Skip to content
This repository has been archived by the owner on Feb 18, 2021. It is now read-only.

Add resourceUrn to authenticate context #212

Merged
merged 4 commits into from
May 24, 2017
Merged

Add resourceUrn to authenticate context #212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b34a1a6
Add resourceUrn to authenticate context
May 24, 2017
3871dda
Use type for context key
May 24, 2017
68664de
Add comment for public stuff in frontend.go
May 24, 2017
d3a24cd
Reorganize import
May 24, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 11 additions & 2 deletions services/frontendhost/frontend.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package frontendhost

import (
"context"
"crypto/sha1"
"encoding/base64"
"fmt"
Expand Down Expand Up @@ -53,6 +54,12 @@ const (
maxSizeCacheDestinationPathForUUID = 1000
)

// ContextKey is the type for context key
type ContextKey string

// ResourceUrnKey is the context key name for resourceUrn
var ResourceUrnKey = ContextKey("resourceUrn")

var nilRequestError = &c.BadRequestError{Message: `request must not be nil`}
var badRequestKafkaConfigError = &c.BadRequestError{Message: `kafka destination must set kafka cluster and topic, and may not be multi-zone`}
var badRequestNonKafkaConfigError = &c.BadRequestError{Message: `non-Kafka destination must not set kafka cluster and topic`}
Expand Down Expand Up @@ -589,13 +596,15 @@ func (h *Frontend) CreateDestination(ctx thrift.Context, createRequest *c.Create

lclLg := h.logger.WithField(common.TagDstPth, common.FmtDstPth(createRequest.GetPath()))

authSubject, err := h.GetAuthManager().Authenticate(ctx)
authResource := common.GetResourceURNCreateDestination(h.SCommon, createRequest.Path)

authContext := context.WithValue(ctx, ResourceUrnKey, authResource)
authSubject, err := h.GetAuthManager().Authenticate(authContext)
if err != nil {
// TODO add metrics
return nil, err
}

authResource := common.GetResourceURNCreateDestination(h.SCommon, createRequest.Path)
err = h.GetAuthManager().Authorize(authSubject, common.OperationCreate, common.Resource(authResource))
if err != nil {
lclLg.WithField(common.TagSubject, authSubject).WithField(common.TagResource, authResource).Info("Not allowed to create destination")
Expand Down
3 changes: 2 additions & 1 deletion services/storehost/storagemonitor.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,8 @@ func (s *storageMonitor) checkStorage() {
} else if availablePcnt < warningThreshold {
s.logger.WithFields(bark.Fields{`filePath`: path, `availableMBs`: availableMBs, `totalMBs`: totalMBs, `availablePcnt`: availablePcnt}).Warn(`Available disk space lower than warning threshold`)
} else {
s.logger.WithFields(bark.Fields{`filePath`: path, `availableMBs`: availableMBs, `totalMBs`: totalMBs, `availablePcnt`: availablePcnt}).Info(`Monitoring disk space`) }
s.logger.WithFields(bark.Fields{`filePath`: path, `availableMBs`: availableMBs, `totalMBs`: totalMBs, `availablePcnt`: availablePcnt}).Info(`Monitoring disk space`)
}
}

func (s *storageMonitor) doHouseKeeping() {
Expand Down