本文整理汇总了Golang中github.com/juju/names.UserTag.Canonical方法的典型用法代码示例。如果您正苦于以下问题:Golang UserTag.Canonical方法的具体用法?Golang UserTag.Canonical怎么用?Golang UserTag.Canonical使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类github.com/juju/names.UserTag的用法示例。
在下文中一共展示了UserTag.Canonical方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: AddEnvironmentUser
// AddEnvironmentUser adds a new user to the database.
func (st *State) AddEnvironmentUser(user, createdBy names.UserTag, displayName string) (*EnvironmentUser, error) {
// Ensure local user exists in state before adding them as an environment user.
if user.IsLocal() {
localUser, err := st.User(user)
if err != nil {
return nil, errors.Annotate(err, fmt.Sprintf("user %q does not exist locally", user.Name()))
}
if displayName == "" {
displayName = localUser.DisplayName()
}
}
// Ensure local createdBy user exists.
if createdBy.IsLocal() {
if _, err := st.User(createdBy); err != nil {
return nil, errors.Annotate(err, fmt.Sprintf("createdBy user %q does not exist locally", createdBy.Name()))
}
}
envuuid := st.EnvironUUID()
op := createEnvUserOp(envuuid, user, createdBy, displayName)
err := st.runTransaction([]txn.Op{op})
if err == txn.ErrAborted {
err = errors.AlreadyExistsf("environment user %q", user.Canonical())
}
if err != nil {
return nil, errors.Trace(err)
}
// Re-read from DB to get the multi-env updated values.
return st.EnvironmentUser(user)
}示例2: CreateLocalLoginMacaroon
// CreateLocalLoginMacaroon creates a time-limited macaroon for a local user
// to log into the controller with. The macaroon will be valid for use with
// UserAuthenticator.Authenticate until the time limit expires, or the Juju
// controller agent restarts.
//
// NOTE(axw) this method will generate a key for a previously unseen user,
// and store it in the bakery.Service's storage. Callers should first ensure
// the user is valid before calling this, to avoid filling storage with keys
// for invalid users.
func (u *UserAuthenticator) CreateLocalLoginMacaroon(tag names.UserTag) (*macaroon.Macaroon, error) {
expiryTime := u.Clock.Now().Add(localLoginExpiryTime)
// Ensure that the private key that we generate and store will be
// removed from storage once the expiry time has elapsed.
bakeryService, err := u.Service.ExpireStorageAt(expiryTime)
if err != nil {
return nil, errors.Trace(err)
}
// We create the macaroon with a random ID and random root key, which
// enables multiple clients to login as the same user and obtain separate
// macaroons without having them use the same root key.
m, err := bakeryService.NewMacaroon("", nil, []checkers.Caveat{
// The macaroon may only be used to log in as the user
// specified by the tag passed to CreateLocalUserMacaroon.
checkers.DeclaredCaveat(usernameKey, tag.Canonical()),
})
if err != nil {
return nil, errors.Annotate(err, "cannot create macaroon")
}
if err := addMacaroonTimeBeforeCaveat(bakeryService, m, expiryTime); err != nil {
return nil, errors.Trace(err)
}
return m, nil
}示例3: ModelsForUser
// ModelsForUser returns a list of models that the user
// is able to access.
func (st *State) ModelsForUser(user names.UserTag) ([]*UserModel, error) {
// Since there are no groups at this stage, the simplest way to get all
// the models that a particular user can see is to look through the
// model user collection. A raw collection is required to support
// queries across multiple models.
modelUsers, userCloser := st.getRawCollection(modelUsersC)
defer userCloser()
// TODO: consider adding an index to the modelUsers collection on the username.
var userSlice []modelUserDoc
err := modelUsers.Find(bson.D{{"user", user.Canonical()}}).Select(bson.D{{"model-uuid", 1}, {"_id", 1}}).All(&userSlice)
if err != nil {
return nil, err
}
var result []*UserModel
for _, doc := range userSlice {
modelTag := names.NewModelTag(doc.ModelUUID)
env, err := st.GetModel(modelTag)
if err != nil {
return nil, errors.Trace(err)
}
result = append(result, &UserModel{Model: env, User: user})
}
return result, nil
}示例4: EnvironmentsForUser
// EnvironmentsForUser returns a list of enviroments that the user
// is able to access.
