diff --git a/controller/controller.go b/controller/controller.go
index 4573046bb3cddd6f2ad044ed4f5f7b2f9fb0311e..f4e1e84e2243a9dcb8530cb8786e5e2765dad104 100644
--- a/controller/controller.go
+++ b/controller/controller.go
@@ -168,7 +168,7 @@ func startGrpc() error {
log.Infof("listening to %v", lislisten.Addr())
jwtManager := rbacImpl.NewJWTManager(config.JWTSecret, config.JWTDuration)
- setupGRPCServerWithCorrectSecurityLevel(jwtManager, c.userService, c.roleService)
+ setupGRPCServerWithCorrectSecurityLevel(jwtManager, c.serviceManager)
basePnd, err := c.serviceManager.PndService.Get(store.Query{ID: config.BasePndUUID})
if err != nil {
@@ -372,13 +372,13 @@ func callback(id uuid.UUID, ch chan networkelement.Details) {
// This allows users to operate on the controller without any authentication/authorization,
// but they could still login if they want to.
// Use insecure only for testing purposes and with caution.
-func setupGRPCServerWithCorrectSecurityLevel(jwt *rbacImpl.JWTManager, userService rbac.UserService, roleService rbac.RoleService) {
+func setupGRPCServerWithCorrectSecurityLevel(jwt *rbacImpl.JWTManager, serviceManager servmgmt.ServiceManager) {
securityLevel := viper.GetString("security")
if securityLevel == "insecure" {
c.grpcServer = grpc.NewServer()
log.Info("set up grpc server in insecure mode")
} else {
- interceptor := server.NewAuthInterceptor(jwt, userService, roleService)
+ interceptor := server.NewAuthInterceptor(jwt, serviceManager)
c.grpcServer = grpc.NewServer(grpc.UnaryInterceptor(interceptor.Unary()), grpc.StreamInterceptor(interceptor.Stream()))
log.Info("set up grpc server in secure mode")
}
diff --git a/controller/northbound/server/auth.go b/controller/northbound/server/auth.go
index e7459f7b5ddee7e9b051ff613938f32e4e8b0d50..41beefe78223b36e30a4e338a025e9539758505d 100644
--- a/controller/northbound/server/auth.go
+++ b/controller/northbound/server/auth.go
@@ -6,9 +6,9 @@ import (
"time"
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
- rbacInterfaces "code.fbi.h-da.de/danet/gosdn/controller/interfaces/rbac"
"code.fbi.h-da.de/danet/gosdn/controller/metrics"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"code.fbi.h-da.de/danet/gosdn/controller/store"
"github.com/prometheus/client_golang/prometheus"
"golang.org/x/crypto/argon2"
@@ -20,15 +20,15 @@ import (
// AuthServer holds a JWTManager and represents a AuthServiceServer.
type AuthServer struct {
apb.UnimplementedAuthServiceServer
- jwtManager *rbac.JWTManager
- userService rbacInterfaces.UserService
+ jwtManager *rbac.JWTManager
+ serviceManager servmgmt.ServiceManager
}
// NewAuthServer receives a JWTManager and a userService and returns a new Auth interface.
-func NewAuthServer(jwtManager *rbac.JWTManager, userService rbacInterfaces.UserService) *AuthServer {
+func NewAuthServer(jwtManager *rbac.JWTManager, serviceManager servmgmt.ServiceManager) *AuthServer {
return &AuthServer{
- jwtManager: jwtManager,
- userService: userService,
+ jwtManager: jwtManager,
+ serviceManager: serviceManager,
}
}
@@ -55,14 +55,14 @@ func (s AuthServer) Login(ctx context.Context, request *apb.LoginRequest) (*apb.
