Skip to content

Commit

Permalink
api/install: use single permission for read and update
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrestc
andrestc committed Oct 31, 2016
1 parent de444e9 commit 4b981a9
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 13 deletions.
10 changes: 5 additions & 5 deletions api/install.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ import (
// 201: Host added
// 401: Unauthorized
func installHostAdd(w http.ResponseWriter, r *http.Request, t auth.Token) (err error) {
allowed := permission.Check(t, permission.PermInstallUpdate)
allowed := permission.Check(t, permission.PermInstallManage)
if !allowed {
return permission.ErrUnauthorized
}
Expand All @@ -44,10 +44,10 @@ func installHostAdd(w http.ResponseWriter, r *http.Request, t auth.Token) (err e
}
evt, err := event.New(&event.Opts{
Target: event.Target{Type: event.TargetTypeInstallHost, Value: host.Name},
Kind: permission.PermInstallUpdate,
Kind: permission.PermInstallManage,
Owner: t,
CustomData: event.FormToCustomData(r.Form),
Allowed: event.Allowed(permission.PermInstallRead),
Allowed: event.Allowed(permission.PermInstallManage),
})
if err != nil {
return err
Expand Down Expand Up @@ -76,7 +76,7 @@ func installHostAdd(w http.ResponseWriter, r *http.Request, t auth.Token) (err e
// 401: Unauthorized
// 404: Not Found
func installHostInfo(w http.ResponseWriter, r *http.Request, t auth.Token) error {
allowed := permission.Check(t, permission.PermInstallRead)
allowed := permission.Check(t, permission.PermInstallManage)
if !allowed {
return permission.ErrUnauthorized
}
Expand All @@ -99,7 +99,7 @@ func installHostInfo(w http.ResponseWriter, r *http.Request, t auth.Token) error
// 200: OK
// 401: Unauthorized
func installHostList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
allowed := permission.Check(t, permission.PermInstallRead)
allowed := permission.Check(t, permission.PermInstallManage)
if !allowed {
return permission.ErrUnauthorized
}
Expand Down
8 changes: 4 additions & 4 deletions api/install_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ import (

func (s *S) TestInstallHostAdd(c *check.C) {
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermInstallUpdate,
Scheme: permission.PermInstallManage,
Context: permission.Context(permission.CtxGlobal, ""),
})
recorder := httptest.NewRecorder()
Expand Down Expand Up @@ -60,7 +60,7 @@ func (s *S) TestInstallHostReturnsForbiddenIfNoPermissions(c *check.C) {

func (s *S) TestInstallHostInfo(c *check.C) {
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermInstallRead,
Scheme: permission.PermInstallManage,
Context: permission.Context(permission.CtxGlobal, ""),
})
expectedHost := &install.Host{Name: "my-host", DriverName: "amazonec2", Driver: make(map[string]interface{})}
Expand Down Expand Up @@ -97,7 +97,7 @@ func (s *S) TestInstallHostInfoReturnsForbiddenIfNoPermissions(c *check.C) {

func (s *S) TestInstallHostInfoReturnsNotFoundWhenHostDoesNotExist(c *check.C) {
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermInstallRead,
Scheme: permission.PermInstallManage,
Context: permission.Context(permission.CtxGlobal, ""),
})
recorder := httptest.NewRecorder()
Expand All @@ -113,7 +113,7 @@ func (s *S) TestInstallHostInfoReturnsNotFoundWhenHostDoesNotExist(c *check.C) {

func (s *S) TestInstallHostList(c *check.C) {
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermInstallRead,
Scheme: permission.PermInstallManage,
Context: permission.Context(permission.CtxGlobal, ""),
})
host1 := &install.Host{Name: "my-host-1", DriverName: "amazonec2", Driver: make(map[string]interface{})}
Expand Down
3 changes: 1 addition & 2 deletions permission/permitems.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,7 @@ var (
PermHealingRead = PermissionRegistry.get("healing.read") // [global pool]
PermHealingUpdate = PermissionRegistry.get("healing.update") // [global pool]
PermInstall = PermissionRegistry.get("install") // [global]
PermInstallRead = PermissionRegistry.get("install.read") // [global]
PermInstallUpdate = PermissionRegistry.get("install.update") // [global]
PermInstallManage = PermissionRegistry.get("install.manage") // [global]
PermMachine = PermissionRegistry.get("machine") // [global iaas]
PermMachineCreate = PermissionRegistry.get("machine.create") // [global iaas]
PermMachineDelete = PermissionRegistry.get("machine.delete") // [global iaas]
Expand Down
3 changes: 1 addition & 2 deletions permission/permlist.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,5 @@ var PermissionRegistry = (&registry{}).addWithCtx(
"nodecontainer.update.upgrade",
"nodecontainer.delete",
).add(
"install.update",
"install.read",
"install.manage",
)

0 comments on commit 4b981a9

Please sign in to comment.