From 43fc1e96fed6fd2e0504e05a1a50c27ab8f15913 Mon Sep 17 00:00:00 2001 From: Paul Lorenz Date: Fri, 14 Apr 2023 17:06:01 -0400 Subject: [PATCH] Get tests running and do some cleanups --- .github/workflows/main.yml | 2 +- .golangci.yml | 7 + controller/handler_edge_ctrl/common.go | 18 +- .../handler_edge_ctrl/extend_enrollment.go | 1 + .../internal/policy/api_session_enforcer.go | 2 +- .../policy/service_policy_enforcer.go | 4 +- .../internal/policy/session_enforcer_test.go | 27 +-- controller/model/api_session_manager.go | 2 +- controller/model/enrollment_manager.go | 18 +- controller/model/enrollment_mod_ott.go | 2 +- controller/model/enrollment_mod_ottca.go | 2 +- controller/model/enrollment_mod_updb.go | 2 +- controller/model/identity_manager.go | 3 +- controller/model/posture_response_manager.go | 2 +- controller/model/posture_response_model.go | 2 +- .../api_session_certificate_store.go | 55 +++-- controller/persistence/api_session_store.go | 67 +++---- controller/persistence/auth_policy_store.go | 115 ++++++----- controller/persistence/ca_store.go | 78 ++++---- controller/persistence/config_store.go | 51 +++-- controller/persistence/config_type_store.go | 71 +++---- .../persistence/edge_router_policy_store.go | 101 ++++------ controller/persistence/edge_router_store.go | 1 + controller/persistence/enrollment_store.go | 71 ++++--- .../persistence/eventual_event_store.go | 40 ++-- controller/persistence/eventual_eventer.go | 4 +- .../persistence/external_jwt_signer_store.go | 113 +++++------ controller/persistence/identity_store.go | 188 +++++++++--------- controller/persistence/identity_type_store.go | 35 ++-- controller/persistence/mfa_store.go | 52 +++-- controller/persistence/stores.go | 2 +- controller/response/context.go | 2 +- events/dispatcher_session.go | 2 +- go.mod | 13 +- go.sum | 30 +-- tests/auth_cert_test.go | 3 +- tests/router_identities_test.go | 3 +- tests/transit_router_test.go | 3 +- 38 files changed, 585 insertions(+), 609 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 601379241..ccdc34770 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,7 +22,7 @@ jobs: - name: Install Go uses: actions/setup-go@v3 with: - go-version: '1.19.x' + go-version: '1.20.x' - name: Install Ziti CI uses: netfoundry/ziti-ci@v1 diff --git a/.golangci.yml b/.golangci.yml index cf80009a4..b2022d668 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -2,3 +2,10 @@ run: deadline: 8m skip-dirs: - controller/zitiql + +# golangci gives false positives for implementations of methods using generics in generic interfaces +issues: + exclude-rules: + - path: 'controller/model/.*.go' + linters: + - unused diff --git a/controller/handler_edge_ctrl/common.go b/controller/handler_edge_ctrl/common.go index 3b1dcfb33..e120e541d 100644 --- a/controller/handler_edge_ctrl/common.go +++ b/controller/handler_edge_ctrl/common.go @@ -115,16 +115,26 @@ type baseSessionRequestContext struct { } func (self *baseSessionRequestContext) newChangeContext() *change.Context { - return change.New(). - SetChangeAuthorId(self.session.IdentityId). - SetChangeAuthorName(self.apiSession.Identity.Name). - SetSource(fmt.Sprintf("ctrl[edge/%v]", self.handler.getChannel().Underlay().GetRemoteAddr().String())) + result := change.New().SetSource(fmt.Sprintf("ctrl[edge/%v]", self.handler.getChannel().Underlay().GetRemoteAddr().String())) + if self.session != nil { + result. + SetChangeAuthorId(self.session.IdentityId). + SetChangeAuthorName(self.apiSession.Identity.Name). + SetChangeAuthorType("identity") + } else if self.sourceRouter != nil { + result. + SetChangeAuthorId(self.sourceRouter.Id). + SetChangeAuthorName(self.sourceRouter.Name). + SetChangeAuthorType("router") + } + return result } func (self *baseSessionRequestContext) newTunnelChangeContext() *change.Context { return change.New(). SetChangeAuthorId(self.sourceRouter.Id). SetChangeAuthorName(self.sourceRouter.Name). + SetChangeAuthorType("router"). SetSource(fmt.Sprintf("ctrl[edge:tunnel/%v]", self.handler.getChannel().Underlay().GetRemoteAddr().String())) } diff --git a/controller/handler_edge_ctrl/extend_enrollment.go b/controller/handler_edge_ctrl/extend_enrollment.go index 9e0e5b099..6764a36b4 100644 --- a/controller/handler_edge_ctrl/extend_enrollment.go +++ b/controller/handler_edge_ctrl/extend_enrollment.go @@ -36,6 +36,7 @@ func newRouterChangeContext(router interface { return change.New(). SetChangeAuthorId(router.GetId()). SetChangeAuthorName(router.GetName()). + SetChangeAuthorType("router"). SetSource(fmt.Sprintf("ctrl[edge/%v]", ch.Underlay().GetRemoteAddr().String())) } diff --git a/controller/internal/policy/api_session_enforcer.go b/controller/internal/policy/api_session_enforcer.go index fe88ef38f..3a6678704 100644 --- a/controller/internal/policy/api_session_enforcer.go +++ b/controller/internal/policy/api_session_enforcer.go @@ -98,7 +98,7 @@ func (s *ApiSessionEnforcer) Run() error { logrus.Debugf("found %v expired api-sessions to remove", len(ids)) - ctx := change.New().SetSource("api-session.enforcer") + ctx := change.New().SetSource("api-session.enforcer").SetChangeAuthorType("controller") if err = s.appEnv.GetManagers().ApiSession.DeleteBatch(ids, ctx); err != nil { logrus.WithError(err).Error("failure while batch deleting expired api sessions") diff --git a/controller/internal/policy/service_policy_enforcer.go b/controller/internal/policy/service_policy_enforcer.go index b2687a34e..1eca8b431 100644 --- a/controller/internal/policy/service_policy_enforcer.go +++ b/controller/internal/policy/service_policy_enforcer.go @@ -102,7 +102,7 @@ func (enforcer *ServicePolicyEnforcer) handleServiceEvent(event *persistence.Ser } } - ctx := change.New().SetSource("service-policy.enforcer") + ctx := change.New().SetSource("service-policy.enforcer").SetChangeAuthorType("controller") for _, sessionId := range sessionsToDelete { _ = enforcer.appEnv.GetManagers().Session.Delete(sessionId, ctx) log.Debugf("session %v deleted", sessionId) @@ -168,7 +168,7 @@ func (enforcer *ServicePolicyEnforcer) Run() error { return err } - ctx := change.New().SetSource("service-policy.enforcer") + ctx := change.New().SetSource("service-policy.enforcer").SetChangeAuthorType("controller") for _, sessionId := range sessionsToRemove { _ = enforcer.appEnv.GetManagers().Session.Delete(sessionId, ctx) } diff --git a/controller/internal/policy/session_enforcer_test.go b/controller/internal/policy/session_enforcer_test.go index cb3a17a0c..de50f486c 100644 --- a/controller/internal/policy/session_enforcer_test.go +++ b/controller/internal/policy/session_enforcer_test.go @@ -22,6 +22,7 @@ import ( "github.com/openziti/edge/controller/persistence" "github.com/openziti/edge/eid" "github.com/openziti/storage/boltz" + "github.com/openziti/storage/boltztest" "github.com/sirupsen/logrus" "testing" "time" @@ -49,25 +50,25 @@ func (ctx *enforcerTestContext) testSessionsCleanup() { identity := ctx.RequireNewIdentity("Jojo", false) apiSession := persistence.NewApiSession(identity.Id) - ctx.RequireCreate(apiSession) + boltztest.RequireCreate(ctx, apiSession) service := ctx.RequireNewService("test-service") session := NewSession(apiSession.Id, service.Id) - ctx.RequireCreate(session) - ctx.ValidateBaseline(session, compareOpts) + boltztest.RequireCreate(ctx, session) + boltztest.ValidateBaseline(ctx, session, compareOpts) session2 := NewSession(apiSession.Id, service.Id) session2.Type = persistence.PolicyTypeBindName - ctx.RequireCreate(session2) - ctx.ValidateBaseline(session2, compareOpts) + boltztest.RequireCreate(ctx, session2) + boltztest.ValidateBaseline(ctx, session2, compareOpts) service2 := ctx.RequireNewService("test-service-2") session3 := NewSession(apiSession.Id, service2.Id) session3.Tags = ctx.CreateTags() - ctx.RequireCreate(session3) - ctx.ValidateBaseline(session3, compareOpts) + boltztest.RequireCreate(ctx, session3) + boltztest.ValidateBaseline(ctx, session3, compareOpts) - ctx.RequireReload(session) - ctx.RequireReload(session2) + boltztest.RequireReload(ctx, session) + boltztest.RequireReload(ctx, session2) enforcer := &ApiSessionEnforcer{ appEnv: ctx, @@ -85,10 +86,10 @@ func (ctx *enforcerTestContext) testSessionsCleanup() { ctx.Fail("did not receive done notification from eventual eventer") } - ctx.ValidateDeleted(apiSession.Id) - ctx.ValidateDeleted(session.Id) - ctx.ValidateDeleted(session2.Id) - ctx.ValidateDeleted(session3.Id) + boltztest.ValidateDeleted(ctx, apiSession.Id) + boltztest.ValidateDeleted(ctx, session.Id) + boltztest.ValidateDeleted(ctx, session2.Id) + boltztest.ValidateDeleted(ctx, session3.Id) } func NewSession(apiSessionId, serviceId string) *persistence.Session { diff --git a/controller/model/api_session_manager.go b/controller/model/api_session_manager.go index a2f54332a..3f81bfc31 100644 --- a/controller/model/api_session_manager.go +++ b/controller/model/api_session_manager.go @@ -169,7 +169,7 @@ func (self *ApiSessionManager) MarkActivityByTokens(tokens ...string) ([]string, } func (self *ApiSessionManager) heartbeatFlush(beats []*Heartbeat) { - changeCtx := change.New().SetSource("heartbeat.flush") + changeCtx := change.New().SetSource("heartbeat.flush").SetChangeAuthorType("controller") err := self.GetDb().Batch(changeCtx.NewMutateContext(), func(ctx boltz.MutateContext) error { store := self.Store.