mirror of
https://gitee.com/milvus-io/milvus.git
synced 2025-12-06 17:18:35 +08:00
f5f053f1d2
Related to #44761 This commit refactors the privilege management system in the proxy component by: 1. **Separation of Concerns**: Extracts privilege-related functionality from MetaCache into a dedicated `internal/proxy/privilege` package, improving code organization and maintainability. 2. **New Package Structure**: Creates `internal/proxy/privilege/` with: - `cache.go`: Core privilege cache implementation (PrivilegeCache) - `result_cache.go`: Privilege enforcement result caching - `model.go`: Casbin model and policy enforcement functions - `meta_cache_adapter.go`: Casbin adapter for MetaCache integration - Corresponding test files and mock implementations 3. **MetaCache Simplification**: Removes privilege and credential management methods from MetaCache interface and implementation: - Removed: GetCredentialInfo, RemoveCredential, UpdateCredential - Removed: GetPrivilegeInfo, GetUserRole, RefreshPolicyInfo, InitPolicyInfo - Deleted: meta_cache_adapter.go, privilege_cache.go and their tests 4. **Updated References**: Updates all callsites to use the new privilegeCache global: - Authentication interceptor now uses privilegeCache for password verification - Credential cache operations (InvalidateCredentialCache, UpdateCredentialCache, UpdateCredential) now use privilegeCache - Policy refresh operations (RefreshPolicyInfoCache) now use privilegeCache - Privilege interceptor uses new privilege.GetEnforcer() and privilege result cache 5. **Improved API**: Renames cache functions for clarity: - GetPrivilegeCache → GetResultCache - SetPrivilegeCache → SetResultCache - CleanPrivilegeCache → CleanResultCache This refactoring makes the codebase more modular, separates privilege management concerns from general metadata caching, and provides a clearer API for privilege enforcement operations. --------- Signed-off-by: Congqi Xia <congqi.xia@zilliz.com>
341 lines
11 KiB
Go
341 lines
11 KiB
Go
// Code generated by mockery v2.53.3. DO NOT EDIT.
|
|
|
|
package privilege
|
|
|
|
import (
|
|
context "context"
|
|
|
|
internalpb "github.com/milvus-io/milvus/pkg/v2/proto/internalpb"
|
|
mock "github.com/stretchr/testify/mock"
|
|
|
|
typeutil "github.com/milvus-io/milvus/pkg/v2/util/typeutil"
|
|
)
|
|
|
|
// MockPrivilegeCache is an autogenerated mock type for the PrivilegeCache type
|
|
type MockPrivilegeCache struct {
|
|
mock.Mock
|
|
}
|
|
|
|
type MockPrivilegeCache_Expecter struct {
|
|
mock *mock.Mock
|
|
}
|
|
|
|
func (_m *MockPrivilegeCache) EXPECT() *MockPrivilegeCache_Expecter {
|
|
return &MockPrivilegeCache_Expecter{mock: &_m.Mock}
|
|
}
|
|
|
|
// GetCredentialInfo provides a mock function with given fields: ctx, username
|
|
func (_m *MockPrivilegeCache) GetCredentialInfo(ctx context.Context, username string) (*internalpb.CredentialInfo, error) {
|
|
ret := _m.Called(ctx, username)
|
|
|
|
if len(ret) == 0 {
|
|
panic("no return value specified for GetCredentialInfo")
|
|
}
|
|
|
|
var r0 *internalpb.CredentialInfo
|
|
var r1 error
|
|
if rf, ok := ret.Get(0).(func(context.Context, string) (*internalpb.CredentialInfo, error)); ok {
|
|
return rf(ctx, username)
|
|
}
|
|
if rf, ok := ret.Get(0).(func(context.Context, string) *internalpb.CredentialInfo); ok {
|
|
r0 = rf(ctx, username)
|
|
} else {
|
|
if ret.Get(0) != nil {
|
|
r0 = ret.Get(0).(*internalpb.CredentialInfo)
|
|
}
|
|
}
|
|
|
|
if rf, ok := ret.Get(1).(func(context.Context, string) error); ok {
