198,7 +199,7 @@ func (b *cmdConfigBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
}
cfg, err := svc.DeleteConfig(name)
if influxdb.ErrorCode(err) == influxdb.ENotFound {
if errors2.ErrorCode(err) == errors2.ENotFound {
continue
}
if err != nil {

35
cmd/influx/config/config.go
View File

@ -8,8 +8,9 @@ import (
"io/ioutil"
"os"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/BurntSushi/toml"
"github.com/influxdata/influxdb/v2"
)
// Config store the crendentials of influxdb host and token.
@ -52,8 +53,8 @@ type store interface {
// Switch to another config.
func (cfgs Configs) Switch(name string) error {
if _, ok := cfgs[name]; !ok {
return &influxdb.Error{
Code: influxdb.ENotFound,
return &errors.Error{
Code: errors.ENotFound,
Msg: fmt.Sprintf(`config %q is not found`, name),
}
}
@ -135,8 +136,8 @@ var badNames = map[string]bool{
func blockBadName(cfgs Configs) error {
for n := range cfgs {
if _, ok := badNames[n]; ok {
return &influxdb.Error{
Code: influxdb.EInvalid,
return &errors.Error{
Code: errors.EInvalid,
Msg: fmt.Sprintf(`%q is not a valid config name`, n),
}
}
@ -194,8 +195,8 @@ func (s baseRW) ListConfigs() (Configs, error) {
// CreateConfig create new config.
func (svc localConfigsSVC) CreateConfig(cfg Config) (Config, error) {
if cfg.Name == "" {
return Config{}, &influxdb.Error{
Code: influxdb.EInvalid,
return Config{}, &errors.Error{
Code: errors.EInvalid,
Msg: "config name is empty",
}
}
@ -204,8 +205,8 @@ func (svc localConfigsSVC) CreateConfig(cfg Config) (Config, error) {
return Config{}, err
}
if _, ok := cfgs[cfg.Name]; ok {
return Config{}, &influxdb.Error{
Code: influxdb.EConflict,
return Config{}, &errors.Error{
Code: errors.EConflict,
Msg: fmt.Sprintf("config %q already exists", cfg.Name),
}
}
@ -228,8 +229,8 @@ func (svc localConfigsSVC) DeleteConfig(name string) (Config, error) {
p, ok := cfgs[name]
if !ok {
return Config{}, &influxdb.Error{
Code: influxdb.ENotFound,
return Config{}, &errors.Error{
Code: errors.ENotFound,
Msg: fmt.Sprintf("config %q is not found", name),
}
}
@ -270,8 +271,8 @@ func (svc localConfigsSVC) UpdateConfig(up Config) (Config, error) {
}
p0, ok := cfgs[up.Name]
if !ok {
return Config{}, &influxdb.Error{
Code: influxdb.ENotFound,
return Config{}, &errors.Error{
Code: errors.ENotFound,
Msg: fmt.Sprintf("config %q is not found", up.Name),
}
}
@ -337,8 +338,8 @@ func (s baseRW) parseActiveConfig(currentOrPrevious bool) (Config, error) {
activated = cfg
hasActive = true
} else if check {
return DefaultConfig, &influxdb.Error{
Code: influxdb.EConflict,
return DefaultConfig, &errors.Error{
Code: errors.EConflict,
Msg: "more than one " + previousText + "activated configs found",
}
}
@ -346,8 +347,8 @@ func (s baseRW) parseActiveConfig(currentOrPrevious bool) (Config, error) {
if hasActive {
return activated, nil
}
return DefaultConfig, &influxdb.Error{
Code: influxdb.ENotFound,
return DefaultConfig, &errors.Error{
Code: errors.ENotFound,
Msg: previousText + "activated config is not found",
}
}

53
cmd/influx/config/config_test.go
View File

@ -4,29 +4,30 @@ import (
"bytes"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2"
influxtesting "github.com/influxdata/influxdb/v2/testing"
)
func TestWriteConfigs(t *testing.T) {
cases := []struct {
name string
err *influxdb.Error
err *errors.Error
pp Configs
result string
}{
{
name: "bad name -",
err: &influxdb.Error{
Code: influxdb.EInvalid,
err: &errors.Error{
Code: errors.EInvalid,
Msg: `"-" is not a valid config name`,
},
},
{
name: "bad name create",
err: &influxdb.Error{
Code: influxdb.EInvalid,
err: &errors.Error{
Code: errors.EInvalid,
Msg: `"create" is not a valid config name`,
},
},
@ -259,8 +260,8 @@ func TestConfigsSwith(t *testing.T) {
"a1": {Host: "host1"},
"a2": {Host: "host2"},
},
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "p1" is not found`,
},
},
@ -315,8 +316,8 @@ func TestConfigCreate(t *testing.T) {
}{
{
name: "invalid name",
err: &influxdb.Error{
Code: influxdb.EInvalid,
err: &errors.Error{
Code: errors.EInvalid,
Msg: "config name is empty",
},
},
@ -381,8 +382,8 @@ func TestConfigCreate(t *testing.T) {
Name: "default",
Host: "host1",
},
err: &influxdb.Error{
Code: influxdb.EConflict,
err: &errors.Error{
Code: errors.EConflict,
Msg: `config "default" already exists`,
},
},
@ -460,16 +461,16 @@ func TestConfigSwitch(t *testing.T) {
}{
{
name: "empty",
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "" is not found`,
},
},
{
name: "not found",
src: "default",
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "default" is not found`,
},
},
@ -576,8 +577,8 @@ func TestConfigSwitch(t *testing.T) {
},
},
src: "-",
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: "previous activated config is not found",
},
},
@ -613,8 +614,8 @@ func TestConfigUpdate(t *testing.T) {
}{
{
name: "empty",
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "" is not found`,
},
},
@ -626,8 +627,8 @@ func TestConfigUpdate(t *testing.T) {
Org: "org1",
Token: "tok1",
},
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "default" is not found`,
},
},
@ -711,8 +712,8 @@ func TestConfigDelete(t *testing.T) {
}{
{
name: "empty",
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "" is not found`,
},
},
@ -725,8 +726,8 @@ func TestConfigDelete(t *testing.T) {
Host: "host1",
},
},
err: &influxdb.Error{
Code: influxdb.ENotFound,
err: &errors.Error{
Code: errors.ENotFound,
Msg: `config "bad" is not found`,
},
},

11
cmd/influx/config_test.go
View File

@ -8,8 +8,9 @@ import (
"path/filepath"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/spf13/cobra"
"github.com/stretchr/testify/assert"
@ -96,7 +97,7 @@ func TestCmdConfig(t *testing.T) {
return &mockConfigService{
CreateConfigFn: func(cfg config.Config) (config.Config, error) {
if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{
return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("create config failed, diff %s", diff),
}
}
@ -255,7 +256,7 @@ func TestCmdConfig(t *testing.T) {
cfg.Active = true
cfg.PreviousActive = false
if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{
return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("switch config failed, diff %s", diff),
}
}
@ -380,7 +381,7 @@ func TestCmdConfig(t *testing.T) {
return &mockConfigService{
UpdateConfigFn: func(cfg config.Config) (config.Config, error) {
if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{
return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("update config failed, diff %s", diff),
}
}
@ -496,7 +497,7 @@ func TestCmdConfig(t *testing.T) {
}
}
if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{
return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("delete config failed, diff %s", diff),
}
}

13
cmd/influx/dashboard.go
View File

@ -3,6 +3,9 @@ package main
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/dashboards/transport"
@ -65,15 +68,15 @@ func (b *cmdDashboardBuilder) listRunE(cmd *cobra.Command, args []string) error
orgID, _ := b.org.getID(orgSVC)
if orgID == 0 && len(b.ids) == 0 {
return &influxdb.Error{
Code: influxdb.EUnprocessableEntity,
return &errors.Error{
Code: errors.EUnprocessableEntity,
Msg: "at least one of org, org-id, or id must be provided",
}
}
var ids []*influxdb.ID
var ids []*platform.ID
for _, rawID := range b.ids {
id, err := influxdb.IDFromString(rawID)
id, err := platform.IDFromString(rawID)
if err != nil {
return err
}
@ -93,7 +96,7 @@ func (b *cmdDashboardBuilder) listRunE(cmd *cobra.Command, args []string) error
Limit: limit,
Offset: offset,
})
if err != nil && influxdb.ErrorCode(err) != influxdb.ENotFound {
if err != nil && errors.ErrorCode(err) != errors.ENotFound {
return err
}
out = append(out, dashboards...)

4
cmd/influx/internal/tabwriter.go
View File

@ -6,7 +6,7 @@ import (
"strings"
"text/tabwriter"
platform "github.com/influxdata/influxdb/v2"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
)
// TabWriter wraps tab writer headers logic.
@ -62,7 +62,7 @@ func formatStringType(i interface{}) string {
switch i.(type) {
case int:
return "%d"
case platform.ID, string:
case platform2.ID, string:
return "%s"
}

11
cmd/influx/main.go
View File

@ -13,6 +13,9 @@ import (
"sync"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -469,7 +472,7 @@ func checkSetupRunEMiddleware(f *globalFlags) cobraRunEMiddleware {
}
ac := f.config()
if setupErr := checkSetup(ac.Host, f.skipVerify); setupErr != nil && influxdb.EUnauthorized != influxdb.ErrorCode(setupErr) {
if setupErr := checkSetup(ac.Host, f.skipVerify); setupErr != nil && errors.EUnauthorized != errors.ErrorCode(setupErr) {
cmd.OutOrStderr().Write([]byte(fmt.Sprintf("Error: %s\n", internal.ErrorFmt(err).Error())))
return internal.ErrorFmt(setupErr)
}
@ -510,16 +513,16 @@ func (o *organization) register(v *viper.Viper, cmd *cobra.Command, persistent b
opts.mustRegister(v, cmd)
}
func (o *organization) getID(orgSVC influxdb.OrganizationService) (influxdb.ID, error) {
func (o *organization) getID(orgSVC influxdb.OrganizationService) (platform.ID, error) {
if o.id != "" {
influxOrgID, err := influxdb.IDFromString(o.id)
influxOrgID, err := platform.IDFromString(o.id)
if err != nil {
return 0, fmt.Errorf("invalid org ID '%s' provided (did you pass an org name instead of an ID?): %w", o.id, err)
}
return *influxOrgID, nil
}
getOrgByName := func(name string) (influxdb.ID, error) {
getOrgByName := func(name string) (platform.ID, error) {
org, err := orgSVC.FindOrganization(context.Background(), influxdb.OrganizationFilter{
Name: &name,
})