(persistence.ApiSessionStore) diff --git a/controller/model/enrollment_manager.go b/controller/model/enrollment_manager.go index e8f4ee7c9..b771f88a0 100644 --- a/controller/model/enrollment_manager.go +++ b/controller/model/enrollment_manager.go @@ -63,6 +63,11 @@ func (self *EnrollmentManager) Create(entity *Enrollment, ctx *change.Context) e func (self *EnrollmentManager) ApplyCreate(cmd *command.CreateEntityCommand[*Enrollment]) error { model := cmd.Entity + if model.EdgeRouterId != nil || model.TransitRouterId != nil { + _, err := self.createEntity(model, cmd.Context) + return err + } + if model.IdentityId == nil { return apierror.NewBadRequestFieldError(*errorz.NewFieldError("identity not found", "identityId", model.IdentityId)) } @@ -198,11 +203,12 @@ func (self *EnrollmentManager) ReadByToken(token string) (*Enrollment, error) { return enrollment, nil } -func (self *EnrollmentManager) ReplaceWithAuthenticator(enrollmentId string, authenticator *Authenticator) error { +func (self *EnrollmentManager) ReplaceWithAuthenticator(enrollmentId string, authenticator *Authenticator, ctx *change.Context) error { return self.Dispatch(&ReplaceEnrollmentWithAuthenticatorCmd{ manager: self, enrollmentId: enrollmentId, authenticator: authenticator, + ctx: ctx, }) } @@ -227,7 +233,7 @@ func (self *EnrollmentManager) GetClientCertChain(certRaw []byte) (string, error } func (self *EnrollmentManager) ApplyReplaceEncoderWithAuthenticatorCommand(cmd *ReplaceEnrollmentWithAuthenticatorCmd) error { - return self.env.GetDbProvider().GetDb().Update(cmd.Context.NewMutateContext(), func(ctx boltz.MutateContext) error { + return self.env.GetDbProvider().GetDb().Update(cmd.ctx.NewMutateContext(), func(ctx boltz.MutateContext) error { err := self.env.GetStores().Enrollment.DeleteById(ctx, cmd.enrollmentId) if err != nil { return err @@ -363,14 +369,14 @@ func (self *EnrollmentManager) Unmarshall(bytes []byte) (*Enrollment, error) { } type ReplaceEnrollmentWithAuthenticatorCmd struct { - Context *change.Context + ctx *change.Context manager *EnrollmentManager enrollmentId string authenticator *Authenticator } func (self *ReplaceEnrollmentWithAuthenticatorCmd) Apply(raftIndex uint64) error { - self.Context.RaftIndex = raftIndex + self.ctx.RaftIndex = raftIndex return self.manager.ApplyReplaceEncoderWithAuthenticatorCommand(self) } @@ -381,7 +387,7 @@ func (self *ReplaceEnrollmentWithAuthenticatorCmd) Encode() ([]byte, error) { } cmd := &edge_cmd_pb.ReplaceEnrollmentWithAuthenticatorCmd{ - Ctx: ContextToProtobuf(self.Context), + Ctx: ContextToProtobuf(self.ctx), EnrollmentId: self.enrollmentId, Authenticator: authMsg, } @@ -389,7 +395,7 @@ func (self *ReplaceEnrollmentWithAuthenticatorCmd) Encode() ([]byte, error) { } func (self *ReplaceEnrollmentWithAuthenticatorCmd) Decode(env Env, msg *edge_cmd_pb.ReplaceEnrollmentWithAuthenticatorCmd) error { - self.Context = ProtobufToContext(msg.Ctx) + self.ctx = ProtobufToContext(msg.Ctx) self.manager = env.GetManagers().Enrollment self.enrollmentId = msg.EnrollmentId authenticator, err := env.GetManagers().Authenticator.ProtobufToAuthenticator(msg.Authenticator) diff --git a/controller/model/enrollment_mod_ott.go b/controller/model/enrollment_mod_ott.go index 839c99c66..8c019b468 100644 --- a/controller/model/enrollment_mod_ott.go +++ b/controller/model/enrollment_mod_ott.go @@ -108,7 +108,7 @@ func (module *EnrollModuleOtt) Process(ctx EnrollmentContext) (*EnrollmentResult }, } - err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator) + err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator, ctx.GetChangeContext()) if err != nil { return nil, err diff --git a/controller/model/enrollment_mod_ottca.go b/controller/model/enrollment_mod_ottca.go index 347fe1085..130fdd9a2 100644 --- a/controller/model/enrollment_mod_ottca.go +++ b/controller/model/enrollment_mod_ottca.go @@ -134,7 +134,7 @@ func (module *EnrollModuleOttCa) Process(ctx EnrollmentContext) (*EnrollmentResu }, } - err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator) + err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator, ctx.GetChangeContext()) if err != nil { return nil, err diff --git a/controller/model/enrollment_mod_updb.go b/controller/model/enrollment_mod_updb.go index d01710d51..794ec4eb9 100644 --- a/controller/model/enrollment_mod_updb.go +++ b/controller/model/enrollment_mod_updb.go @@ -94,7 +94,7 @@ func (module *EnrollModuleUpdb) Process(ctx EnrollmentContext) (*EnrollmentResul }, } - err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator) + err = module.env.GetManagers().Enrollment.ReplaceWithAuthenticator(enrollment.Id, newAuthenticator, ctx.GetChangeContext()) if err != nil { return nil, err diff --git a/controller/model/identity_manager.go b/controller/model/identity_manager.go index f3922955e..94c14b89c 100644 --- a/controller/model/identity_manager.go +++ b/controller/model/identity_manager.go @@ -68,6 +68,7 @@ func NewIdentityManager(env Env) *IdentityManager { network.RegisterManagerDecoder[*Identity](env.GetHostController().GetNetwork().GetManagers(), manager) RegisterCommand(env, &CreateIdentityWithEnrollmentsCmd{}, &edge_cmd_pb.CreateIdentityWithEnrollmentsCmd{}) + RegisterCommand(env, &UpdateServiceConfigsCmd{}, &edge_cmd_pb.UpdateServiceConfigsCmd{}) return manager } @@ -238,7 +239,7 @@ func (self *IdentityManager) InitializeDefaultAdmin(username, password, name str }, } - ctx := change.New().SetSource("cli.init") + ctx := change.New().SetSource("cli.init").SetChangeAuthorType("cli") if err = self.Create(defaultAdmin, ctx); err != nil { return err } diff --git a/controller/model/posture_response_manager.go b/controller/model/posture_response_manager.go index 4550405f2..8c4f880d0 100644 --- a/controller/model/posture_response_manager.go +++ b/controller/model/posture_response_manager.go @@ -209,7 +209,7 @@ func (self *PostureResponseManager) postureDataUpdated(env Env, identityId strin for _, sessionId := range sessionIdsToDelete { //todo: delete batch? - _ = self.env.GetManagers().Session.Delete(sessionId, change.New().SetSource("posture.cache")) + _ = self.env.GetManagers().Session.Delete(sessionId, change.New().SetSource("posture.cache").SetChangeAuthorType("controller")) } } diff --git a/controller/model/posture_response_model.go b/controller/model/posture_response_model.go index ea0431d76..02e745ad4 100644 --- a/controller/model/posture_response_model.go +++ b/controller/model/posture_response_model.go @@ -153,7 +153,7 @@ func (pc *PostureCache) evaluate() { //delete sessions that failed pc checks, clear list for _, sessionId := range toDeleteSessionIds { - err := pc.env.GetManagers().Session.Delete(sessionId, change.New().SetSource("posture.cache")) + err := pc.env.GetManagers().Session.Delete(sessionId, change.New().SetSource("posture.cache").SetChangeAuthorType("controller")) if err != nil { log.WithError(err).Errorf("error removing session [%s] due to posture check failure, delete error: %v", sessionId, err) } diff --git a/controller/persistence/api_session_certificate_store.go b/controller/persistence/api_session_certificate_store.go index 1c5fa8ec9..61306748a 100644 --- a/controller/persistence/api_session_certificate_store.go +++ b/controller/persistence/api_session_certificate_store.go @@ -45,32 +45,6 @@ func (entity *ApiSessionCertificate) GetEntityType() string { return EntityTypeApiSessionCertificates } -type apiSessionCertificateEntityStrategy struct{} - -func (apiSessionCertificateEntityStrategy) NewEntity() *ApiSessionCertificate { - return &ApiSessionCertificate{} -} - -func (apiSessionCertificateEntityStrategy) FillEntity(entity *ApiSessionCertificate, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.ApiSessionId = bucket.GetStringOrError(FieldApiSessionCertificateApiSession) - entity.Subject = bucket.GetStringOrError(FieldApiSessionCertificateSubject) - entity.Fingerprint = bucket.GetStringOrError(FieldApiSessionCertificateFingerprint) - entity.ValidAfter = bucket.GetTime(FieldApiSessionCertificateValidAfter) - entity.ValidBefore = bucket.GetTime(FieldApiSessionCertificateValidBefore) - entity.PEM = bucket.GetStringOrError(FieldApiSessionCertificatePem) -} - -func (apiSessionCertificateEntityStrategy) PersistEntity(entity *ApiSessionCertificate, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldApiSessionCertificateApiSession, entity.ApiSessionId) - ctx.SetString(FieldApiSessionCertificateSubject, entity.Subject) - ctx.SetString(FieldApiSessionCertificateFingerprint, entity.Fingerprint) - ctx.SetTimeP(FieldApiSessionCertificateValidAfter, entity.ValidAfter) - ctx.SetTimeP(FieldApiSessionCertificateValidBefore, entity.ValidBefore) - ctx.SetString(FieldApiSessionCertificatePem, entity.PEM) -} - var _ ApiSessionCertificateStore = (*ApiSessionCertificateStoreImpl)(nil) type ApiSessionCertificateStore interface { @@ -78,9 +52,8 @@ type ApiSessionCertificateStore interface { } func newApiSessionCertificateStore(stores *stores) *ApiSessionCertificateStoreImpl { - store := &ApiSessionCertificateStoreImpl{ - baseStore: newBaseStore[*ApiSessionCertificate](stores, apiSessionCertificateEntityStrategy{}), - } + store := &ApiSessionCertificateStoreImpl{} + store.baseStore = newBaseStore[*ApiSessionCertificate](stores, store) store.InitImpl(store) return store } @@ -102,3 +75,27 @@ func (store *ApiSessionCertificateStoreImpl) initializeLocal() { func (store *ApiSessionCertificateStoreImpl) initializeLinked() { } + +func (store *ApiSessionCertificateStoreImpl) NewEntity() *ApiSessionCertificate { + return &ApiSessionCertificate{} +} + +func (store *ApiSessionCertificateStoreImpl) FillEntity(entity *ApiSessionCertificate, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.ApiSessionId = bucket.GetStringOrError(FieldApiSessionCertificateApiSession) + entity.Subject = bucket.GetStringOrError(FieldApiSessionCertificateSubject) + entity.Fingerprint = bucket.GetStringOrError(FieldApiSessionCertificateFingerprint) + entity.ValidAfter = bucket.GetTime(FieldApiSessionCertificateValidAfter) + entity.ValidBefore = bucket.GetTime(FieldApiSessionCertificateValidBefore) + entity.PEM = bucket.GetStringOrError(FieldApiSessionCertificatePem) +} + +func (store *ApiSessionCertificateStoreImpl) PersistEntity(entity *ApiSessionCertificate, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldApiSessionCertificateApiSession, entity.ApiSessionId) + ctx.SetString(FieldApiSessionCertificateSubject, entity.Subject) + ctx.SetString(FieldApiSessionCertificateFingerprint, entity.Fingerprint) + ctx.SetTimeP(FieldApiSessionCertificateValidAfter, entity.ValidAfter) + ctx.SetTimeP(FieldApiSessionCertificateValidBefore, entity.ValidBefore) + ctx.SetString(FieldApiSessionCertificatePem, entity.PEM) +} diff --git a/controller/persistence/api_session_store.go b/controller/persistence/api_session_store.go index 8195fa3fc..850e4100c 100644 --- a/controller/persistence/api_session_store.go +++ b/controller/persistence/api_session_store.go @@ -68,13 +68,39 @@ func (entity *ApiSession) GetEntityType() string { return EntityTypeApiSessions } -type apiSessionEntityStrategy struct{} +var _ ApiSessionStore = (*apiSessionStoreImpl)(nil) + +type ApiSessionStore interface { + Store[*ApiSession] + LoadOneByToken(tx *bbolt.Tx, token string) (*ApiSession, error) + GetTokenIndex() boltz.ReadIndex + GetCachedSessionId(tx *bbolt.Tx, apiSessionId, sessionType, serviceId string) *string + GetEventsEmitter() events.EventEmmiter +} -func (apiSessionEntityStrategy) NewEntity() *ApiSession { +func newApiSessionStore(stores *stores) *apiSessionStoreImpl { + store := &apiSessionStoreImpl{ + eventsEmitter: events.New(), + } + store.baseStore = newBaseStore[*ApiSession](stores, store) + stores.EventualEventer.AddEventualListener(EventualEventApiSessionDelete, store.onEventualDelete) + store.InitImpl(store) + return