util/syspolicy/*: move syspolicy keys to new const leaf "pkey" package
This is step 1 of ~3, breaking up #14720 into reviewable chunks, with the aim to make syspolicy be a build-time configurable feature. In this first (very noisy) step, all the syspolicy string key constants move to a new constant-only (code-free) package. This will make future steps more reviewable, without this movement noise. There are no code or behavior changes here. The future steps of this series can be seen in #14720: removing global funcs from syspolicy resolution and using an interface that's plumbed around instead. Then adding build tags. Updates #12614 Change-Id: If73bf2c28b9c9b1a408fe868b0b6a25b03eeabd1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
committed by
Brad Fitzpatrick
Brad Fitzpatrick
parent
6d45fcfc93
commit
cc532efc20
@@ -11,6 +11,7 @@ import (
|
||||
|
||||
"tailscale.com/util/set"
|
||||
"tailscale.com/util/syspolicy/internal/loggerx"
|
||||
"tailscale.com/util/syspolicy/pkey"
|
||||
"tailscale.com/util/syspolicy/setting"
|
||||
)
|
||||
|
||||
@@ -37,8 +38,8 @@ func (c PolicyChange) Old() *setting.Snapshot {
|
||||
return c.snapshots.Old
|
||||
}
|
||||
|
||||
// HasChanged reports whether a policy setting with the specified [setting.Key], has changed.
|
||||
func (c PolicyChange) HasChanged(key setting.Key) bool {
|
||||
// HasChanged reports whether a policy setting with the specified [pkey.Key], has changed.
|
||||
func (c PolicyChange) HasChanged(key pkey.Key) bool {
|
||||
new, newErr := c.snapshots.New.GetErr(key)
|
||||
old, oldErr := c.snapshots.Old.GetErr(key)
|
||||
if newErr != nil && oldErr != nil {
|
||||
@@ -60,7 +61,7 @@ func (c PolicyChange) HasChanged(key setting.Key) bool {
|
||||
}
|
||||
|
||||
// HasChangedAnyOf reports whether any of the specified policy settings has changed.
|
||||
func (c PolicyChange) HasChangedAnyOf(keys ...setting.Key) bool {
|
||||
func (c PolicyChange) HasChangedAnyOf(keys ...pkey.Key) bool {
|
||||
return slices.ContainsFunc(keys, c.HasChanged)
|
||||
}
|
||||
|
||||
|
||||
@@ -15,6 +15,7 @@ import (
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/go-cmp/cmp/cmpopts"
|
||||
"tailscale.com/tstest"
|
||||
"tailscale.com/util/syspolicy/pkey"
|
||||
"tailscale.com/util/syspolicy/setting"
|
||||
|
||||
"tailscale.com/util/syspolicy/source"
|
||||
@@ -80,7 +81,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
type sourceConfig struct {
|
||||
name string
|
||||
scope setting.PolicyScope
|
||||
settingKey setting.Key
|
||||
settingKey pkey.Key
|
||||
settingValue string
|
||||
wantEffective bool
|
||||
}
|
||||
@@ -113,7 +114,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("TestValueA", nil, setting.NewNamedOrigin("TestSourceA", setting.DeviceScope)),
|
||||
}, setting.NewNamedOrigin("TestSourceA", setting.DeviceScope)),
|
||||
},
|
||||
@@ -129,7 +130,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("TestValueA", nil, setting.NewNamedOrigin("TestSourceA", setting.DeviceScope)),
|
||||
}, setting.NewNamedOrigin("TestSourceA", setting.DeviceScope)),
|
||||
},
|
||||
@@ -159,7 +160,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("TestValueA", nil, setting.NewNamedOrigin("TestSourceA", setting.DeviceScope)),
|
||||
"TestKeyB": setting.RawItemWith("TestValueB", nil, setting.NewNamedOrigin("TestSourceB", setting.DeviceScope)),
|
||||
"TestKeyC": setting.RawItemWith("TestValueC", nil, setting.NewNamedOrigin("TestSourceC", setting.DeviceScope)),
|
||||
@@ -191,7 +192,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("TestValueC", nil, setting.NewNamedOrigin("TestSourceC", setting.DeviceScope)),
|
||||
"TestKeyB": setting.RawItemWith("TestValueB", nil, setting.NewNamedOrigin("TestSourceB", setting.DeviceScope)),
|
||||
}, setting.DeviceScope),
|
||||
@@ -245,7 +246,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("TestValueF", nil, setting.NewNamedOrigin("TestSourceF", setting.DeviceScope)),
|
||||
"TestKeyB": setting.RawItemWith("TestValueB", nil, setting.NewNamedOrigin("TestSourceB", setting.DeviceScope)),
|
||||
"TestKeyC": setting.RawItemWith("TestValueE", nil, setting.NewNamedOrigin("TestSourceE", setting.DeviceScope)),
|
||||
@@ -263,7 +264,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("DeviceValue", nil, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
}, setting.CurrentUserScope, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
},
|
||||
@@ -288,7 +289,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("DeviceValue", nil, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
"TestKeyB": setting.RawItemWith("UserValue", nil, setting.NewNamedOrigin("TestSourceUser", setting.CurrentUserScope)),
|
||||
}, setting.CurrentUserScope),
|
||||
@@ -321,7 +322,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: true,
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("DeviceValue", nil, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
"TestKeyB": setting.RawItemWith("ProfileValue", nil, setting.NewNamedOrigin("TestSourceProfile", setting.CurrentProfileScope)),
|
||||
}, setting.CurrentUserScope),
|
||||
@@ -347,7 +348,7 @@ func TestRegisterSourceAndGetEffectivePolicy(t *testing.T) {
|
||||
wantEffective: false, // Registering a user source should have no impact on the device policy.
