WIP: ACLs#4013
Draft
nrwahl2 wants to merge 101 commits intoClusterLabs:mainfrom
Draft
Conversation
nrwahl2
force-pushed
the
nrwahl2-acls
branch
7 times, most recently
from
5dddf87 to
61ac8e0
Compare
nrwahl2
force-pushed
the
nrwahl2-acls
branch
2 times, most recently
from
83127d5 to
86183d4
Compare
This was referenced Jan 27, 2026
I prefer to list the three meaningful values explicitly. Otherwise we could accept an arbitrary flag that happens to be set in the flag group. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Use pcmk__xe_first_attr() and attr_is_not_id(). Signed-off-by: Reid Wahl <[email protected]>
Instead of creating an XPath string and looking for a substring. It seems clearer this way, though that is debatable. Signed-off-by: Reid Wahl <[email protected]>
Replace with g_str_has_prefix() in all but one place for clarity. The remaining place is pcmk__ipc_is_authentic_process_active(). In that case, use pcmk__str_eq(). Note that the former length argument was sizeof(last_asked_name), not sizeof(last_asked_name) - 1. This means we were checking whether the two strings were the same length and every character matched up to that length -- in other words, we were checking whether the strings were equal. Signed-off-by: Reid Wahl <[email protected]>
We return at the very beginning if attr->parent is NULL. element is then assigned attr->parent, so we know that element is not NULL. Signed-off-by: Reid Wahl <[email protected]>
The whole function seems clearer to me this way. Signed-off-by: Reid Wahl <[email protected]>
Notes: * The tracking flag can never be set when the argument is a document node. If node->_private is not NULL, we return before the switch statement. But pcmk__xml_doc_all_flags_set() returns false when the document's private data is NULL. So tracking is relevant only for element, attribute, and comment nodes. * pcmk__mark_xml_node_dirty() sets the pcmk__xf_dirty flag on the node itself as well as all of its parents. For an element, it doesn't matter whether we call it before or after creating the attributes' private data. Signed-off-by: Reid Wahl <[email protected]>
Nothing uses these yet. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Also rename to reset_doc_private_data(), move the definition to a position below new_private_data() and above its first caller, and add Doxygen. Signed-off-by: Reid Wahl <[email protected]>
To enable this, functionize the pieces of free_private_data(). Signed-off-by: Reid Wahl <[email protected]>
Also rename attr_iter to old_attr and drop the declaration of old_attr within the body. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
To replace pcmk_acl_required(). Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
It's in utils.c, not acl.c. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
I really doubt that any performance savings we may be getting are enough to justify the readability cost of (a) defining and testing this function and (b) calling it before each call to pcmk__xml_escape(). Signed-off-by: Reid Wahl <[email protected]>
Nothing uses this yet. Also assert on NULL fn in other XML foreach functions. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
It only has one caller, and its checks (non-NULL argument and tracking flag set) will always pass in that caller. So we end up with two lines of code, which are straightforward to pull into mark_child_created(). Signed-off-by: Reid Wahl <[email protected]>
We'll use it in an upcoming commit that splits XML change-tracking/committing into a separate file. Signed-off-by: Reid Wahl <[email protected]>
We'll use it in an upcoming commit that splits XML change-tracking/committing into a separate file. Signed-off-by: Reid Wahl <[email protected]>
I wanted to call it xml_change.c. This code is much more about
calculating and committing changes than about tracking them. However, we
already have patchset{,_display}.c, which deals with XML changes in its
own way. I'm trying to introduce as little confusion as possible. I went
with tracking based on the flag name pcmk__xf_tracking.
Signed-off-by: Reid Wahl <[email protected]>
It takes up more space and is slightly less efficient than the corresponding series of pcmk__xe_set() calls. I don't see an advantage for readability or performance, so we might as well drop it. Signed-off-by: Reid Wahl <[email protected]>
Signed-off-by: Reid Wahl <[email protected]>
It's the same as pcmk__output_xml_create_parent() when is_list is true, and it's the same as pcmk__output_create_xml_node() when is_list is false. Signed-off-by: Reid Wahl <[email protected]>
I don't think the variadic argument helps readability much. It avoids the need to store the result in an xmlNode * variable in the caller, which can save a line. But it requires an extra line for the NULL terminator, and it requires indenting each line much farther, which is one reason we have so many temp variables. Signed-off-by: Reid Wahl <[email protected]>
I don't think the variadic argument helps readability much. It avoids the need to store the result in an xmlNode * variable in the caller, which can save a line. But it requires an extra line for the NULL terminator, and it requires indenting each line much farther, which is one reason we have so many temp variables. Signed-off-by: Reid Wahl <[email protected]>
Use pcmk__xe_set_int() instead. Signed-off-by: Reid Wahl <[email protected]>
Nothing calls it anymore. Signed-off-by: Reid Wahl <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.