コード例 #1
0
// Get Roles Settings on Etcd instance
func getConfigRoles(c client.Client) []client.Role {
	r := ParametriClusters{}

	rapi := client.NewAuthRoleAPI(c)

	role, err := rapi.ListRoles(context.Background())
	if err != nil {
		log.Printf(err.Error())
	} else {
		log.Printf("Ruoli:\n")
		for _, value := range role {
			log.Printf("%v\n", value)

			cr := client.Role{}

			cr.Role = value

			role, err := rapi.GetRole(context.Background(), cr.Role)
			if err != nil {
				log.Printf(err.Error())
			} else {
				log.Printf("Ruoli: %v\n\t e Permessi:\n Read: %v\n\t Write: %v\n\t", role.Role, role.Permissions.KV.Read, role.Permissions.KV.Write)
			}

			cr.Permissions.KV.Read = role.Permissions.KV.Read
			cr.Permissions.KV.Write = role.Permissions.KV.Write

			r.RoleConfig = append(r.RoleConfig, cr)
		}
	}
	return r.RoleConfig
}
コード例 #2
0
// Add a Role on Etcd
func EtcdAddRole(c client.Client, role client.Role) (string, string) {

	rapi := client.NewAuthRoleAPI(c)

	err := rapi.AddRole(context.Background(), role.Role)

	if err != nil {
		log.Printf("Errore: %v", err)
		return "", err.Error()
	}

	_, err = rapi.GrantRoleKV(context.Background(), role.Role, role.Permissions.KV.Read, client.ReadPermission)

	if err != nil {
		log.Printf("Errore: %v", err)
		return "", err.Error()
	}

	_, err = rapi.GrantRoleKV(context.Background(), role.Role, role.Permissions.KV.Write, client.WritePermission)

	if err != nil {
		log.Printf("Errore: %v", err)
		return "", err.Error()
	}

	return SUCCESS_ROLE, ""
}
コード例 #3
0
ファイル: role_commands.go プロジェクト: carriercomm/etcd
func mustNewAuthRoleAPI(c *cli.Context) client.AuthRoleAPI {
	hc := mustNewClient(c)

	if c.GlobalBool("debug") {
		fmt.Fprintf(os.Stderr, "Cluster-Endpoints: %s\n", strings.Join(hc.Endpoints(), ", "))
	}

	return client.NewAuthRoleAPI(hc)
}
コード例 #4
0
// Change Etcd Role Permissions
func EtcdChangeRolePermissions(c client.Client, role client.Role,
	roleReadPermissionsBegin, roleWritePermissionsBegin,
	roleReadPermissionsEnd, roleWritePermissionsEnd string) (string, string) {

	rapi := client.NewAuthRoleAPI(c)

	grantReadPermissions := getGrant(roleReadPermissionsBegin, roleReadPermissionsEnd)

	if len(grantReadPermissions) > 0 {
		_, err := rapi.GrantRoleKV(context.Background(), role.Role, grantReadPermissions, client.ReadPermission)

		if err != nil {
			log.Printf("Errore: %v", err)
			return "", err.Error()
		}
	}

	revokeReadPermissions := getRevoke(roleReadPermissionsBegin, roleReadPermissionsEnd)

	if len(revokeReadPermissions) > 0 {
		_, err := rapi.RevokeRoleKV(context.Background(), role.Role, revokeReadPermissions, client.ReadPermission)
		if err != nil {
			log.Printf("Errore: %v", err)
			return "", err.Error()
		}
	}

	grantWritePermissions := getGrant(roleWritePermissionsBegin, roleWritePermissionsEnd)

	if len(grantWritePermissions) > 0 {
		_, err := rapi.GrantRoleKV(context.Background(), role.Role, grantWritePermissions, client.WritePermission)

		if err != nil {
			log.Printf("Errore: %v", err)
			return "", err.Error()
		}
	}

	revokeWritePermissions := getRevoke(roleWritePermissionsBegin, roleWritePermissionsEnd)

	if len(revokeWritePermissions) > 0 {
		_, err := rapi.RevokeRoleKV(context.Background(), role.Role, revokeWritePermissions, client.WritePermission)
		if err != nil {
			log.Printf("Errore: %v", err)
			return "", err.Error()
		}
	}

	return SUCCESS_CHANGE_PERMISSION, ""

}
コード例 #5
0
// Delete Etcd Role
func EtcdDeleteRole(c client.Client, role client.Role) (string, string) {
	rapi := client.NewAuthRoleAPI(c)

	etcdRevokeUserRelationshipRole(c, role)

	err := rapi.RemoveRole(context.Background(), role.Role)

	if err != nil {
		log.Printf("Errore: " + err.Error())
		return "", err.Error()
	}

	log.Printf("Ruolo rimosso con successo")

	return SUCCESS_DELETE_ROLE, ""
}
コード例 #6
0
ファイル: kv_etcd.go プロジェクト: portworx/kvdb
// New constructs a new kvdb.Kvdb.
func New(
	domain string,
	machines []string,
	options map[string]string,
	fatalErrorCb kvdb.FatalErrorCB,
) (kvdb.Kvdb, error) {
	if len(machines) == 0 {
		machines = defaultMachines
	}

	etcdCommon := ec.NewEtcdCommon(options)
	tls, username, password, err := etcdCommon.GetAuthInfoFromOptions()
	if err != nil {
		return nil, err
	}
	tr, err := transport.NewTransport(tls, ec.DefaultDialTimeout)
	if err != nil {
		return nil, err
	}
	cfg := e.Config{
		Endpoints: machines,
		Transport: tr,
		Username:  username,
		Password:  password,
		// The time required for a request to fail - 30 sec
		HeaderTimeoutPerRequest: time.Duration(10) * time.Second,
	}
	c, err := e.New(cfg)
	if err != nil {
		return nil, err
	}
	if domain != "" && !strings.HasSuffix(domain, "/") {
		domain = domain + "/"
	}
	return &etcdKV{
		common.BaseKvdb{FatalCb: fatalErrorCb},
		e.NewKeysAPI(c),
		e.NewAuthUserAPI(c),
		e.NewAuthRoleAPI(c),
		domain,
		etcdCommon,
	}, nil
}