support deleting multiple service policies in one shot; bug in limits (#329)

controller/disable.go

@@ -100,10 +100,10 @@ func (h *disableHandler) removeSharesForEnvironment(envId int, tx *sqlx.Tx, edge
 			if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy(env.ZId, shrToken, edge); err != nil {
 				logrus.Error(err)
 			}
-			if err := zrokEdgeSdk.DeleteServicePolicyDial(env.ZId, shrToken, edge); err != nil {
+			if err := zrokEdgeSdk.DeleteServicePoliciesDial(env.ZId, shrToken, edge); err != nil {
 				logrus.Error(err)
 			}
-			if err := zrokEdgeSdk.DeleteServicePolicyBind(env.ZId, shrToken, edge); err != nil {
+			if err := zrokEdgeSdk.DeleteServicePoliciesBind(env.ZId, shrToken, edge); err != nil {
 				logrus.Error(err)
 			}
 			if err := zrokEdgeSdk.DeleteConfig(env.ZId, shrToken, edge); err != nil {
@@ -129,7 +129,7 @@ func (h *disableHandler) removeFrontendsForEnvironment(envId int, tx *sqlx.Tx, e
 			return err
 		}
 		for _, fe := range fes {
-			if err := zrokEdgeSdk.DeleteServicePolicy(env.ZId, fmt.Sprintf("tags.zrokFrontendToken=\"%v\" and type=1", fe.Token), edge); err != nil {
+			if err := zrokEdgeSdk.DeleteServicePolicies(env.ZId, fmt.Sprintf("tags.zrokFrontendToken=\"%v\" and type=1", fe.Token), edge); err != nil {
 				logrus.Errorf("error removing frontend access for '%v': %v", fe.Token, err)
 			}
 		}

controller/gc.go

@@ -76,10 +76,10 @@ func gcServices(edge *rest_management_api_client.ZitiEdgeManagement, liveMap map
 				if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy("gc", *svc.Name, edge); err != nil {
 					logrus.Errorf("error garbage collecting service edge router policy: %v", err)
 				}
-				if err := zrokEdgeSdk.DeleteServicePolicyDial("gc", *svc.Name, edge); err != nil {
+				if err := zrokEdgeSdk.DeleteServicePoliciesDial("gc", *svc.Name, edge); err != nil {
 					logrus.Errorf("error garbage collecting service dial policy: %v", err)
 				}
-				if err := zrokEdgeSdk.DeleteServicePolicyBind("gc", *svc.Name, edge); err != nil {
+				if err := zrokEdgeSdk.DeleteServicePoliciesBind("gc", *svc.Name, edge); err != nil {
 					logrus.Errorf("error garbage collecting service bind policy: %v", err)
 				}
 				if err := zrokEdgeSdk.DeleteConfig("gc", *svc.Name, edge); err != nil {
@@ -137,7 +137,7 @@ func gcServicePolicies(edge *rest_management_api_client.ZitiEdgeManagement, live
 			if _, found := liveMap[spName]; !found {
 				logrus.Infof("garbage collecting, svcId='%v'", spName)
 				deleteFilter := fmt.Sprintf("id=\"%v\"", *sp.ID)
-				if err := zrokEdgeSdk.DeleteServicePolicy("gc", deleteFilter, edge); err != nil {
+				if err := zrokEdgeSdk.DeleteServicePolicies("gc", deleteFilter, edge); err != nil {
 					logrus.Errorf("error garbage collecting service policy: %v", err)
 				}
 			} else {

controller/limits/accountLimitAction.go

@@ -33,7 +33,7 @@ func (a *accountLimitAction) HandleAccount(acct *store.Account, rxBytes, txBytes
 		}
 
 		for _, shr := range shrs {
-			if err := zrokEdgeSdk.DeleteServicePolicyDial(env.ZId, shr.Token, a.edge); err != nil {
+			if err := zrokEdgeSdk.DeleteServicePoliciesDial(env.ZId, shr.Token, a.edge); err != nil {
 				return errors.Wrapf(err, "error deleting dial service policy for '%v'", shr.Token)
 			}
 			logrus.Infof("removed dial service policy for share '%v' of environment '%v'", shr.Token, env.ZId)

controller/limits/environmentLimitAction.go

@@ -27,7 +27,7 @@ func (a *environmentLimitAction) HandleEnvironment(env *store.Environment, _, _
 	}
 
 	for _, shr := range shrs {
-		if err := zrokEdgeSdk.DeleteServicePolicyDial(env.ZId, shr.Token, a.edge); err != nil {
+		if err := zrokEdgeSdk.DeleteServicePoliciesDial(env.ZId, shr.Token, a.edge); err != nil {
 			return errors.Wrapf(err, "error deleting dial service policy for '%v'", shr.Token)
 		}
 		logrus.Infof("removed dial service policy for share '%v' of environment '%v'", shr.Token, env.ZId)

controller/limits/shareLimitAction.go

@@ -25,7 +25,7 @@ func (a *shareLimitAction) HandleShare(shr *store.Share, _, _ int64, _ *Bandwidt
 		return err
 	}
 