return nil, err
}
- userToUpdate, err := s.userService.Get(store.Query{Name: user.UserName})
+ userToUpdate, err := s.serviceManager.UserService.Get(store.Query{Name: user.UserName})
if err != nil {
return nil, err
}
userToUpdate.SetToken(token)
- err = s.userService.Update(userToUpdate)
+ err = s.serviceManager.UserService.Update(userToUpdate)
if err != nil {
return nil, err
}
@@ -93,7 +93,7 @@ func (s AuthServer) Logout(ctx context.Context, request *apb.LogoutRequest) (*ap
// isValidUser checks if the provided user name fits to a stored one and then checks if the provided password is correct.
func (s AuthServer) isValidUser(user rbac.User) error {
- storedUser, err := s.userService.Get(store.Query{Name: user.Name()})
+ storedUser, err := s.serviceManager.UserService.Get(store.Query{Name: user.Name()})
if err != nil {
return err
}
@@ -139,7 +139,7 @@ func (s AuthServer) handleLogout(ctx context.Context, userName string) error {
return status.Errorf(codes.Aborted, "missing match of user associated to token and provided user name")
}
- storedUser, err := s.userService.Get(store.Query{Name: userName})
+ storedUser, err := s.serviceManager.UserService.Get(store.Query{Name: userName})
if err != nil {
return err
}
@@ -148,7 +148,7 @@ func (s AuthServer) handleLogout(ctx context.Context, userName string) error {
return status.Errorf(codes.Aborted, "missing match of token provied for user")
}
- err = s.userService.Update(&rbac.User{UserID: storedUser.ID(),
+ err = s.serviceManager.UserService.Update(&rbac.User{UserID: storedUser.ID(),
UserName: storedUser.Name(),
Roles: storedUser.GetRoles(),
Password: storedUser.GetPassword(),
diff --git a/controller/northbound/server/auth_interceptor.go b/controller/northbound/server/auth_interceptor.go
index 30ffa2ea982be33282ab3db1c86cfe2f6e22d06e..03cc895c97bfa1c43015cee44fc73f49b0f499f0 100644
--- a/controller/northbound/server/auth_interceptor.go
+++ b/controller/northbound/server/auth_interceptor.go
@@ -4,7 +4,7 @@ import (
"context"
"time"
- rbacInterfaces "code.fbi.h-da.de/danet/gosdn/controller/interfaces/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
csbipb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/csbi"
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
@@ -18,21 +18,18 @@ import (
// AuthInterceptor provides an AuthInterceptor.
type AuthInterceptor struct {
- jwtManager *rbac.JWTManager
- userService rbacInterfaces.UserService
- roleService rbacInterfaces.RoleService
+ jwtManager *rbac.JWTManager
+ serviceManager servmgmt.ServiceManager
}
// NewAuthInterceptor receives a JWTManager and a rbacMand returns a new AuthInterceptor provding gRPC Interceptor functionality.
func NewAuthInterceptor(
jwtManager *rbac.JWTManager,
- userService rbacInterfaces.UserService,
- roleService rbacInterfaces.RoleService,
+ serviceManager servmgmt.ServiceManager,
) *AuthInterceptor {
return &AuthInterceptor{
- jwtManager: jwtManager,
- userService: userService,
- roleService: roleService,
+ jwtManager: jwtManager,
+ serviceManager: serviceManager,
}
}
@@ -92,7 +89,7 @@ func (auth *AuthInterceptor) authorize(ctx context.Context, method string) error
return status.Errorf(codes.PermissionDenied, "token expired at %v, please login", time.Unix(claims.ExpiresAt, 0))
}
- user, err := auth.userService.Get(store.Query{Name: claims.Username})
+ user, err := auth.serviceManager.UserService.Get(store.Query{Name: claims.Username})
if err != nil {
return err
}
@@ -124,7 +121,7 @@ func (auth *AuthInterceptor) verifyPermisisonForRequestedCall(userRoles map[stri
