// NewDeployerAPI creates a new client-side DeployerAPI facade. func NewDeployerAPI( st *state.State, resources *common.Resources, authorizer common.Authorizer, ) (*DeployerAPI, error) { if !authorizer.AuthMachineAgent() { return nil, common.ErrPerm } getAuthFunc := func() (common.AuthFunc, error) { // Get all units of the machine and cache them. thisMachineTag := authorizer.GetAuthTag() units, err := getAllUnits(st, thisMachineTag) if err != nil { return nil, err } // Then we just check if the unit is already known. return func(tag string) bool { for _, unit := range units { if names.UnitTag(unit) == tag { return true } } return false }, nil } return &DeployerAPI{ Remover: common.NewRemover(st, getAuthFunc), PasswordChanger: common.NewPasswordChanger(st, getAuthFunc), LifeGetter: common.NewLifeGetter(st, getAuthFunc), st: st, resources: resources, authorizer: authorizer, }, nil }
// NewDeployerAPI creates a new client-side DeployerAPI facade. func NewDeployerAPI( st *state.State, resources *common.Resources, authorizer common.Authorizer, ) (*DeployerAPI, error) { if !authorizer.AuthMachineAgent() { return nil, common.ErrPerm } getAuthFunc := func() (common.AuthFunc, error) { // Get all units of the machine and cache them. knownUnits := set.NewStrings() thisMachineTag := authorizer.GetAuthTag() if units, err := getAllUnits(st, thisMachineTag); err != nil { return nil, err } else { for _, unit := range units { knownUnits.Add(unit) } } // Then we just check if the unit is already known. return func(tag string) bool { unitName := state.UnitNameFromTag(tag) return knownUnits.Contains(unitName) }, nil } return &DeployerAPI{ Remover: common.NewRemover(st, getAuthFunc), PasswordChanger: common.NewPasswordChanger(st, getAuthFunc), LifeGetter: common.NewLifeGetter(st, getAuthFunc), st: st, resources: resources, authorizer: authorizer, }, nil }
func (*passwordSuite) TestSetPasswordsNoArgsNoError(c *gc.C) { getCanChange := func() (common.AuthFunc, error) { return nil, fmt.Errorf("splat") } pc := common.NewPasswordChanger(&fakeState{}, getCanChange) result, err := pc.SetPasswords(params.PasswordChanges{}) c.Assert(err, gc.IsNil) c.Assert(result.Results, gc.HasLen, 0) }
// NewAgentAPI returns an object implementing the machine agent API // with the given authorizer representing the currently logged in client. // DEPRECATED(v1.14) func NewAgentAPI(st *state.State, auth common.Authorizer) (*AgentAPI, error) { if !auth.AuthMachineAgent() { return nil, common.ErrPerm } getCanChange := func() (common.AuthFunc, error) { return auth.AuthOwner, nil } return &AgentAPI{ PasswordChanger: common.NewPasswordChanger(st, getCanChange), st: st, auth: auth, }, nil }
// NewAPI returns an object implementing an agent API // with the given authorizer representing the currently logged in client. func NewAPI(st *state.State, auth common.Authorizer) (*API, error) { // Agents are defined to be any user that's not a client user. if !auth.AuthMachineAgent() && !auth.AuthUnitAgent() { return nil, common.ErrPerm } getCanChange := func() (common.AuthFunc, error) { return auth.AuthOwner, nil } return &API{ PasswordChanger: common.NewPasswordChanger(st, getCanChange), st: st, auth: auth, }, nil }
// NewAgentAPI returns an object implementing the machine agent API // with the given authorizer representing the currently logged in client. func NewAgentAPI(st *state.State, auth common.Authorizer) (*AgentAPI, error) { if !auth.AuthMachineAgent() { return nil, common.ErrPerm } getCanChange := func() (common.AuthFunc, error) { // TODO(go1.1): method expression return func(tag string) bool { return auth.AuthOwner(tag) }, nil } return &AgentAPI{ st: st, auth: auth, PasswordChanger: common.NewPasswordChanger(st, getCanChange), }, nil }
func (*passwordSuite) TestSetPasswordsError(c *gc.C) { getCanChange := func() (common.AuthFunc, error) { return nil, fmt.Errorf("splat") } pc := common.NewPasswordChanger(&fakeState{}, getCanChange) var changes []params.PasswordChange for i := 0; i < 4; i++ { tag := fmt.Sprintf("x%d", i) changes = append(changes, params.PasswordChange{ Tag: tag, Password: fmt.Sprintf("%spass", tag), }) } _, err := pc.SetPasswords(params.PasswordChanges{Changes: changes}) c.Assert(err, gc.ErrorMatches, "splat") }
func (*passwordSuite) TestSetPasswords(c *gc.C) { st := &fakeState{ entities: map[string]entityWithError{ "x0": &fakeAuthenticator{}, "x1": &fakeAuthenticator{}, "x2": &fakeAuthenticator{ err: fmt.Errorf("x2 error"), }, "x3": &fakeAuthenticator{ fetchError: "x3 error", }, "x4": &fakeAuthenticatorWithMongoPass{}, }, } getCanChange := func() (common.AuthFunc, error) { return func(tag string) bool { return tag != "x0" }, nil } pc := common.NewPasswordChanger(st, getCanChange) var changes []params.PasswordChange for i := 0; i < 5; i++ { tag := fmt.Sprintf("x%d", i) changes = append(changes, params.PasswordChange{ Tag: tag, Password: fmt.Sprintf("%spass", tag), }) } results, err := pc.SetPasswords(params.PasswordChanges{ Changes: changes, }) c.Assert(err, gc.IsNil) c.Assert(results, gc.DeepEquals, params.ErrorResults{ Results: []params.ErrorResult{ {apiservertesting.ErrUnauthorized}, {nil}, {¶ms.Error{Message: "x2 error"}}, {¶ms.Error{Message: "x3 error"}}, {nil}, }, }) c.Assert(st.entities["x0"].(*fakeAuthenticator).pass, gc.Equals, "") c.Assert(st.entities["x1"].(*fakeAuthenticator).pass, gc.Equals, "x1pass") c.Assert(st.entities["x2"].(*fakeAuthenticator).pass, gc.Equals, "") c.Assert(st.entities["x4"].(*fakeAuthenticatorWithMongoPass).pass, gc.Equals, "x4pass") c.Assert(st.entities["x4"].(*fakeAuthenticatorWithMongoPass).mongoPass, gc.Equals, "x4pass") }