/
dispatcher.go
67 lines (57 loc) · 1.87 KB
/
dispatcher.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main
import (
"path/filepath"
"v.io/v23/context"
"v.io/v23/naming"
"v.io/v23/rpc"
"v.io/v23/security"
"v.io/v23/security/access"
"v.io/v23/verror"
"v.io/x/ref/services/internal/fs"
"v.io/x/ref/services/internal/pathperms"
"v.io/x/ref/services/repository"
)
// dispatcher holds the state of the application repository dispatcher.
type dispatcher struct {
store *fs.Memstore
storeRoot string
}
// NewDispatcher is the dispatcher factory. storeDir is a path to a directory in which to
// serialize the applicationd state.
func NewDispatcher(storeDir string) (rpc.Dispatcher, error) {
store, err := fs.NewMemstore(filepath.Join(storeDir, "applicationdstate.db"))
if err != nil {
return nil, err
}
return &dispatcher{store: store, storeRoot: storeDir}, nil
}
func (d *dispatcher) Lookup(_ *context.T, suffix string) (interface{}, security.Authorizer, error) {
name, _, err := parse(nil, suffix)
if err != nil {
return nil, nil, err
}
auth, err := pathperms.NewHierarchicalAuthorizer(
naming.Join("/acls", "data"),
naming.Join("/acls", name, "data"),
(*applicationPermsStore)(d.store))
if err != nil {
return nil, nil, err
}
return repository.ApplicationServer(NewApplicationService(d.store, d.storeRoot, suffix)), auth, nil
}
type applicationPermsStore fs.Memstore
// PermsForPath implements PermsGetter so that applicationd can use the
// hierarchicalAuthorizer.
func (store *applicationPermsStore) PermsForPath(ctx *context.T, path string) (access.Permissions, bool, error) {
perms, _, err := getPermissions(ctx, (*fs.Memstore)(store), path)
if verror.ErrorID(err) == verror.ErrNoExist.ID {
return nil, true, nil
}
if err != nil {
return nil, false, err
}
return perms, false, nil
}