}
func (auth *AuthInterceptor) verifyUserRoleAndRequestedCall(userRole, requestedMethod string) error {
- storedRoles, err := auth.roleService.GetAll()
+ storedRoles, err := auth.serviceManager.RoleService.GetAll()
if err != nil {
return err
}
diff --git a/controller/northbound/server/auth_interceptor_test.go b/controller/northbound/server/auth_interceptor_test.go
index cddec3a1694001f0a5ed0a82c2a8798828bbfcda..a47349bbf92ed515e7b850465be464a6994853f1 100644
--- a/controller/northbound/server/auth_interceptor_test.go
+++ b/controller/northbound/server/auth_interceptor_test.go
@@ -33,18 +33,20 @@ func getTestAuthInterceptorServer(t *testing.T) (*AuthInterceptor, *UserServer,
mockPnd := getMockPnd(t)
pndStore := nucleus.NewMemoryPndStore()
- if err := pndStore.Add(mockPnd); err != nil {
+ pndService := nucleus.NewPndService(pndStore)
+
+ if err := pndService.Add(mockPnd); err != nil {
t.Fatal(err)
}
- serviceManager := &servmgmt.ServiceManager{PNDStore: pndStore}
+ serviceManager := servmgmt.ServiceManager{PndService: pndService, UserService: userService, RoleService: roleService}
- s := NewAuthInterceptor(jwtManager, userService, roleService)
- u := NewUserServer(jwtManager, userService)
- r := NewRoleServer(jwtManager, roleService)
- sbiServer := NewSbiServer(*serviceManager)
+ s := NewAuthInterceptor(jwtManager, serviceManager)
+ u := NewUserServer(jwtManager, serviceManager)
+ r := NewRoleServer(jwtManager, serviceManager)
+ sbiServer := NewSbiServer(serviceManager)
- if err := clearAndCreateAuthTestSetup(userService, roleService); err != nil {
+ if err := clearAndCreateAuthTestSetup(serviceManager); err != nil {
t.Fatal(err)
}
@@ -73,12 +75,12 @@ func dialer(interceptorServer *AuthInterceptor, userServer *UserServer, roleServ
func TestAuthInterceptor_Unary(t *testing.T) {
authServer, userServer, roleServer, sbiServer := getTestAuthInterceptorServer(t)
- validToken, err := createTestUserToken("testAdmin", true, authServer.userService, authServer.jwtManager)
+ validToken, err := createTestUserToken("testAdmin", true, authServer.serviceManager, authServer.jwtManager)
if err != nil {
t.Fatal(err)
}
- wrongUserToken, err := createTestUserToken("foo", false, authServer.userService, authServer.jwtManager)
+ wrongUserToken, err := createTestUserToken("foo", false, authServer.serviceManager, authServer.jwtManager)
if err != nil {
t.Fatal(err)
}
@@ -169,7 +171,7 @@ func TestAuthInterceptor_Unary(t *testing.T) {
func TestAuthInterceptor_Stream(t *testing.T) {
authServer, userServer, roleServer, sbiServer := getTestAuthInterceptorServer(t)
- validToken, err := createTestUserToken("testAdmin", true, authServer.userService, authServer.jwtManager)
+ validToken, err := createTestUserToken("testAdmin", true, authServer.serviceManager, authServer.jwtManager)
if err != nil {
t.Fatal(err)
}
@@ -244,12 +246,12 @@ func TestAuthInterceptor_Stream(t *testing.T) {
func TestAuthInterceptor_authorize(t *testing.T) {
authServer, _, _, _ := getTestAuthInterceptorServer(t)
- validToken, err := createTestUserToken("testAdmin", true, authServer.userService, authServer.jwtManager)
+ validToken, err := createTestUserToken("testAdmin", true, authServer.serviceManager, authServer.jwtManager)
if err != nil {
t.Fatal(err)
}
- wrongUserToken, err := createTestUserToken("foo", false, authServer.userService, authServer.jwtManager)
+ wrongUserToken, err := createTestUserToken("foo", false, authServer.serviceManager, authServer.jwtManager)
if err != nil {
