Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: automated move of errors and id from root to kit (#21101) 

Co-authored-by: Sam Arnold <sarnold@influxdata.com>
pull/21098/head
Daniel Moran 2021-03-30 14:10:02 -04:00 committed by GitHub
parent a8183d8cf1
commit 00afd95cb7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
555 changed files with 7962 additions and 6914 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
auth.go
View File

@ -3,25 +3,28 @@ package influxdb
import ( import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
) )
// AuthorizationKind is returned by (*Authorization).Kind(). // AuthorizationKind is returned by (*Authorization).Kind().
const AuthorizationKind = "authorization" const AuthorizationKind = "authorization"
// ErrUnableToCreateToken sanitized error message for all errors when a user cannot create a token // ErrUnableToCreateToken sanitized error message for all errors when a user cannot create a token
var ErrUnableToCreateToken = &Error{ var ErrUnableToCreateToken = &errors.Error{
Msg: "unable to create token", Msg: "unable to create token",
Code: EInvalid, Code: errors.EInvalid,
} }
// Authorization is an authorization. 🎉 // Authorization is an authorization. 🎉
type Authorization struct { type Authorization struct {
ID ID `json:"id"` ID platform.ID `json:"id"`
Token string `json:"token"` Token string `json:"token"`
Status Status `json:"status"` Status Status `json:"status"`
Description string `json:"description"` Description string `json:"description"`
OrgID ID `json:"orgID"` OrgID platform.ID `json:"orgID"`
UserID ID `json:"userID,omitempty"` UserID platform.ID `json:"userID,omitempty"`
Permissions []Permission `json:"permissions"` Permissions []Permission `json:"permissions"`
CRUDLog CRUDLog
} }
@ -36,9 +39,9 @@ type AuthorizationUpdate struct {
func (a *Authorization) Valid() error { func (a *Authorization) Valid() error {
for _, p := range a.Permissions { for _, p := range a.Permissions {
if p.Resource.OrgID != nil && *p.Resource.OrgID != a.OrgID { if p.Resource.OrgID != nil && *p.Resource.OrgID != a.OrgID {
return &Error{ return &errors.Error{
Msg: fmt.Sprintf("permission %s is not for org id %s", p, a.OrgID), Msg: fmt.Sprintf("permission %s is not for org id %s", p, a.OrgID),
Code: EInvalid, Code: errors.EInvalid,
} }
} }
} }
@ -49,8 +52,8 @@ func (a *Authorization) Valid() error {
// PermissionSet returns the set of permissions associated with the Authorization. // PermissionSet returns the set of permissions associated with the Authorization.
func (a *Authorization) PermissionSet() (PermissionSet, error) { func (a *Authorization) PermissionSet() (PermissionSet, error) {
if !a.IsActive() { if !a.IsActive() {
return nil, &Error{ return nil, &errors.Error{
Code: EUnauthorized, Code: errors.EUnauthorized,
Msg: "token is inactive", Msg: "token is inactive",
} }
} }
@ -69,7 +72,7 @@ func (a *Authorization) IsActive() bool {
} }
// GetUserID returns the user id. // GetUserID returns the user id.
func (a *Authorization) GetUserID() ID { func (a *Authorization) GetUserID() platform.ID {
return a.UserID return a.UserID
} }
@ -77,7 +80,7 @@ func (a *Authorization) GetUserID() ID {
func (a *Authorization) Kind() string { return AuthorizationKind } func (a *Authorization) Kind() string { return AuthorizationKind }
// Identifier returns the authorizations ID and is used for auditing. // Identifier returns the authorizations ID and is used for auditing.
func (a *Authorization) Identifier() ID { return a.ID } func (a *Authorization) Identifier() platform.ID { return a.ID }
// auth service op // auth service op
const ( const (
@ -92,7 +95,7 @@ const (
// AuthorizationService represents a service for managing authorization data. // AuthorizationService represents a service for managing authorization data.
type AuthorizationService interface { type AuthorizationService interface {
// Returns a single authorization by ID. // Returns a single authorization by ID.
FindAuthorizationByID(ctx context.Context, id ID) (*Authorization, error) FindAuthorizationByID(ctx context.Context, id platform.ID) (*Authorization, error)
// Returns a single authorization by Token. // Returns a single authorization by Token.
FindAuthorizationByToken(ctx context.Context, t string) (*Authorization, error) FindAuthorizationByToken(ctx context.Context, t string) (*Authorization, error)
@ -105,20 +108,20 @@ type AuthorizationService interface {
CreateAuthorization(ctx context.Context, a *Authorization) error CreateAuthorization(ctx context.Context, a *Authorization) error
// UpdateAuthorization updates the status and description if available. // UpdateAuthorization updates the status and description if available.
UpdateAuthorization(ctx context.Context, id ID, upd *AuthorizationUpdate) (*Authorization, error) UpdateAuthorization(ctx context.Context, id platform.ID, upd *AuthorizationUpdate) (*Authorization, error)
// Removes a authorization by token. // Removes a authorization by token.
DeleteAuthorization(ctx context.Context, id ID) error DeleteAuthorization(ctx context.Context, id platform.ID) error
} }
// AuthorizationFilter represents a set of filter that restrict the returned results. // AuthorizationFilter represents a set of filter that restrict the returned results.
type AuthorizationFilter struct { type AuthorizationFilter struct {
Token *string Token *string
ID *ID ID *platform.ID
UserID *ID UserID *platform.ID
User *string User *string
OrgID *ID OrgID *platform.ID
Org *string Org *string
} }

40
authorization/error.go
View File

@ -3,64 +3,64 @@ package authorization
import ( import (
"fmt" "fmt"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform/errors"
) )
var ( var (
// ErrInvalidAuthID is used when the Authorization's ID cannot be encoded // ErrInvalidAuthID is used when the Authorization's ID cannot be encoded
ErrInvalidAuthID = &influxdb.Error{ ErrInvalidAuthID = &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "authorization ID is invalid", Msg: "authorization ID is invalid",
} }
// ErrAuthNotFound is used when the specified auth cannot be found // ErrAuthNotFound is used when the specified auth cannot be found
ErrAuthNotFound = &influxdb.Error{ ErrAuthNotFound = &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "authorization not found", Msg: "authorization not found",
} }
// NotUniqueIDError occurs when attempting to create an Authorization with an ID that already belongs to another one // NotUniqueIDError occurs when attempting to create an Authorization with an ID that already belongs to another one
NotUniqueIDError = &influxdb.Error{ NotUniqueIDError = &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "ID already exists", Msg: "ID already exists",
} }
// ErrFailureGeneratingID occurs ony when the random number generator // ErrFailureGeneratingID occurs ony when the random number generator
// cannot generate an ID in MaxIDGenerationN times. // cannot generate an ID in MaxIDGenerationN times.
ErrFailureGeneratingID = &influxdb.Error{ ErrFailureGeneratingID = &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Msg: "unable to generate valid id", Msg: "unable to generate valid id",
} }
// ErrTokenAlreadyExistsError is used when attempting to create an authorization // ErrTokenAlreadyExistsError is used when attempting to create an authorization
// with a token that already exists // with a token that already exists
ErrTokenAlreadyExistsError = &influxdb.Error{ ErrTokenAlreadyExistsError = &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "token already exists", Msg: "token already exists",
} }
) )
// ErrInvalidAuthIDError is used when a service was provided an invalid ID. // ErrInvalidAuthIDError is used when a service was provided an invalid ID.
func ErrInvalidAuthIDError(err error) *influxdb.Error { func ErrInvalidAuthIDError(err error) *errors.Error {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "auth id provided is invalid", Msg: "auth id provided is invalid",
Err: err, Err: err,
} }
} }
// ErrInternalServiceError is used when the error comes from an internal system. // ErrInternalServiceError is used when the error comes from an internal system.
func ErrInternalServiceError(err error) *influxdb.Error { func ErrInternalServiceError(err error) *errors.Error {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Err: err, Err: err,
} }
} }
// UnexpectedAuthIndexError is used when the error comes from an internal system. // UnexpectedAuthIndexError is used when the error comes from an internal system.
func UnexpectedAuthIndexError(err error) *influxdb.Error { func UnexpectedAuthIndexError(err error) *errors.Error {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Msg: fmt.Sprintf("unexpected error retrieving auth index; Err: %v", err), Msg: fmt.Sprintf("unexpected error retrieving auth index; Err: %v", err),
} }
} }

8
authorization/http_client.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"errors" "errors"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/pkg/httpc" "github.com/influxdata/influxdb/v2/pkg/httpc"
) )
@ -72,7 +74,7 @@ func (s *AuthorizationClientService) FindAuthorizationByToken(ctx context.Contex
} }
// FindAuthorizationByID finds a single Authorization by its ID against a remote influx server. // FindAuthorizationByID finds a single Authorization by its ID against a remote influx server.
func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
var b influxdb.Authorization var b influxdb.Authorization
err := s.Client. err := s.Client.
Get(prefixAuthorization, id.String()). Get(prefixAuthorization, id.String()).
@ -85,7 +87,7 @@ func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context,
} }
// UpdateAuthorization updates the status and description if available. // UpdateAuthorization updates the status and description if available.
func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
var res authResponse var res authResponse
err := s.Client. err := s.Client.
PatchJSON(upd, prefixAuthorization, id.String()). PatchJSON(upd, prefixAuthorization, id.String()).
@ -99,7 +101,7 @@ func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id
} }
// DeleteAuthorization removes a authorization by id. // DeleteAuthorization removes a authorization by id.
func (s *AuthorizationClientService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error { func (s *AuthorizationClientService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
return s.Client. return s.Client.
Delete(prefixAuthorization, id.String()). Delete(prefixAuthorization, id.String()).
Do(ctx) Do(ctx)

59
authorization/http_server.go
View File

@ -7,6 +7,9 @@ import (
"net/http" "net/http"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/go-chi/chi" "github.com/go-chi/chi"
"github.com/go-chi/chi/middleware" "github.com/go-chi/chi/middleware"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
@ -17,11 +20,11 @@ import (
// TenantService is used to look up the Organization and User for an Authorization // TenantService is used to look up the Organization and User for an Authorization
type TenantService interface { type TenantService interface {
FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error)
FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)
FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error)
FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error) FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error)
FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error)
} }
type AuthHandler struct { type AuthHandler struct {
@ -126,20 +129,20 @@ func getAuthorizedUser(r *http.Request, ts TenantService) (*influxdb.User, error
type postAuthorizationRequest struct { type postAuthorizationRequest struct {
Status influxdb.Status `json:"status"` Status influxdb.Status `json:"status"`
OrgID influxdb.ID `json:"orgID"` OrgID platform.ID `json:"orgID"`
UserID *influxdb.ID `json:"userID,omitempty"` UserID *platform.ID `json:"userID,omitempty"`
Description string `json:"description"` Description string `json:"description"`
Permissions []influxdb.Permission `json:"permissions"` Permissions []influxdb.Permission `json:"permissions"`
} }
type authResponse struct { type authResponse struct {
ID influxdb.ID `json:"id"` ID platform.ID `json:"id"`
Token string `json:"token"` Token string `json:"token"`
Status influxdb.Status `json:"status"` Status influxdb.Status `json:"status"`
Description string `json:"description"` Description string `json:"description"`
OrgID influxdb.ID `json:"orgID"` OrgID platform.ID `json:"orgID"`
Org string `json:"org"` Org string `json:"org"`
UserID influxdb.ID `json:"userID"` UserID platform.ID `json:"userID"`
User string `json:"user"` User string `json:"user"`
Permissions []permissionResponse `json:"permissions"` Permissions []permissionResponse `json:"permissions"`
Links map[string]string `json:"links"` Links map[string]string `json:"links"`
@ -181,7 +184,7 @@ func (h *AuthHandler) newAuthResponse(ctx context.Context, a *influxdb.Authoriza
return res, nil return res, nil
} }
func (p *postAuthorizationRequest) toInfluxdb(userID influxdb.ID) *influxdb.Authorization { func (p *postAuthorizationRequest) toInfluxdb(userID platform.ID) *influxdb.Authorization {
return &influxdb.Authorization{ return &influxdb.Authorization{
OrgID: p.OrgID, OrgID: p.OrgID,
Status: p.Status, Status: p.Status,
@ -250,24 +253,24 @@ func (p *postAuthorizationRequest) SetDefaults() {
func (p *postAuthorizationRequest) Validate() error { func (p *postAuthorizationRequest) Validate() error {
if len(p.Permissions) == 0 { if len(p.Permissions) == 0 {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "authorization must include permissions", Msg: "authorization must include permissions",
} }
} }
for _, perm := range p.Permissions { for _, perm := range p.Permissions {
if err := perm.Valid(); err != nil { if err := perm.Valid(); err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
} }
} }
} }
if !p.OrgID.Valid() { if !p.OrgID.Valid() {
return &influxdb.Error{ return &errors.Error{
Err: influxdb.ErrInvalidID, Err: platform.ErrInvalidID,
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "org id required", Msg: "org id required",
} }
} }
@ -307,7 +310,7 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
if p.Resource.ID != nil { if p.Resource.ID != nil {
name, err := h.getNameForResource(ctx, p.Resource.Type, *p.Resource.ID) name, err := h.getNameForResource(ctx, p.Resource.Type, *p.Resource.ID)
if influxdb.ErrorCode(err) == influxdb.ENotFound { if errors.ErrorCode(err) == errors.ENotFound {
continue continue
} }
if err != nil { if err != nil {
@ -318,7 +321,7 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
if p.Resource.OrgID != nil { if p.Resource.OrgID != nil {
name, err := h.getNameForResource(ctx, influxdb.OrgsResourceType, *p.Resource.OrgID) name, err := h.getNameForResource(ctx, influxdb.OrgsResourceType, *p.Resource.OrgID)
if influxdb.ErrorCode(err) == influxdb.ENotFound { if errors.ErrorCode(err) == errors.ENotFound {
continue continue
} }
if err != nil { if err != nil {
@ -330,13 +333,13 @@ func (h *AuthHandler) newPermissionsResponse(ctx context.Context, ps []influxdb.
return res, nil return res, nil
} }
func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.ResourceType, id influxdb.ID) (string, error) { func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.ResourceType, id platform.ID) (string, error) {
if err := resource.Valid(); err != nil { if err := resource.Valid(); err != nil {
return "", err return "", err
} }
if ok := id.Valid(); !ok { if ok := id.Valid(); !ok {
return "", influxdb.ErrInvalidID return "", platform.ErrInvalidID
} }
switch resource { switch resource {
@ -366,8 +369,8 @@ func (h *AuthHandler) getNameForResource(ctx context.Context, resource influxdb.
func decodePostAuthorizationRequest(ctx context.Context, r *http.Request) (*postAuthorizationRequest, error) { func decodePostAuthorizationRequest(ctx context.Context, r *http.Request) (*postAuthorizationRequest, error) {
a := &postAuthorizationRequest{} a := &postAuthorizationRequest{}
if err := json.NewDecoder(r.Body).Decode(a); err != nil { if err := json.NewDecoder(r.Body).Decode(a); err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "invalid json structure", Msg: "invalid json structure",
Err: err, Err: err,
} }
@ -448,7 +451,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
userID := qp.Get("userID") userID := qp.Get("userID")
if userID != "" { if userID != "" {
id, err := influxdb.IDFromString(userID) id, err := platform.IDFromString(userID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -462,7 +465,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
orgID := qp.Get("orgID") orgID := qp.Get("orgID")
if orgID != "" { if orgID != "" {
id, err := influxdb.IDFromString(orgID) id, err := platform.IDFromString(orgID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -476,7 +479,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
authID := qp.Get("id") authID := qp.Get("id")
if authID != "" { if authID != "" {
id, err := influxdb.IDFromString(authID) id, err := platform.IDFromString(authID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -489,7 +492,7 @@ func decodeGetAuthorizationsRequest(ctx context.Context, r *http.Request) (*getA
func (h *AuthHandler) handleGetAuthorization(w http.ResponseWriter, r *http.Request) { func (h *AuthHandler) handleGetAuthorization(w http.ResponseWriter, r *http.Request) {
ctx := r.Context() ctx := r.Context()
id, err := influxdb.IDFromString(chi.URLParam(r, "id")) id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil { if err != nil {
h.log.Info("Failed to decode request", zap.String("handler", "getAuthorization"), zap.Error(err)) h.log.Info("Failed to decode request", zap.String("handler", "getAuthorization"), zap.Error(err))
h.api.Err(w, r, err) h.api.Err(w, r, err)
@ -559,12 +562,12 @@ func (h *AuthHandler) handleUpdateAuthorization(w http.ResponseWriter, r *http.R
} }
type updateAuthorizationRequest struct { type updateAuthorizationRequest struct {
ID influxdb.ID ID platform.ID
*influxdb.AuthorizationUpdate *influxdb.AuthorizationUpdate
} }
func decodeUpdateAuthorizationRequest(ctx context.Context, r *http.Request) (*updateAuthorizationRequest, error) { func decodeUpdateAuthorizationRequest(ctx context.Context, r *http.Request) (*updateAuthorizationRequest, error) {
id, err := influxdb.IDFromString(chi.URLParam(r, "id")) id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -582,7 +585,7 @@ func decodeUpdateAuthorizationRequest(ctx context.Context, r *http.Request) (*up
// handleDeleteAuthorization is the HTTP handler for the DELETE /api/v2/authorizations/:id route. // handleDeleteAuthorization is the HTTP handler for the DELETE /api/v2/authorizations/:id route.
func (h *AuthHandler) handleDeleteAuthorization(w http.ResponseWriter, r *http.Request) { func (h *AuthHandler) handleDeleteAuthorization(w http.ResponseWriter, r *http.Request) {
id, err := influxdb.IDFromString(chi.URLParam(r, "id")) id, err := platform.IDFromString(chi.URLParam(r, "id"))
if err != nil { if err != nil {
h.log.Info("Failed to decode request", zap.String("handler", "deleteAuthorization"), zap.Error(err)) h.log.Info("Failed to decode request", zap.String("handler", "deleteAuthorization"), zap.Error(err))
h.api.Err(w, r, err) h.api.Err(w, r, err)

49
authorization/http_server_test.go
View File

@ -11,6 +11,9 @@ import (
"sort" "sort"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/go-chi/chi" "github.com/go-chi/chi"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts" "github.com/google/go-cmp/cmp/cmpopts"
@ -68,19 +71,19 @@ func TestService_handlePostAuthorization(t *testing.T) {
}, },
}, },
TenantService: &tenantService{ TenantService: &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
Name: "u1", Name: "u1",
}, nil }, nil
}, },
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
Name: "o1", Name: "o1",
}, nil }, nil
}, },
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: id, ID: id,
Name: "b1", Name: "b1",
@ -246,7 +249,7 @@ func TestService_handleGetAuthorization(t *testing.T) {
name: "get a authorization by id", name: "get a authorization by id",
fields: fields{ fields: fields{
AuthorizationService: &mock.AuthorizationService{ AuthorizationService: &mock.AuthorizationService{
FindAuthorizationByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { FindAuthorizationByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
if id == itesting.MustIDBase16("020f755c3c082000") { if id == itesting.MustIDBase16("020f755c3c082000") {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: itesting.MustIDBase16("020f755c3c082000"), ID: itesting.MustIDBase16("020f755c3c082000"),
@ -258,7 +261,7 @@ func TestService_handleGetAuthorization(t *testing.T) {
Resource: influxdb.Resource{ Resource: influxdb.Resource{
Type: influxdb.BucketsResourceType, Type: influxdb.BucketsResourceType,
OrgID: itesting.IDPtr(itesting.MustIDBase16("020f755c3c083000")), OrgID: itesting.IDPtr(itesting.MustIDBase16("020f755c3c083000")),
ID: func() *influxdb.ID { ID: func() *platform.ID {
id := itesting.MustIDBase16("020f755c3c084000") id := itesting.MustIDBase16("020f755c3c084000")
return &id return &id
}(), }(),
@ -273,19 +276,19 @@ func TestService_handleGetAuthorization(t *testing.T) {
}, },
}, },
TenantService: &tenantService{ TenantService: &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
Name: "u1", Name: "u1",
}, nil }, nil
}, },
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
Name: "o1", Name: "o1",
}, nil }, nil
}, },
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: id, ID: id,
Name: "b1", Name: "b1",
@ -335,9 +338,9 @@ func TestService_handleGetAuthorization(t *testing.T) {
name: "not found", name: "not found",
fields: fields{ fields: fields{
AuthorizationService: &mock.AuthorizationService{ AuthorizationService: &mock.AuthorizationService{
FindAuthorizationByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { FindAuthorizationByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "authorization not found", Msg: "authorization not found",
} }
}, },
@ -439,14 +442,14 @@ func TestService_handleGetAuthorizations(t *testing.T) {
}, },
}, },
&tenantService{ &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
}, nil }, nil
}, },
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
@ -531,16 +534,16 @@ func TestService_handleGetAuthorizations(t *testing.T) {
}, },
}, },
&tenantService{ &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
if id.String() == "2070616e656d2076" { if id.String() == "2070616e656d2076" {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
}, nil }, nil
} }
return nil, &influxdb.Error{} return nil, &errors.Error{}
}, },
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
@ -607,20 +610,20 @@ func TestService_handleGetAuthorizations(t *testing.T) {
}, },
}, },
&tenantService{ &tenantService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
}, nil }, nil
}, },
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
if id.String() == "3070616e656d2076" { if id.String() == "3070616e656d2076" {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
Name: id.String(), Name: id.String(),
}, nil }, nil
} }
return nil, &influxdb.Error{} return nil, &errors.Error{}
}, },
}, },
}, },
@ -759,7 +762,7 @@ func TestService_handleDeleteAuthorization(t *testing.T) {
name: "remove a authorization by id", name: "remove a authorization by id",
fields: fields{ fields: fields{
&mock.AuthorizationService{ &mock.AuthorizationService{
DeleteAuthorizationFn: func(ctx context.Context, id influxdb.ID) error { DeleteAuthorizationFn: func(ctx context.Context, id platform.ID) error {
if id == itesting.MustIDBase16("020f755c3c082000") { if id == itesting.MustIDBase16("020f755c3c082000") {
return nil return nil
} }
@ -780,9 +783,9 @@ func TestService_handleDeleteAuthorization(t *testing.T) {
name: "authorization not found", name: "authorization not found",
fields: fields{ fields: fields{
&mock.AuthorizationService{ &mock.AuthorizationService{
DeleteAuthorizationFn: func(ctx context.Context, id influxdb.ID) error { DeleteAuthorizationFn: func(ctx context.Context, id platform.ID) error {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "authorization not found", Msg: "authorization not found",
} }
}, },

13
authorization/middleware_auth.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/authorizer" "github.com/influxdata/influxdb/v2/authorizer"
) )
@ -50,7 +53,7 @@ func (s *AuthedAuthorizationService) FindAuthorizationByToken(ctx context.Contex
return a, nil return a, nil
} }
func (s *AuthedAuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { func (s *AuthedAuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -74,7 +77,7 @@ func (s *AuthedAuthorizationService) FindAuthorizations(ctx context.Context, fil
return authorizer.AuthorizeFindAuthorizations(ctx, as) return authorizer.AuthorizeFindAuthorizations(ctx, as)
} }
func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -88,7 +91,7 @@ func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id
return s.s.UpdateAuthorization(ctx, id, upd) return s.s.UpdateAuthorization(ctx, id, upd)
} }
func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error { func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return err return err
@ -106,10 +109,10 @@ func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id
func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error { func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error {
for _, p := range ps { for _, p := range ps {
if err := authorizer.IsAllowed(ctx, p); err != nil { if err := authorizer.IsAllowed(ctx, p); err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
Msg: fmt.Sprintf("permission %s is not allowed", p), Msg: fmt.Sprintf("permission %s is not allowed", p),
Code: influxdb.EForbidden, Code: errors.EForbidden,
} }
} }
} }

40
authorization/middleware_auth_test.go
View File

@ -3,6 +3,8 @@ package authorization_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -97,9 +99,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized", Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
authorizations: []*influxdb.Authorization{}, authorizations: []*influxdb.Authorization{},
}, },
@ -125,9 +127,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized", Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
authorizations: []*influxdb.Authorization{}, authorizations: []*influxdb.Authorization{},
}, },
@ -137,7 +139,7 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -252,9 +254,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized", Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -279,9 +281,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -290,7 +292,7 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -300,10 +302,10 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error { m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil return nil
} }
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error { m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil return nil
} }
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil return nil, nil
} }
// set up tenant service // set up tenant service
@ -391,9 +393,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations is unauthorized", Msg: "write:orgs/0000000000000001/authorizations is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -418,9 +420,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -429,7 +431,7 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -439,10 +441,10 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error { m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil return nil
} }
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error { m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil return nil
} }
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil return nil, nil
} }
// set up tenant service // set up tenant service

8
authorization/middleware_logging.go
View File

@ -5,6 +5,8 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -36,7 +38,7 @@ func (l *AuthLogger) CreateAuthorization(ctx context.Context, a *influxdb.Author
return l.authService.CreateAuthorization(ctx, a) return l.authService.CreateAuthorization(ctx, a)
} }
func (l *AuthLogger) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (a *influxdb.Authorization, err error) { func (l *AuthLogger) FindAuthorizationByID(ctx context.Context, id platform.ID) (a *influxdb.Authorization, err error) {
defer func(start time.Time) { defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start)) dur := zap.Duration("took", time.Since(start))
if err != nil { if err != nil {
@ -74,7 +76,7 @@ func (l *AuthLogger) FindAuthorizations(ctx context.Context, filter influxdb.Aut
return l.authService.FindAuthorizations(ctx, filter) return l.authService.FindAuthorizations(ctx, filter)
} }
func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (a *influxdb.Authorization, err error) { func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (a *influxdb.Authorization, err error) {
defer func(start time.Time) { defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start)) dur := zap.Duration("took", time.Since(start))
if err != nil { if err != nil {
@ -86,7 +88,7 @@ func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id influxdb.ID, up
return l.authService.UpdateAuthorization(ctx, id, upd) return l.authService.UpdateAuthorization(ctx, id, upd)
} }
func (l *AuthLogger) DeleteAuthorization(ctx context.Context, id influxdb.ID) (err error) { func (l *AuthLogger) DeleteAuthorization(ctx context.Context, id platform.ID) (err error) {
defer func(start time.Time) { defer func(start time.Time) {
dur := zap.Duration("took", time.Since(start)) dur := zap.Duration("took", time.Since(start))
if err != nil { if err != nil {

8
authorization/middleware_metrics.go
View File

@ -3,6 +3,8 @@ package authorization
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/metric" "github.com/influxdata/influxdb/v2/kit/metric"
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
@ -31,7 +33,7 @@ func (m *AuthMetrics) CreateAuthorization(ctx context.Context, a *influxdb.Autho
return rec(err) return rec(err)
} }
func (m *AuthMetrics) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { func (m *AuthMetrics) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
rec := m.rec.Record("find_authorization_by_id") rec := m.rec.Record("find_authorization_by_id")
a, err := m.authService.FindAuthorizationByID(ctx, id) a, err := m.authService.FindAuthorizationByID(ctx, id)
return a, rec(err) return a, rec(err)
@ -47,13 +49,13 @@ func (m *AuthMetrics) FindAuthorizations(ctx context.Context, filter influxdb.Au
return a, n, rec(err) return a, n, rec(err)
} }
func (m *AuthMetrics) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { func (m *AuthMetrics) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
rec := m.rec.Record("update_authorization") rec := m.rec.Record("update_authorization")
a, err := m.authService.UpdateAuthorization(ctx, id, upd) a, err := m.authService.UpdateAuthorization(ctx, id, upd)
return a, rec(err) return a, rec(err)
} }
func (m *AuthMetrics) DeleteAuthorization(ctx context.Context, id influxdb.ID) error { func (m *AuthMetrics) DeleteAuthorization(ctx context.Context, id platform.ID) error {
rec := m.rec.Record("delete_authorization") rec := m.rec.Record("delete_authorization")
err := m.authService.DeleteAuthorization(ctx, id) err := m.authService.DeleteAuthorization(ctx, id)
return rec(err) return rec(err)

14
authorization/mock_tenant.go
View File

@ -3,20 +3,22 @@ package authorization
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
// tenantService is a mock implementation of an authorization.tenantService // tenantService is a mock implementation of an authorization.tenantService
type tenantService struct { type tenantService struct {
FindUserByIDFn func(context.Context, influxdb.ID) (*influxdb.User, error) FindUserByIDFn func(context.Context, platform.ID) (*influxdb.User, error)
FindUserFn func(context.Context, influxdb.UserFilter) (*influxdb.User, error) FindUserFn func(context.Context, influxdb.UserFilter) (*influxdb.User, error)
FindOrganizationByIDF func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) FindOrganizationByIDF func(ctx context.Context, id platform.ID) (*influxdb.Organization, error)
FindOrganizationF func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) FindOrganizationF func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)
FindBucketByIDFn func(context.Context, influxdb.ID) (*influxdb.Bucket, error) FindBucketByIDFn func(context.Context, platform.ID) (*influxdb.Bucket, error)
} }
// FindUserByID returns a single User by ID. // FindUserByID returns a single User by ID.
func (s *tenantService) FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { func (s *tenantService) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return s.FindUserByIDFn(ctx, id) return s.FindUserByIDFn(ctx, id)
} }
@ -26,7 +28,7 @@ func (s *tenantService) FindUser(ctx context.Context, filter influxdb.UserFilter
} }
//FindOrganizationByID calls FindOrganizationByIDF. //FindOrganizationByID calls FindOrganizationByIDF.
func (s *tenantService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { func (s *tenantService) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return s.FindOrganizationByIDF(ctx, id) return s.FindOrganizationByIDF(ctx, id)
} }
@ -35,6 +37,6 @@ func (s *tenantService) FindOrganization(ctx context.Context, filter influxdb.Or
return s.FindOrganizationF(ctx, filter) return s.FindOrganizationF(ctx, filter)
} }
func (s *tenantService) FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { func (s *tenantService) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return s.FindBucketByIDFn(ctx, id) return s.FindBucketByIDFn(ctx, id)
} }

23
authorization/service.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kv" "github.com/influxdata/influxdb/v2/kv"
"github.com/influxdata/influxdb/v2/rand" "github.com/influxdata/influxdb/v2/rand"
@ -27,7 +30,7 @@ func NewService(st *Store, ts TenantService) influxdb.AuthorizationService {
func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error { func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error {
if err := a.Valid(); err != nil { if err := a.Valid(); err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
} }
} }
@ -53,7 +56,7 @@ func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authoriza
if a.Token == "" { if a.Token == "" {
token, err := s.tokenGenerator.Token() token, err := s.tokenGenerator.Token()
if err != nil { if err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
} }
} }
@ -69,7 +72,7 @@ func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authoriza
}) })
} }
func (s *Service) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { func (s *Service) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
var a *influxdb.Authorization var a *influxdb.Authorization
err := s.store.View(ctx, func(tx kv.Tx) error { err := s.store.View(ctx, func(tx kv.Tx) error {
auth, err := s.store.GetAuthorizationByID(ctx, tx, id) auth, err := s.store.GetAuthorizationByID(ctx, tx, id)
@ -124,7 +127,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
return nil return nil
}) })
if err != nil { if err != nil {
return nil, 0, &influxdb.Error{ return nil, 0, &errors.Error{
Err: err, Err: err,
} }
} }
@ -143,7 +146,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
return nil return nil
}) })
if err != nil { if err != nil {
return nil, 0, &influxdb.Error{ return nil, 0, &errors.Error{
Err: err, Err: err,
} }
} }
@ -162,7 +165,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
}) })
if err != nil { if err != nil {
return nil, 0, &influxdb.Error{ return nil, 0, &errors.Error{
Err: err, Err: err,
} }
} }
@ -171,7 +174,7 @@ func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.Author
} }
// UpdateAuthorization updates the status and description if available. // UpdateAuthorization updates the status and description if available.
func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { func (s *Service) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
var auth *influxdb.Authorization var auth *influxdb.Authorization
err := s.store.View(ctx, func(tx kv.Tx) error { err := s.store.View(ctx, func(tx kv.Tx) error {
a, e := s.store.GetAuthorizationByID(ctx, tx, id) a, e := s.store.GetAuthorizationByID(ctx, tx, id)
@ -183,8 +186,8 @@ func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *
}) })
if err != nil { if err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Err: err, Err: err,
} }
} }
@ -209,7 +212,7 @@ func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *
return auth, err return auth, err
} }
func (s *Service) DeleteAuthorization(ctx context.Context, id influxdb.ID) error { func (s *Service) DeleteAuthorization(ctx context.Context, id platform.ID) error {
return s.store.Update(ctx, func(tx kv.Tx) (err error) { return s.store.Update(ctx, func(tx kv.Tx) (err error) {
return s.store.DeleteAuthorization(ctx, tx, id) return s.store.DeleteAuthorization(ctx, tx, id)
}) })

18
authorization/storage.go
View File

@ -3,7 +3,9 @@ package authorization
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2/kit/tracing" "github.com/influxdata/influxdb/v2/kit/tracing"
"github.com/influxdata/influxdb/v2/kv" "github.com/influxdata/influxdb/v2/kv"
"github.com/influxdata/influxdb/v2/snowflake" "github.com/influxdata/influxdb/v2/snowflake"
@ -19,7 +21,7 @@ var (
type Store struct { type Store struct {
kvStore kv.Store kvStore kv.Store
IDGen influxdb.IDGenerator IDGen platform.IDGenerator
} }
func NewStore(kvStore kv.Store) (*Store, error) { func NewStore(kvStore kv.Store) (*Store, error) {
@ -56,7 +58,7 @@ func (s *Store) setup() error {
// generateSafeID attempts to create ids for buckets // generateSafeID attempts to create ids for buckets
// and orgs that are without backslash, commas, and spaces, BUT ALSO do not already exist. // and orgs that are without backslash, commas, and spaces, BUT ALSO do not already exist.
func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (influxdb.ID, error) { func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (platform.ID, error) {
for i := 0; i < MaxIDGenerationN; i++ { for i := 0; i < MaxIDGenerationN; i++ {
id := s.IDGen.ID() id := s.IDGen.ID()
@ -75,19 +77,19 @@ func (s *Store) generateSafeID(ctx context.Context, tx kv.Tx, bucket []byte) (in
continue continue
} }
return influxdb.InvalidID(), err return platform.InvalidID(), err
} }
return influxdb.InvalidID(), ErrFailureGeneratingID return platform.InvalidID(), ErrFailureGeneratingID
} }
func (s *Store) uniqueID(ctx context.Context, tx kv.Tx, bucket []byte, id influxdb.ID) error { func (s *Store) uniqueID(ctx context.Context, tx kv.Tx, bucket []byte, id platform.ID) error {
span, _ := tracing.StartSpanFromContext(ctx) span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
encodedID, err := id.Encode() encodedID, err := id.Encode()
if err != nil { if err != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Err: err, Err: err,
} }
} }

53
authorization/storage_authorization.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/buger/jsonparser" "github.com/buger/jsonparser"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kv" "github.com/influxdata/influxdb/v2/kv"
@ -29,8 +32,8 @@ func encodeAuthorization(a *influxdb.Authorization) ([]byte, error) {
case "": case "":
a.Status = influxdb.Active a.Status = influxdb.Active
default: default:
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "unknown authorization status", Msg: "unknown authorization status",
} }
} }
@ -72,8 +75,8 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
v, err := encodeAuthorization(a) v, err := encodeAuthorization(a)
if err != nil { if err != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Err: err, Err: err,
} }
} }
@ -89,8 +92,8 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
} }
if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil { if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Err: err, Err: err,
} }
} }
@ -101,7 +104,7 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
} }
if err := b.Put(encodedID, v); err != nil { if err := b.Put(encodedID, v); err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
} }
} }
@ -110,7 +113,7 @@ func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.A
} }
// GetAuthorization gets an authorization by its ID from the auth bucket in kv // GetAuthorization gets an authorization by its ID from the auth bucket in kv
func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (*influxdb.Authorization, error) { func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id platform.ID) (*influxdb.Authorization, error) {
encodedID, err := id.Encode() encodedID, err := id.Encode()
if err != nil { if err != nil {
return nil, ErrInvalidAuthID return nil, ErrInvalidAuthID
@ -132,8 +135,8 @@ func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id influxdb.
a := &influxdb.Authorization{} a := &influxdb.Authorization{}
if err := decodeAuthorization(v, a); err != nil { if err := decodeAuthorization(v, a); err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Err: err, Err: err,
} }
} }
@ -150,16 +153,16 @@ func (s *Store) GetAuthorizationByToken(ctx context.Context, tx kv.Tx, token str
// use the token to look up the authorization's ID // use the token to look up the authorization's ID
idKey, err := idx.Get(authIndexKey(token)) idKey, err := idx.Get(authIndexKey(token))
if kv.IsNotFound(err) { if kv.IsNotFound(err) {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "authorization not found", Msg: "authorization not found",
} }
} }
var id influxdb.ID var id platform.ID
if err := id.Decode(idKey); err != nil { if err := id.Decode(idKey); err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Err: err, Err: err,
} }
} }
@ -221,19 +224,19 @@ func (s *Store) forEachAuthorization(ctx context.Context, tx kv.Tx, pred kv.Curs
} }
// UpdateAuthorization updates the status and description only of an authorization // UpdateAuthorization updates the status and description only of an authorization
func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID, a *influxdb.Authorization) (*influxdb.Authorization, error) { func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id platform.ID, a *influxdb.Authorization) (*influxdb.Authorization, error) {
v, err := encodeAuthorization(a) v, err := encodeAuthorization(a)
if err != nil { if err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Err: err, Err: err,
} }
} }
encodedID, err := a.ID.Encode() encodedID, err := a.ID.Encode()
if err != nil { if err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Err: err, Err: err,
} }
} }
@ -244,8 +247,8 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
} }
if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil { if err := idx.Put(authIndexKey(a.Token), encodedID); err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Err: err, Err: err,
} }
} }
@ -256,7 +259,7 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
} }
if err := b.Put(encodedID, v); err != nil { if err := b.Put(encodedID, v); err != nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Err: err, Err: err,
} }
} }
@ -266,7 +269,7 @@ func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.I
} }
// DeleteAuthorization removes an authorization from storage // DeleteAuthorization removes an authorization from storage
func (s *Store) DeleteAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID) error { func (s *Store) DeleteAuthorization(ctx context.Context, tx kv.Tx, id platform.ID) error {
a, err := s.GetAuthorizationByID(ctx, tx, id) a, err := s.GetAuthorizationByID(ctx, tx, id)
if err != nil { if err != nil {
return err return err
@ -332,7 +335,7 @@ func unique(ctx context.Context, tx kv.Tx, indexBucket, indexKey []byte) error {
} }
// uniqueID returns nil if the ID provided is unique, returns an error otherwise // uniqueID returns nil if the ID provided is unique, returns an error otherwise
func uniqueID(ctx context.Context, tx kv.Tx, id influxdb.ID) error { func uniqueID(ctx context.Context, tx kv.Tx, id platform.ID) error {
encodedID, err := id.Encode() encodedID, err := id.Encode()
if err != nil { if err != nil {
return ErrInvalidAuthID return ErrInvalidAuthID