23
cmd/influx/organization.go
View File

@ -5,6 +5,9 @@ import (
"fmt"
"io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/tenant"
"github.com/spf13/cobra"
@ -111,7 +114,7 @@ func (b *cmdOrgBuilder) deleteRunEFn(cmd *cobra.Command, args []string) error {
return fmt.Errorf("failed to initialize org service client: %v", err)
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
}
@ -171,7 +174,7 @@ func (b *cmdOrgBuilder) findRunEFn(cmd *cobra.Command, args []string) error {
}
if b.id != "" {
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
}
@ -226,7 +229,7 @@ func (b *cmdOrgBuilder) updateRunEFn(cmd *cobra.Command, args []string) error {
return fmt.Errorf("failed to initialize org service client: %v", err)
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
}
@ -341,7 +344,7 @@ func (b *cmdOrgBuilder) memberListRunEFn(cmd *cobra.Command, args []string) erro
}
if b.id != "" {
var fID influxdb.ID
var fID platform.ID
err := fID.DecodeFromString(b.id)
if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -409,7 +412,7 @@ func (b *cmdOrgBuilder) memberAddRunEFn(cmd *cobra.Command, args []string) error
}
if b.id != "" {
var fID influxdb.ID
var fID platform.ID
err := fID.DecodeFromString(b.id)
if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -423,7 +426,7 @@ func (b *cmdOrgBuilder) memberAddRunEFn(cmd *cobra.Command, args []string) error
return fmt.Errorf("failed to find org: %v", err)
}
var memberID influxdb.ID
var memberID platform.ID
err = memberID.DecodeFromString(b.memberID)
if err != nil {
return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err)
@ -486,7 +489,7 @@ func (b *cmdOrgBuilder) membersRemoveRunEFn(cmd *cobra.Command, args []string) e
}
if b.id != "" {
var fID influxdb.ID
var fID platform.ID
err := fID.DecodeFromString(b.id)
if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -500,7 +503,7 @@ func (b *cmdOrgBuilder) membersRemoveRunEFn(cmd *cobra.Command, args []string) e
return fmt.Errorf("failed to find organization: %v", err)
}
var memberID influxdb.ID
var memberID platform.ID
err = memberID.DecodeFromString(b.memberID)
if err != nil {
return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err)
@ -580,7 +583,7 @@ func (b *cmdOrgBuilder) memberList(ctx context.Context, urmSVC influxdb.UserReso
for i := 0; i < len(mappings); i++ {
select {
case <-ctx.Done():
return &influxdb.Error{
return &errors.Error{
Msg: "Timeout retrieving user details",
}
case err := <-errC:
@ -620,7 +623,7 @@ func addMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMap
return err
}
func removeMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMappingService, resourceID, userID influxdb.ID) error {
func removeMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMappingService, resourceID, userID platform.ID) error {
if err := urmSVC.DeleteUserResourceMapping(ctx, resourceID, userID); err != nil {
return fmt.Errorf("failed to remove member: %v", err)
}

72
cmd/influx/organization_test.go
View File

@ -8,6 +8,8 @@ import (
"reflect"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/stretchr/testify/assert"
"github.com/influxdata/influxdb/v2"
@ -87,27 +89,27 @@ func TestCmdOrg(t *testing.T) {
t.Run("delete", func(t *testing.T) {
tests := []struct {
name string
expectedID influxdb.ID
expectedID platform.ID
flag string
}{
{
name: "id",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flag: "--id=",
},
{
name: "shorts",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flag: "-i=",
},
}
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewOrganizationService()
svc.FindOrganizationByIDF = func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
svc.FindOrganizationByIDF = func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ID: id}, nil
}
svc.DeleteOrganizationF = func(ctx context.Context, id influxdb.ID) error {
svc.DeleteOrganizationF = func(ctx context.Context, id platform.ID) error {
if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
}
@ -140,7 +142,7 @@ func TestCmdOrg(t *testing.T) {
t.Run("list", func(t *testing.T) {
type called struct {
name string
id influxdb.ID
id platform.ID
}
tests := []struct {
@ -152,7 +154,7 @@ func TestCmdOrg(t *testing.T) {
}{
{
name: "org id",
flags: []string{"--id=" + influxdb.ID(3).String()},
flags: []string{"--id=" + platform.ID(3).String()},
envVars: envVarsZeroMap,
expected: called{id: 3},
},
@ -166,7 +168,7 @@ func TestCmdOrg(t *testing.T) {
name: "shorts",
flags: []string{
"-n=name1",
"-i=" + influxdb.ID(1).String(),
"-i=" + platform.ID(1).String(),
},
envVars: envVarsZeroMap,
expected: called{name: "name1", id: 1},
@ -174,10 +176,10 @@ func TestCmdOrg(t *testing.T) {
{
name: "env vars",
envVars: map[string]string{
"INFLUX_ORG_ID": influxdb.ID(1).String(),
"INFLUX_ORG_ID": platform.ID(1).String(),
"INFLUX_ORG": "name1",
},
flags: []string{"-i=" + influxdb.ID(1).String()},
flags: []string{"-i=" + platform.ID(1).String()},
expected: called{name: "name1", id: 1},
},
{
@ -251,7 +253,7 @@ func TestCmdOrg(t *testing.T) {
{
name: "basic just name",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
},
expected: influxdb.OrganizationUpdate{
@ -261,7 +263,7 @@ func TestCmdOrg(t *testing.T) {
{
name: "with all fields",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
"--description=desc",
},
@ -273,7 +275,7 @@ func TestCmdOrg(t *testing.T) {
{
name: "shorts",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"-n=new name",
"-d=desc",
},
@ -286,7 +288,7 @@ func TestCmdOrg(t *testing.T) {
name: "env var",
envVars: map[string]string{
"INFLUX_ORG": "new name",
"INFLUX_ORG_ID": influxdb.ID(3).String(),
"INFLUX_ORG_ID": platform.ID(3).String(),
"INFLUX_ORG_DESCRIPTION": "desc",
},
expected: influxdb.OrganizationUpdate{
@ -298,9 +300,9 @@ func TestCmdOrg(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.OrganizationUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewOrganizationService()
svc.UpdateOrganizationF = func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
svc.UpdateOrganizationF = func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id)
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
}
if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)
@ -336,8 +338,8 @@ func TestCmdOrg(t *testing.T) {
type (
called struct {
name string
id influxdb.ID
memberID influxdb.ID
id platform.ID
memberID platform.ID
}
testCase struct {
@ -384,13 +386,13 @@ func TestCmdOrg(t *testing.T) {
tests := []testCase{
{
name: "org id",
memberFlags: []string{"--id=" + influxdb.ID(3).String()},
memberFlags: []string{"--id=" + platform.ID(3).String()},
envVars: envVarsZeroMap,
expected: called{id: 3},
},
{
name: "org id short",
memberFlags: []string{"-i=" + influxdb.ID(3).String()},
memberFlags: []string{"-i=" + platform.ID(3).String()},
envVars: envVarsZeroMap,
expected: called{id: 3},
},
@ -398,7 +400,7 @@ func TestCmdOrg(t *testing.T) {
name: "org id env var",
envVars: map[string]string{
"INFLUX_ORG": "",
"INFLUX_ORG_ID": influxdb.ID(3).String(),
"INFLUX_ORG_ID": platform.ID(3).String(),
},
expected: called{id: 3},
},
@ -476,8 +478,8 @@ func TestCmdOrg(t *testing.T) {
{
name: "org id",
memberFlags: []string{
"--id=" + influxdb.ID(3).String(),
"--member=" + influxdb.ID(4).String(),
"--id=" + platform.ID(3).String(),
"--member=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4},
@ -485,8 +487,8 @@ func TestCmdOrg(t *testing.T) {
{
name: "org id shorts",
memberFlags: []string{
"-i=" + influxdb.ID(3).String(),
"-m=" + influxdb.ID(4).String(),
"-i=" + platform.ID(3).String(),
"-m=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4},
@ -495,7 +497,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name",
memberFlags: []string{
"--name=name1",
"--member=" + influxdb.ID(4).String(),
"--member=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4},
@ -504,7 +506,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name shorts",
memberFlags: []string{
"-n=name1",
"-m=" + influxdb.ID(4).String(),
"-m=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4},
@ -529,7 +531,7 @@ func TestCmdOrg(t *testing.T) {
return &influxdb.Organization{ID: 1}, nil
}
urmSVC := mock.NewUserResourceMappingService()
urmSVC.DeleteMappingFn = func(ctx context.Context, resourceID, userID influxdb.ID) error {
urmSVC.DeleteMappingFn = func(ctx context.Context, resourceID, userID platform.ID) error {
calls.memberID = userID
return nil
}
@ -544,8 +546,8 @@ func TestCmdOrg(t *testing.T) {
{
name: "org id",
memberFlags: []string{
"--id=" + influxdb.ID(3).String(),
"--member=" + influxdb.ID(4).String(),
"--id=" + platform.ID(3).String(),
"--member=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4},
@ -553,8 +555,8 @@ func TestCmdOrg(t *testing.T) {
{
name: "org id shorts",
memberFlags: []string{
"-i=" + influxdb.ID(3).String(),
"-m=" + influxdb.ID(4).String(),
"-i=" + platform.ID(3).String(),
"-m=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4},
@ -563,7 +565,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name",
memberFlags: []string{
"--name=name1",
"--member=" + influxdb.ID(4).String(),
"--member=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4},
@ -572,7 +574,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name shorts",
memberFlags: []string{
"-n=name1",
"-m=" + influxdb.ID(4).String(),
"-m=" + platform.ID(4).String(),
},
envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4},

7
cmd/influx/restore.go
View File

@ -5,7 +5,8 @@ import (
"fmt"
"os"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/http"
influxlogger "github.com/influxdata/influxdb/v2/logger"
"github.com/influxdata/influxdb/v2/restore"
@ -98,14 +99,14 @@ func (b *cmdRestoreBuilder) restoreRunE(cmd *cobra.Command, args []string) (err
BucketService: &tenant.BucketClientService{Client: client},
}
var orgID influxdb.ID
var orgID platform.ID
if b.org.id != "" {
if err := orgID.DecodeFromString(b.org.id); err != nil {
return err
}
}
var bucketID influxdb.ID
var bucketID platform.ID
if b.bucketID != "" {
if err := bucketID.DecodeFromString(b.bucketID); err != nil {
return err

4
cmd/influx/secret.go
View File

@ -4,6 +4,8 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal"
isecret "github.com/influxdata/influxdb/v2/secret"
@ -236,7 +238,7 @@ type (
secret struct {
key string
orgID influxdb.ID
orgID platform.ID
}
)