t.Fatal(err)
}
diff --git a/controller/northbound/server/auth_test.go b/controller/northbound/server/auth_test.go
index a24cee7648730eb04324f774e3710fba7b702193..bc3d7fba5035101ad33e883b2f88bbd0a7f67eda 100644
--- a/controller/northbound/server/auth_test.go
+++ b/controller/northbound/server/auth_test.go
@@ -9,6 +9,7 @@ import (
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
eventservice "code.fbi.h-da.de/danet/gosdn/controller/eventService"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"google.golang.org/grpc/metadata"
)
@@ -22,8 +23,10 @@ func getTestAuthServer(t *testing.T) *AuthServer {
roleStore := rbac.NewMemoryRoleStore()
roleService := rbac.NewRoleService(roleStore, eventService)
- s := NewAuthServer(jwtManager, userService)
- err := clearAndCreateAuthTestSetup(s.userService, roleService)
+ serviceManager := servmgmt.ServiceManager{UserService: userService, RoleService: roleService}
+
+ s := NewAuthServer(jwtManager, serviceManager)
+ err := clearAndCreateAuthTestSetup(serviceManager)
if err != nil {
t.Fatalf("%v", err)
}
@@ -87,7 +90,7 @@ func TestAuth_Login(t *testing.T) {
func TestAuth_Logout(t *testing.T) {
s := getTestAuthServer(t)
- validToken, err := createTestUserToken("testAdmin", true, s.userService, s.jwtManager)
+ validToken, err := createTestUserToken("testAdmin", true, s.serviceManager, s.jwtManager)
if err != nil {
log.Fatal(err)
}
@@ -185,12 +188,12 @@ func TestAuth_isValidUser(t *testing.T) {
func TestAuth_handleLogout(t *testing.T) {
s := getTestAuthServer(t)
- validToken, err := createTestUserToken("testAdmin", true, s.userService, s.jwtManager)
+ validToken, err := createTestUserToken("testAdmin", true, s.serviceManager, s.jwtManager)
if err != nil {
log.Fatal(err)
}
- invalidToken, err := createTestUserToken("testAdmin", false, s.userService, s.jwtManager)
+ invalidToken, err := createTestUserToken("testAdmin", false, s.serviceManager, s.jwtManager)
if err != nil {
log.Fatal(err)
}
diff --git a/controller/northbound/server/nbi.go b/controller/northbound/server/nbi.go
index aaec1e2aa2e1b4c4636b9d10f2467a44745a8cf6..0db12578c3e218faf54bd9b0201a53a3ab0accb8 100644
--- a/controller/northbound/server/nbi.go
+++ b/controller/northbound/server/nbi.go
@@ -53,9 +53,9 @@ func NewNBI(
Core: NewCoreServer(serviceManager),
Csbi: NewCsbiServer(pnds),
Sbi: NewSbiServer(serviceManager),
- Auth: NewAuthServer(&jwt, users),
- User: NewUserServer(&jwt, users),
- Role: NewRoleServer(&jwt, roles),
+ Auth: NewAuthServer(&jwt, serviceManager),
+ User: NewUserServer(&jwt, serviceManager),
+ Role: NewRoleServer(&jwt, serviceManager),
Topology: NewTopologyServer(topologyService, nodeService, portService),
App: NewAppServer(apps),
NetworkElement: NewNetworkElementServer(networkDomain, serviceManager),
diff --git a/controller/northbound/server/role.go b/controller/northbound/server/role.go
index 58d42d01b7893a1c7448c766cfd3092624d2730a..2a873bb33fbabdbf98316006be7b0ba314cfb1b5 100644
--- a/controller/northbound/server/role.go
+++ b/controller/northbound/server/role.go
@@ -6,9 +6,9 @@ import (
"time"
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
- rbacInterfaces "code.fbi.h-da.de/danet/gosdn/controller/interfaces/rbac"
"code.fbi.h-da.de/danet/gosdn/controller/metrics"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"code.fbi.h-da.de/danet/gosdn/controller/store"
"github.com/google/uuid"
"github.com/prometheus/client_golang/prometheus"
@@ -20,15 +20,15 @@ import (
// RoleServer holds a JWTManager and represents a RoleServiceServer.
