Skip to content

Commit 7fde8fb

Browse files
EmyrkEmyrk
committed
Rename logger-> log, database->db, authorizer->auth, remove "authorized" prefix
1 parent e1ce04e commit 7fde8fb

15 files changed

+310
-310
lines changed

coderd/authzquery/apikey.go

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,31 +10,31 @@ import (
1010
)
1111

1212
func (q *AuthzQuerier) DeleteAPIKeyByID(ctx context.Context, id string) error {
13-
return authorizedDelete(q.logger, q.authorizer, q.database.GetAPIKeyByID, q.database.DeleteAPIKeyByID)(ctx, id)
13+
return delete(q.log, q.auth, q.db.GetAPIKeyByID, q.db.DeleteAPIKeyByID)(ctx, id)
1414
}
1515

1616
func (q *AuthzQuerier) GetAPIKeyByID(ctx context.Context, id string) (database.APIKey, error) {
17-
return authorizedFetch(q.logger, q.authorizer, q.database.GetAPIKeyByID)(ctx, id)
17+
return fetch(q.log, q.auth, q.db.GetAPIKeyByID)(ctx, id)
1818
}
1919

2020
func (q *AuthzQuerier) GetAPIKeysByLoginType(ctx context.Context, loginType database.LoginType) ([]database.APIKey, error) {
21-
return authorizedFetchSet(q.authorizer, q.database.GetAPIKeysByLoginType)(ctx, loginType)
21+
return fetchSet(q.auth, q.db.GetAPIKeysByLoginType)(ctx, loginType)
2222
}
2323

2424
func (q *AuthzQuerier) GetAPIKeysLastUsedAfter(ctx context.Context, lastUsed time.Time) ([]database.APIKey, error) {
25-
return authorizedFetchSet(q.authorizer, q.database.GetAPIKeysLastUsedAfter)(ctx, lastUsed)
25+
return fetchSet(q.auth, q.db.GetAPIKeysLastUsedAfter)(ctx, lastUsed)
2626
}
2727

2828
func (q *AuthzQuerier) InsertAPIKey(ctx context.Context, arg database.InsertAPIKeyParams) (database.APIKey, error) {
29-
return authorizedInsertWithReturn(q.logger, q.authorizer,
29+
return insertWithReturn(q.log, q.auth,
3030
rbac.ActionCreate,
3131
rbac.ResourceAPIKey.WithOwner(arg.UserID.String()),
32-
q.database.InsertAPIKey)(ctx, arg)
32+
q.db.InsertAPIKey)(ctx, arg)
3333
}
3434

3535
func (q *AuthzQuerier) UpdateAPIKeyByID(ctx context.Context, arg database.UpdateAPIKeyByIDParams) error {
3636
fetch := func(ctx context.Context, arg database.UpdateAPIKeyByIDParams) (database.APIKey, error) {
37-
return q.database.GetAPIKeyByID(ctx, arg.ID)
37+
return q.db.GetAPIKeyByID(ctx, arg.ID)
3838
}
39-
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.UpdateAPIKeyByID)(ctx, arg)
39+
return update(q.log, q.auth, fetch, q.db.UpdateAPIKeyByID)(ctx, arg)
4040
}

coderd/authzquery/audit.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ import (
88
)
99

1010
func (q *AuthzQuerier) InsertAuditLog(ctx context.Context, arg database.InsertAuditLogParams) (database.AuditLog, error) {
11-
return authorizedInsertWithReturn(q.logger, q.authorizer, rbac.ActionCreate, rbac.ResourceAuditLog, q.database.InsertAuditLog)(ctx, arg)
11+
return insertWithReturn(q.log, q.auth, rbac.ActionCreate, rbac.ResourceAuditLog, q.db.InsertAuditLog)(ctx, arg)
1212
}
1313

1414
func (q *AuthzQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAuditLogsOffsetParams) ([]database.GetAuditLogsOffsetRow, error) {
@@ -18,5 +18,5 @@ func (q *AuthzQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetA
1818
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceAuditLog); err != nil {
1919
return nil, err
2020
}
21-
return q.database.GetAuditLogsOffset(ctx, arg)
21+
return q.db.GetAuditLogsOffset(ctx, arg)
2222
}

coderd/authzquery/authz.go

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ func LogNotAuthorizedError(ctx context.Context, logger slog.Logger, err error) e
5454
}
5555
}
5656

