api

package
v0.0.0-...-bf95a06 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2024 License: Apache-2.0 Imports: 41 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ForbidClusterIDHeader 

func ForbidClusterIDHeader(inner http.Handler) http.Handler

ForbidClusterIDHeader is a global middleware that rejects the X-Limes-Cluster-Id header (which was removed from the API spec).

func GenerateTransferToken 

func GenerateTransferToken() string

Generates a token that is used to transfer a commitment from a source to a target project. The token will be attached to the commitment that will be transferred and stored in the database until the transfer is concluded.

func GetDomainReport 

func GetDomainReport(cluster *core.Cluster, dbDomain db.Domain, now time.Time, dbi db.Interface, filter reports.Filter) (*limesresources.DomainReport, error)

GetDomainReport is a convenience wrapper around reports.GetDomains() for getting a single domain report.

func GetProjectRateReport 

func GetProjectRateReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, dbi db.Interface, filter reports.Filter) (*limesrates.ProjectReport, error)

GetProjectRateReport is a convenience wrapper around reports.GetProjectRates() for getting a single project rate report.

func GetProjectResourceReport 

func GetProjectResourceReport(cluster *core.Cluster, dbDomain db.Domain, dbProject db.Project, now time.Time, dbi db.Interface, filter reports.Filter) (*limesresources.ProjectReport, error)

GetProjectResourceReport is a convenience wrapper around reports.GetProjectResources() for getting a single project resource report.

func NewTokenValidator 

func NewTokenValidator(provider *gophercloud.ProviderClient, eo gophercloud.EndpointOpts) (gopherpolicy.Validator, error)

NewTokenValidator constructs a gopherpolicy.TokenValidator instance.

func NewV1API 

func NewV1API(cluster *core.Cluster, dbm *gorp.DbMap, tokenValidator gopherpolicy.Validator, timeNow func() time.Time, generateTransferToken func() string) httpapi.API

NewV1API creates an httpapi.API that serves the Limes v1 API. It also returns the VersionData for this API version which is needed for the version advertisement on "GET /".

func RequireJSON 

func RequireJSON(w http.ResponseWriter, r *http.Request, data any) bool

RequireJSON will parse the request body into the given data structure, or write an error response if that fails.

func StartAuditTrail 

func StartAuditTrail()

StartAuditTrail starts the audit trail by initializing the event sink and starting a Commit() goroutine.

Types

type JSONListStream 

type JSONListStream[T any] struct {
	OuterFieldName string
	Request        *http.Request
	ResponseWriter http.ResponseWriter
	// contains filtered or unexported fields
}

JSONListStream writes a JSON response containing a single array in the form 

{ "things": [ thing1, thing2, ..., thingN ] }

without needing to hold the entire list of things in memory at once. This is especially necessary for large project reports because the JSON can grow to several 100 MiB for large domains and high detail settings, which would lead to OOM on the API process in a cgroup-controlled deployment if we try to hold it all in memory.

We delay the opening `{"things":[` until we receive the first item, so that errors can be logged as a 5xx response if necessary. Upon getting the first report, we commit to the response being 200 and print reports as they come in. If we get to the end, we just need to write the trailing `]}` to complete the response.

func NewJSONListStream 

func NewJSONListStream[T any](w http.ResponseWriter, r *http.Request, outerFieldName string) *JSONListStream[T]

func (*JSONListStream[T]) FinalizeDocument 

func (s *JSONListStream[T]) FinalizeDocument(err error)

FinalizeDocument must be called once after all items have been written, to properly finalize the JSON document.

func (*JSONListStream[T]) WriteItem 

func (s *JSONListStream[T]) WriteItem(item T) error

WriteItem can be called as many times as necessary to append items to the JSON document.

type MissingProjectReportError 

type MissingProjectReportError struct {
	ServiceType  limes.ServiceType
	ResourceName limesresources.ResourceName
}

MissingProjectReportError is returned by QuotaUpdater.ValidateInput() when a project report is incomplete. This usually happens when a user tries to PUT a quota on a new project that has not been scraped yet.

func (MissingProjectReportError) Error 

func (e MissingProjectReportError) Error() string

Error implements the builtin/error interface.

type QuotaRequest 

type QuotaRequest struct {
	OldValue        uint64
	NewValue        uint64
	Unit            limes.Unit
	ValidationError *core.QuotaValidationError
}

QuotaRequest describes a single quota value that a PUT request wants to change. It appears in type QuotaUpdater.

type QuotaUpdater 

type QuotaUpdater struct {
	// scope
	Cluster *core.Cluster
	Domain  *db.Domain  // always set (for project quota updates, contains the project's domain)
	Project *db.Project // nil for domain quota updates

	// context
	DB  *gorp.DbMap
	Now time.Time

	// AuthZ info
	CanRaise   func(serviceType limes.ServiceType, resourceName limesresources.ResourceName) bool
	CanRaiseLP func(serviceType limes.ServiceType, resourceName limesresources.ResourceName) bool // low-privilege raise
	CanLower   func(serviceType limes.ServiceType, resourceName limesresources.ResourceName) bool
	CanLowerLP func(serviceType limes.ServiceType, resourceName limesresources.ResourceName) bool

