-
Notifications
You must be signed in to change notification settings - Fork 18
/
role_store.go
77 lines (67 loc) · 1.54 KB
/
role_store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package main
import (
"sync"
)
// RoleStore is a simple in-memory store mapping roles to namespaces and pods
// using those roles in the related namespace.
type RoleStore struct {
Store map[string]map[string]map[string]struct{}
sync.RWMutex
}
// NewRoleStore initializes a new RoleStore.
func NewRoleStore() *RoleStore {
return &RoleStore{
Store: make(map[string]map[string]map[string]struct{}),
}
}
// Exists if the role is found for the specified namespace in the store.
func (s *RoleStore) Exists(role, namespace string) bool {
s.RLock()
defer s.RUnlock()
if ns, ok := s.Store[role]; ok {
if _, ok := ns[namespace]; ok {
return true
}
}
return false
}
// Add adds a role and related pod and namespace to the store.
func (s *RoleStore) Add(role, namespace, name string) {
s.Lock()
defer s.Unlock()
if ns, ok := s.Store[role]; ok {
if pods, ok := ns[namespace]; ok {
pods[name] = struct{}{}
} else {
ns[namespace] = map[string]struct{}{
name: struct{}{},
}
}
} else {
s.Store[role] = map[string]map[string]struct{}{
namespace: map[string]struct{}{
name: struct{}{},
},
}
}
}
// Remove removes a role and related namespace and pod name mapping from the
// store.
func (s *RoleStore) Remove(role, namespace, name string) {
s.Lock()
defer s.Unlock()
if ns, ok := s.Store[role]; ok {
if pods, ok := ns[namespace]; ok {
if _, ok := pods[name]; ok {
if len(pods) == 1 {
delete(ns, namespace)
} else {
delete(pods, name)
}
}
if len(ns) == 0 {
delete(s.Store, role)
}
}
}
}