store +} + +type apiSessionStoreImpl struct { + *baseStore[*ApiSession] + + indexToken boltz.ReadIndex + symbolIdentity boltz.EntitySymbol + eventsEmitter events.EventEmmiter +} + +func (store *apiSessionStoreImpl) NewEntity() *ApiSession { return &ApiSession{} } -func (apiSessionEntityStrategy) FillEntity(entity *ApiSession, bucket *boltz.TypedBucket) { +func (store *apiSessionStoreImpl) FillEntity(entity *ApiSession, bucket *boltz.TypedBucket) { entity.LoadBaseValues(bucket) entity.IdentityId = bucket.GetStringOrError(FieldApiSessionIdentity) entity.Token = bucket.GetStringOrError(FieldApiSessionToken) @@ -90,7 +116,7 @@ func (apiSessionEntityStrategy) FillEntity(entity *ApiSession, bucket *boltz.Typ } } -func (apiSessionEntityStrategy) PersistEntity(entity *ApiSession, ctx *boltz.PersistContext) { +func (store *apiSessionStoreImpl) PersistEntity(entity *ApiSession, ctx *boltz.PersistContext) { entity.SetBaseValues(ctx) ctx.SetString(FieldApiSessionIdentity, entity.IdentityId) ctx.SetString(FieldApiSessionToken, entity.Token) @@ -102,35 +128,6 @@ func (apiSessionEntityStrategy) PersistEntity(entity *ApiSession, ctx *boltz.Per ctx.SetTimeP(FieldApiSessionLastActivityAt, &entity.LastActivityAt) } -var _ ApiSessionStore = (*apiSessionStoreImpl)(nil) - -type ApiSessionStore interface { - Store[*ApiSession] - LoadOneByToken(tx *bbolt.Tx, token string) (*ApiSession, error) - GetTokenIndex() boltz.ReadIndex - GetCachedSessionId(tx *bbolt.Tx, apiSessionId, sessionType, serviceId string) *string - GetEventsEmitter() events.EventEmmiter -} - -func newApiSessionStore(stores *stores) *apiSessionStoreImpl { - store := &apiSessionStoreImpl{ - baseStore: newBaseStore[*ApiSession](stores, apiSessionEntityStrategy{}), - eventsEmitter: events.New(), - } - - stores.EventualEventer.AddEventualListener(EventualEventApiSessionDelete, store.onEventualDelete) - store.InitImpl(store) - return store -} - -type apiSessionStoreImpl struct { - *baseStore[*ApiSession] - - indexToken boltz.ReadIndex - symbolIdentity boltz.EntitySymbol - eventsEmitter events.EventEmmiter -} - func (store *apiSessionStoreImpl) GetEventsEmitter() events.EventEmmiter { return store.eventsEmitter } @@ -154,7 +151,7 @@ func (store *apiSessionStoreImpl) onEventualDelete(name string, apiSessionId []b } for _, id := range idCollector.ids { - changeContext := change.New().SetSource("events.emitter").SetChangeAuthorId("events.emitter") + changeContext := change.New().SetSource("events.emitter").SetChangeAuthorType("controller") err = store.stores.DbProvider.GetDb().Update(changeContext.NewMutateContext(), func(ctx boltz.MutateContext) error { if err := store.stores.session.DeleteById(ctx, id); err != nil { if boltz.IsErrNotFoundErr(err) { @@ -174,7 +171,7 @@ func (store *apiSessionStoreImpl) onEventualDelete(name string, apiSessionId []b } } - changeContext := change.New().SetSource("events.emitter").SetChangeAuthorId("events.emitter") + changeContext := change.New().SetSource("events.emitter").SetChangeAuthorType("controller") err = store.stores.DbProvider.GetDb().Update(changeContext.NewMutateContext(), func(ctx boltz.MutateContext) error { if bucket := boltz.Path(ctx.Tx(), indexPath...); bucket != nil { if err := bucket.DeleteBucket(apiSessionId); err != nil { diff --git a/controller/persistence/auth_policy_store.go b/controller/persistence/auth_policy_store.go index e8760d286..9a34d24b9 100644 --- a/controller/persistence/auth_policy_store.go +++ b/controller/persistence/auth_policy_store.go @@ -94,13 +94,65 @@ func (entity *AuthPolicy) GetEntityType() string { return EntityTypeAuthPolicies } -type authPolicyEntityStrategy struct{} +var _ AuthPolicyStore = (*AuthPolicyStoreImpl)(nil) + +type AuthPolicyStore interface { + NameIndexed + Store[*AuthPolicy] +} + +func newAuthPolicyStore(stores *stores) *AuthPolicyStoreImpl { + store := &AuthPolicyStoreImpl{} + store.baseStore = newBaseStore[*AuthPolicy](stores, store) + store.InitImpl(store) + return store +} + +type AuthPolicyStoreImpl struct { + *baseStore[*AuthPolicy] + indexName boltz.ReadIndex + symbolPrimaryAllowedExtJwtSigners boltz.EntitySetSymbol + symbolSecondaryRequiredExtJwtSignerId boltz.EntitySymbol +} + +func (store *AuthPolicyStoreImpl) initializeLocal() { + store.AddExtEntitySymbols() + store.indexName = store.addUniqueNameField() + + store.AddSymbol(FieldAuthPolicyPrimaryCertAllowed, ast.NodeTypeBool) + store.AddSymbol(FieldAuthPolicyPrimaryCertAllowExpiredCerts, ast.NodeTypeBool) + + store.AddSymbol(FieldAuthPolicyPrimaryUpdbAllowed, ast.NodeTypeBool) + store.AddSymbol(FiledAuthPolicyPrimaryUpdbMinPasswordLength, ast.NodeTypeInt64) + store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireSpecialChar, ast.NodeTypeBool) + store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireNumberChar, ast.NodeTypeInt64) + store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireMixedCase, ast.NodeTypeBool) + store.AddSymbol(FieldAuthPolicyPrimaryUpdbMaxAttempts, ast.NodeTypeBool) + + store.AddSymbol(FieldAuthPolicyPrimaryExtJwtAllowed, ast.NodeTypeBool) + + store.AddSymbol(FieldAuthSecondaryPolicyRequireTotp, ast.NodeTypeBool) + store.AddSymbol(FieldAuthSecondaryPolicyRequiredExtJwtSigner, ast.NodeTypeString) + + store.symbolPrimaryAllowedExtJwtSigners = store.AddFkSetSymbol(FieldAuthPolicyPrimaryExtJwtAllowedSigners, store.stores.externalJwtSigner) -func (authPolicyEntityStrategy) NewEntity() *AuthPolicy { + store.symbolSecondaryRequiredExtJwtSignerId = store.AddFkSymbol(FieldAuthSecondaryPolicyRequiredExtJwtSigner, store.stores.externalJwtSigner) + store.AddFkConstraint(store.symbolSecondaryRequiredExtJwtSignerId, true, boltz.CascadeNone) +} + +func (store *AuthPolicyStoreImpl) initializeLinked() { + store.AddNullableFkIndex(store.symbolPrimaryAllowedExtJwtSigners, store.stores.externalJwtSigner.symbolAuthPolicies) +} + +func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex { + return store.indexName +} + +func (store *AuthPolicyStoreImpl) NewEntity() *AuthPolicy { return &AuthPolicy{} } -func (authPolicyEntityStrategy) FillEntity(entity *AuthPolicy, bucket *boltz.TypedBucket) { +func (store *AuthPolicyStoreImpl) FillEntity(entity *AuthPolicy, bucket *boltz.TypedBucket) { entity.LoadBaseValues(bucket) entity.Name = bucket.GetStringOrError(FieldName) @@ -122,7 +174,7 @@ func (authPolicyEntityStrategy) FillEntity(entity *AuthPolicy, bucket *boltz.Typ entity.Secondary.RequiredExtJwtSigner = bucket.GetString(FieldAuthSecondaryPolicyRequiredExtJwtSigner) } -func (authPolicyEntityStrategy) PersistEntity(entity *AuthPolicy, ctx *boltz.PersistContext) { +func (store *AuthPolicyStoreImpl) PersistEntity(entity *AuthPolicy, ctx *boltz.PersistContext) { entity.SetBaseValues(ctx) if entity.Primary.Updb.LockoutDurationMinutes < 0 { @@ -156,58 +208,3 @@ func (authPolicyEntityStrategy) PersistEntity(entity *AuthPolicy, ctx *boltz.Per ctx.SetBool(FieldAuthSecondaryPolicyRequireTotp, entity.Secondary.RequireTotp) ctx.SetStringP(FieldAuthSecondaryPolicyRequiredExtJwtSigner, entity.Secondary.RequiredExtJwtSigner) } - -var _ AuthPolicyStore = (*AuthPolicyStoreImpl)(nil) - -type AuthPolicyStore interface { - NameIndexed - Store[*AuthPolicy] -} - -func newAuthPolicyStore(stores *stores) *AuthPolicyStoreImpl { - store := &AuthPolicyStoreImpl{ - baseStore: newBaseStore[*AuthPolicy](stores, authPolicyEntityStrategy{}), - } - store.InitImpl(store) - return store -} - -type AuthPolicyStoreImpl struct { - *baseStore[*AuthPolicy] - indexName boltz.ReadIndex - symbolPrimaryAllowedExtJwtSigners boltz.EntitySetSymbol - symbolSecondaryRequiredExtJwtSignerId boltz.EntitySymbol -} - -func (store *AuthPolicyStoreImpl) initializeLocal() { - store.AddExtEntitySymbols() - store.indexName = store.addUniqueNameField() - - store.AddSymbol(FieldAuthPolicyPrimaryCertAllowed, ast.NodeTypeBool) - store.AddSymbol(FieldAuthPolicyPrimaryCertAllowExpiredCerts, ast.NodeTypeBool) - - store.AddSymbol(FieldAuthPolicyPrimaryUpdbAllowed, ast.NodeTypeBool) - store.AddSymbol(FiledAuthPolicyPrimaryUpdbMinPasswordLength, ast.NodeTypeInt64) - store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireSpecialChar, ast.NodeTypeBool) - store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireNumberChar, ast.NodeTypeInt64) - store.AddSymbol(FieldAuthPolicyPrimaryUpdbRequireMixedCase, ast.NodeTypeBool) - store.AddSymbol(FieldAuthPolicyPrimaryUpdbMaxAttempts, ast.NodeTypeBool) - - store.AddSymbol(FieldAuthPolicyPrimaryExtJwtAllowed, ast.NodeTypeBool) - - store.AddSymbol(FieldAuthSecondaryPolicyRequireTotp, ast.NodeTypeBool) - store.AddSymbol(FieldAuthSecondaryPolicyRequiredExtJwtSigner, ast.NodeTypeString) - - store.symbolPrimaryAllowedExtJwtSigners = store.AddFkSetSymbol(FieldAuthPolicyPrimaryExtJwtAllowedSigners, store.stores.externalJwtSigner) - - store.symbolSecondaryRequiredExtJwtSignerId = store.AddFkSymbol(FieldAuthSecondaryPolicyRequiredExtJwtSigner, store.stores.externalJwtSigner) - store.AddFkConstraint(store.symbolSecondaryRequiredExtJwtSignerId, true, boltz.CascadeNone) -} - -func (store *AuthPolicyStoreImpl) initializeLinked() { - store.AddNullableFkIndex(store.symbolPrimaryAllowedExtJwtSigners, store.stores.externalJwtSigner.symbolAuthPolicies) -} - -func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex { - return store.indexName -} diff --git a/controller/persistence/ca_store.go b/controller/persistence/ca_store.go index 5b459ad7f..d4aa3d28c 100644 --- a/controller/persistence/ca_store.go +++ b/controller/persistence/ca_store.go @@ -86,13 +86,46 @@ func (entity *Ca) GetEntityType() string { return EntityTypeCas } -type caEntityStrategy struct{} +var _ CaStore = (*caStoreImpl)(nil) + +type CaStore interface { + Store[*Ca] +} -func (caEntityStrategy) NewEntity() *Ca { +func newCaStore(stores *stores) *caStoreImpl { + store := &caStoreImpl{} + store.baseStore = newBaseStore[*Ca](stores, store) + store.InitImpl(store) + return store +} + +type caStoreImpl struct { + *baseStore[*Ca] + indexName boltz.ReadIndex + symbolEnrollments boltz.EntitySetSymbol +} + +func (store *caStoreImpl) initializeLocal() { + store.AddExtEntitySymbols() + store.indexName = store.addUniqueNameField() + store.AddSymbol(FieldCaFingerprint, ast.NodeTypeString) + store.AddSymbol(FieldCaIsVerified, ast.NodeTypeBool) + store.AddSymbol(FieldCaVerificationToken, ast.NodeTypeString) + store.AddSymbol(FieldCaIsAutoCaEnrollmentEnabled, ast.NodeTypeBool) + store.AddSymbol(FieldCaIsOttCaEnrollmentEnabled, ast.NodeTypeBool) + store.AddSymbol(FieldCaIsAuthEnabled, ast.NodeTypeBool) + store.AddSetSymbol(FieldIdentityRoles, ast.NodeTypeString) + store.symbolEnrollments = store.AddFkSetSymbol(FieldCaEnrollments, store.stores.enrollment) + +} + +func (store *caStoreImpl) initializeLinked() {} + +func (store *caStoreImpl) NewEntity() *Ca { return &Ca{} } -func (c caEntityStrategy) FillEntity(entity *Ca, bucket *boltz.TypedBucket) { +func (store *caStoreImpl) FillEntity(entity *Ca, bucket *boltz.TypedBucket) { entity.LoadBaseValues(bucket) entity.Name = bucket.GetStringOrError(FieldName) entity.Fingerprint = bucket.GetStringOrError(FieldCaFingerprint) @@ -116,7 +149,7 @@ func (c caEntityStrategy) FillEntity(entity *Ca, bucket *boltz.TypedBucket) { } } -func (c caEntityStrategy) PersistEntity(entity *Ca, ctx *boltz.PersistContext) { +func (store *caStoreImpl) PersistEntity(entity *Ca, ctx *boltz.PersistContext) { entity.SetBaseValues(ctx) ctx.SetString(FieldName, entity.Name) ctx.SetString(FieldCaFingerprint, entity.Fingerprint) @@ -142,43 +175,6 @@ func (c caEntityStrategy) PersistEntity(entity *Ca, ctx *boltz.PersistContext) { } } -var _ CaStore = (*caStoreImpl)(nil) - -type CaStore interface { - Store[*Ca] -} - -func newCaStore(stores *stores) *caStoreImpl { - store := &caStoreImpl{ - baseStore: newBaseStore[*Ca](stores, caEntityStrategy{}), - } - store.InitImpl(store) - return store -} - -type caStoreImpl struct { - *baseStore[*Ca] - indexName boltz.ReadIndex - symbolEnrollments boltz.EntitySetSymbol -} - -func (store *caStoreImpl) initializeLocal() { - store.AddExtEntitySymbols() - store.indexName = store.addUniqueNameField() - store.AddSymbol(FieldCaFingerprint, ast.NodeTypeString) - store.AddSymbol(FieldCaIsVerified, ast.NodeTypeBool) - store.AddSymbol(FieldCaVerificationToken, ast.NodeTypeString) - store.AddSymbol(FieldCaIsAutoCaEnrollmentEnabled, ast.NodeTypeBool) - store.AddSymbol(FieldCaIsOttCaEnrollmentEnabled, ast.NodeTypeBool) - store.AddSymbol(FieldCaIsAuthEnabled, ast.NodeTypeBool) - store.AddSetSymbol(FieldIdentityRoles, ast.NodeTypeString) - store.symbolEnrollments = store.AddFkSetSymbol(FieldCaEnrollments, store.stores.enrollment) - -} - -func (store *caStoreImpl) initializeLinked() { -} - func (store *caStoreImpl) DeleteById(ctx boltz.MutateContext, id string) error { for _, enrollmentId := range store.GetRelatedEntitiesIdList(ctx.Tx(), id, FieldCaEnrollments) { if err := store.stores.enrollment.DeleteById(ctx, enrollmentId); err != nil { diff --git a/controller/persistence/config_store.go b/controller/persistence/config_store.go index 8fe5d1e47..daaf66174 100644 --- a/controller/persistence/config_store.go +++ b/controller/persistence/config_store.go @@ -55,30 +55,6 @@ func (entity *Config) GetEntityType() string { return EntityTypeConfigs } -type configEntityStrategy struct{} - -func (configEntityStrategy) NewEntity() *Config { - return &Config{} -} - -func (configEntityStrategy) FillEntity(entity *Config, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.Name = bucket.GetStringOrError(FieldName) - entity.Type = bucket.GetStringOrError(FieldConfigType) - entity.Data = bucket.GetMap(FieldConfigData) -} - -func (configEntityStrategy) PersistEntity(entity *Config, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldName, entity.Name) - ctx.SetString(FieldConfigType, entity.Type) - ctx.SetMap(FieldConfigData, entity.Data) - - if ctx.ProceedWithSet(FieldConfigData) && entity.Data == nil { - ctx.Bucket.SetError(errorz.NewFieldError("data is required", "data", nil)) - } -} - var _ ConfigStore = (*configStoreImpl)(nil) type ConfigStore interface { @@ -87,9 +63,8 @@ type ConfigStore interface { } func newConfigsStore(stores *stores) *configStoreImpl { - store := &configStoreImpl{ - baseStore: newBaseStore[*Config](stores, configEntityStrategy{}), - } + store := &configStoreImpl{} + store.baseStore = newBaseStore[*Config](stores, store) store.InitImpl(store) return store } @@ -123,6 +98,28 @@ func (store *configStoreImpl) initializeLinked() { store.AddLinkCollection(store.symbolServices, store.stores.edgeService.symbolConfigs) } +func (store *configStoreImpl) NewEntity() *Config { + return &Config{} +} + +func (store *configStoreImpl) FillEntity(entity *Config, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.Name = bucket.GetStringOrError(FieldName) + entity.Type = bucket.GetStringOrError(FieldConfigType) + entity.Data = bucket.GetMap(FieldConfigData) +} + +func (store *configStoreImpl) PersistEntity(entity *Config, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldName, entity.Name) + ctx.SetString(FieldConfigType, entity.Type) + ctx.SetMap(FieldConfigData, entity.Data) + + if ctx.ProceedWithSet(FieldConfigData) && entity.Data == nil { + ctx.Bucket.SetError(errorz.NewFieldError("data is required", "data", nil)) + } +} + func (store *configStoreImpl) Update(ctx boltz.MutateContext, entity *Config, checker boltz.FieldChecker) error { if err := store.createServiceChangeEvents(ctx.Tx(), entity.GetId()); err != nil { return err diff --git a/controller/persistence/config_type_store.go b/controller/persistence/config_type_store.go index 5b7b32faa..a6412c3dc 100644 --- a/controller/persistence/config_type_store.go +++ b/controller/persistence/config_type_store.go @@ -19,7 +19,6 @@ package persistence import ( "encoding/json" "github.com/openziti/edge/eid" - "github.com/openziti/fabric/controller/db" "github.com/openziti/storage/ast" "github.com/openziti/storage/boltz" "github.com/pkg/errors" @@ -51,38 +50,6 @@ func (entity *ConfigType) GetEntityType() string { return EntityTypeConfigTypes } -type configTypeEntityStrategy struct{} - -func (configTypeEntityStrategy) NewEntity() *ConfigType { - return &ConfigType{} -} - -func (configTypeEntityStrategy) FillEntity(entity *ConfigType, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.Name = bucket.GetStringOrError(FieldName) - marshalledSchema := bucket.GetString(FieldConfigTypeSchema) - if marshalledSchema != nil { - entity.Schema = map[string]interface{}{} - bucket.SetError(json.Unmarshal([]byte(*marshalledSchema), &entity.Schema)) - } -} - -func (configTypeEntityStrategy) PersistEntity(entity *ConfigType, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldName, entity.Name) - - if len(entity.Schema) > 0 { - marshalled, err := json.Marshal(entity.Schema) - if err != nil { - ctx.Bucket.SetError(err) - return - } - ctx.SetString(FieldConfigTypeSchema, string(marshalled)) - } else { - ctx.SetStringP(FieldConfigTypeSchema, nil) - } -} - var _ ConfigTypeStore = (*configTypeStoreImpl)(nil) type ConfigTypeStore interface { @@ -93,12 +60,8 @@ type ConfigTypeStore interface { } func newConfigTypesStore(stores *stores) *configTypeStoreImpl { - store := &configTypeStoreImpl{ - baseStore: &baseStore[*ConfigType]{ - stores: stores, - BaseStore: boltz.NewBaseStore(db.NewStoreDefinition[*ConfigType](configTypeEntityStrategy{})), - }, - } + store := &configTypeStoreImpl{} + store.baseStore = newBaseStore[*ConfigType](stores, store) store.InitImpl(store) return store } @@ -124,6 +87,36 @@ func (store *configTypeStoreImpl) initializeLocal() { func (store *configTypeStoreImpl) initializeLinked() { } +func (store *configTypeStoreImpl) NewEntity() *ConfigType { + return &ConfigType{} +} + +func (store *configTypeStoreImpl) FillEntity(entity *ConfigType, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.Name = bucket.GetStringOrError(FieldName) + marshalledSchema := bucket.GetString(FieldConfigTypeSchema) + if marshalledSchema != nil { + entity.Schema = map[string]interface{}{} + bucket.SetError(json.Unmarshal([]byte(*marshalledSchema), &entity.Schema)) + } +} + +func (store *configTypeStoreImpl) PersistEntity(entity *ConfigType, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldName, entity.Name) + + if len(entity.Schema) > 0 { + marshalled, err := json.Marshal(entity.Schema) + if err != nil { + ctx.Bucket.SetError(err) + return + } + ctx.SetString(FieldConfigTypeSchema, string(marshalled)) + } else { + ctx.SetStringP(FieldConfigTypeSchema, nil) + } +} + func (store *configTypeStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*ConfigType, error) { id := store.indexName.Read(tx, []byte(name)) if id != nil { diff --git a/controller/persistence/edge_router_policy_store.go b/controller/persistence/edge_router_policy_store.go index 75f74cb27..28398d405 100644 --- a/controller/persistence/edge_router_policy_store.go +++ b/controller/persistence/edge_router_policy_store.go @@ -8,7 +8,6 @@ import ( "github.com/openziti/foundation/v2/stringz" "github.com/openziti/storage/ast" "github.com/openziti/storage/boltz" - "go.etcd.io/bbolt" "sort" ) @@ -40,66 +39,16 @@ func (entity *EdgeRouterPolicy) GetEntityType() string { return EntityTypeEdgeRouterPolicies } -type edgeRouterPolicyEntityStrategy struct{} - -func (edgeRouterPolicyEntityStrategy) NewEntity() *EdgeRouterPolicy { - return &EdgeRouterPolicy{} -} - -func (edgeRouterPolicyEntityStrategy) FillEntity(entity *EdgeRouterPolicy, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.Name = bucket.GetStringOrError(FieldName) - entity.Semantic = bucket.GetStringWithDefault(FieldSemantic, SemanticAllOf) - entity.IdentityRoles = bucket.GetStringList(FieldIdentityRoles) - entity.EdgeRouterRoles = bucket.GetStringList(FieldEdgeRouterRoles) -} - -func (edgeRouterPolicyEntityStrategy) PersistEntity(entity *EdgeRouterPolicy, ctx *boltz.PersistContext) { - if err := validateRolesAndIds(FieldIdentityRoles, entity.IdentityRoles); err != nil { - ctx.Bucket.SetError(err) - } - - if err := validateRolesAndIds(FieldEdgeRouterRoles, entity.EdgeRouterRoles); err != nil { - ctx.Bucket.SetError(err) - } - - entity.SetBaseValues(ctx) - ctx.SetRequiredString(FieldName, entity.Name) - if ctx.ProceedWithSet(FieldSemantic) { - if !isSemanticValid(entity.Semantic) { - ctx.Bucket.SetError(errorz.NewFieldError("invalid semantic", FieldSemantic, entity.Semantic)) - return - } - ctx.SetRequiredString(FieldSemantic, entity.Semantic) - } - - edgeRouterPolicyStore := ctx.Store.