12
cmd/influx/secret_test.go
View File

@ -7,6 +7,8 @@ import (
"io/ioutil"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
"github.com/spf13/cobra"
@ -16,7 +18,7 @@ import (
)
func TestCmdSecret(t *testing.T) {
orgID := influxdb.ID(9000)
orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.SecretService, fn func(*input.UI) string) secretSVCsFn {
return func() (influxdb.SecretService, influxdb.OrganizationService, func(*input.UI) string, error) {
@ -39,7 +41,7 @@ func TestCmdSecret(t *testing.T) {
}{
{
name: "org id",
flags: []string{"--org-id=" + influxdb.ID(3).String()},
flags: []string{"--org-id=" + platform.ID(3).String()},
envVars: envVarsZeroMap,
expected: called{"k1", "k2", "k3"},
},
@ -76,7 +78,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func() (func(*globalFlags, genericCLIOpts) *cobra.Command, *called) {
calls := new(called)
svc := mock.NewSecretService()
svc.GetSecretKeysFn = func(ctx context.Context, organizationID influxdb.ID) ([]string, error) {
svc.GetSecretKeysFn = func(ctx context.Context, organizationID platform.ID) ([]string, error) {
if !organizationID.Valid() {
return []string{}, nil
}
@ -137,7 +139,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewSecretService()
svc.DeleteSecretFn = func(ctx context.Context, orgID influxdb.ID, ks ...string) error {
svc.DeleteSecretFn = func(ctx context.Context, orgID platform.ID, ks ...string) error {
if expectedKey != ks[0] {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedKey, ks[0])
}
@ -200,7 +202,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewSecretService()
svc.PatchSecretsFn = func(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
svc.PatchSecretsFn = func(ctx context.Context, orgID platform.ID, m map[string]string) error {
var key string
for k := range m {
key = k

28
cmd/influx/task.go
View File

@ -5,6 +5,8 @@ import (
"fmt"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/http"
"github.com/influxdata/influxdb/v2/tenant"
@ -169,7 +171,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
filter := influxdb.TaskFilter{}
if b.taskFindFlags.user != "" {
id, err := influxdb.IDFromString(b.taskFindFlags.user)
id, err := platform.IDFromString(b.taskFindFlags.user)
if err != nil {
return err
}
@ -180,7 +182,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
filter.Organization = b.org.name
}
if b.org.id != "" {
id, err := influxdb.IDFromString(b.org.id)
id, err := platform.IDFromString(b.org.id)
if err != nil {
return err
}
@ -195,7 +197,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
var tasks []*influxdb.Task
if b.taskID != "" {
id, err := influxdb.IDFromString(b.taskID)
id, err := platform.IDFromString(b.taskID)
if err != nil {
return err
}
@ -282,7 +284,7 @@ func (b *cmdTaskBuilder) taskRetryFailedF(*cobra.Command, []string) error {
}
}
if b.taskRerunFailedFlags.dryRun {
uniqueIDs := make(map[influxdb.ID]struct{})
uniqueIDs := make(map[platform.ID]struct{})
for _, r := range failedRuns {
uniqueIDs[r.TaskID] = struct{}{}
}
@ -300,7 +302,7 @@ func (b *cmdTaskBuilder) getFailedRunsForTaskID(limit int) ([]*influxdb.Run, err
return nil, err
}
runFilter := influxdb.RunFilter{Limit: limit}
id, err := influxdb.IDFromString(b.taskID)
id, err := platform.IDFromString(b.taskID)
if err != nil {
return nil, err
}
@ -336,7 +338,7 @@ func (b *cmdTaskBuilder) getFailedRunsForOrg(taskLimit int, runLimit int) ([]*in
taskFilter.Organization = b.org.name
}
if b.org.id != "" {
orgID, err := influxdb.IDFromString(b.org.id)
orgID, err := platform.IDFromString(b.org.id)
if err != nil {
return nil, err
}
@ -392,7 +394,7 @@ func (b *cmdTaskBuilder) taskUpdateF(cmd *cobra.Command, args []string) error {
return err
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.taskID); err != nil {
return err
}
@ -437,7 +439,7 @@ func (b *cmdTaskBuilder) taskDeleteF(cmd *cobra.Command, args []string) error {
return err
}
var id influxdb.ID
var id platform.ID
err = id.DecodeFromString(b.taskID)
if err != nil {
return err
@ -536,14 +538,14 @@ func (b *cmdTaskBuilder) taskLogFindF(cmd *cobra.Command, args []string) error {
}
var filter influxdb.LogFilter
id, err := influxdb.IDFromString(b.taskID)
id, err := platform.IDFromString(b.taskID)
if err != nil {
return err
}
filter.Task = *id
if b.runID != "" {
id, err := influxdb.IDFromString(b.runID)
id, err := platform.IDFromString(b.runID)
if err != nil {
return err
}
@ -624,7 +626,7 @@ func (b *cmdTaskBuilder) taskRunFindF(cmd *cobra.Command, args []string) error {
AfterTime: b.taskRunFindFlags.afterTime,
BeforeTime: b.taskRunFindFlags.beforeTime,
}
taskID, err := influxdb.IDFromString(b.taskID)
taskID, err := platform.IDFromString(b.taskID)
if err != nil {
return err
}
@ -632,7 +634,7 @@ func (b *cmdTaskBuilder) taskRunFindF(cmd *cobra.Command, args []string) error {
var runs []*influxdb.Run
if b.runID != "" {
id, err := influxdb.IDFromString(b.runID)
id, err := platform.IDFromString(b.runID)
if err != nil {
return err
}
@ -714,7 +716,7 @@ func (b *cmdTaskBuilder) runRetryF(*cobra.Command, []string) error {
return err
}
var taskID, runID influxdb.ID
var taskID, runID platform.ID
if err := taskID.DecodeFromString(runRetryFlags.taskID); err != nil {
return err
}

4
cmd/influx/task_test.go
View File

@ -7,6 +7,8 @@ import (
"io/ioutil"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
@ -17,7 +19,7 @@ import (
// Purpose of test suite:
// checking if cmd line tool gives all data needed for TaskService to perform functions
func TestCmdTask(t *testing.T) {
orgID := influxdb.ID(9000)
orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.TaskService) taskSVCsFn {
return func() (influxdb.TaskService, influxdb.OrganizationService, error) {

19
cmd/influx/telegraf.go
View File

@ -5,6 +5,9 @@ import (
"errors"
"io/ioutil"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/http"
@ -76,14 +79,14 @@ func (b *cmdTelegrafBuilder) listRunE(cmd *cobra.Command, args []string) error {
orgID, _ := b.org.getID(orgSVC)
if orgID == 0 && b.id == "" {
return &influxdb.Error{
Code: influxdb.EUnprocessableEntity,
return &errors2.Error{
Code: errors2.EUnprocessableEntity,
Msg: "at least one of org, org-id, or id must be provided",
}
}
if b.id != "" {
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return err
}
@ -190,13 +193,13 @@ func (b *cmdTelegrafBuilder) removeRunEFn(cmd *cobra.Command, args []string) err
}
for _, rawID := range b.ids {
id, err := influxdb.IDFromString(rawID)
id, err := platform.IDFromString(rawID)
if err != nil {
return err
}
err = svc.DeleteTelegrafConfig(context.Background(), *id)
if err != nil && influxdb.ErrorCode(err) != influxdb.ENotFound {
if err != nil && errors2.ErrorCode(err) != errors2.ENotFound {
return err
}
}
@ -247,7 +250,7 @@ func (b *cmdTelegrafBuilder) updateRunEFn(cmd *cobra.Command, args []string) err
return err
}
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return err
}
@ -309,8 +312,8 @@ func (b *cmdTelegrafBuilder) readConfig(file string) (string, error) {
stdIn, err := inStdIn(b.in)
if err != nil {
return "", &influxdb.Error{
Code: influxdb.EUnprocessableEntity,
return "", &errors2.Error{
Code: errors2.EUnprocessableEntity,
Err: errors.New("a Telegraf config must be provided"),
}
}

30
cmd/influx/template.go
View File

@ -17,6 +17,8 @@ import (
"strings"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/fatih/color"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -216,7 +218,7 @@ func (b *cmdTemplateBuilder) applyRunEFn(cmd *cobra.Command, args []string) erro
}
}
var stackID influxdb.ID
var stackID platform.ID
if b.stackID != "" {
if err := stackID.DecodeFromString(b.stackID); err != nil {
return err
@ -407,7 +409,7 @@ func (b *cmdTemplateBuilder) exportRunEFn(cmd *cobra.Command, args []string) err
}
if b.stackID != "" {
stackID, err := influxdb.IDFromString(b.stackID)
stackID, err := platform.IDFromString(b.stackID)
if err != nil {
return ierror.Wrap(err, "invalid stack ID provided")
}
@ -558,7 +560,7 @@ func (b *cmdTemplateBuilder) exportStackRunEFn(cmd *cobra.Command, args []string
return err
}
stackID, err := influxdb.IDFromString(args[0])
stackID, err := platform.IDFromString(args[0])
if err != nil {
return err
}
@ -718,9 +720,9 @@ func (b *cmdTemplateBuilder) stackListRunEFn(cmd *cobra.Command, args []string)
return err
}
var stackIDs []influxdb.ID
var stackIDs []platform.ID
for _, rawID := range b.stackIDs {
id, err := influxdb.IDFromString(rawID)
id, err := platform.IDFromString(rawID)
if err != nil {
return err
}
@ -774,9 +776,9 @@ func (b *cmdTemplateBuilder) stackRemoveRunEFn(cmd *cobra.Command, args []string
return err
}
var stackIDs []influxdb.ID
var stackIDs []platform.ID
for _, rawID := range b.stackIDs {
id, err := influxdb.IDFromString(rawID)
id, err := platform.IDFromString(rawID)
if err != nil {
return err
}
@ -820,7 +822,7 @@ func (b *cmdTemplateBuilder) stackRemoveRunEFn(cmd *cobra.Command, args []string
}
}
err := templateSVC.DeleteStack(context.Background(), struct{ OrgID, UserID, StackID influxdb.ID }{
err := templateSVC.DeleteStack(context.Background(), struct{ OrgID, UserID, StackID platform.ID }{
OrgID: orgID,
UserID: 0,
StackID: stack.ID,
@ -883,7 +885,7 @@ func (b *cmdTemplateBuilder) stackUpdateRunEFn(cmd *cobra.Command, args []string
return err
}
stackID, err := influxdb.IDFromString(b.stackID)
stackID, err := platform.IDFromString(b.stackID)
if err != nil {
return ierror.Wrap(err, "required stack id is invalid")
}
@ -917,7 +919,7 @@ func (b *cmdTemplateBuilder) stackUpdateRunEFn(cmd *cobra.Command, args []string
return errors.New("resource type is invalid; got: " + b.exportOpts.resourceType)
}
id, err := influxdb.IDFromString(idRaw)
id, err := platform.IDFromString(idRaw)
if err != nil {
return ierror.Wrap(err, fmt.Sprintf("%s resource id %q is invalid", kind, idRaw))
}
@ -1197,9 +1199,9 @@ func newResourcesToClone(kind pkger.Kind, idStrs, names []string) (pkger.ExportO
return pkger.ExportWithExistingResources(resources...), nil
}
func toInfluxIDs(args []string) ([]influxdb.ID, error) {
func toInfluxIDs(args []string) ([]platform.ID, error) {
var (
ids []influxdb.ID
ids []platform.ID
errs []string
)
for _, arg := range args {
@ -1208,7 +1210,7 @@ func toInfluxIDs(args []string) ([]influxdb.ID, error) {
continue
}
id, err := influxdb.IDFromString(normedArg)
id, err := platform.IDFromString(normedArg)
if err != nil {
errs = append(errs, "arg must provide a valid 16 length ID; got: "+arg)
continue
@ -1568,7 +1570,7 @@ func (b *cmdTemplateBuilder) printTemplateDiff(diff pkger.Diff) error {
return nil
}
func (b *cmdTemplateBuilder) printTemplateSummary(stackID influxdb.ID, sum pkger.Summary) error {
func (b *cmdTemplateBuilder) printTemplateSummary(stackID platform.ID, sum pkger.Summary) error {
if b.quiet {
return nil
}

