// NewREST returns a RESTStorage object that will work against groups
func NewREST(s storage.Interface) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.Group{} },
NewListFunc: func() runtime.Object { return &api.GroupList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.Group).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return group.MatchGroup(label, field)
},
EndpointName: "groups",
CreateStrategy: group.Strategy,
UpdateStrategy: group.Strategy,
Storage: s,
}
return &REST{store}
}
// NewStorage returns a RESTStorage object that will work against nodes.
func NewStorage(s storage.Interface) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &authorizationapi.ClusterPolicy{} },
NewListFunc: func() runtime.Object { return &authorizationapi.ClusterPolicyList{} },
EndpointName: "clusterpolicy",
KeyRootFunc: func(ctx kapi.Context) string {
return ClusterPolicyPath
},
KeyFunc: func(ctx kapi.Context, id string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, ClusterPolicyPath, id)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*authorizationapi.ClusterPolicy).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return clusterpolicy.Matcher(label, field)
},
CreateStrategy: clusterpolicy.Strategy,
UpdateStrategy: clusterpolicy.Strategy,
Storage: s,
}
return &REST{store}
}
// NewREST returns a RESTStorage object that will work against identites
func NewREST(s storage.Interface) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.Identity{} },
NewListFunc: func() runtime.Object { return &api.IdentityList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.Identity).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return identity.MatchIdentity(label, field)
},
EndpointName: "identities",
Storage: s,
}
store.CreateStrategy = identity.Strategy
store.UpdateStrategy = identity.Strategy
return &REST{*store}
}
// NewREST returns a RESTStorage object that will work against oauth clients
func NewREST(h tools.EtcdHelper) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.OAuthClientAuthorization{} },
NewListFunc: func() runtime.Object { return &api.OAuthClientAuthorizationList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthClientAuthorization).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthclientauthorization.Matcher(label, field)
},
EndpointName: "oauthclientauthorizations",
Helper: h,
}
store.CreateStrategy = oauthclientauthorization.Strategy
store.UpdateStrategy = oauthclientauthorization.Strategy
return &REST{*store}
}
// NewREST returns a RESTStorage object that will work against access tokens
func NewREST(h tools.EtcdHelper) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.OAuthAccessToken{} },
NewListFunc: func() runtime.Object { return &api.OAuthAccessTokenList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthAccessToken).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthaccesstoken.Matcher(label, field)
},
TTLFunc: func(obj runtime.Object, existing uint64, update bool) (uint64, error) {
token := obj.(*api.OAuthAccessToken)
expires := uint64(token.ExpiresIn)
return expires, nil
},
EndpointName: "oauthaccesstokens",
Helper: h,
}
store.CreateStrategy = oauthaccesstoken.Strategy
return &REST{store}
}
// NewStorage returns a RESTStorage object that will work against nodes.
func NewStorage(optsGetter restoptions.Getter) (*REST, error) {
store := ®istry.Store{
NewFunc: func() runtime.Object { return &authorizationapi.ClusterPolicy{} },
NewListFunc: func() runtime.Object { return &authorizationapi.ClusterPolicyList{} },
QualifiedResource: authorizationapi.Resource("clusterpolicies"),
KeyRootFunc: func(ctx kapi.Context) string {
return ClusterPolicyPath
},
KeyFunc: func(ctx kapi.Context, id string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, ClusterPolicyPath, id)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*authorizationapi.ClusterPolicy).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return clusterpolicy.Matcher(label, field)
},
CreateStrategy: clusterpolicy.Strategy,
UpdateStrategy: clusterpolicy.Strategy,
}
if err := restoptions.ApplyOptions(optsGetter, store, ClusterPolicyPath); err != nil {
return nil, err
}
return &REST{store}, nil
}
// NewREST returns a RESTStorage object that will work against oauth clients
func NewREST(optsGetter restoptions.Getter) (*REST, error) {
store := ®istry.Store{
NewFunc: func() runtime.Object { return &api.OAuthClient{} },
NewListFunc: func() runtime.Object { return &api.OAuthClientList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthClient).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthclient.Matcher(label, field)
},
QualifiedResource: api.Resource("oauthclients"),
CreateStrategy: oauthclient.Strategy,
UpdateStrategy: oauthclient.Strategy,
}
if err := restoptions.ApplyOptions(optsGetter, store, EtcdPrefix); err != nil {
return nil, err
}
return &REST{*store}, nil
}
// NewStorage returns a RESTStorage object that will work against nodes.
