...

Source file src/edge-infra.dev/pkg/sds/emergencyaccess/rules/storage/database/privileges.go

Documentation: edge-infra.dev/pkg/sds/emergencyaccess/rules/storage/database

     1  package database
     2  
     3  import (
     4  	"context"
     5  	"database/sql"
     6  	"fmt"
     7  
     8  	rulesengine "edge-infra.dev/pkg/sds/emergencyaccess/rules"
     9  	datasql "edge-infra.dev/pkg/sds/emergencyaccess/rules/storage/database/sql"
    10  )
    11  
    12  // AddPrivileges takes a list of privs and stores them. Returns an error. Conflicts are not returned.
    13  func (ds Dataset) AddPrivileges(ctx context.Context, names []string) (rulesengine.AddNameResult, error) {
    14  	return ds.addNames(ctx, names, datasql.InsertPrivilege)
    15  }
    16  
    17  // DeletePrivilege takes a name for a privilege and removes it from a given row.
    18  // returns the number of rows affected by the deletion or an error on exec.
    19  func (ds Dataset) DeletePrivilege(ctx context.Context, name string) (rulesengine.DeleteResult, error) {
    20  	res, err := ds.deleteValue(ctx, datasql.DeletePrivilege, name)
    21  	if err != nil {
    22  		return rulesengine.DeleteResult{}, err
    23  	}
    24  	if len(res.Errors) == 0 && res.RowsAffected == 0 {
    25  		res.Errors = append(res.Errors, rulesengine.Error{Type: rulesengine.UnknownPrivilege, Privilege: name})
    26  	}
    27  	return res, err
    28  }
    29  
    30  // Returns all privileges in the database
    31  func (ds Dataset) ReadAllPrivileges(ctx context.Context) ([]rulesengine.Privilege, error) {
    32  	return ds.readAllPrivileges(ctx)
    33  }
    34  
    35  // Returns list of privileges with their IDs stored in the database or
    36  // an error on exec. Takes in an optional names parameter that filters the
    37  // results by name. If filter is nil or empty, all privileges are returned.
    38  func (ds Dataset) ReadPrivilegesWithFilter(ctx context.Context, names []string) ([]rulesengine.Privilege, error) {
    39  	if len(names) != 0 {
    40  		return ds.readPrivileges(ctx, names)
    41  	}
    42  	return ds.readAllPrivileges(ctx)
    43  }
    44  
    45  func (ds Dataset) readPrivileges(ctx context.Context, names []string) ([]rulesengine.Privilege, error) {
    46  	results, err := ds.readNames(ctx, names, datasql.SelectPrivilegesByName)
    47  	if err != nil {
    48  		return nil, fmt.Errorf("error in data:ReadPrivileges: %v", err)
    49  	}
    50  	var privileges []rulesengine.Privilege
    51  	for _, result := range results {
    52  		privileges = append(privileges, rulesengine.Privilege{
    53  			ID:   result.id,
    54  			Name: result.name,
    55  		})
    56  	}
    57  	return privileges, nil
    58  }
    59  
    60  func (ds Dataset) readAllPrivileges(ctx context.Context) ([]rulesengine.Privilege, error) {
    61  	rows, err := ds.db.QueryContext(ctx, datasql.SelectAllPrivileges)
    62  	if err != nil {
    63  		return nil, fmt.Errorf("error in data:ReadPrivileges: %v", err)
    64  	}
    65  	defer rows.Close()
    66  	return scanPrivilegeRows(rows)
    67  }
    68  
    69  func scanPrivilegeRows(rows *sql.Rows) ([]rulesengine.Privilege, error) {
    70  	defer rows.Close()
    71  	res := []rulesengine.Privilege{}
    72  	for rows.Next() {
    73  		var name string
    74  		var privid string
    75  		err := rows.Scan(&privid, &name)
    76  		if err != nil {
    77  			return nil, fmt.Errorf("error in data:scanPrivilegeRows: %v", err)
    78  		}
    79  		res = append(res, rulesengine.Privilege{Name: name, ID: privid})
    80  	}
    81  	err := rows.Err()
    82  	if err != nil {
    83  		err = fmt.Errorf("error data:scanPrivilegeRows on rows.Err: %v", err)
    84  	}
    85  	return res, err
    86  }
    87  
    88  func (ds Dataset) ReadPrivilege(ctx context.Context, name string) (rulesengine.Privilege, error) {
    89  	var namedb string
    90  	var privid string
    91  	row := ds.db.QueryRowContext(ctx, datasql.SelectPrivilegeByName, name)
    92  
    93  	err := row.Scan(&privid, &namedb)
    94  	if err != nil {
    95  		if err != sql.ErrNoRows {
    96  			return rulesengine.Privilege{}, fmt.Errorf("error in data:ReadPrivilege: %v", err) // returns 500
    97  		}
    98  	}
    99  	return rulesengine.Privilege{Name: namedb, ID: privid}, nil
   100  }
   101  

View as plain text