From 3e02e273d3ecb32d62bb7ab0bb5d975c35fd2ba6 Mon Sep 17 00:00:00 2001
From: Armon Dadgar <armon.dadgar@gmail.com>
Date: Mon, 7 Aug 2017 15:01:25 -0700
Subject: [PATCH] nomad: Upsert and Delete ACL policies can take a list

---
 nomad/state/state_store.go      | 48 ++++++++++++++++++---------------
 nomad/state/state_store_test.go | 17 +++++-------
 2 files changed, 33 insertions(+), 32 deletions(-)

diff --git a/nomad/state/state_store.go b/nomad/state/state_store.go
index 9cbce6cbb..ea876297d 100644
--- a/nomad/state/state_store.go
+++ b/nomad/state/state_store.go
@@ -2788,29 +2788,31 @@ func (s *StateStore) addEphemeralDiskToTaskGroups(job *structs.Job) {
 	}
 }
 
-// UpsertACLPolicy is used to create or update an ACL policy
-func (s *StateStore) UpsertACLPolicy(index uint64, policy *structs.ACLPolicy) error {
+// UpsertACLPolicies is used to create or update a set of ACL policies
+func (s *StateStore) UpsertACLPolicies(index uint64, policies []*structs.ACLPolicy) error {
 	txn := s.db.Txn(true)
 	defer txn.Abort()
 
-	// Check if the policy already exists
-	existing, err := txn.First("acl_policy", "id", policy.Name)
-	if err != nil {
-		return fmt.Errorf("policy lookup failed: %v", err)
-	}
+	for _, policy := range policies {
+		// Check if the policy already exists
+		existing, err := txn.First("acl_policy", "id", policy.Name)
+		if err != nil {
+			return fmt.Errorf("policy lookup failed: %v", err)
+		}
 
-	// Update all the indexes
-	if existing != nil {
-		policy.CreateIndex = existing.(*structs.ACLPolicy).CreateIndex
-		policy.ModifyIndex = index
-	} else {
-		policy.CreateIndex = index
-		policy.ModifyIndex = index
-	}
+		// Update all the indexes
+		if existing != nil {
+			policy.CreateIndex = existing.(*structs.ACLPolicy).CreateIndex
+			policy.ModifyIndex = index
+		} else {
+			policy.CreateIndex = index
+			policy.ModifyIndex = index
+		}
 
-	// Update the policy
-	if err := txn.Insert("acl_policy", policy); err != nil {
-		return fmt.Errorf("upserting policy failed: %v", err)
+		// Update the policy
+		if err := txn.Insert("acl_policy", policy); err != nil {
+			return fmt.Errorf("upserting policy failed: %v", err)
+		}
 	}
 
 	// Update the indexes tabl
@@ -2822,14 +2824,16 @@ func (s *StateStore) UpsertACLPolicy(index uint64, policy *structs.ACLPolicy) er
 	return nil
 }
 
-// DeleteACLPolicy deletes the policy with the given name
-func (s *StateStore) DeleteACLPolicy(index uint64, name string) error {
+// DeleteACLPolicies deletes the policies with the given names
+func (s *StateStore) DeleteACLPolicies(index uint64, names []string) error {
 	txn := s.db.Txn(true)
 	defer txn.Abort()
 
 	// Delete the policy
-	if _, err := txn.DeleteAll("acl_policy", "id", name); err != nil {
-		return fmt.Errorf("deleting acl policy failed: %v", err)
+	for _, name := range names {
+		if _, err := txn.DeleteAll("acl_policy", "id", name); err != nil {
+			return fmt.Errorf("deleting acl policy failed: %v", err)
+		}
 	}
 	if err := txn.Insert("index", &IndexEntry{"acl_policy", index}); err != nil {
 		return fmt.Errorf("index update failed: %v", err)
diff --git a/nomad/state/state_store_test.go b/nomad/state/state_store_test.go
index bfc08e480..092ef1178 100644
--- a/nomad/state/state_store_test.go
+++ b/nomad/state/state_store_test.go
@@ -5838,14 +5838,8 @@ func TestStateStore_UpsertACLPolicy(t *testing.T) {
 		t.Fatalf("err: %v", err)
 	}
 
-	if err := state.UpsertACLPolicy(1000, policy); err != nil {
-		t.Fatalf("err: %v", err)
-	}
-	if !watchFired(ws) {
-		t.Fatalf("bad")
-	}
-
-	if err := state.UpsertACLPolicy(1001, policy2); err != nil {
+	if err := state.UpsertACLPolicies(1000,
+		[]*structs.ACLPolicy{policy, policy2}); err != nil {
 		t.Fatalf("err: %v", err)
 	}
 	if !watchFired(ws) {
@@ -5895,9 +5889,11 @@ func TestStateStore_UpsertACLPolicy(t *testing.T) {
 func TestStateStore_DeleteACLPolicy(t *testing.T) {
 	state := testStateStore(t)
 	policy := mock.ACLPolicy()
+	policy2 := mock.ACLPolicy()
 
 	// Create the policy
-	if err := state.UpsertACLPolicy(1000, policy); err != nil {
+	if err := state.UpsertACLPolicies(1000,
+		[]*structs.ACLPolicy{policy, policy2}); err != nil {
 		t.Fatalf("err: %v", err)
 	}
 
@@ -5908,7 +5904,8 @@ func TestStateStore_DeleteACLPolicy(t *testing.T) {
 	}
 
 	// Delete the policy
-	if err := state.DeleteACLPolicy(1001, policy.Name); err != nil {
+	if err := state.DeleteACLPolicies(1001,
+		[]string{policy.Name, policy2.Name}); err != nil {
 		t.Fatalf("err: %v", err)
 	}