github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

update guide to reflect tenancy and scope (#18687) 

* update guide to reflect tenancy and scope

* Apply suggestions from code review

Co-authored-by: Semir Patel <semir.patel@hashicorp.com>

* update ACLHooks signature

* Update docs/resources/guide.md

Co-authored-by: Semir Patel <semir.patel@hashicorp.com>

---------

Co-authored-by: Semir Patel <semir.patel@hashicorp.com>
pull/18692/head
Dhia Ayachi 1 year ago committed by GitHub
parent
60b0485497
commit
ec507fe4a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 27
      docs/resources/guide.md

27
docs/resources/guide.md
Unescape View File

@ -55,11 +55,15 @@ var BarV1Alpha1Type = &pbresource.Type{
func RegisterTypes(r resource.Registry) {
r.Register(resource.Registration{
Type: BarV1Alpha1Type,
Type: BarV1Alpha1Type,
Scope: resource.ScopePartition,
Proto: &pbv1alpha1.Bar{},
})
}
```
Note that Scope reference the scope of the new resource, `resource.ScopePartition`
mean that resource will be at the partition level and have no namespace, while `resource.ScopeNamespace` mean it will have both a namespace
and a partition.
Update the `NewTypeRegistry` method in [`type_registry.go`] to call your
package's type registration method:
@ -140,7 +144,8 @@ using a validation hook provided in the type registration:
func RegisterTypes(r resource.Registry) {
r.Register(resource.Registration{
Type: BarV1Alpha1Type,
Proto: &pbv1alpha1.Bar{},
Proto: &pbv1alpha1.Bar{},
Scope: resource.ScopeNamespace,
Validate: validateBar,
})
}
@ -172,7 +177,8 @@ a set of ACL hooks:
func RegisterTypes(r resource.Registry) {
r.Register(resource.Registration{
Type: BarV1Alpha1Type,
Proto: &pbv1alpha1.Bar{},
Proto: &pbv1alpha1.Bar{},
Scope: resource.ScopeNamespace,
ACLs: &resource.ACLHooks{,
Read: authzReadBar,
Write: authzWriteBar,
@ -181,19 +187,19 @@ func RegisterTypes(r resource.Registry) {
})
}
func authzReadBar(authz acl.Authorizer, id *pbresource.ID) error {
func authzReadBar(authz acl.Authorizer, authzContext *acl.AuthorizerContext, id *pbresource.ID) error {
return authz.ToAllowAuthorizer().
BarReadAllowed(id.Name, resource.AuthorizerContext(id.Tenancy))
BarReadAllowed(id.Name, authzContext)
}
func authzWriteBar(authz acl.Authorizer, id *pbresource.ID) error {
func authzWriteBar(authz acl.Authorizer, authzContext *acl.AuthorizerContext, res *pbresource.Resource) error {
return authz.ToAllowAuthorizer().
BarWriteAllowed(id.Name, resource.AuthorizerContext(id.Tenancy))
BarWriteAllowed(res.ID().Name, authzContext)
}
func authzListBar(authz acl.Authorizer, ten *pbresource.Tenancy) error {
func authzListBar(authz acl.Authorizer, authzContext *acl.AuthorizerContext) error {
return authz.ToAllowAuthorizer().
BarListAllowed(resource.AuthorizerContext(ten))
BarListAllowed(authzContext)
}
```
@ -210,7 +216,8 @@ by providing a mutation hook:
func RegisterTypes(r resource.Registry) {
r.Register(resource.Registration{
Type: BarV1Alpha1Type,
Proto: &pbv1alpha1.Bar{},
Proto: &pbv1alpha1.Bar{},
Scope: resource.ScopeNamespace,
Mutate: mutateBar,
})
}

Write Preview
Loading…
Cancel
Save