	// Filled by ValidateInput() with the keys being the service type and the resource name.
	Requests map[limes.ServiceType]map[limesresources.ResourceName]QuotaRequest
}

QuotaUpdater contains the shared code for domain and project PUT requests. See func PutDomain and func PutProject for how it's used.

func (QuotaUpdater) CommitAuditTrail 

func (u QuotaUpdater) CommitAuditTrail(token *gopherpolicy.Token, r *http.Request, requestTime time.Time)

CommitAuditTrail prepares an audit.Trail instance for this updater and commits it.

func (QuotaUpdater) IsValid 

func (u QuotaUpdater) IsValid() bool

IsValid returns true if all u.Requests are valid (i.e. ValidationError == nil).

func (QuotaUpdater) QuotaConstraints 

func (u QuotaUpdater) QuotaConstraints() core.QuotaConstraints

QuotaConstraints returns the quota constraints that apply to this updater's scope.

func (QuotaUpdater) ScopeName 

func (u QuotaUpdater) ScopeName() string

ScopeName is "$DOMAIN_NAME" for domains and "$DOMAIN_NAME/$PROJECT_NAME" for projects.

func (QuotaUpdater) ScopeType 

func (u QuotaUpdater) ScopeType() string

ScopeType is used for constructing error messages.

func (*QuotaUpdater) ValidateInput 

func (u *QuotaUpdater) ValidateInput(input limesresources.QuotaRequest, dbi db.Interface) error

ValidateInput reads the given input and validates the quotas contained therein. Results are collected into u.Requests. The return value is only set for unexpected errors, not for validation errors.

func (QuotaUpdater) WritePutErrorResponse 

func (u QuotaUpdater) WritePutErrorResponse(w http.ResponseWriter)

WritePutErrorResponse produces a negative HTTP response for this PUT request. It may only be used when `u.IsValid()` is false.

func (QuotaUpdater) WriteSimulationReport 

func (u QuotaUpdater) WriteSimulationReport(w http.ResponseWriter)

WriteSimulationReport produces the HTTP response for the POST /simulate-put endpoints.

type RateLimitRequest 

type RateLimitRequest struct {
	Unit            limes.Unit
	OldLimit        uint64
	NewLimit        uint64
	OldWindow       limesrates.Window
	NewWindow       limesrates.Window
	ValidationError *core.QuotaValidationError
}

RateLimitRequest describes a single rate limit that a PUT requests wants to change. It appears in type QuotaUpdater.

type RateLimitUpdater 

type RateLimitUpdater struct {
	// scope (all fields are always set since rate limits can only be updated on
	// the project level)
	Cluster *core.Cluster
	Domain  *db.Domain
	Project *db.Project

	// AuthZ info
	CanSetRateLimit func(limes.ServiceType) bool

	// Filled by ValidateInput() with the keys being the service type and the rate name.
	Requests map[limes.ServiceType]map[limesrates.RateName]RateLimitRequest
}

RateLimitUpdater is the equivalent of QuotaUpdater for rate limit PUT requests.

func (RateLimitUpdater) CommitAuditTrail 

func (u RateLimitUpdater) CommitAuditTrail(token *gopherpolicy.Token, r *http.Request, requestTime time.Time)

CommitAuditTrail prepares an audit.Trail instance for this updater and commits it.

func (RateLimitUpdater) IsValid 

func (u RateLimitUpdater) IsValid() bool

IsValid returns true if all u.LimitRequests are valid (i.e. ValidationError == nil).

func (*RateLimitUpdater) ValidateInput 

func (u *RateLimitUpdater) ValidateInput(input limesrates.RateRequest, dbi db.Interface) error

ValidateInput reads the given input and validates the quotas contained therein. Results are collected into u.Requests. The return value is only set for unexpected errors, not for validation errors.

func (RateLimitUpdater) WritePutErrorResponse 

func (u RateLimitUpdater) WritePutErrorResponse(w http.ResponseWriter)

WritePutErrorResponse produces a negative HTTP response for this PUT request. It may only be used when `u.IsValid()` is false.

func (RateLimitUpdater) WriteSimulationReport 

func (u RateLimitUpdater) WriteSimulationReport(w http.ResponseWriter)

WriteSimulationReport produces the HTTP response for the POST /simulate-put endpoints.

type VersionData 

type VersionData struct {
	Status string            `json:"status"`
	ID     string            `json:"id"`
	Links  []VersionLinkData `json:"links"`
}

VersionData is used by version advertisement handlers.

type VersionLinkData 

type VersionLinkData struct {
	URL      string `json:"href"`
	Relation string `json:"rel"`
	Type     string `json:"type,omitempty"`
}

VersionLinkData is used by version advertisement handlers, as part of the VersionData struct.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.