|
|
r1 = rf(ctx, username)
|
|
} else {
|
|
r1 = ret.Error(1)
|
|
}
|
|
|
|
return r0, r1
|
|
}
|
|
|
|
// MockPrivilegeCache_GetCredentialInfo_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetCredentialInfo'
|
|
type MockPrivilegeCache_GetCredentialInfo_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// GetCredentialInfo is a helper method to define mock.On call
|
|
// - ctx context.Context
|
|
// - username string
|
|
func (_e *MockPrivilegeCache_Expecter) GetCredentialInfo(ctx interface{}, username interface{}) *MockPrivilegeCache_GetCredentialInfo_Call {
|
|
return &MockPrivilegeCache_GetCredentialInfo_Call{Call: _e.mock.On("GetCredentialInfo", ctx, username)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetCredentialInfo_Call) Run(run func(ctx context.Context, username string)) *MockPrivilegeCache_GetCredentialInfo_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(context.Context), args[1].(string))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetCredentialInfo_Call) Return(_a0 *internalpb.CredentialInfo, _a1 error) *MockPrivilegeCache_GetCredentialInfo_Call {
|
|
_c.Call.Return(_a0, _a1)
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetCredentialInfo_Call) RunAndReturn(run func(context.Context, string) (*internalpb.CredentialInfo, error)) *MockPrivilegeCache_GetCredentialInfo_Call {
|
|
_c.Call.Return(run)
|
|
return _c
|
|
}
|
|
|
|
// GetPrivilegeInfo provides a mock function with given fields: ctx
|
|
func (_m *MockPrivilegeCache) GetPrivilegeInfo(ctx context.Context) []string {
|
|
ret := _m.Called(ctx)
|
|
|
|
if len(ret) == 0 {
|
|
panic("no return value specified for GetPrivilegeInfo")
|
|
}
|
|
|
|
var r0 []string
|
|
if rf, ok := ret.Get(0).(func(context.Context) []string); ok {
|
|
r0 = rf(ctx)
|
|
} else {
|
|
if ret.Get(0) != nil {
|
|
r0 = ret.Get(0).([]string)
|
|
}
|
|
}
|
|
|
|
return r0
|
|
}
|
|
|
|
// MockPrivilegeCache_GetPrivilegeInfo_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetPrivilegeInfo'
|
|
type MockPrivilegeCache_GetPrivilegeInfo_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// GetPrivilegeInfo is a helper method to define mock.On call
|
|
// - ctx context.Context
|
|
func (_e *MockPrivilegeCache_Expecter) GetPrivilegeInfo(ctx interface{}) *MockPrivilegeCache_GetPrivilegeInfo_Call {
|
|
return &MockPrivilegeCache_GetPrivilegeInfo_Call{Call: _e.mock.On("GetPrivilegeInfo", ctx)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetPrivilegeInfo_Call) Run(run func(ctx context.Context)) *MockPrivilegeCache_GetPrivilegeInfo_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(context.Context))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetPrivilegeInfo_Call) Return(_a0 []string) *MockPrivilegeCache_GetPrivilegeInfo_Call {
|
|
_c.Call.Return(_a0)
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetPrivilegeInfo_Call) RunAndReturn(run func(context.Context) []string) *MockPrivilegeCache_GetPrivilegeInfo_Call {
|
|
_c.Call.Return(run)
|
|
return _c
|
|
}
|
|
|
|
// GetUserRole provides a mock function with given fields: username
|
|
func (_m *MockPrivilegeCache) GetUserRole(username string) []string {
|
|
ret := _m.Called(username)
|
|
|
|
if len(ret) == 0 {
|
|
panic("no return value specified for GetUserRole")
|
|
}
|
|
|
|
var r0 []string
|
|
if rf, ok := ret.Get(0).(func(string) []string); ok {
|
|
r0 = rf(username)
|
|
} else {
|
|
if ret.Get(0) != nil {
|
|
r0 = ret.Get(0).([]string)
|
|
}
|
|
}
|
|
|
|
return r0
|
|
}
|
|
|
|