80
cmd/influx/template_test.go
View File

@ -15,6 +15,8 @@ import (
"strings"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
"github.com/influxdata/influxdb/v2/pkger"
@ -28,7 +30,7 @@ func Test_Template_Commands(t *testing.T) {
return func() (pkger.SVC, influxdb.OrganizationService, error) {
return svc, &mock.OrganizationService{
FindOrganizationF: func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) {
return &influxdb.Organization{ID: influxdb.ID(9000), Name: "influxdata"}, nil
return &influxdb.Organization{ID: platform.ID(9000), Name: "influxdata"}, nil
},
}, nil
}
@ -43,7 +45,7 @@ func Test_Template_Commands(t *testing.T) {
assert.Equal(t, "bucket1", sum.Buckets[0].Name)
}
expectedOrgID := influxdb.ID(9000)
expectedOrgID := platform.ID(9000)
tests := []struct {
templateFileArgs
@ -246,15 +248,15 @@ func Test_Template_Commands(t *testing.T) {
tests := []struct {
name string
templateFileArgs
bucketIDs []influxdb.ID
dashIDs []influxdb.ID
endpointIDs []influxdb.ID
labelIDs []influxdb.ID
ruleIDs []influxdb.ID
taskIDs []influxdb.ID
telegrafIDs []influxdb.ID
varIDs []influxdb.ID
stackID influxdb.ID
bucketIDs []platform.ID
dashIDs []platform.ID
endpointIDs []platform.ID
labelIDs []platform.ID
ruleIDs []platform.ID
taskIDs []platform.ID
telegrafIDs []platform.ID
varIDs []platform.ID
stackID platform.ID
}{
{
templateFileArgs: templateFileArgs{
@ -262,7 +264,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
bucketIDs: []influxdb.ID{1, 2},
bucketIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -270,7 +272,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
dashIDs: []influxdb.ID{1, 2},
dashIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -278,7 +280,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
endpointIDs: []influxdb.ID{1, 2},
endpointIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -286,7 +288,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
labelIDs: []influxdb.ID{1, 2},
labelIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -294,7 +296,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
ruleIDs: []influxdb.ID{1, 2},
ruleIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -302,7 +304,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
taskIDs: []influxdb.ID{1, 2},
taskIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -310,7 +312,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
telegrafIDs: []influxdb.ID{1, 2},
telegrafIDs: []platform.ID{1, 2},
},
{
templateFileArgs: templateFileArgs{
@ -318,7 +320,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
},
varIDs: []influxdb.ID{1, 2},
varIDs: []platform.ID{1, 2},
},
}
@ -368,7 +370,7 @@ func Test_Template_Commands(t *testing.T) {
testPkgWrites(t, cmdFn, tt.templateFileArgs, func(t *testing.T, pkg *pkger.Template) {
sum := pkg.Summary()
kindToName := func(k pkger.Kind, id influxdb.ID) string {
kindToName := func(k pkger.Kind, id platform.ID) string {
return strings.ToLower(k.String()) + strconv.Itoa(int(id))
}
@ -448,7 +450,7 @@ func Test_Template_Commands(t *testing.T) {
name: "stack",
encoding: pkger.EncodingYAML,
filename: "pkg_0.yml",
args: []string{"export", "--stack-id=" + influxdb.ID(1).String()},
args: []string{"export", "--stack-id=" + platform.ID(1).String()},
}
testPkgWrites(t, cmdFn, tmplFileArgs, func(t *testing.T, pkg *pkger.Template) {
@ -509,7 +511,7 @@ func Test_Template_Commands(t *testing.T) {
}{
{
name: "when only org and token provided is successful",
args: []string{"--org-id=" + influxdb.ID(1).String()},
args: []string{"--org-id=" + platform.ID(1).String()},
expectedStack: pkger.Stack{
OrgID: 1,
Events: []pkger.StackEvent{{
@ -520,7 +522,7 @@ func Test_Template_Commands(t *testing.T) {
{
name: "when org and name provided provided is successful",
args: []string{
"--org-id=" + influxdb.ID(1).String(),
"--org-id=" + platform.ID(1).String(),
"--stack-name=foo",
},
expectedStack: pkger.Stack{
@ -534,7 +536,7 @@ func Test_Template_Commands(t *testing.T) {
{
name: "when all flags provided provided is successful",
args: []string{
"--org-id=" + influxdb.ID(1).String(),
"--org-id=" + platform.ID(1).String(),
"--stack-name=foo",
"--stack-description=desc",
"--template-url=http://example.com/1",
@ -556,7 +558,7 @@ func Test_Template_Commands(t *testing.T) {
{
name: "when all shorthand flags provided provided is successful",
args: []string{
"--org-id=" + influxdb.ID(1).String(),
"--org-id=" + platform.ID(1).String(),
"-n=foo",
"-d=desc",
"-u=http://example.com/1",
@ -595,7 +597,7 @@ func Test_Template_Commands(t *testing.T) {
rootCmd := builder.cmd(func(f *globalFlags, opt genericCLIOpts) *cobra.Command {
echoSVC := &fakePkgSVC{
initStackFn: func(ctx context.Context, userID influxdb.ID, stCreate pkger.StackCreate) (pkger.Stack, error) {
initStackFn: func(ctx context.Context, userID platform.ID, stCreate pkger.StackCreate) (pkger.Stack, error) {
return pkger.Stack{
ID: 9000,
OrgID: stCreate.OrgID,
@ -731,7 +733,7 @@ func Test_Template_Commands(t *testing.T) {
return newCmdPkgerBuilder(fakeSVCFn(echoSVC), f, opt).cmdStacks()
})
baseArgs := []string{"stacks", "update", "--stack-id=" + influxdb.ID(1).String(), "--json"}
baseArgs := []string{"stacks", "update", "--stack-id=" + platform.ID(1).String(), "--json"}
rootCmd.SetArgs(append(baseArgs, tt.args...))
@ -888,39 +890,39 @@ func testPkgWritesToBuffer(newCmdFn func(w io.Writer) *cobra.Command, args templ
}
type fakePkgSVC struct {
initStackFn func(ctx context.Context, userID influxdb.ID, stack pkger.StackCreate) (pkger.Stack, error)
initStackFn func(ctx context.Context, userID platform.ID, stack pkger.StackCreate) (pkger.Stack, error)
updateStackFn func(ctx context.Context, upd pkger.StackUpdate) (pkger.Stack, error)
exportFn func(ctx context.Context, setters ...pkger.ExportOptFn) (*pkger.Template, error)
dryRunFn func(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
applyFn func(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
dryRunFn func(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
applyFn func(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
}
var _ pkger.SVC = (*fakePkgSVC)(nil)
func (f *fakePkgSVC) InitStack(ctx context.Context, userID influxdb.ID, stack pkger.StackCreate) (pkger.Stack, error) {
func (f *fakePkgSVC) InitStack(ctx context.Context, userID platform.ID, stack pkger.StackCreate) (pkger.Stack, error) {
if f.initStackFn != nil {
return f.initStackFn(ctx, userID, stack)
}
panic("not implemented")
}
func (f *fakePkgSVC) ListStacks(ctx context.Context, orgID influxdb.ID, filter pkger.ListFilter) ([]pkger.Stack, error) {
func (f *fakePkgSVC) ListStacks(ctx context.Context, orgID platform.ID, filter pkger.ListFilter) ([]pkger.Stack, error) {
panic("not implemented")
}
func (f *fakePkgSVC) UninstallStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID influxdb.ID }) (pkger.Stack, error) {
func (f *fakePkgSVC) UninstallStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID platform.ID }) (pkger.Stack, error) {
panic("not implemeted")
}
func (f *fakePkgSVC) DeleteStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID influxdb.ID }) error {
func (f *fakePkgSVC) DeleteStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID platform.ID }) error {
panic("not implemented")
}
func (f *fakePkgSVC) ExportStack(ctx context.Context, orgID, stackID influxdb.ID) (*pkger.Template, error) {
func (f *fakePkgSVC) ExportStack(ctx context.Context, orgID, stackID platform.ID) (*pkger.Template, error) {
panic("not implemented")
}
func (f *fakePkgSVC) ReadStack(ctx context.Context, id influxdb.ID) (pkger.Stack, error) {
func (f *fakePkgSVC) ReadStack(ctx context.Context, id platform.ID) (pkger.Stack, error) {
panic("not implemented")
}
@ -938,14 +940,14 @@ func (f *fakePkgSVC) Export(ctx context.Context, setters ...pkger.ExportOptFn) (
panic("not implemented")
}
func (f *fakePkgSVC) DryRun(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
func (f *fakePkgSVC) DryRun(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
if f.dryRunFn != nil {
return f.dryRunFn(ctx, orgID, userID, opts...)
}
panic("not implemented")
}
func (f *fakePkgSVC) Apply(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
func (f *fakePkgSVC) Apply(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
if f.applyFn != nil {
return f.applyFn(ctx, orgID, userID, opts...)
}
@ -968,7 +970,7 @@ func newTempFile(t *testing.T, dir string) *os.File {
return f
}
func idsStr(ids ...influxdb.ID) string {
func idsStr(ids ...platform.ID) string {
var idStrs []string
for _, id := range ids {
idStrs = append(idStrs, id.String())

