github.com/polarismesh/polaris@v1.17.8/service/client_v1_authability.go (about) 1 /** 2 * Tencent is pleased to support the open source community by making Polaris available. 3 * 4 * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. 5 * 6 * Licensed under the BSD 3-Clause License (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at 9 * 10 * https://opensource.org/licenses/BSD-3-Clause 11 * 12 * Unless required by applicable law or agreed to in writing, software distributed 13 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 14 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 15 * specific language governing permissions and limitations under the License. 16 */ 17 18 package service 19 20 import ( 21 "context" 22 23 apiservice "github.com/polarismesh/specification/source/go/api/v1/service_manage" 24 25 api "github.com/polarismesh/polaris/common/api/v1" 26 "github.com/polarismesh/polaris/common/model" 27 "github.com/polarismesh/polaris/common/utils" 28 ) 29 30 // RegisterInstance create one instance 31 func (svr *serverAuthAbility) RegisterInstance(ctx context.Context, req *apiservice.Instance) *apiservice.Response { 32 authCtx := svr.collectClientInstanceAuthContext( 33 ctx, []*apiservice.Instance{req}, model.Create, "RegisterInstance") 34 35 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 36 if err != nil { 37 resp := api.NewResponseWithMsg(convertToErrCode(err), err.Error()) 38 return resp 39 } 40 41 ctx = authCtx.GetRequestContext() 42 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 43 44 return svr.targetServer.RegisterInstance(ctx, req) 45 } 46 47 // DeregisterInstance delete onr instance 48 func (svr *serverAuthAbility) DeregisterInstance(ctx context.Context, req *apiservice.Instance) *apiservice.Response { 49 authCtx := svr.collectClientInstanceAuthContext( 50 ctx, []*apiservice.Instance{req}, model.Create, "DeregisterInstance") 51 52 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 53 if err != nil { 54 resp := api.NewResponseWithMsg(convertToErrCode(err), err.Error()) 55 return resp 56 } 57 58 ctx = authCtx.GetRequestContext() 59 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 60 61 return svr.targetServer.DeregisterInstance(ctx, req) 62 } 63 64 // ReportClient is the interface for reporting client authability 65 func (svr *serverAuthAbility) ReportClient(ctx context.Context, req *apiservice.Client) *apiservice.Response { 66 return svr.targetServer.ReportClient(ctx, req) 67 } 68 69 // GetPrometheusTargets Used for client acquisition service information 70 func (svr *serverAuthAbility) GetPrometheusTargets(ctx context.Context, 71 query map[string]string) *model.PrometheusDiscoveryResponse { 72 73 return svr.targetServer.GetPrometheusTargets(ctx, query) 74 } 75 76 // GetServiceWithCache is the interface for getting service with cache 77 func (svr *serverAuthAbility) GetServiceWithCache( 78 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 79 80 authCtx := svr.collectServiceAuthContext( 81 ctx, []*apiservice.Service{req}, model.Read, "DiscoverServices") 82 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 83 if err != nil { 84 resp := api.NewDiscoverResponse(convertToErrCode(err)) 85 resp.Info = utils.NewStringValue(err.Error()) 86 return resp 87 } 88 ctx = authCtx.GetRequestContext() 89 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 90 91 return svr.targetServer.GetServiceWithCache(ctx, req) 92 } 93 94 // ServiceInstancesCache is the interface for getting service instances cache 95 func (svr *serverAuthAbility) ServiceInstancesCache( 96 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 97 98 authCtx := svr.collectServiceAuthContext( 99 ctx, []*apiservice.Service{req}, model.Read, "DiscoverInstances") 100 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 101 if err != nil { 102 resp := api.NewDiscoverResponse(convertToErrCode(err)) 103 resp.Info = utils.NewStringValue(err.Error()) 104 return resp 105 } 106 ctx = authCtx.GetRequestContext() 107 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 108 109 return svr.targetServer.ServiceInstancesCache(ctx, req) 110 } 111 112 // GetRoutingConfigWithCache is the interface for getting routing config with cache 113 func (svr *serverAuthAbility) GetRoutingConfigWithCache( 114 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 115 116 authCtx := svr.collectServiceAuthContext( 117 ctx, []*apiservice.Service{req}, model.Read, "DiscoverRouterRule") 118 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 119 if err != nil { 120 resp := api.NewDiscoverResponse(convertToErrCode(err)) 121 resp.Info = utils.NewStringValue(err.Error()) 122 return resp 123 } 124 ctx = authCtx.GetRequestContext() 125 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 126 127 return svr.targetServer.GetRoutingConfigWithCache(ctx, req) 128 } 129 130 // GetRateLimitWithCache is the interface for getting rate limit with cache 131 func (svr *serverAuthAbility) GetRateLimitWithCache( 132 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 133 134 authCtx := svr.collectServiceAuthContext( 135 ctx, []*apiservice.Service{req}, model.Read, "DiscoverRateLimit") 136 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 137 if err != nil { 138 resp := api.NewDiscoverResponse(convertToErrCode(err)) 139 resp.Info = utils.NewStringValue(err.Error()) 140 return resp 141 } 142 ctx = authCtx.GetRequestContext() 143 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 144 145 return svr.targetServer.GetRateLimitWithCache(ctx, req) 146 } 147 148 // GetCircuitBreakerWithCache is the interface for getting a circuit breaker with cache 149 func (svr *serverAuthAbility) GetCircuitBreakerWithCache( 150 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 151 152 authCtx := svr.collectServiceAuthContext( 153 ctx, []*apiservice.Service{req}, model.Read, "DiscoverCircuitBreaker") 154 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 155 if err != nil { 156 resp := api.NewDiscoverResponse(convertToErrCode(err)) 157 resp.Info = utils.NewStringValue(err.Error()) 158 return resp 159 } 160 ctx = authCtx.GetRequestContext() 161 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 162 163 return svr.targetServer.GetCircuitBreakerWithCache(ctx, req) 164 } 165 166 func (svr *serverAuthAbility) GetFaultDetectWithCache( 167 ctx context.Context, req *apiservice.Service) *apiservice.DiscoverResponse { 168 169 authCtx := svr.collectServiceAuthContext( 170 ctx, []*apiservice.Service{req}, model.Read, "DiscoverFaultDetect") 171 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 172 if err != nil { 173 resp := api.NewDiscoverResponse(convertToErrCode(err)) 174 resp.Info = utils.NewStringValue(err.Error()) 175 return resp 176 } 177 ctx = authCtx.GetRequestContext() 178 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 179 180 return svr.targetServer.GetFaultDetectWithCache(ctx, req) 181 } 182 183 // UpdateInstance update single instance 184 func (svr *serverAuthAbility) UpdateInstance(ctx context.Context, req *apiservice.Instance) *apiservice.Response { 185 authCtx := svr.collectClientInstanceAuthContext( 186 ctx, []*apiservice.Instance{req}, model.Modify, "UpdateInstance") 187 188 _, err := svr.strategyMgn.GetAuthChecker().CheckClientPermission(authCtx) 189 if err != nil { 190 resp := api.NewResponseWithMsg(convertToErrCode(err), err.Error()) 191 return resp 192 } 193 194 ctx = authCtx.GetRequestContext() 195 ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx) 196 197 return svr.targetServer.UpdateInstance(ctx, req) 198 }