From 63b153df8c5a5cca22503ea149c02247d7b9ad7c Mon Sep 17 00:00:00 2001 From: Daniel Nephin Date: Thu, 9 Jul 2020 18:51:27 -0400 Subject: [PATCH] store: convert methods that don't use their receiver to functions Making these functions allows them to be used without introducing an artificial dependency on the struct. Many of these will be called from streaming Event processors, which do not have a store. This change is being made ahead of the streaming work to get to reduce the size of the streaming diff. --- agent/consul/state/acl.go | 131 ++++++++++++++++----------------- agent/consul/state/acl_oss.go | 38 +++++----- agent/consul/state/acl_test.go | 14 ++-- 3 files changed, 91 insertions(+), 92 deletions(-) diff --git a/agent/consul/state/acl.go b/agent/consul/state/acl.go index 2783ec1ade..320c9cd834 100644 --- a/agent/consul/state/acl.go +++ b/agent/consul/state/acl.go @@ -230,7 +230,7 @@ func (s *Snapshot) ACLTokens() (memdb.ResultIterator, error) { // ACLToken is used when restoring from a snapshot. For general inserts, use ACL. func (s *Restore) ACLToken(token *structs.ACLToken) error { - return s.store.aclTokenInsert(s.tx, token) + return aclTokenInsert(s.tx, token) } // ACLPolicies is used when saving a snapshot @@ -243,7 +243,7 @@ func (s *Snapshot) ACLPolicies() (memdb.ResultIterator, error) { } func (s *Restore) ACLPolicy(policy *structs.ACLPolicy) error { - return s.store.aclPolicyInsert(s.tx, policy) + return aclPolicyInsert(s.tx, policy) } // ACLRoles is used when saving a snapshot @@ -256,7 +256,7 @@ func (s *Snapshot) ACLRoles() (memdb.ResultIterator, error) { } func (s *Restore) ACLRole(role *structs.ACLRole) error { - return s.store.aclRoleInsert(s.tx, role) + return aclRoleInsert(s.tx, role) } // ACLBindingRules is used when saving a snapshot @@ -339,7 +339,7 @@ func (s *Store) CanBootstrapACLToken() (bool, uint64, error) { // to update the name. Unlike the older functions to operate specifically on role or policy links // this function does not itself handle the case where the id cannot be found. Instead the // getName function should handle that and return an error if necessary -func (s *Store) resolveACLLinks(tx *txn, links []agentpb.ACLLink, getName func(*txn, string) (string, error)) (int, error) { +func resolveACLLinks(tx *txn, links []agentpb.ACLLink, getName func(*txn, string) (string, error)) (int, error) { var numValid int for linkIndex, link := range links { if link.ID != "" { @@ -365,7 +365,7 @@ func (s *Store) resolveACLLinks(tx *txn, links []agentpb.ACLLink, getName func(* // associated with the ID of the link. Ideally this will be a no-op if the names are already correct // however if a linked resource was renamed it might be stale. This function will treat the incoming // links with copy-on-write semantics and its output will indicate whether any modifications were made. -func (s *Store) fixupACLLinks(tx *txn, original []agentpb.ACLLink, getName func(*txn, string) (string, error)) ([]agentpb.ACLLink, bool, error) { +func fixupACLLinks(tx *txn, original []agentpb.ACLLink, getName func(*txn, string) (string, error)) ([]agentpb.ACLLink, bool, error) { owned := false links := original @@ -405,11 +405,11 @@ func (s *Store) fixupACLLinks(tx *txn, original []agentpb.ACLLink, getName func( return links, owned, nil } -func (s *Store) resolveTokenPolicyLinks(tx *txn, token *structs.ACLToken, allowMissing bool) (int, error) { +func resolveTokenPolicyLinks(tx *txn, token *structs.ACLToken, allowMissing bool) (int, error) { var numValid int for linkIndex, link := range token.Policies { if link.ID != "" { - policy, err := s.getPolicyWithTxn(tx, nil, link.ID, s.aclPolicyGetByID, &token.EnterpriseMeta) + policy, err := getPolicyWithTxn(tx, nil, link.ID, aclPolicyGetByID, &token.EnterpriseMeta) if err != nil { return 0, err @@ -433,7 +433,7 @@ func (s *Store) resolveTokenPolicyLinks(tx *txn, token *structs.ACLToken, allowM // stale when a linked policy was deleted or renamed. This will correct them and generate a newly allocated // token only when fixes are needed. If the policy links are still accurate then we just return the original // token. -func (s *Store) fixupTokenPolicyLinks(tx *txn, original *structs.ACLToken) (*structs.ACLToken, error) { +func fixupTokenPolicyLinks(tx *txn, original *structs.ACLToken) (*structs.ACLToken, error) { owned := false token := original @@ -449,7 +449,7 @@ func (s *Store) fixupTokenPolicyLinks(tx *txn, original *structs.ACLToken) (*str return nil, fmt.Errorf("Detected corrupted token within the state store - missing policy link ID") } - policy, err := s.getPolicyWithTxn(tx, nil, link.ID, s.aclPolicyGetByID, &token.EnterpriseMeta) + policy, err := getPolicyWithTxn(tx, nil, link.ID, aclPolicyGetByID, &token.EnterpriseMeta) if err != nil { return nil, err @@ -483,7 +483,7 @@ func (s *Store) resolveTokenRoleLinks(tx *txn, token *structs.ACLToken, allowMis var numValid int for linkIndex, link := range token.Roles { if link.ID != "" { - role, err := s.getRoleWithTxn(tx, nil, link.ID, s.aclRoleGetByID, &token.EnterpriseMeta) + role, err := getRoleWithTxn(tx, nil, link.ID, aclRoleGetByID, &token.EnterpriseMeta) if err != nil { return 0, err @@ -507,7 +507,7 @@ func (s *Store) resolveTokenRoleLinks(tx *txn, token *structs.ACLToken, allowMis // stale when a linked role was deleted or renamed. This will correct them and generate a newly allocated // token only when fixes are needed. If the role links are still accurate then we just return the original // token. -func (s *Store) fixupTokenRoleLinks(tx *txn, original *structs.ACLToken) (*structs.ACLToken, error) { +func fixupTokenRoleLinks(tx *txn, original *structs.ACLToken) (*structs.ACLToken, error) { owned := false token := original @@ -523,7 +523,7 @@ func (s *Store) fixupTokenRoleLinks(tx *txn, original *structs.ACLToken) (*struc return nil, fmt.Errorf("Detected corrupted token within the state store - missing role link ID") } - role, err := s.getRoleWithTxn(tx, nil, link.ID, s.aclRoleGetByID, &original.EnterpriseMeta) + role, err := getRoleWithTxn(tx, nil, link.ID, aclRoleGetByID, &original.EnterpriseMeta) if err != nil { return nil, err @@ -553,10 +553,10 @@ func (s *Store) fixupTokenRoleLinks(tx *txn, original *structs.ACLToken) (*struc return token, nil } -func (s *Store) resolveRolePolicyLinks(tx *txn, role *structs.ACLRole, allowMissing bool) error { +func resolveRolePolicyLinks(tx *txn, role *structs.ACLRole, allowMissing bool) error { for linkIndex, link := range role.Policies { if link.ID != "" { - policy, err := s.getPolicyWithTxn(tx, nil, link.ID, s.aclPolicyGetByID, &role.EnterpriseMeta) + policy, err := getPolicyWithTxn(tx, nil, link.ID, aclPolicyGetByID, &role.EnterpriseMeta) if err != nil { return err @@ -579,7 +579,7 @@ func (s *Store) resolveRolePolicyLinks(tx *txn, role *structs.ACLRole, allowMiss // stale when a linked policy was deleted or renamed. This will correct them and generate a newly allocated // role only when fixes are needed. If the policy links are still accurate then we just return the original // role. -func (s *Store) fixupRolePolicyLinks(tx *txn, original *structs.ACLRole) (*structs.ACLRole, error) { +func fixupRolePolicyLinks(tx *txn, original *structs.ACLRole) (*structs.ACLRole, error) { owned := false role := original @@ -595,7 +595,7 @@ func (s *Store) fixupRolePolicyLinks(tx *txn, original *structs.ACLRole) (*struc return nil, fmt.Errorf("Detected corrupted role within the state store - missing policy link ID") } - policy, err := s.getPolicyWithTxn(tx, nil, link.ID, s.aclPolicyGetByID, &original.EnterpriseMeta) + policy, err := getPolicyWithTxn(tx, nil, link.ID, aclPolicyGetByID, &original.EnterpriseMeta) if err != nil { return nil, err @@ -676,7 +676,7 @@ func (s *Store) aclTokenSetTxn(tx *txn, idx uint64, token *structs.ACLToken, cas // Check for an existing ACL // DEPRECATED (ACL-Legacy-Compat) - transition to using accessor index instead of secret once v1 compat is removed - _, existing, err := s.aclTokenGetFromIndex(tx, token.SecretID, "id", nil) + _, existing, err := aclTokenGetFromIndex(tx, token.SecretID, "id", nil) if err != nil { return fmt.Errorf("failed token lookup: %s", err) } @@ -710,12 +710,12 @@ func (s *Store) aclTokenSetTxn(tx *txn, idx uint64, token *structs.ACLToken, cas token.AccessorID = original.AccessorID } - if err := s.aclTokenUpsertValidateEnterprise(tx, token, original); err != nil { + if err := aclTokenUpsertValidateEnterprise(tx, token, original); err != nil { return err } var numValidPolicies int - if numValidPolicies, err = s.resolveTokenPolicyLinks(tx, token, allowMissingPolicyAndRoleIDs); err != nil { + if numValidPolicies, err = resolveTokenPolicyLinks(tx, token, allowMissingPolicyAndRoleIDs); err != nil { return err } @@ -774,7 +774,7 @@ func (s *Store) aclTokenSetTxn(tx *txn, idx uint64, token *structs.ACLToken, cas // ensure that a hash is set token.SetHash(false) - return s.aclTokenInsert(tx, token) + return aclTokenInsert(tx, token) } // ACLTokenGetBySecret is used to look up an existing ACL token by its SecretID. @@ -797,7 +797,7 @@ func (s *Store) aclTokenGet(ws memdb.WatchSet, value, index string, entMeta *str return 0, nil, err } - idx := s.aclTokenMaxIndex(tx, token, entMeta) + idx := aclTokenMaxIndex(tx, token, entMeta) return idx, token, nil } @@ -824,7 +824,7 @@ func (s *Store) ACLTokenBatchGet(ws memdb.WatchSet, accessors []string) (uint64, } func (s *Store) aclTokenGetTxn(tx *txn, ws memdb.WatchSet, value, index string, entMeta *structs.EnterpriseMeta) (*structs.ACLToken, error) { - watchCh, rawToken, err := s.aclTokenGetFromIndex(tx, value, index, entMeta) + watchCh, rawToken, err := aclTokenGetFromIndex(tx, value, index, entMeta) if err != nil { return nil, fmt.Errorf("failed acl token lookup: %v", err) } @@ -832,11 +832,11 @@ func (s *Store) aclTokenGetTxn(tx *txn, ws memdb.WatchSet, value, index string, if rawToken != nil { token := rawToken.(*structs.ACLToken) - token, err := s.fixupTokenPolicyLinks(tx, token) + token, err := fixupTokenPolicyLinks(tx, token) if err != nil { return nil, err } - token, err = s.fixupTokenRoleLinks(tx, token) + token, err = fixupTokenRoleLinks(tx, token) if err != nil { return nil, err } @@ -861,11 +861,11 @@ func (s *Store) ACLTokenList(ws memdb.WatchSet, local, global bool, policy, role needLocalityFilter := false if policy == "" && role == "" && methodName == "" { if global == local { - iter, err = s.aclTokenListAll(tx, entMeta) + iter, err = aclTokenListAll(tx, entMeta) } else if global { - iter, err = s.aclTokenListGlobal(tx, entMeta) + iter, err = aclTokenListGlobal(tx, entMeta) } else { - iter, err = s.aclTokenListLocal(tx, entMeta) + iter, err = aclTokenListLocal(tx, entMeta) } } else if policy != "" && role == "" && methodName == "" { @@ -877,7 +877,7 @@ func (s *Store) ACLTokenList(ws memdb.WatchSet, local, global bool, policy, role needLocalityFilter = true } else if policy == "" && role == "" && methodName != "" { - iter, err = s.aclTokenListByAuthMethod(tx, methodName, methodMeta, entMeta) + iter, err = aclTokenListByAuthMethod(tx, methodName, methodMeta, entMeta) needLocalityFilter = true } else { @@ -910,11 +910,11 @@ func (s *Store) ACLTokenList(ws memdb.WatchSet, local, global bool, policy, role var result structs.ACLTokens for raw := iter.Next(); raw != nil; raw = iter.Next() { token := raw.(*structs.ACLToken) - token, err := s.fixupTokenPolicyLinks(tx, token) + token, err := fixupTokenPolicyLinks(tx, token) if err != nil { return 0, nil, err } - token, err = s.fixupTokenRoleLinks(tx, token) + token, err = fixupTokenRoleLinks(tx, token) if err != nil { return 0, nil, err } @@ -922,8 +922,7 @@ func (s *Store) ACLTokenList(ws memdb.WatchSet, local, global bool, policy, role } // Get the table index. - idx := s.aclTokenMaxIndex(tx, nil, entMeta) - + idx := aclTokenMaxIndex(tx, nil, entMeta) return idx, result, nil } @@ -1043,7 +1042,7 @@ func (s *Store) aclTokenDelete(idx uint64, value, index string, entMeta *structs func (s *Store) aclTokenDeleteTxn(tx *txn, idx uint64, value, index string, entMeta *structs.EnterpriseMeta) error { // Look up the existing token - _, token, err := s.aclTokenGetFromIndex(tx, value, index, entMeta) + _, token, err := aclTokenGetFromIndex(tx, value, index, entMeta) if err != nil { return fmt.Errorf("failed acl token lookup: %v", err) } @@ -1056,12 +1055,12 @@ func (s *Store) aclTokenDeleteTxn(tx *txn, idx uint64, value, index string, entM return fmt.Errorf("Deletion of the builtin anonymous token is not permitted") } - return s.aclTokenDeleteWithToken(tx, token.