10
cmd/influx/user.go
View File

@ -4,6 +4,8 @@ import (
"context"
"fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/http"
@ -87,7 +89,7 @@ func (b *cmdUserBuilder) cmdPasswordRunEFn(cmd *cobra.Command, args []string) er
filter.Name = &b.name
}
if b.id != "" {
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return err
}
@ -128,7 +130,7 @@ func (b *cmdUserBuilder) cmdUpdateRunEFn(cmd *cobra.Command, args []string) erro
return err
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.id); err != nil {
return err
}
@ -257,7 +259,7 @@ func (b *cmdUserBuilder) cmdFindRunEFn(*cobra.Command, []string) error {
filter.Name = &b.name
}
if b.id != "" {
id, err := influxdb.IDFromString(b.id)
id, err := platform.IDFromString(b.id)
if err != nil {
return err
}
@ -289,7 +291,7 @@ func (b *cmdUserBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) erro
return err
}
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(b.id); err != nil {
return err
}

44
cmd/influx/user_test.go
View File

@ -9,6 +9,8 @@ import (
"reflect"
"testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/mock"
@ -19,7 +21,7 @@ import (
)
func TestCmdUser(t *testing.T) {
var org = &influxdb.Organization{ID: influxdb.ID(9000), Name: "org name"}
var org = &influxdb.Organization{ID: platform.ID(9000), Name: "org name"}
var orgNameFlag = fmt.Sprintf("--org=%s", org.Name)
type orgSetResult struct {
@ -156,7 +158,7 @@ func TestCmdUser(t *testing.T) {
return nil
}
passSVC := mock.NewPasswordsService()
passSVC.SetPasswordFn = func(ctx context.Context, id influxdb.ID, password string) error {
passSVC.SetPasswordFn = func(ctx context.Context, id platform.ID, password string) error {
if expected.password != password {
return fmt.Errorf("unexpected password;\n\twant= %+v\n\tgot= %+v", expected.password, password)
}
@ -220,27 +222,27 @@ func TestCmdUser(t *testing.T) {
t.Run("delete", func(t *testing.T) {
tests := []struct {
name string
expectedID influxdb.ID
expectedID platform.ID
flag string
}{
{
name: "long id",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flag: "--id=",
},
{
name: "shorts",
expectedID: influxdb.ID(1),
expectedID: platform.ID(1),
flag: "-i=",
},
}
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewUserService()
svc.FindUserByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) {
svc.FindUserByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ID: id}, nil
}
svc.DeleteUserFn = func(ctx context.Context, id influxdb.ID) error {
svc.DeleteUserFn = func(ctx context.Context, id platform.ID) error {
if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
}
@ -273,7 +275,7 @@ func TestCmdUser(t *testing.T) {
t.Run("list", func(t *testing.T) {
type called struct {
name string
id influxdb.ID
id platform.ID
}
tests := []struct {
@ -285,7 +287,7 @@ func TestCmdUser(t *testing.T) {
{
name: "id",
flags: []string{
"--id=" + influxdb.ID(2).String(),
"--id=" + platform.ID(2).String(),
},
expected: called{
id: 2,
@ -300,7 +302,7 @@ func TestCmdUser(t *testing.T) {
name: "shorts",
flags: []string{
"-n=name1",
"-i=" + influxdb.ID(1).String(),
"-i=" + platform.ID(1).String(),
},
expected: called{name: "name1", id: 1},
},
@ -308,7 +310,7 @@ func TestCmdUser(t *testing.T) {
name: "ls alias",
command: "ls",
flags: []string{
"--id=" + influxdb.ID(2).String(),
"--id=" + platform.ID(2).String(),
},
expected: called{
id: 2,
@ -318,7 +320,7 @@ func TestCmdUser(t *testing.T) {
name: "find alias",
command: "find",
flags: []string{
"--id=" + influxdb.ID(2).String(),
"--id=" + platform.ID(2).String(),
},
expected: called{
id: 2,
@ -378,7 +380,7 @@ func TestCmdUser(t *testing.T) {
{
name: "basic just name",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
},
expected: influxdb.UserUpdate{
@ -388,7 +390,7 @@ func TestCmdUser(t *testing.T) {
{
name: "with all fields",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
"--name=new name",
},
expected: influxdb.UserUpdate{
@ -398,7 +400,7 @@ func TestCmdUser(t *testing.T) {
{
name: "shorts",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"-n=new name",
},
expected: influxdb.UserUpdate{
@ -409,9 +411,9 @@ func TestCmdUser(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.UserUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewUserService()
svc.UpdateUserFn = func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
svc.UpdateUserFn = func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id)
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
}
if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected User update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)
@ -450,14 +452,14 @@ func TestCmdUser(t *testing.T) {
{
name: "basic id",
flags: []string{
"--id=" + influxdb.ID(3).String(),
"--id=" + platform.ID(3).String(),
},
expected: "pass1",
},
{
name: "shorts",
flags: []string{
"-i=" + influxdb.ID(3).String(),
"-i=" + platform.ID(3).String(),
"-n=new name",
},
expected: "pass1",
@ -477,7 +479,7 @@ func TestCmdUser(t *testing.T) {
return usr, nil
}
passSVC := mock.NewPasswordsService()
passSVC.SetPasswordFn = func(ctx context.Context, id influxdb.ID, pass string) error {
passSVC.SetPasswordFn = func(ctx context.Context, id platform.ID, pass string) error {
if pass != expected {
return fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", pass, expected)
}

14
cmd/influx/v1_authorization.go
View File

@ -6,6 +6,8 @@ import (
"fmt"
"io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
cinternal "github.com/influxdata/influxdb/v2/cmd/internal"
@ -16,12 +18,12 @@ import (
)
type v1Token struct {
ID influxdb.ID `json:"id"`
ID platform.ID `json:"id"`
Description string `json:"description"`
Token string `json:"token"`
Status string `json:"status"`
UserName string `json:"userName"`
UserID influxdb.ID `json:"userID"`
UserID platform.ID `json:"userID"`
Permissions []string `json:"permissions"`
}
@ -142,7 +144,7 @@ func makeV1AuthorizationCreateE(opt genericCLIOpts) func(*cobra.Command, []strin
var permissions []influxdb.Permission
for _, bp := range bucketPerms {
for _, p := range bp.perms {
var id influxdb.ID
var id platform.ID
if err := id.DecodeFromString(p); err != nil {
return fmt.Errorf("invalid bucket ID '%s': %w (did you pass a bucket name instead of an ID?)", p, err)
}
@ -251,7 +253,7 @@ func v1AuthorizationFindF(cmd *cobra.Command, _ []string) error {
filter.User = &v1AuthorizationFindFlags.user
}
if v1AuthorizationFindFlags.userID != "" {
uID, err := influxdb.IDFromString(v1AuthorizationFindFlags.userID)
uID, err := platform.IDFromString(v1AuthorizationFindFlags.userID)
if err != nil {
return fmt.Errorf("invalid user ID '%s': %w (did you pass a username instead of an ID?)", v1AuthorizationFindFlags.userID, err)
}
@ -261,7 +263,7 @@ func v1AuthorizationFindF(cmd *cobra.Command, _ []string) error {
filter.Org = &v1AuthorizationFindFlags.org.name
}
if v1AuthorizationFindFlags.org.id != "" {
oID, err := influxdb.IDFromString(v1AuthorizationFindFlags.org.id)
oID, err := platform.IDFromString(v1AuthorizationFindFlags.org.id)
if err != nil {
return fmt.Errorf("invalid org ID '%s': %w (did you pass an org name instead of an ID?)", v1AuthorizationFindFlags.org.id, err)
}
@ -548,7 +550,7 @@ func v1FindOneAuthorization(s *authorization.Client, filter influxdb.Authorizati
}
type v1AuthLookupFlags struct {
id influxdb.ID
id platform.ID
username string
required bool // required when set to true determines whether validate expects either id or username to be set
}

12
cmd/influx/v1_dbrp.go
View File

@ -4,6 +4,8 @@ import (
"context"
"io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/dbrp"
@ -33,10 +35,10 @@ var v1DBRPCRUDFlags struct {
}
var v1DBRPFindFlags struct {
BucketID influxdb.ID // Specifies the bucket ID to filter on
BucketID platform.ID // Specifies the bucket ID to filter on
DB string // Specifies the database to filter on
Default *bool // Specifies filtering on default
ID influxdb.ID // Specifies the mapping ID to filter on
ID platform.ID // Specifies the mapping ID to filter on
Org organization // required // Specifies the organization ID to filter on
RP string // Specifies the retention policy to filter on
}
@ -121,7 +123,7 @@ func v1DBRPFindF(cmd *cobra.Command, _ []string) error {
}
var v1DBRPCreateFlags struct {
BucketID influxdb.ID // Specifies the bucket ID to associate with the mapping
BucketID platform.ID // Specifies the bucket ID to associate with the mapping
DB string // Specifies the database of the database
Default bool // Specifies filtering on default
Org organization // Specifies the organization ID to filter on
@ -237,7 +239,7 @@ func v1WriteDBRPs(w io.Writer, printOpts v1DBRPPrintOpt) error {
}
var v1DBRPDeleteFlags struct {
ID influxdb.ID
ID platform.ID
Org organization
}
@ -292,7 +294,7 @@ func v1DBRPDeleteF(cmd *cobra.Command, _ []string) error {
}
var v1DBRPUpdateFlags struct {
ID influxdb.ID // Specifies the mapping ID to update
ID platform.ID // Specifies the mapping ID to update
Org organization // Specifies the organization ID
Default *bool // A nil value means that Default is unset in the Flags
RP string // Updated name of the retention policy

6
cmd/influx/write.go
View File

@ -14,6 +14,8 @@ import (
"strconv"
"strings"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/fujiwara/shapeio"
platform "github.com/influxdata/influxdb/v2"
ihttp "github.com/influxdata/influxdb/v2/http"
@ -366,7 +368,7 @@ func (b *writeFlagsBuilder) writeRunE(cmd *cobra.Command, args []string) error {
)
if b.BucketID != "" {
filter.ID, err = platform.IDFromString(b.BucketID)
filter.ID, err = platform2.IDFromString(b.BucketID)
if err != nil {
return fmt.Errorf("failed to decode bucket-id: %v", err)
}
@ -376,7 +378,7 @@ func (b *writeFlagsBuilder) writeRunE(cmd *cobra.Command, args []string) error {
}
if b.org.id != "" {
filter.OrganizationID, err = platform.IDFromString(b.org.id)
filter.OrganizationID, err = platform2.IDFromString(b.org.id)
if err != nil {
return fmt.Errorf("failed to decode org-id id: %v", err)
}