type RoleServer struct {
apb.UnimplementedRoleServiceServer
- jwtManager *rbac.JWTManager
- roleService rbacInterfaces.RoleService
+ jwtManager *rbac.JWTManager
+ serviceManager servmgmt.ServiceManager
}
// NewRoleServer receives a JWTManager and a RoleService and returns a new RoleServer.
-func NewRoleServer(jwtManager *rbac.JWTManager, roleService rbacInterfaces.RoleService) *RoleServer {
+func NewRoleServer(jwtManager *rbac.JWTManager, serviceManager servmgmt.ServiceManager) *RoleServer {
return &RoleServer{
- jwtManager: jwtManager,
- roleService: roleService,
+ jwtManager: jwtManager,
+ serviceManager: serviceManager,
}
}
@@ -41,7 +41,7 @@ func (r RoleServer) CreateRoles(ctx context.Context, request *apb.CreateRolesReq
for _, rrole := range request.Roles {
role := rbac.NewRole(uuid.New(), rrole.Name, rrole.Description, rrole.Permissions)
- err := r.roleService.Add(role)
+ err := r.serviceManager.RoleService.Add(role)
if err != nil {
log.Error(err)
return nil, status.Errorf(codes.Aborted, "%v", err)
@@ -65,7 +65,7 @@ func (r RoleServer) GetRole(ctx context.Context, request *apb.GetRoleRequest) (*
return nil, fmt.Errorf("could not parse role uuid")
}
- roleData, err := r.roleService.Get(store.Query{Name: request.RoleName, ID: roleID})
+ roleData, err := r.serviceManager.RoleService.Get(store.Query{Name: request.RoleName, ID: roleID})
if err != nil {
return nil, err
}
@@ -90,7 +90,7 @@ func (r RoleServer) GetRoles(ctx context.Context, request *apb.GetRolesRequest)
start := metrics.StartHook(labels, grpcRequestsTotal)
defer metrics.FinishHook(labels, start, grpcRequestDurationSecondsTotal, grpcRequestDurationSeconds)
- roleList, err := r.roleService.GetAll()
+ roleList, err := r.serviceManager.RoleService.GetAll()
if err != nil {
return nil, err
}
@@ -123,13 +123,13 @@ func (r RoleServer) UpdateRoles(ctx context.Context, request *apb.UpdateRolesReq
if err != nil {
return nil, handleRPCError(labels, err)
}
- _, err = r.roleService.Get(store.Query{ID: rid})
+ _, err = r.serviceManager.RoleService.Get(store.Query{ID: rid})
if err != nil {
return nil, status.Errorf(codes.Canceled, "role not found %v", err)
}
roleToUpdate := rbac.NewRole(rid, role.Name, role.Description, role.Permissions)
- err = r.roleService.Update(roleToUpdate)
+ err = r.serviceManager.RoleService.Update(roleToUpdate)
if err != nil {
return nil, status.Errorf(codes.Aborted, "could not update role %v", err)
}
@@ -147,7 +147,7 @@ func (r RoleServer) DeletePermissionsForRole(ctx context.Context, request *apb.D
start := metrics.StartHook(labels, grpcRequestsTotal)
defer metrics.FinishHook(labels, start, grpcRequestDurationSecondsTotal, grpcRequestDurationSeconds)
- roleToUpdate, err := r.roleService.Get(store.Query{Name: request.RoleName})
+ roleToUpdate, err := r.serviceManager.RoleService.Get(store.Query{Name: request.RoleName})
if err != nil {
return nil, status.Errorf(codes.Canceled, "role not found %v", err)
}
@@ -172,7 +172,7 @@ func (r RoleServer) DeletePermissionsForRole(ctx context.Context, request *apb.D
// updates the existing role with the trimmed set of permissions
roleToUpdate.RemovePermissionsFromRole(request.PermissionsToDelete)
- err = r.roleService.Update(roleToUpdate)
+ err = r.serviceManager.RoleService.Update(roleToUpdate)
if err != nil {
return nil, status.Errorf(codes.Aborted, "could not update role %v", err)
}
@@ -190,12 +190,12 @@ func (r RoleServer) DeleteRoles(ctx context.Context, request *apb.DeleteRolesReq
defer metrics.FinishHook(labels, start, grpcRequestDurationSecondsTotal, grpcRequestDurationSeconds)
