@@ -79,47 +79,6 @@ impl DataStore {
79
79
. map_err ( |e| public_error_from_diesel ( e, ErrorHandler :: Server ) )
80
80
}
81
81
82
- /// List IP pools linked to the current silo
83
- pub async fn silo_ip_pools_list (
84
- & self ,
85
- opctx : & OpContext ,
86
- pagparams : & PaginatedBy < ' _ > ,
87
- ) -> ListResultVec < db:: model:: IpPool > {
88
- use db:: schema:: ip_pool;
89
- use db:: schema:: ip_pool_resource;
90
-
91
- // From the developer user's point of view, we treat IP pools linked to
92
- // their silo as silo resources, so they can list them if they can list
93
- // silo children
94
- let authz_silo =
95
- opctx. authn . silo_required ( ) . internal_context ( "listing IP pools" ) ?;
96
- opctx. authorize ( authz:: Action :: ListChildren , & authz_silo) . await ?;
97
-
98
- let silo_id = authz_silo. id ( ) ;
99
-
100
- match pagparams {
101
- PaginatedBy :: Id ( pagparams) => {
102
- paginated ( ip_pool:: table, ip_pool:: id, pagparams)
103
- }
104
- PaginatedBy :: Name ( pagparams) => paginated (
105
- ip_pool:: table,
106
- ip_pool:: name,
107
- & pagparams. map_name ( |n| Name :: ref_cast ( n) ) ,
108
- ) ,
109
- }
110
- . inner_join ( ip_pool_resource:: table)
111
- . filter (
112
- ip_pool_resource:: resource_type
113
- . eq ( IpPoolResourceType :: Silo )
114
- . and ( ip_pool_resource:: resource_id. eq ( silo_id) ) ,
115
- )
116
- . filter ( ip_pool:: time_deleted. is_null ( ) )
117
- . select ( db:: model:: IpPool :: as_select ( ) )
118
- . get_results_async ( & * self . pool_connection_authorized ( opctx) . await ?)
119
- . await
120
- . map_err ( |e| public_error_from_diesel ( e, ErrorHandler :: Server ) )
121
- }
122
-
123
82
/// Look up whether the given pool is available to users in the current
124
83
/// silo, i.e., whether there is an entry in the association table linking
125
84
/// the pool with that silo
@@ -400,6 +359,37 @@ impl DataStore {
400
359
. map_err ( |e| public_error_from_diesel ( e, ErrorHandler :: Server ) )
401
360
}
402
361
362
+ /// Returns (IpPool, IpPoolResource) so we can know in the calling code
363
+ /// whether the pool is default for the silo
364
+ pub async fn silo_ip_pool_list (
365
+ & self ,
366
+ opctx : & OpContext ,
367
+ authz_silo : & authz:: Silo ,
368
+ pagparams : & PaginatedBy < ' _ > ,
369
+ ) -> ListResultVec < ( IpPool , IpPoolResource ) > {
370
+ use db:: schema:: ip_pool;
371
+ use db:: schema:: ip_pool_resource;
372
+
373
+ match pagparams {
374
+ PaginatedBy :: Id ( pagparams) => {
375
+ paginated ( ip_pool:: table, ip_pool:: id, pagparams)
376
+ }
377
+ PaginatedBy :: Name ( pagparams) => paginated (
378
+ ip_pool:: table,
379
+ ip_pool:: name,
380
+ & pagparams. map_name ( |n| Name :: ref_cast ( n) ) ,
381
+ ) ,
382
+ }
383
+ . inner_join ( ip_pool_resource:: table)
384
+ . filter ( ip_pool_resource:: resource_id. eq ( authz_silo. id ( ) ) )
385
+ . filter ( ip_pool_resource:: resource_type. eq ( IpPoolResourceType :: Silo ) )
386
+ . filter ( ip_pool:: time_deleted. is_null ( ) )
387
+ . select ( <( IpPool , IpPoolResource ) >:: as_select ( ) )
388
+ . load_async ( & * self . pool_connection_authorized ( opctx) . await ?)
389
+ . await
390
+ . map_err ( |e| public_error_from_diesel ( e, ErrorHandler :: Server ) )
391
+ }
392
+
403
393
pub async fn ip_pool_link_silo (
404
394
& self ,
405
395
opctx : & OpContext ,
@@ -867,8 +857,11 @@ mod test {
867
857
. await
868
858
. expect ( "Should list IP pools" ) ;
869
859
assert_eq ! ( all_pools. len( ) , 0 ) ;
860
+
861
+ let authz_silo = opctx. authn . silo_required ( ) . unwrap ( ) ;
862
+
870
863
let silo_pools = datastore
871
- . silo_ip_pools_list ( & opctx, & pagbyid)
864
+ . silo_ip_pool_list ( & opctx, & authz_silo , & pagbyid)
872
865
. await
873
866
. expect ( "Should list silo IP pools" ) ;
874
867
assert_eq ! ( silo_pools. len( ) , 0 ) ;
@@ -893,7 +886,7 @@ mod test {
893
886
. expect ( "Should list IP pools" ) ;
894
887
assert_eq ! ( all_pools. len( ) , 1 ) ;
895
888
let silo_pools = datastore
896
- . silo_ip_pools_list ( & opctx, & pagbyid)
889
+ . silo_ip_pool_list ( & opctx, & authz_silo , & pagbyid)
897
890
. await
898
891
. expect ( "Should list silo IP pools" ) ;
899
892
assert_eq ! ( silo_pools. len( ) , 0 ) ;
@@ -929,11 +922,12 @@ mod test {
929
922
930
923
// now it shows up in the silo list
931
924
let silo_pools = datastore
932
- . silo_ip_pools_list ( & opctx, & pagbyid)
925
+ . silo_ip_pool_list ( & opctx, & authz_silo , & pagbyid)
933
926
. await
934
927
. expect ( "Should list silo IP pools" ) ;
935
928
assert_eq ! ( silo_pools. len( ) , 1 ) ;
936
- assert_eq ! ( silo_pools[ 0 ] . id( ) , pool1_for_silo. id( ) ) ;
929
+ assert_eq ! ( silo_pools[ 0 ] . 0 . id( ) , pool1_for_silo. id( ) ) ;
930
+ assert_eq ! ( silo_pools[ 0 ] . 1 . is_default, false ) ;
937
931
938
932
// linking an already linked silo errors due to PK conflict
939
933
let err = datastore
@@ -998,7 +992,7 @@ mod test {
998
992
999
993
// and silo pools list is empty again
1000
994
let silo_pools = datastore
1001
- . silo_ip_pools_list ( & opctx, & pagbyid)
995
+ . silo_ip_pool_list ( & opctx, & authz_silo , & pagbyid)
1002
996
. await
1003
997
. expect ( "Should list silo IP pools" ) ;
1004
998
assert_eq ! ( silo_pools. len( ) , 0 ) ;
0 commit comments