mirror of
https://github.com/openziti/zrok.git
synced 2024-11-07 08:44:14 +01:00
frontends -> share_frontends; CanAccessShare refactoring (#650)
This commit is contained in:
parent
f260449604
commit
f174abd18f
@ -163,32 +163,43 @@ func (a *Agent) CanAccessShare(shrId int, trx *sqlx.Tx) (bool, error) {
|
||||
return false, err
|
||||
}
|
||||
if env.AccountId != nil {
|
||||
if err := a.str.LimitCheckLock(*env.AccountId, trx); err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
ul, err := a.getUserLimits(*env.AccountId, trx)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
if ul.resource.IsGlobal() {
|
||||
if empty, err := a.str.IsBandwidthLimitJournalEmptyForGlobal(*env.AccountId, trx); err == nil && !empty {
|
||||
lj, err := a.str.FindLatestBandwidthLimitJournalForGlobal(*env.AccountId, trx)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if lj.Action == store.LimitLimitAction {
|
||||
return false, nil
|
||||
}
|
||||
if scopedBwc, found := ul.scopes[sdk.BackendMode(shr.BackendMode)]; found {
|
||||
latestScopedJe, err := a.isBandwidthClassLimitedForAccount(*env.AccountId, scopedBwc, trx)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if latestScopedJe != nil {
|
||||
return false, nil
|
||||
}
|
||||
} else {
|
||||
if empty, err := a.str.IsBandwidthLimitJournalEmptyForLimitClass(*env.AccountId, ul.resource.GetLimitClassId(), trx); err == nil && !empty {
|
||||
lj, err := a.str.FindLatestBandwidthLimitJournalForLimitClass(*env.AccountId, ul.resource.GetLimitClassId(), trx)
|
||||
for _, bwc := range ul.bandwidth {
|
||||
latestJe, err := a.isBandwidthClassLimitedForAccount(*env.AccountId, bwc, trx)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if lj.Action == store.LimitLimitAction {
|
||||
if latestJe != nil {
|
||||
return false, nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
rc := ul.resource
|
||||
if scopeRc, found := ul.scopes[sdk.BackendMode(shr.BackendMode)]; found {
|
||||
rc = scopeRc
|
||||
}
|
||||
if rc.GetShareFrontends() > store.Unlimited {
|
||||
// TODO: Implement frontends+1 check
|
||||
return true, nil
|
||||
}
|
||||
} else {
|
||||
return false, nil
|
||||
}
|
||||
|
@ -10,7 +10,7 @@ type Config struct {
|
||||
Shares int
|
||||
ReservedShares int
|
||||
UniqueNames int
|
||||
Frontends int
|
||||
ShareFrontends int
|
||||
Bandwidth *BandwidthPerPeriod
|
||||
Cycle time.Duration
|
||||
Enforcing bool
|
||||
@ -50,7 +50,7 @@ func DefaultConfig() *Config {
|
||||
Shares: store.Unlimited,
|
||||
ReservedShares: store.Unlimited,
|
||||
UniqueNames: store.Unlimited,
|
||||
Frontends: store.Unlimited,
|
||||
ShareFrontends: store.Unlimited,
|
||||
Bandwidth: DefaultBandwidthPerPeriod(),
|
||||
Enforcing: false,
|
||||
Cycle: 15 * time.Minute,
|
||||
|
@ -37,8 +37,8 @@ func (rcc *configResourceCountClass) GetUniqueNames() int {
|
||||
return rcc.cfg.UniqueNames
|
||||
}
|
||||
|
||||
func (rcc *configResourceCountClass) GetFrontends() int {
|
||||
return rcc.cfg.Frontends
|
||||
func (rcc *configResourceCountClass) GetShareFrontends() int {
|
||||
return rcc.cfg.ShareFrontends
|
||||
}
|
||||
|
||||
func (rcc *configResourceCountClass) String() string {
|
||||
|
@ -22,7 +22,7 @@ type ResourceCountClass interface {
|
||||
GetShares() int
|
