Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authz: protect GET for Projects (and prepare for more) #618

Merged
merged 2 commits into from
Jan 24, 2022
Merged

authz: protect GET for Projects (and prepare for more) #618

merged 2 commits into from
Jan 24, 2022

Conversation

davepacheco
Copy link
Collaborator

This change does a few things:

  • adds authz checks for the "GET Project" API endpoint
  • refactors the Project fetch/lookup functions, exactly analogously to what I did under add authz checks for top-level Organization endpoints #592 for Organizations. This lays groundwork for protecting the rest of the project-level API endpoints as well as the endpoints for Instances, Disks, VPCs, etc.
  • renames organization_lookup_id() (which was created in add authz checks for top-level Organization endpoints #592) to organization_lookup_path() for consistency with project_lookup_path(). The idea here is that for every resource we'll eventually have a $resource_lookup_path() function that takes the (API) path of names that identify it. For example:
    • organization_lookup_path(organization_name) (in this change, renamed from organization_lookup_id)
    • project_lookup_path(organization_name, project_name) (new in this change, this simplifies a bunch of call sites in nexus.rs)
    • disk_lookup_path(organization_name, project_name, disk_name) (future change)
    • etc
  • rewraps some comments and string literals that were over 80 columns

This is all a lot simpler than it sounds. Most of the changes are pretty mechanical.

Hopefully those examples explain why I called these *_lookup_path, and why I renamed the Organization lookup function to match, even though it only has one name in its argument list.

I'm trying to keep these PRs small and manageable. As a result, this is still an intermediate state. There will be more cleanup to be done as I get to the more deeply-nested endpoints. (As an example: in functions like Nexus::project_update_vpc, we used to first look up the Organization id, then the Project id, then the Vpc id. Now we use the new DataStore::project_lookup_path to directly fetch the project id, then we do a separate lookup for the Vpc id. In a follow on change I expect this to be simplified further using a new DataStore::vpc_lookup_path.)

david-crespo
david-crespo reviewed Jan 22, 2022
View reviewed changes
nexus/src/nexus.rs
.await?
.id();
self.db_datastore.project_fetch(&organization_id, project_name).await
.1)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The .1 here feels a little opaque. One alternative would be to use a struct instead of a tuple for the lookup result (so here you would do .model or something), but maybe that's too heavy.

david-crespo
david-crespo approved these changes Jan 22, 2022
View reviewed changes
Copy link
Contributor

@david-crespo david-crespo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! The lookup_path concept makes sense to me. (I might have called it lookup_by_path though 🙂)

@davepacheco davepacheco merged commit 6c742ea into main Jan 24, 2022
@davepacheco davepacheco deleted the authz-work branch January 24, 2022 16:44
leftwo pushed a commit that referenced this pull request Jan 28, 2024
Update crucible and propolis versions
301f95e 
Crucible changes
Remove a superfluous copy during write serialization (#1087)
Update to progenitor v0.5.0, pull in required Omicron updates (#1115)
Update usdt to v0.5.0 (#1116)
Do not panic on reinitialize of a downstairs client. (#1114)
Bump (tracing-)opentelemetry(-jaeger) (#1113)
Make the Guest -> Upstairs queue fully async (#1086)
Switch to per-block ownership (#1107)
Handle timeout in the client IO task (#1109)
Enforce buffer alignment (#1106)
Block size buffers (#1105)
New dtrace probes and a counter struct in the Upstairs. (#1104)
Implement read decryption offloading (#1089)
Remove Arc + Mutex from Buffer (#1094)
Comment cleanup and rename of DsState::Repair -> Reconcile (#1102)
do not panic the dynamometer for OOB writes (#1101)
Allow dsc to start the downstairs in read-only mode. (#1098)
Use the omicron-zone-package methods for topo sorting (#1099)
Package with topological sorting (#1097)
Fix clippy lints in dsc (#1095)

Propolis changes:
PHD: demote artifact store logs to DEBUG, enable DEBUG on CI (#626)
PHD: fix missing newlines in serial.log (#622)
PHD: fix run_shell_command with multiline commands (#621)
PHD: fix `--artifact-directory` not doing anything (#618)
Update h2 dependency
Update Crucible (and Omicron) dependencies
PHD: refactor guest serial console handling (#615)
phd: add basic "migration-from-base" tests + machinery (#609)
phd: Ensure min disk size fits read-only parents (#611)
phd: automatically fetch `crucible-downstairs` from Buildomat (#604)
Mitigate behavior from illumos#16183
PHD: add guest adapter for WS2022 (#607)
phd: include error cause chain in failure output (#606)
add QEMU pvpanic ISA device (#596)
Add crucible-mem backend
Make crucible opt parsing more terse in standalone
@leftwo leftwo mentioned this pull request Jan 28, 2024
Merged
leftwo added a commit that referenced this pull request Jan 29, 2024
@leftwo
Update crucible and propolis versions (#4912)
45df2e6 
Crucible changes
Remove a superfluous copy during write serialization (#1087) Update to
progenitor v0.5.0, pull in required Omicron updates (#1115) Update usdt
to v0.5.0 (#1116)
Do not panic on reinitialize of a downstairs client. (#1114) Bump
(tracing-)opentelemetry(-jaeger) (#1113)
Make the Guest -> Upstairs queue fully async (#1086) Switch to per-block
ownership (#1107)
Handle timeout in the client IO task (#1109)
Enforce buffer alignment (#1106)
Block size buffers (#1105)
New dtrace probes and a counter struct in the Upstairs. (#1104)
Implement read decryption offloading (#1089)
Remove Arc + Mutex from Buffer (#1094)
Comment cleanup and rename of DsState::Repair -> Reconcile (#1102) do
not panic the dynamometer for OOB writes (#1101) Allow dsc to start the
downstairs in read-only mode. (#1098) Use the omicron-zone-package
methods for topo sorting (#1099) Package with topological sorting
(#1097)
Fix clippy lints in dsc (#1095)

Propolis changes:
PHD: demote artifact store logs to DEBUG, enable DEBUG on CI (#626) 
PHD: fix missing newlines in serial.log (#622)
PHD: fix run_shell_command with multiline commands (#621) 
PHD: fix `--artifact-directory` not doing anything (#618) Update h2
dependency
Update Crucible (and Omicron) dependencies
PHD: refactor guest serial console handling (#615) 
phd: add basic "migration-from-base" tests + machinery (#609) 
phd: Ensure min disk size fits read-only parents (#611) 
phd: automatically fetch `crucible-downstairs` from Buildomat (#604)
Mitigate behavior from illumos#16183
PHD: add guest adapter for WS2022 (#607)
phd: include error cause chain in failure output (#606) add QEMU pvpanic
ISA device (#596)
Add crucible-mem backend
Make crucible opt parsing more terse in standalone

Co-authored-by: Alan Hanson <alan@oxide.computer>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@david-crespo david-crespo david-crespo approved these changes

@teisenbe teisenbe Awaiting requested review from teisenbe

@smklein smklein Awaiting requested review from smklein

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davepacheco @david-crespo