57-
func authorizedInsert[ArgumentType any,
57+
func insert[ArgumentType any,
5858
Insert func(ctx context.Context, arg ArgumentType) error](
5959
// Arguments
6060
logger slog.Logger,
@@ -63,14 +63,14 @@ func authorizedInsert[ArgumentType any,
6363
object rbac.Objecter,
6464
insertFunc Insert) Insert {
6565
return func(ctx context.Context, arg ArgumentType) error {
66-
_, err := authorizedInsertWithReturn(logger, authorizer, action, object, func(ctx context.Context, arg ArgumentType) (rbac.Objecter, error) {
66+
_, err := insertWithReturn(logger, authorizer, action, object, func(ctx context.Context, arg ArgumentType) (rbac.Objecter, error) {
6767
return rbac.Object{}, insertFunc(ctx, arg)
6868
})(ctx, arg)
6969
return err
7070
}
7171
}
7272

73-
func authorizedInsertWithReturn[ObjectType any, ArgumentType any,
73+
func insertWithReturn[ObjectType any, ArgumentType any,
7474
Insert func(ctx context.Context, arg ArgumentType) (ObjectType, error)](
7575
// Arguments
7676
logger slog.Logger,
@@ -96,19 +96,19 @@ func authorizedInsertWithReturn[ObjectType any, ArgumentType any,
9696
}
9797
}
9898

99-
func authorizedDelete[ObjectType rbac.Objecter, ArgumentType any,
99+
func delete[ObjectType rbac.Objecter, ArgumentType any,
100100
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error),
101101
Delete func(ctx context.Context, arg ArgumentType) error](
102102
// Arguments
103103
logger slog.Logger,
104104
authorizer rbac.Authorizer,
105105
fetchFunc Fetch,
106106
deleteFunc Delete) Delete {
107-
return authorizedFetchAndExec(logger, authorizer,
107+
return fetchAndExec(logger, authorizer,
108108
rbac.ActionDelete, fetchFunc, deleteFunc)
109109
}
110110

111-
func authorizedUpdateWithReturn[ObjectType rbac.Objecter,
111+
func updateWithReturn[ObjectType rbac.Objecter,
112112
ArgumentType any,
113113
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error),
114114
UpdateQuery func(ctx context.Context, arg ArgumentType) (ObjectType, error)](
@@ -117,10 +117,10 @@ func authorizedUpdateWithReturn[ObjectType rbac.Objecter,
117117
authorizer rbac.Authorizer,
118118
fetchFunc Fetch,
119119
updateQuery UpdateQuery) UpdateQuery {
120-
return authorizedFetchAndQuery(logger, authorizer, rbac.ActionUpdate, fetchFunc, updateQuery)
120+
return fetchAndQuery(logger, authorizer, rbac.ActionUpdate, fetchFunc, updateQuery)
121121
}
122122

123-
func authorizedUpdate[ObjectType rbac.Objecter,
123+
func update[ObjectType rbac.Objecter,
124124
ArgumentType any,
125125
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error),
126126
Exec func(ctx context.Context, arg ArgumentType) error](
@@ -129,13 +129,13 @@ func authorizedUpdate[ObjectType rbac.Objecter,
129129
authorizer rbac.Authorizer,
130130
fetchFunc Fetch,
131131
updateExec Exec) Exec {
132-
return authorizedFetchAndExec(logger, authorizer, rbac.ActionUpdate, fetchFunc, updateExec)
132+
return fetchAndExec(logger, authorizer, rbac.ActionUpdate, fetchFunc, updateExec)
133133
}
134134

135135
// authorizedFetchAndExecWithConverter uses authorizedFetchAndQueryWithConverter but
136136
// only cares about the error return type. SQL execs only return an error.
137137
// See authorizedFetchAndQueryWithConverter for more details.
138-
func authorizedFetchAndExec[ObjectType rbac.Objecter,
138+
func fetchAndExec[ObjectType rbac.Objecter,
139139
ArgumentType any,
140140
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error),
141141
Exec func(ctx context.Context, arg ArgumentType) error](
@@ -145,7 +145,7 @@ func authorizedFetchAndExec[ObjectType rbac.Objecter,
145145
action rbac.Action,
146146
fetchFunc Fetch,
147147
execFunc Exec) Exec {
148-
f := authorizedFetchAndQuery(logger, authorizer, action, fetchFunc, func(ctx context.Context, arg ArgumentType) (empty ObjectType, err error) {
148+
f := fetchAndQuery(logger, authorizer, action, fetchFunc, func(ctx context.Context, arg ArgumentType) (empty ObjectType, err error) {
149149
return empty, execFunc(ctx, arg)
150150
})
151151
return func(ctx context.Context, arg ArgumentType) error {
@@ -154,7 +154,7 @@ func authorizedFetchAndExec[ObjectType rbac.Objecter,
154154
}
155155
}
156156

