github.com/polarismesh/polaris@v1.17.8/admin/server_authability.go

github.com/polarismesh/polaris@v1.17.8/admin/server_authability.go (about)

     1  /**
     2   * Tencent is pleased to support the open source community by making Polaris available.
     3   *
     4   * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
     5   *
     6   * Licensed under the BSD 3-Clause License (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at
     9   *
    10   * https://opensource.org/licenses/BSD-3-Clause
    11   *
    12   * Unless required by applicable law or agreed to in writing, software distributed
    13   * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
    14   * CONDITIONS OF ANY KIND, either express or implied. See the License for the
    15   * specific language governing permissions and limitations under the License.
    16   */
    17  
    18  package admin
    19  
    20  import (
    21  	"context"
    22  	"errors"
    23  
    24  	apimodel "github.com/polarismesh/specification/source/go/api/v1/model"
    25  
    26  	"github.com/polarismesh/polaris/auth"
    27  	"github.com/polarismesh/polaris/common/model"
    28  )
    29  
    30  // serverAuthAbility 带有鉴权能力的 maintainServer
    31  type serverAuthAbility struct {
    32  	targetServer *Server
    33  	userMgn      auth.UserServer
    34  	strategyMgn  auth.StrategyServer
    35  }
    36  
    37  func newServerAuthAbility(targetServer *Server,
    38  	userMgn auth.UserServer, strategyMgn auth.StrategyServer) AdminOperateServer {
    39  	proxy := &serverAuthAbility{
    40  		targetServer: targetServer,
    41  		userMgn:      userMgn,
    42  		strategyMgn:  strategyMgn,
    43  	}
    44  
    45  	return proxy
    46  }
    47  
    48  func (svr *serverAuthAbility) collectMaintainAuthContext(ctx context.Context, resourceOp model.ResourceOperation,
    49  	methodName string) *model.AcquireContext {
    50  	return model.NewAcquireContext(
    51  		model.WithRequestContext(ctx),
    52  		model.WithOperation(resourceOp),
    53  		model.WithModule(model.MaintainModule),
    54  		model.WithMethod(methodName),
    55  	)
    56  }
    57  
    58  func convertToErrCode(err error) apimodel.Code {
    59  	if errors.Is(err, model.ErrorTokenNotExist) {
    60  		return apimodel.Code_TokenNotExisted
    61  	}
    62  
    63  	if errors.Is(err, model.ErrorTokenDisabled) {
    64  		return apimodel.Code_TokenDisabled
    65  	}
    66  
    67  	return apimodel.Code_NotAllowedAccess
    68  }