issue #367 root, perms

Author: xenophenes

apiserver/perms.go

@@ -99,7 +99,7 @@ func InitializePerms() {
 	PermMap[RESTORE_PERM] = "yes"
 	PermMap[CREATE_PGPOOL_PERM] = "yes"
 	PermMap[DELETE_PGPOOL_PERM] = "yes"
-	log.Infof("loading PermMap with %d Permissions\n", len(PermMap))
+	log.Infof("loading PermMap with %d Permissions", len(PermMap))
 
 	readRoles()
 }
@@ -136,8 +136,8 @@ func readRoles() {
 		} else {
 			fields := strings.Split(strings.TrimSpace(line), ":")
 			if len(fields) != 2 {
-				log.Infoln("rolename:perm format not followed")
-				log.Error(errors.New("invalid format found in pgorole, role:perm format must be followed"))
+				log.Infoln("rolename:permission format not followed")
+				log.Error(errors.New("invalid format found in pgorole - rolename:permission format must be followed"))
 				log.Errorf("bad line is %s\n", fields)
 				os.Exit(2)
 			} else {
@@ -148,13 +148,13 @@ func readRoles() {
 				for _, v := range perms {
 					cleanPerm := strings.TrimSpace(v)
 					if PermMap[cleanPerm] == "" {
-						log.Errorf(" [%s] not a valid permission for role [%s]\n", cleanPerm, roleName)
+						log.Errorf(" [%s] not a valid permission for role [%s]", cleanPerm, roleName)
 						os.Exit(2)
 					}
 					permMap[cleanPerm] = "yes"
 				}
 				RoleMap[roleName] = permMap
-				log.Infof("loaded Role [%s] Perms Ct [%d] Perms [%v]\n", roleName, len(permMap), permMap)
+				log.Infof("loaded Role [%s] Perms Ct [%d] Perms [%v]", roleName, len(permMap), permMap)
 			}
 		}
 	}

apiserver/root.go

@@ -92,7 +92,7 @@ func Initialize() {
 
 	Namespace = os.Getenv("NAMESPACE")
 	if Namespace == "" {
-		log.Error("NAMESPACE env var is required")
+		log.Error("NAMESPACE environment variable is required")
 		os.Exit(2)
 	}
 	log.Info("Namespace is [" + Namespace + "]")
@@ -180,7 +180,7 @@ func initConfig() {
 			os.Exit(2)
 		}
 	}
-	log.Infof("BasicAuth is %v\n", BasicAuth)
+	log.Infof("BasicAuth is %v", BasicAuth)
 
 	if !validStorageSettings() {
 		log.Error("Storage Settings are not defined correctly, can't continue")
@@ -245,7 +245,7 @@ func validateCredentials() error {
 	var err error
 
 	for _, v := range Credentials {
-		log.Infof("validating user %s and role %s ", v.Username, v.Role)
+		log.Infof("validating user %s and role %s", v.Username, v.Role)
 		if RoleMap[v.Role] == nil {
 			errMsg := fmt.Sprintf("role not found on pgouser user [%s], invalid role was [%s]", v.Username, v.Role)
 			log.Error(errMsg)
@@ -280,11 +280,11 @@ func BasicAuthzCheck(username, perm string) bool {
 	if creds == (CredentialDetail{}) {
 		//this means username not found in pgouser file
 		//should not happen at this point in code!
-		log.Error("%s not found in pgouser file\n", username)
+		log.Error("%s not found in pgouser file", username)
 		return false
 	}
 
-	log.Infof(" BasicAuthzCheck %s %s %v\n", creds.Role, perm, HasPerm(creds.Role, perm))
+	log.Infof("BasicAuthzCheck %s %s %v", creds.Role, perm, HasPerm(creds.Role, perm))
 	return HasPerm(creds.Role, perm)
 
 }
@@ -295,34 +295,34 @@ func Authn(perm string, w http.ResponseWriter, r *http.Request) error {
 
 	username, password, authOK := r.BasicAuth()
 	if AuditFlag {
-		log.Infof("[audit] %s username=[%s] method=[%s] ip=[%s]\n", perm, username, r.Method, r.RemoteAddr)
+		log.Infof("[audit] %s username=[%s] method=[%s] ip=[%s]", perm, username, r.Method, r.RemoteAddr)
 	}
 
-	log.Debugf("Authn Attempt %s username=[%s]\n", perm, username)
+	log.Debugf("Authentication Attempt %s username=[%s]", perm, username)
 	if authOK == false {
 		http.Error(w, "Not authorized", 401)
 		return errors.New("Not Authorized")
 	}
 
 	if !BasicAuthCheck(username, password) {
-		log.Errorf("Authn Failed %s username=[%s]\n", perm, username)
+		log.Errorf("Authentication Failed %s username=[%s]", perm, username)
 		http.Error(w, "Not authenticated in apiserver", 401)
 		return errors.New("Not Authenticated")
 	}
 
 	if !BasicAuthzCheck(username, perm) {
-		log.Errorf("Authn Failed %s username=[%s]\n", perm, username)
+		log.Errorf("Authentication Failed %s username=[%s]", perm, username)
 		http.Error(w, "Not authorized for this apiserver action", 401)
-		return errors.New("Not Authorized for this apiserver action")
+		return errors.New("Not authorized for this apiserver action")
 	}
 
-	log.Debug("Authn Success")
+	log.Debug("Authentication Success")
 	return err
 
 }
 
 func validContainerResourcesSettings() bool {
-	log.Infof("ContainerResources has %d definitions \n", len(Pgo.ContainerResources))
+	log.Infof("ContainerResources has %d definitions", len(Pgo.ContainerResources))
 
 	//validate any Container Resources in pgo.yaml for correct formats
 	if !IsValidContainerResourceValues() {
@@ -348,7 +348,7 @@ func validContainerResourcesSettings() bool {
 }
 
 func validStorageSettings() bool {
-	log.Infof("Storage has %d definitions\n", len(Pgo.Storage))
+	log.Infof("Storage has %d definitions", len(Pgo.Storage))
 
 	ps := Pgo.PrimaryStorage
 	if IsValidStorageName(ps) {
@@ -420,26 +420,26 @@ func IsValidContainerResourceValues() bool {
 	var err error
 
 	for k, v := range Pgo.ContainerResources {
-		log.Infof("Container Resources %s [%v]\n", k, v)
+		log.Infof("Container Resources %s [%v]", k, v)
 		resources, _ := Pgo.GetContainerResource(k)
 		_, err = resource.ParseQuantity(resources.RequestsMemory)
 		if err != nil {
-			log.Errorf("%s.RequestsMemory value invalid format\n", k)
+			log.Errorf("%s.RequestsMemory value invalid format", k)
 			return false
 		}
 		_, err = resource.ParseQuantity(resources.RequestsCPU)
 		if err != nil {
-			log.Errorf("%s.RequestsCPU value invalid format\n", k)
+			log.Errorf("%s.RequestsCPU value invalid format", k)
 			return false
 		}
 		_, err = resource.ParseQuantity(resources.LimitsMemory)
 		if err != nil {
-			log.Errorf("%s.LimitsMemory value invalid format\n", k)
+			log.Errorf("%s.LimitsMemory value invalid format", k)
 			return false
 		}
 		_, err = resource.ParseQuantity(resources.LimitsCPU)
 		if err != nil {
-			log.Errorf("%s.LimitsCPU value invalid format\n", k)
+			log.Errorf("%s.LimitsCPU value invalid format", k)
 			return false
 		}
 	}