for _, role := range request.RoleName {
- roleToDelete, err := r.roleService.Get(store.Query{Name: role})
+ roleToDelete, err := r.serviceManager.RoleService.Get(store.Query{Name: role})
if err != nil {
return nil, status.Errorf(codes.Canceled, "role not found")
}
- err = r.roleService.Delete(roleToDelete)
+ err = r.serviceManager.RoleService.Delete(roleToDelete)
if err != nil {
return nil, status.Errorf(codes.Aborted, "error deleting role %v", err)
}
diff --git a/controller/northbound/server/role_test.go b/controller/northbound/server/role_test.go
index 2ad31431d68eba2c9c4b528554024af541b3ebd9..c4c88fe4fab78fff993d8818e0c7445f5d17a433 100644
--- a/controller/northbound/server/role_test.go
+++ b/controller/northbound/server/role_test.go
@@ -8,6 +8,7 @@ import (
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"github.com/google/uuid"
eventservice "code.fbi.h-da.de/danet/gosdn/controller/eventService"
@@ -23,8 +24,10 @@ func getTestRoleServer(t *testing.T) *RoleServer {
roleStore := rbac.NewMemoryRoleStore()
roleService := rbac.NewRoleService(roleStore, eventService)
- s := NewRoleServer(jwtManager, roleService)
- err := clearAndCreateAuthTestSetup(userService, roleService)
+ serviceManager := servmgmt.ServiceManager{UserService: userService, RoleService: roleService}
+
+ s := NewRoleServer(jwtManager, serviceManager)
+ err := clearAndCreateAuthTestSetup(serviceManager)
if err != nil {
t.Fatalf("%v", err)
}
diff --git a/controller/northbound/server/test_util_test.go b/controller/northbound/server/test_util_test.go
index e32c7d8011801a4bfdccc6200663e5df2a487572..24fd718395685f41291da7b55e4f885fe2f27b87 100644
--- a/controller/northbound/server/test_util_test.go
+++ b/controller/northbound/server/test_util_test.go
@@ -14,6 +14,7 @@ import (
"code.fbi.h-da.de/danet/gosdn/controller/interfaces/southbound"
"code.fbi.h-da.de/danet/gosdn/controller/mocks"
"code.fbi.h-da.de/danet/gosdn/controller/nucleus"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"code.fbi.h-da.de/danet/gosdn/models/generated/openconfig"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
@@ -52,37 +53,37 @@ const randomRoleName = "bertram"
var adminRoleMap = map[string]string{pndID: "adminTestRole"}
var userRoleMap = map[string]string{pndID: "userTestRole"}
-func clearAndCreateAuthTestSetup(userService rbacInterfaces.UserService, roleService rbacInterfaces.RoleService) error {
+func clearAndCreateAuthTestSetup(serviceManager servmgmt.ServiceManager) error {
//clear setup if changed
- storedUsers, err := userService.GetAll()
+ storedUsers, err := serviceManager.UserService.GetAll()
if err != nil {
return err
}
for _, u := range storedUsers {
- err = userService.Delete(u)
+ err = serviceManager.UserService.Delete(u)
if err != nil {
return err
}
}
- storedRoles, err := roleService.GetAll()
+ storedRoles, err := serviceManager.RoleService.GetAll()
if err != nil {
return err
}
for _, r := range storedRoles {
- err = roleService.Delete(r)
+ err = serviceManager.RoleService.Delete(r)
if err != nil {
return err
}
}
// create dataset
- err = createTestUsers(userService)
+ err = createTestUsers(serviceManager.UserService)
if err != nil {
return err
}
- err = createTestRoles(roleService)
+ err = createTestRoles(serviceManager.RoleService)
if err != nil {
return err
}
@@ -180,20 +181,20 @@ func patchLogger(t *testing.T) {
// Creates a token to be used in auth interceptor tests. If validTokenRequired is set as true, the generated token will also
// be attached to the provided user. Else the user won't have the token and can not be authorized.