43
authorization/storage_authorization_test.go
View File

@ -3,6 +3,7 @@ package authorization_test
import ( import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"reflect" "reflect"
"testing" "testing"
@ -18,10 +19,10 @@ func TestAuth(t *testing.T) {
setup := func(t *testing.T, store *authorization.Store, tx kv.Tx) { setup := func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
err := store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{ err := store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{
ID: influxdb.ID(i), ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i), Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i), OrgID: platform.ID(i),
UserID: influxdb.ID(i), UserID: platform.ID(i),
Status: influxdb.Active, Status: influxdb.Active,
}) })
@ -53,10 +54,10 @@ func TestAuth(t *testing.T) {
expected := []*influxdb.Authorization{} expected := []*influxdb.Authorization{}
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
expected = append(expected, &influxdb.Authorization{ expected = append(expected, &influxdb.Authorization{
ID: influxdb.ID(i), ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i), Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i), OrgID: platform.ID(i),
UserID: influxdb.ID(i), UserID: platform.ID(i),
Status: "active", Status: "active",
}) })
} }
@ -66,10 +67,10 @@ func TestAuth(t *testing.T) {
// should not be able to create two authorizations with identical tokens // should not be able to create two authorizations with identical tokens
err = store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{ err = store.CreateAuthorization(context.Background(), tx, &influxdb.Authorization{
ID: influxdb.ID(1), ID: platform.ID(1),
Token: fmt.Sprintf("randomtoken%d", 1), Token: fmt.Sprintf("randomtoken%d", 1),
OrgID: influxdb.ID(1), OrgID: platform.ID(1),
UserID: influxdb.ID(1), UserID: platform.ID(1),
}) })
if err == nil { if err == nil {
t.Fatalf("expected to be unable to create authorizations with identical tokens") t.Fatalf("expected to be unable to create authorizations with identical tokens")
@ -82,14 +83,14 @@ func TestAuth(t *testing.T) {
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) { results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
expectedAuth := &influxdb.Authorization{ expectedAuth := &influxdb.Authorization{
ID: influxdb.ID(i), ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i), Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i), OrgID: platform.ID(i),
UserID: influxdb.ID(i), UserID: platform.ID(i),
Status: influxdb.Active, Status: influxdb.Active,
} }
authByID, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i)) authByID, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil { if err != nil {
t.Fatalf("Unexpectedly could not acquire Authorization by ID [Error]: %v", err) t.Fatalf("Unexpectedly could not acquire Authorization by ID [Error]: %v", err)
} }
@ -115,14 +116,14 @@ func TestAuth(t *testing.T) {
setup: setup, setup: setup,
update: func(t *testing.T, store *authorization.Store, tx kv.Tx) { update: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
auth, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i)) auth, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil { if err != nil {
t.Fatalf("Could not get authorization [Error]: %v", err) t.Fatalf("Could not get authorization [Error]: %v", err)
} }
auth.Status = influxdb.Inactive auth.Status = influxdb.Inactive
_, err = store.UpdateAuthorization(context.Background(), tx, influxdb.ID(i), auth) _, err = store.UpdateAuthorization(context.Background(), tx, platform.ID(i), auth)
if err != nil { if err != nil {
t.Fatalf("Could not get updated authorization [Error]: %v", err) t.Fatalf("Could not get updated authorization [Error]: %v", err)
} }
@ -131,16 +132,16 @@ func TestAuth(t *testing.T) {
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) { results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
auth, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i)) auth, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err != nil { if err != nil {
t.Fatalf("Could not get authorization [Error]: %v", err) t.Fatalf("Could not get authorization [Error]: %v", err)
} }
expectedAuth := &influxdb.Authorization{ expectedAuth := &influxdb.Authorization{
ID: influxdb.ID(i), ID: platform.ID(i),
Token: fmt.Sprintf("randomtoken%d", i), Token: fmt.Sprintf("randomtoken%d", i),
OrgID: influxdb.ID(i), OrgID: platform.ID(i),
UserID: influxdb.ID(i), UserID: platform.ID(i),
Status: influxdb.Inactive, Status: influxdb.Inactive,
} }
@ -155,7 +156,7 @@ func TestAuth(t *testing.T) {
setup: setup, setup: setup,
update: func(t *testing.T, store *authorization.Store, tx kv.Tx) { update: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
err := store.DeleteAuthorization(context.Background(), tx, influxdb.ID(i)) err := store.DeleteAuthorization(context.Background(), tx, platform.ID(i))
if err != nil { if err != nil {
t.Fatalf("Could not delete authorization [Error]: %v", err) t.Fatalf("Could not delete authorization [Error]: %v", err)
} }
@ -163,7 +164,7 @@ func TestAuth(t *testing.T) {
}, },
results: func(t *testing.T, store *authorization.Store, tx kv.Tx) { results: func(t *testing.T, store *authorization.Store, tx kv.Tx) {
for i := 1; i <= 10; i++ { for i := 1; i <= 10; i++ {
_, err := store.GetAuthorizationByID(context.Background(), tx, influxdb.ID(i)) _, err := store.GetAuthorizationByID(context.Background(), tx, platform.ID(i))
if err == nil { if err == nil {
t.Fatal("Authorization was not deleted correctly") t.Fatal("Authorization was not deleted correctly")
} }

13
authorizer/agent.go
View File

@ -3,6 +3,9 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -11,7 +14,7 @@ import (
type AuthAgent struct{} type AuthAgent struct{}
// OrgPermissions identifies if a user has access to the org by the specified action. // OrgPermissions identifies if a user has access to the org by the specified action.
func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, action influxdb.Action, rest ...influxdb.Action) error { func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID platform.ID, action influxdb.Action, rest ...influxdb.Action) error {
for _, action := range append(rest, action) { for _, action := range append(rest, action) {
var err error var err error
switch action { switch action {
@ -20,7 +23,7 @@ func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, actio
case influxdb.WriteAction: case influxdb.WriteAction:
_, _, err = AuthorizeWriteOrg(ctx, orgID) _, _, err = AuthorizeWriteOrg(ctx, orgID)
default: default:
err = &influxdb.Error{Code: influxdb.EInvalid, Msg: "invalid action provided: " + string(action)} err = &errors.Error{Code: errors.EInvalid, Msg: "invalid action provided: " + string(action)}
} }
if err != nil { if err != nil {
return err return err
@ -29,13 +32,13 @@ func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID influxdb.ID, actio
return nil return nil
} }
func (a *AuthAgent) IsWritable(ctx context.Context, orgID influxdb.ID, resType influxdb.ResourceType) error { func (a *AuthAgent) IsWritable(ctx context.Context, orgID platform.ID, resType influxdb.ResourceType) error {
_, _, resTypeErr := AuthorizeOrgWriteResource(ctx, resType, orgID) _, _, resTypeErr := AuthorizeOrgWriteResource(ctx, resType, orgID)
_, _, orgErr := AuthorizeWriteOrg(ctx, orgID) _, _, orgErr := AuthorizeWriteOrg(ctx, orgID)
if resTypeErr != nil && orgErr != nil { if resTypeErr != nil && orgErr != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: "not authorized to create " + string(resType), Msg: "not authorized to create " + string(resType),
} }
} }

5
authorizer/agent_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing" "testing"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
@ -17,7 +18,7 @@ func Test_Agent(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
action influxdb.Action action influxdb.Action
orgID influxdb.ID orgID platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
shouldErr bool shouldErr bool
}{ }{
@ -175,7 +176,7 @@ func Test_Agent(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
resourceType influxdb.ResourceType resourceType influxdb.ResourceType
orgID influxdb.ID orgID platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
shouldErr bool shouldErr bool
}{ }{

13
authorizer/auth.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -23,7 +26,7 @@ func NewAuthorizationService(s influxdb.AuthorizationService) *AuthorizationServ
} }
// FindAuthorizationByID checks to see if the authorizer on context has read access to the id provided. // FindAuthorizationByID checks to see if the authorizer on context has read access to the id provided.
func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -78,7 +81,7 @@ func (s *AuthorizationService) CreateAuthorization(ctx context.Context, a *influ
} }
// UpdateAuthorization checks to see if the authorizer on context has write access to the authorization provided. // UpdateAuthorization checks to see if the authorizer on context has write access to the authorization provided.
func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -93,7 +96,7 @@ func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id influ
} }
// DeleteAuthorization checks to see if the authorizer on context has write access to the authorization provided. // DeleteAuthorization checks to see if the authorizer on context has write access to the authorization provided.
func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error { func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) error {
a, err := s.s.FindAuthorizationByID(ctx, id) a, err := s.s.FindAuthorizationByID(ctx, id)
if err != nil { if err != nil {
return err return err
@ -111,10 +114,10 @@ func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id influ
func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error { func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error {
for _, p := range ps { for _, p := range ps {
if err := IsAllowed(ctx, p); err != nil { if err := IsAllowed(ctx, p); err != nil {
return &influxdb.Error{ return &errors.Error{
Err: err, Err: err,
Msg: fmt.Sprintf("permission %s is not allowed", p), Msg: fmt.Sprintf("permission %s is not allowed", p),
Code: influxdb.EForbidden, Code: errors.EForbidden,
} }
} }
} }

40
authorizer/auth_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -93,9 +95,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized", Msg: "read:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
authorizations: []*influxdb.Authorization{}, authorizations: []*influxdb.Authorization{},
}, },
@ -121,9 +123,9 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized", Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
authorizations: []*influxdb.Authorization{}, authorizations: []*influxdb.Authorization{},
}, },
@ -133,7 +135,7 @@ func TestAuthorizationService_ReadAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -241,9 +243,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized", Msg: "write:orgs/0000000000000001/authorizations/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -268,9 +270,9 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -279,7 +281,7 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -289,10 +291,10 @@ func TestAuthorizationService_WriteAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error { m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil return nil
} }
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error { m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil return nil
} }
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil return nil, nil
} }
s := authorizer.NewAuthorizationService(m) s := authorizer.NewAuthorizationService(m)
@ -372,9 +374,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001/authorizations is unauthorized", Msg: "write:orgs/0000000000000001/authorizations is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -399,9 +401,9 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -410,7 +412,7 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
m := &mock.AuthorizationService{} m := &mock.AuthorizationService{}
m.FindAuthorizationByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error) { m.FindAuthorizationByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Authorization, error) {
return &influxdb.Authorization{ return &influxdb.Authorization{
ID: id, ID: id,
UserID: 1, UserID: 1,
@ -420,10 +422,10 @@ func TestAuthorizationService_CreateAuthorization(t *testing.T) {
m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error { m.CreateAuthorizationFn = func(ctx context.Context, a *influxdb.Authorization) error {
return nil return nil
} }
m.DeleteAuthorizationFn = func(ctx context.Context, id influxdb.ID) error { m.DeleteAuthorizationFn = func(ctx context.Context, id platform.ID) error {
return nil return nil
} }
m.UpdateAuthorizationFn = func(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) { m.UpdateAuthorizationFn = func(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error) {
return nil, nil return nil, nil
} }
s := authorizer.NewAuthorizationService(m) s := authorizer.NewAuthorizationService(m)

35
authorizer/authorize.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
icontext "github.com/influxdata/influxdb/v2/context" icontext "github.com/influxdata/influxdb/v2/context"
) )
@ -16,8 +19,8 @@ func isAllowedAll(a influxdb.Authorizer, permissions []influxdb.Permission) erro
for _, p := range permissions { for _, p := range permissions {
if !pset.Allowed(p) { if !pset.Allowed(p) {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: fmt.Sprintf("%s is unauthorized", p), Msg: fmt.Sprintf("%s is unauthorized", p),
} }
} }
@ -61,13 +64,13 @@ func IsAllowedAny(ctx context.Context, permissions []influxdb.Permission) error
return nil return nil
} }
} }
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: fmt.Sprintf("none of %v is authorized", permissions), Msg: fmt.Sprintf("none of %v is authorized", permissions),
} }
} }
func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType, rid, oid *influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType, rid, oid *platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
var p *influxdb.Permission var p *influxdb.Permission
var err error var err error
if rid != nil && oid != nil { if rid != nil && oid != nil {
@ -89,7 +92,7 @@ func authorize(ctx context.Context, a influxdb.Action, rt influxdb.ResourceType,
return auth, *p, isAllowed(auth, *p) return auth, *p, isAllowed(auth, *p)
} }
func authorizeReadSystemBucket(ctx context.Context, bid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func authorizeReadSystemBucket(ctx context.Context, bid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return AuthorizeReadOrg(ctx, oid) return AuthorizeReadOrg(ctx, oid)
} }
@ -98,7 +101,7 @@ func authorizeReadSystemBucket(ctx context.Context, bid, oid influxdb.ID) (influ
// AuthorizeRead(ctx, influxdb.BucketsResourceType, b.ID, b.OrgID) // AuthorizeRead(ctx, influxdb.BucketsResourceType, b.ID, b.OrgID)
// use: // use:
// AuthorizeReadBucket(ctx, b.Type, b.ID, b.OrgID) // AuthorizeReadBucket(ctx, b.Type, b.ID, b.OrgID)
func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
switch bt { switch bt {
case influxdb.BucketTypeSystem: case influxdb.BucketTypeSystem:
return authorizeReadSystemBucket(ctx, bid, oid) return authorizeReadSystemBucket(ctx, bid, oid)
@ -109,54 +112,54 @@ func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid i
// AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID, and orgID). // AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID, and orgID).
// NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only. // NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.
func AuthorizeRead(ctx context.Context, rt influxdb.ResourceType, rid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeRead(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, &rid, &oid) return authorize(ctx, influxdb.ReadAction, rt, &rid, &oid)
} }
// AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID, and orgID). // AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID, and orgID).
// NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only. // NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.
func AuthorizeWrite(ctx context.Context, rt influxdb.ResourceType, rid, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeWrite(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, &rid, &oid) return authorize(ctx, influxdb.WriteAction, rt, &rid, &oid)
} }
// AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID). // AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID).
// NOTE: authorization will pass only if the user has a specific permission for the given resource. // NOTE: authorization will pass only if the user has a specific permission for the given resource.
func AuthorizeReadResource(ctx context.Context, rt influxdb.ResourceType, rid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeReadResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, &rid, nil) return authorize(ctx, influxdb.ReadAction, rt, &rid, nil)
} }
// AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID). // AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID).
// NOTE: authorization will pass only if the user has a specific permission for the given resource. // NOTE: authorization will pass only if the user has a specific permission for the given resource.
func AuthorizeWriteResource(ctx context.Context, rt influxdb.ResourceType, rid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeWriteResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, &rid, nil) return authorize(ctx, influxdb.WriteAction, rt, &rid, nil)
} }
// AuthorizeOrgReadResource authorizes the given org to read the resources of the given type. // AuthorizeOrgReadResource authorizes the given org to read the resources of the given type.
// NOTE: this is pretty much the same as AuthorizeRead, in the case that the resource ID is ignored. // NOTE: this is pretty much the same as AuthorizeRead, in the case that the resource ID is ignored.
// Use it in the case that you do not know which resource in particular you want to give access to. // Use it in the case that you do not know which resource in particular you want to give access to.
func AuthorizeOrgReadResource(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeOrgReadResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, rt, nil, &oid) return authorize(ctx, influxdb.ReadAction, rt, nil, &oid)
} }
// AuthorizeOrgWriteResource authorizes the given org to write the resources of the given type. // AuthorizeOrgWriteResource authorizes the given org to write the resources of the given type.
// NOTE: this is pretty much the same as AuthorizeWrite, in the case that the resource ID is ignored. // NOTE: this is pretty much the same as AuthorizeWrite, in the case that the resource ID is ignored.
// Use it in the case that you do not know which resource in particular you want to give access to. // Use it in the case that you do not know which resource in particular you want to give access to.
func AuthorizeOrgWriteResource(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeOrgWriteResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, rt, nil, &oid) return authorize(ctx, influxdb.WriteAction, rt, nil, &oid)
} }
// AuthorizeCreate authorizes a user to create a resource of the given type for the given org. // AuthorizeCreate authorizes a user to create a resource of the given type for the given org.
func AuthorizeCreate(ctx context.Context, rt influxdb.ResourceType, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeCreate(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return AuthorizeOrgWriteResource(ctx, rt, oid) return AuthorizeOrgWriteResource(ctx, rt, oid)
} }
// AuthorizeReadOrg authorizes the user to read the given org. // AuthorizeReadOrg authorizes the user to read the given org.
func AuthorizeReadOrg(ctx context.Context, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeReadOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.ReadAction, influxdb.OrgsResourceType, &oid, nil) return authorize(ctx, influxdb.ReadAction, influxdb.OrgsResourceType, &oid, nil)
} }
// AuthorizeWriteOrg authorizes the user to write the given org. // AuthorizeWriteOrg authorizes the user to write the given org.
func AuthorizeWriteOrg(ctx context.Context, oid influxdb.ID) (influxdb.Authorizer, influxdb.Permission, error) { func AuthorizeWriteOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error) {
return authorize(ctx, influxdb.WriteAction, influxdb.OrgsResourceType, &oid, nil) return authorize(ctx, influxdb.WriteAction, influxdb.OrgsResourceType, &oid, nil)
} }

66
authorizer/authorize_find.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -18,10 +20,10 @@ func AuthorizeFindDBRPs(ctx context.Context, rs []*influxdb.DBRPMappingV2) ([]*i
if err != nil { if err != nil {
_, _, err = AuthorizeWrite(ctx, influxdb.BucketsResourceType, r.BucketID, r.OrganizationID) _, _, err = AuthorizeWrite(ctx, influxdb.BucketsResourceType, r.BucketID, r.OrganizationID)
} }
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -36,17 +38,17 @@ func AuthorizeFindAuthorizations(ctx context.Context, rs []*influxdb.Authorizati
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.AuthorizationsResourceType, r.ID, r.OrgID) _, _, err := AuthorizeRead(ctx, influxdb.AuthorizationsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
_, _, err = AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.UserID) _, _, err = AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.UserID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -61,10 +63,10 @@ func AuthorizeFindBuckets(ctx context.Context, rs []*influxdb.Bucket) ([]*influx
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeReadBucket(ctx, r.Type, r.ID, r.OrgID) _, _, err := AuthorizeReadBucket(ctx, r.Type, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -79,10 +81,10 @@ func AuthorizeFindDashboards(ctx context.Context, rs []*influxdb.Dashboard) ([]*
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.DashboardsResourceType, r.ID, r.OrganizationID) _, _, err := AuthorizeRead(ctx, influxdb.DashboardsResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -97,10 +99,10 @@ func AuthorizeFindOrganizations(ctx context.Context, rs []*influxdb.Organization
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeReadOrg(ctx, r.ID) _, _, err := AuthorizeReadOrg(ctx, r.ID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -115,10 +117,10 @@ func AuthorizeFindSources(ctx context.Context, rs []*influxdb.Source) ([]*influx
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.SourcesResourceType, r.ID, r.OrganizationID) _, _, err := AuthorizeRead(ctx, influxdb.SourcesResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -133,10 +135,10 @@ func AuthorizeFindTasks(ctx context.Context, rs []*influxdb.Task) ([]*influxdb.T
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.TasksResourceType, r.ID, r.OrganizationID) _, _, err := AuthorizeRead(ctx, influxdb.TasksResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -151,10 +153,10 @@ func AuthorizeFindTelegrafs(ctx context.Context, rs []*influxdb.TelegrafConfig)
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.TelegrafsResourceType, r.ID, r.OrgID) _, _, err := AuthorizeRead(ctx, influxdb.TelegrafsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -169,10 +171,10 @@ func AuthorizeFindUsers(ctx context.Context, rs []*influxdb.User) ([]*influxdb.U
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.ID) _, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, r.ID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -187,10 +189,10 @@ func AuthorizeFindVariables(ctx context.Context, rs []*influxdb.Variable) ([]*in
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.VariablesResourceType, r.ID, r.OrganizationID) _, _, err := AuthorizeRead(ctx, influxdb.VariablesResourceType, r.ID, r.OrganizationID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -205,10 +207,10 @@ func AuthorizeFindScrapers(ctx context.Context, rs []influxdb.ScraperTarget) ([]
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.ScraperResourceType, r.ID, r.OrgID) _, _, err := AuthorizeRead(ctx, influxdb.ScraperResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -223,10 +225,10 @@ func AuthorizeFindLabels(ctx context.Context, rs []*influxdb.Label) ([]*influxdb
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.LabelsResourceType, r.ID, r.OrgID) _, _, err := AuthorizeRead(ctx, influxdb.LabelsResourceType, r.ID, r.OrgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -241,10 +243,10 @@ func AuthorizeFindNotificationRules(ctx context.Context, rs []influxdb.Notificat
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.NotificationRuleResourceType, r.GetID(), r.GetOrgID()) _, _, err := AuthorizeRead(ctx, influxdb.NotificationRuleResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -259,10 +261,10 @@ func AuthorizeFindNotificationEndpoints(ctx context.Context, rs []influxdb.Notif
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.NotificationEndpointResourceType, r.GetID(), r.GetOrgID()) _, _, err := AuthorizeRead(ctx, influxdb.NotificationEndpointResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)
@ -277,10 +279,10 @@ func AuthorizeFindChecks(ctx context.Context, rs []influxdb.Check) ([]influxdb.C
rrs := rs[:0] rrs := rs[:0]
for _, r := range rs { for _, r := range rs {
_, _, err := AuthorizeRead(ctx, influxdb.ChecksResourceType, r.GetID(), r.GetOrgID()) _, _, err := AuthorizeRead(ctx, influxdb.ChecksResourceType, r.GetID(), r.GetOrgID())
if err != nil && influxdb.ErrorCode(err) != influxdb.EUnauthorized { if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, 0, err return nil, 0, err
} }
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
continue continue
} }
rrs = append(rrs, r) rrs = append(rrs, r)

10
authorizer/bucket.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing" "github.com/influxdata/influxdb/v2/kit/tracing"
) )
@ -23,7 +25,7 @@ func NewBucketService(s influxdb.BucketService) *BucketService {
} }
// FindBucketByID checks to see if the authorizer on context has read access to the id provided. // FindBucketByID checks to see if the authorizer on context has read access to the id provided.
func (s *BucketService) FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { func (s *BucketService) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -38,7 +40,7 @@ func (s *BucketService) FindBucketByID(ctx context.Context, id influxdb.ID) (*in
} }
// FindBucketByName returns a bucket by name for a particular organization. // FindBucketByName returns a bucket by name for a particular organization.
func (s *BucketService) FindBucketByName(ctx context.Context, orgID influxdb.ID, n string) (*influxdb.Bucket, error) { func (s *BucketService) FindBucketByName(ctx context.Context, orgID platform.ID, n string) (*influxdb.Bucket, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -93,7 +95,7 @@ func (s *BucketService) CreateBucket(ctx context.Context, b *influxdb.Bucket) er
} }
// UpdateBucket checks to see if the authorizer on context has write access to the bucket provided. // UpdateBucket checks to see if the authorizer on context has write access to the bucket provided.
func (s *BucketService) UpdateBucket(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) { func (s *BucketService) UpdateBucket(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
b, err := s.s.FindBucketByID(ctx, id) b, err := s.s.FindBucketByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -105,7 +107,7 @@ func (s *BucketService) UpdateBucket(ctx context.Context, id influxdb.ID, upd in
} }
// DeleteBucket checks to see if the authorizer on context has write access to the bucket provided. // DeleteBucket checks to see if the authorizer on context has write access to the bucket provided.
func (s *BucketService) DeleteBucket(ctx context.Context, id influxdb.ID) error { func (s *BucketService) DeleteBucket(ctx context.Context, id platform.ID) error {
b, err := s.s.FindBucketByID(ctx, id) b, err := s.s.FindBucketByID(ctx, id)
if err != nil { if err != nil {
return err return err

50
authorizer/bucket_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -75,7 +77,7 @@ func TestBucketService_FindBucketByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -94,9 +96,9 @@ func TestBucketService_FindBucketByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -179,9 +181,9 @@ func TestBucketService_FindBucket(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -334,7 +336,7 @@ func TestBucketService_UpdateBucket(t *testing.T) {
BucketService influxdb.BucketService BucketService influxdb.BucketService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -351,13 +353,13 @@ func TestBucketService_UpdateBucket(t *testing.T) {
name: "authorized to update bucket", name: "authorized to update bucket",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
UpdateBucketFn: func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) { UpdateBucketFn: func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -392,13 +394,13 @@ func TestBucketService_UpdateBucket(t *testing.T) {
name: "unauthorized to update bucket", name: "unauthorized to update bucket",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
UpdateBucketFn: func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) { UpdateBucketFn: func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -419,9 +421,9 @@ func TestBucketService_UpdateBucket(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -445,7 +447,7 @@ func TestBucketService_DeleteBucket(t *testing.T) {
BucketService influxdb.BucketService BucketService influxdb.BucketService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -462,13 +464,13 @@ func TestBucketService_DeleteBucket(t *testing.T) {
name: "authorized to delete bucket", name: "authorized to delete bucket",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
DeleteBucketFn: func(ctx context.Context, id influxdb.ID) error { DeleteBucketFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -500,13 +502,13 @@ func TestBucketService_DeleteBucket(t *testing.T) {
name: "unauthorized to delete bucket", name: "unauthorized to delete bucket",
fields: fields{ fields: fields{
BucketService: &mock.BucketService{ BucketService: &mock.BucketService{
FindBucketByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Bucket, error) { FindBucketByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ return &influxdb.Bucket{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
DeleteBucketFn: func(ctx context.Context, id influxdb.ID) error { DeleteBucketFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -524,9 +526,9 @@ func TestBucketService_DeleteBucket(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -551,7 +553,7 @@ func TestBucketService_CreateBucket(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -606,9 +608,9 @@ func TestBucketService_CreateBucket(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets is unauthorized", Msg: "write:orgs/000000000000000a/buckets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

12
authorizer/check.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -27,7 +29,7 @@ func NewCheckService(s influxdb.CheckService, urm influxdb.UserResourceMappingSe
} }
// FindCheckByID checks to see if the authorizer on context has read access to the id provided. // FindCheckByID checks to see if the authorizer on context has read access to the id provided.
func (s *CheckService) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { func (s *CheckService) FindCheckByID(ctx context.Context, id platform.ID) (influxdb.Check, error) {
chk, err := s.s.FindCheckByID(ctx, id) chk, err := s.s.FindCheckByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -62,7 +64,7 @@ func (s *CheckService) FindCheck(ctx context.Context, filter influxdb.CheckFilte
} }
// CreateCheck checks to see if the authorizer on context has write access to the global check resource. // CreateCheck checks to see if the authorizer on context has write access to the global check resource.
func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error { func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.ChecksResourceType, chk.GetOrgID()); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.ChecksResourceType, chk.GetOrgID()); err != nil {
return err return err
} }
@ -70,7 +72,7 @@ func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate
} }
// UpdateCheck checks to see if the authorizer on context has write access to the check provided. // UpdateCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) UpdateCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) { func (s *CheckService) UpdateCheck(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
chk, err := s.FindCheckByID(ctx, id) chk, err := s.FindCheckByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -82,7 +84,7 @@ func (s *CheckService) UpdateCheck(ctx context.Context, id influxdb.ID, upd infl
} }
// PatchCheck checks to see if the authorizer on context has write access to the check provided. // PatchCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) { func (s *CheckService) PatchCheck(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
chk, err := s.FindCheckByID(ctx, id) chk, err := s.FindCheckByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -94,7 +96,7 @@ func (s *CheckService) PatchCheck(ctx context.Context, id influxdb.ID, upd influ
} }
// DeleteCheck checks to see if the authorizer on context has write access to the check provided. // DeleteCheck checks to see if the authorizer on context has write access to the check provided.
func (s *CheckService) DeleteCheck(ctx context.Context, id influxdb.ID) error { func (s *CheckService) DeleteCheck(ctx context.Context, id platform.ID) error {
chk, err := s.FindCheckByID(ctx, id) chk, err := s.FindCheckByID(ctx, id)
if err != nil { if err != nil {
return err return err

64
authorizer/check_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -34,7 +36,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -50,7 +52,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: id, ID: id,
@ -78,7 +80,7 @@ func TestCheckService_FindCheckByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: id, ID: id,
@ -99,9 +101,9 @@ func TestCheckService_FindCheckByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/checks/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -275,7 +277,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
CheckService influxdb.CheckService CheckService influxdb.CheckService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -292,7 +294,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
name: "authorized to update check", name: "authorized to update check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -300,7 +302,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) { UpdateCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -337,7 +339,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
name: "unauthorized to update check", name: "unauthorized to update check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -345,7 +347,7 @@ func TestCheckService_UpdateCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error) { UpdateCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -368,9 +370,9 @@ func TestCheckService_UpdateCheck(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -399,7 +401,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
CheckService influxdb.CheckService CheckService influxdb.CheckService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -416,7 +418,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
name: "authorized to patch check", name: "authorized to patch check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -424,7 +426,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) { PatchCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -461,7 +463,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
name: "unauthorized to patch check", name: "unauthorized to patch check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -469,7 +471,7 @@ func TestCheckService_PatchCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchCheckFn: func(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) { PatchCheckFn: func(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -492,9 +494,9 @@ func TestCheckService_PatchCheck(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -518,7 +520,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
CheckService influxdb.CheckService CheckService influxdb.CheckService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -535,7 +537,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
name: "authorized to delete check", name: "authorized to delete check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -543,7 +545,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteCheckFn: func(ctx context.Context, id influxdb.ID) error { DeleteCheckFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -575,7 +577,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
name: "unauthorized to delete check", name: "unauthorized to delete check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
FindCheckByIDFn: func(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { FindCheckByIDFn: func(ctx context.Context, id platform.ID) (influxdb.Check, error) {
return &check.Deadman{ return &check.Deadman{
Base: check.Base{ Base: check.Base{
ID: 1, ID: 1,
@ -583,7 +585,7 @@ func TestCheckService_DeleteCheck(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteCheckFn: func(ctx context.Context, id influxdb.ID) error { DeleteCheckFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -601,9 +603,9 @@ func TestCheckService_DeleteCheck(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/checks/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -628,7 +630,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -644,7 +646,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
name: "authorized to create check with org owner", name: "authorized to create check with org owner",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error { CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -667,7 +669,7 @@ func TestCheckService_CreateCheck(t *testing.T) {
name: "unauthorized to create check", name: "unauthorized to create check",
fields: fields{ fields: fields{
CheckService: &mock.CheckService{ CheckService: &mock.CheckService{
CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error { CreateCheckFn: func(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -683,9 +685,9 @@ func TestCheckService_CreateCheck(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/checks is unauthorized", Msg: "write:orgs/000000000000000a/checks is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

20
authorizer/dashboard.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -22,7 +24,7 @@ func NewDashboardService(s influxdb.DashboardService) *DashboardService {
} }
// FindDashboardByID checks to see if the authorizer on context has read access to the id provided. // FindDashboardByID checks to see if the authorizer on context has read access to the id provided.
func (s *DashboardService) FindDashboardByID(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { func (s *DashboardService) FindDashboardByID(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
b, err := s.s.FindDashboardByID(ctx, id) b, err := s.s.FindDashboardByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -53,7 +55,7 @@ func (s *DashboardService) CreateDashboard(ctx context.Context, b *influxdb.Dash
} }
// UpdateDashboard checks to see if the authorizer on context has write access to the dashboard provided. // UpdateDashboard checks to see if the authorizer on context has write access to the dashboard provided.
func (s *DashboardService) UpdateDashboard(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) { func (s *DashboardService) UpdateDashboard(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
b, err := s.s.FindDashboardByID(ctx, id) b, err := s.s.FindDashboardByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -65,7 +67,7 @@ func (s *DashboardService) UpdateDashboard(ctx context.Context, id influxdb.ID,
} }
// DeleteDashboard checks to see if the authorizer on context has write access to the dashboard provided. // DeleteDashboard checks to see if the authorizer on context has write access to the dashboard provided.
func (s *DashboardService) DeleteDashboard(ctx context.Context, id influxdb.ID) error { func (s *DashboardService) DeleteDashboard(ctx context.Context, id platform.ID) error {
b, err := s.s.FindDashboardByID(ctx, id) b, err := s.s.FindDashboardByID(ctx, id)
if err != nil { if err != nil {
return err return err
@ -76,7 +78,7 @@ func (s *DashboardService) DeleteDashboard(ctx context.Context, id influxdb.ID)
return s.s.DeleteDashboard(ctx, id) return s.s.DeleteDashboard(ctx, id)
} }
func (s *DashboardService) AddDashboardCell(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error { func (s *DashboardService) AddDashboardCell(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
b, err := s.s.FindDashboardByID(ctx, id) b, err := s.s.FindDashboardByID(ctx, id)
if err != nil { if err != nil {
return err return err
@ -87,7 +89,7 @@ func (s *DashboardService) AddDashboardCell(ctx context.Context, id influxdb.ID,
return s.s.AddDashboardCell(ctx, id, c, opts) return s.s.AddDashboardCell(ctx, id, c, opts)
} }
func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) error { func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID) error {
b, err := s.s.FindDashboardByID(ctx, dashboardID) b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil { if err != nil {
return err return err
@ -98,7 +100,7 @@ func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID
return s.s.RemoveDashboardCell(ctx, dashboardID, cellID) return s.s.RemoveDashboardCell(ctx, dashboardID, cellID)
} }
func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) { func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID) b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil { if err != nil {
return nil, err return nil, err
@ -109,7 +111,7 @@ func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID
return s.s.UpdateDashboardCell(ctx, dashboardID, cellID, upd) return s.s.UpdateDashboardCell(ctx, dashboardID, cellID, upd)
} }
func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) (*influxdb.View, error) { func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID) (*influxdb.View, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID) b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil { if err != nil {
return nil, err return nil, err
@ -120,7 +122,7 @@ func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID
return s.s.GetDashboardCellView(ctx, dashboardID, cellID) return s.s.GetDashboardCellView(ctx, dashboardID, cellID)
} }
func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) { func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
b, err := s.s.FindDashboardByID(ctx, dashboardID) b, err := s.s.FindDashboardByID(ctx, dashboardID)
if err != nil { if err != nil {
return nil, err return nil, err
@ -131,7 +133,7 @@ func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboar
return s.s.UpdateDashboardCellView(ctx, dashboardID, cellID, upd) return s.s.UpdateDashboardCellView(ctx, dashboardID, cellID, upd)
} }
func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id influxdb.ID, c []*influxdb.Cell) error { func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id platform.ID, c []*influxdb.Cell) error {
b, err := s.s.FindDashboardByID(ctx, id) b, err := s.s.FindDashboardByID(ctx, id)
if err != nil { if err != nil {
return err return err

90
authorizer/dashboard_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -75,7 +77,7 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -94,9 +96,9 @@ func TestDashboardService_FindDashboardByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -249,7 +251,7 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
DashboardService influxdb.DashboardService DashboardService influxdb.DashboardService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -266,13 +268,13 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
name: "authorized to update dashboard", name: "authorized to update dashboard",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateDashboardF: func(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) { UpdateDashboardF: func(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -307,13 +309,13 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
name: "unauthorized to update dashboard", name: "unauthorized to update dashboard",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateDashboardF: func(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) { UpdateDashboardF: func(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -334,9 +336,9 @@ func TestDashboardService_UpdateDashboard(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -360,7 +362,7 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
DashboardService influxdb.DashboardService DashboardService influxdb.DashboardService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -377,13 +379,13 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
name: "authorized to delete dashboard", name: "authorized to delete dashboard",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteDashboardF: func(ctx context.Context, id influxdb.ID) error { DeleteDashboardF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -415,13 +417,13 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
name: "unauthorized to delete dashboard", name: "unauthorized to delete dashboard",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctc context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteDashboardF: func(ctx context.Context, id influxdb.ID) error { DeleteDashboardF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -439,9 +441,9 @@ func TestDashboardService_DeleteDashboard(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -466,7 +468,7 @@ func TestDashboardService_CreateDashboard(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -521,9 +523,9 @@ func TestDashboardService_CreateDashboard(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards is unauthorized", Msg: "write:orgs/000000000000000a/dashboards is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -548,7 +550,7 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -564,25 +566,25 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
name: "authorized to write dashboard cells/cell/view", name: "authorized to write dashboard cells/cell/view",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
AddDashboardCellF: func(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error { AddDashboardCellF: func(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
return nil return nil
}, },
RemoveDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) error { RemoveDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID) error {
return nil return nil
}, },
ReplaceDashboardCellsF: func(ctx context.Context, id influxdb.ID, cs []*influxdb.Cell) error { ReplaceDashboardCellsF: func(ctx context.Context, id platform.ID, cs []*influxdb.Cell) error {
return nil return nil
}, },
UpdateDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) { UpdateDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
return &influxdb.Cell{}, nil return &influxdb.Cell{}, nil
}, },
UpdateDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) { UpdateDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
return &influxdb.View{}, nil return &influxdb.View{}, nil
}, },
}, },
@ -605,25 +607,25 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
name: "unauthorized to write dashboard cells/cell/view", name: "unauthorized to write dashboard cells/cell/view",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
AddDashboardCellF: func(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error { AddDashboardCellF: func(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error {
return nil return nil
}, },
ReplaceDashboardCellsF: func(ctx context.Context, id influxdb.ID, cs []*influxdb.Cell) error { ReplaceDashboardCellsF: func(ctx context.Context, id platform.ID, cs []*influxdb.Cell) error {
return nil return nil
}, },
UpdateDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) { UpdateDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error) {
return &influxdb.Cell{}, nil return &influxdb.Cell{}, nil
}, },
RemoveDashboardCellF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) error { RemoveDashboardCellF: func(ctx context.Context, id platform.ID, cid platform.ID) error {
return nil return nil
}, },
UpdateDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) { UpdateDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error) {
return &influxdb.View{}, nil return &influxdb.View{}, nil
}, },
}, },
@ -639,9 +641,9 @@ func TestDashboardService_WriteDashboardCell(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -678,7 +680,7 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -694,13 +696,13 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
name: "authorized to read dashboard cells/cell/view", name: "authorized to read dashboard cells/cell/view",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
GetDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) (*influxdb.View, error) { GetDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID) (*influxdb.View, error) {
return &influxdb.View{}, nil return &influxdb.View{}, nil
}, },
}, },
@ -723,13 +725,13 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
name: "unauthorized to read dashboard cells/cell/view", name: "unauthorized to read dashboard cells/cell/view",
fields: fields{ fields: fields{
DashboardService: &mock.DashboardService{ DashboardService: &mock.DashboardService{
FindDashboardByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error) { FindDashboardByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error) {
return &influxdb.Dashboard{ return &influxdb.Dashboard{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
GetDashboardCellViewF: func(ctx context.Context, id influxdb.ID, cid influxdb.ID) (*influxdb.View, error) { GetDashboardCellViewF: func(ctx context.Context, id platform.ID, cid platform.ID) (*influxdb.View, error) {
return &influxdb.View{}, nil return &influxdb.View{}, nil
}, },
}, },
@ -745,9 +747,9 @@ func TestDashboardService_FindDashboardCellView(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/dashboards/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

10
authorizer/document.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -41,14 +43,14 @@ type documentStore struct {
s influxdb.DocumentStore s influxdb.DocumentStore
} }
func newDocumentPermission(a influxdb.Action, orgID influxdb.ID, did *influxdb.ID) (*influxdb.Permission, error) { func newDocumentPermission(a influxdb.Action, orgID platform.ID, did *platform.ID) (*influxdb.Permission, error) {
if did != nil { if did != nil {
return influxdb.NewPermissionAtID(*did, a, influxdb.DocumentsResourceType, orgID) return influxdb.NewPermissionAtID(*did, a, influxdb.DocumentsResourceType, orgID)
} }
return influxdb.NewPermission(a, influxdb.DocumentsResourceType, orgID) return influxdb.NewPermission(a, influxdb.DocumentsResourceType, orgID)
} }
func toPerms(action influxdb.Action, orgs map[influxdb.ID]influxdb.UserType, did *influxdb.ID) ([]influxdb.Permission, error) { func toPerms(action influxdb.Action, orgs map[platform.ID]influxdb.UserType, did *platform.ID) ([]influxdb.Permission, error) {
ps := make([]influxdb.Permission, 0, len(orgs)) ps := make([]influxdb.Permission, 0, len(orgs))
for orgID := range orgs { for orgID := range orgs {
p, err := newDocumentPermission(action, orgID, did) p, err := newDocumentPermission(action, orgID, did)
@ -74,7 +76,7 @@ func (s *documentStore) CreateDocument(ctx context.Context, d *influxdb.Document
return s.s.CreateDocument(ctx, d) return s.s.CreateDocument(ctx, d)
} }
func (s *documentStore) FindDocument(ctx context.Context, id influxdb.ID) (*influxdb.Document, error) { func (s *documentStore) FindDocument(ctx context.Context, id platform.ID) (*influxdb.Document, error) {
d, err := s.s.FindDocument(ctx, id) d, err := s.s.FindDocument(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -89,7 +91,7 @@ func (s *documentStore) FindDocument(ctx context.Context, id influxdb.ID) (*infl
return d, nil return d, nil
} }
func (s *documentStore) FindDocuments(ctx context.Context, oid influxdb.ID) ([]*influxdb.Document, error) { func (s *documentStore) FindDocuments(ctx context.Context, oid platform.ID) ([]*influxdb.Document, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.DocumentsResourceType, oid); err != nil { if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.DocumentsResourceType, oid); err != nil {
return nil, err return nil, err
} }