9
cmd/influxd/inspect/export_lp.go
View File

@ -13,7 +13,8 @@ import (
"sync"
"time"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/cli"
"github.com/influxdata/influxdb/v2/models"
"github.com/influxdata/influxdb/v2/pkg/escape"
@ -27,7 +28,7 @@ import (
// exportFlags contains CLI-compatible forms of export options.
type exportFlags struct {
enginePath string
bucketID influxdb.ID
bucketID platform.ID
measurements []string
startTime string
endTime string
@ -206,7 +207,7 @@ func exportRunE(cmd *cobra.Command, flags *exportFlags) error {
}
// exportTSMs finds, reads, and exports all data stored in TSM files for a bucket that matches a set of filters.
func exportTSMs(engineDir string, bucketID influxdb.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
func exportTSMs(engineDir string, bucketID platform.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
// TSM is stored under `<engine>/data/<bucket-id>/<rp>/<shard-id>/*.tsm`
tsmDir := filepath.Join(engineDir, "data", bucketID.String())
tsmPattern := filepath.Join(tsmDir, "*", "*", fmt.Sprintf("*.%s", tsm1.TSMFileExtension))
@ -289,7 +290,7 @@ func exportTSM(tsmFile string, filters *exportFilters, out io.Writer, log *zap.L
//
// N.B. exported lines can include some duplicates from a matching call to exportTSMs on the same engine/bucket.
// This is OK since writes are idempotent.
func exportWALs(engineDir string, bucketID influxdb.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
func exportWALs(engineDir string, bucketID platform.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
// WAL is stored under `<engine>/wal/<bucket-id>/<rp>/<shard-id>/*.wal`
walDir := filepath.Join(engineDir, "wal", bucketID.String())
walPattern := filepath.Join(walDir, "*", "*", fmt.Sprintf("*.%s", tsm1.WALFileExtension))

5
cmd/influxd/launcher/backup_restore_test.go
View File

@ -2,6 +2,7 @@ package launcher_test
import (
"context"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"io/ioutil"
"os"
"testing"
@ -80,7 +81,7 @@ func TestBackupRestore_Full(t *testing.T) {
// Check that orgs and buckets were reset to match the original server's metadata.
_, err = l2.OrgService(t).FindOrganizationByID(ctx, l2.Org.ID)
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err))
require.Equal(t, errors.ENotFound, errors.ErrorCode(err))
rbkt1, err := l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l1.Org.ID, ID: &l1.Bucket.ID})
require.NoError(t, err)
require.Equal(t, l1.Bucket.Name, rbkt1.Name)
@ -88,7 +89,7 @@ func TestBackupRestore_Full(t *testing.T) {
require.NoError(t, err)
require.Equal(t, b1.Name, rbkt2.Name)
_, err = l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l2.Org.ID, ID: &b2.ID})
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err))
require.Equal(t, errors.ENotFound, errors.ErrorCode(err))
// Check that data was restored to buckets.
q1 := `from(bucket:"BUCKET") |> range(start:2000-01-01T00:00:00Z,stop:2000-01-02T00:00:00Z)`

16
cmd/influxd/launcher/engine.go
View File

@ -8,6 +8,8 @@ import (
"sync"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/http"
"github.com/influxdata/influxdb/v2/kit/prom"
@ -29,7 +31,7 @@ type Engine interface {
influxdb.BackupService
influxdb.RestoreService
SeriesCardinality(orgID, bucketID influxdb.ID) int64
SeriesCardinality(orgID, bucketID platform.ID) int64
TSDBStore() storage.TSDBStore
MetaClient() storage.MetaClient
@ -109,17 +111,17 @@ func (t *TemporaryEngine) Close() error {
}
// WritePoints stores points into the storage engine.
func (t *TemporaryEngine) WritePoints(ctx context.Context, orgID influxdb.ID, bucketID influxdb.ID, points []models.Point) error {
func (t *TemporaryEngine) WritePoints(ctx context.Context, orgID platform.ID, bucketID platform.ID, points []models.Point) error {
return t.engine.WritePoints(ctx, orgID, bucketID, points)
}
// SeriesCardinality returns the number of series in the engine.
func (t *TemporaryEngine) SeriesCardinality(orgID, bucketID influxdb.ID) int64 {
func (t *TemporaryEngine) SeriesCardinality(orgID, bucketID platform.ID) int64 {
return t.engine.SeriesCardinality(orgID, bucketID)
}
// DeleteBucketRangePredicate will delete a bucket from the range and predicate.
func (t *TemporaryEngine) DeleteBucketRangePredicate(ctx context.Context, orgID, bucketID influxdb.ID, min, max int64, pred influxdb.Predicate) error {
func (t *TemporaryEngine) DeleteBucketRangePredicate(ctx context.Context, orgID, bucketID platform.ID, min, max int64, pred influxdb.Predicate) error {
return t.engine.DeleteBucketRangePredicate(ctx, orgID, bucketID, min, max, pred)
}
@ -127,12 +129,12 @@ func (t *TemporaryEngine) CreateBucket(ctx context.Context, b *influxdb.Bucket)
return t.engine.CreateBucket(ctx, b)
}
func (t *TemporaryEngine) UpdateBucketRetentionPolicy(ctx context.Context, bucketID influxdb.ID, upd *influxdb.BucketUpdate) error {
func (t *TemporaryEngine) UpdateBucketRetentionPolicy(ctx context.Context, bucketID platform.ID, upd *influxdb.BucketUpdate) error {
return t.engine.UpdateBucketRetentionPolicy(ctx, bucketID, upd)
}
// DeleteBucket deletes a bucket from the time-series data.
func (t *TemporaryEngine) DeleteBucket(ctx context.Context, orgID, bucketID influxdb.ID) error {
func (t *TemporaryEngine) DeleteBucket(ctx context.Context, orgID, bucketID platform.ID) error {
return t.engine.DeleteBucket(ctx, orgID, bucketID)
}
@ -166,7 +168,7 @@ func (t *TemporaryEngine) RestoreKVStore(ctx context.Context, r io.Reader) error
return t.engine.RestoreKVStore(ctx, r)
}
func (t *TemporaryEngine) RestoreBucket(ctx context.Context, id influxdb.ID, dbi []byte) (map[uint64]uint64, error) {
func (t *TemporaryEngine) RestoreBucket(ctx context.Context, id platform.ID, dbi []byte) (map[uint64]uint64, error) {
return t.engine.RestoreBucket(ctx, id, dbi)
}

6
cmd/influxd/launcher/launcher.go
View File

@ -14,6 +14,8 @@ import (
"sync"
"time"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/flux"
"github.com/influxdata/flux/dependencies/testing"
platform "github.com/influxdata/influxdb/v2"
@ -480,7 +482,7 @@ func (m *Launcher) run(ctx context.Context, opts *InfluxdOpts) (err error) {
scheduler.WithOnErrorFn(func(ctx context.Context, taskID scheduler.ID, scheduledAt time.Time, err error) {
schLogger.Info(
"error in scheduler run",
zap.String("taskID", platform.ID(taskID).String()),
zap.String("taskID", platform2.ID(taskID).String()),
zap.Time("scheduledAt", scheduledAt),
zap.Error(err))
}),
@ -506,7 +508,7 @@ func (m *Launcher) run(ctx context.Context, opts *InfluxdOpts) (err error) {
taskSvc,
combinedTaskService,
taskCoord,
func(ctx context.Context, taskID platform.ID, runID platform.ID) error {
func(ctx context.Context, taskID platform2.ID, runID platform2.ID) error {
_, err := executor.ResumeCurrentRun(ctx, taskID, runID)
return err
},