-	if err := zrokEdgeSdk.DeleteServicePolicyDial(env.ZId, shr.Token, a.edge); err != nil {
+	if err := zrokEdgeSdk.DeleteServicePoliciesDial(env.ZId, shr.Token, a.edge); err != nil {
 		return err
 	}
 	logrus.Infof("removed dial service policy for '%v'", shr.Token)

controller/unaccess.go

@@ -68,7 +68,7 @@ func (h *unaccessHandler) Handle(params share.UnaccessParams, principal *rest_mo
 		return share.NewUnaccessNotFound()
 	}
 
-	if err := zrokEdgeSdk.DeleteServicePolicy(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and tags.zrokFrontendToken=\"%v\" and type=1", shrToken, feToken), edge); err != nil {
+	if err := zrokEdgeSdk.DeleteServicePolicies(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and tags.zrokFrontendToken=\"%v\" and type=1", shrToken, feToken), edge); err != nil {
 		logrus.Errorf("error removing access to '%v' for '%v': %v", shrToken, envZId, err)
 		return share.NewUnaccessInternalServerError()
 	}

controller/unshare.go

@@ -124,10 +124,10 @@ func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken,
 	if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy(senv.ZId, shrToken, edge); err != nil {
 		return err
 	}
-	if err := zrokEdgeSdk.DeleteServicePolicyDial(senv.ZId, shrToken, edge); err != nil {
+	if err := zrokEdgeSdk.DeleteServicePoliciesDial(senv.ZId, shrToken, edge); err != nil {
 		return err
 	}
-	if err := zrokEdgeSdk.DeleteServicePolicyBind(senv.ZId, shrToken, edge); err != nil {
+	if err := zrokEdgeSdk.DeleteServicePoliciesBind(senv.ZId, shrToken, edge); err != nil {
 		return err
 	}
 	if err := zrokEdgeSdk.DeleteConfig(senv.ZId, shrToken, edge); err != nil {

controller/zrokEdgeSdk/sp.go

@@ -78,16 +78,16 @@ func createServicePolicy(name string, semantic rest_model.Semantic, identityRole
 	return resp.Payload.Data.ID, nil
 }
 
-func DeleteServicePolicyBind(envZId, shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) error {
-	return DeleteServicePolicy(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and type=%d", shrToken, servicePolicyBind), edge)
+func DeleteServicePoliciesBind(envZId, shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+	return DeleteServicePolicies(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and type=%d", shrToken, servicePolicyBind), edge)
 }
 
-func DeleteServicePolicyDial(envZId, shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) error {
-	return DeleteServicePolicy(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and type=%d", shrToken, servicePolicyDial), edge)
+func DeleteServicePoliciesDial(envZId, shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+	return DeleteServicePolicies(envZId, fmt.Sprintf("tags.zrokShareToken=\"%v\" and type=%d", shrToken, servicePolicyDial), edge)
 }
 
-func DeleteServicePolicy(envZId, filter string, edge *rest_management_api_client.ZitiEdgeManagement) error {
-	limit := int64(1)
+func DeleteServicePolicies(envZId, filter string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+	limit := int64(0)
 	offset := int64(0)
 	listReq := &service_policy.ListServicePoliciesParams{
 		Filter:  &filter,
@@ -100,8 +100,9 @@ func DeleteServicePolicy(envZId, filter string, edge *rest_management_api_client
 	if err != nil {
 		return err
 	}
-	if len(listResp.Payload.Data) == 1 {
-		spId := *(listResp.Payload.Data[0].ID)
+	logrus.Infof("found %d service policies to delete for '%v'", len(listResp.Payload.Data), filter)
+	for i := range listResp.Payload.Data {
+		spId := *(listResp.Payload.Data[i].ID)
 		req := &service_policy.DeleteServicePolicyParams{
 			ID:      spId,
 			Context: context.Background(),
@@ -112,8 +113,9 @@ func DeleteServicePolicy(envZId, filter string, edge *rest_management_api_client
 			return err
 		}
 		logrus.Infof("deleted service policy '%v' for environment '%v'", spId, envZId)
-	} else {
-		logrus.Infof("did not find a service policy")
+	}
+	if len(listResp.Payload.Data) < 1 {
+		logrus.Warnf("did not find any service policies to delete for '%v'", filter)
 	}
 	return nil
 }