8
authorizer/label.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -25,7 +27,7 @@ func NewLabelServiceWithOrg(s influxdb.LabelService, orgIDResolver OrgIDResolver
} }
// FindLabelByID checks to see if the authorizer on context has read access to the label id provided. // FindLabelByID checks to see if the authorizer on context has read access to the label id provided.
func (s *LabelService) FindLabelByID(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { func (s *LabelService) FindLabelByID(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
l, err := s.s.FindLabelByID(ctx, id) l, err := s.s.FindLabelByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -95,7 +97,7 @@ func (s *LabelService) CreateLabelMapping(ctx context.Context, m *influxdb.Label
} }
// UpdateLabel checks to see if the authorizer on context has write access to the label provided. // UpdateLabel checks to see if the authorizer on context has write access to the label provided.
func (s *LabelService) UpdateLabel(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) { func (s *LabelService) UpdateLabel(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
l, err := s.s.FindLabelByID(ctx, id) l, err := s.s.FindLabelByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -107,7 +109,7 @@ func (s *LabelService) UpdateLabel(ctx context.Context, id influxdb.ID, upd infl
} }
// DeleteLabel checks to see if the authorizer on context has write access to the label provided. // DeleteLabel checks to see if the authorizer on context has write access to the label provided.
func (s *LabelService) DeleteLabel(ctx context.Context, id influxdb.ID) error { func (s *LabelService) DeleteLabel(ctx context.Context, id platform.ID) error {
l, err := s.s.FindLabelByID(ctx, id) l, err := s.s.FindLabelByID(ctx, id)
if err != nil { if err != nil {
return err return err

82
authorizer/label_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -21,7 +23,7 @@ const (
var ( var (
orgOneInfluxID = influxdbtesting.MustIDBase16(orgOneID) orgOneInfluxID = influxdbtesting.MustIDBase16(orgOneID)
orgSvc = &mock.OrganizationService{ orgSvc = &mock.OrganizationService{
FindResourceOrganizationIDF: func(_ context.Context, _ influxdb.ResourceType, _ influxdb.ID) (influxdb.ID, error) { FindResourceOrganizationIDF: func(_ context.Context, _ influxdb.ResourceType, _ platform.ID) (platform.ID, error) {
return orgOneInfluxID, nil return orgOneInfluxID, nil
}, },
} }
@ -46,7 +48,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -62,7 +64,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: id, ID: id,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -88,7 +90,7 @@ func TestLabelService_FindLabelByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: id, ID: id,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -107,9 +109,9 @@ func TestLabelService_FindLabelByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized", Msg: "read:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -292,7 +294,7 @@ func TestLabelService_UpdateLabel(t *testing.T) {
LabelService influxdb.LabelService LabelService influxdb.LabelService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -309,13 +311,13 @@ func TestLabelService_UpdateLabel(t *testing.T) {
name: "authorized to update label", name: "authorized to update label",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
}, nil }, nil
}, },
UpdateLabelFn: func(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) { UpdateLabelFn: func(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -343,13 +345,13 @@ func TestLabelService_UpdateLabel(t *testing.T) {
name: "unauthorized to update label", name: "unauthorized to update label",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
}, nil }, nil
}, },
UpdateLabelFn: func(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) { UpdateLabelFn: func(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -370,9 +372,9 @@ func TestLabelService_UpdateLabel(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized", Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -396,7 +398,7 @@ func TestLabelService_DeleteLabel(t *testing.T) {
LabelService influxdb.LabelService LabelService influxdb.LabelService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -413,13 +415,13 @@ func TestLabelService_DeleteLabel(t *testing.T) {
name: "authorized to delete label", name: "authorized to delete label",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
}, nil }, nil
}, },
DeleteLabelFn: func(ctx context.Context, id influxdb.ID) error { DeleteLabelFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -445,13 +447,13 @@ func TestLabelService_DeleteLabel(t *testing.T) {
name: "unauthorized to delete label", name: "unauthorized to delete label",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
}, nil }, nil
}, },
DeleteLabelFn: func(ctx context.Context, id influxdb.ID) error { DeleteLabelFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -470,9 +472,9 @@ func TestLabelService_DeleteLabel(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized", Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -527,9 +529,9 @@ func TestLabelService_CreateLabel(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels is unauthorized", Msg: "write:orgs/020f755c3c083000/labels is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -551,9 +553,9 @@ func TestLabelService_CreateLabel(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels is unauthorized", Msg: "write:orgs/020f755c3c083000/labels is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -806,9 +808,9 @@ func TestLabelService_FindResourceLabels(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/020f755c3c083000/buckets/000000000000000a is unauthorized", Msg: "read:orgs/020f755c3c083000/buckets/000000000000000a is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -853,7 +855,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "authorized to create label mapping", name: "authorized to create label mapping",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -894,7 +896,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "unauthorized to create label mapping for resources on which the user does not have write access", name: "unauthorized to create label mapping for resources on which the user does not have write access",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -921,8 +923,8 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized", Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized",
}, },
}, },
@ -931,7 +933,7 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
name: "unauthorized to create label mapping", name: "unauthorized to create label mapping",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -958,9 +960,9 @@ func TestLabelService_CreateLabelMapping(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized", Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -1001,7 +1003,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "authorized to delete label mapping", name: "authorized to delete label mapping",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -1042,7 +1044,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "unauthorized to delete label mapping containing a resources on which the user does not have write access", name: "unauthorized to delete label mapping containing a resources on which the user does not have write access",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -1069,8 +1071,8 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized", Msg: "write:orgs/020f755c3c083000/buckets/0000000000000002 is unauthorized",
}, },
}, },
@ -1079,7 +1081,7 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
name: "unauthorized to delete label mapping", name: "unauthorized to delete label mapping",
fields: fields{ fields: fields{
LabelService: &mock.LabelService{ LabelService: &mock.LabelService{
FindLabelByIDFn: func(ctc context.Context, id influxdb.ID) (*influxdb.Label, error) { FindLabelByIDFn: func(ctc context.Context, id platform.ID) (*influxdb.Label, error) {
return &influxdb.Label{ return &influxdb.Label{
ID: 1, ID: 1,
OrgID: orgOneInfluxID, OrgID: orgOneInfluxID,
@ -1106,9 +1108,9 @@ func TestLabelService_DeleteLabelMapping(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized", Msg: "write:orgs/020f755c3c083000/labels/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

17
authorizer/notification_endpoint.go
View File

@ -3,6 +3,9 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -30,7 +33,7 @@ func NewNotificationEndpointService(
} }
// FindNotificationEndpointByID checks to see if the authorizer on context has read access to the id provided. // FindNotificationEndpointByID checks to see if the authorizer on context has read access to the id provided.
func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
edp, err := s.s.FindNotificationEndpointByID(ctx, id) edp, err := s.s.FindNotificationEndpointByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -45,8 +48,8 @@ func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.C
func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Context, filter influxdb.NotificationEndpointFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationEndpoint, int, error) { func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Context, filter influxdb.NotificationEndpointFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationEndpoint, int, error) {
// TODO: This is a temporary fix as to not fetch the entire collection when no filter is provided. // TODO: This is a temporary fix as to not fetch the entire collection when no filter is provided.
if !filter.UserID.Valid() && filter.OrgID == nil { if !filter.UserID.Valid() && filter.OrgID == nil {
return nil, 0, &influxdb.Error{ return nil, 0, &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: "cannot process a request without a org or user filter", Msg: "cannot process a request without a org or user filter",
} }
} }
@ -61,7 +64,7 @@ func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Cont
} }
// CreateNotificationEndpoint checks to see if the authorizer on context has write access to the global notification endpoint resource. // CreateNotificationEndpoint checks to see if the authorizer on context has write access to the global notification endpoint resource.
func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID influxdb.ID) error { func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationEndpointResourceType, edp.GetOrgID()); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationEndpointResourceType, edp.GetOrgID()); err != nil {
return err return err
} }
@ -69,7 +72,7 @@ func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Con
} }
// UpdateNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided. // UpdateNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) { func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id) edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -81,7 +84,7 @@ func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Con
} }
// PatchNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided. // PatchNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) { func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id) edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -93,7 +96,7 @@ func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Cont
} }
// DeleteNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided. // DeleteNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.
func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) { func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
edp, err := s.FindNotificationEndpointByID(ctx, id) edp, err := s.FindNotificationEndpointByID(ctx, id)
if err != nil { if err != nil {
return nil, 0, err return nil, 0, err

78
authorizer/notification_endpoint_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -34,7 +36,7 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -50,8 +52,8 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
name: "authorized to access id with org", name: "authorized to access id with org",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
orgID := influxdb.ID(10) orgID := platform.ID(10)
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: &id, ID: &id,
@ -79,8 +81,8 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
orgID := influxdb.ID(10) orgID := platform.ID(10)
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: &id, ID: &id,
@ -101,9 +103,9 @@ func TestNotificationEndpointService_FindNotificationEndpointByID(t *testing.T)
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -199,7 +201,7 @@ func TestNotificationEndpointService_FindNotificationEndpoints(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission})) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission}))
oid := influxdb.ID(10) oid := platform.ID(10)
edps, _, err := s.FindNotificationEndpoints(ctx, influxdb.NotificationEndpointFilter{OrgID: &oid}) edps, _, err := s.FindNotificationEndpoints(ctx, influxdb.NotificationEndpointFilter{OrgID: &oid})
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
@ -215,7 +217,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService NotificationEndpointService influxdb.NotificationEndpointService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -232,7 +234,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
name: "authorized to update notificationEndpoint with org owner", name: "authorized to update notificationEndpoint with org owner",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -240,7 +242,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) { UpdateNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -277,7 +279,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
name: "unauthorized to update notificationEndpoint", name: "unauthorized to update notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -285,7 +287,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error) { UpdateNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -308,9 +310,9 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -325,7 +327,7 @@ func TestNotificationEndpointService_UpdateNotificationEndpoint(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions)) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateNotificationEndpoint(ctx, tt.args.id, &endpoint.Slack{}, influxdb.ID(1)) _, err := s.UpdateNotificationEndpoint(ctx, tt.args.id, &endpoint.Slack{}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }
@ -336,7 +338,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService NotificationEndpointService influxdb.NotificationEndpointService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -353,7 +355,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
name: "authorized to patch notificationEndpoint", name: "authorized to patch notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -361,7 +363,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) { PatchNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -398,7 +400,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
name: "unauthorized to patch notificationEndpoint", name: "unauthorized to patch notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -406,7 +408,7 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchNotificationEndpointF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) { PatchNotificationEndpointF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -429,9 +431,9 @@ func TestNotificationEndpointService_PatchNotificationEndpoint(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -456,7 +458,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
NotificationEndpointService influxdb.NotificationEndpointService NotificationEndpointService influxdb.NotificationEndpointService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -473,7 +475,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
name: "authorized to delete notificationEndpoint", name: "authorized to delete notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -481,7 +483,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteNotificationEndpointF: func(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) { DeleteNotificationEndpointF: func(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
return nil, 0, nil return nil, 0, nil
}, },
}, },
@ -513,7 +515,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
name: "unauthorized to delete notificationEndpoint", name: "unauthorized to delete notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
FindNotificationEndpointByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error) { FindNotificationEndpointByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationEndpoint, error) {
return &endpoint.Slack{ return &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
ID: idPtr(1), ID: idPtr(1),
@ -521,7 +523,7 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteNotificationEndpointF: func(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error) { DeleteNotificationEndpointF: func(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error) {
return nil, 0, nil return nil, 0, nil
}, },
}, },
@ -539,9 +541,9 @@ func TestNotificationEndpointService_DeleteNotificationEndpoint(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationEndpoints/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -568,7 +570,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -584,7 +586,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "authorized to create notificationEndpoint", name: "authorized to create notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error { CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -607,7 +609,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "authorized to create notificationEndpoint with org owner", name: "authorized to create notificationEndpoint with org owner",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error { CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -630,7 +632,7 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
name: "unauthorized to create notificationEndpoint", name: "unauthorized to create notificationEndpoint",
fields: fields{ fields: fields{
NotificationEndpointService: &mock.NotificationEndpointService{ NotificationEndpointService: &mock.NotificationEndpointService{
CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID influxdb.ID) error { CreateNotificationEndpointF: func(ctx context.Context, tc influxdb.NotificationEndpoint, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -646,9 +648,9 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationEndpoints is unauthorized", Msg: "write:orgs/000000000000000a/notificationEndpoints is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -666,12 +668,12 @@ func TestNotificationEndpointService_CreateNotificationEndpoint(t *testing.T) {
err := s.CreateNotificationEndpoint(ctx, &endpoint.Slack{ err := s.CreateNotificationEndpoint(ctx, &endpoint.Slack{
Base: endpoint.Base{ Base: endpoint.Base{
OrgID: idPtr(tt.args.orgID)}, OrgID: idPtr(tt.args.orgID)},
}, influxdb.ID(1)) }, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }
} }
func idPtr(id influxdb.ID) *influxdb.ID { func idPtr(id platform.ID) *platform.ID {
return &id return &id
} }

12
authorizer/notification_rule.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -26,7 +28,7 @@ func NewNotificationRuleStore(s influxdb.NotificationRuleStore, urm influxdb.Use
} }
// FindNotificationRuleByID checks to see if the authorizer on context has read access to the id provided. // FindNotificationRuleByID checks to see if the authorizer on context has read access to the id provided.
func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
nr, err := s.s.FindNotificationRuleByID(ctx, id) nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -49,7 +51,7 @@ func (s *NotificationRuleStore) FindNotificationRules(ctx context.Context, filte
} }
// CreateNotificationRule checks to see if the authorizer on context has write access to the global notification rule resource. // CreateNotificationRule checks to see if the authorizer on context has write access to the global notification rule resource.
func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID influxdb.ID) error { func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationRuleResourceType, nr.GetOrgID()); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.NotificationRuleResourceType, nr.GetOrgID()); err != nil {
return err return err
} }
@ -57,7 +59,7 @@ func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr i
} }
// UpdateNotificationRule checks to see if the authorizer on context has write access to the notification rule provided. // UpdateNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) { func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
nr, err := s.FindNotificationRuleByID(ctx, id) nr, err := s.FindNotificationRuleByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -69,7 +71,7 @@ func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id i
} }
// PatchNotificationRule checks to see if the authorizer on context has write access to the notification rule provided. // PatchNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) { func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
nr, err := s.s.FindNotificationRuleByID(ctx, id) nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -81,7 +83,7 @@ func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id in
} }
// DeleteNotificationRule checks to see if the authorizer on context has write access to the notification rule provided. // DeleteNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.
func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id influxdb.ID) error { func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id platform.ID) error {
nr, err := s.s.FindNotificationRuleByID(ctx, id) nr, err := s.s.FindNotificationRuleByID(ctx, id)
if err != nil { if err != nil {
return err return err

68
authorizer/notification_rule_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -34,7 +36,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -50,7 +52,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: id, ID: id,
@ -78,7 +80,7 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: id, ID: id,
@ -99,9 +101,9 @@ func TestNotificationRuleStore_FindNotificationRuleByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -275,7 +277,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore NotificationRuleStore influxdb.NotificationRuleStore
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -292,7 +294,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
name: "authorized to update notificationRule", name: "authorized to update notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -300,7 +302,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) { UpdateNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -337,7 +339,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
name: "unauthorized to update notificationRule", name: "unauthorized to update notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -345,7 +347,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
UpdateNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error) { UpdateNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -368,9 +370,9 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -388,7 +390,7 @@ func TestNotificationRuleStore_UpdateNotificationRule(t *testing.T) {
Status: influxdb.Active, Status: influxdb.Active,
} }
_, err := s.UpdateNotificationRule(ctx, tt.args.id, nrc, influxdb.ID(1)) _, err := s.UpdateNotificationRule(ctx, tt.args.id, nrc, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }
@ -399,7 +401,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore NotificationRuleStore influxdb.NotificationRuleStore
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -416,7 +418,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
name: "authorized to patch notificationRule", name: "authorized to patch notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -424,7 +426,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) { PatchNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -461,7 +463,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
name: "unauthorized to patch notificationRule", name: "unauthorized to patch notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -469,7 +471,7 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
PatchNotificationRuleF: func(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) { PatchNotificationRuleF: func(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -492,9 +494,9 @@ func TestNotificationRuleStore_PatchNotificationRule(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -518,7 +520,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
NotificationRuleStore influxdb.NotificationRuleStore NotificationRuleStore influxdb.NotificationRuleStore
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -535,7 +537,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
name: "authorized to delete notificationRule", name: "authorized to delete notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -543,7 +545,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteNotificationRuleF: func(ctx context.Context, id influxdb.ID) error { DeleteNotificationRuleF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -575,7 +577,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
name: "unauthorized to delete notificationRule", name: "unauthorized to delete notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
FindNotificationRuleByIDF: func(ctc context.Context, id influxdb.ID) (influxdb.NotificationRule, error) { FindNotificationRuleByIDF: func(ctc context.Context, id platform.ID) (influxdb.NotificationRule, error) {
return &rule.Slack{ return &rule.Slack{
Base: rule.Base{ Base: rule.Base{
ID: 1, ID: 1,
@ -583,7 +585,7 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
}, },
}, nil }, nil
}, },
DeleteNotificationRuleF: func(ctx context.Context, id influxdb.ID) error { DeleteNotificationRuleF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -601,9 +603,9 @@ func TestNotificationRuleStore_DeleteNotificationRule(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/notificationRules/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -628,7 +630,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -644,7 +646,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
name: "authorized to create notificationRule", name: "authorized to create notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID influxdb.ID) error { CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -667,7 +669,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
name: "unauthorized to create notificationRule", name: "unauthorized to create notificationRule",
fields: fields{ fields: fields{
NotificationRuleStore: &mock.NotificationRuleStore{ NotificationRuleStore: &mock.NotificationRuleStore{
CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID influxdb.ID) error { CreateNotificationRuleF: func(ctx context.Context, tc influxdb.NotificationRuleCreate, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -683,9 +685,9 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/notificationRules is unauthorized", Msg: "write:orgs/000000000000000a/notificationRules is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -708,7 +710,7 @@ func TestNotificationRuleStore_CreateNotificationRule(t *testing.T) {
Status: influxdb.Active, Status: influxdb.Active,
} }
err := s.CreateNotificationRule(ctx, nrc, influxdb.ID(1)) err := s.CreateNotificationRule(ctx, nrc, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }

8
authorizer/org.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
icontext "github.com/influxdata/influxdb/v2/context" icontext "github.com/influxdata/influxdb/v2/context"
) )
@ -23,7 +25,7 @@ func NewOrgService(s influxdb.OrganizationService) *OrgService {
} }
// FindOrganizationByID checks to see if the authorizer on context has read access to the id provided. // FindOrganizationByID checks to see if the authorizer on context has read access to the id provided.
func (s *OrgService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { func (s *OrgService) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
if _, _, err := AuthorizeReadOrg(ctx, id); err != nil { if _, _, err := AuthorizeReadOrg(ctx, id); err != nil {
return nil, err return nil, err
} }
@ -74,7 +76,7 @@ func (s *OrgService) CreateOrganization(ctx context.Context, o *influxdb.Organiz
} }
// UpdateOrganization checks to see if the authorizer on context has write access to the organization provided. // UpdateOrganization checks to see if the authorizer on context has write access to the organization provided.
func (s *OrgService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) { func (s *OrgService) UpdateOrganization(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil { if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil {
return nil, err return nil, err
} }
@ -82,7 +84,7 @@ func (s *OrgService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd
} }
// DeleteOrganization checks to see if the authorizer on context has write access to the organization provided. // DeleteOrganization checks to see if the authorizer on context has write access to the organization provided.
func (s *OrgService) DeleteOrganization(ctx context.Context, id influxdb.ID) error { func (s *OrgService) DeleteOrganization(ctx context.Context, id platform.ID) error {
if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil { if _, _, err := AuthorizeWriteOrg(ctx, id); err != nil {
return err return err
} }

40
authorizer/org_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
}, nil }, nil
@ -74,7 +76,7 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
FindOrganizationByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: id, ID: id,
}, nil }, nil
@ -92,9 +94,9 @@ func TestOrgService_FindOrganizationByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/0000000000000001 is unauthorized", Msg: "read:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -174,9 +176,9 @@ func TestOrgService_FindOrganization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/0000000000000001 is unauthorized", Msg: "read:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -314,7 +316,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
OrgService influxdb.OrganizationService OrgService influxdb.OrganizationService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permission influxdb.Permission permission influxdb.Permission
} }
type wants struct { type wants struct {
@ -331,7 +333,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
name: "authorized to update org", name: "authorized to update org",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
UpdateOrganizationF: func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) { UpdateOrganizationF: func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: 1, ID: 1,
}, nil }, nil
@ -356,7 +358,7 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
name: "unauthorized to update org", name: "unauthorized to update org",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
UpdateOrganizationF: func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) { UpdateOrganizationF: func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
return &influxdb.Organization{ return &influxdb.Organization{
ID: 1, ID: 1,
}, nil }, nil
@ -374,9 +376,9 @@ func TestOrgService_UpdateOrganization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001 is unauthorized", Msg: "write:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -400,7 +402,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
OrgService influxdb.OrganizationService OrgService influxdb.OrganizationService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permission influxdb.Permission permission influxdb.Permission
} }
type wants struct { type wants struct {
@ -417,7 +419,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
name: "authorized to delete org", name: "authorized to delete org",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
DeleteOrganizationF: func(ctx context.Context, id influxdb.ID) error { DeleteOrganizationF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -440,7 +442,7 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
name: "unauthorized to delete org", name: "unauthorized to delete org",
fields: fields{ fields: fields{
OrgService: &mock.OrganizationService{ OrgService: &mock.OrganizationService{
DeleteOrganizationF: func(ctx context.Context, id influxdb.ID) error { DeleteOrganizationF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -456,9 +458,9 @@ func TestOrgService_DeleteOrganization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001 is unauthorized", Msg: "write:orgs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -534,9 +536,9 @@ func TestOrgService_CreateOrganization(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs is unauthorized", Msg: "write:orgs is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

8
authorizer/password.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -17,7 +19,7 @@ func NewPasswordService(svc influxdb.PasswordsService) *PasswordService {
} }
// SetPassword overrides the password of a known user. // SetPassword overrides the password of a known user.
func (s *PasswordService) SetPassword(ctx context.Context, userID influxdb.ID, password string) error { func (s *PasswordService) SetPassword(ctx context.Context, userID platform.ID, password string) error {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, userID); err != nil { if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, userID); err != nil {
return err return err
} }
@ -26,12 +28,12 @@ func (s *PasswordService) SetPassword(ctx context.Context, userID influxdb.ID, p
// ComparePassword checks if the password matches the password recorded. // ComparePassword checks if the password matches the password recorded.
// Passwords that do not match return errors. // Passwords that do not match return errors.
func (s *PasswordService) ComparePassword(ctx context.Context, userID influxdb.ID, password string) error { func (s *PasswordService) ComparePassword(ctx context.Context, userID platform.ID, password string) error {
panic("not implemented") panic("not implemented")
} }
// CompareAndSetPassword checks the password and if they match // CompareAndSetPassword checks the password and if they match
// updates to the new password. // updates to the new password.
func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID influxdb.ID, old string, new string) error { func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID platform.ID, old string, new string) error {
panic("not implemented") panic("not implemented")
} }

11
authorizer/password_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing" "testing"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
@ -14,7 +15,7 @@ import (
func TestPasswordService(t *testing.T) { func TestPasswordService(t *testing.T) {
t.Run("SetPassword", func(t *testing.T) { t.Run("SetPassword", func(t *testing.T) {
t.Run("user with permissions should proceed", func(t *testing.T) { t.Run("user with permissions should proceed", func(t *testing.T) {
userID := influxdb.ID(1) userID := platform.ID(1)
permission := influxdb.Permission{ permission := influxdb.Permission{
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
@ -25,7 +26,7 @@ func TestPasswordService(t *testing.T) {
} }
fakeSVC := mock.NewPasswordsService() fakeSVC := mock.NewPasswordsService()
fakeSVC.SetPasswordFn = func(_ context.Context, _ influxdb.ID, _ string) error { fakeSVC.SetPasswordFn = func(_ context.Context, _ platform.ID, _ string) error {
return nil return nil
} }
s := authorizer.NewPasswordService(fakeSVC) s := authorizer.NewPasswordService(fakeSVC)
@ -37,8 +38,8 @@ func TestPasswordService(t *testing.T) {
}) })
t.Run("user without permissions should proceed", func(t *testing.T) { t.Run("user without permissions should proceed", func(t *testing.T) {
goodUserID := influxdb.ID(1) goodUserID := platform.ID(1)
badUserID := influxdb.ID(3) badUserID := platform.ID(3)
tests := []struct { tests := []struct {
name string name string
@ -82,7 +83,7 @@ func TestPasswordService(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
fn := func(t *testing.T) { fn := func(t *testing.T) {
fakeSVC := &mock.PasswordsService{ fakeSVC := &mock.PasswordsService{
SetPasswordFn: func(_ context.Context, _ influxdb.ID, _ string) error { SetPasswordFn: func(_ context.Context, _ platform.ID, _ string) error {
return nil return nil
}, },
} }

4
authorizer/restore.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"io" "io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing" "github.com/influxdata/influxdb/v2/kit/tracing"
) )
@ -33,7 +35,7 @@ func (b RestoreService) RestoreKVStore(ctx context.Context, r io.Reader) error {
return b.s.RestoreKVStore(ctx, r) return b.s.RestoreKVStore(ctx, r)
} }
func (b RestoreService) RestoreBucket(ctx context.Context, id influxdb.ID, dbi []byte) (shardIDMap map[uint64]uint64, err error) { func (b RestoreService) RestoreBucket(ctx context.Context, id platform.ID, dbi []byte) (shardIDMap map[uint64]uint64, err error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()

10
authorizer/scraper.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -28,7 +30,7 @@ func NewScraperTargetStoreService(s influxdb.ScraperTargetStoreService,
} }
// GetTargetByID checks to see if the authorizer on context has read access to the id provided. // GetTargetByID checks to see if the authorizer on context has read access to the id provided.
func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
st, err := s.s.GetTargetByID(ctx, id) st, err := s.s.GetTargetByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -52,7 +54,7 @@ func (s *ScraperTargetStoreService) ListTargets(ctx context.Context, filter infl
} }
// AddTarget checks to see if the authorizer on context has write access to the global scraper target resource. // AddTarget checks to see if the authorizer on context has write access to the global scraper target resource.
func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error { func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.ScraperResourceType, st.OrgID); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.ScraperResourceType, st.OrgID); err != nil {
return err return err
} }
@ -63,7 +65,7 @@ func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.
} }
// UpdateTarget checks to see if the authorizer on context has write access to the scraper target provided. // UpdateTarget checks to see if the authorizer on context has write access to the scraper target provided.
func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) { func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
st, err := s.s.GetTargetByID(ctx, upd.ID) st, err := s.s.GetTargetByID(ctx, upd.ID)
if err != nil { if err != nil {
return nil, err return nil, err
@ -78,7 +80,7 @@ func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influ
} }
// RemoveTarget checks to see if the authorizer on context has write access to the scraper target provided. // RemoveTarget checks to see if the authorizer on context has write access to the scraper target provided.
func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id influxdb.ID) error { func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id platform.ID) error {
st, err := s.s.GetTargetByID(ctx, id) st, err := s.s.GetTargetByID(ctx, id)
if err != nil { if err != nil {
return err return err

72
authorizer/scraper_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -75,7 +77,7 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -94,9 +96,9 @@ func TestScraperTargetStoreService_GetTargetByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -249,8 +251,8 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
ScraperTargetStoreService influxdb.ScraperTargetStoreService ScraperTargetStoreService influxdb.ScraperTargetStoreService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
bucketID influxdb.ID bucketID platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -267,14 +269,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "authorized to update scraper", name: "authorized to update scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
BucketID: 100, BucketID: 100,
}, nil }, nil
}, },
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) { UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -318,14 +320,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "unauthorized to update scraper", name: "unauthorized to update scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
BucketID: 100, BucketID: 100,
}, nil }, nil
}, },
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) { UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -348,9 +350,9 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -358,14 +360,14 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
name: "unauthorized to write to bucket", name: "unauthorized to write to bucket",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
BucketID: 100, BucketID: 100,
}, nil }, nil
}, },
UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error) { UpdateTargetF: func(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -388,9 +390,9 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized", Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -404,7 +406,7 @@ func TestScraperTargetStoreService_UpdateTarget(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions)) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateTarget(ctx, &influxdb.ScraperTarget{ID: tt.args.id, BucketID: tt.args.bucketID}, influxdb.ID(1)) _, err := s.UpdateTarget(ctx, &influxdb.ScraperTarget{ID: tt.args.id, BucketID: tt.args.bucketID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }
@ -415,7 +417,7 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
ScraperTargetStoreService influxdb.ScraperTargetStoreService ScraperTargetStoreService influxdb.ScraperTargetStoreService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -432,13 +434,13 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
name: "authorized to delete scraper", name: "authorized to delete scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
RemoveTargetF: func(ctx context.Context, id influxdb.ID) error { RemoveTargetF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -470,13 +472,13 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
name: "unauthorized to delete scraper", name: "unauthorized to delete scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
GetTargetByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error) { GetTargetByIDF: func(ctc context.Context, id platform.ID) (*influxdb.ScraperTarget, error) {
return &influxdb.ScraperTarget{ return &influxdb.ScraperTarget{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
RemoveTargetF: func(ctx context.Context, id influxdb.ID) error { RemoveTargetF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -494,9 +496,9 @@ func TestScraperTargetStoreService_RemoveTarget(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/scrapers/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -522,8 +524,8 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
} }
type args struct { type args struct {
permissions []influxdb.Permission permissions []influxdb.Permission
orgID influxdb.ID orgID platform.ID
bucketID influxdb.ID bucketID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -539,7 +541,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "authorized to create scraper", name: "authorized to create scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error { AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -572,7 +574,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "unauthorized to create scraper", name: "unauthorized to create scraper",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error { AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -598,9 +600,9 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/scrapers is unauthorized", Msg: "write:orgs/000000000000000a/scrapers is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -608,7 +610,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
name: "unauthorized to write to bucket", name: "unauthorized to write to bucket",
fields: fields{ fields: fields{
ScraperTargetStoreService: &mock.ScraperTargetStoreService{ ScraperTargetStoreService: &mock.ScraperTargetStoreService{
AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error { AddTargetF: func(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -634,9 +636,9 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized", Msg: "write:orgs/000000000000000a/buckets/0000000000000064 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -650,7 +652,7 @@ func TestScraperTargetStoreService_AddTarget(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions)) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
err := s.AddTarget(ctx, &influxdb.ScraperTarget{OrgID: tt.args.orgID, BucketID: tt.args.bucketID}, influxdb.ID(1)) err := s.AddTarget(ctx, &influxdb.ScraperTarget{OrgID: tt.args.orgID, BucketID: tt.args.bucketID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }

14
authorizer/secret.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -22,7 +24,7 @@ func NewSecretService(s influxdb.SecretService) *SecretService {
} }
// LoadSecret checks to see if the authorizer on context has read access to the secret key provided. // LoadSecret checks to see if the authorizer on context has read access to the secret key provided.
func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, key string) (string, error) { func (s *SecretService) LoadSecret(ctx context.Context, orgID platform.ID, key string) (string, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return "", err return "", err
} }
@ -34,7 +36,7 @@ func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, key s
} }
// GetSecretKeys checks to see if the authorizer on context has read access to all the secrets belonging to orgID. // GetSecretKeys checks to see if the authorizer on context has read access to all the secrets belonging to orgID.
func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([]string, error) { func (s *SecretService) GetSecretKeys(ctx context.Context, orgID platform.ID) ([]string, error) {
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return []string{}, err return []string{}, err
} }
@ -46,7 +48,7 @@ func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([
} }
// PutSecret checks to see if the authorizer on context has write access to the secret key provided. // PutSecret checks to see if the authorizer on context has write access to the secret key provided.
func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, key string, val string) error { func (s *SecretService) PutSecret(ctx context.Context, orgID platform.ID, key string, val string) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err return err
} }
@ -58,7 +60,7 @@ func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, key st
} }
// PutSecrets checks to see if the authorizer on context has read and write access to the secret keys provided. // PutSecrets checks to see if the authorizer on context has read and write access to the secret keys provided.
func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error { func (s *SecretService) PutSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error {
// PutSecrets operates on intersection between m and keys beloging to orgID. // PutSecrets operates on intersection between m and keys beloging to orgID.
// We need to have read access to those secrets since it deletes the secrets (within the intersection) that have not be overridden. // We need to have read access to those secrets since it deletes the secrets (within the intersection) that have not be overridden.
if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeOrgReadResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
@ -75,7 +77,7 @@ func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map
} }
// PatchSecrets checks to see if the authorizer on context has write access to the secret keys provided. // PatchSecrets checks to see if the authorizer on context has write access to the secret keys provided.
func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error { func (s *SecretService) PatchSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error {
if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err return err
} }
@ -87,7 +89,7 @@ func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m m
} }
// DeleteSecret checks to see if the authorizer on context has write access to the secret keys provided. // DeleteSecret checks to see if the authorizer on context has write access to the secret keys provided.
func (s *SecretService) DeleteSecret(ctx context.Context, orgID influxdb.ID, keys ...string) error { func (s *SecretService) DeleteSecret(ctx context.Context, orgID platform.ID, keys ...string) error {
if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil { if _, _, err := AuthorizeOrgWriteResource(ctx, influxdb.SecretsResourceType, orgID); err != nil {
return err return err
} }

130
authorizer/secret_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"testing" "testing"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
@ -25,7 +27,7 @@ func TestSecretService_LoadSecret(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
org influxdb.ID org platform.ID
key string key string
} }
type wants struct { type wants struct {
@ -42,12 +44,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "authorized to access secret within org", name: "authorized to access secret within org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) { LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" { if k == "key" {
return "val", nil return "val", nil
} }
return "", &influxdb.Error{ return "", &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound, Msg: influxdb.ErrSecretNotFound,
} }
}, },
@ -62,7 +64,7 @@ func TestSecretService_LoadSecret(t *testing.T) {
}, },
}, },
key: "key", key: "key",
org: influxdb.ID(10), org: platform.ID(10),
}, },
wants: wants{ wants: wants{
err: nil, err: nil,
@ -72,12 +74,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "cannot access not existing secret", name: "cannot access not existing secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) { LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" { if k == "key" {
return "val", nil return "val", nil
} }
return "", &influxdb.Error{ return "", &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound, Msg: influxdb.ErrSecretNotFound,
} }
}, },
@ -92,11 +94,11 @@ func TestSecretService_LoadSecret(t *testing.T) {
}, },
}, },
key: "not existing", key: "not existing",
org: influxdb.ID(10), org: platform.ID(10),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound, Msg: influxdb.ErrSecretNotFound,
}, },
}, },
@ -105,12 +107,12 @@ func TestSecretService_LoadSecret(t *testing.T) {
name: "unauthorized to access secret within org", name: "unauthorized to access secret within org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
LoadSecretFn: func(ctx context.Context, orgID influxdb.ID, k string) (string, error) { LoadSecretFn: func(ctx context.Context, orgID platform.ID, k string) (string, error) {
if k == "key" { if k == "key" {
return "val", nil return "val", nil
} }
return "", &influxdb.Error{ return "", &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: influxdb.ErrSecretNotFound, Msg: influxdb.ErrSecretNotFound,
} }
}, },
@ -124,13 +126,13 @@ func TestSecretService_LoadSecret(t *testing.T) {
ID: influxdbtesting.IDPtr(10), ID: influxdbtesting.IDPtr(10),
}, },
}, },
org: influxdb.ID(2), org: platform.ID(2),
key: "key", key: "key",
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/0000000000000002/secrets is unauthorized", Msg: "read:orgs/0000000000000002/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -155,7 +157,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
org influxdb.ID org platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -172,7 +174,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "authorized to see all secrets within an org", name: "authorized to see all secrets within an org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) { GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string{ return []string{
"0000000000000001secret1", "0000000000000001secret1",
"0000000000000001secret2", "0000000000000001secret2",
@ -189,7 +191,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(1), OrgID: influxdbtesting.IDPtr(1),
}, },
}, },
org: influxdb.ID(1), org: platform.ID(1),
}, },
wants: wants{ wants: wants{
secrets: []string{ secrets: []string{
@ -203,7 +205,7 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "unauthorized to see all secrets within an org", name: "unauthorized to see all secrets within an org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) { GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string{ return []string{
"0000000000000002secret1", "0000000000000002secret1",
"0000000000000002secret2", "0000000000000002secret2",
@ -220,11 +222,11 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(1), OrgID: influxdbtesting.IDPtr(1),
}, },
}, },
org: influxdb.ID(2), org: platform.ID(2),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
Msg: "read:orgs/0000000000000002/secrets is unauthorized", Msg: "read:orgs/0000000000000002/secrets is unauthorized",
}, },
secrets: []string{}, secrets: []string{},
@ -234,9 +236,9 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
name: "errors when there are not secret into an org", name: "errors when there are not secret into an org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
GetSecretKeysFn: func(ctx context.Context, orgID influxdb.ID) ([]string, error) { GetSecretKeysFn: func(ctx context.Context, orgID platform.ID) ([]string, error) {
return []string(nil), &influxdb.Error{ return []string(nil), &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "organization has no secret keys", Msg: "organization has no secret keys",
} }
}, },
@ -250,11 +252,11 @@ func TestSecretService_GetSecretKeys(t *testing.T) {
OrgID: influxdbtesting.IDPtr(10), OrgID: influxdbtesting.IDPtr(10),
}, },
}, },
org: influxdb.ID(10), org: platform.ID(10),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "organization has no secret keys", Msg: "organization has no secret keys",
}, },
secrets: []string{}, secrets: []string{},
@ -284,7 +286,7 @@ func TestSecretService_PatchSecrets(t *testing.T) {
SecretService influxdb.SecretService SecretService influxdb.SecretService
} }
type args struct { type args struct {
org influxdb.ID org platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -301,13 +303,13 @@ func TestSecretService_PatchSecrets(t *testing.T) {
name: "authorized to patch secrets", name: "authorized to patch secrets",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PatchSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PatchSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
org: influxdb.ID(1), org: platform.ID(1),
permissions: []influxdb.Permission{ permissions: []influxdb.Permission{
{ {
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
@ -326,13 +328,13 @@ func TestSecretService_PatchSecrets(t *testing.T) {
name: "unauthorized to update secret", name: "unauthorized to update secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PatchSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PatchSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
org: influxdb.ID(1), org: platform.ID(1),
permissions: []influxdb.Permission{ permissions: []influxdb.Permission{
{ {
Action: influxdb.ReadAction, Action: influxdb.ReadAction,
@ -344,9 +346,9 @@ func TestSecretService_PatchSecrets(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000001/secrets is unauthorized", Msg: "write:orgs/0000000000000001/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -371,7 +373,7 @@ func TestSecretService_DeleteSecret(t *testing.T) {
SecretService influxdb.SecretService SecretService influxdb.SecretService
} }
type args struct { type args struct {
org influxdb.ID org platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -388,13 +390,13 @@ func TestSecretService_DeleteSecret(t *testing.T) {
name: "authorized to delete secret", name: "authorized to delete secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
DeleteSecretFn: func(ctx context.Context, orgID influxdb.ID, keys ...string) error { DeleteSecretFn: func(ctx context.Context, orgID platform.ID, keys ...string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
org: influxdb.ID(1), org: platform.ID(1),
permissions: []influxdb.Permission{ permissions: []influxdb.Permission{
{ {
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
@ -413,7 +415,7 @@ func TestSecretService_DeleteSecret(t *testing.T) {
name: "unauthorized to delete secret", name: "unauthorized to delete secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
DeleteSecretFn: func(ctx context.Context, orgID influxdb.ID, keys ...string) error { DeleteSecretFn: func(ctx context.Context, orgID platform.ID, keys ...string) error {
return nil return nil
}, },
}, },
@ -431,9 +433,9 @@ func TestSecretService_DeleteSecret(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized", Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -458,7 +460,7 @@ func TestSecretService_PutSecret(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -474,13 +476,13 @@ func TestSecretService_PutSecret(t *testing.T) {
name: "authorized to put a secret", name: "authorized to put a secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error { PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
orgID: influxdb.ID(10), orgID: platform.ID(10),
permission: influxdb.Permission{ permission: influxdb.Permission{
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
Resource: influxdb.Resource{ Resource: influxdb.Resource{
@ -497,7 +499,7 @@ func TestSecretService_PutSecret(t *testing.T) {
name: "unauthorized to put a secret", name: "unauthorized to put a secret",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error { PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil return nil
}, },
}, },
@ -513,9 +515,9 @@ func TestSecretService_PutSecret(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized", Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -540,7 +542,7 @@ func TestSecretService_PutSecrets(t *testing.T) {
} }
type args struct { type args struct {
permissions []influxdb.Permission permissions []influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -556,13 +558,13 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "authorized to put secrets", name: "authorized to put secrets",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
orgID: influxdb.ID(10), orgID: platform.ID(10),
permissions: []influxdb.Permission{ permissions: []influxdb.Permission{
{ {
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
@ -588,13 +590,13 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets", name: "unauthorized to put secrets",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
}, },
args: args{ args: args{
orgID: influxdb.ID(2), orgID: platform.ID(2),
permissions: []influxdb.Permission{ permissions: []influxdb.Permission{
{ {
Action: influxdb.WriteAction, Action: influxdb.WriteAction,
@ -613,9 +615,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/0000000000000002/secrets is unauthorized", Msg: "write:orgs/0000000000000002/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -623,10 +625,10 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets without read access to their org", name: "unauthorized to put secrets without read access to their org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error { PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil return nil
}, },
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
@ -644,9 +646,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/secrets is unauthorized", Msg: "read:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -654,10 +656,10 @@ func TestSecretService_PutSecrets(t *testing.T) {
name: "unauthorized to put secrets without write access to their org", name: "unauthorized to put secrets without write access to their org",
fields: fields{ fields: fields{
SecretService: &mock.SecretService{ SecretService: &mock.SecretService{
PutSecretFn: func(ctx context.Context, orgID influxdb.ID, key string, val string) error { PutSecretFn: func(ctx context.Context, orgID platform.ID, key string, val string) error {
return nil return nil
}, },
PutSecretsFn: func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { PutSecretsFn: func(ctx context.Context, orgID platform.ID, m map[string]string) error {
return nil return nil
}, },
}, },
@ -675,9 +677,9 @@ func TestSecretService_PutSecrets(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/secrets is unauthorized", Msg: "write:orgs/000000000000000a/secrets is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