(*edgeRouterPolicyStoreImpl) - - sort.Strings(entity.EdgeRouterRoles) - sort.Strings(entity.IdentityRoles) - - oldIdentityRoles, valueSet := ctx.GetAndSetStringList(FieldIdentityRoles, entity.IdentityRoles) - if valueSet && !stringz.EqualSlices(oldIdentityRoles, entity.IdentityRoles) { - edgeRouterPolicyStore.identityRolesUpdated(ctx, entity) - } - oldEdgeRouterRoles, valueSet := ctx.GetAndSetStringList(FieldEdgeRouterRoles, entity.EdgeRouterRoles) - if valueSet && !stringz.EqualSlices(oldEdgeRouterRoles, entity.EdgeRouterRoles) { - edgeRouterPolicyStore.edgeRouterRolesUpdated(ctx, entity) - } -} - var _ EdgeRouterPolicyStore = (*edgeRouterPolicyStoreImpl)(nil) type EdgeRouterPolicyStore interface { NameIndexed Store[*EdgeRouterPolicy] - LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error) } func newEdgeRouterPolicyStore(stores *stores) *edgeRouterPolicyStoreImpl { - store := &edgeRouterPolicyStoreImpl{ - baseStore: newBaseStore[*EdgeRouterPolicy](stores, edgeRouterPolicyEntityStrategy{}), - } + store := &edgeRouterPolicyStoreImpl{} + store.baseStore = newBaseStore[*EdgeRouterPolicy](stores, store) store.InitImpl(store) return store } @@ -140,12 +89,48 @@ func (store *edgeRouterPolicyStoreImpl) initializeLinked() { store.identityCollection = store.AddLinkCollection(store.symbolIdentities, store.stores.identity.symbolEdgeRouterPolicies) } -func (store *edgeRouterPolicyStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error) { - entity := &EdgeRouterPolicy{} - if err := store.baseLoadOneById(tx, id, entity); err != nil { - return nil, err +func (store *edgeRouterPolicyStoreImpl) NewEntity() *EdgeRouterPolicy { + return &EdgeRouterPolicy{} +} + +func (store *edgeRouterPolicyStoreImpl) FillEntity(entity *EdgeRouterPolicy, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.Name = bucket.GetStringOrError(FieldName) + entity.Semantic = bucket.GetStringWithDefault(FieldSemantic, SemanticAllOf) + entity.IdentityRoles = bucket.GetStringList(FieldIdentityRoles) + entity.EdgeRouterRoles = bucket.GetStringList(FieldEdgeRouterRoles) +} + +func (store *edgeRouterPolicyStoreImpl) PersistEntity(entity *EdgeRouterPolicy, ctx *boltz.PersistContext) { + if err := validateRolesAndIds(FieldIdentityRoles, entity.IdentityRoles); err != nil { + ctx.Bucket.SetError(err) + } + + if err := validateRolesAndIds(FieldEdgeRouterRoles, entity.EdgeRouterRoles); err != nil { + ctx.Bucket.SetError(err) + } + + entity.SetBaseValues(ctx) + ctx.SetRequiredString(FieldName, entity.Name) + if ctx.ProceedWithSet(FieldSemantic) { + if !isSemanticValid(entity.Semantic) { + ctx.Bucket.SetError(errorz.NewFieldError("invalid semantic", FieldSemantic, entity.Semantic)) + return + } + ctx.SetRequiredString(FieldSemantic, entity.Semantic) + } + + sort.Strings(entity.EdgeRouterRoles) + sort.Strings(entity.IdentityRoles) + + oldIdentityRoles, valueSet := ctx.GetAndSetStringList(FieldIdentityRoles, entity.IdentityRoles) + if valueSet && !stringz.EqualSlices(oldIdentityRoles, entity.IdentityRoles) { + store.identityRolesUpdated(ctx, entity) + } + oldEdgeRouterRoles, valueSet := ctx.GetAndSetStringList(FieldEdgeRouterRoles, entity.EdgeRouterRoles) + if valueSet && !stringz.EqualSlices(oldEdgeRouterRoles, entity.EdgeRouterRoles) { + store.edgeRouterRolesUpdated(ctx, entity) } - return entity, nil } /* diff --git a/controller/persistence/edge_router_store.go b/controller/persistence/edge_router_store.go index 0eb0970b2..c7a26ab21 100644 --- a/controller/persistence/edge_router_store.go +++ b/controller/persistence/edge_router_store.go @@ -237,6 +237,7 @@ func (store *edgeRouterStoreImpl) cleanupEdgeRouter(ctx boltz.MutateContext, id if err := store.deleteEntityReferences(ctx.Tx(), entity, store.stores.edgeRouterPolicy.symbolEdgeRouterRoles); err != nil { return err } + // Remove entity from EdgeRouterRoles in service edge router policies if err := store.deleteEntityReferences(ctx.Tx(), entity, store.stores.serviceEdgeRouterPolicy.symbolEdgeRouterRoles); err != nil { return err diff --git a/controller/persistence/enrollment_store.go b/controller/persistence/enrollment_store.go index a418bed4d..42c1fcab9 100644 --- a/controller/persistence/enrollment_store.go +++ b/controller/persistence/enrollment_store.go @@ -65,40 +65,6 @@ var enrollmentFieldMappings = map[string]string{ FieldEnrollTransitRouter: "transitRouterId", } -type enrollmentEntityStrategy struct{} - -func (enrollmentEntityStrategy) NewEntity() *Enrollment { - return &Enrollment{} -} - -func (enrollmentEntityStrategy) FillEntity(entity *Enrollment, bucket *boltz.TypedBucket) { - entity.Token = bucket.GetStringWithDefault(FieldEnrollmentToken, "") - entity.Method = bucket.GetStringWithDefault(FieldEnrollmentMethod, "") - entity.IdentityId = bucket.GetString(FieldEnrollIdentity) - entity.EdgeRouterId = bucket.GetString(FieldEnrollEdgeRouter) - entity.TransitRouterId = bucket.GetString(FieldEnrollTransitRouter) - entity.ExpiresAt = bucket.GetTime(FieldEnrollmentExpiresAt) - entity.IssuedAt = bucket.GetTime(FieldEnrollmentIssuedAt) - entity.CaId = bucket.GetString(FieldEnrollmentCaId) - entity.Username = bucket.GetString(FieldEnrollmentUsername) - entity.Jwt = bucket.GetStringOrError(FieldEnrollmentJwt) -} - -func (enrollmentEntityStrategy) PersistEntity(entity *Enrollment, ctx *boltz.PersistContext) { - ctx.WithFieldOverrides(enrollmentFieldMappings) - - ctx.SetString(FieldEnrollmentToken, entity.Token) - ctx.SetString(FieldEnrollmentMethod, entity.Method) - ctx.SetTimeP(FieldEnrollmentExpiresAt, entity.ExpiresAt) - ctx.SetStringP(FieldEnrollIdentity, entity.IdentityId) - ctx.SetStringP(FieldEnrollEdgeRouter, entity.EdgeRouterId) - ctx.SetStringP(FieldEnrollTransitRouter, entity.TransitRouterId) - ctx.SetStringP(FieldEnrollmentCaId, entity.CaId) - ctx.SetStringP(FieldEnrollmentUsername, entity.Username) - ctx.SetTimeP(FieldEnrollmentIssuedAt, entity.IssuedAt) - ctx.SetString(FieldEnrollmentJwt, entity.Jwt) -} - var _ EnrollmentStore = (*enrollmentStoreImpl)(nil) type EnrollmentStore interface { @@ -107,9 +73,8 @@ type EnrollmentStore interface { } func newEnrollmentStore(stores *stores) *enrollmentStoreImpl { - store := &enrollmentStoreImpl{ - baseStore: newBaseStore[*Enrollment](stores, enrollmentEntityStrategy{}), - } + store := &enrollmentStoreImpl{} + store.baseStore = newBaseStore[*Enrollment](stores, store) store.InitImpl(store) return store @@ -142,6 +107,38 @@ func (store *enrollmentStoreImpl) initializeLinked() { store.AddNullableFkIndex(store.symbolCa, store.stores.ca.symbolEnrollments) } +func (store *enrollmentStoreImpl) NewEntity() *Enrollment { + return &Enrollment{} +} + +func (store *enrollmentStoreImpl) FillEntity(entity *Enrollment, bucket *boltz.TypedBucket) { + entity.Token = bucket.GetStringWithDefault(FieldEnrollmentToken, "") + entity.Method = bucket.GetStringWithDefault(FieldEnrollmentMethod, "") + entity.IdentityId = bucket.GetString(FieldEnrollIdentity) + entity.EdgeRouterId = bucket.GetString(FieldEnrollEdgeRouter) + entity.TransitRouterId = bucket.GetString(FieldEnrollTransitRouter) + entity.ExpiresAt = bucket.GetTime(FieldEnrollmentExpiresAt) + entity.IssuedAt = bucket.GetTime(FieldEnrollmentIssuedAt) + entity.CaId = bucket.GetString(FieldEnrollmentCaId) + entity.Username = bucket.GetString(FieldEnrollmentUsername) + entity.Jwt = bucket.GetStringOrError(FieldEnrollmentJwt) +} + +func (store *enrollmentStoreImpl) PersistEntity(entity *Enrollment, ctx *boltz.PersistContext) { + ctx.WithFieldOverrides(enrollmentFieldMappings) + + ctx.SetString(FieldEnrollmentToken, entity.Token) + ctx.SetString(FieldEnrollmentMethod, entity.Method) + ctx.SetTimeP(FieldEnrollmentExpiresAt, entity.ExpiresAt) + ctx.SetStringP(FieldEnrollIdentity, entity.IdentityId) + ctx.SetStringP(FieldEnrollEdgeRouter, entity.EdgeRouterId) + ctx.SetStringP(FieldEnrollTransitRouter, entity.TransitRouterId) + ctx.SetStringP(FieldEnrollmentCaId, entity.CaId) + ctx.SetStringP(FieldEnrollmentUsername, entity.Username) + ctx.SetTimeP(FieldEnrollmentIssuedAt, entity.IssuedAt) + ctx.SetString(FieldEnrollmentJwt, entity.Jwt) +} + func (store *enrollmentStoreImpl) LoadOneByToken(tx *bbolt.Tx, token string) (*Enrollment, error) { id := store.tokenIndex.Read(tx, []byte(token)) if id != nil { diff --git a/controller/persistence/eventual_event_store.go b/controller/persistence/eventual_event_store.go index 32e3dec00..23324881b 100644 --- a/controller/persistence/eventual_event_store.go +++ b/controller/persistence/eventual_event_store.go @@ -36,24 +36,6 @@ func (entity *EventualEvent) GetEntityType() string { return EntityTypeEventualEvents } -type eventualEventEntityStrategy struct{} - -func (eventualEventEntityStrategy) NewEntity() *EventualEvent { - return &EventualEvent{} -} - -func (eventualEventEntityStrategy) FillEntity(entity *EventualEvent, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.Type = bucket.GetStringOrError(FieldEventualEventType) - entity.Data = bucket.Get([]byte(FieldEventualEventData)) -} - -func (eventualEventEntityStrategy) PersistEntity(entity *EventualEvent, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldEventualEventType, entity.Type) - ctx.Bucket.SetError(ctx.Bucket.Put([]byte(FieldEventualEventData), entity.Data)) -} - var _ EventualEventStore = (*eventualEventStoreImpl)(nil) type EventualEventStore interface { @@ -61,9 +43,8 @@ type EventualEventStore interface { } func newEventualEventStore(stores *stores) *eventualEventStoreImpl { - store := &eventualEventStoreImpl{ - baseStore: newBaseStore[*EventualEvent](stores, eventualEventEntityStrategy{}), - } + store := &eventualEventStoreImpl{} + store.baseStore = newBaseStore[*EventualEvent](stores, store) store.InitImpl(store) return store } @@ -77,5 +58,20 @@ func (store *eventualEventStoreImpl) initializeLocal() { store.AddSymbol(FieldEventualEventData, ast.NodeTypeOther) } -func (store *eventualEventStoreImpl) initializeLinked() { +func (store *eventualEventStoreImpl) initializeLinked() {} + +func (store *eventualEventStoreImpl) NewEntity() *EventualEvent { + return &EventualEvent{} +} + +func (store *eventualEventStoreImpl) FillEntity(entity *EventualEvent, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.Type = bucket.GetStringOrError(FieldEventualEventType) + entity.Data = bucket.Get([]byte(FieldEventualEventData)) +} + +func (store *eventualEventStoreImpl) PersistEntity(entity *EventualEvent, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldEventualEventType, entity.Type) + ctx.Bucket.SetError(ctx.Bucket.Put([]byte(FieldEventualEventData), entity.Data)) } diff --git a/controller/persistence/eventual_eventer.go b/controller/persistence/eventual_eventer.go index 8a7b1cbb3..885f8785b 100644 --- a/controller/persistence/eventual_eventer.go +++ b/controller/persistence/eventual_eventer.go @@ -348,7 +348,7 @@ func (a *EventualEventerBbolt) AddEventualEventWithCtx(ctx boltz.MutateContext, var err error if ctx == nil { - ctx = change.New().SetSource("eventual.eventer").NewMutateContext() + ctx = change.New().SetSource("eventual.eventer").SetChangeAuthorType("controller").NewMutateContext() err = a.dbProvider.GetDb().Update(ctx, func(ctx