Merge "runtime/internal/rpc/stream/benchmark: Fix VIF benchmarks."

commit: 2d7269746d160ff62aae8a82eef4abd85862f9df [log] [tgz]
author: Asim Shankar <ashankar@google.com> Mon Jun 01 17:29:28 2015 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Mon Jun 01 17:29:28 2015 +0000
tree: 2457477a37db779a42e12432d3433e1b0f50cd58
parent: 8b5320599f95cee7fc49e56ab42a25261defc99a [diff]
parent: 187b5a27f54629e4bba0431fb8f0a5320481df5d [diff]
diff --git a/lib/security/securityflag/flag.go b/lib/security/securityflag/flag.go
index dea39a0..022e643 100644
--- a/lib/security/securityflag/flag.go
+++ b/lib/security/securityflag/flag.go

@@ -47,7 +47,7 @@
 	} else {
 		var perms access.Permissions
 		if perms, err = access.ReadPermissions(bytes.NewBufferString(literal)); err == nil {
-			a, err = access.PermissionsAuthorizer(perms, access.TypicalTagType())
+			a = access.TypicalTagTypePermissionsAuthorizer(perms)
 		}
 	}
 	if err != nil {

diff --git a/lib/security/securityflag/flag_test.go b/lib/security/securityflag/flag_test.go
index 04ca9ff..6e9fbcc 100644
--- a/lib/security/securityflag/flag_test.go
+++ b/lib/security/securityflag/flag_test.go

@@ -32,26 +32,19 @@
 	}
 
 	expectedAuthorizer = map[string]security.Authorizer{
-		"empty":  auth(access.PermissionsAuthorizer(perms1, access.TypicalTagType())),
-		"perms2": auth(access.PermissionsAuthorizer(perms2, access.TypicalTagType())),
+		"empty":  access.TypicalTagTypePermissionsAuthorizer(perms1),
+		"perms2": access.TypicalTagTypePermissionsAuthorizer(perms2),
 	}
 )
 
-func auth(a security.Authorizer, err error) security.Authorizer {
-	if err != nil {
-		panic(err)
-	}
-	return a
-}
-
 var permFromFlag = modules.Register(func(env *modules.Env, args ...string) error {
 	nfargs := flag.CommandLine.Args()
-	tam, err := PermissionsFromFlag()
+	perms, err := PermissionsFromFlag()
 	if err != nil {
 		fmt.Fprintf(env.Stdout, "PermissionsFromFlag() failed: %v", err)
 		return nil
 	}
-	got := auth(access.PermissionsAuthorizer(tam, access.TypicalTagType()))
+	got := access.TypicalTagTypePermissionsAuthorizer(perms)
 	want := expectedAuthorizer[nfargs[0]]
 	if !reflect.DeepEqual(got, want) {
 		fmt.Fprintf(env.Stdout, "args %#v\n", args)

diff --git a/runtime/internal/vtrace/vtrace_test.go b/runtime/internal/vtrace/vtrace_test.go
index 7e3ee2e..9971176 100644
--- a/runtime/internal/vtrace/vtrace_test.go
+++ b/runtime/internal/vtrace/vtrace_test.go

@@ -350,10 +350,7 @@
 	if err != nil {
 		return nil, nil, err
 	}
-	auth, err := access.PermissionsAuthorizer(perms, access.TypicalTagType())
-	if err != nil {
-		return nil, nil, err
-	}
+	auth := access.TypicalTagTypePermissionsAuthorizer(perms)
 	return nil, auth, nil
 }
 

diff --git a/services/internal/pathperms/hierarchical_authorizer.go b/services/internal/pathperms/hierarchical_authorizer.go
index 1556eb0..3d6c5f1 100644
--- a/services/internal/pathperms/hierarchical_authorizer.go
+++ b/services/internal/pathperms/hierarchical_authorizer.go

@@ -29,15 +29,6 @@
 	PermsForPath(path string) (access.Permissions, bool, error)
 }
 
-func mkRootAuth(rootPerms access.Permissions) (security.Authorizer, error) {
-	rootAuth, err := access.PermissionsAuthorizer(rootPerms, access.TypicalTagType())
-	if err != nil {
-		vlog.Errorf("Successfully obtained Permissions from the filesystem but PermissionsAuthorizer couldn't use it: %v", err)
-		return nil, err
-	}
-	return rootAuth, nil
-}
-
 // NewHierarchicalAuthorizer creates a new hierarchicalAuthorizer: one
 // that implements a "root" like concept: admin rights at the root of
 // a server can invoke RPCs regardless of permissions set on child objects.
@@ -60,11 +51,7 @@
 
 	// We are at the root so exit early.
 	if ha.rootDir == ha.childDir {
-		a, err := mkRootAuth(rootPerms)
-		if err != nil {
-			return err
-		}
-		return adminCheckAuth(ctx, call, a, rootPerms)
+		return adminCheckAuth(ctx, call, access.TypicalTagTypePermissionsAuthorizer(rootPerms), rootPerms)
 	}
 
 	// This is not fatal: the childDir may not exist if we are invoking
@@ -73,19 +60,10 @@
 	if err != nil {
 		return err
 	} else if intentionallyEmpty {
-		a, err := mkRootAuth(rootPerms)
-		if err != nil {
-			return err
-		}
-		return adminCheckAuth(ctx, call, a, rootPerms)
+		return adminCheckAuth(ctx, call, access.TypicalTagTypePermissionsAuthorizer(rootPerms), rootPerms)
 	}
 
-	childAuth, err := access.PermissionsAuthorizer(childPerms, access.TypicalTagType())
-	if err != nil {
-		vlog.Errorf("Successfully obtained a Permissions from the filesystem but PermissionsAuthorizer couldn't use it: %v", err)
-		return err
-	}
-	return adminCheckAuth(ctx, call, childAuth, rootPerms)
+	return adminCheckAuth(ctx, call, access.TypicalTagTypePermissionsAuthorizer(childPerms), rootPerms)
 }
 
 func adminCheckAuth(ctx *context.T, call security.Call, auth security.Authorizer, perms access.Permissions) error {
commit	2d7269746d160ff62aae8a82eef4abd85862f9df	[log] [tgz]
author	Asim Shankar <ashankar@google.com>	Mon Jun 01 17:29:28 2015 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Mon Jun 01 17:29:28 2015 +0000
tree	2457477a37db779a42e12432d3433e1b0f50cd58
parent	8b5320599f95cee7fc49e56ab42a25261defc99a [diff]
parent	187b5a27f54629e4bba0431fb8f0a5320481df5d [diff]