8
authorizer/source.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -34,7 +36,7 @@ func (s *SourceService) DefaultSource(ctx context.Context) (*influxdb.Source, er
} }
// FindSourceByID checks to see if the authorizer on context has read access to the id provided. // FindSourceByID checks to see if the authorizer on context has read access to the id provided.
func (s *SourceService) FindSourceByID(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { func (s *SourceService) FindSourceByID(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
src, err := s.s.FindSourceByID(ctx, id) src, err := s.s.FindSourceByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -64,7 +66,7 @@ func (s *SourceService) CreateSource(ctx context.Context, src *influxdb.Source)
} }
// UpdateSource checks to see if the authorizer on context has write access to the source provided. // UpdateSource checks to see if the authorizer on context has write access to the source provided.
func (s *SourceService) UpdateSource(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) { func (s *SourceService) UpdateSource(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
src, err := s.s.FindSourceByID(ctx, id) src, err := s.s.FindSourceByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -76,7 +78,7 @@ func (s *SourceService) UpdateSource(ctx context.Context, id influxdb.ID, upd in
} }
// DeleteSource checks to see if the authorizer on context has write access to the source provided. // DeleteSource checks to see if the authorizer on context has write access to the source provided.
func (s *SourceService) DeleteSource(ctx context.Context, id influxdb.ID) error { func (s *SourceService) DeleteSource(ctx context.Context, id platform.ID) error {
src, err := s.s.FindSourceByID(ctx, id) src, err := s.s.FindSourceByID(ctx, id)
if err != nil { if err != nil {
return err return err

50
authorizer/source_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -91,9 +93,9 @@ func TestSourceService_DefaultSource(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -118,7 +120,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -134,7 +136,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -160,7 +162,7 @@ func TestSourceService_FindSourceByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -179,9 +181,9 @@ func TestSourceService_FindSourceByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -333,7 +335,7 @@ func TestSourceService_UpdateSource(t *testing.T) {
SourceService influxdb.SourceService SourceService influxdb.SourceService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -350,13 +352,13 @@ func TestSourceService_UpdateSource(t *testing.T) {
name: "authorized to update source", name: "authorized to update source",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateSourceFn: func(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) { UpdateSourceFn: func(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -391,13 +393,13 @@ func TestSourceService_UpdateSource(t *testing.T) {
name: "unauthorized to update source", name: "unauthorized to update source",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateSourceFn: func(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) { UpdateSourceFn: func(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -418,9 +420,9 @@ func TestSourceService_UpdateSource(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -444,7 +446,7 @@ func TestSourceService_DeleteSource(t *testing.T) {
SourceService influxdb.SourceService SourceService influxdb.SourceService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -461,13 +463,13 @@ func TestSourceService_DeleteSource(t *testing.T) {
name: "authorized to delete source", name: "authorized to delete source",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteSourceFn: func(ctx context.Context, id influxdb.ID) error { DeleteSourceFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -499,13 +501,13 @@ func TestSourceService_DeleteSource(t *testing.T) {
name: "unauthorized to delete source", name: "unauthorized to delete source",
fields: fields{ fields: fields{
SourceService: &mock.SourceService{ SourceService: &mock.SourceService{
FindSourceByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.Source, error) { FindSourceByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.Source, error) {
return &influxdb.Source{ return &influxdb.Source{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteSourceFn: func(ctx context.Context, id influxdb.ID) error { DeleteSourceFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -523,9 +525,9 @@ func TestSourceService_DeleteSource(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/sources/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -550,7 +552,7 @@ func TestSourceService_CreateSource(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -605,9 +607,9 @@ func TestSourceService_CreateSource(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/sources is unauthorized", Msg: "write:orgs/000000000000000a/sources is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

27
authorizer/task.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing" "github.com/influxdata/influxdb/v2/kit/tracing"
"go.uber.org/zap" "go.uber.org/zap"
@ -20,13 +23,13 @@ func (ae *authError) AuthzError() error {
} }
var ( var (
ErrInactiveTask = &influxdb.Error{ ErrInactiveTask = &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "inactive task", Msg: "inactive task",
} }
ErrFailedPermission = &influxdb.Error{ ErrFailedPermission = &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "unauthorized", Msg: "unauthorized",
} }
) )
@ -46,7 +49,7 @@ func NewTaskService(log *zap.Logger, ts influxdb.TaskService) influxdb.TaskServi
} }
func (ts *taskServiceValidator) processPermissionError(a influxdb.Authorizer, p influxdb.Permission, err error, loggerFields ...zap.Field) error { func (ts *taskServiceValidator) processPermissionError(a influxdb.Authorizer, p influxdb.Permission, err error, loggerFields ...zap.Field) error {
if influxdb.ErrorCode(err) == influxdb.EUnauthorized { if errors.ErrorCode(err) == errors.EUnauthorized {
ts.log.With(loggerFields...).Info("Authorization failed", ts.log.With(loggerFields...).Info("Authorization failed",
zap.String("user_id", a.GetUserID().String()), zap.String("user_id", a.GetUserID().String()),
zap.String("auth_kind", a.Kind()), zap.String("auth_kind", a.Kind()),
@ -58,7 +61,7 @@ func (ts *taskServiceValidator) processPermissionError(a influxdb.Authorizer, p
return err return err
} }
func (ts *taskServiceValidator) FindTaskByID(ctx context.Context, id influxdb.ID) (*influxdb.Task, error) { func (ts *taskServiceValidator) FindTaskByID(ctx context.Context, id platform.ID) (*influxdb.Task, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -103,7 +106,7 @@ func (ts *taskServiceValidator) CreateTask(ctx context.Context, t influxdb.TaskC
return ts.TaskService.CreateTask(ctx, t) return ts.TaskService.CreateTask(ctx, t)
} }
func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id influxdb.ID, upd influxdb.TaskUpdate) (*influxdb.Task, error) { func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id platform.ID, upd influxdb.TaskUpdate) (*influxdb.Task, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -121,7 +124,7 @@ func (ts *taskServiceValidator) UpdateTask(ctx context.Context, id influxdb.ID,
return ts.TaskService.UpdateTask(ctx, id, upd) return ts.TaskService.UpdateTask(ctx, id, upd)
} }
func (ts *taskServiceValidator) DeleteTask(ctx context.Context, id influxdb.ID) error { func (ts *taskServiceValidator) DeleteTask(ctx context.Context, id platform.ID) error {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -171,7 +174,7 @@ func (ts *taskServiceValidator) FindRuns(ctx context.Context, filter influxdb.Ru
return ts.TaskService.FindRuns(ctx, filter) return ts.TaskService.FindRuns(ctx, filter)
} }
func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID influxdb.ID) (*influxdb.Run, error) { func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID platform.ID) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -189,7 +192,7 @@ func (ts *taskServiceValidator) FindRunByID(ctx context.Context, taskID, runID i
return ts.TaskService.FindRunByID(ctx, taskID, runID) return ts.TaskService.FindRunByID(ctx, taskID, runID)
} }
func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID influxdb.ID) error { func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID platform.ID) error {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -207,7 +210,7 @@ func (ts *taskServiceValidator) CancelRun(ctx context.Context, taskID, runID inf
return ts.TaskService.CancelRun(ctx, taskID, runID) return ts.TaskService.CancelRun(ctx, taskID, runID)
} }
func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID influxdb.ID) (*influxdb.Run, error) { func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID platform.ID) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -229,7 +232,7 @@ func (ts *taskServiceValidator) RetryRun(ctx context.Context, taskID, runID infl
return ts.TaskService.RetryRun(ctx, taskID, runID) return ts.TaskService.RetryRun(ctx, taskID, runID)
} }
func (ts *taskServiceValidator) ForceRun(ctx context.Context, taskID influxdb.ID, scheduledFor int64) (*influxdb.Run, error) { func (ts *taskServiceValidator) ForceRun(ctx context.Context, taskID platform.ID, scheduledFor int64) (*influxdb.Run, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()

21
authorizer/task_test.go
View File

@ -2,6 +2,7 @@ package authorizer_test
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"testing" "testing"
"time" "time"
@ -52,7 +53,7 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
} }
} }
func mockTaskService(orgID, taskID, runID influxdb.ID) influxdb.TaskService { func mockTaskService(orgID, taskID, runID platform.ID) influxdb.TaskService {
task := influxdb.Task{ task := influxdb.Task{
ID: taskID, ID: taskID,
OrganizationID: orgID, OrganizationID: orgID,
@ -79,7 +80,7 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
} }
return &mock.TaskService{ return &mock.TaskService{
FindTaskByIDFn: func(context.Context, influxdb.ID) (*influxdb.Task, error) { FindTaskByIDFn: func(context.Context, platform.ID) (*influxdb.Task, error) {
return &task, nil return &task, nil
}, },
FindTasksFn: func(context.Context, influxdb.TaskFilter) ([]*influxdb.Task, int, error) { FindTasksFn: func(context.Context, influxdb.TaskFilter) ([]*influxdb.Task, int, error) {
@ -89,10 +90,10 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
taskCopy := task taskCopy := task
return &taskCopy, nil return &taskCopy, nil
}, },
UpdateTaskFn: func(context.Context, influxdb.ID, influxdb.TaskUpdate) (*influxdb.Task, error) { UpdateTaskFn: func(context.Context, platform.ID, influxdb.TaskUpdate) (*influxdb.Task, error) {
return &task, nil return &task, nil
}, },
DeleteTaskFn: func(context.Context, influxdb.ID) error { DeleteTaskFn: func(context.Context, platform.ID) error {
return nil return nil
}, },
FindLogsFn: func(context.Context, influxdb.LogFilter) ([]*influxdb.Log, int, error) { FindLogsFn: func(context.Context, influxdb.LogFilter) ([]*influxdb.Log, int, error) {
@ -101,16 +102,16 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
FindRunsFn: func(context.Context, influxdb.RunFilter) ([]*influxdb.Run, int, error) { FindRunsFn: func(context.Context, influxdb.RunFilter) ([]*influxdb.Run, int, error) {
return []*influxdb.Run{&run}, 1, nil return []*influxdb.Run{&run}, 1, nil
}, },
FindRunByIDFn: func(context.Context, influxdb.ID, influxdb.ID) (*influxdb.Run, error) { FindRunByIDFn: func(context.Context, platform.ID, platform.ID) (*influxdb.Run, error) {
return &run, nil return &run, nil
}, },
CancelRunFn: func(context.Context, influxdb.ID, influxdb.ID) error { CancelRunFn: func(context.Context, platform.ID, platform.ID) error {
return nil return nil
}, },
RetryRunFn: func(context.Context, influxdb.ID, influxdb.ID) (*influxdb.Run, error) { RetryRunFn: func(context.Context, platform.ID, platform.ID) (*influxdb.Run, error) {
return &run, nil return &run, nil
}, },
ForceRunFn: func(context.Context, influxdb.ID, int64) (*influxdb.Run, error) { ForceRunFn: func(context.Context, platform.ID, int64) (*influxdb.Run, error) {
return &run, nil return &run, nil
}, },
} }
@ -118,8 +119,8 @@ from(bucket:"holder") |> range(start:-5m) |> to(bucket:"holder", org:"thing")`,
func TestValidations(t *testing.T) { func TestValidations(t *testing.T) {
var ( var (
taskID = influxdb.ID(0x7456) taskID = platform.ID(0x7456)
runID = influxdb.ID(0x402) runID = platform.ID(0x402)
otherOrg = &influxdb.Organization{Name: "other_org"} otherOrg = &influxdb.Organization{Name: "other_org"}
) )

10
authorizer/telegraf.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -24,7 +26,7 @@ func NewTelegrafConfigService(s influxdb.TelegrafConfigStore, urm influxdb.UserR
} }
// FindTelegrafConfigByID checks to see if the authorizer on context has read access to the id provided. // FindTelegrafConfigByID checks to see if the authorizer on context has read access to the id provided.
func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
tc, err := s.s.FindTelegrafConfigByID(ctx, id) tc, err := s.s.FindTelegrafConfigByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -47,7 +49,7 @@ func (s *TelegrafConfigService) FindTelegrafConfigs(ctx context.Context, filter
} }
// CreateTelegrafConfig checks to see if the authorizer on context has write access to the global telegraf config resource. // CreateTelegrafConfig checks to see if the authorizer on context has write access to the global telegraf config resource.
func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error { func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
if _, _, err := AuthorizeCreate(ctx, influxdb.TelegrafsResourceType, tc.OrgID); err != nil { if _, _, err := AuthorizeCreate(ctx, influxdb.TelegrafsResourceType, tc.OrgID); err != nil {
return err return err
} }
@ -55,7 +57,7 @@ func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *in
} }
// UpdateTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided. // UpdateTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.
func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) { func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
tc, err := s.FindTelegrafConfigByID(ctx, id) tc, err := s.FindTelegrafConfigByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -67,7 +69,7 @@ func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id inf
} }
// DeleteTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided. // DeleteTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.
func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id influxdb.ID) error { func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id platform.ID) error {
tc, err := s.FindTelegrafConfigByID(ctx, id) tc, err := s.FindTelegrafConfigByID(ctx, id)
if err != nil { if err != nil {
return err return err

54
authorizer/telegraf_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -75,7 +77,7 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: id, ID: id,
OrgID: 10, OrgID: 10,
@ -94,9 +96,9 @@ func TestTelegrafConfigStore_FindTelegrafConfigByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -248,7 +250,7 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
TelegrafConfigStore influxdb.TelegrafConfigStore TelegrafConfigStore influxdb.TelegrafConfigStore
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -265,13 +267,13 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
name: "authorized to update telegraf", name: "authorized to update telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
UpdateTelegrafConfigF: func(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) { UpdateTelegrafConfigF: func(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -306,13 +308,13 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
name: "unauthorized to update telegraf", name: "unauthorized to update telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
UpdateTelegrafConfigF: func(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error) { UpdateTelegrafConfigF: func(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
@ -333,9 +335,9 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -348,7 +350,7 @@ func TestTelegrafConfigStore_UpdateTelegrafConfig(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions)) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, tt.args.permissions))
_, err := s.UpdateTelegrafConfig(ctx, tt.args.id, &influxdb.TelegrafConfig{}, influxdb.ID(1)) _, err := s.UpdateTelegrafConfig(ctx, tt.args.id, &influxdb.TelegrafConfig{}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }
@ -359,7 +361,7 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
TelegrafConfigStore influxdb.TelegrafConfigStore TelegrafConfigStore influxdb.TelegrafConfigStore
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -376,13 +378,13 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
name: "authorized to delete telegraf", name: "authorized to delete telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
DeleteTelegrafConfigF: func(ctx context.Context, id influxdb.ID) error { DeleteTelegrafConfigF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -414,13 +416,13 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
name: "unauthorized to delete telegraf", name: "unauthorized to delete telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
FindTelegrafConfigByIDF: func(ctc context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error) { FindTelegrafConfigByIDF: func(ctc context.Context, id platform.ID) (*influxdb.TelegrafConfig, error) {
return &influxdb.TelegrafConfig{ return &influxdb.TelegrafConfig{
ID: 1, ID: 1,
OrgID: 10, OrgID: 10,
}, nil }, nil
}, },
DeleteTelegrafConfigF: func(ctx context.Context, id influxdb.ID) error { DeleteTelegrafConfigF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -438,9 +440,9 @@ func TestTelegrafConfigStore_DeleteTelegrafConfig(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/telegrafs/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -465,7 +467,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -481,7 +483,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
name: "authorized to create telegraf", name: "authorized to create telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error { CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -504,7 +506,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
name: "unauthorized to create telegraf", name: "unauthorized to create telegraf",
fields: fields{ fields: fields{
TelegrafConfigStore: &mock.TelegrafConfigStore{ TelegrafConfigStore: &mock.TelegrafConfigStore{
CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error { CreateTelegrafConfigF: func(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error {
return nil return nil
}, },
}, },
@ -520,9 +522,9 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/telegrafs is unauthorized", Msg: "write:orgs/000000000000000a/telegrafs is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -535,7 +537,7 @@ func TestTelegrafConfigStore_CreateTelegrafConfig(t *testing.T) {
ctx := context.Background() ctx := context.Background()
ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission})) ctx = influxdbcontext.SetAuthorizer(ctx, mock.NewMockAuthorizer(false, []influxdb.Permission{tt.args.permission}))
err := s.CreateTelegrafConfig(ctx, &influxdb.TelegrafConfig{OrgID: tt.args.orgID}, influxdb.ID(1)) err := s.CreateTelegrafConfig(ctx, &influxdb.TelegrafConfig{OrgID: tt.args.orgID}, platform.ID(1))
influxdbtesting.ErrorsEqual(t, err, tt.wants.err) influxdbtesting.ErrorsEqual(t, err, tt.wants.err)
}) })
} }

6
authorizer/urm.go
View File

@ -3,11 +3,13 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
type OrgIDResolver interface { type OrgIDResolver interface {
FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id influxdb.ID) (influxdb.ID, error) FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id platform.ID) (platform.ID, error)
} }
type URMService struct { type URMService struct {
@ -41,7 +43,7 @@ func (s *URMService) CreateUserResourceMapping(ctx context.Context, m *influxdb.
return s.s.CreateUserResourceMapping(ctx, m) return s.s.CreateUserResourceMapping(ctx, m)
} }
func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID influxdb.ID, userID influxdb.ID) error { func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID platform.ID, userID platform.ID) error {
f := influxdb.UserResourceMappingFilter{ResourceID: resourceID, UserID: userID} f := influxdb.UserResourceMappingFilter{ResourceID: resourceID, UserID: userID}
urms, _, err := s.s.FindUserResourceMappings(ctx, f) urms, _, err := s.s.FindUserResourceMappings(ctx, f)
if err != nil { if err != nil {

14
authorizer/urm_test.go
View File

@ -2,6 +2,8 @@ package authorizer_test
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"testing" "testing"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
@ -13,10 +15,10 @@ import (
) )
type OrgService struct { type OrgService struct {
OrgID influxdb.ID OrgID platform.ID
} }
func (s *OrgService) FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id influxdb.ID) (influxdb.ID, error) { func (s *OrgService) FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id platform.ID) (platform.ID, error) {
return s.OrgID, nil return s.OrgID, nil
} }
@ -169,7 +171,7 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error { CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error {
return nil return nil
}, },
DeleteMappingFn: func(ctx context.Context, rid, uid influxdb.ID) error { DeleteMappingFn: func(ctx context.Context, rid, uid platform.ID) error {
return nil return nil
}, },
FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) { FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) {
@ -204,7 +206,7 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error { CreateMappingFn: func(ctx context.Context, m *influxdb.UserResourceMapping) error {
return nil return nil
}, },
DeleteMappingFn: func(ctx context.Context, rid, uid influxdb.ID) error { DeleteMappingFn: func(ctx context.Context, rid, uid platform.ID) error {
return nil return nil
}, },
FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) { FindMappingsFn: func(ctx context.Context, filter influxdb.UserResourceMappingFilter) ([]*influxdb.UserResourceMapping, int, error) {
@ -228,9 +230,9 @@ func TestURMService_WriteUserResourceMapping(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/buckets/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

15
authorizer/user.go
View File

@ -3,6 +3,9 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -22,7 +25,7 @@ func NewUserService(s influxdb.UserService) *UserService {
} }
// FindUserByID checks to see if the authorizer on context has read access to the id provided. // FindUserByID checks to see if the authorizer on context has read access to the id provided.
func (s *UserService) FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { func (s *UserService) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error) {
if _, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, id); err != nil { if _, _, err := AuthorizeReadResource(ctx, influxdb.UsersResourceType, id); err != nil {
return nil, err return nil, err
} }
@ -61,7 +64,7 @@ func (s *UserService) CreateUser(ctx context.Context, o *influxdb.User) error {
} }
// UpdateUser checks to see if the authorizer on context has write access to the user provided. // UpdateUser checks to see if the authorizer on context has write access to the user provided.
func (s *UserService) UpdateUser(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) { func (s *UserService) UpdateUser(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil { if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil {
return nil, err return nil, err
} }
@ -69,16 +72,16 @@ func (s *UserService) UpdateUser(ctx context.Context, id influxdb.ID, upd influx
} }
// DeleteUser checks to see if the authorizer on context has write access to the user provided. // DeleteUser checks to see if the authorizer on context has write access to the user provided.
func (s *UserService) DeleteUser(ctx context.Context, id influxdb.ID) error { func (s *UserService) DeleteUser(ctx context.Context, id platform.ID) error {
if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil { if _, _, err := AuthorizeWriteResource(ctx, influxdb.UsersResourceType, id); err != nil {
return err return err
} }
return s.s.DeleteUser(ctx, id) return s.s.DeleteUser(ctx, id)
} }
func (s *UserService) FindPermissionForUser(ctx context.Context, uid influxdb.ID) (influxdb.PermissionSet, error) { func (s *UserService) FindPermissionForUser(ctx context.Context, uid platform.ID) (influxdb.PermissionSet, error) {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EInternal, Code: errors.EInternal,
Msg: "not implemented", Msg: "not implemented",
} }
} }

40
authorizer/user_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestUserService_FindUserByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestUserService_FindUserByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
}, nil }, nil
@ -74,7 +76,7 @@ func TestUserService_FindUserByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
FindUserByIDFn: func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { FindUserByIDFn: func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: id, ID: id,
}, nil }, nil
@ -92,9 +94,9 @@ func TestUserService_FindUserByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized", Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -175,9 +177,9 @@ func TestUserService_FindUser(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:users/0000000000000001 is unauthorized", Msg: "read:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -315,7 +317,7 @@ func TestUserService_UpdateUser(t *testing.T) {
UserService influxdb.UserService UserService influxdb.UserService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permission influxdb.Permission permission influxdb.Permission
} }
type wants struct { type wants struct {
@ -332,7 +334,7 @@ func TestUserService_UpdateUser(t *testing.T) {
name: "authorized to update user", name: "authorized to update user",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
UpdateUserFn: func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) { UpdateUserFn: func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: 1, ID: 1,
}, nil }, nil
@ -357,7 +359,7 @@ func TestUserService_UpdateUser(t *testing.T) {
name: "unauthorized to update user", name: "unauthorized to update user",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
UpdateUserFn: func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) { UpdateUserFn: func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
return &influxdb.User{ return &influxdb.User{
ID: 1, ID: 1,
}, nil }, nil
@ -375,9 +377,9 @@ func TestUserService_UpdateUser(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -401,7 +403,7 @@ func TestUserService_DeleteUser(t *testing.T) {
UserService influxdb.UserService UserService influxdb.UserService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permission influxdb.Permission permission influxdb.Permission
} }
type wants struct { type wants struct {
@ -418,7 +420,7 @@ func TestUserService_DeleteUser(t *testing.T) {
name: "authorized to delete user", name: "authorized to delete user",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
DeleteUserFn: func(ctx context.Context, id influxdb.ID) error { DeleteUserFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -441,7 +443,7 @@ func TestUserService_DeleteUser(t *testing.T) {
name: "unauthorized to delete user", name: "unauthorized to delete user",
fields: fields{ fields: fields{
UserService: &mock.UserService{ UserService: &mock.UserService{
DeleteUserFn: func(ctx context.Context, id influxdb.ID) error { DeleteUserFn: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -457,9 +459,9 @@ func TestUserService_DeleteUser(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users/0000000000000001 is unauthorized", Msg: "write:users/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -535,9 +537,9 @@ func TestUserService_CreateUser(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:users is unauthorized", Msg: "write:users is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

8
authorizer/variable.go
View File

@ -3,6 +3,8 @@ package authorizer
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
) )
@ -22,7 +24,7 @@ func NewVariableService(s influxdb.VariableService) *VariableService {
} }
// FindVariableByID checks to see if the authorizer on context has read access to the id provided. // FindVariableByID checks to see if the authorizer on context has read access to the id provided.
func (s *VariableService) FindVariableByID(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { func (s *VariableService) FindVariableByID(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
v, err := s.s.FindVariableByID(ctx, id) v, err := s.s.FindVariableByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -53,7 +55,7 @@ func (s *VariableService) CreateVariable(ctx context.Context, v *influxdb.Variab
} }
// UpdateVariable checks to see if the authorizer on context has write access to the variable provided. // UpdateVariable checks to see if the authorizer on context has write access to the variable provided.
func (s *VariableService) UpdateVariable(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) { func (s *VariableService) UpdateVariable(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
v, err := s.FindVariableByID(ctx, id) v, err := s.FindVariableByID(ctx, id)
if err != nil { if err != nil {
return nil, err return nil, err
@ -77,7 +79,7 @@ func (s *VariableService) ReplaceVariable(ctx context.Context, m *influxdb.Varia
} }
// DeleteVariable checks to see if the authorizer on context has write access to the variable provided. // DeleteVariable checks to see if the authorizer on context has write access to the variable provided.
func (s *VariableService) DeleteVariable(ctx context.Context, id influxdb.ID) error { func (s *VariableService) DeleteVariable(ctx context.Context, id platform.ID) error {
v, err := s.FindVariableByID(ctx, id) v, err := s.FindVariableByID(ctx, id)
if err != nil { if err != nil {
return err return err

54
authorizer/variable_test.go
View File

@ -3,6 +3,8 @@ package authorizer_test
import ( import (
"bytes" "bytes"
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"sort" "sort"
"testing" "testing"
@ -33,7 +35,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -49,7 +51,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
name: "authorized to access id", name: "authorized to access id",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -75,7 +77,7 @@ func TestVariableService_FindVariableByID(t *testing.T) {
name: "unauthorized to access id", name: "unauthorized to access id",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: id, ID: id,
OrganizationID: 10, OrganizationID: 10,
@ -94,9 +96,9 @@ func TestVariableService_FindVariableByID(t *testing.T) {
id: 1, id: 1,
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "read:orgs/000000000000000a/variables/0000000000000001 is unauthorized", Msg: "read:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -248,7 +250,7 @@ func TestVariableService_UpdateVariable(t *testing.T) {
VariableService influxdb.VariableService VariableService influxdb.VariableService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -265,13 +267,13 @@ func TestVariableService_UpdateVariable(t *testing.T) {
name: "authorized to update variable", name: "authorized to update variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateVariableF: func(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) { UpdateVariableF: func(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -306,13 +308,13 @@ func TestVariableService_UpdateVariable(t *testing.T) {
name: "unauthorized to update variable", name: "unauthorized to update variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
UpdateVariableF: func(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) { UpdateVariableF: func(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -333,9 +335,9 @@ func TestVariableService_UpdateVariable(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -376,7 +378,7 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
name: "authorized to replace variable", name: "authorized to replace variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -418,7 +420,7 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
name: "unauthorized to replace variable", name: "unauthorized to replace variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
@ -445,9 +447,9 @@ func TestVariableService_ReplaceVariable(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -471,7 +473,7 @@ func TestVariableService_DeleteVariable(t *testing.T) {
VariableService influxdb.VariableService VariableService influxdb.VariableService
} }
type args struct { type args struct {
id influxdb.ID id platform.ID
permissions []influxdb.Permission permissions []influxdb.Permission
} }
type wants struct { type wants struct {
@ -488,13 +490,13 @@ func TestVariableService_DeleteVariable(t *testing.T) {
name: "authorized to delete variable", name: "authorized to delete variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteVariableF: func(ctx context.Context, id influxdb.ID) error { DeleteVariableF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -526,13 +528,13 @@ func TestVariableService_DeleteVariable(t *testing.T) {
name: "unauthorized to delete variable", name: "unauthorized to delete variable",
fields: fields{ fields: fields{
VariableService: &mock.VariableService{ VariableService: &mock.VariableService{
FindVariableByIDF: func(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error) { FindVariableByIDF: func(ctx context.Context, id platform.ID) (*influxdb.Variable, error) {
return &influxdb.Variable{ return &influxdb.Variable{
ID: 1, ID: 1,
OrganizationID: 10, OrganizationID: 10,
}, nil }, nil
}, },
DeleteVariableF: func(ctx context.Context, id influxdb.ID) error { DeleteVariableF: func(ctx context.Context, id platform.ID) error {
return nil return nil
}, },
}, },
@ -550,9 +552,9 @@ func TestVariableService_DeleteVariable(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized", Msg: "write:orgs/000000000000000a/variables/0000000000000001 is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },
@ -577,7 +579,7 @@ func TestVariableService_CreateVariable(t *testing.T) {
} }
type args struct { type args struct {
permission influxdb.Permission permission influxdb.Permission
orgID influxdb.ID orgID platform.ID
} }
type wants struct { type wants struct {
err error err error
@ -632,9 +634,9 @@ func TestVariableService_CreateVariable(t *testing.T) {
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Msg: "write:orgs/000000000000000a/variables is unauthorized", Msg: "write:orgs/000000000000000a/variables is unauthorized",
Code: influxdb.EUnauthorized, Code: errors.EUnauthorized,
}, },
}, },
}, },

45
authz.go
View File

@ -5,6 +5,9 @@ import (
"fmt" "fmt"
"os" "os"
"path/filepath" "path/filepath"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
) )
var ( var (
@ -22,10 +25,10 @@ type Authorizer interface {
PermissionSet() (PermissionSet, error) PermissionSet() (PermissionSet, error)
// ID returns an identifier used for auditing. // ID returns an identifier used for auditing.
Identifier() ID Identifier() platform.ID
// GetUserID returns the user id. // GetUserID returns the user id.
GetUserID() ID GetUserID() platform.ID
// Kind metadata for auditing. // Kind metadata for auditing.
Kind() string Kind() string
@ -74,8 +77,8 @@ type ResourceType string
// Resource is an authorizable resource. // Resource is an authorizable resource.
type Resource struct { type Resource struct {
Type ResourceType `json:"type"` Type ResourceType `json:"type"`
ID *ID `json:"id,omitempty"` ID *platform.ID `json:"id,omitempty"`
OrgID *ID `json:"orgID,omitempty"` OrgID *platform.ID `json:"orgID,omitempty"`
} }
// String stringifies a resource // String stringifies a resource
@ -330,33 +333,33 @@ func (p Permission) String() string {
// Valid checks if there the resource and action provided is known. // Valid checks if there the resource and action provided is known.
func (p *Permission) Valid() error { func (p *Permission) Valid() error {
if err := p.Resource.Valid(); err != nil { if err := p.Resource.Valid(); err != nil {
return &Error{ return &errors2.Error{
Code: EInvalid, Code: errors2.EInvalid,
Err: err, Err: err,
Msg: "invalid resource type for permission", Msg: "invalid resource type for permission",
} }
} }
if err := p.Action.Valid(); err != nil { if err := p.Action.Valid(); err != nil {
return &Error{ return &errors2.Error{
Code: EInvalid, Code: errors2.EInvalid,
Err: err, Err: err,
Msg: "invalid action type for permission", Msg: "invalid action type for permission",
} }
} }
if p.Resource.OrgID != nil && !p.Resource.OrgID.Valid() { if p.Resource.OrgID != nil && !p.Resource.OrgID.Valid() {
return &Error{ return &errors2.Error{
Code: EInvalid, Code: errors2.EInvalid,
Err: ErrInvalidID, Err: platform.ErrInvalidID,
Msg: "invalid org id for permission", Msg: "invalid org id for permission",
} }
} }
if p.Resource.ID != nil && !p.Resource.ID.Valid() { if p.Resource.ID != nil && !p.Resource.ID.Valid() {
return &Error{ return &errors2.Error{
Code: EInvalid, Code: errors2.EInvalid,
Err: ErrInvalidID, Err: platform.ErrInvalidID,
Msg: "invalid id for permission", Msg: "invalid id for permission",
} }
} }
@ -365,7 +368,7 @@ func (p *Permission) Valid() error {
} }
// NewPermission returns a permission with provided arguments. // NewPermission returns a permission with provided arguments.
func NewPermission(a Action, rt ResourceType, orgID ID) (*Permission, error) { func NewPermission(a Action, rt ResourceType, orgID platform.ID) (*Permission, error) {
p := &Permission{ p := &Permission{
Action: a, Action: a,
Resource: Resource{ Resource: Resource{
@ -378,7 +381,7 @@ func NewPermission(a Action, rt ResourceType, orgID ID) (*Permission, error) {
} }
// NewResourcePermission returns a permission with provided arguments. // NewResourcePermission returns a permission with provided arguments.
func NewResourcePermission(a Action, rt ResourceType, rid ID) (*Permission, error) { func NewResourcePermission(a Action, rt ResourceType, rid platform.ID) (*Permission, error) {
p := &Permission{ p := &Permission{
Action: a, Action: a,
Resource: Resource{ Resource: Resource{
@ -402,7 +405,7 @@ func NewGlobalPermission(a Action, rt ResourceType) (*Permission, error) {
} }
// NewPermissionAtID creates a permission with the provided arguments. // NewPermissionAtID creates a permission with the provided arguments.
func NewPermissionAtID(id ID, a Action, rt ResourceType, orgID ID) (*Permission, error) { func NewPermissionAtID(id platform.ID, a Action, rt ResourceType, orgID platform.ID) (*Permission, error) {
p := &Permission{ p := &Permission{
Action: a, Action: a,
Resource: Resource{ Resource: Resource{
@ -438,7 +441,7 @@ func ReadAllPermissions() []Permission {
} }
// OwnerPermissions are the default permissions for those who own a resource. // OwnerPermissions are the default permissions for those who own a resource.
func OwnerPermissions(orgID ID) []Permission { func OwnerPermissions(orgID platform.ID) []Permission {
ps := []Permission{} ps := []Permission{}
for _, r := range AllResourceTypes { for _, r := range AllResourceTypes {
for _, a := range actions { for _, a := range actions {
@ -453,7 +456,7 @@ func OwnerPermissions(orgID ID) []Permission {
} }
// MePermissions is the permission to read/write myself. // MePermissions is the permission to read/write myself.
func MePermissions(userID ID) []Permission { func MePermissions(userID platform.ID) []Permission {
ps := []Permission{} ps := []Permission{}
for _, a := range actions { for _, a := range actions {
ps = append(ps, Permission{Action: a, Resource: Resource{Type: UsersResourceType, ID: &userID}}) ps = append(ps, Permission{Action: a, Resource: Resource{Type: UsersResourceType, ID: &userID}})
@ -463,7 +466,7 @@ func MePermissions(userID ID) []Permission {
} }
// MemberPermissions are the default permissions for those who can see a resource. // MemberPermissions are the default permissions for those who can see a resource.
func MemberPermissions(orgID ID) []Permission { func MemberPermissions(orgID platform.ID) []Permission {
ps := []Permission{} ps := []Permission{}
for _, r := range AllResourceTypes { for _, r := range AllResourceTypes {
if r == OrgsResourceType { if r == OrgsResourceType {
@ -477,6 +480,6 @@ func MemberPermissions(orgID ID) []Permission {
} }
// MemberPermissions are the default permissions for those who can see a resource. // MemberPermissions are the default permissions for those who can see a resource.
func MemberBucketPermission(bucketID ID) Permission { func MemberBucketPermission(bucketID platform.ID) Permission {
return Permission{Action: ReadAction, Resource: Resource{Type: BucketsResourceType, ID: &bucketID}} return Permission{Action: ReadAction, Resource: Resource{Type: BucketsResourceType, ID: &bucketID}}
} }

7
authz_test.go
View File

@ -1,6 +1,7 @@
package influxdb_test package influxdb_test
import ( import (
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"testing" "testing"
platform "github.com/influxdata/influxdb/v2" platform "github.com/influxdata/influxdb/v2"
@ -279,7 +280,7 @@ func TestPermission_Valid(t *testing.T) {
Action: platform.WriteAction, Action: platform.WriteAction,
Resource: platform.Resource{ Resource: platform.Resource{
Type: platform.BucketsResourceType, Type: platform.BucketsResourceType,
ID: func() *platform.ID { id := platform.InvalidID(); return &id }(), ID: func() *platform2.ID { id := platform2.InvalidID(); return &id }(),
OrgID: influxdbtesting.IDPtr(1), OrgID: influxdbtesting.IDPtr(1),
}, },
}, },
@ -431,7 +432,7 @@ func TestPermission_String(t *testing.T) {
} }
} }
func validID() *platform.ID { func validID() *platform2.ID {
id := platform.ID(100) id := platform2.ID(100)
return &id return &id
} }

4
backup.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"io" "io"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
) )
const ( const (
@ -25,7 +27,7 @@ type RestoreService interface {
RestoreKVStore(ctx context.Context, r io.Reader) error RestoreKVStore(ctx context.Context, r io.Reader) error
// RestoreKVStore restores the metadata database. // RestoreKVStore restores the metadata database.
RestoreBucket(ctx context.Context, id ID, rpiData []byte) (shardIDMap map[uint64]uint64, err error) RestoreBucket(ctx context.Context, id platform.ID, rpiData []byte) (shardIDMap map[uint64]uint64, err error)
// RestoreShard uploads a backup file for a single shard. // RestoreShard uploads a backup file for a single shard.
RestoreShard(ctx context.Context, shardID uint64, r io.Reader) error RestoreShard(ctx context.Context, shardID uint64, r io.Reader) error