-func createTestUserToken(userName string, validTokenRequired bool, userService rbacInterfaces.UserService, jwt *rbac.JWTManager) (string, error) {
+func createTestUserToken(userName string, validTokenRequired bool, serviceManager servmgmt.ServiceManager, jwt *rbac.JWTManager) (string, error) {
token, err := jwt.GenerateToken(rbac.User{UserName: userName})
if err != nil {
return token, err
}
if validTokenRequired {
- user, err := userService.Get(store.Query{Name: userName})
+ user, err := serviceManager.UserService.Get(store.Query{Name: userName})
if err != nil {
return token, err
}
user.SetToken(token)
- err = userService.Update(user)
+ err = serviceManager.UserService.Update(user)
if err != nil {
return token, err
}
diff --git a/controller/northbound/server/user.go b/controller/northbound/server/user.go
index e46718d841256b5635a62e7c907529625fd2fc9e..d68c7805ba6cf35f6a874ab0c93bd3f5096459f1 100644
--- a/controller/northbound/server/user.go
+++ b/controller/northbound/server/user.go
@@ -11,6 +11,7 @@ import (
"code.fbi.h-da.de/danet/gosdn/controller/conflict"
"code.fbi.h-da.de/danet/gosdn/controller/metrics"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"code.fbi.h-da.de/danet/gosdn/controller/store"
"github.com/google/uuid"
"github.com/prometheus/client_golang/prometheus"
@@ -20,22 +21,20 @@ import (
"google.golang.org/grpc/status"
"golang.org/x/crypto/argon2"
-
- rbacInterfaces "code.fbi.h-da.de/danet/gosdn/controller/interfaces/rbac"
)
// UserServer holds a JWTManager and represents a UserServiceServer.
type UserServer struct {
apb.UnimplementedUserServiceServer
- jwtManager *rbac.JWTManager
- userService rbacInterfaces.UserService
+ jwtManager *rbac.JWTManager
+ serviceManager servmgmt.ServiceManager
}
// NewUserServer receives a JWTManager and a UserService and returns a new UserServer.
