// NewDeployerAPI creates a new client-side DeployerAPI facade.
func NewDeployerAPI(
st *state.State,
resources *common.Resources,
authorizer common.Authorizer,
) (*DeployerAPI, error) {
if !authorizer.AuthMachineAgent() {
return nil, common.ErrPerm
}
getAuthFunc := func() (common.AuthFunc, error) {
// Get all units of the machine and cache them.
knownUnits := set.NewStrings()
thisMachineTag := authorizer.GetAuthTag()
if units, err := getAllUnits(st, thisMachineTag); err != nil {
return nil, err
} else {
for _, unit := range units {
knownUnits.Add(unit)
}
}
// Then we just check if the unit is already known.
return func(tag string) bool {
unitName := state.UnitNameFromTag(tag)
return knownUnits.Contains(unitName)
}, nil
}
return &DeployerAPI{
Remover: common.NewRemover(st, getAuthFunc),
PasswordChanger: common.NewPasswordChanger(st, getAuthFunc),
LifeGetter: common.NewLifeGetter(st, getAuthFunc),
st: st,
resources: resources,
authorizer: authorizer,
}, nil
}
// NewDeployerAPI creates a new client-side DeployerAPI facade.
func NewDeployerAPI(
st *state.State,
resources *common.Resources,
authorizer common.Authorizer,
) (*DeployerAPI, error) {
if !authorizer.AuthMachineAgent() {
return nil, common.ErrPerm
}
getAuthFunc := func() (common.AuthFunc, error) {
// Get all units of the machine and cache them.
thisMachineTag := authorizer.GetAuthTag()
units, err := getAllUnits(st, thisMachineTag)
if err != nil {
return nil, err
}
// Then we just check if the unit is already known.
return func(tag string) bool {
for _, unit := range units {
if names.UnitTag(unit) == tag {
return true
}
}
return false
}, nil
}
return &DeployerAPI{
Remover: common.NewRemover(st, getAuthFunc),
PasswordChanger: common.NewPasswordChanger(st, getAuthFunc),
LifeGetter: common.NewLifeGetter(st, getAuthFunc),
st: st,
resources: resources,
authorizer: authorizer,
}, nil
}
// NewUpgraderAPI creates a new client-side UpgraderAPI facade.
func NewUpgraderAPI(
st *state.State,
resources *common.Resources,
authorizer common.Authorizer,
) (*UpgraderAPI, error) {
if !authorizer.AuthMachineAgent() && !authorizer.AuthUnitAgent() {
return nil, common.ErrPerm
}
return &UpgraderAPI{st: st, resources: resources, authorizer: authorizer}, nil
}
// NewUpgraderAPI creates a new client-side UpgraderAPI facade.
func NewUpgraderAPI(
st *state.State,
resources *common.Resources,
authorizer common.Authorizer,
) (*UpgraderAPI, error) {
// TODO: Unit agents are also allowed to use this API
if !authorizer.AuthMachineAgent() {
return nil, common.ErrPerm
}
return &UpgraderAPI{st: st, resources: resources, authorizer: authorizer}, nil
}
// NewAgentAPI returns an object implementing the machine agent API
// with the given authorizer representing the currently logged in client.
// DEPRECATED(v1.14)
func NewAgentAPI(st *state.State, auth common.Authorizer) (*AgentAPI, error) {
if !auth.AuthMachineAgent() {
return nil, common.ErrPerm
}
getCanChange := func() (common.AuthFunc, error) {
return auth.AuthOwner, nil
}
return &AgentAPI{
PasswordChanger: common.NewPasswordChanger(st, getCanChange),
st: st,
auth: auth,
}, nil
}
// NewAPI returns an object implementing an agent API
// with the given authorizer representing the currently logged in client.
func NewAPI(st *state.State, auth common.Authorizer) (*API, error) {
// Agents are defined to be any user that's not a client user.
if !auth.AuthMachineAgent() && !auth.AuthUnitAgent() {
return nil, common.ErrPerm
}
getCanChange := func() (common.AuthFunc, error) {
return auth.AuthOwner, nil
}
return &API{
PasswordChanger: common.NewPasswordChanger(st, getCanChange),
st: st,
auth: auth,
}, nil
}
// NewAgentAPI returns an object implementing the machine agent API
// with the given authorizer representing the currently logged in client.
func NewAgentAPI(st *state.State, auth common.Authorizer) (*AgentAPI, error) {
if !auth.AuthMachineAgent() {
return nil, common.ErrPerm
}
getCanChange := func() (common.AuthFunc, error) {
// TODO(go1.1): method expression
return func(tag string) bool {
return auth.AuthOwner(tag)
}, nil
}
return &AgentAPI{
st: st,
auth: auth,
PasswordChanger: common.NewPasswordChanger(st, getCanChange),
}, nil
}
// NewUniterAPI creates a new instance of the Uniter API.
func NewUniterAPI(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*UniterAPI, error) {
if !authorizer.AuthUnitAgent() {
return nil, common.ErrPerm
}
getCanRead := func() (common.AuthFunc, error) {
return authorizer.AuthOwner, nil
}
return &UniterAPI{
LifeGetter: common.NewLifeGetter(st, getCanRead),
StatusSetter: common.NewStatusSetter(st, getCanRead),
DeadEnsurer: common.NewDeadEnsurer(st, getCanRead),
AgentEntityWatcher: common.NewAgentEntityWatcher(st, resources, getCanRead),
st: st,
auth: authorizer,
}, nil
}
// NewMachinerAPI creates a new instance of the Machiner API.
func NewMachinerAPI(st *state.State, resources *common.Resources, authorizer common.Authorizer) (*MachinerAPI, error) {
if !authorizer.AuthMachineAgent() {
return nil, common.ErrPerm
}
getCanRead := func() (common.AuthFunc, error) {
return func(tag string) bool {
// TODO(go1.1): method expression
return authorizer.AuthOwner(tag)
}, nil
}
return &MachinerAPI{
LifeGetter: common.NewLifeGetter(st, getCanRead),
st: st,
resources: resources,
auth: authorizer,
}, nil
}