||||
GetReservedShares() int
|
||||
GetUniqueNames() int
|
||||
GetFrontends() int
|
||||
GetShareFrontends() int
|
||||
}
|
||||
|
||||
type BandwidthClass interface {
|
||||
@ -43,7 +43,7 @@ type LimitClass struct {
|
||||
Shares int
|
||||
ReservedShares int
|
||||
UniqueNames int
|
||||
Frontends int
|
||||
ShareFrontends int
|
||||
PeriodMinutes int
|
||||
RxBytes int64
|
||||
TxBytes int64
|
||||
@ -79,8 +79,8 @@ func (lc LimitClass) GetUniqueNames() int {
|
||||
return lc.UniqueNames
|
||||
}
|
||||
|
||||
func (lc LimitClass) GetFrontends() int {
|
||||
return lc.Frontends
|
||||
func (lc LimitClass) GetShareFrontends() int {
|
||||
return lc.ShareFrontends
|
||||
}
|
||||
|
||||
func (lc LimitClass) GetBackendMode() sdk.BackendMode {
|
||||
@ -127,8 +127,8 @@ func (lc LimitClass) String() string {
|
||||
if lc.UniqueNames > Unlimited {
|
||||
out += fmt.Sprintf(", uniqueNames: %d", lc.UniqueNames)
|
||||
}
|
||||
if lc.Frontends > Unlimited {
|
||||
out += fmt.Sprintf(", frontends: %d", lc.Frontends)
|
||||
if lc.ShareFrontends > Unlimited {
|
||||
out += fmt.Sprintf(", frontends: %d", lc.ShareFrontends)
|
||||
}
|
||||
if lc.RxBytes > Unlimited || lc.TxBytes > Unlimited || lc.TotalBytes > Unlimited {
|
||||
out += fmt.Sprintf(", periodMinutes: %d", lc.PeriodMinutes)
|
||||
@ -149,12 +149,12 @@ func (lc LimitClass) String() string {
|
||||
var _ BandwidthClass = (*LimitClass)(nil)
|
||||
|
||||
func (str *Store) CreateLimitClass(lc *LimitClass, trx *sqlx.Tx) (int, error) {
|
||||
stmt, err := trx.Prepare("insert into limit_classes (backend_mode, environments, shares, reserved_shares, unique_names, frontends, period_minutes, rx_bytes, tx_bytes, total_bytes, limit_action) values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11) returning id")
|
||||
stmt, err := trx.Prepare("insert into limit_classes (backend_mode, environments, shares, reserved_shares, unique_names, share_frontends, period_minutes, rx_bytes, tx_bytes, total_bytes, limit_action) values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11) returning id")
|
||||
if err != nil {
|
||||
return 0, errors.Wrap(err, "error preparing limit_classes insert statement")
|
||||
}
|
||||
var id int
|
||||
if err := stmt.QueryRow(lc.BackendMode, lc.Environments, lc.Shares, lc.ReservedShares, lc.UniqueNames, lc.Frontends, lc.PeriodMinutes, lc.RxBytes, lc.TxBytes, lc.TotalBytes, lc.LimitAction).Scan(&id); err != nil {
|
||||
if err := stmt.QueryRow(lc.BackendMode, lc.Environments, lc.Shares, lc.ReservedShares, lc.UniqueNames, lc.ShareFrontends, lc.PeriodMinutes, lc.RxBytes, lc.TxBytes, lc.TotalBytes, lc.LimitAction).Scan(&id); err != nil {
|
||||
return 0, errors.Wrap(err, "error executing limit_classes insert statement")
|
||||
}
|
||||
return id, nil
|
||||
|
@ -1,3 +1,3 @@
|
||||
-- +migrate Up
|
||||
|
||||
alter table limit_classes add column frontends int not null default (-1);
|
||||
alter table limit_classes add column share_frontends int not null default (-1);
|
@ -1,3 +1,3 @@
|
||||
-- +migrate Up
|
||||
|
||||
alter table limit_classes add column frontends int not null default (-1);
|
||||
alter table limit_classes add column share_frontends int not null default (-1);
|
Loading…
Reference in New Issue
Block a user