mirrors/etcd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

*: support getting role in auth v3

Browse Source 
This commit implements RoleGet() RPC of etcdserver and adds a new
subcommand "role get" to etcdctl v3. It will list up permissions that
are granted to a given role.

$ ETCDCTL_API=3 bin/etcdctl role get r1
Role r1
KV Read:
        b
        d
KV Write:
        a
        c
        d
This commit is contained in:
Hitoshi Mitake
2016-06-02 23:25:15 +09:00
committed by Hitoshi Mitake
parent 755567cb3d
commit 10ee69b44c
10 changed files with 452 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
etcdserver/v3_server.go
View File

@ -66,6 +66,7 @@ type Authenticator interface {
UserGet(ctx context.Context, r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error)
RoleAdd(ctx context.Context, r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error)
RoleGrant(ctx context.Context, r *pb.AuthRoleGrantRequest) (*pb.AuthRoleGrantResponse, error)
RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error)
}
func (s *EtcdServer) Range(ctx context.Context, r *pb.RangeRequest) (*pb.RangeResponse, error) {
@ -345,6 +346,17 @@ func (s *EtcdServer) RoleGrant(ctx context.Context, r *pb.AuthRoleGrantRequest)
return result.resp.(*pb.AuthRoleGrantResponse), nil
}
func (s *EtcdServer) RoleGet(ctx context.Context, r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error) {
result, err := s.processInternalRaftRequest(ctx, pb.InternalRaftRequest{AuthRoleGet: r})
if err != nil {
return nil, err
}
if result.err != nil {
return nil, result.err
}
return result.resp.(*pb.AuthRoleGetResponse), nil
}
func (s *EtcdServer) usernameFromCtx(ctx context.Context) (string, error) {
md, mdexist := metadata.FromContext(ctx)
if mdexist {