9
backup/backup.go
View File

@ -10,6 +10,9 @@ import (
"path/filepath" "path/filepath"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/bolt" "github.com/influxdata/influxdb/v2/bolt"
"github.com/influxdata/influxdb/v2/tenant" "github.com/influxdata/influxdb/v2/tenant"
@ -20,12 +23,12 @@ import (
type Request struct { type Request struct {
// Organization to backup. // Organization to backup.
// If not set, all orgs will be included. // If not set, all orgs will be included.
OrgID influxdb.ID OrgID platform.ID
Org string Org string
// Bucket to backup. // Bucket to backup.
// If not set, all buckets within the org filter will be included. // If not set, all buckets within the org filter will be included.
BucketID influxdb.ID BucketID platform.ID
Bucket string Bucket string
// Path to the directory where backup files should be written. // Path to the directory where backup files should be written.
@ -210,7 +213,7 @@ func (r *backupRunner) backupShard(ctx context.Context, shardInfo *influxdb.Mani
_ = gw.Close() _ = gw.Close()
_ = f.Close() _ = f.Close()
if influxdb.ErrorCode(err) == influxdb.ENotFound { if errors.ErrorCode(err) == errors.ENotFound {
r.log.Warn("Shard removed during backup", zap.Uint64("id", shardInfo.ShardID)) r.log.Warn("Shard removed during backup", zap.Uint64("id", shardInfo.ShardID))
return nil return nil
} }

4
bolt/bbolt.go
View File

@ -7,6 +7,8 @@ import (
"path/filepath" "path/filepath"
"time" "time"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
platform "github.com/influxdata/influxdb/v2" platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/rand" "github.com/influxdata/influxdb/v2/rand"
"github.com/influxdata/influxdb/v2/snowflake" "github.com/influxdata/influxdb/v2/snowflake"
@ -22,7 +24,7 @@ type Client struct {
db *bolt.DB db *bolt.DB
log *zap.Logger log *zap.Logger
IDGenerator platform.IDGenerator IDGenerator platform2.IDGenerator
TokenGenerator platform.TokenGenerator TokenGenerator platform.TokenGenerator
platform.TimeGenerator platform.TimeGenerator

25
bolt/id.go
View File

@ -5,7 +5,8 @@ import (
"fmt" "fmt"
"math/rand" "math/rand"
platform "github.com/influxdata/influxdb/v2" platform2 "github.com/influxdata/influxdb/v2/kit/platform"
bolt "go.etcd.io/bbolt" bolt "go.etcd.io/bbolt"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -16,7 +17,7 @@ var (
errIDNotFound = errors.New("source not found") errIDNotFound = errors.New("source not found")
) )
var _ platform.IDGenerator = (*Client)(nil) var _ platform2.IDGenerator = (*Client)(nil)
func (c *Client) initializeID(tx *bolt.Tx) error { func (c *Client) initializeID(tx *bolt.Tx) error {
if _, err := tx.CreateBucketIfNotExists(idsBucket); err != nil { if _, err := tx.CreateBucketIfNotExists(idsBucket); err != nil {
@ -38,9 +39,9 @@ func (c *Client) initializeID(tx *bolt.Tx) error {
} }
// ID retrieves the unique ID for this influx instance. // ID retrieves the unique ID for this influx instance.
func (c *Client) ID() platform.ID { func (c *Client) ID() platform2.ID {
// if any error occurs return a random number // if any error occurs return a random number
id := platform.ID(rand.Int63()) id := platform2.ID(rand.Int63())
err := c.db.View(func(tx *bolt.Tx) error { err := c.db.View(func(tx *bolt.Tx) error {
val, err := c.getID(tx) val, err := c.getID(tx)
if err != nil { if err != nil {
@ -58,23 +59,23 @@ func (c *Client) ID() platform.ID {
return id return id
} }
func (c *Client) getID(tx *bolt.Tx) (platform.ID, error) { func (c *Client) getID(tx *bolt.Tx) (platform2.ID, error) {
v := tx.Bucket(idsBucket).Get(idKey) v := tx.Bucket(idsBucket).Get(idKey)
if len(v) == 0 { if len(v) == 0 {
return platform.InvalidID(), errIDNotFound return platform2.InvalidID(), errIDNotFound
} }
return decodeID(v) return decodeID(v)
} }
func decodeID(val []byte) (platform.ID, error) { func decodeID(val []byte) (platform2.ID, error) {
if len(val) < platform.IDLength { if len(val) < platform2.IDLength {
// This should not happen. // This should not happen.
return platform.InvalidID(), fmt.Errorf("provided value is too short to contain an ID. Please report this error") return platform2.InvalidID(), fmt.Errorf("provided value is too short to contain an ID. Please report this error")
} }
var id platform.ID var id platform2.ID
if err := id.Decode(val[:platform.IDLength]); err != nil { if err := id.Decode(val[:platform2.IDLength]); err != nil {
return platform.InvalidID(), err return platform2.InvalidID(), err
} }
return id, nil return id, nil
} }

4
bolt/id_test.go
View File

@ -2,9 +2,9 @@ package bolt_test
import ( import (
"context" "context"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"testing" "testing"
platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
) )
@ -15,7 +15,7 @@ func TestID(t *testing.T) {
} }
defer closeFn() defer closeFn()
testID := platform.ID(70000) testID := platform2.ID(70000)
c.IDGenerator = mock.NewIDGenerator(testID.String(), t) c.IDGenerator = mock.NewIDGenerator(testID.String(), t)
if err := c.Open(context.Background()); err != nil { if err := c.Open(context.Background()); err != nil {

25
bucket.go
View File

@ -5,6 +5,9 @@ import (
"fmt" "fmt"
"strings" "strings"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
) )
const ( const (
@ -29,8 +32,8 @@ const InfiniteRetention = 0
// Bucket is a bucket. 🎉 // Bucket is a bucket. 🎉
type Bucket struct { type Bucket struct {
ID ID `json:"id,omitempty"` ID platform.ID `json:"id,omitempty"`
OrgID ID `json:"orgID,omitempty"` OrgID platform.ID `json:"orgID,omitempty"`
Type BucketType `json:"type"` Type BucketType `json:"type"`
Name string `json:"name"` Name string `json:"name"`
Description string `json:"description"` Description string `json:"description"`
@ -79,7 +82,7 @@ var (
// BucketService represents a service for managing bucket data. // BucketService represents a service for managing bucket data.
type BucketService interface { type BucketService interface {
// FindBucketByID returns a single bucket by ID. // FindBucketByID returns a single bucket by ID.
FindBucketByID(ctx context.Context, id ID) (*Bucket, error) FindBucketByID(ctx context.Context, id platform.ID) (*Bucket, error)
// FindBucket returns the first bucket that matches filter. // FindBucket returns the first bucket that matches filter.
FindBucket(ctx context.Context, filter BucketFilter) (*Bucket, error) FindBucket(ctx context.Context, filter BucketFilter) (*Bucket, error)
@ -93,11 +96,11 @@ type BucketService interface {
// UpdateBucket updates a single bucket with changeset. // UpdateBucket updates a single bucket with changeset.
// Returns the new bucket state after update. // Returns the new bucket state after update.
UpdateBucket(ctx context.Context, id ID, upd BucketUpdate) (*Bucket, error) UpdateBucket(ctx context.Context, id platform.ID, upd BucketUpdate) (*Bucket, error)
// DeleteBucket removes a bucket by ID. // DeleteBucket removes a bucket by ID.
DeleteBucket(ctx context.Context, id ID) error DeleteBucket(ctx context.Context, id platform.ID) error
FindBucketByName(ctx context.Context, orgID ID, name string) (*Bucket, error) FindBucketByName(ctx context.Context, orgID platform.ID, name string) (*Bucket, error)
} }
// BucketUpdate represents updates to a bucket. // BucketUpdate represents updates to a bucket.
@ -111,9 +114,9 @@ type BucketUpdate struct {
// BucketFilter represents a set of filter that restrict the returned results. // BucketFilter represents a set of filter that restrict the returned results.
type BucketFilter struct { type BucketFilter struct {
ID *ID ID *platform.ID
Name *string Name *string
OrganizationID *ID OrganizationID *platform.ID
Org *string Org *string
} }
@ -159,9 +162,9 @@ func (f BucketFilter) String() string {
return "[" + strings.Join(parts, ", ") + "]" return "[" + strings.Join(parts, ", ") + "]"
} }
func ErrInternalBucketServiceError(op string, err error) *Error { func ErrInternalBucketServiceError(op string, err error) *errors.Error {
return &Error{ return &errors.Error{
Code: EInternal, Code: errors.EInternal,
Msg: fmt.Sprintf("unexpected error in buckets; Err: %v", err), Msg: fmt.Sprintf("unexpected error in buckets; Err: %v", err),
Op: op, Op: op,
Err: err, Err: err,

41
check.go
View File

@ -3,6 +3,9 @@ package influxdb
import ( import (
"context" "context"
"encoding/json" "encoding/json"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
) )
// consts for checks config. // consts for checks config.
@ -16,22 +19,22 @@ type Check interface {
Valid(lang FluxLanguageService) error Valid(lang FluxLanguageService) error
Type() string Type() string
ClearPrivateData() ClearPrivateData()
SetTaskID(ID) SetTaskID(platform.ID)
GetTaskID() ID GetTaskID() platform.ID
GetOwnerID() ID GetOwnerID() platform.ID
SetOwnerID(ID) SetOwnerID(platform.ID)
GenerateFlux(lang FluxLanguageService) (string, error) GenerateFlux(lang FluxLanguageService) (string, error)
json.Marshaler json.Marshaler
CRUDLogSetter CRUDLogSetter
SetID(id ID) SetID(id platform.ID)
SetOrgID(id ID) SetOrgID(id platform.ID)
SetName(name string) SetName(name string)
SetDescription(description string) SetDescription(description string)
GetID() ID GetID() platform.ID
GetCRUDLog() CRUDLog GetCRUDLog() CRUDLog
GetOrgID() ID GetOrgID() platform.ID
GetName() string GetName() string
GetDescription() string GetDescription() string
} }
@ -49,7 +52,7 @@ var (
// CheckService represents a service for managing checks. // CheckService represents a service for managing checks.
type CheckService interface { type CheckService interface {
// FindCheckByID returns a single check by ID. // FindCheckByID returns a single check by ID.
FindCheckByID(ctx context.Context, id ID) (Check, error) FindCheckByID(ctx context.Context, id platform.ID) (Check, error)
// FindCheck returns the first check that matches filter. // FindCheck returns the first check that matches filter.
FindCheck(ctx context.Context, filter CheckFilter) (Check, error) FindCheck(ctx context.Context, filter CheckFilter) (Check, error)
@ -59,18 +62,18 @@ type CheckService interface {
FindChecks(ctx context.Context, filter CheckFilter, opt ...FindOptions) ([]Check, int, error) FindChecks(ctx context.Context, filter CheckFilter, opt ...FindOptions) ([]Check, int, error)
// CreateCheck creates a new check and sets b.ID with the new identifier. // CreateCheck creates a new check and sets b.ID with the new identifier.
CreateCheck(ctx context.Context, c CheckCreate, userID ID) error CreateCheck(ctx context.Context, c CheckCreate, userID platform.ID) error
// UpdateCheck updates the whole check. // UpdateCheck updates the whole check.
// Returns the new check state after update. // Returns the new check state after update.
UpdateCheck(ctx context.Context, id ID, c CheckCreate) (Check, error) UpdateCheck(ctx context.Context, id platform.ID, c CheckCreate) (Check, error)
// PatchCheck updates a single bucket with changeset. // PatchCheck updates a single bucket with changeset.
// Returns the new check state after update. // Returns the new check state after update.
PatchCheck(ctx context.Context, id ID, upd CheckUpdate) (Check, error) PatchCheck(ctx context.Context, id platform.ID, upd CheckUpdate) (Check, error)
// DeleteCheck will delete the check by id. // DeleteCheck will delete the check by id.
DeleteCheck(ctx context.Context, id ID) error DeleteCheck(ctx context.Context, id platform.ID) error
} }
// CheckUpdate are properties than can be updated on a check // CheckUpdate are properties than can be updated on a check
@ -89,15 +92,15 @@ type CheckCreate struct {
// Valid returns err is the update is invalid. // Valid returns err is the update is invalid.
func (n *CheckUpdate) Valid() error { func (n *CheckUpdate) Valid() error {
if n.Name != nil && *n.Name == "" { if n.Name != nil && *n.Name == "" {
return &Error{ return &errors.Error{
Code: EInvalid, Code: errors.EInvalid,
Msg: "Check Name can't be empty", Msg: "Check Name can't be empty",
} }
} }
if n.Description != nil && *n.Description == "" { if n.Description != nil && *n.Description == "" {
return &Error{ return &errors.Error{
Code: EInvalid, Code: errors.EInvalid,
Msg: "Check Description can't be empty", Msg: "Check Description can't be empty",
} }
} }
@ -113,9 +116,9 @@ func (n *CheckUpdate) Valid() error {
// CheckFilter represents a set of filters that restrict the returned results. // CheckFilter represents a set of filters that restrict the returned results.
type CheckFilter struct { type CheckFilter struct {
ID *ID ID *platform.ID
Name *string Name *string
OrgID *ID OrgID *platform.ID
Org *string Org *string
UserResourceMappingFilter UserResourceMappingFilter
} }

45
checks/service.go
View File

@ -4,6 +4,9 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing" "github.com/influxdata/influxdb/v2/kit/tracing"
"github.com/influxdata/influxdb/v2/kv" "github.com/influxdata/influxdb/v2/kv"
@ -26,7 +29,7 @@ type Service struct {
tasks influxdb.TaskService tasks influxdb.TaskService
timeGenerator influxdb.TimeGenerator timeGenerator influxdb.TimeGenerator
idGenerator influxdb.IDGenerator idGenerator platform.IDGenerator
checkStore *kv.IndexStore checkStore *kv.IndexStore
} }
@ -83,7 +86,7 @@ func newCheckStore() *kv.IndexStore {
} }
// FindCheckByID retrieves a check by id. // FindCheckByID retrieves a check by id.
func (s *Service) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.Check, error) { func (s *Service) FindCheckByID(ctx context.Context, id platform.ID) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -103,7 +106,7 @@ func (s *Service) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.C
return c, nil return c, nil
} }
func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (influxdb.Check, error) { func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id platform.ID) (influxdb.Check, error) {
chkVal, err := s.checkStore.FindEnt(ctx, tx, kv.Entity{PK: kv.EncID(id)}) chkVal, err := s.checkStore.FindEnt(ctx, tx, kv.Entity{PK: kv.EncID(id)})
if err != nil { if err != nil {
return nil, err return nil, err
@ -111,7 +114,7 @@ func (s *Service) findCheckByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (
return chkVal.(influxdb.Check), nil return chkVal.(influxdb.Check), nil
} }
func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID influxdb.ID, name string) (influxdb.Check, error) { func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID platform.ID, name string) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -119,8 +122,8 @@ func (s *Service) findCheckByName(ctx context.Context, tx kv.Tx, orgID influxdb.
UniqueKey: kv.Encode(kv.EncID(orgID), kv.EncString(name)), UniqueKey: kv.Encode(kv.EncID(orgID), kv.EncString(name)),
}) })
if kv.IsNotFound(err) { if kv.IsNotFound(err) {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Err: err, Err: err,
} }
} }
@ -186,8 +189,8 @@ func (s *Service) FindCheck(ctx context.Context, filter influxdb.CheckFilter) (i
} }
if c == nil { if c == nil {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "check not found", Msg: "check not found",
} }
} }
@ -227,7 +230,7 @@ func (s *Service) FindChecks(ctx context.Context, filter influxdb.CheckFilter, o
if filter.Org != nil { if filter.Org != nil {
o, err := s.orgs.FindOrganization(ctx, influxdb.OrganizationFilter{Name: filter.Org}) o, err := s.orgs.FindOrganization(ctx, influxdb.OrganizationFilter{Name: filter.Org})
if err != nil { if err != nil {
return nil, 0, &influxdb.Error{Err: err} return nil, 0, &errors.Error{Err: err}
} }
filter.OrgID = &o.ID filter.OrgID = &o.ID
@ -270,7 +273,7 @@ func (s *Service) FindChecks(ctx context.Context, filter influxdb.CheckFilter, o
} }
// CreateCheck creates a influxdb check and sets ID. // CreateCheck creates a influxdb check and sets ID.
func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userID influxdb.ID) (err error) { func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userID platform.ID) (err error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -280,8 +283,8 @@ func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userI
if c.GetOrgID().Valid() { if c.GetOrgID().Valid() {
if _, err := s.orgs.FindOrganizationByID(ctx, c.GetOrgID()); err != nil { if _, err := s.orgs.FindOrganizationByID(ctx, c.GetOrgID()); err != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Op: influxdb.OpCreateCheck, Op: influxdb.OpCreateCheck,
Err: err, Err: err,
} }
@ -301,8 +304,8 @@ func (s *Service) CreateCheck(ctx context.Context, c influxdb.CheckCreate, userI
// create task initially in inactive state // create task initially in inactive state
t, err := s.createCheckTask(ctx, c) t, err := s.createCheckTask(ctx, c)
if err != nil { if err != nil {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "Could not create task from check", Msg: "Could not create task from check",
Err: err, Err: err,
} }
@ -378,7 +381,7 @@ func (s *Service) putCheck(ctx context.Context, tx kv.Tx, c influxdb.Check, opts
} }
// PatchCheck updates a check according the parameters set on upd. // PatchCheck updates a check according the parameters set on upd.
func (s *Service) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) { func (s *Service) PatchCheck(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -408,7 +411,7 @@ func (s *Service) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.C
} }
// UpdateCheck updates the check. // UpdateCheck updates the check.
func (s *Service) UpdateCheck(ctx context.Context, id influxdb.ID, chk influxdb.CheckCreate) (influxdb.Check, error) { func (s *Service) UpdateCheck(ctx context.Context, id platform.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -453,7 +456,7 @@ func (s *Service) updateCheckTask(ctx context.Context, chk influxdb.CheckCreate)
return err return err
} }
func (s *Service) patchCheckTask(ctx context.Context, taskID influxdb.ID, upd influxdb.CheckUpdate) error { func (s *Service) patchCheckTask(ctx context.Context, taskID platform.ID, upd influxdb.CheckUpdate) error {
tu := influxdb.TaskUpdate{ tu := influxdb.TaskUpdate{
Description: upd.Description, Description: upd.Description,
} }
@ -469,7 +472,7 @@ func (s *Service) patchCheckTask(ctx context.Context, taskID influxdb.ID, upd in
return nil return nil
} }
func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id influxdb.ID, chk influxdb.CheckCreate) (influxdb.Check, error) { func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id platform.ID, chk influxdb.CheckCreate) (influxdb.Check, error) {
span, ctx := tracing.StartSpanFromContext(ctx) span, ctx := tracing.StartSpanFromContext(ctx)
defer span.Finish() defer span.Finish()
@ -483,8 +486,8 @@ func (s *Service) updateCheck(ctx context.Context, tx kv.Tx, id influxdb.ID, chk
if chk.GetName() != current.GetName() { if chk.GetName() != current.GetName() {
c0, err := s.findCheckByName(ctx, tx, current.GetOrgID(), chk.GetName()) c0, err := s.findCheckByName(ctx, tx, current.GetOrgID(), chk.GetName())
if err == nil && c0.GetID() != id { if err == nil && c0.GetID() != id {
return nil, &influxdb.Error{ return nil, &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "check name is not unique", Msg: "check name is not unique",
} }
} }
@ -542,7 +545,7 @@ func (s *Service) patchCheck(ctx context.Context, tx kv.Tx, check influxdb.Check
} }
// DeleteCheck deletes a check and prunes it from the index. // DeleteCheck deletes a check and prunes it from the index.
func (s *Service) DeleteCheck(ctx context.Context, id influxdb.ID) error { func (s *Service) DeleteCheck(ctx context.Context, id platform.ID) error {
ch, err := s.FindCheckByID(ctx, id) ch, err := s.FindCheckByID(ctx, id)
if err != nil { if err != nil {
return err return err

87
checks/service_external_test.go
View File

@ -8,6 +8,9 @@ import (
"testing" "testing"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts" "github.com/google/go-cmp/cmp/cmpopts"
"github.com/influxdata/flux/ast" "github.com/influxdata/flux/ast"
@ -174,7 +177,7 @@ var taskCmpOptions = cmp.Options{
// CheckFields will include the IDGenerator, and checks // CheckFields will include the IDGenerator, and checks
type CheckFields struct { type CheckFields struct {
IDGenerator influxdb.IDGenerator IDGenerator platform.IDGenerator
TimeGenerator influxdb.TimeGenerator TimeGenerator influxdb.TimeGenerator
TaskService influxdb.TaskService TaskService influxdb.TaskService
Checks []influxdb.Check Checks []influxdb.Check
@ -240,11 +243,11 @@ func CreateCheck(
t *testing.T, t *testing.T,
) { ) {
type args struct { type args struct {
userID influxdb.ID userID platform.ID
check influxdb.Check check influxdb.Check
} }
type wants struct { type wants struct {
err *influxdb.Error err *errors.Error
checks []influxdb.Check checks []influxdb.Check
tasks []*influxdb.Task tasks []*influxdb.Task
} }
@ -369,7 +372,7 @@ func CreateCheck(
name: "basic create check", name: "basic create check",
fields: CheckFields{ fields: CheckFields{
IDGenerator: &mock.IDGenerator{ IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID { IDFn: func() platform.ID {
return MustIDBase16(checkTwoID) return MustIDBase16(checkTwoID)
}, },
}, },
@ -453,7 +456,7 @@ func CreateCheck(
name: "names should be unique within an organization", name: "names should be unique within an organization",
fields: CheckFields{ fields: CheckFields{
IDGenerator: &mock.IDGenerator{ IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID { IDFn: func() platform.ID {
return MustIDBase16(checkTwoID) return MustIDBase16(checkTwoID)
}, },
}, },
@ -508,8 +511,8 @@ func CreateCheck(
checks: []influxdb.Check{ checks: []influxdb.Check{
deadman1, deadman1,
}, },
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Op: influxdb.OpCreateCheck, Op: influxdb.OpCreateCheck,
Msg: "check is not unique", Msg: "check is not unique",
}, },
@ -519,7 +522,7 @@ func CreateCheck(
name: "names should not be unique across organizations", name: "names should not be unique across organizations",
fields: CheckFields{ fields: CheckFields{
IDGenerator: &mock.IDGenerator{ IDGenerator: &mock.IDGenerator{
IDFn: func() influxdb.ID { IDFn: func() platform.ID {
return MustIDBase16(checkTwoID) return MustIDBase16(checkTwoID)
}, },
}, },
@ -670,8 +673,8 @@ func CreateCheck(
}, },
wants: wants{ wants: wants{
checks: []influxdb.Check{}, checks: []influxdb.Check{},
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "organization not found", Msg: "organization not found",
Op: influxdb.OpCreateCheck, Op: influxdb.OpCreateCheck,
}, },
@ -716,10 +719,10 @@ func FindCheckByID(
t *testing.T, t *testing.T,
) { ) {
type args struct { type args struct {
id influxdb.ID id platform.ID
} }
type wants struct { type wants struct {
err *influxdb.Error err *errors.Error
check influxdb.Check check influxdb.Check
} }
@ -768,8 +771,8 @@ func FindCheckByID(
id: MustIDBase16(threeID), id: MustIDBase16(threeID),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Op: influxdb.OpFindCheckByID, Op: influxdb.OpFindCheckByID,
Msg: "check not found", Msg: "check not found",
}, },
@ -799,11 +802,11 @@ func FindChecks(
t *testing.T, t *testing.T,
) { ) {
type args struct { type args struct {
ID influxdb.ID ID platform.ID
name string name string
organization string organization string
OrgID influxdb.ID OrgID platform.ID
userID influxdb.ID userID platform.ID
findOptions influxdb.FindOptions findOptions influxdb.FindOptions
} }
@ -1034,10 +1037,10 @@ func DeleteCheck(
) { ) {
type args struct { type args struct {
ID string ID string
userID influxdb.ID userID platform.ID
} }
type wants struct { type wants struct {
err *influxdb.Error err *errors.Error
checks []influxdb.Check checks []influxdb.Check
} }
@ -1108,10 +1111,10 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
userID: MustIDBase16(sixID), userID: MustIDBase16(sixID),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Op: influxdb.OpDeleteCheck, Op: influxdb.OpDeleteCheck,
Msg: "check not found", Msg: "check not found",
Code: influxdb.ENotFound, Code: errors.ENotFound,
}, },
checks: []influxdb.Check{ checks: []influxdb.Check{
deadman1, deadman1,
@ -1148,12 +1151,12 @@ func FindCheck(
) { ) {
type args struct { type args struct {
name string name string
OrgID influxdb.ID OrgID platform.ID
} }
type wants struct { type wants struct {
check influxdb.Check check influxdb.Check
err *influxdb.Error err *errors.Error
} }
tests := []struct { tests := []struct {
@ -1204,8 +1207,8 @@ func FindCheck(
OrgID: MustIDBase16(orgOneID), OrgID: MustIDBase16(orgOneID),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Op: influxdb.OpFindCheck, Op: influxdb.OpFindCheck,
Msg: "check not found", Msg: "check not found",
}, },
@ -1227,8 +1230,8 @@ func FindCheck(
OrgID: MustIDBase16(orgOneID), OrgID: MustIDBase16(orgOneID),
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Op: influxdb.OpFindCheck, Op: influxdb.OpFindCheck,
Msg: "check not found", Msg: "check not found",
}, },
@ -1265,7 +1268,7 @@ func UpdateCheck(
t *testing.T, t *testing.T,
) { ) {
type args struct { type args struct {
id influxdb.ID id platform.ID
check influxdb.Check check influxdb.Check
} }
type wants struct { type wants struct {
@ -1495,8 +1498,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "check name is not unique", Msg: "check name is not unique",
}, },
}, },
@ -1527,11 +1530,11 @@ func PatchCheck(
t *testing.T, t *testing.T,
) { ) {
type args struct { type args struct {
id influxdb.ID id platform.ID
upd influxdb.CheckUpdate upd influxdb.CheckUpdate
} }
type wants struct { type wants struct {
err *influxdb.Error err *errors.Error
check influxdb.Check check influxdb.Check
} }
@ -1667,8 +1670,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
}, },
}, },
wants: wants{ wants: wants{
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "check entity update conflicts with an existing entity", Msg: "check entity update conflicts with an existing entity",
}, },
}, },
@ -1692,8 +1695,8 @@ data = from(bucket: "telegraf") |> range(start: -1m)`,
} }
// MustIDBase16 is an helper to ensure a correct ID is built during testing. // MustIDBase16 is an helper to ensure a correct ID is built during testing.
func MustIDBase16(s string) influxdb.ID { func MustIDBase16(s string) platform.ID {
id, err := influxdb.IDFromString(s) id, err := platform.IDFromString(s)
if err != nil { if err != nil {
panic(err) panic(err)
} }
@ -1720,18 +1723,18 @@ func ErrorsEqual(t *testing.T, actual, expected error) {
t.Errorf("expected error %s but received nil", expected.Error()) t.Errorf("expected error %s but received nil", expected.Error())
} }
if influxdb.ErrorCode(expected) != influxdb.ErrorCode(actual) { if errors.ErrorCode(expected) != errors.ErrorCode(actual) {
t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual) t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual)
t.Errorf("expected error code %q but received %q", influxdb.ErrorCode(expected), influxdb.ErrorCode(actual)) t.Errorf("expected error code %q but received %q", errors.ErrorCode(expected), errors.ErrorCode(actual))
} }
if influxdb.ErrorMessage(expected) != influxdb.ErrorMessage(actual) { if errors.ErrorMessage(expected) != errors.ErrorMessage(actual) {
t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual) t.Logf("\nexpected: %v\nactual: %v\n\n", expected, actual)
t.Errorf("expected error message %q but received %q", influxdb.ErrorMessage(expected), influxdb.ErrorMessage(actual)) t.Errorf("expected error message %q but received %q", errors.ErrorMessage(expected), errors.ErrorMessage(actual))
} }
} }
func influxErrsEqual(t *testing.T, expected *influxdb.Error, actual error) { func influxErrsEqual(t *testing.T, expected *errors.Error, actual error) {
t.Helper() t.Helper()
if expected != nil { if expected != nil {
@ -1746,7 +1749,7 @@ func influxErrsEqual(t *testing.T, expected *influxdb.Error, actual error) {
require.NoError(t, actual) require.NoError(t, actual)
return return
} }
iErr, ok := actual.(*influxdb.Error) iErr, ok := actual.(*errors.Error)
require.True(t, ok) require.True(t, ok)
assert.Equal(t, expected.Code, iErr.Code) assert.Equal(t, expected.Code, iErr.Code)
assert.Truef(t, strings.HasPrefix(iErr.Error(), expected.Error()), "expected: %s got err: %s", expected.Error(), actual.Error()) assert.Truef(t, strings.HasPrefix(iErr.Error(), expected.Error()), "expected: %s got err: %s", expected.Error(), actual.Error())

6
cmd/chronograf-migrator/dashboard.go
View File

@ -8,6 +8,8 @@ import (
"strings" "strings"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/flux/ast" "github.com/influxdata/flux/ast"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/chronograf" "github.com/influxdata/influxdb/v2/chronograf"
@ -379,7 +381,7 @@ func convertQueries(qs []chronograf.DashboardQuery) []influxdb.DashboardQuery {
type dbrpMapper struct{} type dbrpMapper struct{}
// FindBy returns the dbrp mapping for the specified ID. // FindBy returns the dbrp mapping for the specified ID.
func (d dbrpMapper) FindByID(ctx context.Context, orgID influxdb.ID, id influxdb.ID) (*influxdb.DBRPMappingV2, error) { func (d dbrpMapper) FindByID(ctx context.Context, orgID platform.ID, id platform.ID) (*influxdb.DBRPMappingV2, error) {
return nil, errors.New("mapping not found") return nil, errors.New("mapping not found")
} }
@ -399,6 +401,6 @@ func (d dbrpMapper) Update(ctx context.Context, dbrp *influxdb.DBRPMappingV2) er
} }
// Delete removes a dbrp mapping. // Delete removes a dbrp mapping.
func (d dbrpMapper) Delete(ctx context.Context, orgID influxdb.ID, id influxdb.ID) error { func (d dbrpMapper) Delete(ctx context.Context, orgID platform.ID, id platform.ID) error {
return errors.New("dbrpMapper does not support deleting mappings") return errors.New("dbrpMapper does not support deleting mappings")
} }

30
cmd/influx/authorization.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"io" "io"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
platform "github.com/influxdata/influxdb/v2" platform "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/authorization" "github.com/influxdata/influxdb/v2/authorization"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -11,13 +13,13 @@ import (
) )
type token struct { type token struct {
ID platform.ID `json:"id"` ID platform2.ID `json:"id"`
Description string `json:"description"` Description string `json:"description"`
Token string `json:"token"` Token string `json:"token"`
Status string `json:"status"` Status string `json:"status"`
UserName string `json:"userName"` UserName string `json:"userName"`
UserID platform.ID `json:"userID"` UserID platform2.ID `json:"userID"`
Permissions []string `json:"permissions"` Permissions []string `json:"permissions"`
} }
func cmdAuth(f *globalFlags, opt genericCLIOpts) *cobra.Command { func cmdAuth(f *globalFlags, opt genericCLIOpts) *cobra.Command {
@ -163,7 +165,7 @@ func authorizationCreateF(cmd *cobra.Command, args []string) error {
var permissions []platform.Permission var permissions []platform.Permission
for _, bp := range bucketPerms { for _, bp := range bucketPerms {
for _, p := range bp.perms { for _, p := range bp.perms {
var id platform.ID var id platform2.ID
if err := id.DecodeFromString(p); err != nil { if err := id.DecodeFromString(p); err != nil {
return err return err
} }
@ -340,7 +342,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
var filter platform.AuthorizationFilter var filter platform.AuthorizationFilter
if authCRUDFlags.id != "" { if authCRUDFlags.id != "" {
fID, err := platform.IDFromString(authCRUDFlags.id) fID, err := platform2.IDFromString(authCRUDFlags.id)
if err != nil { if err != nil {
return err return err
} }
@ -350,7 +352,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
filter.User = &authorizationFindFlags.user filter.User = &authorizationFindFlags.user
} }
if authorizationFindFlags.userID != "" { if authorizationFindFlags.userID != "" {
uID, err := platform.IDFromString(authorizationFindFlags.userID) uID, err := platform2.IDFromString(authorizationFindFlags.userID)
if err != nil { if err != nil {
return err return err
} }
@ -360,7 +362,7 @@ func authorizationFindF(cmd *cobra.Command, args []string) error {
filter.Org = &authorizationFindFlags.org.name filter.Org = &authorizationFindFlags.org.name
} }
if authorizationFindFlags.org.id != "" { if authorizationFindFlags.org.id != "" {
oID, err := platform.IDFromString(authorizationFindFlags.org.id) oID, err := platform2.IDFromString(authorizationFindFlags.org.id)
if err != nil { if err != nil {
return err return err
} }
@ -428,7 +430,7 @@ func authorizationDeleteF(cmd *cobra.Command, args []string) error {
return err return err
} }
id, err := platform.IDFromString(authCRUDFlags.id) id, err := platform2.IDFromString(authCRUDFlags.id)
if err != nil { if err != nil {
return err return err
} }
@ -495,7 +497,7 @@ func authorizationActiveF(cmd *cobra.Command, args []string) error {
return err return err
} }
var id platform.ID var id platform2.ID
if err := id.DecodeFromString(authCRUDFlags.id); err != nil { if err := id.DecodeFromString(authCRUDFlags.id); err != nil {
return err return err
} }
@ -563,7 +565,7 @@ func authorizationInactiveF(cmd *cobra.Command, args []string) error {
return err return err
} }
var id platform.ID var id platform2.ID
if err := id.DecodeFromString(authCRUDFlags.id); err != nil { if err := id.DecodeFromString(authCRUDFlags.id); err != nil {
return err return err
} }

7
cmd/influx/backup.go
View File

@ -4,7 +4,8 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/backup" "github.com/influxdata/influxdb/v2/backup"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
influxlogger "github.com/influxdata/influxdb/v2/logger" influxlogger "github.com/influxdata/influxdb/v2/logger"
@ -73,14 +74,14 @@ func (b *cmdBackupBuilder) backupRunE(cmd *cobra.Command, _ []string) error {
InsecureSkipVerify: flags.skipVerify, InsecureSkipVerify: flags.skipVerify,
} }
var orgID influxdb.ID var orgID platform.ID
if b.org.id != "" { if b.org.id != "" {
if err := orgID.DecodeFromString(b.org.id); err != nil { if err := orgID.DecodeFromString(b.org.id); err != nil {
return err return err
} }
} }
var bucketID influxdb.ID var bucketID platform.ID
if b.bucketID != "" { if b.bucketID != "" {
if err := bucketID.DecodeFromString(b.bucketID); err != nil { if err := bucketID.DecodeFromString(b.bucketID); err != nil {
return err return err

12
cmd/influx/bucket.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal" "github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/tenant" "github.com/influxdata/influxdb/v2/tenant"
@ -138,7 +140,7 @@ func (b *cmdBucketBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
return err return err
} }
var id influxdb.ID var id platform.ID
var filter influxdb.BucketFilter var filter influxdb.BucketFilter
if b.id == "" && b.name != "" { if b.id == "" && b.name != "" {
if err = b.org.validOrgFlags(&flags); err != nil { if err = b.org.validOrgFlags(&flags); err != nil {
@ -146,7 +148,7 @@ func (b *cmdBucketBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
} }
filter.Name = &b.name filter.Name = &b.name
if b.org.id != "" { if b.org.id != "" {
if filter.OrganizationID, err = influxdb.IDFromString(b.org.id); err != nil { if filter.OrganizationID, err = platform.IDFromString(b.org.id); err != nil {
return err return err
} }
} else if b.org.name != "" { } else if b.org.name != "" {
@ -213,14 +215,14 @@ func (b *cmdBucketBuilder) cmdListRunEFn(cmd *cobra.Command, args []string) erro
filter.Name = &b.name filter.Name = &b.name
} }
if b.id != "" { if b.id != "" {
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err) return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err)
} }
filter.ID = id filter.ID = id
} }
if b.org.id != "" { if b.org.id != "" {
orgID, err := influxdb.IDFromString(b.org.id) orgID, err := platform.IDFromString(b.org.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org id %q: %v", b.org.id, err) return fmt.Errorf("failed to decode org id %q: %v", b.org.id, err)
} }
@ -272,7 +274,7 @@ func (b *cmdBucketBuilder) cmdUpdateRunEFn(cmd *cobra.Command, args []string) er
return err return err
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.id); err != nil { if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err) return fmt.Errorf("failed to decode bucket id %q: %v", b.id, err)
} }

64
cmd/influx/bucket_test.go
View File

@ -10,6 +10,8 @@ import (
"testing" "testing"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -18,7 +20,7 @@ import (
) )
func TestCmdBucket(t *testing.T) { func TestCmdBucket(t *testing.T) {
orgID := influxdb.ID(9000) orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.BucketService) bucketSVCsFn { fakeSVCFn := func(svc influxdb.BucketService) bucketSVCsFn {
return func() (influxdb.BucketService, influxdb.OrganizationService, error) { return func() (influxdb.BucketService, influxdb.OrganizationService, error) {
@ -142,39 +144,39 @@ func TestCmdBucket(t *testing.T) {
t.Run("delete", func(t *testing.T) { t.Run("delete", func(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
expectedID influxdb.ID expectedID platform.ID
flags []string flags []string
}{ }{
{ {
name: "with description and retention period", name: "with description and retention period",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flags: []string{"--id=" + influxdb.ID(1).String()}, flags: []string{"--id=" + platform.ID(1).String()},
}, },
{ {
name: "shorts", name: "shorts",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flags: []string{"-i=" + influxdb.ID(1).String()}, flags: []string{"-i=" + platform.ID(1).String()},
}, },
{ {
name: "with name and org name", name: "with name and org name",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flags: []string{"--name=n1", "--org=org1"}, flags: []string{"--name=n1", "--org=org1"},
}, },
{ {
name: "with name and org name short", name: "with name and org name short",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flags: []string{"-n=n1", "-o=org1"}, flags: []string{"-n=n1", "-o=org1"},
}, },
{ {
name: "with name and org id", name: "with name and org id",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flags: []string{"--name=n1", "--org-id=" + influxdb.ID(3).String()}, flags: []string{"--name=n1", "--org-id=" + platform.ID(3).String()},
}, },
} }
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewBucketService() svc := mock.NewBucketService()
svc.FindBucketByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error) { svc.FindBucketByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.Bucket, error) {
return &influxdb.Bucket{ID: id}, nil return &influxdb.Bucket{ID: id}, nil
} }
svc.FindBucketFn = func(ctx context.Context, filter influxdb.BucketFilter) (*influxdb.Bucket, error) { svc.FindBucketFn = func(ctx context.Context, filter influxdb.BucketFilter) (*influxdb.Bucket, error) {
@ -186,7 +188,7 @@ func TestCmdBucket(t *testing.T) {
} }
return nil, nil return nil, nil
} }
svc.DeleteBucketFn = func(ctx context.Context, id influxdb.ID) error { svc.DeleteBucketFn = func(ctx context.Context, id platform.ID) error {
if expectedID != id { if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id) return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
} }
@ -226,8 +228,8 @@ func TestCmdBucket(t *testing.T) {
t.Run("list", func(t *testing.T) { t.Run("list", func(t *testing.T) {
type called struct { type called struct {
name string name string
id influxdb.ID id platform.ID
orgID influxdb.ID orgID platform.ID
org string org string
} }
@ -240,15 +242,15 @@ func TestCmdBucket(t *testing.T) {
}{ }{
{ {
name: "org id", name: "org id",
flags: []string{"--org-id=" + influxdb.ID(3).String()}, flags: []string{"--org-id=" + platform.ID(3).String()},
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{orgID: 3}, expected: called{orgID: 3},
}, },
{ {
name: "id", name: "id",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(2).String(), "--id=" + platform.ID(2).String(),
"--org-id=" + influxdb.ID(3).String(), "--org-id=" + platform.ID(3).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{ expected: called{
@ -273,7 +275,7 @@ func TestCmdBucket(t *testing.T) {
flags: []string{ flags: []string{
"-o=rg", "-o=rg",
"-n=name1", "-n=name1",
"-i=" + influxdb.ID(1).String(), "-i=" + platform.ID(1).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{org: "rg", name: "name1", id: 1}, expected: called{org: "rg", name: "name1", id: 1},
@ -284,31 +286,31 @@ func TestCmdBucket(t *testing.T) {
"INFLUX_ORG": "rg", "INFLUX_ORG": "rg",
"INFLUX_BUCKET_NAME": "name1", "INFLUX_BUCKET_NAME": "name1",
}, },
flags: []string{"-i=" + influxdb.ID(1).String()}, flags: []string{"-i=" + platform.ID(1).String()},
expected: called{org: "rg", name: "name1", id: 1}, expected: called{org: "rg", name: "name1", id: 1},
}, },
{ {
name: "env vars 2", name: "env vars 2",
envVars: map[string]string{ envVars: map[string]string{
"INFLUX_ORG": "", "INFLUX_ORG": "",
"INFLUX_ORG_ID": influxdb.ID(2).String(), "INFLUX_ORG_ID": platform.ID(2).String(),
"INFLUX_BUCKET_NAME": "name1", "INFLUX_BUCKET_NAME": "name1",
}, },
flags: []string{"-i=" + influxdb.ID(1).String()}, flags: []string{"-i=" + platform.ID(1).String()},
expected: called{orgID: 2, name: "name1", id: 1}, expected: called{orgID: 2, name: "name1", id: 1},
}, },
{ {
name: "ls alias", name: "ls alias",
command: "ls", command: "ls",
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
flags: []string{"--org-id=" + influxdb.ID(3).String()}, flags: []string{"--org-id=" + platform.ID(3).String()},
expected: called{orgID: 3}, expected: called{orgID: 3},
}, },
{ {
name: "find alias", name: "find alias",
command: "find", command: "find",
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
flags: []string{"--org-id=" + influxdb.ID(3).String()}, flags: []string{"--org-id=" + platform.ID(3).String()},
expected: called{orgID: 3}, expected: called{orgID: 3},
}, },
} }
@ -374,7 +376,7 @@ func TestCmdBucket(t *testing.T) {
{ {
name: "basic just name", name: "basic just name",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
}, },
expected: influxdb.BucketUpdate{ expected: influxdb.BucketUpdate{
@ -384,7 +386,7 @@ func TestCmdBucket(t *testing.T) {
{ {
name: "with all fields", name: "with all fields",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
"--description=desc", "--description=desc",
"--retention=1m", "--retention=1m",
@ -398,7 +400,7 @@ func TestCmdBucket(t *testing.T) {
{ {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-n=new name", "-n=new name",
"-d=desc", "-d=desc",
"-r=1m", "-r=1m",
@ -412,7 +414,7 @@ func TestCmdBucket(t *testing.T) {
{ {
name: "env var", name: "env var",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-d=desc", "-d=desc",
"-r=1m", "-r=1m",
}, },
@ -426,7 +428,7 @@ func TestCmdBucket(t *testing.T) {
{ {
name: "shard-group duration", name: "shard-group duration",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"--shard-group-duration=1m", "--shard-group-duration=1m",
}, },
expected: influxdb.BucketUpdate{ expected: influxdb.BucketUpdate{
@ -437,9 +439,9 @@ func TestCmdBucket(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.BucketUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedUpdate influxdb.BucketUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewBucketService() svc := mock.NewBucketService()
svc.UpdateBucketFn = func(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) { svc.UpdateBucketFn = func(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
if id != 3 { if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id) return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
} }
if !reflect.DeepEqual(expectedUpdate, upd) { if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd) return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)

