Adds Lock handling methods to OktaAccessPoint (#36221)

As the Okta service now needs to manipulate locks, the service's AccessPoint (i.e. its interface to Teleport auth) needs to have methods for CRUD operations on locks. This PR adds them to the Okta imterface.
gravitational · Jan 4, 2024 · 790f959 · 790f959
1 parent d22eca1
commit 790f959
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/lib/auth/api.go b/lib/auth/api.go
@@ -803,6 +803,9 @@ type ReadOktaAccessPoint interface {
 
 	// ListResources returns a paginated list of resources.
 	ListResources(ctx context.Context, req proto.ListResourcesRequest) (*types.ListResourcesResponse, error)
+
+	// GetLocks lists the locks that target a given set of resources.
+	GetLocks(ctx context.Context, inForceOnly bool, targets ...types.LockTarget) ([]types.Lock, error)
 }
 
 // OktaAccessPoint is a read caching interface used by an Okta component.
@@ -855,6 +858,12 @@ type OktaAccessPoint interface {
 
 	// DeleteApplicationServer removes specified application server.
 	DeleteApplicationServer(ctx context.Context, namespace, hostID, name string) error
+
+	// UpsertLock creates or updates a given lock
+	UpsertLock(ctx context.Context, lock types.Lock) error
+
+	// DeleteLock deletes a given lock
+	DeleteLock(ctx context.Context, name string) error
 }
 
 // AccessCache is a subset of the interface working on the certificate authorities
@@ -1373,6 +1382,21 @@ func (w *OktaWrapper) DeleteApplicationServer(ctx context.Context, namespace, ho
 	return w.NoCache.DeleteApplicationServer(ctx, namespace, hostID, name)
 }
 
+// GetLocks fetches locks that target a given set of resources
+func (w *OktaWrapper) GetLocks(ctx context.Context, inForceOnly bool, targets ...types.LockTarget) ([]types.Lock, error) {
+	return w.NoCache.GetLocks(ctx, inForceOnly, targets...)
+}
+
+// UpsertLock creates and/or updates lock resources
+func (w *OktaWrapper) UpsertLock(ctx context.Context, lock types.Lock) error {
+	return w.NoCache.UpsertLock(ctx, lock)
+}
+
+// DeleteLock deletes a lock by name
+func (w *OktaWrapper) DeleteLock(ctx context.Context, name string) error {
+	return w.NoCache.DeleteLock(ctx, name)
+}
+
 // Close closes all associated resources
 func (w *OktaWrapper) Close() error {
 	err := w.NoCache.Close()