boltz.MutateContext) error { return a.store.Create(ctx, event) }) @@ -438,7 +438,7 @@ func (a *EventualEventerBbolt) Trigger() (<-chan struct{}, error) { // deleteEventualEvent removes an eventual event by id from the bbolt backend store. func (a *EventualEventerBbolt) deleteEventualEvent(id string) error { - ctx := change.New().SetSource("eventual.eventer").NewMutateContext() + ctx := change.New().SetSource("eventual.eventer").SetChangeAuthorType("controller").NewMutateContext() err := a.dbProvider.GetDb().Update(ctx, func(ctx boltz.MutateContext) error { return a.store.DeleteById(ctx, id) }) diff --git a/controller/persistence/external_jwt_signer_store.go b/controller/persistence/external_jwt_signer_store.go index 2e4056e43..b507fbe15 100644 --- a/controller/persistence/external_jwt_signer_store.go +++ b/controller/persistence/external_jwt_signer_store.go @@ -71,13 +71,64 @@ func (entity *ExternalJwtSigner) GetEntityType() string { return EntityTypeExternalJwtSigners } -type externalJwtSignerEntityStrategy struct{} +var _ ExternalJwtSignerStore = (*externalJwtSignerStoreImpl)(nil) + +type ExternalJwtSignerStore interface { + Store[*ExternalJwtSigner] +} + +func newExternalJwtSignerStore(stores *stores) *externalJwtSignerStoreImpl { + store := &externalJwtSignerStoreImpl{} + store.baseStore = newBaseStore[*ExternalJwtSigner](stores, store) + store.InitImpl(store) + return store +} + +type externalJwtSignerStoreImpl struct { + *baseStore[*ExternalJwtSigner] + indexName boltz.ReadIndex + symbolFingerprint boltz.EntitySymbol + symbolAuthPolicies boltz.EntitySetSymbol + fingerprintIndex boltz.ReadIndex + symbolKid boltz.EntitySymbol + kidIndex boltz.ReadIndex + symbolIssuer boltz.EntitySymbol + issuerIndex boltz.ReadIndex +} + +func (store *externalJwtSignerStoreImpl) initializeLocal() { + store.AddExtEntitySymbols() + store.indexName = store.addUniqueNameField() -func (externalJwtSignerEntityStrategy) NewEntity() *ExternalJwtSigner { + store.symbolFingerprint = store.AddSymbol(FieldExternalJwtSignerFingerprint, ast.NodeTypeString) + store.fingerprintIndex = store.AddNullableUniqueIndex(store.symbolFingerprint) + + store.symbolKid = store.AddSymbol(FieldExternalJwtSignerKid, ast.NodeTypeString) + store.kidIndex = store.AddNullableUniqueIndex(store.symbolKid) + + store.symbolIssuer = store.AddSymbol(FieldExternalJwtSignerIssuer, ast.NodeTypeString) + store.issuerIndex = store.AddUniqueIndex(store.symbolIssuer) + + store.AddSymbol(FieldExternalJwtSignerCertPem, ast.NodeTypeString) + store.AddSymbol(FieldExternalJwtSignerCommonName, ast.NodeTypeString) + store.AddSymbol(FieldExternalJwtSignerNotAfter, ast.NodeTypeDatetime) + store.AddSymbol(FieldExternalJwtSignerNotBefore, ast.NodeTypeDatetime) + store.AddSymbol(FieldExternalJwtSignerEnabled, ast.NodeTypeBool) + store.AddSymbol(FieldExternalJwtSignerClaimsProperty, ast.NodeTypeString) + store.AddSymbol(FieldExternalJwtSignerUseExternalId, ast.NodeTypeBool) + store.AddSymbol(FieldExternalJwtSignerAudience, ast.NodeTypeString) + + store.symbolAuthPolicies = store.AddFkSetSymbol(FieldExternalJwtSignerAuthPolicies, store.stores.authPolicy) +} + +func (store *externalJwtSignerStoreImpl) initializeLinked() { +} + +func (store *externalJwtSignerStoreImpl) NewEntity() *ExternalJwtSigner { return &ExternalJwtSigner{} } -func (externalJwtSignerEntityStrategy) FillEntity(entity *ExternalJwtSigner, bucket *boltz.TypedBucket) { +func (store *externalJwtSignerStoreImpl) FillEntity(entity *ExternalJwtSigner, bucket *boltz.TypedBucket) { entity.LoadBaseValues(bucket) entity.Name = bucket.GetStringWithDefault(FieldName, "") entity.CertPem = bucket.GetString(FieldExternalJwtSignerCertPem) @@ -95,7 +146,7 @@ func (externalJwtSignerEntityStrategy) FillEntity(entity *ExternalJwtSigner, buc entity.Audience = bucket.GetString(FieldExternalJwtSignerAudience) } -func (externalJwtSignerEntityStrategy) PersistEntity(entity *ExternalJwtSigner, ctx *boltz.PersistContext) { +func (store *externalJwtSignerStoreImpl) PersistEntity(entity *ExternalJwtSigner, ctx *boltz.PersistContext) { entity.SetBaseValues(ctx) ctx.SetString(FieldName, entity.Name) ctx.SetStringP(FieldExternalJwtSignerCertPem, entity.CertPem) @@ -142,60 +193,6 @@ func (externalJwtSignerEntityStrategy) PersistEntity(entity *ExternalJwtSigner, } } -var _ ExternalJwtSignerStore = (*externalJwtSignerStoreImpl)(nil) - -type ExternalJwtSignerStore interface { - Store[*ExternalJwtSigner] -} - -func newExternalJwtSignerStore(stores *stores) *externalJwtSignerStoreImpl { - store := &externalJwtSignerStoreImpl{ - baseStore: newBaseStore[*ExternalJwtSigner](stores, externalJwtSignerEntityStrategy{}), - } - store.InitImpl(store) - return store -} - -type externalJwtSignerStoreImpl struct { - *baseStore[*ExternalJwtSigner] - indexName boltz.ReadIndex - symbolFingerprint boltz.EntitySymbol - symbolAuthPolicies boltz.EntitySetSymbol - fingerprintIndex boltz.ReadIndex - symbolKid boltz.EntitySymbol - kidIndex boltz.ReadIndex - symbolIssuer boltz.EntitySymbol - issuerIndex boltz.ReadIndex -} - -func (store *externalJwtSignerStoreImpl) initializeLocal() { - store.AddExtEntitySymbols() - store.indexName = store.addUniqueNameField() - - store.symbolFingerprint = store.AddSymbol(FieldExternalJwtSignerFingerprint, ast.NodeTypeString) - store.fingerprintIndex = store.AddNullableUniqueIndex(store.symbolFingerprint) - - store.symbolKid = store.AddSymbol(FieldExternalJwtSignerKid, ast.NodeTypeString) - store.kidIndex = store.AddNullableUniqueIndex(store.symbolKid) - - store.symbolIssuer = store.AddSymbol(FieldExternalJwtSignerIssuer, ast.NodeTypeString) - store.issuerIndex = store.AddUniqueIndex(store.symbolIssuer) - - store.AddSymbol(FieldExternalJwtSignerCertPem, ast.NodeTypeString) - store.AddSymbol(FieldExternalJwtSignerCommonName, ast.NodeTypeString) - store.AddSymbol(FieldExternalJwtSignerNotAfter, ast.NodeTypeDatetime) - store.AddSymbol(FieldExternalJwtSignerNotBefore, ast.NodeTypeDatetime) - store.AddSymbol(FieldExternalJwtSignerEnabled, ast.NodeTypeBool) - store.AddSymbol(FieldExternalJwtSignerClaimsProperty, ast.NodeTypeString) - store.AddSymbol(FieldExternalJwtSignerUseExternalId, ast.NodeTypeBool) - store.AddSymbol(FieldExternalJwtSignerAudience, ast.NodeTypeString) - - store.symbolAuthPolicies = store.AddFkSetSymbol(FieldExternalJwtSignerAuthPolicies, store.stores.authPolicy) -} - -func (store *externalJwtSignerStoreImpl) initializeLinked() { -} - func (store *externalJwtSignerStoreImpl) DeleteById(ctx boltz.MutateContext, id string) error { ids, _, err := store.stores.authPolicy.QueryIds(ctx.Tx(), fmt.Sprintf(`anyOf(%s) = "%s"`, FieldAuthPolicyPrimaryExtJwtAllowedSigners, id)) diff --git a/controller/persistence/identity_store.go b/controller/persistence/identity_store.go index dec975c5a..dea9a47da 100644 --- a/controller/persistence/identity_store.go +++ b/controller/persistence/identity_store.go @@ -125,13 +125,100 @@ type ServiceConfig struct { var identityFieldMappings = map[string]string{FieldIdentityType: "identityTypeId"} -type identityEntityStrategy struct{} +var _ IdentityStore = (*identityStoreImpl)(nil) + +type IdentityStore interface { + NameIndexed + Store[*Identity] + + GetRoleAttributesIndex() boltz.SetReadIndex + GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) + + AssignServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error + RemoveServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error + GetServiceConfigs(tx *bbolt.Tx, identityId string) ([]ServiceConfig, error) + LoadServiceConfigsByServiceAndType(tx *bbolt.Tx, identityId string, configTypes map[string]struct{}) map[string]map[string]map[string]interface{} + GetIdentityServicesCursorProvider(identityId string) ast.SetCursorProvider +} + +func newIdentityStore(stores *stores) *identityStoreImpl { + store := &identityStoreImpl{} + store.baseStore = newBaseStore[*Identity](stores, store) + store.InitImpl(store) + return store +} + +type identityStoreImpl struct { + *baseStore[*Identity] + + indexName boltz.ReadIndex + indexRoleAttributes boltz.SetReadIndex + + symbolRoleAttributes boltz.EntitySetSymbol + symbolAuthenticators boltz.EntitySetSymbol + symbolIdentityTypeId boltz.EntitySymbol + symbolAuthPolicyId boltz.EntitySymbol + symbolEnrollments boltz.EntitySetSymbol + + symbolEdgeRouterPolicies boltz.EntitySetSymbol + symbolServicePolicies boltz.EntitySetSymbol + symbolEdgeRouters boltz.EntitySetSymbol + symbolBindServices boltz.EntitySetSymbol + symbolDialServices boltz.EntitySetSymbol -func (identityEntityStrategy) NewEntity() *Identity { + edgeRoutersCollection boltz.RefCountedLinkCollection + bindServicesCollection boltz.RefCountedLinkCollection + dialServicesCollection boltz.RefCountedLinkCollection + symbolExternalId boltz.EntitySymbol + externalIdIndex boltz.ReadIndex +} + +func (store *identityStoreImpl) GetRoleAttributesIndex() boltz.SetReadIndex { + return store.indexRoleAttributes +} + +func (store *identityStoreImpl) initializeLocal() { + store.AddExtEntitySymbols() + + store.symbolRoleAttributes = store.AddPublicSetSymbol(FieldRoleAttributes, ast.NodeTypeString) + store.indexRoleAttributes = store.AddSetIndex(store.symbolRoleAttributes) + + store.indexName = store.addUniqueNameField() + store.symbolEdgeRouters = store.AddFkSetSymbol(db.EntityTypeRouters, store.stores.edgeRouter) + store.symbolBindServices = store.AddFkSetSymbol(FieldIdentityBindServices, store.stores.edgeService) + store.symbolDialServices = store.AddFkSetSymbol(FieldIdentityDialServices, store.stores.edgeService) + store.symbolEdgeRouterPolicies = store.AddFkSetSymbol(EntityTypeEdgeRouterPolicies, store.stores.edgeRouterPolicy) + store.symbolServicePolicies = store.AddFkSetSymbol(EntityTypeServicePolicies, store.stores.servicePolicy) + store.symbolEnrollments = store.AddFkSetSymbol(FieldIdentityEnrollments, store.stores.enrollment) + store.symbolAuthenticators = store.AddFkSetSymbol(FieldIdentityAuthenticators, store.stores.authenticator) + store.symbolExternalId = store.AddSymbol(FieldIdentityExternalId, ast.NodeTypeString) + store.externalIdIndex = store.AddNullableUniqueIndex(store.symbolExternalId) + + store.symbolIdentityTypeId = store.AddFkSymbol(FieldIdentityType, store.stores.identityType) + store.symbolAuthPolicyId = store.AddFkSymbol(FieldIdentityAuthPolicyId, store.stores.authPolicy) + + store.AddFkConstraint(store.symbolAuthPolicyId, true, boltz.CascadeNone) + + store.AddSymbol(FieldIdentityIsAdmin, ast.NodeTypeBool) + store.AddSymbol(FieldIdentityIsDefaultAdmin, ast.NodeTypeBool) + + store.indexRoleAttributes.AddListener(store.rolesChanged) +} + +func (store *identityStoreImpl) initializeLinked() { + store.AddLinkCollection(store.symbolEdgeRouterPolicies, store.stores.edgeRouterPolicy.symbolIdentities) + store.AddLinkCollection(store.symbolServicePolicies, store.stores.servicePolicy.symbolIdentities) + + store.edgeRoutersCollection = store.AddRefCountedLinkCollection(store.symbolEdgeRouters, store.stores.edgeRouter.symbolIdentities) + store.bindServicesCollection = store.AddRefCountedLinkCollection(store.symbolBindServices, store.stores.edgeService.symbolBindIdentities) + store.dialServicesCollection = store.AddRefCountedLinkCollection(store.symbolDialServices, store.stores.edgeService.symbolDialIdentities) +} + +func (store *identityStoreImpl) NewEntity() *Identity { return &Identity{} } -func (identityEntityStrategy) FillEntity(entity *Identity, bucket *boltz.TypedBucket) { +func (store *identityStoreImpl) FillEntity(entity *Identity, bucket *boltz.TypedBucket) { entity.LoadBaseValues(bucket) entity.Name = bucket.GetStringOrError(FieldName) entity.IdentityTypeId = bucket.GetStringWithDefault(FieldIdentityType, "") @@ -183,12 +270,11 @@ func (identityEntityStrategy) FillEntity(entity *Identity, bucket *boltz.TypedBu } } -func (identityEntityStrategy) PersistEntity(entity *Identity, ctx *boltz.PersistContext) { +func (store *identityStoreImpl) PersistEntity(entity *Identity, ctx *boltz.PersistContext) { ctx.WithFieldOverrides(identityFieldMappings) entity.SetBaseValues(ctx) - store := ctx.Store.