// AddTargets will attempt to add the given targets specifically to
// the directed role. If the metadata for the role doesn't exist yet,
// AddTargets will create one.
func (tr *Repo) AddTargets(role string, targets data.Files) (data.Files, error) {
err := tr.VerifyCanSign(role)
if err != nil {
return nil, err
}
// check the role's metadata
t, ok := tr.Targets[role]
if !ok { // the targetfile may not exist yet - if not, then create it
var err error
t, err = tr.InitTargets(role)
if err != nil {
return nil, err
}
}
var r data.DelegationRole
if role != data.CanonicalTargetsRole {
// we only call r.CheckPaths if the role is not "targets"
// so r being nil is fine in the case role == "targets"
r, err = tr.GetDelegationRole(role)
if err != nil {
return nil, err
}
}
invalid := make(data.Files)
for path, target := range targets {
if role == data.CanonicalTargetsRole || r.CheckPaths(path) {
t.Signed.Targets[path] = target
} else {
invalid[path] = target
}
}
t.Dirty = true
if len(invalid) > 0 {
return invalid, fmt.Errorf("Could not add all targets")
}
return nil, nil
}
// helper function that returns whether the delegation Role is valid against the given path
// Will return true if given an empty candidatePath
func isValidPath(candidatePath string, delgRole data.DelegationRole) bool {
return candidatePath == "" || delgRole.CheckPaths(candidatePath)
}