5
cmd/influx/config.go
View File

@ -5,7 +5,8 @@ import (
"net/url" "net/url"
"path/filepath" "path/filepath"
"github.com/influxdata/influxdb/v2" errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2/cmd/influx/config" "github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )
@ -198,7 +199,7 @@ func (b *cmdConfigBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) er
} }
cfg, err := svc.DeleteConfig(name) cfg, err := svc.DeleteConfig(name)
if influxdb.ErrorCode(err) == influxdb.ENotFound { if errors2.ErrorCode(err) == errors2.ENotFound {
continue continue
} }
if err != nil { if err != nil {

35
cmd/influx/config/config.go
View File

@ -8,8 +8,9 @@ import (
"io/ioutil" "io/ioutil"
"os" "os"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/BurntSushi/toml" "github.com/BurntSushi/toml"
"github.com/influxdata/influxdb/v2"
) )
// Config store the crendentials of influxdb host and token. // Config store the crendentials of influxdb host and token.
@ -52,8 +53,8 @@ type store interface {
// Switch to another config. // Switch to another config.
func (cfgs Configs) Switch(name string) error { func (cfgs Configs) Switch(name string) error {
if _, ok := cfgs[name]; !ok { if _, ok := cfgs[name]; !ok {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: fmt.Sprintf(`config %q is not found`, name), Msg: fmt.Sprintf(`config %q is not found`, name),
} }
} }
@ -135,8 +136,8 @@ var badNames = map[string]bool{
func blockBadName(cfgs Configs) error { func blockBadName(cfgs Configs) error {
for n := range cfgs { for n := range cfgs {
if _, ok := badNames[n]; ok { if _, ok := badNames[n]; ok {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: fmt.Sprintf(`%q is not a valid config name`, n), Msg: fmt.Sprintf(`%q is not a valid config name`, n),
} }
} }
@ -194,8 +195,8 @@ func (s baseRW) ListConfigs() (Configs, error) {
// CreateConfig create new config. // CreateConfig create new config.
func (svc localConfigsSVC) CreateConfig(cfg Config) (Config, error) { func (svc localConfigsSVC) CreateConfig(cfg Config) (Config, error) {
if cfg.Name == "" { if cfg.Name == "" {
return Config{}, &influxdb.Error{ return Config{}, &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "config name is empty", Msg: "config name is empty",
} }
} }
@ -204,8 +205,8 @@ func (svc localConfigsSVC) CreateConfig(cfg Config) (Config, error) {
return Config{}, err return Config{}, err
} }
if _, ok := cfgs[cfg.Name]; ok { if _, ok := cfgs[cfg.Name]; ok {
return Config{}, &influxdb.Error{ return Config{}, &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: fmt.Sprintf("config %q already exists", cfg.Name), Msg: fmt.Sprintf("config %q already exists", cfg.Name),
} }
} }
@ -228,8 +229,8 @@ func (svc localConfigsSVC) DeleteConfig(name string) (Config, error) {
p, ok := cfgs[name] p, ok := cfgs[name]
if !ok { if !ok {
return Config{}, &influxdb.Error{ return Config{}, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: fmt.Sprintf("config %q is not found", name), Msg: fmt.Sprintf("config %q is not found", name),
} }
} }
@ -270,8 +271,8 @@ func (svc localConfigsSVC) UpdateConfig(up Config) (Config, error) {
} }
p0, ok := cfgs[up.Name] p0, ok := cfgs[up.Name]
if !ok { if !ok {
return Config{}, &influxdb.Error{ return Config{}, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: fmt.Sprintf("config %q is not found", up.Name), Msg: fmt.Sprintf("config %q is not found", up.Name),
} }
} }
@ -337,8 +338,8 @@ func (s baseRW) parseActiveConfig(currentOrPrevious bool) (Config, error) {
activated = cfg activated = cfg
hasActive = true hasActive = true
} else if check { } else if check {
return DefaultConfig, &influxdb.Error{ return DefaultConfig, &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: "more than one " + previousText + "activated configs found", Msg: "more than one " + previousText + "activated configs found",
} }
} }
@ -346,8 +347,8 @@ func (s baseRW) parseActiveConfig(currentOrPrevious bool) (Config, error) {
if hasActive { if hasActive {
return activated, nil return activated, nil
} }
return DefaultConfig, &influxdb.Error{ return DefaultConfig, &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: previousText + "activated config is not found", Msg: previousText + "activated config is not found",
} }
} }

53
cmd/influx/config/config_test.go
View File

@ -4,29 +4,30 @@ import (
"bytes" "bytes"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2"
influxtesting "github.com/influxdata/influxdb/v2/testing" influxtesting "github.com/influxdata/influxdb/v2/testing"
) )
func TestWriteConfigs(t *testing.T) { func TestWriteConfigs(t *testing.T) {
cases := []struct { cases := []struct {
name string name string
err *influxdb.Error err *errors.Error
pp Configs pp Configs
result string result string
}{ }{
{ {
name: "bad name -", name: "bad name -",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: `"-" is not a valid config name`, Msg: `"-" is not a valid config name`,
}, },
}, },
{ {
name: "bad name create", name: "bad name create",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: `"create" is not a valid config name`, Msg: `"create" is not a valid config name`,
}, },
}, },
@ -259,8 +260,8 @@ func TestConfigsSwith(t *testing.T) {
"a1": {Host: "host1"}, "a1": {Host: "host1"},
"a2": {Host: "host2"}, "a2": {Host: "host2"},
}, },
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "p1" is not found`, Msg: `config "p1" is not found`,
}, },
}, },
@ -315,8 +316,8 @@ func TestConfigCreate(t *testing.T) {
}{ }{
{ {
name: "invalid name", name: "invalid name",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EInvalid, Code: errors.EInvalid,
Msg: "config name is empty", Msg: "config name is empty",
}, },
}, },
@ -381,8 +382,8 @@ func TestConfigCreate(t *testing.T) {
Name: "default", Name: "default",
Host: "host1", Host: "host1",
}, },
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.EConflict, Code: errors.EConflict,
Msg: `config "default" already exists`, Msg: `config "default" already exists`,
}, },
}, },
@ -460,16 +461,16 @@ func TestConfigSwitch(t *testing.T) {
}{ }{
{ {
name: "empty", name: "empty",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "" is not found`, Msg: `config "" is not found`,
}, },
}, },
{ {
name: "not found", name: "not found",
src: "default", src: "default",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "default" is not found`, Msg: `config "default" is not found`,
}, },
}, },
@ -576,8 +577,8 @@ func TestConfigSwitch(t *testing.T) {
}, },
}, },
src: "-", src: "-",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: "previous activated config is not found", Msg: "previous activated config is not found",
}, },
}, },
@ -613,8 +614,8 @@ func TestConfigUpdate(t *testing.T) {
}{ }{
{ {
name: "empty", name: "empty",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "" is not found`, Msg: `config "" is not found`,
}, },
}, },
@ -626,8 +627,8 @@ func TestConfigUpdate(t *testing.T) {
Org: "org1", Org: "org1",
Token: "tok1", Token: "tok1",
}, },
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "default" is not found`, Msg: `config "default" is not found`,
}, },
}, },
@ -711,8 +712,8 @@ func TestConfigDelete(t *testing.T) {
}{ }{
{ {
name: "empty", name: "empty",
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "" is not found`, Msg: `config "" is not found`,
}, },
}, },
@ -725,8 +726,8 @@ func TestConfigDelete(t *testing.T) {
Host: "host1", Host: "host1",
}, },
}, },
err: &influxdb.Error{ err: &errors.Error{
Code: influxdb.ENotFound, Code: errors.ENotFound,
Msg: `config "bad" is not found`, Msg: `config "bad" is not found`,
}, },
}, },

11
cmd/influx/config_test.go
View File

@ -8,8 +8,9 @@ import (
"path/filepath" "path/filepath"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/config" "github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -96,7 +97,7 @@ func TestCmdConfig(t *testing.T) {
return &mockConfigService{ return &mockConfigService{
CreateConfigFn: func(cfg config.Config) (config.Config, error) { CreateConfigFn: func(cfg config.Config) (config.Config, error) {
if diff := cmp.Diff(expected, cfg); diff != "" { if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{ return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("create config failed, diff %s", diff), Msg: fmt.Sprintf("create config failed, diff %s", diff),
} }
} }
@ -255,7 +256,7 @@ func TestCmdConfig(t *testing.T) {
cfg.Active = true cfg.Active = true
cfg.PreviousActive = false cfg.PreviousActive = false
if diff := cmp.Diff(expected, cfg); diff != "" { if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{ return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("switch config failed, diff %s", diff), Msg: fmt.Sprintf("switch config failed, diff %s", diff),
} }
} }
@ -380,7 +381,7 @@ func TestCmdConfig(t *testing.T) {
return &mockConfigService{ return &mockConfigService{
UpdateConfigFn: func(cfg config.Config) (config.Config, error) { UpdateConfigFn: func(cfg config.Config) (config.Config, error) {
if diff := cmp.Diff(expected, cfg); diff != "" { if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{ return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("update config failed, diff %s", diff), Msg: fmt.Sprintf("update config failed, diff %s", diff),
} }
} }
@ -496,7 +497,7 @@ func TestCmdConfig(t *testing.T) {
} }
} }
if diff := cmp.Diff(expected, cfg); diff != "" { if diff := cmp.Diff(expected, cfg); diff != "" {
return config.Config{}, &influxdb.Error{ return config.Config{}, &errors.Error{
Msg: fmt.Sprintf("delete config failed, diff %s", diff), Msg: fmt.Sprintf("delete config failed, diff %s", diff),
} }
} }

13
cmd/influx/dashboard.go
View File

@ -3,6 +3,9 @@ package main
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/dashboards/transport" "github.com/influxdata/influxdb/v2/dashboards/transport"
@ -65,15 +68,15 @@ func (b *cmdDashboardBuilder) listRunE(cmd *cobra.Command, args []string) error
orgID, _ := b.org.getID(orgSVC) orgID, _ := b.org.getID(orgSVC)
if orgID == 0 && len(b.ids) == 0 { if orgID == 0 && len(b.ids) == 0 {
return &influxdb.Error{ return &errors.Error{
Code: influxdb.EUnprocessableEntity, Code: errors.EUnprocessableEntity,
Msg: "at least one of org, org-id, or id must be provided", Msg: "at least one of org, org-id, or id must be provided",
} }
} }
var ids []*influxdb.ID var ids []*platform.ID
for _, rawID := range b.ids { for _, rawID := range b.ids {
id, err := influxdb.IDFromString(rawID) id, err := platform.IDFromString(rawID)
if err != nil { if err != nil {
return err return err
} }
@ -93,7 +96,7 @@ func (b *cmdDashboardBuilder) listRunE(cmd *cobra.Command, args []string) error
Limit: limit, Limit: limit,
Offset: offset, Offset: offset,
}) })
if err != nil && influxdb.ErrorCode(err) != influxdb.ENotFound { if err != nil && errors.ErrorCode(err) != errors.ENotFound {
return err return err
} }
out = append(out, dashboards...) out = append(out, dashboards...)

4
cmd/influx/internal/tabwriter.go
View File

@ -6,7 +6,7 @@ import (
"strings" "strings"
"text/tabwriter" "text/tabwriter"
platform "github.com/influxdata/influxdb/v2" platform2 "github.com/influxdata/influxdb/v2/kit/platform"
) )
// TabWriter wraps tab writer headers logic. // TabWriter wraps tab writer headers logic.
@ -62,7 +62,7 @@ func formatStringType(i interface{}) string {
switch i.(type) { switch i.(type) {
case int: case int:
return "%d" return "%d"
case platform.ID, string: case platform2.ID, string:
return "%s" return "%s"
} }

11
cmd/influx/main.go
View File

@ -13,6 +13,9 @@ import (
"sync" "sync"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/config" "github.com/influxdata/influxdb/v2/cmd/influx/config"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -469,7 +472,7 @@ func checkSetupRunEMiddleware(f *globalFlags) cobraRunEMiddleware {
} }
ac := f.config() ac := f.config()
if setupErr := checkSetup(ac.Host, f.skipVerify); setupErr != nil && influxdb.EUnauthorized != influxdb.ErrorCode(setupErr) { if setupErr := checkSetup(ac.Host, f.skipVerify); setupErr != nil && errors.EUnauthorized != errors.ErrorCode(setupErr) {
cmd.OutOrStderr().Write([]byte(fmt.Sprintf("Error: %s\n", internal.ErrorFmt(err).Error()))) cmd.OutOrStderr().Write([]byte(fmt.Sprintf("Error: %s\n", internal.ErrorFmt(err).Error())))
return internal.ErrorFmt(setupErr) return internal.ErrorFmt(setupErr)
} }
@ -510,16 +513,16 @@ func (o *organization) register(v *viper.Viper, cmd *cobra.Command, persistent b
opts.mustRegister(v, cmd) opts.mustRegister(v, cmd)
} }
func (o *organization) getID(orgSVC influxdb.OrganizationService) (influxdb.ID, error) { func (o *organization) getID(orgSVC influxdb.OrganizationService) (platform.ID, error) {
if o.id != "" { if o.id != "" {
influxOrgID, err := influxdb.IDFromString(o.id) influxOrgID, err := platform.IDFromString(o.id)
if err != nil { if err != nil {
return 0, fmt.Errorf("invalid org ID '%s' provided (did you pass an org name instead of an ID?): %w", o.id, err) return 0, fmt.Errorf("invalid org ID '%s' provided (did you pass an org name instead of an ID?): %w", o.id, err)
} }
return *influxOrgID, nil return *influxOrgID, nil
} }
getOrgByName := func(name string) (influxdb.ID, error) { getOrgByName := func(name string) (platform.ID, error) {
org, err := orgSVC.FindOrganization(context.Background(), influxdb.OrganizationFilter{ org, err := orgSVC.FindOrganization(context.Background(), influxdb.OrganizationFilter{
Name: &name, Name: &name,
}) })

23
cmd/influx/organization.go
View File

@ -5,6 +5,9 @@ import (
"fmt" "fmt"
"io" "io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/tenant" "github.com/influxdata/influxdb/v2/tenant"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -111,7 +114,7 @@ func (b *cmdOrgBuilder) deleteRunEFn(cmd *cobra.Command, args []string) error {
return fmt.Errorf("failed to initialize org service client: %v", err) return fmt.Errorf("failed to initialize org service client: %v", err)
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.id); err != nil { if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
} }
@ -171,7 +174,7 @@ func (b *cmdOrgBuilder) findRunEFn(cmd *cobra.Command, args []string) error {
} }
if b.id != "" { if b.id != "" {
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
} }
@ -226,7 +229,7 @@ func (b *cmdOrgBuilder) updateRunEFn(cmd *cobra.Command, args []string) error {
return fmt.Errorf("failed to initialize org service client: %v", err) return fmt.Errorf("failed to initialize org service client: %v", err)
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.id); err != nil { if err := id.DecodeFromString(b.id); err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
} }
@ -341,7 +344,7 @@ func (b *cmdOrgBuilder) memberListRunEFn(cmd *cobra.Command, args []string) erro
} }
if b.id != "" { if b.id != "" {
var fID influxdb.ID var fID platform.ID
err := fID.DecodeFromString(b.id) err := fID.DecodeFromString(b.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -409,7 +412,7 @@ func (b *cmdOrgBuilder) memberAddRunEFn(cmd *cobra.Command, args []string) error
} }
if b.id != "" { if b.id != "" {
var fID influxdb.ID var fID platform.ID
err := fID.DecodeFromString(b.id) err := fID.DecodeFromString(b.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -423,7 +426,7 @@ func (b *cmdOrgBuilder) memberAddRunEFn(cmd *cobra.Command, args []string) error
return fmt.Errorf("failed to find org: %v", err) return fmt.Errorf("failed to find org: %v", err)
} }
var memberID influxdb.ID var memberID platform.ID
err = memberID.DecodeFromString(b.memberID) err = memberID.DecodeFromString(b.memberID)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err) return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err)
@ -486,7 +489,7 @@ func (b *cmdOrgBuilder) membersRemoveRunEFn(cmd *cobra.Command, args []string) e
} }
if b.id != "" { if b.id != "" {
var fID influxdb.ID var fID platform.ID
err := fID.DecodeFromString(b.id) err := fID.DecodeFromString(b.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org id %s: %v", b.id, err) return fmt.Errorf("failed to decode org id %s: %v", b.id, err)
@ -500,7 +503,7 @@ func (b *cmdOrgBuilder) membersRemoveRunEFn(cmd *cobra.Command, args []string) e
return fmt.Errorf("failed to find organization: %v", err) return fmt.Errorf("failed to find organization: %v", err)
} }
var memberID influxdb.ID var memberID platform.ID
err = memberID.DecodeFromString(b.memberID) err = memberID.DecodeFromString(b.memberID)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err) return fmt.Errorf("failed to decode member id %s: %v", b.memberID, err)
@ -580,7 +583,7 @@ func (b *cmdOrgBuilder) memberList(ctx context.Context, urmSVC influxdb.UserReso
for i := 0; i < len(mappings); i++ { for i := 0; i < len(mappings); i++ {
select { select {
case <-ctx.Done(): case <-ctx.Done():
return &influxdb.Error{ return &errors.Error{
Msg: "Timeout retrieving user details", Msg: "Timeout retrieving user details",
} }
case err := <-errC: case err := <-errC:
@ -620,7 +623,7 @@ func addMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMap
return err return err
} }
func removeMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMappingService, resourceID, userID influxdb.ID) error { func removeMember(ctx context.Context, w io.Writer, urmSVC influxdb.UserResourceMappingService, resourceID, userID platform.ID) error {
if err := urmSVC.DeleteUserResourceMapping(ctx, resourceID, userID); err != nil { if err := urmSVC.DeleteUserResourceMapping(ctx, resourceID, userID); err != nil {
return fmt.Errorf("failed to remove member: %v", err) return fmt.Errorf("failed to remove member: %v", err)
} }

72
cmd/influx/organization_test.go
View File

@ -8,6 +8,8 @@ import (
"reflect" "reflect"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
@ -87,27 +89,27 @@ func TestCmdOrg(t *testing.T) {
t.Run("delete", func(t *testing.T) { t.Run("delete", func(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
expectedID influxdb.ID expectedID platform.ID
flag string flag string
}{ }{
{ {
name: "id", name: "id",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flag: "--id=", flag: "--id=",
}, },
{ {
name: "shorts", name: "shorts",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flag: "-i=", flag: "-i=",
}, },
} }
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewOrganizationService() svc := mock.NewOrganizationService()
svc.FindOrganizationByIDF = func(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) { svc.FindOrganizationByIDF = func(ctx context.Context, id platform.ID) (*influxdb.Organization, error) {
return &influxdb.Organization{ID: id}, nil return &influxdb.Organization{ID: id}, nil
} }
svc.DeleteOrganizationF = func(ctx context.Context, id influxdb.ID) error { svc.DeleteOrganizationF = func(ctx context.Context, id platform.ID) error {
if expectedID != id { if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id) return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
} }
@ -140,7 +142,7 @@ func TestCmdOrg(t *testing.T) {
t.Run("list", func(t *testing.T) { t.Run("list", func(t *testing.T) {
type called struct { type called struct {
name string name string
id influxdb.ID id platform.ID
} }
tests := []struct { tests := []struct {
@ -152,7 +154,7 @@ func TestCmdOrg(t *testing.T) {
}{ }{
{ {
name: "org id", name: "org id",
flags: []string{"--id=" + influxdb.ID(3).String()}, flags: []string{"--id=" + platform.ID(3).String()},
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3}, expected: called{id: 3},
}, },
@ -166,7 +168,7 @@ func TestCmdOrg(t *testing.T) {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-n=name1", "-n=name1",
"-i=" + influxdb.ID(1).String(), "-i=" + platform.ID(1).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{name: "name1", id: 1}, expected: called{name: "name1", id: 1},
@ -174,10 +176,10 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "env vars", name: "env vars",
envVars: map[string]string{ envVars: map[string]string{
"INFLUX_ORG_ID": influxdb.ID(1).String(), "INFLUX_ORG_ID": platform.ID(1).String(),
"INFLUX_ORG": "name1", "INFLUX_ORG": "name1",
}, },
flags: []string{"-i=" + influxdb.ID(1).String()}, flags: []string{"-i=" + platform.ID(1).String()},
expected: called{name: "name1", id: 1}, expected: called{name: "name1", id: 1},
}, },
{ {
@ -251,7 +253,7 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "basic just name", name: "basic just name",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
}, },
expected: influxdb.OrganizationUpdate{ expected: influxdb.OrganizationUpdate{
@ -261,7 +263,7 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "with all fields", name: "with all fields",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
"--description=desc", "--description=desc",
}, },
@ -273,7 +275,7 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-n=new name", "-n=new name",
"-d=desc", "-d=desc",
}, },
@ -286,7 +288,7 @@ func TestCmdOrg(t *testing.T) {
name: "env var", name: "env var",
envVars: map[string]string{ envVars: map[string]string{
"INFLUX_ORG": "new name", "INFLUX_ORG": "new name",
"INFLUX_ORG_ID": influxdb.ID(3).String(), "INFLUX_ORG_ID": platform.ID(3).String(),
"INFLUX_ORG_DESCRIPTION": "desc", "INFLUX_ORG_DESCRIPTION": "desc",
}, },
expected: influxdb.OrganizationUpdate{ expected: influxdb.OrganizationUpdate{
@ -298,9 +300,9 @@ func TestCmdOrg(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.OrganizationUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedUpdate influxdb.OrganizationUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewOrganizationService() svc := mock.NewOrganizationService()
svc.UpdateOrganizationF = func(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) { svc.UpdateOrganizationF = func(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
if id != 3 { if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id) return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
} }
if !reflect.DeepEqual(expectedUpdate, upd) { if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd) return nil, fmt.Errorf("unexpected bucket update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)
@ -336,8 +338,8 @@ func TestCmdOrg(t *testing.T) {
type ( type (
called struct { called struct {
name string name string
id influxdb.ID id platform.ID
memberID influxdb.ID memberID platform.ID
} }
testCase struct { testCase struct {
@ -384,13 +386,13 @@ func TestCmdOrg(t *testing.T) {
tests := []testCase{ tests := []testCase{
{ {
name: "org id", name: "org id",
memberFlags: []string{"--id=" + influxdb.ID(3).String()}, memberFlags: []string{"--id=" + platform.ID(3).String()},
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3}, expected: called{id: 3},
}, },
{ {
name: "org id short", name: "org id short",
memberFlags: []string{"-i=" + influxdb.ID(3).String()}, memberFlags: []string{"-i=" + platform.ID(3).String()},
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3}, expected: called{id: 3},
}, },
@ -398,7 +400,7 @@ func TestCmdOrg(t *testing.T) {
name: "org id env var", name: "org id env var",
envVars: map[string]string{ envVars: map[string]string{
"INFLUX_ORG": "", "INFLUX_ORG": "",
"INFLUX_ORG_ID": influxdb.ID(3).String(), "INFLUX_ORG_ID": platform.ID(3).String(),
}, },
expected: called{id: 3}, expected: called{id: 3},
}, },
@ -476,8 +478,8 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "org id", name: "org id",
memberFlags: []string{ memberFlags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--member=" + influxdb.ID(4).String(), "--member=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4}, expected: called{id: 3, memberID: 4},
@ -485,8 +487,8 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "org id shorts", name: "org id shorts",
memberFlags: []string{ memberFlags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-m=" + influxdb.ID(4).String(), "-m=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4}, expected: called{id: 3, memberID: 4},
@ -495,7 +497,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name", name: "org name",
memberFlags: []string{ memberFlags: []string{
"--name=name1", "--name=name1",
"--member=" + influxdb.ID(4).String(), "--member=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4}, expected: called{name: "name1", memberID: 4},
@ -504,7 +506,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name shorts", name: "org name shorts",
memberFlags: []string{ memberFlags: []string{
"-n=name1", "-n=name1",
"-m=" + influxdb.ID(4).String(), "-m=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4}, expected: called{name: "name1", memberID: 4},
@ -529,7 +531,7 @@ func TestCmdOrg(t *testing.T) {
return &influxdb.Organization{ID: 1}, nil return &influxdb.Organization{ID: 1}, nil
} }
urmSVC := mock.NewUserResourceMappingService() urmSVC := mock.NewUserResourceMappingService()
urmSVC.DeleteMappingFn = func(ctx context.Context, resourceID, userID influxdb.ID) error { urmSVC.DeleteMappingFn = func(ctx context.Context, resourceID, userID platform.ID) error {
calls.memberID = userID calls.memberID = userID
return nil return nil
} }
@ -544,8 +546,8 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "org id", name: "org id",
memberFlags: []string{ memberFlags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--member=" + influxdb.ID(4).String(), "--member=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4}, expected: called{id: 3, memberID: 4},
@ -553,8 +555,8 @@ func TestCmdOrg(t *testing.T) {
{ {
name: "org id shorts", name: "org id shorts",
memberFlags: []string{ memberFlags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-m=" + influxdb.ID(4).String(), "-m=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{id: 3, memberID: 4}, expected: called{id: 3, memberID: 4},
@ -563,7 +565,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name", name: "org name",
memberFlags: []string{ memberFlags: []string{
"--name=name1", "--name=name1",
"--member=" + influxdb.ID(4).String(), "--member=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4}, expected: called{name: "name1", memberID: 4},
@ -572,7 +574,7 @@ func TestCmdOrg(t *testing.T) {
name: "org name shorts", name: "org name shorts",
memberFlags: []string{ memberFlags: []string{
"-n=name1", "-n=name1",
"-m=" + influxdb.ID(4).String(), "-m=" + platform.ID(4).String(),
}, },
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{name: "name1", memberID: 4}, expected: called{name: "name1", memberID: 4},

7
cmd/influx/restore.go
View File

@ -5,7 +5,8 @@ import (
"fmt" "fmt"
"os" "os"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
influxlogger "github.com/influxdata/influxdb/v2/logger" influxlogger "github.com/influxdata/influxdb/v2/logger"
"github.com/influxdata/influxdb/v2/restore" "github.com/influxdata/influxdb/v2/restore"
@ -98,14 +99,14 @@ func (b *cmdRestoreBuilder) restoreRunE(cmd *cobra.Command, args []string) (err
BucketService: &tenant.BucketClientService{Client: client}, BucketService: &tenant.BucketClientService{Client: client},
} }
var orgID influxdb.ID var orgID platform.ID
if b.org.id != "" { if b.org.id != "" {
if err := orgID.DecodeFromString(b.org.id); err != nil { if err := orgID.DecodeFromString(b.org.id); err != nil {
return err return err
} }
} }
var bucketID influxdb.ID var bucketID platform.ID
if b.bucketID != "" { if b.bucketID != "" {
if err := bucketID.DecodeFromString(b.bucketID); err != nil { if err := bucketID.DecodeFromString(b.bucketID); err != nil {
return err return err

4
cmd/influx/secret.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal" "github.com/influxdata/influxdb/v2/cmd/internal"
isecret "github.com/influxdata/influxdb/v2/secret" isecret "github.com/influxdata/influxdb/v2/secret"
@ -236,7 +238,7 @@ type (
secret struct { secret struct {
key string key string
orgID influxdb.ID orgID platform.ID
} }
) )

12
cmd/influx/secret_test.go
View File

@ -7,6 +7,8 @@ import (
"io/ioutil" "io/ioutil"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -16,7 +18,7 @@ import (
) )
func TestCmdSecret(t *testing.T) { func TestCmdSecret(t *testing.T) {
orgID := influxdb.ID(9000) orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.SecretService, fn func(*input.UI) string) secretSVCsFn { fakeSVCFn := func(svc influxdb.SecretService, fn func(*input.UI) string) secretSVCsFn {
return func() (influxdb.SecretService, influxdb.OrganizationService, func(*input.UI) string, error) { return func() (influxdb.SecretService, influxdb.OrganizationService, func(*input.UI) string, error) {
@ -39,7 +41,7 @@ func TestCmdSecret(t *testing.T) {
}{ }{
{ {
name: "org id", name: "org id",
flags: []string{"--org-id=" + influxdb.ID(3).String()}, flags: []string{"--org-id=" + platform.ID(3).String()},
envVars: envVarsZeroMap, envVars: envVarsZeroMap,
expected: called{"k1", "k2", "k3"}, expected: called{"k1", "k2", "k3"},
}, },
@ -76,7 +78,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func() (func(*globalFlags, genericCLIOpts) *cobra.Command, *called) { cmdFn := func() (func(*globalFlags, genericCLIOpts) *cobra.Command, *called) {
calls := new(called) calls := new(called)
svc := mock.NewSecretService() svc := mock.NewSecretService()
svc.GetSecretKeysFn = func(ctx context.Context, organizationID influxdb.ID) ([]string, error) { svc.GetSecretKeysFn = func(ctx context.Context, organizationID platform.ID) ([]string, error) {
if !organizationID.Valid() { if !organizationID.Valid() {
return []string{}, nil return []string{}, nil
} }
@ -137,7 +139,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewSecretService() svc := mock.NewSecretService()
svc.DeleteSecretFn = func(ctx context.Context, orgID influxdb.ID, ks ...string) error { svc.DeleteSecretFn = func(ctx context.Context, orgID platform.ID, ks ...string) error {
if expectedKey != ks[0] { if expectedKey != ks[0] {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedKey, ks[0]) return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedKey, ks[0])
} }
@ -200,7 +202,7 @@ func TestCmdSecret(t *testing.T) {
cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedKey string) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewSecretService() svc := mock.NewSecretService()
svc.PatchSecretsFn = func(ctx context.Context, orgID influxdb.ID, m map[string]string) error { svc.PatchSecretsFn = func(ctx context.Context, orgID platform.ID, m map[string]string) error {
var key string var key string
for k := range m { for k := range m {
key = k key = k

28
cmd/influx/task.go
View File

@ -5,6 +5,8 @@ import (
"fmt" "fmt"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
"github.com/influxdata/influxdb/v2/tenant" "github.com/influxdata/influxdb/v2/tenant"
@ -169,7 +171,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
filter := influxdb.TaskFilter{} filter := influxdb.TaskFilter{}
if b.taskFindFlags.user != "" { if b.taskFindFlags.user != "" {
id, err := influxdb.IDFromString(b.taskFindFlags.user) id, err := platform.IDFromString(b.taskFindFlags.user)
if err != nil { if err != nil {
return err return err
} }
@ -180,7 +182,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
filter.Organization = b.org.name filter.Organization = b.org.name
} }
if b.org.id != "" { if b.org.id != "" {
id, err := influxdb.IDFromString(b.org.id) id, err := platform.IDFromString(b.org.id)
if err != nil { if err != nil {
return err return err
} }
@ -195,7 +197,7 @@ func (b *cmdTaskBuilder) taskFindF(cmd *cobra.Command, args []string) error {
var tasks []*influxdb.Task var tasks []*influxdb.Task
if b.taskID != "" { if b.taskID != "" {
id, err := influxdb.IDFromString(b.taskID) id, err := platform.IDFromString(b.taskID)
if err != nil { if err != nil {
return err return err
} }
@ -282,7 +284,7 @@ func (b *cmdTaskBuilder) taskRetryFailedF(*cobra.Command, []string) error {
} }
} }
if b.taskRerunFailedFlags.dryRun { if b.taskRerunFailedFlags.dryRun {
uniqueIDs := make(map[influxdb.ID]struct{}) uniqueIDs := make(map[platform.ID]struct{})
for _, r := range failedRuns { for _, r := range failedRuns {
uniqueIDs[r.TaskID] = struct{}{} uniqueIDs[r.TaskID] = struct{}{}
} }
@ -300,7 +302,7 @@ func (b *cmdTaskBuilder) getFailedRunsForTaskID(limit int) ([]*influxdb.Run, err
return nil, err return nil, err
} }
runFilter := influxdb.RunFilter{Limit: limit} runFilter := influxdb.RunFilter{Limit: limit}
id, err := influxdb.IDFromString(b.taskID) id, err := platform.IDFromString(b.taskID)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -336,7 +338,7 @@ func (b *cmdTaskBuilder) getFailedRunsForOrg(taskLimit int, runLimit int) ([]*in
taskFilter.Organization = b.org.name taskFilter.Organization = b.org.name
} }
if b.org.id != "" { if b.org.id != "" {
orgID, err := influxdb.IDFromString(b.org.id) orgID, err := platform.IDFromString(b.org.id)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -392,7 +394,7 @@ func (b *cmdTaskBuilder) taskUpdateF(cmd *cobra.Command, args []string) error {
return err return err
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.taskID); err != nil { if err := id.DecodeFromString(b.taskID); err != nil {
return err return err
} }
@ -437,7 +439,7 @@ func (b *cmdTaskBuilder) taskDeleteF(cmd *cobra.Command, args []string) error {
return err return err
} }
var id influxdb.ID var id platform.ID
err = id.DecodeFromString(b.taskID) err = id.DecodeFromString(b.taskID)
if err != nil { if err != nil {
return err return err
@ -536,14 +538,14 @@ func (b *cmdTaskBuilder) taskLogFindF(cmd *cobra.Command, args []string) error {
} }
var filter influxdb.LogFilter var filter influxdb.LogFilter
id, err := influxdb.IDFromString(b.taskID) id, err := platform.IDFromString(b.taskID)
if err != nil { if err != nil {
return err return err
} }
filter.Task = *id filter.Task = *id
if b.runID != "" { if b.runID != "" {
id, err := influxdb.IDFromString(b.runID) id, err := platform.IDFromString(b.runID)
if err != nil { if err != nil {
return err return err
} }
@ -624,7 +626,7 @@ func (b *cmdTaskBuilder) taskRunFindF(cmd *cobra.Command, args []string) error {
AfterTime: b.taskRunFindFlags.afterTime, AfterTime: b.taskRunFindFlags.afterTime,
BeforeTime: b.taskRunFindFlags.beforeTime, BeforeTime: b.taskRunFindFlags.beforeTime,
} }
taskID, err := influxdb.IDFromString(b.taskID) taskID, err := platform.IDFromString(b.taskID)
if err != nil { if err != nil {
return err return err
} }
@ -632,7 +634,7 @@ func (b *cmdTaskBuilder) taskRunFindF(cmd *cobra.Command, args []string) error {
var runs []*influxdb.Run var runs []*influxdb.Run
if b.runID != "" { if b.runID != "" {
id, err := influxdb.IDFromString(b.runID) id, err := platform.IDFromString(b.runID)
if err != nil { if err != nil {
return err return err
} }
@ -714,7 +716,7 @@ func (b *cmdTaskBuilder) runRetryF(*cobra.Command, []string) error {
return err return err
} }
var taskID, runID influxdb.ID var taskID, runID platform.ID
if err := taskID.DecodeFromString(runRetryFlags.taskID); err != nil { if err := taskID.DecodeFromString(runRetryFlags.taskID); err != nil {
return err return err
} }

4
cmd/influx/task_test.go
View File

@ -7,6 +7,8 @@ import (
"io/ioutil" "io/ioutil"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
@ -17,7 +19,7 @@ import (
// Purpose of test suite: // Purpose of test suite:
// checking if cmd line tool gives all data needed for TaskService to perform functions // checking if cmd line tool gives all data needed for TaskService to perform functions
func TestCmdTask(t *testing.T) { func TestCmdTask(t *testing.T) {
orgID := influxdb.ID(9000) orgID := platform.ID(9000)
fakeSVCFn := func(svc influxdb.TaskService) taskSVCsFn { fakeSVCFn := func(svc influxdb.TaskService) taskSVCsFn {
return func() (influxdb.TaskService, influxdb.OrganizationService, error) { return func() (influxdb.TaskService, influxdb.OrganizationService, error) {

19
cmd/influx/telegraf.go
View File

@ -5,6 +5,9 @@ import (
"errors" "errors"
"io/ioutil" "io/ioutil"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
@ -76,14 +79,14 @@ func (b *cmdTelegrafBuilder) listRunE(cmd *cobra.Command, args []string) error {
orgID, _ := b.org.getID(orgSVC) orgID, _ := b.org.getID(orgSVC)
if orgID == 0 && b.id == "" { if orgID == 0 && b.id == "" {
return &influxdb.Error{ return &errors2.Error{
Code: influxdb.EUnprocessableEntity, Code: errors2.EUnprocessableEntity,
Msg: "at least one of org, org-id, or id must be provided", Msg: "at least one of org, org-id, or id must be provided",
} }
} }
if b.id != "" { if b.id != "" {
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return err return err
} }
@ -190,13 +193,13 @@ func (b *cmdTelegrafBuilder) removeRunEFn(cmd *cobra.Command, args []string) err
} }
for _, rawID := range b.ids { for _, rawID := range b.ids {
id, err := influxdb.IDFromString(rawID) id, err := platform.IDFromString(rawID)
if err != nil { if err != nil {
return err return err
} }
err = svc.DeleteTelegrafConfig(context.Background(), *id) err = svc.DeleteTelegrafConfig(context.Background(), *id)
if err != nil && influxdb.ErrorCode(err) != influxdb.ENotFound { if err != nil && errors2.ErrorCode(err) != errors2.ENotFound {
return err return err
} }
} }
@ -247,7 +250,7 @@ func (b *cmdTelegrafBuilder) updateRunEFn(cmd *cobra.Command, args []string) err
return err return err
} }
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return err return err
} }
@ -309,8 +312,8 @@ func (b *cmdTelegrafBuilder) readConfig(file string) (string, error) {
stdIn, err := inStdIn(b.in) stdIn, err := inStdIn(b.in)
if err != nil { if err != nil {
return "", &influxdb.Error{ return "", &errors2.Error{
Code: influxdb.EUnprocessableEntity, Code: errors2.EUnprocessableEntity,
Err: errors.New("a Telegraf config must be provided"), Err: errors.New("a Telegraf config must be provided"),
} }
} }