-func NewUserServer(jwtManager *rbac.JWTManager, userService rbacInterfaces.UserService) *UserServer {
+func NewUserServer(jwtManager *rbac.JWTManager, serviceManager servmgmt.ServiceManager) *UserServer {
return &UserServer{
- jwtManager: jwtManager,
- userService: userService,
+ jwtManager: jwtManager,
+ serviceManager: serviceManager,
}
}
@@ -66,7 +65,7 @@ func (u UserServer) CreateUsers(ctx context.Context, request *apb.CreateUsersReq
hashedPassword := base64.RawStdEncoding.EncodeToString(argon2.IDKey([]byte(user.Password), []byte(salt), 1, 64*1024, 4, 32))
user := rbac.NewUser(uuid.New(), user.Name, roles, string(hashedPassword), user.Token, salt, conflict.Metadata{ResourceVersion: 0})
- err = u.userService.Add(user)
+ err = u.serviceManager.UserService.Add(user)
if err != nil {
log.Error(err)
return nil, status.Errorf(codes.Aborted, "%v", err)
@@ -90,7 +89,7 @@ func (u UserServer) GetUser(ctx context.Context, request *apb.GetUserRequest) (*
return nil, fmt.Errorf("could not parse user uuid")
}
- userData, err := u.userService.Get(store.Query{Name: request.Name, ID: userID})
+ userData, err := u.serviceManager.UserService.Get(store.Query{Name: request.Name, ID: userID})
if err != nil {
return nil, err
}
@@ -117,7 +116,7 @@ func (u UserServer) GetUsers(ctx context.Context, request *apb.GetUsersRequest)
start := metrics.StartHook(labels, grpcRequestsTotal)
defer metrics.FinishHook(labels, start, grpcRequestDurationSecondsTotal, grpcRequestDurationSeconds)
- userList, err := u.userService.GetAll()
+ userList, err := u.serviceManager.UserService.GetAll()
if err != nil {
return nil, err
}
@@ -153,7 +152,7 @@ func (u UserServer) UpdateUsers(ctx context.Context, request *apb.UpdateUsersReq
return nil, handleRPCError(labels, err)
}
- storedUser, err := u.userService.Get(store.Query{ID: uid})
+ storedUser, err := u.serviceManager.UserService.Get(store.Query{ID: uid})
if err != nil {
return nil, status.Errorf(codes.Canceled, "user not found %v", err)
}
@@ -166,7 +165,7 @@ func (u UserServer) UpdateUsers(ctx context.Context, request *apb.UpdateUsersReq
usr, _ := userToUpdate.(*rbac.User)
usr.Metadata.ResourceVersion = int(user.Metadata.ResourceVersion)
- err = u.userService.Update(usr)
+ err = u.serviceManager.UserService.Update(usr)
if err != nil {
return nil, status.Errorf(codes.Aborted, "could not update user %v", err)
}
@@ -185,12 +184,12 @@ func (u UserServer) DeleteUsers(ctx context.Context, request *apb.DeleteUsersReq
defer metrics.FinishHook(labels, start, grpcRequestDurationSecondsTotal, grpcRequestDurationSeconds)
for _, user := range request.Username {
- userToDelete, err := u.userService.Get(store.Query{Name: user})
+ userToDelete, err := u.serviceManager.UserService.Get(store.Query{Name: user})
if err != nil {
return nil, status.Errorf(codes.Canceled, "user not found %v", err)
}
- err = u.userService.Delete(userToDelete)
+ err = u.serviceManager.UserService.Delete(userToDelete)
if err != nil {
return nil, status.Errorf(codes.Aborted, "error deleting user %v", err)
}
diff --git a/controller/northbound/server/user_test.go b/controller/northbound/server/user_test.go
index 41ffef625d1b955148353dc85da944c113461264..594dd4cea979b89176af6326a11e91a1c2642c42 100644
--- a/controller/northbound/server/user_test.go
+++ b/controller/northbound/server/user_test.go
@@ -10,6 +10,7 @@ import (
apb "code.fbi.h-da.de/danet/gosdn/api/go/gosdn/rbac"
eventservice "code.fbi.h-da.de/danet/gosdn/controller/eventService"
"code.fbi.h-da.de/danet/gosdn/controller/rbac"
+ "code.fbi.h-da.de/danet/gosdn/controller/servmgmt"
"github.com/google/uuid"
)
@@ -23,8 +24,10 @@ func getTestUserServer(t *testing.T) *UserServer {
roleStore := rbac.NewMemoryRoleStore()
roleService := rbac.NewRoleService(roleStore, eventService)
- s := NewUserServer(jwtManager, userService)
- err := clearAndCreateAuthTestSetup(s.userService, roleService)
+ serviceManager := servmgmt.ServiceManager{UserService: userService, RoleService: roleService}
+
+ s := NewUserServer(jwtManager, serviceManager)
+ err := clearAndCreateAuthTestSetup(serviceManager)
if err != nil {
t.Fatalf("%v", err)
}