(*structs.ACLToken), idx) + return aclTokenDeleteWithToken(tx, token.(*structs.ACLToken), idx) } func (s *Store) aclTokenDeleteAllForAuthMethodTxn(tx *txn, idx uint64, methodName string, methodMeta *structs.EnterpriseMeta) error { // collect all the tokens linked with the given auth method. - iter, err := s.aclTokenListByAuthMethod(tx, methodName, methodMeta, structs.WildcardEnterpriseMeta()) + iter, err := aclTokenListByAuthMethod(tx, methodName, methodMeta, structs.WildcardEnterpriseMeta()) if err != nil { return fmt.Errorf("failed acl token lookup: %v", err) } @@ -1075,7 +1074,7 @@ func (s *Store) aclTokenDeleteAllForAuthMethodTxn(tx *txn, idx uint64, methodNam if len(tokens) > 0 { // delete them all for _, token := range tokens { - if err := s.aclTokenDeleteWithToken(tx, token, idx); err != nil { + if err := aclTokenDeleteWithToken(tx, token, idx); err != nil { return err } } @@ -1119,7 +1118,7 @@ func (s *Store) aclPolicySetTxn(tx *txn, idx uint64, policy *structs.ACLPolicy) } var existing *structs.ACLPolicy - _, existingRaw, err := s.aclPolicyGetByID(tx, policy.ID, nil) + _, existingRaw, err := aclPolicyGetByID(tx, policy.ID, nil) if err != nil { return err } @@ -1146,7 +1145,7 @@ func (s *Store) aclPolicySetTxn(tx *txn, idx uint64, policy *structs.ACLPolicy) } // ensure the name is unique (cannot conflict with another policy with a different ID) - _, nameMatch, err := s.aclPolicyGetByName(tx, policy.Name, &policy.EnterpriseMeta) + _, nameMatch, err := aclPolicyGetByName(tx, policy.Name, &policy.EnterpriseMeta) if err != nil { return err } @@ -1154,7 +1153,7 @@ func (s *Store) aclPolicySetTxn(tx *txn, idx uint64, policy *structs.ACLPolicy) return fmt.Errorf("A policy with name %q already exists", policy.Name) } - if err := s.aclPolicyUpsertValidateEnterprise(tx, policy, existing); err != nil { + if err := aclPolicyUpsertValidateEnterprise(tx, policy, existing); err != nil { return err } @@ -1168,15 +1167,15 @@ func (s *Store) aclPolicySetTxn(tx *txn, idx uint64, policy *structs.ACLPolicy) } // Insert the ACL - return s.aclPolicyInsert(tx, policy) + return aclPolicyInsert(tx, policy) } func (s *Store) ACLPolicyGetByID(ws memdb.WatchSet, id string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLPolicy, error) { - return s.aclPolicyGet(ws, id, s.aclPolicyGetByID, entMeta) + return s.aclPolicyGet(ws, id, aclPolicyGetByID, entMeta) } func (s *Store) ACLPolicyGetByName(ws memdb.WatchSet, name string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLPolicy, error) { - return s.aclPolicyGet(ws, name, s.aclPolicyGetByName, entMeta) + return s.aclPolicyGet(ws, name, aclPolicyGetByName, entMeta) } func (s *Store) ACLPolicyBatchGet(ws memdb.WatchSet, ids []string) (uint64, structs.ACLPolicies, error) { @@ -1185,7 +1184,7 @@ func (s *Store) ACLPolicyBatchGet(ws memdb.WatchSet, ids []string) (uint64, stru policies := make(structs.ACLPolicies, 0) for _, pid := range ids { - policy, err := s.getPolicyWithTxn(tx, ws, pid, s.aclPolicyGetByID, nil) + policy, err := getPolicyWithTxn(tx, ws, pid, aclPolicyGetByID, nil) if err != nil { return 0, nil, err } @@ -1204,7 +1203,7 @@ func (s *Store) ACLPolicyBatchGet(ws memdb.WatchSet, ids []string) (uint64, stru type aclPolicyGetFn func(*txn, string, *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) -func (s *Store) getPolicyWithTxn(tx *txn, ws memdb.WatchSet, value string, fn aclPolicyGetFn, entMeta *structs.EnterpriseMeta) (*structs.ACLPolicy, error) { +func getPolicyWithTxn(tx *txn, ws