30
cmd/influx/template.go
View File

@ -17,6 +17,8 @@ import (
"strings" "strings"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/fatih/color" "github.com/fatih/color"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
@ -216,7 +218,7 @@ func (b *cmdTemplateBuilder) applyRunEFn(cmd *cobra.Command, args []string) erro
} }
} }
var stackID influxdb.ID var stackID platform.ID
if b.stackID != "" { if b.stackID != "" {
if err := stackID.DecodeFromString(b.stackID); err != nil { if err := stackID.DecodeFromString(b.stackID); err != nil {
return err return err
@ -407,7 +409,7 @@ func (b *cmdTemplateBuilder) exportRunEFn(cmd *cobra.Command, args []string) err
} }
if b.stackID != "" { if b.stackID != "" {
stackID, err := influxdb.IDFromString(b.stackID) stackID, err := platform.IDFromString(b.stackID)
if err != nil { if err != nil {
return ierror.Wrap(err, "invalid stack ID provided") return ierror.Wrap(err, "invalid stack ID provided")
} }
@ -558,7 +560,7 @@ func (b *cmdTemplateBuilder) exportStackRunEFn(cmd *cobra.Command, args []string
return err return err
} }
stackID, err := influxdb.IDFromString(args[0]) stackID, err := platform.IDFromString(args[0])
if err != nil { if err != nil {
return err return err
} }
@ -718,9 +720,9 @@ func (b *cmdTemplateBuilder) stackListRunEFn(cmd *cobra.Command, args []string)
return err return err
} }
var stackIDs []influxdb.ID var stackIDs []platform.ID
for _, rawID := range b.stackIDs { for _, rawID := range b.stackIDs {
id, err := influxdb.IDFromString(rawID) id, err := platform.IDFromString(rawID)
if err != nil { if err != nil {
return err return err
} }
@ -774,9 +776,9 @@ func (b *cmdTemplateBuilder) stackRemoveRunEFn(cmd *cobra.Command, args []string
return err return err
} }
var stackIDs []influxdb.ID var stackIDs []platform.ID
for _, rawID := range b.stackIDs { for _, rawID := range b.stackIDs {
id, err := influxdb.IDFromString(rawID) id, err := platform.IDFromString(rawID)
if err != nil { if err != nil {
return err return err
} }
@ -820,7 +822,7 @@ func (b *cmdTemplateBuilder) stackRemoveRunEFn(cmd *cobra.Command, args []string
} }
} }
err := templateSVC.DeleteStack(context.Background(), struct{ OrgID, UserID, StackID influxdb.ID }{ err := templateSVC.DeleteStack(context.Background(), struct{ OrgID, UserID, StackID platform.ID }{
OrgID: orgID, OrgID: orgID,
UserID: 0, UserID: 0,
StackID: stack.ID, StackID: stack.ID,
@ -883,7 +885,7 @@ func (b *cmdTemplateBuilder) stackUpdateRunEFn(cmd *cobra.Command, args []string
return err return err
} }
stackID, err := influxdb.IDFromString(b.stackID) stackID, err := platform.IDFromString(b.stackID)
if err != nil { if err != nil {
return ierror.Wrap(err, "required stack id is invalid") return ierror.Wrap(err, "required stack id is invalid")
} }
@ -917,7 +919,7 @@ func (b *cmdTemplateBuilder) stackUpdateRunEFn(cmd *cobra.Command, args []string
return errors.New("resource type is invalid; got: " + b.exportOpts.resourceType) return errors.New("resource type is invalid; got: " + b.exportOpts.resourceType)
} }
id, err := influxdb.IDFromString(idRaw) id, err := platform.IDFromString(idRaw)
if err != nil { if err != nil {
return ierror.Wrap(err, fmt.Sprintf("%s resource id %q is invalid", kind, idRaw)) return ierror.Wrap(err, fmt.Sprintf("%s resource id %q is invalid", kind, idRaw))
} }
@ -1197,9 +1199,9 @@ func newResourcesToClone(kind pkger.Kind, idStrs, names []string) (pkger.ExportO
return pkger.ExportWithExistingResources(resources...), nil return pkger.ExportWithExistingResources(resources...), nil
} }
func toInfluxIDs(args []string) ([]influxdb.ID, error) { func toInfluxIDs(args []string) ([]platform.ID, error) {
var ( var (
ids []influxdb.ID ids []platform.ID
errs []string errs []string
) )
for _, arg := range args { for _, arg := range args {
@ -1208,7 +1210,7 @@ func toInfluxIDs(args []string) ([]influxdb.ID, error) {
continue continue
} }
id, err := influxdb.IDFromString(normedArg) id, err := platform.IDFromString(normedArg)
if err != nil { if err != nil {
errs = append(errs, "arg must provide a valid 16 length ID; got: "+arg) errs = append(errs, "arg must provide a valid 16 length ID; got: "+arg)
continue continue
@ -1568,7 +1570,7 @@ func (b *cmdTemplateBuilder) printTemplateDiff(diff pkger.Diff) error {
return nil return nil
} }
func (b *cmdTemplateBuilder) printTemplateSummary(stackID influxdb.ID, sum pkger.Summary) error { func (b *cmdTemplateBuilder) printTemplateSummary(stackID platform.ID, sum pkger.Summary) error {
if b.quiet { if b.quiet {
return nil return nil
} }

80
cmd/influx/template_test.go
View File

@ -15,6 +15,8 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
"github.com/influxdata/influxdb/v2/pkger" "github.com/influxdata/influxdb/v2/pkger"
@ -28,7 +30,7 @@ func Test_Template_Commands(t *testing.T) {
return func() (pkger.SVC, influxdb.OrganizationService, error) { return func() (pkger.SVC, influxdb.OrganizationService, error) {
return svc, &mock.OrganizationService{ return svc, &mock.OrganizationService{
FindOrganizationF: func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) { FindOrganizationF: func(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) {
return &influxdb.Organization{ID: influxdb.ID(9000), Name: "influxdata"}, nil return &influxdb.Organization{ID: platform.ID(9000), Name: "influxdata"}, nil
}, },
}, nil }, nil
} }
@ -43,7 +45,7 @@ func Test_Template_Commands(t *testing.T) {
assert.Equal(t, "bucket1", sum.Buckets[0].Name) assert.Equal(t, "bucket1", sum.Buckets[0].Name)
} }
expectedOrgID := influxdb.ID(9000) expectedOrgID := platform.ID(9000)
tests := []struct { tests := []struct {
templateFileArgs templateFileArgs
@ -246,15 +248,15 @@ func Test_Template_Commands(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
templateFileArgs templateFileArgs
bucketIDs []influxdb.ID bucketIDs []platform.ID
dashIDs []influxdb.ID dashIDs []platform.ID
endpointIDs []influxdb.ID endpointIDs []platform.ID
labelIDs []influxdb.ID labelIDs []platform.ID
ruleIDs []influxdb.ID ruleIDs []platform.ID
taskIDs []influxdb.ID taskIDs []platform.ID
telegrafIDs []influxdb.ID telegrafIDs []platform.ID
varIDs []influxdb.ID varIDs []platform.ID
stackID influxdb.ID stackID platform.ID
}{ }{
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -262,7 +264,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
bucketIDs: []influxdb.ID{1, 2}, bucketIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -270,7 +272,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
dashIDs: []influxdb.ID{1, 2}, dashIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -278,7 +280,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
endpointIDs: []influxdb.ID{1, 2}, endpointIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -286,7 +288,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
labelIDs: []influxdb.ID{1, 2}, labelIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -294,7 +296,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
ruleIDs: []influxdb.ID{1, 2}, ruleIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -302,7 +304,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
taskIDs: []influxdb.ID{1, 2}, taskIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -310,7 +312,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
telegrafIDs: []influxdb.ID{1, 2}, telegrafIDs: []platform.ID{1, 2},
}, },
{ {
templateFileArgs: templateFileArgs{ templateFileArgs: templateFileArgs{
@ -318,7 +320,7 @@ func Test_Template_Commands(t *testing.T) {
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
}, },
varIDs: []influxdb.ID{1, 2}, varIDs: []platform.ID{1, 2},
}, },
} }
@ -368,7 +370,7 @@ func Test_Template_Commands(t *testing.T) {
testPkgWrites(t, cmdFn, tt.templateFileArgs, func(t *testing.T, pkg *pkger.Template) { testPkgWrites(t, cmdFn, tt.templateFileArgs, func(t *testing.T, pkg *pkger.Template) {
sum := pkg.Summary() sum := pkg.Summary()
kindToName := func(k pkger.Kind, id influxdb.ID) string { kindToName := func(k pkger.Kind, id platform.ID) string {
return strings.ToLower(k.String()) + strconv.Itoa(int(id)) return strings.ToLower(k.String()) + strconv.Itoa(int(id))
} }
@ -448,7 +450,7 @@ func Test_Template_Commands(t *testing.T) {
name: "stack", name: "stack",
encoding: pkger.EncodingYAML, encoding: pkger.EncodingYAML,
filename: "pkg_0.yml", filename: "pkg_0.yml",
args: []string{"export", "--stack-id=" + influxdb.ID(1).String()}, args: []string{"export", "--stack-id=" + platform.ID(1).String()},
} }
testPkgWrites(t, cmdFn, tmplFileArgs, func(t *testing.T, pkg *pkger.Template) { testPkgWrites(t, cmdFn, tmplFileArgs, func(t *testing.T, pkg *pkger.Template) {
@ -509,7 +511,7 @@ func Test_Template_Commands(t *testing.T) {
}{ }{
{ {
name: "when only org and token provided is successful", name: "when only org and token provided is successful",
args: []string{"--org-id=" + influxdb.ID(1).String()}, args: []string{"--org-id=" + platform.ID(1).String()},
expectedStack: pkger.Stack{ expectedStack: pkger.Stack{
OrgID: 1, OrgID: 1,
Events: []pkger.StackEvent{{ Events: []pkger.StackEvent{{
@ -520,7 +522,7 @@ func Test_Template_Commands(t *testing.T) {
{ {
name: "when org and name provided provided is successful", name: "when org and name provided provided is successful",
args: []string{ args: []string{
"--org-id=" + influxdb.ID(1).String(), "--org-id=" + platform.ID(1).String(),
"--stack-name=foo", "--stack-name=foo",
}, },
expectedStack: pkger.Stack{ expectedStack: pkger.Stack{
@ -534,7 +536,7 @@ func Test_Template_Commands(t *testing.T) {
{ {
name: "when all flags provided provided is successful", name: "when all flags provided provided is successful",
args: []string{ args: []string{
"--org-id=" + influxdb.ID(1).String(), "--org-id=" + platform.ID(1).String(),
"--stack-name=foo", "--stack-name=foo",
"--stack-description=desc", "--stack-description=desc",
"--template-url=http://example.com/1", "--template-url=http://example.com/1",
@ -556,7 +558,7 @@ func Test_Template_Commands(t *testing.T) {
{ {
name: "when all shorthand flags provided provided is successful", name: "when all shorthand flags provided provided is successful",
args: []string{ args: []string{
"--org-id=" + influxdb.ID(1).String(), "--org-id=" + platform.ID(1).String(),
"-n=foo", "-n=foo",
"-d=desc", "-d=desc",
"-u=http://example.com/1", "-u=http://example.com/1",
@ -595,7 +597,7 @@ func Test_Template_Commands(t *testing.T) {
rootCmd := builder.cmd(func(f *globalFlags, opt genericCLIOpts) *cobra.Command { rootCmd := builder.cmd(func(f *globalFlags, opt genericCLIOpts) *cobra.Command {
echoSVC := &fakePkgSVC{ echoSVC := &fakePkgSVC{
initStackFn: func(ctx context.Context, userID influxdb.ID, stCreate pkger.StackCreate) (pkger.Stack, error) { initStackFn: func(ctx context.Context, userID platform.ID, stCreate pkger.StackCreate) (pkger.Stack, error) {
return pkger.Stack{ return pkger.Stack{
ID: 9000, ID: 9000,
OrgID: stCreate.OrgID, OrgID: stCreate.OrgID,
@ -731,7 +733,7 @@ func Test_Template_Commands(t *testing.T) {
return newCmdPkgerBuilder(fakeSVCFn(echoSVC), f, opt).cmdStacks() return newCmdPkgerBuilder(fakeSVCFn(echoSVC), f, opt).cmdStacks()
}) })
baseArgs := []string{"stacks", "update", "--stack-id=" + influxdb.ID(1).String(), "--json"} baseArgs := []string{"stacks", "update", "--stack-id=" + platform.ID(1).String(), "--json"}
rootCmd.SetArgs(append(baseArgs, tt.args...)) rootCmd.SetArgs(append(baseArgs, tt.args...))
@ -888,39 +890,39 @@ func testPkgWritesToBuffer(newCmdFn func(w io.Writer) *cobra.Command, args templ
} }
type fakePkgSVC struct { type fakePkgSVC struct {
initStackFn func(ctx context.Context, userID influxdb.ID, stack pkger.StackCreate) (pkger.Stack, error) initStackFn func(ctx context.Context, userID platform.ID, stack pkger.StackCreate) (pkger.Stack, error)
updateStackFn func(ctx context.Context, upd pkger.StackUpdate) (pkger.Stack, error) updateStackFn func(ctx context.Context, upd pkger.StackUpdate) (pkger.Stack, error)
exportFn func(ctx context.Context, setters ...pkger.ExportOptFn) (*pkger.Template, error) exportFn func(ctx context.Context, setters ...pkger.ExportOptFn) (*pkger.Template, error)
dryRunFn func(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) dryRunFn func(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
applyFn func(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) applyFn func(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error)
} }
var _ pkger.SVC = (*fakePkgSVC)(nil) var _ pkger.SVC = (*fakePkgSVC)(nil)
func (f *fakePkgSVC) InitStack(ctx context.Context, userID influxdb.ID, stack pkger.StackCreate) (pkger.Stack, error) { func (f *fakePkgSVC) InitStack(ctx context.Context, userID platform.ID, stack pkger.StackCreate) (pkger.Stack, error) {
if f.initStackFn != nil { if f.initStackFn != nil {
return f.initStackFn(ctx, userID, stack) return f.initStackFn(ctx, userID, stack)
} }
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) ListStacks(ctx context.Context, orgID influxdb.ID, filter pkger.ListFilter) ([]pkger.Stack, error) { func (f *fakePkgSVC) ListStacks(ctx context.Context, orgID platform.ID, filter pkger.ListFilter) ([]pkger.Stack, error) {
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) UninstallStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID influxdb.ID }) (pkger.Stack, error) { func (f *fakePkgSVC) UninstallStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID platform.ID }) (pkger.Stack, error) {
panic("not implemeted") panic("not implemeted")
} }
func (f *fakePkgSVC) DeleteStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID influxdb.ID }) error { func (f *fakePkgSVC) DeleteStack(ctx context.Context, identifiers struct{ OrgID, UserID, StackID platform.ID }) error {
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) ExportStack(ctx context.Context, orgID, stackID influxdb.ID) (*pkger.Template, error) { func (f *fakePkgSVC) ExportStack(ctx context.Context, orgID, stackID platform.ID) (*pkger.Template, error) {
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) ReadStack(ctx context.Context, id influxdb.ID) (pkger.Stack, error) { func (f *fakePkgSVC) ReadStack(ctx context.Context, id platform.ID) (pkger.Stack, error) {
panic("not implemented") panic("not implemented")
} }
@ -938,14 +940,14 @@ func (f *fakePkgSVC) Export(ctx context.Context, setters ...pkger.ExportOptFn) (
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) DryRun(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) { func (f *fakePkgSVC) DryRun(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
if f.dryRunFn != nil { if f.dryRunFn != nil {
return f.dryRunFn(ctx, orgID, userID, opts...) return f.dryRunFn(ctx, orgID, userID, opts...)
} }
panic("not implemented") panic("not implemented")
} }
func (f *fakePkgSVC) Apply(ctx context.Context, orgID, userID influxdb.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) { func (f *fakePkgSVC) Apply(ctx context.Context, orgID, userID platform.ID, opts ...pkger.ApplyOptFn) (pkger.ImpactSummary, error) {
if f.applyFn != nil { if f.applyFn != nil {
return f.applyFn(ctx, orgID, userID, opts...) return f.applyFn(ctx, orgID, userID, opts...)
} }
@ -968,7 +970,7 @@ func newTempFile(t *testing.T, dir string) *os.File {
return f return f
} }
func idsStr(ids ...influxdb.ID) string { func idsStr(ids ...platform.ID) string {
var idStrs []string var idStrs []string
for _, id := range ids { for _, id := range ids {
idStrs = append(idStrs, id.String()) idStrs = append(idStrs, id.String())

10
cmd/influx/user.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"fmt" "fmt"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal" "github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
@ -87,7 +89,7 @@ func (b *cmdUserBuilder) cmdPasswordRunEFn(cmd *cobra.Command, args []string) er
filter.Name = &b.name filter.Name = &b.name
} }
if b.id != "" { if b.id != "" {
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return err return err
} }
@ -128,7 +130,7 @@ func (b *cmdUserBuilder) cmdUpdateRunEFn(cmd *cobra.Command, args []string) erro
return err return err
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.id); err != nil { if err := id.DecodeFromString(b.id); err != nil {
return err return err
} }
@ -257,7 +259,7 @@ func (b *cmdUserBuilder) cmdFindRunEFn(*cobra.Command, []string) error {
filter.Name = &b.name filter.Name = &b.name
} }
if b.id != "" { if b.id != "" {
id, err := influxdb.IDFromString(b.id) id, err := platform.IDFromString(b.id)
if err != nil { if err != nil {
return err return err
} }
@ -289,7 +291,7 @@ func (b *cmdUserBuilder) cmdDeleteRunEFn(cmd *cobra.Command, args []string) erro
return err return err
} }
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(b.id); err != nil { if err := id.DecodeFromString(b.id); err != nil {
return err return err
} }

44
cmd/influx/user_test.go
View File

@ -9,6 +9,8 @@ import (
"reflect" "reflect"
"testing" "testing"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal" "github.com/influxdata/influxdb/v2/cmd/internal"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
@ -19,7 +21,7 @@ import (
) )
func TestCmdUser(t *testing.T) { func TestCmdUser(t *testing.T) {
var org = &influxdb.Organization{ID: influxdb.ID(9000), Name: "org name"} var org = &influxdb.Organization{ID: platform.ID(9000), Name: "org name"}
var orgNameFlag = fmt.Sprintf("--org=%s", org.Name) var orgNameFlag = fmt.Sprintf("--org=%s", org.Name)
type orgSetResult struct { type orgSetResult struct {
@ -156,7 +158,7 @@ func TestCmdUser(t *testing.T) {
return nil return nil
} }
passSVC := mock.NewPasswordsService() passSVC := mock.NewPasswordsService()
passSVC.SetPasswordFn = func(ctx context.Context, id influxdb.ID, password string) error { passSVC.SetPasswordFn = func(ctx context.Context, id platform.ID, password string) error {
if expected.password != password { if expected.password != password {
return fmt.Errorf("unexpected password;\n\twant= %+v\n\tgot= %+v", expected.password, password) return fmt.Errorf("unexpected password;\n\twant= %+v\n\tgot= %+v", expected.password, password)
} }
@ -220,27 +222,27 @@ func TestCmdUser(t *testing.T) {
t.Run("delete", func(t *testing.T) { t.Run("delete", func(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
expectedID influxdb.ID expectedID platform.ID
flag string flag string
}{ }{
{ {
name: "long id", name: "long id",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flag: "--id=", flag: "--id=",
}, },
{ {
name: "shorts", name: "shorts",
expectedID: influxdb.ID(1), expectedID: platform.ID(1),
flag: "-i=", flag: "-i=",
}, },
} }
cmdFn := func(expectedID influxdb.ID) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedID platform.ID) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewUserService() svc := mock.NewUserService()
svc.FindUserByIDFn = func(ctx context.Context, id influxdb.ID) (*influxdb.User, error) { svc.FindUserByIDFn = func(ctx context.Context, id platform.ID) (*influxdb.User, error) {
return &influxdb.User{ID: id}, nil return &influxdb.User{ID: id}, nil
} }
svc.DeleteUserFn = func(ctx context.Context, id influxdb.ID) error { svc.DeleteUserFn = func(ctx context.Context, id platform.ID) error {
if expectedID != id { if expectedID != id {
return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id) return fmt.Errorf("unexpected id:\n\twant= %s\n\tgot= %s", expectedID, id)
} }
@ -273,7 +275,7 @@ func TestCmdUser(t *testing.T) {
t.Run("list", func(t *testing.T) { t.Run("list", func(t *testing.T) {
type called struct { type called struct {
name string name string
id influxdb.ID id platform.ID
} }
tests := []struct { tests := []struct {
@ -285,7 +287,7 @@ func TestCmdUser(t *testing.T) {
{ {
name: "id", name: "id",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(2).String(), "--id=" + platform.ID(2).String(),
}, },
expected: called{ expected: called{
id: 2, id: 2,
@ -300,7 +302,7 @@ func TestCmdUser(t *testing.T) {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-n=name1", "-n=name1",
"-i=" + influxdb.ID(1).String(), "-i=" + platform.ID(1).String(),
}, },
expected: called{name: "name1", id: 1}, expected: called{name: "name1", id: 1},
}, },
@ -308,7 +310,7 @@ func TestCmdUser(t *testing.T) {
name: "ls alias", name: "ls alias",
command: "ls", command: "ls",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(2).String(), "--id=" + platform.ID(2).String(),
}, },
expected: called{ expected: called{
id: 2, id: 2,
@ -318,7 +320,7 @@ func TestCmdUser(t *testing.T) {
name: "find alias", name: "find alias",
command: "find", command: "find",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(2).String(), "--id=" + platform.ID(2).String(),
}, },
expected: called{ expected: called{
id: 2, id: 2,
@ -378,7 +380,7 @@ func TestCmdUser(t *testing.T) {
{ {
name: "basic just name", name: "basic just name",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
}, },
expected: influxdb.UserUpdate{ expected: influxdb.UserUpdate{
@ -388,7 +390,7 @@ func TestCmdUser(t *testing.T) {
{ {
name: "with all fields", name: "with all fields",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
"--name=new name", "--name=new name",
}, },
expected: influxdb.UserUpdate{ expected: influxdb.UserUpdate{
@ -398,7 +400,7 @@ func TestCmdUser(t *testing.T) {
{ {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-n=new name", "-n=new name",
}, },
expected: influxdb.UserUpdate{ expected: influxdb.UserUpdate{
@ -409,9 +411,9 @@ func TestCmdUser(t *testing.T) {
cmdFn := func(expectedUpdate influxdb.UserUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command { cmdFn := func(expectedUpdate influxdb.UserUpdate) func(*globalFlags, genericCLIOpts) *cobra.Command {
svc := mock.NewUserService() svc := mock.NewUserService()
svc.UpdateUserFn = func(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error) { svc.UpdateUserFn = func(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error) {
if id != 3 { if id != 3 {
return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", influxdb.ID(3), id) return nil, fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", platform.ID(3), id)
} }
if !reflect.DeepEqual(expectedUpdate, upd) { if !reflect.DeepEqual(expectedUpdate, upd) {
return nil, fmt.Errorf("unexpected User update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd) return nil, fmt.Errorf("unexpected User update;\n\twant= %+v\n\tgot= %+v", expectedUpdate, upd)
@ -450,14 +452,14 @@ func TestCmdUser(t *testing.T) {
{ {
name: "basic id", name: "basic id",
flags: []string{ flags: []string{
"--id=" + influxdb.ID(3).String(), "--id=" + platform.ID(3).String(),
}, },
expected: "pass1", expected: "pass1",
}, },
{ {
name: "shorts", name: "shorts",
flags: []string{ flags: []string{
"-i=" + influxdb.ID(3).String(), "-i=" + platform.ID(3).String(),
"-n=new name", "-n=new name",
}, },
expected: "pass1", expected: "pass1",
@ -477,7 +479,7 @@ func TestCmdUser(t *testing.T) {
return usr, nil return usr, nil
} }
passSVC := mock.NewPasswordsService() passSVC := mock.NewPasswordsService()
passSVC.SetPasswordFn = func(ctx context.Context, id influxdb.ID, pass string) error { passSVC.SetPasswordFn = func(ctx context.Context, id platform.ID, pass string) error {
if pass != expected { if pass != expected {
return fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", pass, expected) return fmt.Errorf("unexpecte id:\n\twant= %s\n\tgot= %s", pass, expected)
} }

14
cmd/influx/v1_authorization.go
View File

@ -6,6 +6,8 @@ import (
"fmt" "fmt"
"io" "io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
cinternal "github.com/influxdata/influxdb/v2/cmd/internal" cinternal "github.com/influxdata/influxdb/v2/cmd/internal"
@ -16,12 +18,12 @@ import (
) )
type v1Token struct { type v1Token struct {
ID influxdb.ID `json:"id"` ID platform.ID `json:"id"`
Description string `json:"description"` Description string `json:"description"`
Token string `json:"token"` Token string `json:"token"`
Status string `json:"status"` Status string `json:"status"`
UserName string `json:"userName"` UserName string `json:"userName"`
UserID influxdb.ID `json:"userID"` UserID platform.ID `json:"userID"`
Permissions []string `json:"permissions"` Permissions []string `json:"permissions"`
} }
@ -142,7 +144,7 @@ func makeV1AuthorizationCreateE(opt genericCLIOpts) func(*cobra.Command, []strin
var permissions []influxdb.Permission var permissions []influxdb.Permission
for _, bp := range bucketPerms { for _, bp := range bucketPerms {
for _, p := range bp.perms { for _, p := range bp.perms {
var id influxdb.ID var id platform.ID
if err := id.DecodeFromString(p); err != nil { if err := id.DecodeFromString(p); err != nil {
return fmt.Errorf("invalid bucket ID '%s': %w (did you pass a bucket name instead of an ID?)", p, err) return fmt.Errorf("invalid bucket ID '%s': %w (did you pass a bucket name instead of an ID?)", p, err)
} }
@ -251,7 +253,7 @@ func v1AuthorizationFindF(cmd *cobra.Command, _ []string) error {
filter.User = &v1AuthorizationFindFlags.user filter.User = &v1AuthorizationFindFlags.user
} }
if v1AuthorizationFindFlags.userID != "" { if v1AuthorizationFindFlags.userID != "" {
uID, err := influxdb.IDFromString(v1AuthorizationFindFlags.userID) uID, err := platform.IDFromString(v1AuthorizationFindFlags.userID)
if err != nil { if err != nil {
return fmt.Errorf("invalid user ID '%s': %w (did you pass a username instead of an ID?)", v1AuthorizationFindFlags.userID, err) return fmt.Errorf("invalid user ID '%s': %w (did you pass a username instead of an ID?)", v1AuthorizationFindFlags.userID, err)
} }
@ -261,7 +263,7 @@ func v1AuthorizationFindF(cmd *cobra.Command, _ []string) error {
filter.Org = &v1AuthorizationFindFlags.org.name filter.Org = &v1AuthorizationFindFlags.org.name
} }
if v1AuthorizationFindFlags.org.id != "" { if v1AuthorizationFindFlags.org.id != "" {
oID, err := influxdb.IDFromString(v1AuthorizationFindFlags.org.id) oID, err := platform.IDFromString(v1AuthorizationFindFlags.org.id)
if err != nil { if err != nil {
return fmt.Errorf("invalid org ID '%s': %w (did you pass an org name instead of an ID?)", v1AuthorizationFindFlags.org.id, err) return fmt.Errorf("invalid org ID '%s': %w (did you pass an org name instead of an ID?)", v1AuthorizationFindFlags.org.id, err)
} }
@ -548,7 +550,7 @@ func v1FindOneAuthorization(s *authorization.Client, filter influxdb.Authorizati
} }
type v1AuthLookupFlags struct { type v1AuthLookupFlags struct {
id influxdb.ID id platform.ID
username string username string
required bool // required when set to true determines whether validate expects either id or username to be set required bool // required when set to true determines whether validate expects either id or username to be set
} }

12
cmd/influx/v1_dbrp.go
View File

@ -4,6 +4,8 @@ import (
"context" "context"
"io" "io"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/influx/internal" "github.com/influxdata/influxdb/v2/cmd/influx/internal"
"github.com/influxdata/influxdb/v2/dbrp" "github.com/influxdata/influxdb/v2/dbrp"
@ -33,10 +35,10 @@ var v1DBRPCRUDFlags struct {
} }
var v1DBRPFindFlags struct { var v1DBRPFindFlags struct {
BucketID influxdb.ID // Specifies the bucket ID to filter on BucketID platform.ID // Specifies the bucket ID to filter on
DB string // Specifies the database to filter on DB string // Specifies the database to filter on
Default *bool // Specifies filtering on default Default *bool // Specifies filtering on default
ID influxdb.ID // Specifies the mapping ID to filter on ID platform.ID // Specifies the mapping ID to filter on
Org organization // required // Specifies the organization ID to filter on Org organization // required // Specifies the organization ID to filter on
RP string // Specifies the retention policy to filter on RP string // Specifies the retention policy to filter on
} }
@ -121,7 +123,7 @@ func v1DBRPFindF(cmd *cobra.Command, _ []string) error {
} }
var v1DBRPCreateFlags struct { var v1DBRPCreateFlags struct {
BucketID influxdb.ID // Specifies the bucket ID to associate with the mapping BucketID platform.ID // Specifies the bucket ID to associate with the mapping
DB string // Specifies the database of the database DB string // Specifies the database of the database
Default bool // Specifies filtering on default Default bool // Specifies filtering on default
Org organization // Specifies the organization ID to filter on Org organization // Specifies the organization ID to filter on
@ -237,7 +239,7 @@ func v1WriteDBRPs(w io.Writer, printOpts v1DBRPPrintOpt) error {
} }
var v1DBRPDeleteFlags struct { var v1DBRPDeleteFlags struct {
ID influxdb.ID ID platform.ID
Org organization Org organization
} }
@ -292,7 +294,7 @@ func v1DBRPDeleteF(cmd *cobra.Command, _ []string) error {
} }
var v1DBRPUpdateFlags struct { var v1DBRPUpdateFlags struct {
ID influxdb.ID // Specifies the mapping ID to update ID platform.ID // Specifies the mapping ID to update
Org organization // Specifies the organization ID Org organization // Specifies the organization ID
Default *bool // A nil value means that Default is unset in the Flags Default *bool // A nil value means that Default is unset in the Flags
RP string // Updated name of the retention policy RP string // Updated name of the retention policy

6
cmd/influx/write.go
View File

@ -14,6 +14,8 @@ import (
"strconv" "strconv"
"strings" "strings"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/fujiwara/shapeio" "github.com/fujiwara/shapeio"
platform "github.com/influxdata/influxdb/v2" platform "github.com/influxdata/influxdb/v2"
ihttp "github.com/influxdata/influxdb/v2/http" ihttp "github.com/influxdata/influxdb/v2/http"
@ -366,7 +368,7 @@ func (b *writeFlagsBuilder) writeRunE(cmd *cobra.Command, args []string) error {
) )
if b.BucketID != "" { if b.BucketID != "" {
filter.ID, err = platform.IDFromString(b.BucketID) filter.ID, err = platform2.IDFromString(b.BucketID)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode bucket-id: %v", err) return fmt.Errorf("failed to decode bucket-id: %v", err)
} }
@ -376,7 +378,7 @@ func (b *writeFlagsBuilder) writeRunE(cmd *cobra.Command, args []string) error {
} }
if b.org.id != "" { if b.org.id != "" {
filter.OrganizationID, err = platform.IDFromString(b.org.id) filter.OrganizationID, err = platform2.IDFromString(b.org.id)
if err != nil { if err != nil {
return fmt.Errorf("failed to decode org-id id: %v", err) return fmt.Errorf("failed to decode org-id id: %v", err)
} }

9
cmd/influxd/inspect/export_lp.go
View File

@ -13,7 +13,8 @@ import (
"sync" "sync"
"time" "time"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/cli" "github.com/influxdata/influxdb/v2/kit/cli"
"github.com/influxdata/influxdb/v2/models" "github.com/influxdata/influxdb/v2/models"
"github.com/influxdata/influxdb/v2/pkg/escape" "github.com/influxdata/influxdb/v2/pkg/escape"
@ -27,7 +28,7 @@ import (
// exportFlags contains CLI-compatible forms of export options. // exportFlags contains CLI-compatible forms of export options.
type exportFlags struct { type exportFlags struct {
enginePath string enginePath string
bucketID influxdb.ID bucketID platform.ID
measurements []string measurements []string
startTime string startTime string
endTime string endTime string
@ -206,7 +207,7 @@ func exportRunE(cmd *cobra.Command, flags *exportFlags) error {
} }
// exportTSMs finds, reads, and exports all data stored in TSM files for a bucket that matches a set of filters. // exportTSMs finds, reads, and exports all data stored in TSM files for a bucket that matches a set of filters.
func exportTSMs(engineDir string, bucketID influxdb.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error { func exportTSMs(engineDir string, bucketID platform.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
// TSM is stored under `<engine>/data/<bucket-id>/<rp>/<shard-id>/*.tsm` // TSM is stored under `<engine>/data/<bucket-id>/<rp>/<shard-id>/*.tsm`
tsmDir := filepath.Join(engineDir, "data", bucketID.String()) tsmDir := filepath.Join(engineDir, "data", bucketID.String())
tsmPattern := filepath.Join(tsmDir, "*", "*", fmt.Sprintf("*.%s", tsm1.TSMFileExtension)) tsmPattern := filepath.Join(tsmDir, "*", "*", fmt.Sprintf("*.%s", tsm1.TSMFileExtension))
@ -289,7 +290,7 @@ func exportTSM(tsmFile string, filters *exportFilters, out io.Writer, log *zap.L
// //
// N.B. exported lines can include some duplicates from a matching call to exportTSMs on the same engine/bucket. // N.B. exported lines can include some duplicates from a matching call to exportTSMs on the same engine/bucket.
// This is OK since writes are idempotent. // This is OK since writes are idempotent.
func exportWALs(engineDir string, bucketID influxdb.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error { func exportWALs(engineDir string, bucketID platform.ID, filters *exportFilters, out io.Writer, log *zap.Logger) error {
// WAL is stored under `<engine>/wal/<bucket-id>/<rp>/<shard-id>/*.wal` // WAL is stored under `<engine>/wal/<bucket-id>/<rp>/<shard-id>/*.wal`
walDir := filepath.Join(engineDir, "wal", bucketID.String()) walDir := filepath.Join(engineDir, "wal", bucketID.String())
walPattern := filepath.Join(walDir, "*", "*", fmt.Sprintf("*.%s", tsm1.WALFileExtension)) walPattern := filepath.Join(walDir, "*", "*", fmt.Sprintf("*.%s", tsm1.WALFileExtension))

5
cmd/influxd/launcher/backup_restore_test.go
View File

@ -2,6 +2,7 @@ package launcher_test
import ( import (
"context" "context"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
"io/ioutil" "io/ioutil"
"os" "os"
"testing" "testing"
@ -80,7 +81,7 @@ func TestBackupRestore_Full(t *testing.T) {
// Check that orgs and buckets were reset to match the original server's metadata. // Check that orgs and buckets were reset to match the original server's metadata.
_, err = l2.OrgService(t).FindOrganizationByID(ctx, l2.Org.ID) _, err = l2.OrgService(t).FindOrganizationByID(ctx, l2.Org.ID)
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err)) require.Equal(t, errors.ENotFound, errors.ErrorCode(err))
rbkt1, err := l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l1.Org.ID, ID: &l1.Bucket.ID}) rbkt1, err := l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l1.Org.ID, ID: &l1.Bucket.ID})
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, l1.Bucket.Name, rbkt1.Name) require.Equal(t, l1.Bucket.Name, rbkt1.Name)
@ -88,7 +89,7 @@ func TestBackupRestore_Full(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, b1.Name, rbkt2.Name) require.Equal(t, b1.Name, rbkt2.Name)
_, err = l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l2.Org.ID, ID: &b2.ID}) _, err = l2.BucketService(t).FindBucket(ctx, influxdb.BucketFilter{OrganizationID: &l2.Org.ID, ID: &b2.ID})
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err)) require.Equal(t, errors.ENotFound, errors.ErrorCode(err))
// Check that data was restored to buckets. // Check that data was restored to buckets.
q1 := `from(bucket:"BUCKET") |> range(start:2000-01-01T00:00:00Z,stop:2000-01-02T00:00:00Z)` q1 := `from(bucket:"BUCKET") |> range(start:2000-01-01T00:00:00Z,stop:2000-01-02T00:00:00Z)`

16
cmd/influxd/launcher/engine.go
View File

@ -8,6 +8,8 @@ import (
"sync" "sync"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/http" "github.com/influxdata/influxdb/v2/http"
"github.com/influxdata/influxdb/v2/kit/prom" "github.com/influxdata/influxdb/v2/kit/prom"
@ -29,7 +31,7 @@ type Engine interface {
influxdb.BackupService influxdb.BackupService
influxdb.RestoreService influxdb.RestoreService
SeriesCardinality(orgID, bucketID influxdb.ID) int64 SeriesCardinality(orgID, bucketID platform.ID) int64
TSDBStore() storage.TSDBStore TSDBStore() storage.TSDBStore
MetaClient() storage.MetaClient MetaClient() storage.MetaClient
@ -109,17 +111,17 @@ func (t *TemporaryEngine) Close() error {
} }
// WritePoints stores points into the storage engine. // WritePoints stores points into the storage engine.
func (t *TemporaryEngine) WritePoints(ctx context.Context, orgID influxdb.ID, bucketID influxdb.ID, points []models.Point) error { func (t *TemporaryEngine) WritePoints(ctx context.Context, orgID platform.ID, bucketID platform.ID, points []models.Point) error {
return t.engine.WritePoints(ctx, orgID, bucketID, points) return t.engine.WritePoints(ctx, orgID, bucketID, points)
} }
// SeriesCardinality returns the number of series in the engine. // SeriesCardinality returns the number of series in the engine.
func (t *TemporaryEngine) SeriesCardinality(orgID, bucketID influxdb.ID) int64 { func (t *TemporaryEngine) SeriesCardinality(orgID, bucketID platform.ID) int64 {
return t.engine.SeriesCardinality(orgID, bucketID) return t.engine.SeriesCardinality(orgID, bucketID)
} }
// DeleteBucketRangePredicate will delete a bucket from the range and predicate. // DeleteBucketRangePredicate will delete a bucket from the range and predicate.
func (t *TemporaryEngine) DeleteBucketRangePredicate(ctx context.Context, orgID, bucketID influxdb.ID, min, max int64, pred influxdb.Predicate) error { func (t *TemporaryEngine) DeleteBucketRangePredicate(ctx context.Context, orgID, bucketID platform.ID, min, max int64, pred influxdb.Predicate) error {
return t.engine.DeleteBucketRangePredicate(ctx, orgID, bucketID, min, max, pred) return t.engine.DeleteBucketRangePredicate(ctx, orgID, bucketID, min, max, pred)
} }
@ -127,12 +129,12 @@ func (t *TemporaryEngine) CreateBucket(ctx context.Context, b *influxdb.Bucket)
return t.engine.CreateBucket(ctx, b) return t.engine.CreateBucket(ctx, b)
} }
func (t *TemporaryEngine) UpdateBucketRetentionPolicy(ctx context.Context, bucketID influxdb.ID, upd *influxdb.BucketUpdate) error { func (t *TemporaryEngine) UpdateBucketRetentionPolicy(ctx context.Context, bucketID platform.ID, upd *influxdb.BucketUpdate) error {
return t.engine.UpdateBucketRetentionPolicy(ctx, bucketID, upd) return t.engine.UpdateBucketRetentionPolicy(ctx, bucketID, upd)
} }
// DeleteBucket deletes a bucket from the time-series data. // DeleteBucket deletes a bucket from the time-series data.
func (t *TemporaryEngine) DeleteBucket(ctx context.Context, orgID, bucketID influxdb.ID) error { func (t *TemporaryEngine) DeleteBucket(ctx context.Context, orgID, bucketID platform.ID) error {
return t.engine.DeleteBucket(ctx, orgID, bucketID) return t.engine.DeleteBucket(ctx, orgID, bucketID)
} }
@ -166,7 +168,7 @@ func (t *TemporaryEngine) RestoreKVStore(ctx context.Context, r io.Reader) error
return t.engine.RestoreKVStore(ctx, r) return t.engine.RestoreKVStore(ctx, r)
} }
func (t *TemporaryEngine) RestoreBucket(ctx context.Context, id influxdb.ID, dbi []byte) (map[uint64]uint64, error) { func (t *TemporaryEngine) RestoreBucket(ctx context.Context, id platform.ID, dbi []byte) (map[uint64]uint64, error) {
return t.engine.RestoreBucket(ctx, id, dbi) return t.engine.RestoreBucket(ctx, id, dbi)
} }