|
||||
},
|
||||
},
|
||||
wantSnapshot: setting.NewSnapshot(map[setting.Key]setting.RawItem{
|
||||
wantSnapshot: setting.NewSnapshot(map[pkey.Key]setting.RawItem{
|
||||
"TestKeyA": setting.RawItemWith("DeviceValue", nil, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
}, setting.NewNamedOrigin("TestSourceDevice", setting.DeviceScope)),
|
||||
},
|
||||
@@ -497,61 +498,61 @@ func TestPolicyFor(t *testing.T) {
|
||||
func TestPolicyChangeHasChanged(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
old, new map[setting.Key]setting.RawItem
|
||||
wantChanged []setting.Key
|
||||
wantUnchanged []setting.Key
|
||||
old, new map[pkey.Key]setting.RawItem
|
||||
wantChanged []pkey.Key
|
||||
wantUnchanged []pkey.Key
|
||||
}{
|
||||
{
|
||||
name: "String-Settings",
|
||||
old: map[setting.Key]setting.RawItem{
|
||||
old: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf("Old"),
|
||||
"UnchangedSetting": setting.RawItemOf("Value"),
|
||||
},
|
||||
new: map[setting.Key]setting.RawItem{
|
||||
new: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf("New"),
|
||||
"UnchangedSetting": setting.RawItemOf("Value"),
|
||||
},
|
||||
wantChanged: []setting.Key{"ChangedSetting"},
|
||||
wantUnchanged: []setting.Key{"UnchangedSetting"},
|
||||
wantChanged: []pkey.Key{"ChangedSetting"},
|
||||
wantUnchanged: []pkey.Key{"UnchangedSetting"},
|
||||
},
|
||||
{
|
||||
name: "UInt64-Settings",
|
||||
old: map[setting.Key]setting.RawItem{
|
||||
old: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf(uint64(0)),
|
||||
"UnchangedSetting": setting.RawItemOf(uint64(42)),
|
||||
},
|
||||
new: map[setting.Key]setting.RawItem{
|
||||
new: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf(uint64(1)),
|
||||
"UnchangedSetting": setting.RawItemOf(uint64(42)),
|
||||
},
|
||||
wantChanged: []setting.Key{"ChangedSetting"},
|
||||
wantUnchanged: []setting.Key{"UnchangedSetting"},
|
||||
wantChanged: []pkey.Key{"ChangedSetting"},
|
||||
wantUnchanged: []pkey.Key{"UnchangedSetting"},
|
||||
},
|
||||
{
|
||||
name: "StringSlice-Settings",
|
||||
old: map[setting.Key]setting.RawItem{
|
||||
old: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf([]string{"Chicago"}),
|
||||
"UnchangedSetting": setting.RawItemOf([]string{"String1", "String2"}),
|
||||
},
|
||||
new: map[setting.Key]setting.RawItem{
|
||||
new: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf([]string{"New York"}),
|
||||
"UnchangedSetting": setting.RawItemOf([]string{"String1", "String2"}),
|
||||
},
|
||||
wantChanged: []setting.Key{"ChangedSetting"},
|
||||
wantUnchanged: []setting.Key{"UnchangedSetting"},
|
||||
wantChanged: []pkey.Key{"ChangedSetting"},
|
||||
wantUnchanged: []pkey.Key{"UnchangedSetting"},
|
||||
},
|
||||
{
|
||||
name: "Int8-Settings", // We don't have actual int8 settings, but this should still work.
|
||||
old: map[setting.Key]setting.RawItem{
|
||||
old: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf(int8(0)),
|
||||
"UnchangedSetting": setting.RawItemOf(int8(42)),
|
||||
},
|
||||
new: map[setting.Key]setting.RawItem{
|
||||
new: map[pkey.Key]setting.RawItem{
|
||||
"ChangedSetting": setting.RawItemOf(int8(1)),
|
||||
"UnchangedSetting": setting.RawItemOf(int8(42)),
|
||||
},
|
||||
wantChanged: []setting.Key{"ChangedSetting"},
|
||||
wantUnchanged: []setting.Key{"UnchangedSetting"},
|
||||
wantChanged: []pkey.Key{"ChangedSetting"},
|
||||
wantUnchanged: []pkey.Key{"UnchangedSetting"},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
|
||||
Reference in New Issue
Block a user