memdb.WatchSet, value string, fn aclPolicyGetFn, entMeta *structs.EnterpriseMeta) (*structs.ACLPolicy, error) { watchCh, policy, err := fn(tx, value, entMeta) if err != nil { return nil, fmt.Errorf("failed acl policy lookup: %v", err) @@ -1222,12 +1221,12 @@ func (s *Store) aclPolicyGet(ws memdb.WatchSet, value string, fn aclPolicyGetFn, tx := s.db.Txn(false) defer tx.Abort() - policy, err := s.getPolicyWithTxn(tx, ws, value, fn, entMeta) + policy, err := getPolicyWithTxn(tx, ws, value, fn, entMeta) if err != nil { return 0, nil, err } - idx := s.aclPolicyMaxIndex(tx, policy, entMeta) + idx := aclPolicyMaxIndex(tx, policy, entMeta) return idx, policy, nil } @@ -1236,7 +1235,7 @@ func (s *Store) ACLPolicyList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta tx := s.db.Txn(false) defer tx.Abort() - iter, err := s.aclPolicyList(tx, entMeta) + iter, err := aclPolicyList(tx, entMeta) if err != nil { return 0, nil, fmt.Errorf("failed acl policy lookup: %v", err) } @@ -1248,17 +1247,17 @@ func (s *Store) ACLPolicyList(ws memdb.WatchSet, entMeta *structs.EnterpriseMeta } // Get the table index. - idx := s.aclPolicyMaxIndex(tx, nil, entMeta) + idx := aclPolicyMaxIndex(tx, nil, entMeta) return idx, result, nil } func (s *Store) ACLPolicyDeleteByID(idx uint64, id string, entMeta *structs.EnterpriseMeta) error { - return s.aclPolicyDelete(idx, id, s.aclPolicyGetByID, entMeta) + return s.aclPolicyDelete(idx, id, aclPolicyGetByID, entMeta) } func (s *Store) ACLPolicyDeleteByName(idx uint64, name string, entMeta *structs.EnterpriseMeta) error { - return s.aclPolicyDelete(idx, name, s.aclPolicyGetByName, entMeta) + return s.aclPolicyDelete(idx, name, aclPolicyGetByName, entMeta) } func (s *Store) ACLPolicyBatchDelete(idx uint64, policyIDs []string) error { @@ -1266,7 +1265,7 @@ func (s *Store) ACLPolicyBatchDelete(idx uint64, policyIDs []string) error { defer tx.Abort() for _, policyID := range policyIDs { - if err := s.aclPolicyDeleteTxn(tx, idx, policyID, s.aclPolicyGetByID, nil); err != nil { + if err := s.aclPolicyDeleteTxn(tx, idx, policyID, aclPolicyGetByID, nil); err != nil { return err } } @@ -1301,7 +1300,7 @@ func (s *Store) aclPolicyDeleteTxn(tx *txn, idx uint64, value string, fn aclPoli return fmt.Errorf("Deletion of the builtin global-management policy is not permitted") } - return s.aclPolicyDeleteWithPolicy(tx, policy, idx) + return aclPolicyDeleteWithPolicy(tx, policy, idx) } func (s *Store) ACLRoleBatchSet(idx uint64, roles structs.ACLRoles, allowMissingPolicyIDs bool) error { @@ -1338,7 +1337,7 @@ func (s *Store) aclRoleSetTxn(tx *txn, idx uint64, role *structs.ACLRole, allowM return ErrMissingACLRoleName } - _, existingRaw, err := s.aclRoleGetByID(tx, role.ID, nil) + _, existingRaw, err := aclRoleGetByID(tx, role.ID, nil) if err != nil { return fmt.Errorf("failed acl role lookup: %v", err) } @@ -1349,7 +1348,7 @@ func (s *Store) aclRoleSetTxn(tx *txn, idx uint64, role *structs.ACLRole, allowM } // ensure the name is unique (cannot conflict with another role with a different ID) - _, nameMatch, err := s.aclRoleGetByName(tx, role.Name, &role.EnterpriseMeta) + _, nameMatch, err := aclRoleGetByName(tx, role.Name, &role.EnterpriseMeta) if err != nil { return fmt.Errorf("failed acl role lookup: %v", err) } @@ -1357,7 +1356,7 @@ func (s *Store) aclRoleSetTxn(tx *txn, idx uint64, role *structs.ACLRole, allowM return fmt.Errorf("A role with name %q already exists", role.Name) } - if err := s.resolveRolePolicyLinks(tx, role, allowMissing); err != nil { + if err := resolveRolePolicyLinks(tx, role, allowMissing); err != nil { return err } @@ -1389,17 +1388,17 @@ func (s *Store) aclRoleSetTxn(tx *txn, idx uint64, role *structs.ACLRole, allowM role.ModifyIndex = idx } - return s.aclRoleInsert(tx, role) + return aclRoleInsert(tx, role) } type aclRoleGetFn func(*txn, string, *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) func (s *Store) ACLRoleGetByID(ws memdb.WatchSet, id string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLRole, error) { - return