forked from juju/juju
/
firewaller.go
125 lines (114 loc) · 3.39 KB
/
firewaller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
// Copyright 2017 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
package caasfirewaller
import (
"github.com/juju/errors"
"gopkg.in/juju/names.v2"
"github.com/juju/juju/apiserver/common"
"github.com/juju/juju/apiserver/facade"
"github.com/juju/juju/apiserver/params"
"github.com/juju/juju/state/watcher"
)
type Facade struct {
*common.LifeGetter
*common.AgentEntityWatcher
resources facade.Resources
state CAASFirewallerState
}
// NewStateFacade provides the signature required for facade registration.
func NewStateFacade(ctx facade.Context) (*Facade, error) {
authorizer := ctx.Auth()
resources := ctx.Resources()
return NewFacade(
resources,
authorizer,
stateShim{ctx.State()},
)
}
// NewFacade returns a new CAAS firewaller Facade facade.
func NewFacade(
resources facade.Resources,
authorizer facade.Authorizer,
st CAASFirewallerState,
) (*Facade, error) {
if !authorizer.AuthController() {
return nil, common.ErrPerm
}
accessApplication := common.AuthFuncForTagKind(names.ApplicationTagKind)
return &Facade{
LifeGetter: common.NewLifeGetter(
st, common.AuthAny(
common.AuthFuncForTagKind(names.ApplicationTagKind),
common.AuthFuncForTagKind(names.UnitTagKind),
),
),
AgentEntityWatcher: common.NewAgentEntityWatcher(
st,
resources,
accessApplication,
),
resources: resources,
state: st,
}, nil
}
// WatchApplications starts a StringsWatcher to watch CAAS applications
// deployed to this model.
func (f *Facade) WatchApplications() (params.StringsWatchResult, error) {
watch := f.state.WatchApplications()
if changes, ok := <-watch.Changes(); ok {
return params.StringsWatchResult{
StringsWatcherId: f.resources.Register(watch),
Changes: changes,
}, nil
}
return params.StringsWatchResult{}, watcher.EnsureErr(watch)
}
// IsExposed returns whether the specified applications are exposed.
func (f *Facade) IsExposed(args params.Entities) (params.BoolResults, error) {
results := params.BoolResults{
Results: make([]params.BoolResult, len(args.Entities)),
}
for i, arg := range args.Entities {
exposed, err := f.isExposed(f.state, arg.Tag)
if err != nil {
results.Results[i].Error = common.ServerError(err)
continue
}
results.Results[i].Result = exposed
}
return results, nil
}
func (f *Facade) isExposed(backend CAASFirewallerState, tagString string) (bool, error) {
tag, err := names.ParseApplicationTag(tagString)
if err != nil {
return false, errors.Trace(err)
}
app, err := backend.Application(tag.Id())
if err != nil {
return false, errors.Trace(err)
}
return app.IsExposed(), nil
}
// ApplicationsConfig returns the config for the specified applications.
func (f *Facade) ApplicationsConfig(args params.Entities) (params.ApplicationGetConfigResults, error) {
results := params.ApplicationGetConfigResults{
Results: make([]params.ConfigResult, len(args.Entities)),
}
for i, arg := range args.Entities {
result, err := f.getApplicationConfig(arg.Tag)
results.Results[i].Config = result
results.Results[i].Error = common.ServerError(err)
}
return results, nil
}
func (f *Facade) getApplicationConfig(tagString string) (map[string]interface{}, error) {
tag, err := names.ParseApplicationTag(tagString)
if err != nil {
return nil, errors.Trace(err)
}
app, err := f.state.Application(tag.Id())
if err != nil {
return nil, errors.Trace(err)
}
return app.ApplicationConfig()
}