193
cmd/influxd/launcher/pkger_test.go
View File

@ -12,6 +12,9 @@ import (
"testing"
"time"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock"
"github.com/influxdata/influxdb/v2/notification"
@ -38,9 +41,9 @@ func TestLauncher_Pkger(t *testing.T) {
resourceCheck := newResourceChecker(l)
deleteStackFn := func(t *testing.T, stackID influxdb.ID) {
deleteStackFn := func(t *testing.T, stackID platform.ID) {
t.Helper()
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: stackID,
@ -256,7 +259,7 @@ func TestLauncher_Pkger(t *testing.T) {
for _, b := range summary.Buckets {
_, err := resourceCheck.getBucket(t, bySafeID(b.ID))
assertErrorCode(t, influxdb.ENotFound, err)
assertErrorCode(t, errors2.ENotFound, err)
}
for _, c := range summary.Checks {
@ -266,12 +269,12 @@ func TestLauncher_Pkger(t *testing.T) {
for _, d := range summary.Dashboards {
_, err := resourceCheck.getDashboard(t, bySafeID(d.ID))
assertErrorCode(t, influxdb.ENotFound, err)
assertErrorCode(t, errors2.ENotFound, err)
}
for _, l := range summary.Labels {
_, err := resourceCheck.getLabel(t, bySafeID(l.ID))
assertErrorCode(t, influxdb.ENotFound, err)
assertErrorCode(t, errors2.ENotFound, err)
}
for _, e := range summary.NotificationEndpoints {
@ -296,7 +299,7 @@ func TestLauncher_Pkger(t *testing.T) {
for _, v := range summary.Variables {
_, err := resourceCheck.getVariable(t, bySafeID(v.ID))
assertErrorCode(t, influxdb.ENotFound, err)
assertErrorCode(t, errors2.ENotFound, err)
}
}
@ -336,7 +339,7 @@ func TestLauncher_Pkger(t *testing.T) {
t.Run("filters stacks by ID filter", func(t *testing.T) {
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{newStack1.ID},
StackIDs: []platform.ID{newStack1.ID},
})
require.NoError(t, err)
require.Len(t, stacks, 1)
@ -408,7 +411,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, sum.Variables, 1)
assert.NotZero(t, sum.Variables[0].ID)
_, err = svc.UninstallStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
_, err = svc.UninstallStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: newStack.ID,
@ -471,7 +474,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, sum.Variables, 1)
assert.NotZero(t, sum.Variables[0].ID)
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: newStack.ID,
@ -485,7 +488,7 @@ func TestLauncher_Pkger(t *testing.T) {
newStack, cleanup := newStackFn(t, pkger.StackCreate{})
defer cleanup()
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: newStack.ID,
@ -493,7 +496,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.NoError(t, err)
// delete same stack
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: newStack.ID,
@ -503,7 +506,7 @@ func TestLauncher_Pkger(t *testing.T) {
t.Run("that doesn't exist should be successful", func(t *testing.T) {
// delete stack that doesn't exist
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID,
UserID: l.User.ID,
StackID: 9000,
@ -531,8 +534,8 @@ func TestLauncher_Pkger(t *testing.T) {
require.NoError(t, err)
assert.Equal(t, newStack2, actual)
_, err = svc.ReadStack(ctx, influxdb.ID(9000))
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err))
_, err = svc.ReadStack(ctx, platform.ID(9000))
require.Equal(t, errors2.ENotFound, errors2.ErrorCode(err))
})
t.Run("updating a stack", func(t *testing.T) {
@ -687,7 +690,7 @@ func TestLauncher_Pkger(t *testing.T) {
sumEquals(t, impact)
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{newStack.ID},
StackIDs: []platform.ID{newStack.ID},
})
require.NoError(t, err)
@ -696,7 +699,7 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("apply a pkg with a stack and associations", func(t *testing.T) {
testLabelMappingFn := func(t *testing.T, stackID influxdb.ID, pkg *pkger.Template, assertAssociatedLabelsFn func(pkger.Summary, []*influxdb.Label, influxdb.ResourceType)) pkger.Summary {
testLabelMappingFn := func(t *testing.T, stackID platform.ID, pkg *pkger.Template, assertAssociatedLabelsFn func(pkger.Summary, []*influxdb.Label, influxdb.ResourceType)) pkger.Summary {
t.Helper()
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID,
@ -742,17 +745,17 @@ func TestLauncher_Pkger(t *testing.T) {
assert.Equal(t, "tele-0", sum.TelegrafConfigs[0].TelegrafConfig.Name)
resources := []struct {
resID influxdb.ID
resID platform.ID
resourceType influxdb.ResourceType
}{
{resID: influxdb.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: platform.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType},
{resID: influxdb.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: platform.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType},
{resID: influxdb.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: influxdb.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: platform.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: platform.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType},
{resID: influxdb.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
{resID: platform.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
}
for _, res := range resources {
mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{
@ -850,17 +853,17 @@ func TestLauncher_Pkger(t *testing.T) {
require.Error(t, err)
resources := []struct {
resID influxdb.ID
resID platform.ID
resourceType influxdb.ResourceType
}{
{resID: influxdb.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: platform.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType},
{resID: influxdb.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: platform.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType},
{resID: influxdb.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: influxdb.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: platform.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: platform.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType},
{resID: influxdb.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
{resID: platform.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
}
for _, res := range resources {
mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{
@ -1356,7 +1359,7 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("apply should handle cases where users have changed platform data", func(t *testing.T) {
initializeStackPkg := func(t *testing.T, pkg *pkger.Template) (influxdb.ID, func(), pkger.Summary) {
initializeStackPkg := func(t *testing.T, pkg *pkger.Template) (platform.ID, func(), pkger.Summary) {
t.Helper()
stack, cleanup := newStackFn(t, pkger.StackCreate{})
@ -1375,7 +1378,7 @@ func TestLauncher_Pkger(t *testing.T) {
return stack.ID, cleanup, impact.Summary
}
testValidRemoval := func(t *testing.T, stackID influxdb.ID) {
testValidRemoval := func(t *testing.T, stackID platform.ID) {
t.Helper()
_, err := svc.Apply(
ctx,
@ -1387,7 +1390,7 @@ func TestLauncher_Pkger(t *testing.T) {
}
t.Run("when a user has deleted a variable that was previously created by a stack", func(t *testing.T) {
testUserDeletedVariable := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedVariable := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newVariableObject("var-1", "", "")
@ -1396,13 +1399,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Variables, 1)
require.NotZero(t, initialSum.Variables[0].ID)
resourceCheck.mustDeleteVariable(t, influxdb.ID(initialSum.Variables[0].ID))
resourceCheck.mustDeleteVariable(t, platform.ID(initialSum.Variables[0].ID))
actionFn(t, stackID, obj, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedVariable(t, func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedVariable(t, func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialVarObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1418,14 +1421,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedVariable(t, func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedVariable(t, func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a bucket that was previously created by a stack", func(t *testing.T) {
testUserDeletedBucket := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedBucket := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newBucketObject("bucket-1", "", "")
@ -1434,13 +1437,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Buckets, 1)
require.NotZero(t, initialSum.Buckets[0].ID)
resourceCheck.mustDeleteBucket(t, influxdb.ID(initialSum.Buckets[0].ID))
resourceCheck.mustDeleteBucket(t, platform.ID(initialSum.Buckets[0].ID))
actionFn(t, stackID, obj, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedBucket(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedBucket(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1456,14 +1459,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedBucket(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedBucket(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a check that was previously created by a stack", func(t *testing.T) {
testUserDeletedCheck := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedCheck := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newCheckDeadmanObject(t, "check-1", "", time.Hour)
@ -1478,7 +1481,7 @@ func TestLauncher_Pkger(t *testing.T) {
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedCheck(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedCheck(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1495,14 +1498,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedCheck(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedCheck(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a dashboard that was previously created by a stack", func(t *testing.T) {
testUserDeletedDashboard := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedDashboard := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newDashObject("dash-1", "", "")
@ -1511,13 +1514,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Dashboards, 1)
require.NotZero(t, initialSum.Dashboards[0].ID)
resourceCheck.mustDeleteDashboard(t, influxdb.ID(initialSum.Dashboards[0].ID))
resourceCheck.mustDeleteDashboard(t, platform.ID(initialSum.Dashboards[0].ID))
actionFn(t, stackID, obj, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedDashboard(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedDashboard(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1533,14 +1536,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedDashboard(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedDashboard(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a label that was previously created by a stack", func(t *testing.T) {
testUserDeletedLabel := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedLabel := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newLabelObject("label-1", "", "", "")
@ -1549,13 +1552,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Labels, 1)
require.NotZero(t, initialSum.Labels[0].ID)
resourceCheck.mustDeleteLabel(t, influxdb.ID(initialSum.Labels[0].ID))
resourceCheck.mustDeleteLabel(t, platform.ID(initialSum.Labels[0].ID))
actionFn(t, stackID, obj, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedLabel(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedLabel(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1571,14 +1574,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedLabel(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedLabel(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a notification endpoint that was previously created by a stack", func(t *testing.T) {
testUserDeletedEndpoint := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedEndpoint := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newEndpointHTTP("endpoint-1", "", "")
@ -1593,7 +1596,7 @@ func TestLauncher_Pkger(t *testing.T) {
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1610,14 +1613,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a notification rule that was previously created by a stack", func(t *testing.T) {
testUserDeletedRule := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObjects []pkger.Object, initialSum pkger.Summary)) {
testUserDeletedRule := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObjects []pkger.Object, initialSum pkger.Summary)) {
t.Helper()
endpointObj := newEndpointHTTP("endpoint-1", "", "")
@ -1629,13 +1632,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.NotZero(t, initialSum.NotificationEndpoints[0].NotificationEndpoint.GetID())
require.Len(t, initialSum.NotificationRules, 1)
require.NotZero(t, initialSum.NotificationRules[0].ID)
resourceCheck.mustDeleteRule(t, influxdb.ID(initialSum.NotificationRules[0].ID))
resourceCheck.mustDeleteRule(t, platform.ID(initialSum.NotificationRules[0].ID))
actionFn(t, stackID, []pkger.Object{ruleObj, endpointObj}, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedRule(t, func(t *testing.T, stackID influxdb.ID, initialObjects []pkger.Object, initialSum pkger.Summary) {
testUserDeletedRule(t, func(t *testing.T, stackID platform.ID, initialObjects []pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObjects...)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1651,14 +1654,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedRule(t, func(t *testing.T, stackID influxdb.ID, _ []pkger.Object, _ pkger.Summary) {
testUserDeletedRule(t, func(t *testing.T, stackID platform.ID, _ []pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a task that was previously created by a stack", func(t *testing.T) {
testUserDeletedTask := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedTask := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newTaskObject("task-1", "", "")
@ -1667,13 +1670,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Tasks, 1)
require.NotZero(t, initialSum.Tasks[0].ID)
resourceCheck.mustDeleteTask(t, influxdb.ID(initialSum.Tasks[0].ID))
resourceCheck.mustDeleteTask(t, platform.ID(initialSum.Tasks[0].ID))
actionFn(t, stackID, obj, initialSum)
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedTask(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedTask(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1689,14 +1692,14 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedTask(t, func(t *testing.T, stackID influxdb.ID, _ pkger.Object, _ pkger.Summary) {
testUserDeletedTask(t, func(t *testing.T, stackID platform.ID, _ pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID)
})
})
})
t.Run("when a user has deleted a telegraf config that was previously created by a stack", func(t *testing.T) {
testUserDeletedTelegraf := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
testUserDeletedTelegraf := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper()
obj := newTelegrafObject("tele-1", "", "")
@ -1711,7 +1714,7 @@ func TestLauncher_Pkger(t *testing.T) {
}
t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err)
@ -1727,7 +1730,7 @@ func TestLauncher_Pkger(t *testing.T) {
})
t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID influxdb.ID, _ pkger.Object, _ pkger.Summary) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID platform.ID, _ pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID)
})
})
@ -1746,7 +1749,7 @@ func TestLauncher_Pkger(t *testing.T) {
vars := impact.Summary.Variables
require.Len(t, vars, 1)
v := resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID)))
v := resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Empty(t, v.Selected)
impact, err = svc.Apply(ctx, l.Org.ID, l.User.ID,
@ -1757,7 +1760,7 @@ func TestLauncher_Pkger(t *testing.T) {
vars = impact.Summary.Variables
require.Len(t, vars, 1)
v = resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID)))
v = resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Equal(t, []string{"selected"}, v.Selected)
})
@ -2250,8 +2253,8 @@ func TestLauncher_Pkger(t *testing.T) {
defer cleanup()
err := l.LabelService(t).DeleteLabelMapping(ctx, &influxdb.LabelMapping{
LabelID: influxdb.ID(initialSummary.Labels[0].ID),
ResourceID: influxdb.ID(initialSummary.Buckets[0].ID),
LabelID: platform.ID(initialSummary.Labels[0].ID),
ResourceID: platform.ID(initialSummary.Buckets[0].ID),
ResourceType: influxdb.BucketsResourceType,
})
require.NoError(t, err)
@ -2278,7 +2281,7 @@ func TestLauncher_Pkger(t *testing.T) {
err := l.LabelService(t).CreateLabelMapping(ctx, &influxdb.LabelMapping{
LabelID: newLabel.ID,
ResourceID: influxdb.ID(initialSummary.Buckets[0].ID),
ResourceID: platform.ID(initialSummary.Buckets[0].ID),
ResourceType: influxdb.BucketsResourceType,
})
require.NoError(t, err)
@ -2987,7 +2990,7 @@ spec:
Query: "buckets() |> filter(fn: (r) => r.name !~ /^_/) |> rename(columns: {name: \"_value\"}) |> keep(columns: [\"_value\"])",
Language: "flux",
}, varArgs.Values)
platformVar := resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID)))
platformVar := resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Equal(t, []string{"rucketeer"}, platformVar.Selected)
newSumMapping := func(id pkger.SafeID, pkgName, name string, rt influxdb.ResourceType) pkger.SummaryLabelMapping {
@ -3301,7 +3304,7 @@ spec:
resToClone := []pkger.ResourceToClone{
{
Kind: pkger.KindBucket,
ID: influxdb.ID(sum1Bkts[0].ID),
ID: platform.ID(sum1Bkts[0].ID),
},
{
Kind: pkger.KindCheck,
@ -3313,11 +3316,11 @@ spec:
},
{
Kind: pkger.KindDashboard,
ID: influxdb.ID(sum1Dashs[0].ID),
ID: platform.ID(sum1Dashs[0].ID),
},
{
Kind: pkger.KindLabel,
ID: influxdb.ID(sum1Labels[0].ID),
ID: platform.ID(sum1Labels[0].ID),
},
{
Kind: pkger.KindNotificationEndpoint,
@ -3325,7 +3328,7 @@ spec:
},
{
Kind: pkger.KindTask,
ID: influxdb.ID(sum1Tasks[0].ID),
ID: platform.ID(sum1Tasks[0].ID),
},
{
Kind: pkger.KindTelegraf,
@ -3337,12 +3340,12 @@ spec:
{
Kind: pkger.KindNotificationRule,
Name: "new rule name",
ID: influxdb.ID(sum1Rules[0].ID),
ID: platform.ID(sum1Rules[0].ID),
},
{
Kind: pkger.KindVariable,
Name: "new name",
ID: influxdb.ID(sum1Vars[0].ID),
ID: platform.ID(sum1Vars[0].ID),
},
}
@ -3450,7 +3453,7 @@ spec:
_, err = svc.Apply(ctx, l.Org.ID, 0, pkger.ApplyWithTemplate(updatePkg))
require.Error(t, err)
bkt, err := l.BucketService(t).FindBucketByID(ctx, influxdb.ID(sum1Bkts[0].ID))
bkt, err := l.BucketService(t).FindBucketByID(ctx, platform.ID(sum1Bkts[0].ID))
require.NoError(t, err)
// make sure the desc change is not applied and is rolled back to prev desc
assert.Equal(t, sum1Bkts[0].Description, bkt.Description)
@ -3465,7 +3468,7 @@ spec:
// direct comparison very annoying...
assert.Equal(t, sum1Checks[0].Check.(*check.Threshold).Query.Text, deadman.Query.Text)
label, err := l.LabelService(t).FindLabelByID(ctx, influxdb.ID(sum1Labels[0].ID))
label, err := l.LabelService(t).FindLabelByID(ctx, platform.ID(sum1Labels[0].ID))
require.NoError(t, err)
assert.Equal(t, sum1Labels[0].Properties.Description, label.Properties["description"])
@ -3473,7 +3476,7 @@ spec:
require.NoError(t, err)
assert.Equal(t, sum1Endpoints[0].NotificationEndpoint.GetDescription(), endpoint.GetDescription())
v, err := l.VariableService(t).FindVariableByID(ctx, influxdb.ID(sum1Vars[0].ID))
v, err := l.VariableService(t).FindVariableByID(ctx, platform.ID(sum1Vars[0].ID))
require.NoError(t, err)
assert.Equal(t, sum1Vars[0].Description, v.Description)
})
@ -3569,7 +3572,7 @@ spec:
require.NotZero(t, impact.Summary.Buckets[0].ID)
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{impact.StackID},
StackIDs: []platform.ID{impact.StackID},
})
require.NoError(t, err)
@ -3577,7 +3580,7 @@ spec:
ev := stacks[0].LatestEvent()
require.Len(t, ev.Resources, 1)
assert.Equal(t, ev.Resources[0].MetaName, "room")
assert.Equal(t, influxdb.ID(impact.Summary.Buckets[0].ID), ev.Resources[0].ID)
assert.Equal(t, platform.ID(impact.Summary.Buckets[0].ID), ev.Resources[0].ID)
})
t.Run("apply a template with env refs", func(t *testing.T) {
@ -4579,7 +4582,7 @@ func (f *fakeBucketSVC) CreateBucket(ctx context.Context, b *influxdb.Bucket) er
return f.BucketService.CreateBucket(ctx, b)
}
func (f *fakeBucketSVC) UpdateBucket(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
func (f *fakeBucketSVC) UpdateBucket(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
defer f.updateCallCount.IncrFn()()
if f.updateCallCount.Count() == f.updateKillCount {
return nil, errors.New("reached kill count")
@ -4618,7 +4621,7 @@ type fakeRuleStore struct {
createKillCount int
}
func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID influxdb.ID) error {
func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID platform.ID) error {
defer f.createCallCount.IncrFn()()
if f.createCallCount.Count() == f.createKillCount {
return errors.New("reached kill count")
@ -4629,7 +4632,7 @@ func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.
func assertErrorCode(t *testing.T, expected string, err error) {
t.Helper()
assert.Error(t, err)
assert.Equal(t, expected, influxdb.ErrorCode(err))
assert.Equal(t, expected, errors2.ErrorCode(err))
}
type resourceChecker struct {
@ -4642,14 +4645,14 @@ func newResourceChecker(tl *TestLauncher) resourceChecker {
type (
getResourceOpt struct {
id influxdb.ID
id platform.ID
name string
}
getResourceOptFn func() getResourceOpt
)
func byID(id influxdb.ID) getResourceOptFn {
func byID(id platform.ID) getResourceOptFn {
return func() getResourceOpt {
return getResourceOpt{id: id}
}
@ -4663,7 +4666,7 @@ func byName(name string) getResourceOptFn {
func bySafeID(id pkger.SafeID) getResourceOptFn {
return func() getResourceOpt {
return getResourceOpt{id: influxdb.ID(id)}
return getResourceOpt{id: platform.ID(id)}
}
}
@ -4699,7 +4702,7 @@ func (r resourceChecker) mustGetBucket(t *testing.T, getOpt getResourceOptFn) in
return bkt
}
func (r resourceChecker) mustDeleteBucket(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteBucket(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.BucketService(t).DeleteBucket(ctx, id))
}
@ -4736,7 +4739,7 @@ func (r resourceChecker) mustGetCheck(t *testing.T, getOpt getResourceOptFn) inf
return c
}
func (r resourceChecker) mustDeleteCheck(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteCheck(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.CheckService().DeleteCheck(ctx, id))
@ -4787,7 +4790,7 @@ func (r resourceChecker) mustGetDashboard(t *testing.T, getOpt getResourceOptFn)
return dash
}
func (r resourceChecker) mustDeleteDashboard(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteDashboard(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.DashboardService(t).DeleteDashboard(ctx, id))
@ -4835,7 +4838,7 @@ func (r resourceChecker) mustGetEndpoint(t *testing.T, getOpt getResourceOptFn)
return e
}
func (r resourceChecker) mustDeleteEndpoint(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteEndpoint(t *testing.T, id platform.ID) {
t.Helper()
_, _, err := r.tl.NotificationEndpointService(t).DeleteNotificationEndpoint(ctx, id)
@ -4888,7 +4891,7 @@ func (r resourceChecker) mustGetLabel(t *testing.T, getOpt getResourceOptFn) inf
return l
}
func (r resourceChecker) mustDeleteLabel(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteLabel(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.LabelService(t).DeleteLabel(ctx, id))
}
@ -4935,7 +4938,7 @@ func (r resourceChecker) mustGetRule(t *testing.T, getOpt getResourceOptFn) infl
return rule
}
func (r resourceChecker) mustDeleteRule(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteRule(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.NotificationRuleService(t).DeleteNotificationRule(ctx, id))
@ -4985,7 +4988,7 @@ func (r resourceChecker) mustGetTask(t *testing.T, getOpt getResourceOptFn) infl
return task
}
func (r resourceChecker) mustDeleteTask(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteTask(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.TaskService(t).DeleteTask(ctx, id))
@ -5031,7 +5034,7 @@ func (r resourceChecker) mustGetTelegrafConfig(t *testing.T, getOpt getResourceO
return tele
}
func (r resourceChecker) mustDeleteTelegrafConfig(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteTelegrafConfig(t *testing.T, id platform.ID) {
t.Helper()
require.NoError(t, r.tl.TelegrafService(t).DeleteTelegrafConfig(ctx, id))
@ -5083,7 +5086,7 @@ func (r resourceChecker) mustGetVariable(t *testing.T, getOpt getResourceOptFn)
return l
}
func (r resourceChecker) mustDeleteVariable(t *testing.T, id influxdb.ID) {
func (r resourceChecker) mustDeleteVariable(t *testing.T, id platform.ID) {
t.Helper()
err := r.tl.VariableService(t).DeleteVariable(ctx, id)