func (st *State) EnvironmentsForUser(user names.UserTag) ([]*UserEnvironment, error) {
// Since there are no groups at this stage, the simplest way to get all
// the environments that a particular user can see is to look through the
// environment user collection. A raw collection is required to support
// queries across multiple environments.
envUsers, userCloser := st.getRawCollection(envUsersC)
defer userCloser()
// TODO: consider adding an index to the envUsers collection on the username.
var userSlice []envUserDoc
err := envUsers.Find(bson.D{{"user", user.Canonical()}}).Select(bson.D{{"env-uuid", 1}, {"_id", 1}}).All(&userSlice)
if err != nil {
return nil, err
}
var result []*UserEnvironment
for _, doc := range userSlice {
envTag := names.NewEnvironTag(doc.EnvUUID)
env, err := st.GetEnvironment(envTag)
if err != nil {
return nil, errors.Trace(err)
}
result = append(result, &UserEnvironment{Environment: env, User: user})
}
return result, nil
}示例5: fakeLocalLoginMacaroon
func fakeLocalLoginMacaroon(tag names.UserTag) *macaroon.Macaroon {
mac, err := macaroon.New([]byte("abcdefghijklmnopqrstuvwx"), tag.Canonical(), "juju")
if err != nil {
panic(err)
}
return mac
}示例6: NewModel
// NewModel creates a new model with its own UUID and
// prepares it for use. Model and State instances for the new
// model are returned.
//
// The controller model's UUID is attached to the new
// model's document. Having the server UUIDs stored with each
// model document means that we have a way to represent external
// models, perhaps for future use around cross model
// relations.
func (st *State) NewModel(cfg *config.Config, owner names.UserTag) (_ *Model, _ *State, err error) {
if owner.IsLocal() {
if _, err := st.User(owner); err != nil {
return nil, nil, errors.Annotate(err, "cannot create model")
}
}
ssEnv, err := st.ControllerModel()
if err != nil {
return nil, nil, errors.Annotate(err, "could not load controller model")
}
uuid := cfg.UUID()
newState, err := st.ForModel(names.NewModelTag(uuid))
if err != nil {
return nil, nil, errors.Annotate(err, "could not create state for new model")
}
defer func() {
if err != nil {
newState.Close()
}
}()
ops, err := newState.envSetupOps(cfg, uuid, ssEnv.UUID(), owner)
if err != nil {
return nil, nil, errors.Annotate(err, "failed to create new model")
}
err = newState.runTransaction(ops)
if err == txn.ErrAborted {
// We have a unique key restriction on the "owner" and "name" fields,
// which will cause the insert to fail if there is another record with
// the same "owner" and "name" in the collection. If the txn is
// aborted, check if it is due to the unique key restriction.
models, closer := st.getCollection(modelsC)
defer closer()
envCount, countErr := models.Find(bson.D{
{"owner", owner.Canonical()},
{"name", cfg.Name()}},
).Count()
if countErr != nil {
err = errors.Trace(countErr)
} else if envCount > 0 {
err = errors.AlreadyExistsf("model %q for %s", cfg.Name(), owner.Canonical())
} else {
err = errors.New("model already exists")
}
}
if err != nil {
return nil, nil, errors.Trace(err)
}
newEnv, err := newState.Model()
if err != nil {
return nil, nil, errors.Trace(err)
}
return newEnv, newState, nil
}示例7: createUniqueOwnerModelNameOp
// createUniqueOwnerModelNameOp returns the operation needed to create
// an usermodelnameC document with the given owner and model name.
func createUniqueOwnerModelNameOp(owner names.UserTag, envName string) txn.Op {
return txn.Op{
C: usermodelnameC,
Id: userModelNameIndex(owner.Canonical(), envName),
Assert: txn.DocMissing,
Insert: bson.M{},
}
}示例8: User
// User returns the state User for the given name.
func (st *State) User(tag names.UserTag) (*User, error) {
if !tag.IsLocal() {
return nil, errors.NotFoundf("user %q", tag.Canonical())
}
user := &User{st: st}
if err := st.getUser(tag.Name(), &user.doc); err != nil {
return nil, errors.Trace(err)
}
return user, nil
}示例9: authCheck
// authCheck checks if the user is acting on their own behalf, or if they
// are an administrator acting on behalf of another user.