157-
func authorizedFetchAndQuery[ObjectType rbac.Objecter, ArgumentType any,
157+
func fetchAndQuery[ObjectType rbac.Objecter, ArgumentType any,
158158
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error),
159159
Query func(ctx context.Context, arg ArgumentType) (ObjectType, error)](
160160
// Arguments
@@ -186,7 +186,7 @@ func authorizedFetchAndQuery[ObjectType rbac.Objecter, ArgumentType any,
186186
}
187187
}
188188

189-
func authorizedFetch[ObjectType rbac.Objecter, ArgumentType any,
189+
func fetch[ObjectType rbac.Objecter, ArgumentType any,
190190
Fetch func(ctx context.Context, arg ArgumentType) (ObjectType, error)](
191191
// Arguments
192192
logger slog.Logger,
@@ -235,9 +235,9 @@ func authorizedQuery[ArgumentType any, ObjectType rbac.Objecter,
235235
}
236236
}
237237

238-
// authorizedFetchSet is like authorizedFetch, but works with lists of objects.
238+
// fetchSet is like fetch, but works with lists of objects.
239239
// SQL filters are much more optimal.
240-
func authorizedFetchSet[ArgumentType any, ObjectType rbac.Objecter,
240+
func fetchSet[ArgumentType any, ObjectType rbac.Objecter,
241241
DatabaseFunc func(ctx context.Context, arg ArgumentType) ([]ObjectType, error)](
242242
// Arguments
243243
authorizer rbac.Authorizer,
@@ -260,13 +260,13 @@ func authorizedFetchSet[ArgumentType any, ObjectType rbac.Objecter,
260260
}
261261
}
262262

263-
// authorizedQueryWithRelated performs the same function as authorizedQuery, except that
263+
// queryWithRelated performs the same function as authorizedQuery, except that
264264
// RBAC checks are performed on the result of relatedFunc() instead of the result of fetch().
265265
// This is useful for cases where ObjectType does not implement RBACObjecter.
266266
// For example, a TemplateVersion object does not implement RBACObjecter, but it is
267267
// related to a Template object, which does. Thus, any operations on a TemplateVersion
268268
// are predicated on the RBAC permissions of the related Template object.
269-
func authorizedQueryWithRelated[ObjectType any, ArgumentType any, Related rbac.Objecter](
269+
func queryWithRelated[ObjectType any, ArgumentType any, Related rbac.Objecter](
270270
// Arguments
271271
_ slog.Logger,
272272
authorizer rbac.Authorizer,

coderd/authzquery/authzquerier.go

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -21,21 +21,21 @@ var _ database.Store = (*AuthzQuerier)(nil)
2121
// Use WithAuthorizeContext to set the authorization subject in the context for
2222
// the common user case.
2323
type AuthzQuerier struct {
24-
database database.Store
25-
authorizer rbac.Authorizer
26-
logger slog.Logger
24+
db database.Store
25+
auth rbac.Authorizer
26+
log slog.Logger
2727
}
2828

2929
func NewAuthzQuerier(db database.Store, authorizer rbac.Authorizer, logger slog.Logger) *AuthzQuerier {
3030
return &AuthzQuerier{
31-
database: db,
32-
authorizer: authorizer,
33-
logger: logger,
31+
db: db,
32+
auth: authorizer,
33+
log: logger,
3434
}
3535
}
3636

3737
func (q *AuthzQuerier) Ping(ctx context.Context) (time.Duration, error) {
38-
return q.database.Ping(ctx)
38+
return q.db.Ping(ctx)
3939
}
4040

4141
// InTx runs the given function in a transaction.
@@ -45,9 +45,9 @@ func (q *AuthzQuerier) Ping(ctx context.Context) (time.Duration, error) {
4545
// func (q *AuthzQuerier) InTx(function func(querier AuthzStore) error, txOpts *sql.TxOptions) error {
4646
func (q *AuthzQuerier) InTx(function func(querier database.Store) error, txOpts *sql.TxOptions) error {
4747
// TODO: @emyrk verify this works.
48-
return q.database.InTx(func(tx database.Store) error {
48+
return q.db.InTx(func(tx database.Store) error {
4949
// Wrap the transaction store in an AuthzQuerier.
50-
wrapped := NewAuthzQuerier(tx, q.authorizer, slog.Make())
50+
wrapped := NewAuthzQuerier(tx, q.auth, slog.Make())
5151
return function(wrapped)
5252
}, txOpts)
5353
}
@@ -59,9 +59,9 @@ func (q *AuthzQuerier) authorizeContext(ctx context.Context, action rbac.Action,
5959
return NoActorError
6060
}
6161

