github.com/polarismesh/polaris@v1.17.8/service/ratelimit_config_authability.go

github.com/polarismesh/polaris@v1.17.8/service/ratelimit_config_authability.go (about)

     1  /**
     2   * Tencent is pleased to support the open source community by making Polaris available.
     3   *
     4   * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
     5   *
     6   * Licensed under the BSD 3-Clause License (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at
     9   *
    10   * https://opensource.org/licenses/BSD-3-Clause
    11   *
    12   * Unless required by applicable law or agreed to in writing, software distributed
    13   * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
    14   * CONDITIONS OF ANY KIND, either express or implied. See the License for the
    15   * specific language governing permissions and limitations under the License.
    16   */
    17  
    18  package service
    19  
    20  import (
    21  	"context"
    22  
    23  	apimodel "github.com/polarismesh/specification/source/go/api/v1/model"
    24  	apiservice "github.com/polarismesh/specification/source/go/api/v1/service_manage"
    25  	apitraffic "github.com/polarismesh/specification/source/go/api/v1/traffic_manage"
    26  
    27  	api "github.com/polarismesh/polaris/common/api/v1"
    28  	"github.com/polarismesh/polaris/common/model"
    29  	"github.com/polarismesh/polaris/common/utils"
    30  )
    31  
    32  // CreateRateLimits creates rate limits for a namespace.
    33  func (svr *serverAuthAbility) CreateRateLimits(
    34  	ctx context.Context, reqs []*apitraffic.Rule) *apiservice.BatchWriteResponse {
    35  	authCtx := svr.collectRateLimitAuthContext(ctx, reqs, model.Create, "CreateRateLimits")
    36  
    37  	_, err := svr.strategyMgn.GetAuthChecker().CheckConsolePermission(authCtx)
    38  	if err != nil {
    39  		return api.NewBatchWriteResponseWithMsg(apimodel.Code_NotAllowedAccess, err.Error())
    40  	}
    41  
    42  	ctx = authCtx.GetRequestContext()
    43  	ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx)
    44  
    45  	return svr.targetServer.CreateRateLimits(ctx, reqs)
    46  }
    47  
    48  // DeleteRateLimits deletes rate limits for a namespace.
    49  func (svr *serverAuthAbility) DeleteRateLimits(
    50  	ctx context.Context, reqs []*apitraffic.Rule) *apiservice.BatchWriteResponse {
    51  	authCtx := svr.collectRateLimitAuthContext(ctx, reqs, model.Delete, "DeleteRateLimits")
    52  
    53  	_, err := svr.strategyMgn.GetAuthChecker().CheckConsolePermission(authCtx)
    54  	if err != nil {
    55  		return api.NewBatchWriteResponseWithMsg(apimodel.Code_NotAllowedAccess, err.Error())
    56  	}
    57  
    58  	ctx = authCtx.GetRequestContext()
    59  	ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx)
    60  
    61  	return svr.targetServer.DeleteRateLimits(ctx, reqs)
    62  }
    63  
    64  // UpdateRateLimits updates rate limits for a namespace.
    65  func (svr *serverAuthAbility) UpdateRateLimits(
    66  	ctx context.Context, reqs []*apitraffic.Rule) *apiservice.BatchWriteResponse {
    67  	authCtx := svr.collectRateLimitAuthContext(ctx, reqs, model.Modify, "UpdateRateLimits")
    68  
    69  	_, err := svr.strategyMgn.GetAuthChecker().CheckConsolePermission(authCtx)
    70  	if err != nil {
    71  		return api.NewBatchWriteResponseWithMsg(apimodel.Code_NotAllowedAccess, err.Error())
    72  	}
    73  
    74  	ctx = authCtx.GetRequestContext()
    75  	ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx)
    76  
    77  	return svr.targetServer.UpdateRateLimits(ctx, reqs)
    78  }
    79  
    80  // EnableRateLimits 启用限流规则
    81  func (svr *serverAuthAbility) EnableRateLimits(
    82  	ctx context.Context, reqs []*apitraffic.Rule) *apiservice.BatchWriteResponse {
    83  	authCtx := svr.collectRateLimitAuthContext(ctx, nil, model.Read, "EnableRateLimits")
    84  
    85  	_, err := svr.strategyMgn.GetAuthChecker().CheckConsolePermission(authCtx)
    86  	if err != nil {
    87  		return api.NewBatchWriteResponseWithMsg(apimodel.Code_NotAllowedAccess, err.Error())
    88  	}
    89  
    90  	ctx = authCtx.GetRequestContext()
    91  	ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx)
    92  
    93  	return svr.targetServer.EnableRateLimits(ctx, reqs)
    94  }
    95  
    96  // GetRateLimits gets rate limits for a namespace.
    97  func (svr *serverAuthAbility) GetRateLimits(
    98  	ctx context.Context, query map[string]string) *apiservice.BatchQueryResponse {
    99  	authCtx := svr.collectRateLimitAuthContext(ctx, nil, model.Read, "GetRateLimits")
   100  
   101  	_, err := svr.strategyMgn.GetAuthChecker().CheckConsolePermission(authCtx)
   102  	if err != nil {
   103  		return api.NewBatchQueryResponseWithMsg(apimodel.Code_NotAllowedAccess, err.Error())
   104  	}
   105  
   106  	ctx = authCtx.GetRequestContext()
   107  	ctx = context.WithValue(ctx, utils.ContextAuthContextKey, authCtx)
   108  
   109  	return svr.targetServer.GetRateLimits(ctx, query)
   110  }