func (m *ModelManagerAPI) authCheck(user names.UserTag) error {
if m.isAdmin {
logger.Tracef("%q is a controller admin", m.apiUser.Canonical())
return nil
}
// We can't just compare the UserTags themselves as the provider part
// may be unset, and gets replaced with 'local'. We must compare against
// the Canonical value of the user tag.
if m.apiUser.Canonical() == user.Canonical() {
return nil
}
return common.ErrPerm
}示例10: ModelUser
// ModelUser returns the model user.
func (st *State) ModelUser(user names.UserTag) (*ModelUser, error) {
modelUser := &ModelUser{st: st}
modelUsers, closer := st.getCollection(modelUsersC)
defer closer()
username := strings.ToLower(user.Canonical())
err := modelUsers.FindId(username).One(&modelUser.doc)
if err == mgo.ErrNotFound {
return nil, errors.NotFoundf("model user %q", user.Canonical())
}
// DateCreated is inserted as UTC, but read out as local time. So we
// convert it back to UTC here.
modelUser.doc.DateCreated = modelUser.doc.DateCreated.UTC()
return modelUser, nil
}示例11: createModelOp
// createModelOp returns the operation needed to create
// an model document with the given name and UUID.
func createModelOp(st *State, owner names.UserTag, name, uuid, server string) txn.Op {
doc := &modelDoc{
UUID: uuid,
Name: name,
Life: Alive,
Owner: owner.Canonical(),
ServerUUID: server,
}
return txn.Op{
C: modelsC,
Id: uuid,
Assert: txn.DocMissing,
Insert: doc,
}
}示例12: EnvironmentUser
// EnvironmentUser returns the environment user.
func (st *State) EnvironmentUser(user names.UserTag) (*EnvironmentUser, error) {
envUser := &EnvironmentUser{st: st}
envUsers, closer := st.getCollection(envUsersC)
defer closer()
username := strings.ToLower(user.Canonical())
err := envUsers.FindId(username).One(&envUser.doc)
if err == mgo.ErrNotFound {
return nil, errors.NotFoundf("environment user %q", user.Canonical())
}
// DateCreated is inserted as UTC, but read out as local time. So we
// convert it back to UTC here.
envUser.doc.DateCreated = envUser.doc.DateCreated.UTC()
return envUser, nil
}示例13: RemoveModelUser
// RemoveModelUser removes a user from the database.
func (st *State) RemoveModelUser(user names.UserTag) error {
ops := []txn.Op{{
C: modelUsersC,
Id: modelUserID(user),
Assert: txn.DocExists,
Remove: true,
}}
err := st.runTransaction(ops)
if err == txn.ErrAborted {
err = errors.NewNotFound(err, fmt.Sprintf("env user %q does not exist", user.Canonical()))
}
if err != nil {
return errors.Trace(err)
}
return nil
}示例14: createEnvUserOp
func createEnvUserOp(envuuid string, user, createdBy names.UserTag, displayName string) txn.Op {
creatorname := createdBy.Canonical()
doc := &envUserDoc{
ID: envUserID(user),
EnvUUID: envuuid,
UserName: user.Canonical(),
DisplayName: displayName,
CreatedBy: creatorname,
DateCreated: nowToTheSecond(),
}
return txn.Op{
C: envUsersC,
Id: envUserID(user),
Assert: txn.DocMissing,
Insert: doc,
}
}示例15: authenticateMacaroons
func (u *UserAuthenticator) authenticateMacaroons(
entityFinder EntityFinder, tag names.UserTag, req params.LoginRequest,
) (state.Entity, error) {
// Check for a valid request macaroon.
assert := map[string]string{usernameKey: tag.Canonical()}
_, err := u.Service.CheckAny(req.Macaroons, assert, checkers.New(checkers.TimeBefore))
if err != nil {
return nil, errors.Trace(err)
}
entity, err := entityFinder.FindEntity(tag)
if errors.IsNotFound(err) {
return nil, errors.Trace(common.ErrBadCreds)
} else if err != nil {
return nil, errors.Trace(err)
}
return entity, nil
}