62-
err := q.authorizer.Authorize(ctx, act, action, object.RBACObject())
62+
err := q.auth.Authorize(ctx, act, action, object.RBACObject())
6363
if err != nil {
64-
return LogNotAuthorizedError(ctx, q.logger, err)
64+
return LogNotAuthorizedError(ctx, q.log, err)
6565
}
6666
return nil
6767
}

coderd/authzquery/file.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,13 @@ import (
1111
)
1212

1313
func (q *AuthzQuerier) GetFileByHashAndCreator(ctx context.Context, arg database.GetFileByHashAndCreatorParams) (database.File, error) {
14-
return authorizedFetch(q.logger, q.authorizer, q.database.GetFileByHashAndCreator)(ctx, arg)
14+
return fetch(q.log, q.auth, q.db.GetFileByHashAndCreator)(ctx, arg)
1515
}
1616

1717
func (q *AuthzQuerier) GetFileByID(ctx context.Context, id uuid.UUID) (database.File, error) {
18-
return authorizedFetch(q.logger, q.authorizer, q.database.GetFileByID)(ctx, id)
18+
return fetch(q.log, q.auth, q.db.GetFileByID)(ctx, id)
1919
}
2020

2121
func (q *AuthzQuerier) InsertFile(ctx context.Context, arg database.InsertFileParams) (database.File, error) {
22-
return authorizedInsertWithReturn(q.logger, q.authorizer, rbac.ActionCreate, rbac.ResourceFile.WithOwner(arg.CreatedBy.String()), q.database.InsertFile)(ctx, arg)
22+
return insertWithReturn(q.log, q.auth, rbac.ActionCreate, rbac.ResourceFile.WithOwner(arg.CreatedBy.String()), q.db.InsertFile)(ctx, arg)
2323
}

coderd/authzquery/group.go

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -10,15 +10,15 @@ import (
1010
)
1111

1212
func (q *AuthzQuerier) DeleteGroupByID(ctx context.Context, id uuid.UUID) error {
13-
return authorizedDelete(q.logger, q.authorizer, q.database.GetGroupByID, q.database.DeleteGroupByID)(ctx, id)
13+
return delete(q.log, q.auth, q.db.GetGroupByID, q.db.DeleteGroupByID)(ctx, id)
1414
}
1515

1616
func (q *AuthzQuerier) DeleteGroupMemberFromGroup(ctx context.Context, arg database.DeleteGroupMemberFromGroupParams) error {
1717
// Deleting a group member counts as updating a group.
1818
fetch := func(ctx context.Context, arg database.DeleteGroupMemberFromGroupParams) (database.Group, error) {
19-
return q.database.GetGroupByID(ctx, arg.GroupID)
19+
return q.db.GetGroupByID(ctx, arg.GroupID)
2020
}
21-
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.DeleteGroupMemberFromGroup)(ctx, arg)
21+
return update(q.log, q.auth, fetch, q.db.DeleteGroupMemberFromGroup)(ctx, arg)
2222
}
2323

2424
func (q *AuthzQuerier) InsertUserGroupsByName(ctx context.Context, arg database.InsertUserGroupsByNameParams) error {
@@ -28,7 +28,7 @@ func (q *AuthzQuerier) InsertUserGroupsByName(ctx context.Context, arg database.
2828
fetch := func(ctx context.Context, arg database.InsertUserGroupsByNameParams) (rbac.Objecter, error) {
2929
return rbac.ResourceGroup.InOrg(arg.OrganizationID), nil
3030
}
31-
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.InsertUserGroupsByName)(ctx, arg)
31+
return update(q.log, q.auth, fetch, q.db.InsertUserGroupsByName)(ctx, arg)
3232
}
3333

