Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/remotes/transport/middleware_auth.go

82 lines
2.6 KiB
Go
Raw Blame History

package transport
import (
"context"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/authorizer"
"github.com/influxdata/influxdb/v2/kit/platform"
"github.com/influxdata/influxdb/v2/kit/platform/errors"
)
func newAuthCheckingService(underlying RemoteConnectionService) *authCheckingService {
return &authCheckingService{underlying}
}
type authCheckingService struct {
underlying RemoteConnectionService
}
var _ RemoteConnectionService = (*authCheckingService)(nil)
func (a authCheckingService) ListRemoteConnections(ctx context.Context, filter influxdb.RemoteConnectionListFilter) (*influxdb.RemoteConnections, error) {
rs, err := a.underlying.ListRemoteConnections(ctx, filter)
if err != nil {
return nil, err
}
rrs := rs.Remotes[:0]
for _, r := range rs.Remotes {
_, _, err := authorizer.AuthorizeRead(ctx, influxdb.RemotesResourceType, r.ID, r.OrgID)
if err != nil && errors.ErrorCode(err) != errors.EUnauthorized {
return nil, err
}
if errors.ErrorCode(err) == errors.EUnauthorized {
continue
}
rrs = append(rrs, r)
}
return &influxdb.RemoteConnections{Remotes: rrs}, nil
}
func (a authCheckingService) CreateRemoteConnection(ctx context.Context, request influxdb.CreateRemoteConnectionRequest) (*influxdb.RemoteConnection, error) {
if _, _, err := authorizer.AuthorizeCreate(ctx, influxdb.RemotesResourceType, request.OrgID); err != nil {
return nil, err
}
return a.underlying.CreateRemoteConnection(ctx, request)
}
func (a authCheckingService) GetRemoteConnection(ctx context.Context, id platform.ID) (*influxdb.RemoteConnection, error) {
r, err := a.underlying.GetRemoteConnection(ctx, id)
if err != nil {
return nil, err
}
if _, _, err := authorizer.AuthorizeRead(ctx, influxdb.RemotesResourceType, id, r.OrgID); err != nil {
return nil, err
}
return r, nil
}
func (a authCheckingService) UpdateRemoteConnection(ctx context.Context, id platform.ID, request influxdb.UpdateRemoteConnectionRequest) (*influxdb.RemoteConnection, error) {
r, err := a.underlying.GetRemoteConnection(ctx, id)
if err != nil {
return nil, err
}
if _, _, err := authorizer.AuthorizeWrite(ctx, influxdb.RemotesResourceType, id, r.OrgID); err != nil {
return nil, err
}
return a.underlying.UpdateRemoteConnection(ctx, id, request)
}
func (a authCheckingService) DeleteRemoteConnection(ctx context.Context, id platform.ID) error {
r, err := a.underlying.GetRemoteConnection(ctx, id)
if err != nil {
return err
}
if _, _, err := authorizer.AuthorizeWrite(ctx, influxdb.RemotesResourceType, id, r.OrgID); err != nil {
return err
}
return a.underlying.DeleteRemoteConnection(ctx, id)
}
Reference in New Issue View Git Blame Copy Permalink