Skip to content

Commit

Permalink
Add conditional update methods for AccessList and `AccessListMember…
Browse files Browse the repository at this point in the history
…s` (#40036) (#40318)

* Add conditional update methods for `AccessList` and `AccessListMembers`

This PR adds two new methods for conditinally update an AccessList and
AccessListMember resources to avoid overriding changed resources.

This is a preparation for a ineligible status reconciler.



* Update lib/services/simple/access_list.go



* handle review comments and drop copy methods

* simplify code

---------

Signed-off-by: Tiago Silva <[email protected]>
Co-authored-by: rosstimothy <[email protected]>
  • Loading branch information
tigrato and rosstimothy authored Apr 10, 2024
1 parent 0b59d9f commit 27bdf28
Show file tree
Hide file tree
Showing 15 changed files with 1,324 additions and 458 deletions.
24 changes: 24 additions & 0 deletions api/client/accesslist/accesslist.go
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,18 @@ func (c *Client) UpsertAccessList(ctx context.Context, accessList *accesslist.Ac
return responseAccessList, trace.Wrap(err)
}

// UpdateAccessList updates an access list resource.
func (c *Client) UpdateAccessList(ctx context.Context, accessList *accesslist.AccessList) (*accesslist.AccessList, error) {
resp, err := c.grpcClient.UpdateAccessList(ctx, &accesslistv1.UpdateAccessListRequest{
AccessList: conv.ToProto(accessList),
})
if err != nil {
return nil, trace.Wrap(err)
}
responseAccessList, err := conv.FromProto(resp)
return responseAccessList, trace.Wrap(err)
}

// DeleteAccessList removes the specified access list resource.
func (c *Client) DeleteAccessList(ctx context.Context, name string) error {
_, err := c.grpcClient.DeleteAccessList(ctx, &accesslistv1.DeleteAccessListRequest{
Expand Down Expand Up @@ -219,6 +231,18 @@ func (c *Client) UpsertAccessListMember(ctx context.Context, member *accesslist.
return responseMember, trace.Wrap(err)
}

// UpdateAccessListMember updates an access list member resource using a conditional update.
func (c *Client) UpdateAccessListMember(ctx context.Context, member *accesslist.AccessListMember) (*accesslist.AccessListMember, error) {
resp, err := c.grpcClient.UpdateAccessListMember(ctx, &accesslistv1.UpdateAccessListMemberRequest{
Member: conv.ToMemberProto(member),
})
if err != nil {
return nil, trace.Wrap(err)
}
responseMember, err := conv.FromMemberProto(resp)
return responseMember, trace.Wrap(err)
}

// DeleteAccessListMember hard deletes the specified access list member resource.
func (c *Client) DeleteAccessListMember(ctx context.Context, accessList string, memberName string) error {
_, err := c.grpcClient.DeleteAccessListMember(ctx, &accesslistv1.DeleteAccessListMemberRequest{
Expand Down
1,070 changes: 613 additions & 457 deletions api/gen/proto/go/teleport/accesslist/v1/accesslist_service.pb.go

Large diffs are not rendered by default.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

17 changes: 17 additions & 0 deletions api/proto/teleport/accesslist/v1/accesslist_service.proto
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ service AccessListService {
rpc GetAccessList(GetAccessListRequest) returns (AccessList);
// UpsertAccessList creates or updates an access list resource.
rpc UpsertAccessList(UpsertAccessListRequest) returns (AccessList);
// UpdateAccessList updates an access list resource.
rpc UpdateAccessList(UpdateAccessListRequest) returns (AccessList);
// DeleteAccessList hard deletes the specified access list resource.
rpc DeleteAccessList(DeleteAccessListRequest) returns (google.protobuf.Empty);
// DeleteAllAccessLists hard deletes all access lists.
Expand All @@ -53,6 +55,8 @@ service AccessListService {
rpc GetAccessListMember(GetAccessListMemberRequest) returns (Member);
// UpsertAccessListMember creates or updates an access list member resource.
rpc UpsertAccessListMember(UpsertAccessListMemberRequest) returns (Member);
// UpdateAccessListMember conditionally updates an access list member resource.
rpc UpdateAccessListMember(UpdateAccessListMemberRequest) returns (Member);
// DeleteAccessListMember hard deletes the specified access list member
// resource.
rpc DeleteAccessListMember(DeleteAccessListMemberRequest) returns (google.protobuf.Empty);
Expand Down Expand Up @@ -125,6 +129,12 @@ message UpsertAccessListRequest {
AccessList access_list = 1;
}

// UpdateAccessListRequest is the request for updating an access list.
message UpdateAccessListRequest {
// access_list is the access list to upsert.
AccessList access_list = 1;
}

// DeleteAccessListRequest is the request for deleting an access list.
message DeleteAccessListRequest {
// name is the name of the access list to delete.
Expand Down Expand Up @@ -237,6 +247,13 @@ message UpsertAccessListMemberRequest {
Member member = 4;
}

// UpdateAccessListMemberRequest is the request for updating an access list
// member.
message UpdateAccessListMemberRequest {
// member is the access list member to upsert.
Member member = 1;
}

// DeleteAccessListMemberRequest is the request for deleting a member from an
// access list.
message DeleteAccessListMemberRequest {
Expand Down
Loading

0 comments on commit 27bdf28

Please sign in to comment.