kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

pkg/authorization: make it goroutine-safe

Browse source 
It was racy on config reload

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
This commit is contained in:
Alexander Morozov 2016-10-11 16:31:45 -07:00
parent 8d6e9f0c6a
commit a616cf3b88
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkg/authorization/middleware.go
View file

@ -2,6 +2,7 @@ package authorization
import ( import (
"net/http" "net/http"
"sync"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"golang.org/x/net/context" "golang.org/x/net/context"
@ -10,6 +11,7 @@ import (
// Middleware uses a list of plugins to // Middleware uses a list of plugins to
// handle authorization in the API requests. // handle authorization in the API requests.
type Middleware struct { type Middleware struct {
mu sync.Mutex
plugins []Plugin plugins []Plugin
} }
@ -23,14 +25,19 @@ func NewMiddleware(names []string) *Middleware {
// SetPlugins sets the plugin used for authorization // SetPlugins sets the plugin used for authorization
func (m *Middleware) SetPlugins(names []string) { func (m *Middleware) SetPlugins(names []string) {
m.mu.Lock()
m.plugins = newPlugins(names) m.plugins = newPlugins(names)
m.mu.Unlock()
} }
// WrapHandler returns a new handler function wrapping the previous one in the request chain. // WrapHandler returns a new handler function wrapping the previous one in the request chain.
func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error) func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error) func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
if len(m.plugins) == 0 { m.mu.Lock()
plugins := m.plugins
m.mu.Unlock()
if len(plugins) == 0 {
return handler(ctx, w, r, vars) return handler(ctx, w, r, vars)
} }
@ -46,7 +53,7 @@ func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.Respon
userAuthNMethod = "TLS" userAuthNMethod = "TLS"
} }
authCtx := NewCtx(m.plugins, user, userAuthNMethod, r.Method, r.RequestURI) authCtx := NewCtx(plugins, user, userAuthNMethod, r.Method, r.RequestURI)
if err := authCtx.AuthZRequest(w, r); err != nil { if err := authCtx.AuthZRequest(w, r); err != nil {
logrus.Errorf("AuthZRequest for %s %s returned error: %s", r.Method, r.RequestURI, err) logrus.Errorf("AuthZRequest for %s %s returned error: %s", r.Method, r.RequestURI, err)