// NewAllWatcher returns a new API server endpoint for interacting
// with a watcher created by the WatchAll and WatchAllModels API calls.
func NewAllWatcher(context facade.Context) (facade.Facade, error) {
id := context.ID()
auth := context.Auth()
resources := context.Resources()
// HasPermission should not be replaced by auth.AuthClient() even if, at first sight, they seem
// equivalent because this allows us to remove login permission for a user
// (a permission that is given by default).
isAuthorized, err := auth.HasPermission(permission.LoginAccess, context.State().ControllerTag())
if err != nil {
return nil, errors.Trace(err)
}
if !isAuthorized {
return nil, common.ErrPerm
}
watcher, ok := resources.Get(id).(*state.Multiwatcher)
if !ok {
return nil, common.ErrUnknownWatcher
}
return &SrvAllWatcher{
watcher: watcher,
id: id,
resources: resources,
}, nil
}
func newFilesystemAttachmentsWatcher(context facade.Context) (facade.Facade, error) {
id := context.ID()
auth := context.Auth()
resources := context.Resources()
st := context.State()
return newMachineStorageIdsWatcher(
st, resources, auth, id, storagecommon.ParseFilesystemAttachmentIds,
)
}
func newMigrationStatusWatcher(context facade.Context) (facade.Facade, error) {
id := context.ID()
auth := context.Auth()
resources := context.Resources()
st := context.State()
if !(auth.AuthMachineAgent() || auth.AuthUnitAgent()) {
return nil, common.ErrPerm
}
w, ok := resources.Get(id).(state.NotifyWatcher)
if !ok {
return nil, common.ErrUnknownWatcher
}
return &srvMigrationStatusWatcher{
watcher: w,
id: id,
resources: resources,
st: getMigrationBackend(st),
}, nil
}