// MockPrivilegeCache_GetUserRole_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetUserRole'
|
|
type MockPrivilegeCache_GetUserRole_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// GetUserRole is a helper method to define mock.On call
|
|
// - username string
|
|
func (_e *MockPrivilegeCache_Expecter) GetUserRole(username interface{}) *MockPrivilegeCache_GetUserRole_Call {
|
|
return &MockPrivilegeCache_GetUserRole_Call{Call: _e.mock.On("GetUserRole", username)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetUserRole_Call) Run(run func(username string)) *MockPrivilegeCache_GetUserRole_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(string))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetUserRole_Call) Return(_a0 []string) *MockPrivilegeCache_GetUserRole_Call {
|
|
_c.Call.Return(_a0)
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_GetUserRole_Call) RunAndReturn(run func(string) []string) *MockPrivilegeCache_GetUserRole_Call {
|
|
_c.Call.Return(run)
|
|
return _c
|
|
}
|
|
|
|
// InitPolicyInfo provides a mock function with given fields: info, userRoles
|
|
func (_m *MockPrivilegeCache) InitPolicyInfo(info []string, userRoles []string) {
|
|
_m.Called(info, userRoles)
|
|
}
|
|
|
|
// MockPrivilegeCache_InitPolicyInfo_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'InitPolicyInfo'
|
|
type MockPrivilegeCache_InitPolicyInfo_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// InitPolicyInfo is a helper method to define mock.On call
|
|
// - info []string
|
|
// - userRoles []string
|
|
func (_e *MockPrivilegeCache_Expecter) InitPolicyInfo(info interface{}, userRoles interface{}) *MockPrivilegeCache_InitPolicyInfo_Call {
|
|
return &MockPrivilegeCache_InitPolicyInfo_Call{Call: _e.mock.On("InitPolicyInfo", info, userRoles)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_InitPolicyInfo_Call) Run(run func(info []string, userRoles []string)) *MockPrivilegeCache_InitPolicyInfo_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].([]string), args[1].([]string))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_InitPolicyInfo_Call) Return() *MockPrivilegeCache_InitPolicyInfo_Call {
|
|
_c.Call.Return()
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_InitPolicyInfo_Call) RunAndReturn(run func([]string, []string)) *MockPrivilegeCache_InitPolicyInfo_Call {
|
|
_c.Run(run)
|
|
return _c
|
|
}
|
|
|
|
// RefreshPolicyInfo provides a mock function with given fields: op
|
|
func (_m *MockPrivilegeCache) RefreshPolicyInfo(op typeutil.CacheOp) error {
|
|
ret := _m.Called(op)
|
|
|
|
if len(ret) == 0 {
|
|
panic("no return value specified for RefreshPolicyInfo")
|
|
}
|
|
|
|
var r0 error
|
|
if rf, ok := ret.Get(0).(func(typeutil.CacheOp) error); ok {
|
|
r0 = rf(op)
|
|
} else {
|
|
r0 = ret.Error(0)
|
|
}
|
|
|
|
return r0
|
|
}
|
|
|
|
// MockPrivilegeCache_RefreshPolicyInfo_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'RefreshPolicyInfo'
|
|
type MockPrivilegeCache_RefreshPolicyInfo_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// RefreshPolicyInfo is a helper method to define mock.On call
|
|
// - op typeutil.CacheOp
|
|
func (_e *MockPrivilegeCache_Expecter) RefreshPolicyInfo(op interface{}) *MockPrivilegeCache_RefreshPolicyInfo_Call {
|
|
return &MockPrivilegeCache_RefreshPolicyInfo_Call{Call: _e.mock.On("RefreshPolicyInfo", op)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RefreshPolicyInfo_Call) Run(run func(op typeutil.CacheOp)) *MockPrivilegeCache_RefreshPolicyInfo_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(typeutil.CacheOp))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RefreshPolicyInfo_Call) Return(_a0 error) *MockPrivilegeCache_RefreshPolicyInfo_Call {