5
cmd/influxd/launcher/print_config_test.go
View File

@ -4,7 +4,8 @@ import (
"bytes"
"testing"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/cli"
"github.com/stretchr/testify/require"
"go.uber.org/zap/zapcore"
@ -19,7 +20,7 @@ var floatVar = 987.654
var sliceVar = []string{"hello", "world"}
var mapVar = map[string]string{"foo": "bar", "baz": "qux"}
var levelVar = zapcore.InfoLevel
var idVar, _ = influxdb.IDFromString("020f755c3c082000")
var idVar, _ = platform.IDFromString("020f755c3c082000")
var opts = []cli.Opt{
{

3
cmd/influxd/launcher/query_test.go
View File

@ -5,6 +5,7 @@ import (
"context"
"errors"
"fmt"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"html/template"
"io"
"io/ioutil"
@ -590,7 +591,7 @@ from(bucket: "%s")
}
if err := l.QueryAndNopConsume(ctx, req); err == nil {
t.Error("expected error")
} else if got, want := influxdb.ErrorCode(err), influxdb.EUnauthorized; got != want {
} else if got, want := errors2.ErrorCode(err), errors2.EUnauthorized; got != want {
t.Errorf("unexpected error code -want/+got:\n\t- %v\n\t+ %v", got, want)
}
}

8
cmd/influxd/upgrade/database.go
View File

@ -8,6 +8,8 @@ import (
"path/filepath"
"strings"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/dustin/go-humanize"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal"
@ -18,10 +20,10 @@ import (
)
// upgradeDatabases creates databases, buckets, retention policies and shard info according to 1.x meta and copies data
func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *influxDBv2, opts *options, orgID influxdb.ID, log *zap.Logger) (map[string][]influxdb.ID, error) {
func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *influxDBv2, opts *options, orgID platform.ID, log *zap.Logger) (map[string][]platform.ID, error) {
v1opts := opts.source
v2opts := opts.target
db2BucketIds := make(map[string][]influxdb.ID)
db2BucketIds := make(map[string][]platform.ID)
targetDataPath := filepath.Join(v2opts.enginePath, "data")
targetWalPath := filepath.Join(v2opts.enginePath, "wal")
@ -61,7 +63,7 @@ func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *inf
log.Debug("Upgrading database", zap.String("database", db.Name))
// db to buckets IDs mapping
db2BucketIds[db.Name] = make([]influxdb.ID, 0, len(db.RetentionPolicies))
db2BucketIds[db.Name] = make([]platform.ID, 0, len(db.RetentionPolicies))
for _, rp := range db.RetentionPolicies {
sourcePath := filepath.Join(v1opts.dataDir, db.Name, rp.Name)

Some files were not shown because too many files have changed in this diff Show More