github.com/rigado/snapd@v2.42.5-go-mod+incompatible/overlord/assertstate/helpers.go

github.com/rigado/snapd@v2.42.5-go-mod+incompatible/overlord/assertstate/helpers.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016-2017 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package assertstate
    21  
    22  import (
    23  	"github.com/snapcore/snapd/asserts"
    24  	"github.com/snapcore/snapd/logger"
    25  	"github.com/snapcore/snapd/overlord/auth"
    26  	"github.com/snapcore/snapd/overlord/snapstate"
    27  	"github.com/snapcore/snapd/overlord/state"
    28  )
    29  
    30  // TODO: snapstate also has this, move to auth, or change a bit the approach now that we have DeviceAndAuthContext in the store?
    31  func userFromUserID(st *state.State, userID int) (*auth.UserState, error) {
    32  	if userID == 0 {
    33  		return nil, nil
    34  	}
    35  	return auth.User(st, userID)
    36  }
    37  
    38  func doFetch(s *state.State, userID int, deviceCtx snapstate.DeviceContext, fetching func(asserts.Fetcher) error) error {
    39  	// TODO: once we have a bulk assertion retrieval endpoint this approach will change
    40  
    41  	db := cachedDB(s)
    42  
    43  	// this is a fallback in case of bugs, we ask the store
    44  	// to filter unsupported formats!
    45  	unsupported := func(ref *asserts.Ref, unsupportedErr error) error {
    46  		if _, err := ref.Resolve(db.Find); err != nil {
    47  			// nothing there yet or any other error
    48  			return unsupportedErr
    49  		}
    50  		// we keep the old one, but log the issue
    51  		logger.Noticef("Cannot update assertion %v: %v", ref, unsupportedErr)
    52  		return nil
    53  	}
    54  
    55  	b := asserts.NewBatch(unsupported)
    56  
    57  	user, err := userFromUserID(s, userID)
    58  	if err != nil {
    59  		return err
    60  	}
    61  
    62  	sto := snapstate.Store(s, deviceCtx)
    63  
    64  	retrieve := func(ref *asserts.Ref) (asserts.Assertion, error) {
    65  		// TODO: ignore errors if already in db?
    66  		return sto.Assertion(ref.Type, ref.PrimaryKey, user)
    67  	}
    68  
    69  	s.Unlock()
    70  	err = b.Fetch(db, retrieve, fetching)
    71  	s.Lock()
    72  	if err != nil {
    73  		return err
    74  	}
    75  
    76  	// TODO: trigger w. caller a global sanity check if a is revoked
    77  	// (but try to save as much possible still),
    78  	// or err is a check error
    79  	return b.CommitTo(db, nil)
    80  }