6
cmd/influxd/launcher/launcher.go
View File

@ -14,6 +14,8 @@ import (
"sync" "sync"
"time" "time"
platform2 "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/flux" "github.com/influxdata/flux"
"github.com/influxdata/flux/dependencies/testing" "github.com/influxdata/flux/dependencies/testing"
platform "github.com/influxdata/influxdb/v2" platform "github.com/influxdata/influxdb/v2"
@ -480,7 +482,7 @@ func (m *Launcher) run(ctx context.Context, opts *InfluxdOpts) (err error) {
scheduler.WithOnErrorFn(func(ctx context.Context, taskID scheduler.ID, scheduledAt time.Time, err error) { scheduler.WithOnErrorFn(func(ctx context.Context, taskID scheduler.ID, scheduledAt time.Time, err error) {
schLogger.Info( schLogger.Info(
"error in scheduler run", "error in scheduler run",
zap.String("taskID", platform.ID(taskID).String()), zap.String("taskID", platform2.ID(taskID).String()),
zap.Time("scheduledAt", scheduledAt), zap.Time("scheduledAt", scheduledAt),
zap.Error(err)) zap.Error(err))
}), }),
@ -506,7 +508,7 @@ func (m *Launcher) run(ctx context.Context, opts *InfluxdOpts) (err error) {
taskSvc, taskSvc,
combinedTaskService, combinedTaskService,
taskCoord, taskCoord,
func(ctx context.Context, taskID platform.ID, runID platform.ID) error { func(ctx context.Context, taskID platform2.ID, runID platform2.ID) error {
_, err := executor.ResumeCurrentRun(ctx, taskID, runID) _, err := executor.ResumeCurrentRun(ctx, taskID, runID)
return err return err
}, },

193
cmd/influxd/launcher/pkger_test.go
View File

@ -12,6 +12,9 @@ import (
"testing" "testing"
"time" "time"
"github.com/influxdata/influxdb/v2/kit/platform"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/mock" "github.com/influxdata/influxdb/v2/mock"
"github.com/influxdata/influxdb/v2/notification" "github.com/influxdata/influxdb/v2/notification"
@ -38,9 +41,9 @@ func TestLauncher_Pkger(t *testing.T) {
resourceCheck := newResourceChecker(l) resourceCheck := newResourceChecker(l)
deleteStackFn := func(t *testing.T, stackID influxdb.ID) { deleteStackFn := func(t *testing.T, stackID platform.ID) {
t.Helper() t.Helper()
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: stackID, StackID: stackID,
@ -256,7 +259,7 @@ func TestLauncher_Pkger(t *testing.T) {
for _, b := range summary.Buckets { for _, b := range summary.Buckets {
_, err := resourceCheck.getBucket(t, bySafeID(b.ID)) _, err := resourceCheck.getBucket(t, bySafeID(b.ID))
assertErrorCode(t, influxdb.ENotFound, err) assertErrorCode(t, errors2.ENotFound, err)
} }
for _, c := range summary.Checks { for _, c := range summary.Checks {
@ -266,12 +269,12 @@ func TestLauncher_Pkger(t *testing.T) {
for _, d := range summary.Dashboards { for _, d := range summary.Dashboards {
_, err := resourceCheck.getDashboard(t, bySafeID(d.ID)) _, err := resourceCheck.getDashboard(t, bySafeID(d.ID))
assertErrorCode(t, influxdb.ENotFound, err) assertErrorCode(t, errors2.ENotFound, err)
} }
for _, l := range summary.Labels { for _, l := range summary.Labels {
_, err := resourceCheck.getLabel(t, bySafeID(l.ID)) _, err := resourceCheck.getLabel(t, bySafeID(l.ID))
assertErrorCode(t, influxdb.ENotFound, err) assertErrorCode(t, errors2.ENotFound, err)
} }
for _, e := range summary.NotificationEndpoints { for _, e := range summary.NotificationEndpoints {
@ -296,7 +299,7 @@ func TestLauncher_Pkger(t *testing.T) {
for _, v := range summary.Variables { for _, v := range summary.Variables {
_, err := resourceCheck.getVariable(t, bySafeID(v.ID)) _, err := resourceCheck.getVariable(t, bySafeID(v.ID))
assertErrorCode(t, influxdb.ENotFound, err) assertErrorCode(t, errors2.ENotFound, err)
} }
} }
@ -336,7 +339,7 @@ func TestLauncher_Pkger(t *testing.T) {
t.Run("filters stacks by ID filter", func(t *testing.T) { t.Run("filters stacks by ID filter", func(t *testing.T) {
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{ stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{newStack1.ID}, StackIDs: []platform.ID{newStack1.ID},
}) })
require.NoError(t, err) require.NoError(t, err)
require.Len(t, stacks, 1) require.Len(t, stacks, 1)
@ -408,7 +411,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, sum.Variables, 1) require.Len(t, sum.Variables, 1)
assert.NotZero(t, sum.Variables[0].ID) assert.NotZero(t, sum.Variables[0].ID)
_, err = svc.UninstallStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ _, err = svc.UninstallStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: newStack.ID, StackID: newStack.ID,
@ -471,7 +474,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, sum.Variables, 1) require.Len(t, sum.Variables, 1)
assert.NotZero(t, sum.Variables[0].ID) assert.NotZero(t, sum.Variables[0].ID)
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: newStack.ID, StackID: newStack.ID,
@ -485,7 +488,7 @@ func TestLauncher_Pkger(t *testing.T) {
newStack, cleanup := newStackFn(t, pkger.StackCreate{}) newStack, cleanup := newStackFn(t, pkger.StackCreate{})
defer cleanup() defer cleanup()
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: newStack.ID, StackID: newStack.ID,
@ -493,7 +496,7 @@ func TestLauncher_Pkger(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
// delete same stack // delete same stack
err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ err = svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: newStack.ID, StackID: newStack.ID,
@ -503,7 +506,7 @@ func TestLauncher_Pkger(t *testing.T) {
t.Run("that doesn't exist should be successful", func(t *testing.T) { t.Run("that doesn't exist should be successful", func(t *testing.T) {
// delete stack that doesn't exist // delete stack that doesn't exist
err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID influxdb.ID }{ err := svc.DeleteStack(ctx, struct{ OrgID, UserID, StackID platform.ID }{
OrgID: l.Org.ID, OrgID: l.Org.ID,
UserID: l.User.ID, UserID: l.User.ID,
StackID: 9000, StackID: 9000,
@ -531,8 +534,8 @@ func TestLauncher_Pkger(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, newStack2, actual) assert.Equal(t, newStack2, actual)
_, err = svc.ReadStack(ctx, influxdb.ID(9000)) _, err = svc.ReadStack(ctx, platform.ID(9000))
require.Equal(t, influxdb.ENotFound, influxdb.ErrorCode(err)) require.Equal(t, errors2.ENotFound, errors2.ErrorCode(err))
}) })
t.Run("updating a stack", func(t *testing.T) { t.Run("updating a stack", func(t *testing.T) {
@ -687,7 +690,7 @@ func TestLauncher_Pkger(t *testing.T) {
sumEquals(t, impact) sumEquals(t, impact)
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{ stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{newStack.ID}, StackIDs: []platform.ID{newStack.ID},
}) })
require.NoError(t, err) require.NoError(t, err)
@ -696,7 +699,7 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("apply a pkg with a stack and associations", func(t *testing.T) { t.Run("apply a pkg with a stack and associations", func(t *testing.T) {
testLabelMappingFn := func(t *testing.T, stackID influxdb.ID, pkg *pkger.Template, assertAssociatedLabelsFn func(pkger.Summary, []*influxdb.Label, influxdb.ResourceType)) pkger.Summary { testLabelMappingFn := func(t *testing.T, stackID platform.ID, pkg *pkger.Template, assertAssociatedLabelsFn func(pkger.Summary, []*influxdb.Label, influxdb.ResourceType)) pkger.Summary {
t.Helper() t.Helper()
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID,
@ -742,17 +745,17 @@ func TestLauncher_Pkger(t *testing.T) {
assert.Equal(t, "tele-0", sum.TelegrafConfigs[0].TelegrafConfig.Name) assert.Equal(t, "tele-0", sum.TelegrafConfigs[0].TelegrafConfig.Name)
resources := []struct { resources := []struct {
resID influxdb.ID resID platform.ID
resourceType influxdb.ResourceType resourceType influxdb.ResourceType
}{ }{
{resID: influxdb.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType}, {resID: platform.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType}, {resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType},
{resID: influxdb.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType}, {resID: platform.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType}, {resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType},
{resID: influxdb.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType}, {resID: platform.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: influxdb.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType}, {resID: platform.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType}, {resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType},
{resID: influxdb.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType}, {resID: platform.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
} }
for _, res := range resources { for _, res := range resources {
mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{ mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{
@ -850,17 +853,17 @@ func TestLauncher_Pkger(t *testing.T) {
require.Error(t, err) require.Error(t, err)
resources := []struct { resources := []struct {
resID influxdb.ID resID platform.ID
resourceType influxdb.ResourceType resourceType influxdb.ResourceType
}{ }{
{resID: influxdb.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType}, {resID: platform.ID(sum.Buckets[0].ID), resourceType: influxdb.BucketsResourceType},
{resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType}, {resID: sum.Checks[0].Check.GetID(), resourceType: influxdb.ChecksResourceType},
{resID: influxdb.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType}, {resID: platform.ID(sum.Dashboards[0].ID), resourceType: influxdb.DashboardsResourceType},
{resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType}, {resID: sum.NotificationEndpoints[0].NotificationEndpoint.GetID(), resourceType: influxdb.NotificationEndpointResourceType},
{resID: influxdb.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType}, {resID: platform.ID(sum.NotificationRules[0].ID), resourceType: influxdb.NotificationRuleResourceType},
{resID: influxdb.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType}, {resID: platform.ID(sum.Tasks[0].ID), resourceType: influxdb.TasksResourceType},
{resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType}, {resID: sum.TelegrafConfigs[0].TelegrafConfig.ID, resourceType: influxdb.TelegrafsResourceType},
{resID: influxdb.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType}, {resID: platform.ID(sum.Variables[0].ID), resourceType: influxdb.VariablesResourceType},
} }
for _, res := range resources { for _, res := range resources {
mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{ mappedLabels, err := l.LabelService(t).FindResourceLabels(ctx, influxdb.LabelMappingFilter{
@ -1356,7 +1359,7 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("apply should handle cases where users have changed platform data", func(t *testing.T) { t.Run("apply should handle cases where users have changed platform data", func(t *testing.T) {
initializeStackPkg := func(t *testing.T, pkg *pkger.Template) (influxdb.ID, func(), pkger.Summary) { initializeStackPkg := func(t *testing.T, pkg *pkger.Template) (platform.ID, func(), pkger.Summary) {
t.Helper() t.Helper()
stack, cleanup := newStackFn(t, pkger.StackCreate{}) stack, cleanup := newStackFn(t, pkger.StackCreate{})
@ -1375,7 +1378,7 @@ func TestLauncher_Pkger(t *testing.T) {
return stack.ID, cleanup, impact.Summary return stack.ID, cleanup, impact.Summary
} }
testValidRemoval := func(t *testing.T, stackID influxdb.ID) { testValidRemoval := func(t *testing.T, stackID platform.ID) {
t.Helper() t.Helper()
_, err := svc.Apply( _, err := svc.Apply(
ctx, ctx,
@ -1387,7 +1390,7 @@ func TestLauncher_Pkger(t *testing.T) {
} }
t.Run("when a user has deleted a variable that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a variable that was previously created by a stack", func(t *testing.T) {
testUserDeletedVariable := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedVariable := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newVariableObject("var-1", "", "") obj := newVariableObject("var-1", "", "")
@ -1396,13 +1399,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Variables, 1) require.Len(t, initialSum.Variables, 1)
require.NotZero(t, initialSum.Variables[0].ID) require.NotZero(t, initialSum.Variables[0].ID)
resourceCheck.mustDeleteVariable(t, influxdb.ID(initialSum.Variables[0].ID)) resourceCheck.mustDeleteVariable(t, platform.ID(initialSum.Variables[0].ID))
actionFn(t, stackID, obj, initialSum) actionFn(t, stackID, obj, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedVariable(t, func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary) { testUserDeletedVariable(t, func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialVarObj) pkg := newTemplate(initialVarObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1418,14 +1421,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedVariable(t, func(t *testing.T, stackID influxdb.ID, initialVarObj pkger.Object, initialSum pkger.Summary) { testUserDeletedVariable(t, func(t *testing.T, stackID platform.ID, initialVarObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a bucket that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a bucket that was previously created by a stack", func(t *testing.T) {
testUserDeletedBucket := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedBucket := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newBucketObject("bucket-1", "", "") obj := newBucketObject("bucket-1", "", "")
@ -1434,13 +1437,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Buckets, 1) require.Len(t, initialSum.Buckets, 1)
require.NotZero(t, initialSum.Buckets[0].ID) require.NotZero(t, initialSum.Buckets[0].ID)
resourceCheck.mustDeleteBucket(t, influxdb.ID(initialSum.Buckets[0].ID)) resourceCheck.mustDeleteBucket(t, platform.ID(initialSum.Buckets[0].ID))
actionFn(t, stackID, obj, initialSum) actionFn(t, stackID, obj, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedBucket(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedBucket(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1456,14 +1459,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedBucket(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedBucket(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a check that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a check that was previously created by a stack", func(t *testing.T) {
testUserDeletedCheck := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedCheck := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newCheckDeadmanObject(t, "check-1", "", time.Hour) obj := newCheckDeadmanObject(t, "check-1", "", time.Hour)
@ -1478,7 +1481,7 @@ func TestLauncher_Pkger(t *testing.T) {
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedCheck(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedCheck(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1495,14 +1498,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedCheck(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedCheck(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a dashboard that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a dashboard that was previously created by a stack", func(t *testing.T) {
testUserDeletedDashboard := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedDashboard := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newDashObject("dash-1", "", "") obj := newDashObject("dash-1", "", "")
@ -1511,13 +1514,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Dashboards, 1) require.Len(t, initialSum.Dashboards, 1)
require.NotZero(t, initialSum.Dashboards[0].ID) require.NotZero(t, initialSum.Dashboards[0].ID)
resourceCheck.mustDeleteDashboard(t, influxdb.ID(initialSum.Dashboards[0].ID)) resourceCheck.mustDeleteDashboard(t, platform.ID(initialSum.Dashboards[0].ID))
actionFn(t, stackID, obj, initialSum) actionFn(t, stackID, obj, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedDashboard(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedDashboard(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1533,14 +1536,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedDashboard(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedDashboard(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a label that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a label that was previously created by a stack", func(t *testing.T) {
testUserDeletedLabel := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedLabel := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newLabelObject("label-1", "", "", "") obj := newLabelObject("label-1", "", "", "")
@ -1549,13 +1552,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Labels, 1) require.Len(t, initialSum.Labels, 1)
require.NotZero(t, initialSum.Labels[0].ID) require.NotZero(t, initialSum.Labels[0].ID)
resourceCheck.mustDeleteLabel(t, influxdb.ID(initialSum.Labels[0].ID)) resourceCheck.mustDeleteLabel(t, platform.ID(initialSum.Labels[0].ID))
actionFn(t, stackID, obj, initialSum) actionFn(t, stackID, obj, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedLabel(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedLabel(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1571,14 +1574,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedLabel(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedLabel(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a notification endpoint that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a notification endpoint that was previously created by a stack", func(t *testing.T) {
testUserDeletedEndpoint := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedEndpoint := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newEndpointHTTP("endpoint-1", "", "") obj := newEndpointHTTP("endpoint-1", "", "")
@ -1593,7 +1596,7 @@ func TestLauncher_Pkger(t *testing.T) {
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedEndpoint(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1610,14 +1613,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedEndpoint(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedEndpoint(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a notification rule that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a notification rule that was previously created by a stack", func(t *testing.T) {
testUserDeletedRule := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObjects []pkger.Object, initialSum pkger.Summary)) { testUserDeletedRule := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObjects []pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
endpointObj := newEndpointHTTP("endpoint-1", "", "") endpointObj := newEndpointHTTP("endpoint-1", "", "")
@ -1629,13 +1632,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.NotZero(t, initialSum.NotificationEndpoints[0].NotificationEndpoint.GetID()) require.NotZero(t, initialSum.NotificationEndpoints[0].NotificationEndpoint.GetID())
require.Len(t, initialSum.NotificationRules, 1) require.Len(t, initialSum.NotificationRules, 1)
require.NotZero(t, initialSum.NotificationRules[0].ID) require.NotZero(t, initialSum.NotificationRules[0].ID)
resourceCheck.mustDeleteRule(t, influxdb.ID(initialSum.NotificationRules[0].ID)) resourceCheck.mustDeleteRule(t, platform.ID(initialSum.NotificationRules[0].ID))
actionFn(t, stackID, []pkger.Object{ruleObj, endpointObj}, initialSum) actionFn(t, stackID, []pkger.Object{ruleObj, endpointObj}, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedRule(t, func(t *testing.T, stackID influxdb.ID, initialObjects []pkger.Object, initialSum pkger.Summary) { testUserDeletedRule(t, func(t *testing.T, stackID platform.ID, initialObjects []pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObjects...) pkg := newTemplate(initialObjects...)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1651,14 +1654,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedRule(t, func(t *testing.T, stackID influxdb.ID, _ []pkger.Object, _ pkger.Summary) { testUserDeletedRule(t, func(t *testing.T, stackID platform.ID, _ []pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a task that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a task that was previously created by a stack", func(t *testing.T) {
testUserDeletedTask := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedTask := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newTaskObject("task-1", "", "") obj := newTaskObject("task-1", "", "")
@ -1667,13 +1670,13 @@ func TestLauncher_Pkger(t *testing.T) {
require.Len(t, initialSum.Tasks, 1) require.Len(t, initialSum.Tasks, 1)
require.NotZero(t, initialSum.Tasks[0].ID) require.NotZero(t, initialSum.Tasks[0].ID)
resourceCheck.mustDeleteTask(t, influxdb.ID(initialSum.Tasks[0].ID)) resourceCheck.mustDeleteTask(t, platform.ID(initialSum.Tasks[0].ID))
actionFn(t, stackID, obj, initialSum) actionFn(t, stackID, obj, initialSum)
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedTask(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedTask(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1689,14 +1692,14 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedTask(t, func(t *testing.T, stackID influxdb.ID, _ pkger.Object, _ pkger.Summary) { testUserDeletedTask(t, func(t *testing.T, stackID platform.ID, _ pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
}) })
t.Run("when a user has deleted a telegraf config that was previously created by a stack", func(t *testing.T) { t.Run("when a user has deleted a telegraf config that was previously created by a stack", func(t *testing.T) {
testUserDeletedTelegraf := func(t *testing.T, actionFn func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary)) { testUserDeletedTelegraf := func(t *testing.T, actionFn func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary)) {
t.Helper() t.Helper()
obj := newTelegrafObject("tele-1", "", "") obj := newTelegrafObject("tele-1", "", "")
@ -1711,7 +1714,7 @@ func TestLauncher_Pkger(t *testing.T) {
} }
t.Run("should create new resource when attempting to update", func(t *testing.T) { t.Run("should create new resource when attempting to update", func(t *testing.T) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID influxdb.ID, initialObj pkger.Object, initialSum pkger.Summary) { testUserDeletedTelegraf(t, func(t *testing.T, stackID platform.ID, initialObj pkger.Object, initialSum pkger.Summary) {
pkg := newTemplate(initialObj) pkg := newTemplate(initialObj)
impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID)) impact, err := svc.Apply(ctx, l.Org.ID, l.User.ID, pkger.ApplyWithTemplate(pkg), pkger.ApplyWithStackID(stackID))
require.NoError(t, err) require.NoError(t, err)
@ -1727,7 +1730,7 @@ func TestLauncher_Pkger(t *testing.T) {
}) })
t.Run("should not error when attempting to remove", func(t *testing.T) { t.Run("should not error when attempting to remove", func(t *testing.T) {
testUserDeletedTelegraf(t, func(t *testing.T, stackID influxdb.ID, _ pkger.Object, _ pkger.Summary) { testUserDeletedTelegraf(t, func(t *testing.T, stackID platform.ID, _ pkger.Object, _ pkger.Summary) {
testValidRemoval(t, stackID) testValidRemoval(t, stackID)
}) })
}) })
@ -1746,7 +1749,7 @@ func TestLauncher_Pkger(t *testing.T) {
vars := impact.Summary.Variables vars := impact.Summary.Variables
require.Len(t, vars, 1) require.Len(t, vars, 1)
v := resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID))) v := resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Empty(t, v.Selected) assert.Empty(t, v.Selected)
impact, err = svc.Apply(ctx, l.Org.ID, l.User.ID, impact, err = svc.Apply(ctx, l.Org.ID, l.User.ID,
@ -1757,7 +1760,7 @@ func TestLauncher_Pkger(t *testing.T) {
vars = impact.Summary.Variables vars = impact.Summary.Variables
require.Len(t, vars, 1) require.Len(t, vars, 1)
v = resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID))) v = resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Equal(t, []string{"selected"}, v.Selected) assert.Equal(t, []string{"selected"}, v.Selected)
}) })
@ -2250,8 +2253,8 @@ func TestLauncher_Pkger(t *testing.T) {
defer cleanup() defer cleanup()
err := l.LabelService(t).DeleteLabelMapping(ctx, &influxdb.LabelMapping{ err := l.LabelService(t).DeleteLabelMapping(ctx, &influxdb.LabelMapping{
LabelID: influxdb.ID(initialSummary.Labels[0].ID), LabelID: platform.ID(initialSummary.Labels[0].ID),
ResourceID: influxdb.ID(initialSummary.Buckets[0].ID), ResourceID: platform.ID(initialSummary.Buckets[0].ID),
ResourceType: influxdb.BucketsResourceType, ResourceType: influxdb.BucketsResourceType,
}) })
require.NoError(t, err) require.NoError(t, err)
@ -2278,7 +2281,7 @@ func TestLauncher_Pkger(t *testing.T) {
err := l.LabelService(t).CreateLabelMapping(ctx, &influxdb.LabelMapping{ err := l.LabelService(t).CreateLabelMapping(ctx, &influxdb.LabelMapping{
LabelID: newLabel.ID, LabelID: newLabel.ID,
ResourceID: influxdb.ID(initialSummary.Buckets[0].ID), ResourceID: platform.ID(initialSummary.Buckets[0].ID),
ResourceType: influxdb.BucketsResourceType, ResourceType: influxdb.BucketsResourceType,
}) })
require.NoError(t, err) require.NoError(t, err)
@ -2987,7 +2990,7 @@ spec:
Query: "buckets() |> filter(fn: (r) => r.name !~ /^_/) |> rename(columns: {name: \"_value\"}) |> keep(columns: [\"_value\"])", Query: "buckets() |> filter(fn: (r) => r.name !~ /^_/) |> rename(columns: {name: \"_value\"}) |> keep(columns: [\"_value\"])",
Language: "flux", Language: "flux",
}, varArgs.Values) }, varArgs.Values)
platformVar := resourceCheck.mustGetVariable(t, byID(influxdb.ID(vars[0].ID))) platformVar := resourceCheck.mustGetVariable(t, byID(platform.ID(vars[0].ID)))
assert.Equal(t, []string{"rucketeer"}, platformVar.Selected) assert.Equal(t, []string{"rucketeer"}, platformVar.Selected)
newSumMapping := func(id pkger.SafeID, pkgName, name string, rt influxdb.ResourceType) pkger.SummaryLabelMapping { newSumMapping := func(id pkger.SafeID, pkgName, name string, rt influxdb.ResourceType) pkger.SummaryLabelMapping {
@ -3301,7 +3304,7 @@ spec:
resToClone := []pkger.ResourceToClone{ resToClone := []pkger.ResourceToClone{
{ {
Kind: pkger.KindBucket, Kind: pkger.KindBucket,
ID: influxdb.ID(sum1Bkts[0].ID), ID: platform.ID(sum1Bkts[0].ID),
}, },
{ {
Kind: pkger.KindCheck, Kind: pkger.KindCheck,
@ -3313,11 +3316,11 @@ spec:
}, },
{ {
Kind: pkger.KindDashboard, Kind: pkger.KindDashboard,
ID: influxdb.ID(sum1Dashs[0].ID), ID: platform.ID(sum1Dashs[0].ID),
}, },
{ {
Kind: pkger.KindLabel, Kind: pkger.KindLabel,
ID: influxdb.ID(sum1Labels[0].ID), ID: platform.ID(sum1Labels[0].ID),
}, },
{ {
Kind: pkger.KindNotificationEndpoint, Kind: pkger.KindNotificationEndpoint,
@ -3325,7 +3328,7 @@ spec:
}, },
{ {
Kind: pkger.KindTask, Kind: pkger.KindTask,
ID: influxdb.ID(sum1Tasks[0].ID), ID: platform.ID(sum1Tasks[0].ID),
}, },
{ {
Kind: pkger.KindTelegraf, Kind: pkger.KindTelegraf,
@ -3337,12 +3340,12 @@ spec:
{ {
Kind: pkger.KindNotificationRule, Kind: pkger.KindNotificationRule,
Name: "new rule name", Name: "new rule name",
ID: influxdb.ID(sum1Rules[0].ID), ID: platform.ID(sum1Rules[0].ID),
}, },
{ {
Kind: pkger.KindVariable, Kind: pkger.KindVariable,
Name: "new name", Name: "new name",
ID: influxdb.ID(sum1Vars[0].ID), ID: platform.ID(sum1Vars[0].ID),
}, },
} }
@ -3450,7 +3453,7 @@ spec:
_, err = svc.Apply(ctx, l.Org.ID, 0, pkger.ApplyWithTemplate(updatePkg)) _, err = svc.Apply(ctx, l.Org.ID, 0, pkger.ApplyWithTemplate(updatePkg))
require.Error(t, err) require.Error(t, err)
bkt, err := l.BucketService(t).FindBucketByID(ctx, influxdb.ID(sum1Bkts[0].ID)) bkt, err := l.BucketService(t).FindBucketByID(ctx, platform.ID(sum1Bkts[0].ID))
require.NoError(t, err) require.NoError(t, err)
// make sure the desc change is not applied and is rolled back to prev desc // make sure the desc change is not applied and is rolled back to prev desc
assert.Equal(t, sum1Bkts[0].Description, bkt.Description) assert.Equal(t, sum1Bkts[0].Description, bkt.Description)
@ -3465,7 +3468,7 @@ spec:
// direct comparison very annoying... // direct comparison very annoying...
assert.Equal(t, sum1Checks[0].Check.(*check.Threshold).Query.Text, deadman.Query.Text) assert.Equal(t, sum1Checks[0].Check.(*check.Threshold).Query.Text, deadman.Query.Text)
label, err := l.LabelService(t).FindLabelByID(ctx, influxdb.ID(sum1Labels[0].ID)) label, err := l.LabelService(t).FindLabelByID(ctx, platform.ID(sum1Labels[0].ID))
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, sum1Labels[0].Properties.Description, label.Properties["description"]) assert.Equal(t, sum1Labels[0].Properties.Description, label.Properties["description"])
@ -3473,7 +3476,7 @@ spec:
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, sum1Endpoints[0].NotificationEndpoint.GetDescription(), endpoint.GetDescription()) assert.Equal(t, sum1Endpoints[0].NotificationEndpoint.GetDescription(), endpoint.GetDescription())
v, err := l.VariableService(t).FindVariableByID(ctx, influxdb.ID(sum1Vars[0].ID)) v, err := l.VariableService(t).FindVariableByID(ctx, platform.ID(sum1Vars[0].ID))
require.NoError(t, err) require.NoError(t, err)
assert.Equal(t, sum1Vars[0].Description, v.Description) assert.Equal(t, sum1Vars[0].Description, v.Description)
}) })
@ -3569,7 +3572,7 @@ spec:
require.NotZero(t, impact.Summary.Buckets[0].ID) require.NotZero(t, impact.Summary.Buckets[0].ID)
stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{ stacks, err := svc.ListStacks(ctx, l.Org.ID, pkger.ListFilter{
StackIDs: []influxdb.ID{impact.StackID}, StackIDs: []platform.ID{impact.StackID},
}) })
require.NoError(t, err) require.NoError(t, err)
@ -3577,7 +3580,7 @@ spec:
ev := stacks[0].LatestEvent() ev := stacks[0].LatestEvent()
require.Len(t, ev.Resources, 1) require.Len(t, ev.Resources, 1)
assert.Equal(t, ev.Resources[0].MetaName, "room") assert.Equal(t, ev.Resources[0].MetaName, "room")
assert.Equal(t, influxdb.ID(impact.Summary.Buckets[0].ID), ev.Resources[0].ID) assert.Equal(t, platform.ID(impact.Summary.Buckets[0].ID), ev.Resources[0].ID)
}) })
t.Run("apply a template with env refs", func(t *testing.T) { t.Run("apply a template with env refs", func(t *testing.T) {
@ -4579,7 +4582,7 @@ func (f *fakeBucketSVC) CreateBucket(ctx context.Context, b *influxdb.Bucket) er
return f.BucketService.CreateBucket(ctx, b) return f.BucketService.CreateBucket(ctx, b)
} }
func (f *fakeBucketSVC) UpdateBucket(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) { func (f *fakeBucketSVC) UpdateBucket(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error) {
defer f.updateCallCount.IncrFn()() defer f.updateCallCount.IncrFn()()
if f.updateCallCount.Count() == f.updateKillCount { if f.updateCallCount.Count() == f.updateKillCount {
return nil, errors.New("reached kill count") return nil, errors.New("reached kill count")
@ -4618,7 +4621,7 @@ type fakeRuleStore struct {
createKillCount int createKillCount int
} }
func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID influxdb.ID) error { func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID platform.ID) error {
defer f.createCallCount.IncrFn()() defer f.createCallCount.IncrFn()()
if f.createCallCount.Count() == f.createKillCount { if f.createCallCount.Count() == f.createKillCount {
return errors.New("reached kill count") return errors.New("reached kill count")
@ -4629,7 +4632,7 @@ func (f *fakeRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.
func assertErrorCode(t *testing.T, expected string, err error) { func assertErrorCode(t *testing.T, expected string, err error) {
t.Helper() t.Helper()
assert.Error(t, err) assert.Error(t, err)
assert.Equal(t, expected, influxdb.ErrorCode(err)) assert.Equal(t, expected, errors2.ErrorCode(err))
} }
type resourceChecker struct { type resourceChecker struct {
@ -4642,14 +4645,14 @@ func newResourceChecker(tl *TestLauncher) resourceChecker {
type ( type (
getResourceOpt struct { getResourceOpt struct {
id influxdb.ID id platform.ID
name string name string
} }
getResourceOptFn func() getResourceOpt getResourceOptFn func() getResourceOpt
) )
func byID(id influxdb.ID) getResourceOptFn { func byID(id platform.ID) getResourceOptFn {
return func() getResourceOpt { return func() getResourceOpt {
return getResourceOpt{id: id} return getResourceOpt{id: id}
} }
@ -4663,7 +4666,7 @@ func byName(name string) getResourceOptFn {
func bySafeID(id pkger.SafeID) getResourceOptFn { func bySafeID(id pkger.SafeID) getResourceOptFn {
return func() getResourceOpt { return func() getResourceOpt {
return getResourceOpt{id: influxdb.ID(id)} return getResourceOpt{id: platform.ID(id)}
} }
} }
@ -4699,7 +4702,7 @@ func (r resourceChecker) mustGetBucket(t *testing.T, getOpt getResourceOptFn) in
return bkt return bkt
} }
func (r resourceChecker) mustDeleteBucket(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteBucket(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.BucketService(t).DeleteBucket(ctx, id)) require.NoError(t, r.tl.BucketService(t).DeleteBucket(ctx, id))
} }
@ -4736,7 +4739,7 @@ func (r resourceChecker) mustGetCheck(t *testing.T, getOpt getResourceOptFn) inf
return c return c
} }
func (r resourceChecker) mustDeleteCheck(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteCheck(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.CheckService().DeleteCheck(ctx, id)) require.NoError(t, r.tl.CheckService().DeleteCheck(ctx, id))
@ -4787,7 +4790,7 @@ func (r resourceChecker) mustGetDashboard(t *testing.T, getOpt getResourceOptFn)
return dash return dash
} }
func (r resourceChecker) mustDeleteDashboard(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteDashboard(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.DashboardService(t).DeleteDashboard(ctx, id)) require.NoError(t, r.tl.DashboardService(t).DeleteDashboard(ctx, id))
@ -4835,7 +4838,7 @@ func (r resourceChecker) mustGetEndpoint(t *testing.T, getOpt getResourceOptFn)
return e return e
} }
func (r resourceChecker) mustDeleteEndpoint(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteEndpoint(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
_, _, err := r.tl.NotificationEndpointService(t).DeleteNotificationEndpoint(ctx, id) _, _, err := r.tl.NotificationEndpointService(t).DeleteNotificationEndpoint(ctx, id)
@ -4888,7 +4891,7 @@ func (r resourceChecker) mustGetLabel(t *testing.T, getOpt getResourceOptFn) inf
return l return l
} }
func (r resourceChecker) mustDeleteLabel(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteLabel(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.LabelService(t).DeleteLabel(ctx, id)) require.NoError(t, r.tl.LabelService(t).DeleteLabel(ctx, id))
} }
@ -4935,7 +4938,7 @@ func (r resourceChecker) mustGetRule(t *testing.T, getOpt getResourceOptFn) infl
return rule return rule
} }
func (r resourceChecker) mustDeleteRule(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteRule(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.NotificationRuleService(t).DeleteNotificationRule(ctx, id)) require.NoError(t, r.tl.NotificationRuleService(t).DeleteNotificationRule(ctx, id))
@ -4985,7 +4988,7 @@ func (r resourceChecker) mustGetTask(t *testing.T, getOpt getResourceOptFn) infl
return task return task
} }
func (r resourceChecker) mustDeleteTask(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteTask(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.TaskService(t).DeleteTask(ctx, id)) require.NoError(t, r.tl.TaskService(t).DeleteTask(ctx, id))
@ -5031,7 +5034,7 @@ func (r resourceChecker) mustGetTelegrafConfig(t *testing.T, getOpt getResourceO
return tele return tele
} }
func (r resourceChecker) mustDeleteTelegrafConfig(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteTelegrafConfig(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
require.NoError(t, r.tl.TelegrafService(t).DeleteTelegrafConfig(ctx, id)) require.NoError(t, r.tl.TelegrafService(t).DeleteTelegrafConfig(ctx, id))
@ -5083,7 +5086,7 @@ func (r resourceChecker) mustGetVariable(t *testing.T, getOpt getResourceOptFn)
return l return l
} }
func (r resourceChecker) mustDeleteVariable(t *testing.T, id influxdb.ID) { func (r resourceChecker) mustDeleteVariable(t *testing.T, id platform.ID) {
t.Helper() t.Helper()
err := r.tl.VariableService(t).DeleteVariable(ctx, id) err := r.tl.VariableService(t).DeleteVariable(ctx, id)

5
cmd/influxd/launcher/print_config_test.go
View File

@ -4,7 +4,8 @@ import (
"bytes" "bytes"
"testing" "testing"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/cli" "github.com/influxdata/influxdb/v2/kit/cli"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"go.uber.org/zap/zapcore" "go.uber.org/zap/zapcore"
@ -19,7 +20,7 @@ var floatVar = 987.654
var sliceVar = []string{"hello", "world"} var sliceVar = []string{"hello", "world"}
var mapVar = map[string]string{"foo": "bar", "baz": "qux"} var mapVar = map[string]string{"foo": "bar", "baz": "qux"}
var levelVar = zapcore.InfoLevel var levelVar = zapcore.InfoLevel
var idVar, _ = influxdb.IDFromString("020f755c3c082000") var idVar, _ = platform.IDFromString("020f755c3c082000")
var opts = []cli.Opt{ var opts = []cli.Opt{
{ {

3
cmd/influxd/launcher/query_test.go
View File

@ -5,6 +5,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
errors2 "github.com/influxdata/influxdb/v2/kit/platform/errors"
"html/template" "html/template"
"io" "io"
"io/ioutil" "io/ioutil"
@ -590,7 +591,7 @@ from(bucket: "%s")
} }
if err := l.QueryAndNopConsume(ctx, req); err == nil { if err := l.QueryAndNopConsume(ctx, req); err == nil {
t.Error("expected error") t.Error("expected error")
} else if got, want := influxdb.ErrorCode(err), influxdb.EUnauthorized; got != want { } else if got, want := errors2.ErrorCode(err), errors2.EUnauthorized; got != want {
t.Errorf("unexpected error code -want/+got:\n\t- %v\n\t+ %v", got, want) t.Errorf("unexpected error code -want/+got:\n\t- %v\n\t+ %v", got, want)
} }
} }

8
cmd/influxd/upgrade/database.go
View File

@ -8,6 +8,8 @@ import (
"path/filepath" "path/filepath"
"strings" "strings"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/dustin/go-humanize" "github.com/dustin/go-humanize"
"github.com/influxdata/influxdb/v2" "github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/cmd/internal" "github.com/influxdata/influxdb/v2/cmd/internal"
@ -18,10 +20,10 @@ import (
) )
// upgradeDatabases creates databases, buckets, retention policies and shard info according to 1.x meta and copies data // upgradeDatabases creates databases, buckets, retention policies and shard info according to 1.x meta and copies data
func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *influxDBv2, opts *options, orgID influxdb.ID, log *zap.Logger) (map[string][]influxdb.ID, error) { func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *influxDBv2, opts *options, orgID platform.ID, log *zap.Logger) (map[string][]platform.ID, error) {
v1opts := opts.source v1opts := opts.source
v2opts := opts.target v2opts := opts.target
db2BucketIds := make(map[string][]influxdb.ID) db2BucketIds := make(map[string][]platform.ID)
targetDataPath := filepath.Join(v2opts.enginePath, "data") targetDataPath := filepath.Join(v2opts.enginePath, "data")
targetWalPath := filepath.Join(v2opts.enginePath, "wal") targetWalPath := filepath.Join(v2opts.enginePath, "wal")
@ -61,7 +63,7 @@ func upgradeDatabases(ctx context.Context, ui *input.UI, v1 *influxDBv1, v2 *inf
log.Debug("Upgrading database", zap.String("database", db.Name)) log.Debug("Upgrading database", zap.String("database", db.Name))
// db to buckets IDs mapping // db to buckets IDs mapping
db2BucketIds[db.Name] = make([]influxdb.ID, 0, len(db.RetentionPolicies)) db2BucketIds[db.Name] = make([]platform.ID, 0, len(db.RetentionPolicies))
for _, rp := range db.RetentionPolicies { for _, rp := range db.RetentionPolicies {
sourcePath := filepath.Join(v1opts.dataDir, db.Name, rp.Name) sourcePath := filepath.Join(v1opts.dataDir, db.Name, rp.Name)

Some files were not shown because too many files have changed in this diff Show More