8 年前 · 11293d91f9
--- a/pkg/authorization/middleware.go
+++ b/pkg/authorization/middleware.go
@@ -25,20 +25,12 @@ func NewMiddleware(names []string, pg plugingetter.PluginGetter) *Middleware {
 
				 	}
			
 
				 }
			
 
				 
			
 
				-// GetAuthzPlugins gets authorization plugins
			
 
				-func (m *Middleware) GetAuthzPlugins() []Plugin {
			
 
				+func (m *Middleware) getAuthzPlugins() []Plugin {
			
 
				 	m.mu.Lock()
			
 
				 	defer m.mu.Unlock()
			
 
				 	return m.plugins
			
 
				 }
			
 
				 
			
 
				-// SetAuthzPlugins sets authorization plugins
			
 
				-func (m *Middleware) SetAuthzPlugins(plugins []Plugin) {
			
 
				-	m.mu.Lock()
			
 
				-	m.plugins = plugins
			
 
				-	m.mu.Unlock()
			
 
				-}
			
 
				-
			
 
				 // SetPlugins sets the plugin used for authorization
			
 
				 func (m *Middleware) SetPlugins(names []string) {
			
 
				 	m.mu.Lock()
			
@@ -46,10 +38,23 @@ func (m *Middleware) SetPlugins(names []string) {
 
				 	m.mu.Unlock()
			
 
				 }
			
 
				 
			
 
				+// RemovePlugin removes a single plugin from this authz middleware chain
			
 
				+func (m *Middleware) RemovePlugin(name string) {
			
 
				+	m.mu.Lock()
			
 
				+	defer m.mu.Unlock()
			
 
				+	plugins := m.plugins[:0]
			
 
				+	for _, authPlugin := range m.plugins {
			
 
				+		if authPlugin.Name() != name {
			
 
				+			plugins = append(plugins, authPlugin)
			
 
				+		}
			
 
				+	}
			
 
				+	m.plugins = plugins
			
 
				+}
			
 
				+
			
 
				 // WrapHandler returns a new handler function wrapping the previous one in the request chain.
			
 
				 func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error) func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
			
 
				 	return func(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
			
 
				-		plugins := m.GetAuthzPlugins()
			
 
				+		plugins := m.getAuthzPlugins()
			
 
				 		if len(plugins) == 0 {
			
 
				 			return handler(ctx, w, r, vars)
			
 
				 		}
			
@@ -83,7 +88,7 @@ func (m *Middleware) WrapHandler(handler func(ctx context.Context, w http.Respon
 
				 
			
 
				 		// There's a chance that the authCtx.plugins was updated. One of the reasons
			
 
				 		// this can happen is when an authzplugin is disabled.
			
 
				-		plugins = m.GetAuthzPlugins()
			
 
				+		plugins = m.getAuthzPlugins()
			
 
				 		if len(plugins) == 0 {
			
 
				 			logrus.Debug("There are no authz plugins in the chain")
			
 
				 			return nil
			
--- a/plugin/backend_linux.go
+++ b/plugin/backend_linux.go
@@ -60,14 +60,7 @@ func (pm *Manager) Disable(refOrID string, config *types.PluginDisableConfig) er
 
				 
			
 
				 	for _, typ := range p.GetTypes() {
			
 
				 		if typ.Capability == authorization.AuthZApiImplements {
			
 
				-			authzList := pm.config.AuthzMiddleware.GetAuthzPlugins()
			
 
				-			for i, authPlugin := range authzList {
			
 
				-				if authPlugin.Name() == p.Name() {
			
 
				-					// Remove plugin from authzmiddleware chain
			
 
				-					authzList = append(authzList[:i], authzList[i+1:]...)
			
 
				-					pm.config.AuthzMiddleware.SetAuthzPlugins(authzList)
			
 
				-				}
			
 
				-			}
			
 
				+			pm.config.AuthzMiddleware.RemovePlugin(p.Name())
			
 
				 		}
			
 
				 	}