func (d *Daemon) policyAdd(path string, node *policy.Node) error {
var (
currNode, parentNode *policy.Node
err error
)
if node.Name == "" {
path, node.Name = policy.SplitNodePath(path)
} else if strings.Contains(node.Name, ".") && node.Name != common.GlobalLabelPrefix {
path, node.Name = policy.SplitNodePath(path + "." + node.Name)
}
currNode, parentNode, err = d.findNode(path)
if err != nil {
return err
}
log.Debugf("Policy currNode %+v, parentNode %+v", currNode, parentNode)
// eg. path = io.cilium.lizards.foo.db and io.cilium.lizards doesn't exist
if (currNode == nil && parentNode == nil) ||
// eg. path = io.cilium.lizards.foo and io.cilium.lizards.foo doesn't exist
(currNode == nil && parentNode != nil) {
pn := policy.NewNode("", nil)
if err := d.policyAdd(path, pn); err != nil {
return err
}
currNode, parentNode, err = d.findNode(path)
if err != nil {
return err
}
log.Debugf("Policy currNode %+v, parentNode %+v", currNode, parentNode)
}
// eg. path = io.cilium
if currNode != nil && parentNode == nil {
if currNode.Name == node.Name {
node.Path()
if err := currNode.Merge(node); err != nil {
return err
}
} else {
if err := currNode.AddChild(node.Name, node); err != nil {
return err
}
}
} else if currNode != nil && parentNode != nil {
// eg. path = io.cilium.lizards.db exists
if err := currNode.AddChild(node.Name, node); err != nil {
return err
}
}
return nil
}
func (router *Router) policyAddForm(w http.ResponseWriter, r *http.Request) {
const _4MBMemory = 4 << 20
err := r.ParseMultipartForm(_4MBMemory)
if err != nil {
processServerError(w, r, err)
return
}
file, _, err := r.FormFile("policy-input-file")
if err != nil {
processServerError(w, r, err)
return
}
var pn policy.Node
if err := json.NewDecoder(file).Decode(&pn); err != nil {
processServerError(w, r, err)
return
}
if err := router.daemon.PolicyAdd(pn.Path(), &pn); err != nil {
processServerError(w, r, err)
return
}
w.WriteHeader(http.StatusCreated)
}