func NewStorage(optsGetter restoptions.Getter) (*REST, error) {
store := ®istry.Store{
NewFunc: func() runtime.Object { return "aapi.ClusterResourceQuota{} },
NewListFunc: func() runtime.Object { return "aapi.ClusterResourceQuotaList{} },
QualifiedResource: quotaapi.Resource("clusterresourcequotas"),
KeyRootFunc: func(ctx kapi.Context) string {
return ClusterResourceQuotaPath
},
KeyFunc: func(ctx kapi.Context, id string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, ClusterResourceQuotaPath, id)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*quotaapi.ClusterResourceQuota).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return Matcher(label, field)
},
CreateStrategy: Strategy,
UpdateStrategy: Strategy,
DeleteStrategy: Strategy,
ReturnDeletedObject: false,
}
if err := restoptions.ApplyOptions(optsGetter, store, ClusterResourceQuotaPath); err != nil {
return nil, err
}
return &REST{store}, nil
}
// NewREST returns a RESTStorage object that will work against users
func NewREST(s storage.Interface) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.User{} },
NewListFunc: func() runtime.Object { return &api.UserList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.User).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return user.Matcher(label, field)
},
QualifiedResource: api.Resource("users"),
Storage: s,
}
store.CreateStrategy = user.Strategy
store.UpdateStrategy = user.Strategy
return &REST{*store}
}
// NewREST returns a RESTStorage object that will work against oauth clients
func NewREST(s storage.Interface, clientGetter oauthclient.Getter) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.OAuthClientAuthorization{} },
NewListFunc: func() runtime.Object { return &api.OAuthClientAuthorizationList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthClientAuthorization).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthclientauthorization.Matcher(label, field)
},
QualifiedResource: api.Resource("oauthclientauthorizations"),
Storage: s,
}
store.CreateStrategy = oauthclientauthorization.NewStrategy(clientGetter)
store.UpdateStrategy = oauthclientauthorization.NewStrategy(clientGetter)
return &REST{*store}
}
// NewREST returns a RESTStorage object that will work against access tokens
func NewREST(optsGetter restoptions.Getter, clientGetter oauthclient.Getter, backends ...storage.Interface) (*REST, error) {
strategy := oauthaccesstoken.NewStrategy(clientGetter)
store := ®istry.Store{
NewFunc: func() runtime.Object { return &api.OAuthAccessToken{} },
NewListFunc: func() runtime.Object { return &api.OAuthAccessTokenList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthAccessToken).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthaccesstoken.Matcher(label, field)
},
TTLFunc: func(obj runtime.Object, existing uint64, update bool) (uint64, error) {
token := obj.(*api.OAuthAccessToken)
expires := uint64(token.ExpiresIn)
return expires, nil
},
QualifiedResource: api.Resource("oauthaccesstokens"),
CreateStrategy: strategy,
UpdateStrategy: strategy,
}
if err := restoptions.ApplyOptions(optsGetter, store, EtcdPrefix); err != nil {
return nil, err
}
if len(backends) > 0 {
// Build identical stores that talk to a single etcd, so we can verify the token is distributed after creation
watchers := []rest.Watcher{}
for i := range backends {
watcher := *store
watcher.Storage = backends[i]
watchers = append(watchers, &watcher)
}
// Observe the cluster for the particular resource version, requiring at least one backend to succeed
observer := observe.NewClusterObserver(store.Storage.Versioner(), watchers, 1)
// After creation, wait for the new token to propagate
store.AfterCreate = func(obj runtime.Object) error {
return observer.ObserveResourceVersion(obj.(*api.OAuthAccessToken).ResourceVersion, 5*time.Second)
}
}
return &REST{store}, nil
}
// NewREST returns a RESTStorage object that will work against authorize tokens
func NewREST(s storage.Interface, backends ...storage.Interface) *REST {
store := &etcdgeneric.Etcd{
NewFunc: func() runtime.Object { return &api.OAuthAuthorizeToken{} },
NewListFunc: func() runtime.Object { return &api.OAuthAuthorizeTokenList{} },
KeyRootFunc: func(ctx kapi.Context) string {
return EtcdPrefix
},
KeyFunc: func(ctx kapi.Context, name string) (string, error) {
return util.NoNamespaceKeyFunc(ctx, EtcdPrefix, name)
},
ObjectNameFunc: func(obj runtime.Object) (string, error) {
return obj.(*api.OAuthAuthorizeToken).Name, nil
},
PredicateFunc: func(label labels.Selector, field fields.Selector) generic.Matcher {
return oauthauthorizetoken.Matcher(label, field)
},
TTLFunc: func(obj runtime.Object, existing uint64, update bool) (uint64, error) {
token := obj.(*api.OAuthAuthorizeToken)
expires := uint64(token.ExpiresIn)
return expires, nil
},
EndpointName: "oauthauthorizetokens",
Storage: s,
}
store.CreateStrategy = oauthauthorizetoken.Strategy
if len(backends) > 0 {
// Build identical stores that talk to a single etcd, so we can verify the token is distributed after creation
watchers := []rest.Watcher{}
for i := range backends {
watcher := *store
watcher.Storage = backends[i]
watchers = append(watchers, &watcher)
}
// Observe the cluster for the particular resource version, requiring at least one backend to succeed
observer := observe.NewClusterObserver(s.Versioner(), watchers, 1)
// After creation, wait for the new token to propagate
store.AfterCreate = func(obj runtime.Object) error {
return observer.ObserveResourceVersion(obj.(*api.OAuthAuthorizeToken).ResourceVersion, 5*time.Second)
}
}
return &REST{store}
}