s.aclRoleGet(ws, id, s.aclRoleGetByID, entMeta) + return s.aclRoleGet(ws, id, aclRoleGetByID, entMeta) } func (s *Store) ACLRoleGetByName(ws memdb.WatchSet, name string, entMeta *structs.EnterpriseMeta) (uint64, *structs.ACLRole, error) { - return s.aclRoleGet(ws, name, s.aclRoleGetByName, entMeta) + return s.aclRoleGet(ws, name, aclRoleGetByName, entMeta) } func (s *Store) ACLRoleBatchGet(ws memdb.WatchSet, ids []string) (uint64, structs.ACLRoles, error) { @@ -1408,7 +1407,7 @@ func (s *Store) ACLRoleBatchGet(ws memdb.WatchSet, ids []string) (uint64, struct roles := make(structs.ACLRoles, 0, len(ids)) for _, rid := range ids { - role, err := s.getRoleWithTxn(tx, ws, rid, s.aclRoleGetByID, nil) + role, err := getRoleWithTxn(tx, ws, rid, aclRoleGetByID, nil) if err != nil { return 0, nil, err } @@ -1423,7 +1422,7 @@ func (s *Store) ACLRoleBatchGet(ws memdb.WatchSet, ids []string) (uint64, struct return idx, roles, nil } -func (s *Store) getRoleWithTxn(tx *txn, ws memdb.WatchSet, value string, fn aclRoleGetFn, entMeta *structs.EnterpriseMeta) (*structs.ACLRole, error) { +func getRoleWithTxn(tx *txn, ws memdb.WatchSet, value string, fn aclRoleGetFn, entMeta *structs.EnterpriseMeta) (*structs.ACLRole, error) { watchCh, rawRole, err := fn(tx, value, entMeta) if err != nil { return nil, fmt.Errorf("failed acl role lookup: %v", err) @@ -1432,7 +1431,7 @@ func (s *Store) getRoleWithTxn(tx *txn, ws memdb.WatchSet, value string, fn aclR if rawRole != nil { role := rawRole.(*structs.ACLRole) - role, err := s.fixupRolePolicyLinks(tx, role) + role, err := fixupRolePolicyLinks(tx, role) if err != nil { return nil, err } @@ -1446,7 +1445,7 @@ func (s *Store) aclRoleGet(ws memdb.WatchSet, value string, fn aclRoleGetFn, ent tx := s.db.Txn(false) defer tx.Abort() - role, err := s.getRoleWithTxn(tx, ws, value, fn, entMeta) + role, err := getRoleWithTxn(tx, ws, value, fn, entMeta) if err != nil { return 0, nil, err } @@ -1477,7 +1476,7 @@ func (s *Store) ACLRoleList(ws memdb.WatchSet, policy string, entMeta *structs.E var result structs.ACLRoles for raw := iter.Next(); raw != nil; raw = iter.Next() { role := raw.(*structs.ACLRole) - role, err := s.fixupRolePolicyLinks(tx, role) + role, err := fixupRolePolicyLinks(tx, role) if err != nil { return 0, nil, err } @@ -1491,11 +1490,11 @@ func (s *Store) ACLRoleList(ws memdb.WatchSet, policy string, entMeta *structs.E } func (s *Store) ACLRoleDeleteByID(idx uint64, id string, entMeta *structs.EnterpriseMeta) error { - return s.aclRoleDelete(idx, id, s.aclRoleGetByID, entMeta) + return s.aclRoleDelete(idx, id, aclRoleGetByID, entMeta) } func (s *Store) ACLRoleDeleteByName(idx uint64, name string, entMeta *structs.EnterpriseMeta) error { - return s.aclRoleDelete(idx, name, s.aclRoleGetByName, entMeta) + return s.aclRoleDelete(idx, name, aclRoleGetByName, entMeta) } func (s *Store) ACLRoleBatchDelete(idx uint64, roleIDs []string) error { @@ -1503,7 +1502,7 @@ func (s *Store) ACLRoleBatchDelete(idx uint64, roleIDs []string) error { defer tx.Abort() for _, roleID := range roleIDs { - if err := s.aclRoleDeleteTxn(tx, idx, roleID, s.aclRoleGetByID, nil); err != nil { + if err := s.aclRoleDeleteTxn(tx, idx, roleID, aclRoleGetByID, nil); err != nil { return err } } diff --git a/agent/consul/state/acl_oss.go b/agent/consul/state/acl_oss.go index a3e19bc2df..df178fa652 100644 --- a/agent/consul/state/acl_oss.go +++ b/agent/consul/state/acl_oss.go @@ -206,7 +206,7 @@ func authMethodsTableSchema() *memdb.TableSchema { ///// ACL Policy Functions ///// /////////////////////////////////////////////////////////////////////////////// -func (s *Store) aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error { +func aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error { if err := tx.Insert("acl-policies", policy); err != nil { return fmt.Errorf("failed inserting acl policy: %v", err) } @@ -218,19 +218,19 @@ func (s *Store) aclPolicyInsert(tx *txn, policy *structs.ACLPolicy) error { return nil } -func (s *Store) aclPolicyGetByID(tx *txn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { +func aclPolicyGetByID(tx *txn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { return tx.FirstWatch("acl-policies", "id", id) } -func (s *Store) aclPolicyGetByName(tx *txn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { +func aclPolicyGetByName(tx *txn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { return tx.FirstWatch("acl-policies", "name", name) } -func (s *Store) aclPolicyList(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { +func aclPolicyList(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get("acl-policies", "id") } -func (s *Store) aclPolicyDeleteWithPolicy(tx *txn, policy *structs.ACLPolicy, idx uint64) error { +func aclPolicyDeleteWithPolicy(tx *txn, policy *structs.ACLPolicy, idx uint64) error { // remove the policy if err := tx.Delete("acl-policies", policy); err != nil { return fmt.Errorf("failed deleting acl policy: %v", err) @@ -243,11 +243,11 @@ func (s *Store) aclPolicyDeleteWithPolicy(tx *txn, policy *structs.ACLPolicy, id return nil } -func (s *Store) aclPolicyMaxIndex(tx *txn, _ *structs.ACLPolicy, _ *structs.EnterpriseMeta) uint64 { +func aclPolicyMaxIndex(tx *txn, _ *structs.ACLPolicy, _ *structs.EnterpriseMeta) uint64 { return maxIndexTxn(tx, "acl-policies") } -func (s *Store) aclPolicyUpsertValidateEnterprise(*txn, *structs.ACLPolicy, *structs.ACLPolicy) error { +func aclPolicyUpsertValidateEnterprise(*txn, *structs.ACLPolicy, *structs.ACLPolicy) error { return nil } @@ -259,7 +259,7 @@ func (s *Store) ACLPolicyUpsertValidateEnterprise(*structs.ACLPolicy, *structs.A ///// ACL Token Functions ///// /////////////////////////////////////////////////////////////////////////////// -func (s *Store) aclTokenInsert(tx *txn, token *structs.ACLToken) error { +func aclTokenInsert(tx *txn, token *structs.ACLToken) error { // insert the token into memdb if err := tx.Insert("acl-tokens", token); err != nil { return fmt.Errorf("failed inserting acl token: %v", err) @@ -273,19 +273,19 @@ func (s *Store) aclTokenInsert(tx *txn, token *structs.ACLToken) error { return nil } -func (s *Store) aclTokenGetFromIndex(tx *txn, id string, index string, entMeta *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { +func aclTokenGetFromIndex(tx *txn, id string, index string, entMeta *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { return tx.FirstWatch("acl-tokens", index, id) } -func (s *Store) aclTokenListAll(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { +func aclTokenListAll(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get("acl-tokens", "id") } -func (s *Store) aclTokenListLocal(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { +func aclTokenListLocal(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get("acl-tokens", "local", true) } -func (s *Store) aclTokenListGlobal(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { +func aclTokenListGlobal(tx *txn, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get("acl-tokens", "local", false) } @@ -297,11 +297,11 @@ func aclTokenListByRole(tx ReadTxn, role string, _ *structs.EnterpriseMeta) (mem return tx.Get("acl-tokens", "roles", role) } -func (s *Store) aclTokenListByAuthMethod(tx *txn, authMethod string, _, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { +func aclTokenListByAuthMethod(tx *txn, authMethod string, _, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get("acl-tokens", "authmethod", authMethod) } -func (s *Store) aclTokenDeleteWithToken(tx *txn, token *structs.ACLToken, idx uint64) error { +func aclTokenDeleteWithToken(tx *txn, token *structs.ACLToken, idx uint64) error { // remove the token if err := tx.Delete("acl-tokens", token); err != nil { return fmt.Errorf("failed deleting acl token: %v", err) @@ -314,11 +314,11 @@ func (s *Store) aclTokenDeleteWithToken(tx *txn, token *structs.ACLToken, idx ui return nil } -func (s *Store) aclTokenMaxIndex(tx *txn, _ *structs.ACLToken, entMeta *structs.EnterpriseMeta) uint64 { +func aclTokenMaxIndex(tx *txn, _ *structs.ACLToken, entMeta *structs.EnterpriseMeta) uint64 { return maxIndexTxn(tx, "acl-tokens") } -func (s *Store) aclTokenUpsertValidateEnterprise(tx *txn, token *structs.ACLToken, existing *structs.ACLToken) error { +func aclTokenUpsertValidateEnterprise(tx *txn, token *structs.ACLToken, existing *structs.ACLToken) error { return nil } @@ -330,7 +330,7 @@ func (s *Store) ACLTokenUpsertValidateEnterprise(token *structs.ACLToken, existi ///// ACL Role Functions ///// /////////////////////////////////////////////////////////////////////////////// -func (s *Store) aclRoleInsert(tx *txn, role *structs.ACLRole) error { +func aclRoleInsert(tx *txn, role *structs.ACLRole) error { // insert the role into memdb if err := tx.Insert("acl-roles", role); err != nil { return fmt.Errorf("failed inserting acl role: %v", err) @@ -343,11 +343,11 @@ func (s *Store) aclRoleInsert(tx *txn, role *structs.ACLRole) error { return nil } -func (s *Store) aclRoleGetByID(tx *txn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { +func aclRoleGetByID(tx *txn, id string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { return tx.FirstWatch("acl-roles", "id", id) } -func (s *Store) aclRoleGetByName(tx *txn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { +func aclRoleGetByName(tx *txn, name string, _ *structs.EnterpriseMeta) (<-chan struct{}, interface{}, error) { return tx.FirstWatch("acl-roles", "name", name) } diff --git a/agent/consul/state/acl_test.go b/agent/consul/state/acl_test.go index 7af427fe46..24ab96e0e3 100644 --- a/agent/consul/state/acl_test.go +++ b/agent/consul/state/acl_test.go @@ -4105,7 +4105,7 @@ func TestStateStore_resolveACLLinks(t *testing.T) { }, } - _, err := s.resolveACLLinks(tx, links, func(*txn, string) (string, error) { + _, err := resolveACLLinks(tx, links, func(*txn, string) (string, error) { err := fmt.Errorf("Should not be attempting to resolve an empty id") require.Fail(t, err.Error()) return "", err @@ -4131,7 +4131,7 @@ func TestStateStore_resolveACLLinks(t *testing.T) { }, } - numValid, err := s.resolveACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { + numValid, err := resolveACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { switch linkID { case "e81887b4-836b-4053-a1fa-7e8305902be9": return "foo", nil @@ -4161,7 +4161,7 @@ func TestStateStore_resolveACLLinks(t *testing.T) { }, } - numValid, err := s.resolveACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { + numValid, err := resolveACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { require.Equal(t, "b985e082-25d3-45a9-9dd8-fd1a41b83b0d", linkID) return "", nil }) @@ -4201,7 +4201,7 @@ func TestStateStore_fixupACLLinks(t *testing.T) { tx := s.db.Txn(false) defer tx.Abort() - newLinks, cloned, err := s.fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { + newLinks, cloned, err := fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { switch linkID { case "40b57f86-97ea-40e4-a99a-c399cc81f4dd": return "foo", nil @@ -4228,7 +4228,7 @@ func TestStateStore_fixupACLLinks(t *testing.T) { tx := s.db.Txn(false) defer tx.Abort() - newLinks, cloned, err := s.fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { + newLinks, cloned, err := fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { switch linkID { case "40b57f86-97ea-40e4-a99a-c399cc81f4dd": return "foo", nil @@ -4260,7 +4260,7 @@ func TestStateStore_fixupACLLinks(t *testing.T) { tx := s.db.Txn(false) defer tx.Abort() - newLinks, cloned, err := s.fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { + newLinks, cloned, err := fixupACLLinks(tx, links, func(_ *txn, linkID string) (string, error) { switch linkID { case "40b57f86-97ea-40e4-a99a-c399cc81f4dd": return "foo", nil @@ -4287,7 +4287,7 @@ func TestStateStore_fixupACLLinks(t *testing.T) { tx := s.db.Txn(false) defer tx.Abort() - _, _, err := s.fixupACLLinks(tx, links, func(*txn, string) (string, error) { + _, _, err := fixupACLLinks(tx, links, func(*txn, string) (string, error) { return "", fmt.Errorf("Resolver Error") })