登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 1

mysnapcore / mysnapd

forked from tupelo-shen / mysnapd 
代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
store_asserts.go 4.17 KB
一键复制 编辑 原始数据 按行查看 历史
tupelo-shen 提交于 2022-11-07 17:55 . fix: aspects & asserts commit
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
// -*- Mode: Go; indent-tabs-mode: t -*-



/*

 * Copyright (C) 2017 Canonical Ltd

 *

 * This program is free software: you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 3 as

 * published by the Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program.  If not, see <http://www.gnu.org/licenses/>.

 *

 */



package asserts



import (

	"fmt"

	"net/url"

	"time"

)



// Store holds a store assertion, defining the configuration needed to connect

// a device to the store or relative to a non-default store.

type Store struct {

	assertionBase

	url            *url.URL

	friendlyStores []string

	timestamp      time.Time

}



// Store returns the identifying name of the operator's store.

func (store *Store) Store() string {

	return store.HeaderString("store")

}



// OperatorID returns the account id of the store's operator.

func (store *Store) OperatorID() string {

	return store.HeaderString("operator-id")

}



// URL returns the URL of the store's API.

func (store *Store) URL() *url.URL {

	return store.url

}



// FriendlyStores returns stores holding snaps that are also exposed

// through this one.

func (store *Store) FriendlyStores() []string {

	return store.friendlyStores

}



// Location returns a summary of the store's location/purpose.

func (store *Store) Location() string {

	return store.HeaderString("location")

}



// Timestamp returns the time when the store assertion was issued.

func (store *Store) Timestamp() time.Time {

	return store.timestamp

}



func (store *Store) checkConsistency(db RODatabase, acck *AccountKey) error {

	// Will be applied to a system's snapd or influence snapd

	// policy decisions (via friendly-stores) so must be signed by a trusted

	// authority!

	if !db.IsTrustedAccount(store.AuthorityID()) {

		return fmt.Errorf("store assertion %q is not signed by a directly trusted authority: %s",

			store.Store(), store.AuthorityID())

	}



	_, err := db.Find(AccountType, map[string]string{"account-id": store.OperatorID()})

	if err != nil {

		if IsNotFound(err) {

			return fmt.Errorf(

				"store assertion %q does not have a matching account assertion for the operator %q",

				store.Store(), store.OperatorID())

		}

		return err

	}



	return nil

}



// Prerequisites returns references to this store's prerequisite assertions.

func (store *Store) Prerequisites() []*Ref {

	return []*Ref{

		{AccountType, []string{store.OperatorID()}},

	}

}



// checkStoreURL validates the "url" header and returns a full URL or nil.

func checkStoreURL(headers map[string]interface{}) (*url.URL, error) {

	s, err := checkOptionalString(headers, "url")

	if err != nil {

		return nil, err

	}



	if s == "" {

		return nil, nil

	}



	errWhat := `"url" header`



	u, err := url.Parse(s)

	if err != nil {

		return nil, fmt.Errorf("%s must be a valid URL: %s", errWhat, s)

	}

	if u.Scheme != "http" && u.Scheme != "https" {

		return nil, fmt.Errorf(`%s scheme must be "https" or "http": %s`, errWhat, s)

	}

	if u.Host == "" {

		return nil, fmt.Errorf(`%s must have a host: %s`, errWhat, s)

	}

	if u.RawQuery != "" {

		return nil, fmt.Errorf(`%s must not have a query: %s`, errWhat, s)

	}

	if u.Fragment != "" {

		return nil, fmt.Errorf(`%s must not have a fragment: %s`, errWhat, s)

	}



	return u, nil

}



func assembleStore(assert assertionBase) (Assertion, error) {

	_, err := checkNotEmptyString(assert.headers, "operator-id")

	if err != nil {

		return nil, err

	}



	url, err := checkStoreURL(assert.headers)

	if err != nil {

		return nil, err

	}



	friendlyStores, err := checkStringList(assert.headers, "friendly-stores")

	if err != nil {

		return nil, err

	}



	_, err = checkOptionalString(assert.headers, "location")

	if err != nil {

		return nil, err

	}



	timestamp, err := checkRFC3339Date(assert.headers, "timestamp")

	if err != nil {

		return nil, err

	}



	return &Store{

		assertionBase:  assert,

		url:            url,

		friendlyStores: friendlyStores,

		timestamp:      timestamp,

	}, nil

}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
Go
1
https://gitee.com/mysnapcore/mysnapd.git
git@gitee.com:mysnapcore/mysnapd.git
mysnapcore
mysnapd
mysnapd
v0.0.1
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部
344bd9b3 5694891 D2dac590 5694891