(*identityStoreImpl) ctx.SetString(FieldName, entity.Name) ctx.SetBool(FieldIdentityIsDefaultAdmin, entity.IsDefaultAdmin) ctx.SetBool(FieldIdentityIsAdmin, entity.IsAdmin) @@ -232,7 +318,7 @@ func (identityEntityStrategy) PersistEntity(entity *Identity, ctx *boltz.Persist ctx.SetString(FieldIdentitySdkInfoAppVersion, entity.SdkInfo.AppVersion) } - serviceStore := ctx.Store.(*identityStoreImpl).stores.Service + serviceStore := store.stores.Service if ctx.ProceedWithSet(FieldIdentityServiceHostingPrecedences) { mapBucket, err := ctx.Bucket.EmptyBucket(FieldIdentityServiceHostingPrecedences) @@ -269,96 +355,6 @@ func (identityEntityStrategy) PersistEntity(entity *Identity, ctx *boltz.Persist } } -var _ IdentityStore = (*identityStoreImpl)(nil) - -type IdentityStore interface { - NameIndexed - Store[*Identity] - - GetRoleAttributesIndex() boltz.SetReadIndex - GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) - - AssignServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error - RemoveServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error - GetServiceConfigs(tx *bbolt.Tx, identityId string) ([]ServiceConfig, error) - LoadServiceConfigsByServiceAndType(tx *bbolt.Tx, identityId string, configTypes map[string]struct{}) map[string]map[string]map[string]interface{} - GetIdentityServicesCursorProvider(identityId string) ast.SetCursorProvider -} - -func newIdentityStore(stores *stores) *identityStoreImpl { - store := &identityStoreImpl{ - baseStore: newBaseStore[*Identity](stores, identityEntityStrategy{}), - } - store.InitImpl(store) - return store -} - -type identityStoreImpl struct { - *baseStore[*Identity] - - indexName boltz.ReadIndex - indexRoleAttributes boltz.SetReadIndex - - symbolRoleAttributes boltz.EntitySetSymbol - symbolAuthenticators boltz.EntitySetSymbol - symbolIdentityTypeId boltz.EntitySymbol - symbolAuthPolicyId boltz.EntitySymbol - symbolEnrollments boltz.EntitySetSymbol - - symbolEdgeRouterPolicies boltz.EntitySetSymbol - symbolServicePolicies boltz.EntitySetSymbol - symbolEdgeRouters boltz.EntitySetSymbol - symbolBindServices boltz.EntitySetSymbol - symbolDialServices boltz.EntitySetSymbol - - edgeRoutersCollection boltz.RefCountedLinkCollection - bindServicesCollection boltz.RefCountedLinkCollection - dialServicesCollection boltz.RefCountedLinkCollection - symbolExternalId boltz.EntitySymbol - externalIdIndex boltz.ReadIndex -} - -func (store *identityStoreImpl) GetRoleAttributesIndex() boltz.SetReadIndex { - return store.indexRoleAttributes -} - -func (store *identityStoreImpl) initializeLocal() { - store.AddExtEntitySymbols() - - store.symbolRoleAttributes = store.AddPublicSetSymbol(FieldRoleAttributes, ast.NodeTypeString) - store.indexRoleAttributes = store.AddSetIndex(store.symbolRoleAttributes) - - store.indexName = store.addUniqueNameField() - store.symbolEdgeRouters = store.AddFkSetSymbol(db.EntityTypeRouters, store.stores.edgeRouter) - store.symbolBindServices = store.AddFkSetSymbol(FieldIdentityBindServices, store.stores.edgeService) - store.symbolDialServices = store.AddFkSetSymbol(FieldIdentityDialServices, store.stores.edgeService) - store.symbolEdgeRouterPolicies = store.AddFkSetSymbol(EntityTypeEdgeRouterPolicies, store.stores.edgeRouterPolicy) - store.symbolServicePolicies = store.AddFkSetSymbol(EntityTypeServicePolicies, store.stores.servicePolicy) - store.symbolEnrollments = store.AddFkSetSymbol(FieldIdentityEnrollments, store.stores.enrollment) - store.symbolAuthenticators = store.AddFkSetSymbol(FieldIdentityAuthenticators, store.stores.authenticator) - store.symbolExternalId = store.AddSymbol(FieldIdentityExternalId, ast.NodeTypeString) - store.externalIdIndex = store.AddNullableUniqueIndex(store.symbolExternalId) - - store.symbolIdentityTypeId = store.AddFkSymbol(FieldIdentityType, store.stores.identityType) - store.symbolAuthPolicyId = store.AddFkSymbol(FieldIdentityAuthPolicyId, store.stores.authPolicy) - - store.AddFkConstraint(store.symbolAuthPolicyId, true, boltz.CascadeNone) - - store.AddSymbol(FieldIdentityIsAdmin, ast.NodeTypeBool) - store.AddSymbol(FieldIdentityIsDefaultAdmin, ast.NodeTypeBool) - - store.indexRoleAttributes.AddListener(store.rolesChanged) -} - -func (store *identityStoreImpl) initializeLinked() { - store.AddLinkCollection(store.symbolEdgeRouterPolicies, store.stores.edgeRouterPolicy.symbolIdentities) - store.AddLinkCollection(store.symbolServicePolicies, store.stores.servicePolicy.symbolIdentities) - - store.edgeRoutersCollection = store.AddRefCountedLinkCollection(store.symbolEdgeRouters, store.stores.edgeRouter.symbolIdentities) - store.bindServicesCollection = store.AddRefCountedLinkCollection(store.symbolBindServices, store.stores.edgeService.symbolBindIdentities) - store.dialServicesCollection = store.AddRefCountedLinkCollection(store.symbolDialServices, store.stores.edgeService.symbolDialIdentities) -} - func (store *identityStoreImpl) rolesChanged(mutateCtx boltz.MutateContext, rowId []byte, _ []boltz.FieldTypeAndValue, new []boltz.FieldTypeAndValue, holder errorz.ErrorHolder) { ctx := &roleAttributeChangeContext{ tx: mutateCtx.Tx(), diff --git a/controller/persistence/identity_type_store.go b/controller/persistence/identity_type_store.go index 84bb598ba..7e850003c 100644 --- a/controller/persistence/identity_type_store.go +++ b/controller/persistence/identity_type_store.go @@ -37,22 +37,6 @@ func (entity *IdentityType) GetEntityType() string { return EntityTypeIdentityTypes } -type identityTypeEntityStrategy struct{} - -func (identityTypeEntityStrategy) NewEntity() *IdentityType { - return &IdentityType{} -} - -func (identityTypeEntityStrategy) FillEntity(entity *IdentityType, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.Name = bucket.GetStringOrError(FieldName) -} - -func (identityTypeEntityStrategy) PersistEntity(entity *IdentityType, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldName, entity.Name) -} - var _ IdentityTypeStore = (*IdentityTypeStoreImpl)(nil) type IdentityTypeStore interface { @@ -61,9 +45,8 @@ type IdentityTypeStore interface { } func newIdentityTypeStore(stores *stores) *IdentityTypeStoreImpl { - store := &IdentityTypeStoreImpl{ - baseStore: newBaseStore[*IdentityType](stores, identityTypeEntityStrategy{}), - } + store := &IdentityTypeStoreImpl{} + store.baseStore = newBaseStore[*IdentityType](stores, store) store.InitImpl(store) return store } @@ -85,3 +68,17 @@ func (store *IdentityTypeStoreImpl) initializeLinked() { func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex { return store.indexName } + +func (store *IdentityTypeStoreImpl) NewEntity() *IdentityType { + return &IdentityType{} +} + +func (store *IdentityTypeStoreImpl) FillEntity(entity *IdentityType, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.Name = bucket.GetStringOrError(FieldName) +} + +func (store *IdentityTypeStoreImpl) PersistEntity(entity *IdentityType, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldName, entity.Name) +} diff --git a/controller/persistence/mfa_store.go b/controller/persistence/mfa_store.go index 62403e43d..922e57158 100644 --- a/controller/persistence/mfa_store.go +++ b/controller/persistence/mfa_store.go @@ -52,30 +52,6 @@ func (entity *Mfa) GetEntityType() string { return EntityTypeMfas } -type mfaEntityStrategy struct{} - -func (mfaEntityStrategy) NewEntity() *Mfa { - return &Mfa{} -} - -func (mfaEntityStrategy) FillEntity(entity *Mfa, bucket *boltz.TypedBucket) { - entity.LoadBaseValues(bucket) - entity.IdentityId = bucket.GetStringOrError(FieldMfaIdentity) - entity.IsVerified = bucket.GetBoolWithDefault(FieldMfaIsVerified, false) - entity.RecoveryCodes = bucket.GetStringList(FieldMfaRecoveryCodes) - entity.Salt = bucket.GetStringOrError(FieldMfaSalt) - entity.Secret = bucket.GetStringWithDefault(FieldMfaSecret, "") -} - -func (mfaEntityStrategy) PersistEntity(entity *Mfa, ctx *boltz.PersistContext) { - entity.SetBaseValues(ctx) - ctx.SetString(FieldMfaIdentity, entity.IdentityId) - ctx.SetBool(FieldMfaIsVerified, entity.IsVerified) - ctx.SetStringList(FieldMfaRecoveryCodes, entity.RecoveryCodes) - ctx.SetString(FieldMfaSalt, entity.Salt) - ctx.SetString(FieldMfaSecret, entity.Secret) -} - var _ MfaStore = (*MfaStoreImpl)(nil) type MfaStore interface { @@ -83,10 +59,8 @@ type MfaStore interface { } func newMfaStore(stores *stores) *MfaStoreImpl { - store := &MfaStoreImpl{ - baseStore: newBaseStore[*Mfa](stores, mfaEntityStrategy{}), - } - + store := &MfaStoreImpl{} + store.baseStore = newBaseStore[*Mfa](stores, store) store.InitImpl(store) return store } @@ -108,3 +82,25 @@ func (store *MfaStoreImpl) initializeLocal() { } func (store *MfaStoreImpl) initializeLinked() {} + +func (store *MfaStoreImpl) NewEntity() *Mfa { + return &Mfa{} +} + +func (store *MfaStoreImpl) FillEntity(entity *Mfa, bucket *boltz.TypedBucket) { + entity.LoadBaseValues(bucket) + entity.IdentityId = bucket.GetStringOrError(FieldMfaIdentity) + entity.IsVerified = bucket.GetBoolWithDefault(FieldMfaIsVerified, false) + entity.RecoveryCodes = bucket.GetStringList(FieldMfaRecoveryCodes) + entity.Salt = bucket.GetStringOrError(FieldMfaSalt) + entity.Secret = bucket.GetStringWithDefault(FieldMfaSecret, "") +} + +func (store *MfaStoreImpl) PersistEntity(entity *Mfa, ctx *boltz.PersistContext) { + entity.SetBaseValues(ctx) + ctx.SetString(FieldMfaIdentity, entity.IdentityId) + ctx.SetBool(FieldMfaIsVerified, entity.IsVerified) + ctx.SetStringList(FieldMfaRecoveryCodes, entity.RecoveryCodes) + ctx.SetString(FieldMfaSalt, entity.Salt) + ctx.SetString(FieldMfaSecret, entity.Secret) +} diff --git a/controller/persistence/stores.go b/controller/persistence/stores.go index 940937d46..fbcfd0f27 100644 --- a/controller/persistence/stores.go +++ b/controller/persistence/stores.go @@ -255,7 +255,7 @@ func NewBoltStores(dbProvider DbProvider) (*Stores, error) { externalStores.buildStoreMap() storeList := externalStores.getStoresForInit() - mutateCtx := change.New().SetSource("system.initialization").NewMutateContext() + mutateCtx := change.New().SetSource("system.initialization").SetChangeAuthorType("controller").NewMutateContext() err := dbProvider.GetDb().Update(mutateCtx, func(ctx boltz.MutateContext) error { for _, store := range storeList { store.initializeLocal() diff --git a/controller/response/context.go b/controller/response/context.go index 5151eba5d..9455f7632 100644 --- a/controller/response/context.go +++ b/controller/response/context.go @@ -104,7 +104,7 @@ func (rc *RequestContext) NewChangeContext() *change.Context { } if rc.Request.Form.Has("traceId") { - changeCtx.SetChangeAuthorId(rc.Request.Form.Get("traceId")) + changeCtx.SetTraceId(rc.Request.Form.Get("traceId")) } return changeCtx } diff --git a/events/dispatcher_session.go b/events/dispatcher_session.go index d35c57036..e64fb0178 100644 --- a/events/dispatcher_session.go +++ b/events/dispatcher_session.go @@ -56,7 +56,7 @@ func (self *Dispatcher) sessionCreated(session *persistence.Session) { Timestamp: time.Now(), Token: session.Token, ApiSessionId: session.ApiSessionId, - IdentityId: session.ApiSession.IdentityId, + IdentityId: session.IdentityId, ServiceId: session.ServiceId, } diff --git a/go.mod b/go.mod index 7ac08cec3..d7c9e0372 100644 --- a/go.mod +++ b/go.mod @@ -28,16 +28,16 @@ require ( github.com/miekg/dns v1.1.53 github.com/mitchellh/mapstructure v1.5.0 github.com/netfoundry/secretstream v0.1.5 - github.com/openziti/channel/v2 v2.0.60 + github.com/openziti/channel/v2 v2.0.62 github.com/openziti/edge-api v0.25.11 - github.com/openziti/fabric v0.22.94 + github.com/openziti/fabric v0.23.0 github.com/openziti/foundation/v2 v2.0.21 github.com/openziti/identity v1.0.47 github.com/openziti/jwks v1.0.3 github.com/openziti/metrics v1.2.19 github.com/openziti/sdk-golang v0.18.76 - github.com/openziti/storage v0.1.49 - github.com/openziti/transport/v2 v2.0.74 + github.com/openziti/storage v0.2.0 + github.com/openziti/transport/v2 v2.0.75 github.com/openziti/x509-claims v1.0.3 github.com/openziti/xweb/v2 v2.0.2 github.com/orcaman/concurrent-map/v2 v2.0.1 @@ -112,7 +112,8 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect github.com/rabbitmq/amqp091-go v1.8.0 // indirect - github.com/shirou/gopsutil/v3 v3.23.2 // indirect + github.com/shirou/gopsutil/v3 v3.23.3 // indirect + github.com/shoenig/go-m1cpu v0.1.5 // indirect github.com/speps/go-hashids v2.0.0+incompatible // indirect github.com/tklauser/go-sysconf v0.3.11 // indirect github.com/tklauser/numcpus v0.6.0 // indirect @@ -123,7 +124,7 @@ require ( go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect go.opentelemetry.io/otel v1.14.0 // indirect go.opentelemetry.io/otel/trace v1.14.0 // indirect - golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect + golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53 // indirect golang.org/x/mod v0.7.0 // indirect golang.org/x/net v0.9.0 // indirect golang.org/x/term v0.7.0 // indirect diff --git a/go.sum b/go.sum index 900b1b67f..afa38ac67 100644 --- a/go.sum +++ b/go.sum @@ -453,12 +453,12 @@ github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7 github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/openziti/channel/v2 v2.0.60 h1:TytQ0fyBH2zHJUzYsAjHrbVCR/e9tOSAroEhZKOBusg= -github.com/openziti/channel/v2 v2.0.60/go.mod h1:Iz/TYnJ3h1AWIpkYTD7vQBhfDJp+G7z7zmgWB7grEvc= +github.com/openziti/channel/v2 v2.0.62 h1:WmNYAugoyQ2HFu2VEhOH4WExzXsX6+dzSQDzNfHf5M8= +github.com/openziti/channel/v2 v2.0.62/go.mod h1:TS2FJs1GuCZXUfSFfptrNWKeTuQRO7YJ9K7C2jWMznA= github.com/openziti/edge-api v0.25.11 h1:HHjDgoybPZGRZ+tM2udehI+U5Xv991iGED8E6CtDb9w= github.com/openziti/edge-api v0.25.11/go.mod h1:PBFMYELgr7JUuaCqHobq1U+WESsutzgEDoELU/9qFOg= -github.com/openziti/fabric v0.22.94 h1:/wp92+2+sIPaW7g676yDcTRhE4i9/BjejyGcdSZHOBE= -github.com/openziti/fabric v0.22.94/go.mod h1:TuuifUPNO9krOofHNjXv21K0Prx/IPf+C90sF1kpfbQ= +github.com/openziti/fabric v0.23.0 h1:JXaHBb31+4hEsv04IUNxs11+s3nupQtzckR+cEIySuE= +github.com/openziti/fabric v0.23.0/go.mod h1:p5EI0s0LvNi6HipLR+PWDon89C3dhfyX/jac/3cwmpA= github.com/openziti/foundation/v2 v2.0.21 h1:3EDDmSunsbd2DlULuY/vqj12LHRZOknH/m3lf6Ws5Nw= github.com/openziti/foundation/v2 v2.0.21/go.mod h1:02GW3jFSSlfLwYwuTIldP/S4w7eCKqlzL6ajFSGHNPA= github.com/openziti/identity v1.0.47 h1:Zc1wL4yMq6hcmbgNR6d3gSkGCiK3IJYd9i4obBNBMPw= @@ -469,10 +469,10 @@ github.com/openziti/metrics v1.2.19 h1:gQO3e2lUotRHBdGUXYBPWMIErIyyF5hw0EakwQbJz github.com/openziti/metrics v1.2.19/go.mod h1:ovvxTpDBxGLcVLHgPTFFvwT4ur8p4Z76BPUhIE5iwqc= github.com/openziti/sdk-golang v0.18.76 h1:D+UW1lpGHBBgfVrObpauq9RvJV/TFPdEEshfuPkiMcI= github.com/openziti/sdk-golang v0.18.76/go.mod h1:kw/5rWDLwx52iwW/4a0VRQMUi7GPSI3aETx+G5TvdFQ= -github.com/openziti/storage v0.1.49 h1:luRsssYlGhpiJxjgc+FWF/yd2JLs9IKfeKID/5Hknrg= -github.com/openziti/storage v0.1.49/go.mod h1:Le2VFNL67YewLtaCnGNXPLH18Yrh/EMxeJ/eXxTOwak= -github.com/openziti/transport/v2 v2.0.74 h1:sFy395WPYWedArh4mBXtNb+FGR3gymk8cR/b6rCUltQ= -github.com/openziti/transport/v2 v2.0.74/go.mod h1:xMoDhxk9FFQoVyh4YL2h1hOshE5Aqlabd4mctmK1TWU= +github.com/openziti/storage v0.2.0 h1:uwSoZQEZCzxp4+KZEi7fOWezbm0knmcCbRhni/DGHSo= +github.com/openziti/storage v0.2.0/go.mod h1:rJjLObUtJBNcm7MvnTr4DHCXZ+ppg0OMeoJ5tfi1aJI= +github.com/openziti/transport/v2 v2.0.75 h1:KZmnyRH1SOXSI6DXqDRsbRxRJE2cWv5EDCiQqC+R+hQ= +github.com/openziti/transport/v2 v2.0.75/go.mod h1:xMoDhxk9FFQoVyh4YL2h1hOshE5Aqlabd4mctmK1TWU= github.com/openziti/x509-claims v1.0.3 h1:HNdQ8Nf1agB3lBs1gahcO6zfkeS4S5xoQ2/PkY4HRX0= github.com/openziti/x509-claims v1.0.3/go.mod h1:Z0WIpBm6c4ecrpRKrou6Gk2wrLWxJO/+tuUwKh8VewE= github.com/openziti/xweb/v2 v2.0.2 h1:XYlVFriTq/U1wcUrc+XPnWJGhXh9NJPhtQ7+r3aC0cU= @@ -524,8 +524,13 @@ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/shirou/gopsutil/v3 v3.23.2 h1:PAWSuiAszn7IhPMBtXsbSCafej7PqUOvY6YywlQUExU= -github.com/shirou/gopsutil/v3 v3.23.2/go.mod h1:gv0aQw33GLo3pG8SiWKiQrbDzbRY1K80RyZJ7V4Th1M= +github.com/shirou/gopsutil/v3 v3.23.3 h1:Syt5vVZXUDXPEXpIBt5ziWsJ4LdSAAxF4l/xZeQgSEE= +github.com/shirou/gopsutil/v3 v3.23.3/go.mod h1:lSBNN6t3+D6W5e5nXTxc8KIMMVxAcS+6IJlffjRRlMU= +github.com/shoenig/go-m1cpu v0.1.4/go.mod h1:Wwvst4LR89UxjeFtLRMrpgRiyY4xPsejnVZym39dbAQ= +github.com/shoenig/go-m1cpu v0.1.5 h1:LF57Z/Fpb/WdGLjt2HZilNnmZOxg/q2bSKTQhgbrLrQ= +github.com/shoenig/go-m1cpu v0.1.5/go.mod h1:Wwvst4LR89UxjeFtLRMrpgRiyY4xPsejnVZym39dbAQ= +github.com/shoenig/test v0.6.3 h1:GVXWJFk9PiOjN0KoJ7VrJGH6uLPnqxR7/fe3HUPfE0c= +github.com/shoenig/test v0.6.3/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -653,8 +658,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230321023759-10a507213a29 h1:ooxPy7fPvB4kwsA2h+iBNHkAbp/4JxTSwCmvdjEYmug= -golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= +golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53 h1:5llv2sWeaMSnA3w2kS57ouQQ4pudlXrR0dCgw51QK9o= +golang.org/x/exp v0.0.0-20230425010034-47ecfdc1ba53/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -828,7 +833,6 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/tests/auth_cert_test.go b/tests/auth_cert_test.go index 7495fed75..5591e1443 100644 --- a/tests/auth_cert_test.go +++ b/tests/auth_cert_test.go @@ -32,6 +32,7 @@ import ( "github.com/openziti/edge/controller/model" "github.com/openziti/edge/eid" "github.com/openziti/edge/internal/cert" + "github.com/openziti/fabric/controller/change" nfPem "github.com/openziti/foundation/v2/pem" "github.com/openziti/sdk-golang/ziti/constants" "github.com/stretchr/testify/require" @@ -96,7 +97,7 @@ func (test *authCertTests) testAuthenticateCertStoresAndFillsFullCert(t *testing certAuth.Pem = "" - err = test.ctx.EdgeController.AppEnv.Managers.Authenticator.Update(authenticator, false, nil) + err = test.ctx.EdgeController.AppEnv.Managers.Authenticator.Update(authenticator, false, nil, change.New().SetSource("test")) r.NoError(err) authenticator, err = test.ctx.EdgeController.AppEnv.Managers.Authenticator.ReadByFingerprint(test.certAuthenticator.Fingerprint()) diff --git a/tests/router_identities_test.go b/tests/router_identities_test.go index dd59879ff..d48453517 100644 --- a/tests/router_identities_test.go +++ b/tests/router_identities_test.go @@ -1,3 +1,4 @@ +//go:build apitests // +build apitests /* @@ -74,7 +75,7 @@ func TestEdgeRouterIdentities(t *testing.T) { resp = ctx.AdminManagementSession.deleteEntityOfType("edge-router-policies", edgeRouterPolicy1.id) ctx.Req.Equal(http.StatusBadRequest, resp.StatusCode()) - // deleting edge router should remove all three entitie + // deleting edge router should remove all three entities ctx.AdminManagementSession.requireDeleteEntity(edgeRouter1) ctx.RequireNotFoundError(ctx.AdminManagementSession.query("edge-routers/" + edgeRouter1.id)) ctx.RequireNotFoundError(ctx.AdminManagementSession.query("identities/" + identity1.Id)) diff --git a/tests/transit_router_test.go b/tests/transit_router_test.go index a57734a27..89cc0fd9b 100644 --- a/tests/transit_router_test.go +++ b/tests/transit_router_test.go @@ -20,6 +20,7 @@ package tests import ( + "github.com/openziti/fabric/controller/change" "github.com/openziti/fabric/controller/models" "github.com/openziti/fabric/controller/network" "testing" @@ -115,7 +116,7 @@ func Test_TransitRouters(t *testing.T) { Name: "uMvqq", Fingerprint: &fp, } - err := ctx.fabricController.GetNetwork().Routers.Create(fabTxRouter) + err := ctx.fabricController.GetNetwork().Routers.Create(fabTxRouter, change.New().SetSource("test")) ctx.Req.NoError(err, "could not create router at fabric level") body := ctx.AdminManagementSession.requireQuery("transit-routers")