package clusterpolicy
import (
kapi "k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/rest"
"k8s.io/kubernetes/pkg/fields"
"k8s.io/kubernetes/pkg/labels"
"k8s.io/kubernetes/pkg/watch"
authorizationapi "github.com/openshift/origin/pkg/authorization/api"
"github.com/openshift/origin/pkg/authorization/registry/policy"
)
// Registry is an interface for things that know how to store ClusterPolicies.
type Registry interface {
// ListClusterPolicies obtains list of policies that match a selector.
ListClusterPolicies(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyList, error)
// GetClusterPolicy retrieves a specific policy.
GetClusterPolicy(ctx kapi.Context, id string) (*authorizationapi.ClusterPolicy, error)
// CreateClusterPolicy creates a new policy.
CreateClusterPolicy(ctx kapi.Context, policy *authorizationapi.ClusterPolicy) error
// UpdateClusterPolicy updates a policy.
UpdateClusterPolicy(ctx kapi.Context, policy *authorizationapi.ClusterPolicy) error
// DeleteClusterPolicy deletes a policy.
DeleteClusterPolicy(ctx kapi.Context, id string) error
}
type WatchingRegistry interface {
Registry
// WatchClusterPolicies watches policies.
WatchClusterPolicies(ctx kapi.Context, label labels.Selector, field fields.Selector, resourceVersion string) (watch.Interface, error)
}
// Storage is an interface for a standard REST Storage backend
type Storage interface {
rest.StandardStorage
}
// storage puts strong typing around storage calls
type storage struct {
Storage
}
// NewRegistry returns a new Registry interface for the given Storage. Any mismatched
// types will panic.
func NewRegistry(s Storage) WatchingRegistry {
return &storage{s}
}
func (s *storage) ListClusterPolicies(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyList, error) {
obj, err := s.List(ctx, label, field)
if err != nil {
return nil, err
}
return obj.(*authorizationapi.ClusterPolicyList), nil
}
func (s *storage) CreateClusterPolicy(ctx kapi.Context, node *authorizationapi.ClusterPolicy) error {
_, err := s.Create(ctx, node)
return err
}
func (s *storage) UpdateClusterPolicy(ctx kapi.Context, node *authorizationapi.ClusterPolicy) error {
_, _, err := s.Update(ctx, node)
return err
}
func (s *storage) WatchClusterPolicies(ctx kapi.Context, label labels.Selector, field fields.Selector, resourceVersion string) (watch.Interface, error) {
return s.Watch(ctx, label, field, resourceVersion)
}
func (s *storage) GetClusterPolicy(ctx kapi.Context, name string) (*authorizationapi.ClusterPolicy, error) {
obj, err := s.Get(ctx, name)
if err != nil {
return nil, err
}
return obj.(*authorizationapi.ClusterPolicy), nil
}
func (s *storage) DeleteClusterPolicy(ctx kapi.Context, name string) error {
_, err := s.Delete(ctx, name, nil)
return err
}
type simulatedStorage struct {
clusterRegistry Registry
}
func NewSimulatedRegistry(clusterRegistry Registry) policy.Registry {
return &simulatedStorage{clusterRegistry}
}
func (s *simulatedStorage) ListPolicies(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.PolicyList, error) {
ret, err := s.clusterRegistry.ListClusterPolicies(ctx, label, field)
return authorizationapi.ToPolicyList(ret), err
}
func (s *simulatedStorage) CreatePolicy(ctx kapi.Context, policy *authorizationapi.Policy) error {
return s.clusterRegistry.CreateClusterPolicy(ctx, authorizationapi.ToClusterPolicy(policy))
}
func (s *simulatedStorage) UpdatePolicy(ctx kapi.Context, policy *authorizationapi.Policy) error {
return s.clusterRegistry.UpdateClusterPolicy(ctx, authorizationapi.ToClusterPolicy(policy))
}
func (s *simulatedStorage) GetPolicy(ctx kapi.Context, name string) (*authorizationapi.Policy, error) {
ret, err := s.clusterRegistry.GetClusterPolicy(ctx, name)
return authorizationapi.ToPolicy(ret), err
}
func (s *simulatedStorage) DeletePolicy(ctx kapi.Context, name string) error {
return s.clusterRegistry.DeleteClusterPolicy(ctx, name)
}