-
Notifications
You must be signed in to change notification settings - Fork 1
/
resource_common_models.go
72 lines (61 loc) · 2.2 KB
/
resource_common_models.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
// package delivers apicontracts for resources
package rortypes
import (
"errors"
aclmodels "github.com/NorskHelsenett/ror/pkg/models/acl"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type ResourceAction string
const (
K8sActionAdd ResourceAction = "Add"
K8sActionDelete ResourceAction = "Delete"
K8sActionUpdate ResourceAction = "Update"
)
var (
// aclmodels.ErrInvalidScope is returned when the scope is invalid
ErrInvalidScope = errors.New("invalid scope")
ErrInvalidSubject = errors.New("invalid subject")
)
// Commonresource defines the minimum resource definition.
type CommonResource struct {
metav1.TypeMeta `json:",inline"`
Metadata metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
RorMeta ResourceRorMeta `json:"rormeta"`
}
// ResourceRorMeta represents the metadata stored by ror
type ResourceRorMeta struct {
Version string `json:"version,omitempty"`
LastReported string `json:"lastReported,omitempty"`
Internal bool `json:"internal,omitempty"`
Hash string `json:"hash,omitempty"`
Ownerref RorResourceOwnerReference `json:"ownerref,omitempty"`
Action ResourceAction `json:"action,omitempty"`
}
// The RorResourceOwnerReference or ownereref references the owner og a resource.
// Its used to chek acl and select resources for valid Scopes.
type RorResourceOwnerReference struct {
Scope aclmodels.Acl2Scope `json:"scope"` // cluster, workspace,...
Subject aclmodels.Acl2Subject `json:"subject"` // ror id eg clusterId or workspaceName
}
// Validate validates the ResourceOwnerReference
func (r *RorResourceOwnerReference) Validate() (bool, error) {
if r.Scope == "" {
return false, ErrInvalidScope
}
if r.Subject == "" {
return false, ErrInvalidSubject
}
if !r.Scope.IsValid() {
return false, ErrInvalidScope
}
if !r.Subject.HasValidScope(r.Scope) {
return false, ErrInvalidScope
}
return true, nil
}
func (r RorResourceOwnerReference) GetQueryParams() map[string]string {
response := make(map[string]string)
response["ownerScope"] = string(r.Scope)
response["ownerSubject"] = string(r.Subject)
return response
}