Beispiel #1
0
func (p *Planner) checkSingleKlient(k *kite.Kite, label, kiteID string) *DialState {
	kiteID, err := utils.QueryString(kiteID)
	if err != nil {
		return &DialState{
			Label:  label,
			KiteID: kiteID,
			State:  "dial",
			Err:    err,
		}
	}

	start := time.Now()

	c, err := klient.NewWithTimeout(k, kiteID, p.klientTimeout())
	if err == klient.ErrDialingFailed {
		return &DialState{
			Label:   label,
			KiteID:  kiteID,
			KiteURL: c.Client.URL,
			State:   "dial",
			Err:     err,
		}
	}

	if err != nil {
		return &DialState{
			Label:  label,
			KiteID: kiteID,
			State:  "kontrol",
			Err:    err,
		}
	}

	defer c.Close()

	left := p.klientTimeout() - time.Now().Sub(start)

	err = c.PingTimeout(max(left, klient.DefaultTimeout))
	if err != nil {
		return &DialState{
			Label:  label,
			KiteID: kiteID,
			State:  "ping",
			Err:    err,
		}
	}

	if p.OnDial != nil {
		err = p.OnDial(c.Client)
	}

	return &DialState{
		Label:   label,
		KiteID:  kiteID,
		KiteURL: c.Client.URL,
		State:   "provider",
		Err:     err,
	}
}
Beispiel #2
0
func (k *Kloud) authorizedKlient(r *kite.Request) (*klient.Klient, error) {
	if r.Args == nil {
		return nil, NewError(ErrNoArguments)
	}

	var args *AdminRequest
	if err := r.Args.One().Unmarshal(&args); err != nil {
		return nil, err
	}

	if args.MachineId == "" {
		return nil, errors.New("machineId is not passed")
	}

	if args.GroupName == "" {
		return nil, errors.New("groupName is not passed")
	}

	k.Log.Debug("Got arguments %+v for method: %s", args, r.Method)

	isAdmin, err := modelhelper.IsAdmin(r.Username, args.GroupName)
	if err != nil {
		return nil, err
	}

	if !isAdmin {
		return nil, fmt.Errorf("User '%s' is not an admin of group '%s'", r.Username, args.GroupName)
	}

	k.Log.Debug("User '%s' is an admin. Checking for machine permission", r.Username)

	machine, err := modelhelper.GetMachine(args.MachineId)
	if err != nil {
		return nil, fmt.Errorf("getMachine(%s) err: %s", args.MachineId, err)
	}

	g, err := modelhelper.GetGroup(args.GroupName)
	if err != nil {
		return nil, err
	}

	isGroupMember := false
	for _, group := range machine.Groups {
		if group.Id.Hex() == g.Id.Hex() {
			isGroupMember = true
		}
	}
	if !isGroupMember {
		return nil, fmt.Errorf("'%s' machine does not belong to '%s' group",
			args.MachineId, args.GroupName)
	}

	k.Log.Debug("Incoming user is authorized, setting up DB and Klient connection")

	// Now we are ready to go.
	ctx := request.NewContext(context.Background(), r)
	ctx = k.ContextCreator(ctx)
	sess, ok := session.FromContext(ctx)
	if !ok {
		return nil, errors.New("internal server error (err: session context is not available)")
	}

	k.Log.Debug("Calling Klient method: %s", r.Method)
	return klient.NewWithTimeout(sess.Kite, machine.QueryString, time.Second*10)
}