|
|
_c.Call.Return(_a0)
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RefreshPolicyInfo_Call) RunAndReturn(run func(typeutil.CacheOp) error) *MockPrivilegeCache_RefreshPolicyInfo_Call {
|
|
_c.Call.Return(run)
|
|
return _c
|
|
}
|
|
|
|
// RemoveCredential provides a mock function with given fields: username
|
|
func (_m *MockPrivilegeCache) RemoveCredential(username string) {
|
|
_m.Called(username)
|
|
}
|
|
|
|
// MockPrivilegeCache_RemoveCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'RemoveCredential'
|
|
type MockPrivilegeCache_RemoveCredential_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// RemoveCredential is a helper method to define mock.On call
|
|
// - username string
|
|
func (_e *MockPrivilegeCache_Expecter) RemoveCredential(username interface{}) *MockPrivilegeCache_RemoveCredential_Call {
|
|
return &MockPrivilegeCache_RemoveCredential_Call{Call: _e.mock.On("RemoveCredential", username)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RemoveCredential_Call) Run(run func(username string)) *MockPrivilegeCache_RemoveCredential_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(string))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RemoveCredential_Call) Return() *MockPrivilegeCache_RemoveCredential_Call {
|
|
_c.Call.Return()
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_RemoveCredential_Call) RunAndReturn(run func(string)) *MockPrivilegeCache_RemoveCredential_Call {
|
|
_c.Run(run)
|
|
return _c
|
|
}
|
|
|
|
// UpdateCredential provides a mock function with given fields: credInfo
|
|
func (_m *MockPrivilegeCache) UpdateCredential(credInfo *internalpb.CredentialInfo) {
|
|
_m.Called(credInfo)
|
|
}
|
|
|
|
// MockPrivilegeCache_UpdateCredential_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'UpdateCredential'
|
|
type MockPrivilegeCache_UpdateCredential_Call struct {
|
|
*mock.Call
|
|
}
|
|
|
|
// UpdateCredential is a helper method to define mock.On call
|
|
// - credInfo *internalpb.CredentialInfo
|
|
func (_e *MockPrivilegeCache_Expecter) UpdateCredential(credInfo interface{}) *MockPrivilegeCache_UpdateCredential_Call {
|
|
return &MockPrivilegeCache_UpdateCredential_Call{Call: _e.mock.On("UpdateCredential", credInfo)}
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_UpdateCredential_Call) Run(run func(credInfo *internalpb.CredentialInfo)) *MockPrivilegeCache_UpdateCredential_Call {
|
|
_c.Call.Run(func(args mock.Arguments) {
|
|
run(args[0].(*internalpb.CredentialInfo))
|
|
})
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_UpdateCredential_Call) Return() *MockPrivilegeCache_UpdateCredential_Call {
|
|
_c.Call.Return()
|
|
return _c
|
|
}
|
|
|
|
func (_c *MockPrivilegeCache_UpdateCredential_Call) RunAndReturn(run func(*internalpb.CredentialInfo)) *MockPrivilegeCache_UpdateCredential_Call {
|
|
_c.Run(run)
|
|
return _c
|
|
}
|
|
|
|
// NewMockPrivilegeCache creates a new instance of MockPrivilegeCache. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
|
|
// The first argument is typically a *testing.T value.
|
|
func NewMockPrivilegeCache(t interface {
|
|
mock.TestingT
|
|
Cleanup(func())
|
|
}) *MockPrivilegeCache {
|
|
mock := &MockPrivilegeCache{}
|
|
mock.Mock.Test(t)
|
|
|
|
t.Cleanup(func() { mock.AssertExpectations(t) })
|
|
|
|
return mock
|
|
}
|