veyron/services/mgmt/node: code cleanup TODO
Fix a code cleanup TODO in the change to add per-installation and
instance ACLs.
Change-Id: I9f47f64ea0193e14a4c044065e0ae78457fb7120
diff --git a/services/mgmt/node/impl/app_service.go b/services/mgmt/node/impl/app_service.go
index f64e908..3473a37 100644
--- a/services/mgmt/node/impl/app_service.go
+++ b/services/mgmt/node/impl/app_service.go
@@ -554,7 +554,7 @@
return installationDirCore(i.suffix, i.config.Root)
}
-func initializeInstanceACLs(key, installationDir, instanceDir string, blessings []string, acl security.ACL) error {
+func initializeInstanceACLs(instanceDir string, blessings []string, acl security.ACL) error {
if acl.In == nil {
// The acl.In will be empty for an unclaimed node manager. In this case,
// create it
@@ -610,7 +610,7 @@
return instanceDir, instanceID, err
}
- if err := initializeInstanceACLs(installationDir, installationDir, instanceDir, call.RemoteBlessings().ForContext(call), i.nodeACL); err != nil {
+ if err := initializeInstanceACLs(instanceDir, call.RemoteBlessings().ForContext(call), i.nodeACL); err != nil {
return instanceDir, instanceID, err
}
return instanceDir, instanceID, nil
@@ -1207,13 +1207,12 @@
}
// TODO(rjkroege): Consider maintaining an in-memory ACL cache.
-// TODO(rjkroege): Excise the idea of the key. Use the dir instead.
func (i *appService) SetACL(_ ipc.ServerContext, acl security.ACL, etag string) error {
dir, err := dirFromSuffix(i.suffix, i.config.Root)
if err != nil {
return err
}
- return setAppACL(i.locks, dir, dir, acl, etag)
+ return setAppACL(i.locks, dir, acl, etag)
}
func (i *appService) GetACL(_ ipc.ServerContext) (acl security.ACL, etag string, err error) {
@@ -1221,5 +1220,5 @@
if err != nil {
return security.ACL{}, "", err
}
- return getAppACL(i.locks, dir, dir)
+ return getAppACL(i.locks, dir)
}
diff --git a/services/mgmt/node/impl/dispatcher.go b/services/mgmt/node/impl/dispatcher.go
index ae2cc71..e2c0b59 100644
--- a/services/mgmt/node/impl/dispatcher.go
+++ b/services/mgmt/node/impl/dispatcher.go
@@ -184,15 +184,15 @@
}
// TODO(rjkroege): Further refactor ACL-setting code.
-func setAppACL(locks aclLocks, key, dir string, acl security.ACL, etag string) error {
+func setAppACL(locks aclLocks, dir string, acl security.ACL, etag string) error {
aclpath := path.Join(dir, "acls", "data")
sigpath := path.Join(dir, "acls", "signature")
// Acquire lock. Locks are per path to an acls file.
- lck, contains := locks[key]
+ lck, contains := locks[dir]
if !contains {
lck = new(sync.Mutex)
- locks[key] = lck
+ locks[dir] = lck
}
lck.Lock()
defer lck.Unlock()
@@ -222,15 +222,14 @@
return writeACLs(aclpath, sigpath, dir, acl)
}
-// TODO(rjkroege): Use the dir as the key.
-func getAppACL(locks aclLocks, key, dir string) (security.ACL, string, error) {
+func getAppACL(locks aclLocks, dir string) (security.ACL, string, error) {
aclpath := path.Join(dir, "acls", "data")
// Acquire lock. Locks are per path to an acls file.
- lck, contains := locks[key]
+ lck, contains := locks[dir]
if !contains {
lck = new(sync.Mutex)
- locks[key] = lck
+ locks[dir] = lck
}
lck.Lock()
defer lck.Unlock()