3434
func (q *AuthzQuerier) DeleteGroupMembersByOrgAndUser(ctx context.Context, arg database.DeleteGroupMembersByOrgAndUserParams) error {
@@ -38,43 +38,43 @@ func (q *AuthzQuerier) DeleteGroupMembersByOrgAndUser(ctx context.Context, arg d
3838
fetch := func(ctx context.Context, arg database.DeleteGroupMembersByOrgAndUserParams) (rbac.Objecter, error) {
3939
return rbac.ResourceGroup.InOrg(arg.OrganizationID), nil
4040
}
41-
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.DeleteGroupMembersByOrgAndUser)(ctx, arg)
41+
return update(q.log, q.auth, fetch, q.db.DeleteGroupMembersByOrgAndUser)(ctx, arg)
4242
}
4343

4444
func (q *AuthzQuerier) GetGroupByID(ctx context.Context, id uuid.UUID) (database.Group, error) {
45-
return authorizedFetch(q.logger, q.authorizer, q.database.GetGroupByID)(ctx, id)
45+
return fetch(q.log, q.auth, q.db.GetGroupByID)(ctx, id)
4646
}
4747

4848
func (q *AuthzQuerier) GetGroupByOrgAndName(ctx context.Context, arg database.GetGroupByOrgAndNameParams) (database.Group, error) {
49-
return authorizedFetch(q.logger, q.authorizer, q.database.GetGroupByOrgAndName)(ctx, arg)
49+
return fetch(q.log, q.auth, q.db.GetGroupByOrgAndName)(ctx, arg)
5050
}
5151

5252
func (q *AuthzQuerier) GetGroupMembers(ctx context.Context, groupID uuid.UUID) ([]database.User, error) {
5353
relatedFunc := func(_ []database.User, groupID uuid.UUID) (database.Group, error) {
54-
return q.database.GetGroupByID(ctx, groupID)
54+
return q.db.GetGroupByID(ctx, groupID)
5555
}
56-
return authorizedQueryWithRelated(q.logger, q.authorizer, rbac.ActionRead, relatedFunc, q.database.GetGroupMembers)(ctx, groupID)
56+
return queryWithRelated(q.log, q.auth, rbac.ActionRead, relatedFunc, q.db.GetGroupMembers)(ctx, groupID)
5757
}
5858

5959
func (q *AuthzQuerier) InsertAllUsersGroup(ctx context.Context, organizationID uuid.UUID) (database.Group, error) {
6060
// This method creates a new group.
61-
return authorizedInsertWithReturn(q.logger, q.authorizer, rbac.ActionCreate, rbac.ResourceGroup.InOrg(organizationID), q.database.InsertAllUsersGroup)(ctx, organizationID)
61+
return insertWithReturn(q.log, q.auth, rbac.ActionCreate, rbac.ResourceGroup.InOrg(organizationID), q.db.InsertAllUsersGroup)(ctx, organizationID)
6262
}
6363

6464
func (q *AuthzQuerier) InsertGroup(ctx context.Context, arg database.InsertGroupParams) (database.Group, error) {
65-
return authorizedInsertWithReturn(q.logger, q.authorizer, rbac.ActionCreate, rbac.ResourceGroup.InOrg(arg.OrganizationID), q.database.InsertGroup)(ctx, arg)
65+
return insertWithReturn(q.log, q.auth, rbac.ActionCreate, rbac.ResourceGroup.InOrg(arg.OrganizationID), q.db.InsertGroup)(ctx, arg)
6666
}
6767

6868
func (q *AuthzQuerier) InsertGroupMember(ctx context.Context, arg database.InsertGroupMemberParams) error {
6969
fetch := func(ctx context.Context, arg database.InsertGroupMemberParams) (database.Group, error) {
70-
return q.database.GetGroupByID(ctx, arg.GroupID)
70+
return q.db.GetGroupByID(ctx, arg.GroupID)
7171
}
72-
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.InsertGroupMember)(ctx, arg)
72+
return update(q.log, q.auth, fetch, q.db.InsertGroupMember)(ctx, arg)
7373
}
7474

7575
func (q *AuthzQuerier) UpdateGroupByID(ctx context.Context, arg database.UpdateGroupByIDParams) (database.Group, error) {
7676
fetch := func(ctx context.Context, arg database.UpdateGroupByIDParams) (database.Group, error) {
77-
return q.database.GetGroupByID(ctx, arg.ID)
77+
return q.db.GetGroupByID(ctx, arg.ID)
7878
}
79-
return authorizedUpdateWithReturn(q.logger, q.authorizer, fetch, q.database.UpdateGroupByID)(ctx, arg)
79+
return updateWithReturn(q.log, q.auth, fetch, q.db.UpdateGroupByID)(ctx, arg)
8080
}

0 commit comments

Comments
 (0)