Renaming IPWhiteList to IPAllowList

2022-10-26 18:16:05 +03:00 · 2022-10-26 18:16:05 +03:00 · 1b9873cae9
commit 1b9873cae9
parent e86f21ae7b
69 changed files with 523 additions and 506 deletions
--- a/pkg/middlewares/ipallowlist/ip_allowlist.go
+++ b/pkg/middlewares/ipallowlist/ip_allowlist.go
@ -1,4 +1,4 @@
-package ipwhitelist
+package ipallowlist

 import (
 	"context"
@ -15,29 +15,29 @@ import (
 )

 const (
-	typeName = "IPWhiteLister"
+	typeName = "IPAllowLister"
 )

-// ipWhiteLister is a middleware that provides Checks of the Requesting IP against a set of Whitelists.
-type ipWhiteLister struct {
+// ipAllowLister is a middleware that provides Checks of the Requesting IP against a set of Allowlists.
+type ipAllowLister struct {
 	next        http.Handler
-	whiteLister *ip.Checker
+	allowLister *ip.Checker
 	strategy    ip.Strategy
 	name        string
 }

-// New builds a new IPWhiteLister given a list of CIDR-Strings to whitelist.
-func New(ctx context.Context, next http.Handler, config dynamic.IPWhiteList, name string) (http.Handler, error) {
+// New builds a new IPAllowLister given a list of CIDR-Strings to allow.
+func New(ctx context.Context, next http.Handler, config dynamic.IPAllowList, name string) (http.Handler, error) {
 	logger := log.FromContext(middlewares.GetLoggerCtx(ctx, name, typeName))
 	logger.Debug("Creating middleware")

 	if len(config.SourceRange) == 0 {
-		return nil, errors.New("sourceRange is empty, IPWhiteLister not created")
+		return nil, errors.New("sourceRange is empty, IPAllowLister not created")
 	}

 	checker, err := ip.NewChecker(config.SourceRange)
 	if err != nil {
-		return nil, fmt.Errorf("cannot parse CIDR whitelist %s: %w", config.SourceRange, err)
+		return nil, fmt.Errorf("cannot parse CIDRs %s: %w", config.SourceRange, err)
 	}

 	strategy, err := config.IPStrategy.Get()
@ -45,26 +45,26 @@ func New(ctx context.Context, next http.Handler, config dynamic.IPWhiteList, nam
 		return nil, err
 	}

-	logger.Debugf("Setting up IPWhiteLister with sourceRange: %s", config.SourceRange)
+	logger.Debugf("Setting up IPAllowLister with sourceRange: %s", config.SourceRange)

-	return &ipWhiteLister{
+	return &ipAllowLister{
 		strategy:    strategy,
-		whiteLister: checker,
+		allowLister: checker,
 		next:        next,
 		name:        name,
 	}, nil
 }

-func (wl *ipWhiteLister) GetTracingInformation() (string, ext.SpanKindEnum) {
-	return wl.name, tracing.SpanKindNoneEnum
+func (al *ipAllowLister) GetTracingInformation() (string, ext.SpanKindEnum) {
+	return al.name, tracing.SpanKindNoneEnum
 }

-func (wl *ipWhiteLister) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	ctx := middlewares.GetLoggerCtx(req.Context(), wl.name, typeName)
+func (al *ipAllowLister) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
+	ctx := middlewares.GetLoggerCtx(req.Context(), al.name, typeName)
 	logger := log.FromContext(ctx)

-	clientIP := wl.strategy.GetIP(req)
-	err := wl.whiteLister.IsAuthorized(clientIP)
+	clientIP := al.strategy.GetIP(req)
+	err := al.allowLister.IsAuthorized(clientIP)
 	if err != nil {
 		msg := fmt.Sprintf("Rejecting IP %s: %v", clientIP, err)
 		logger.Debug(msg)
@ -74,7 +74,7 @@ func (wl *ipWhiteLister) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 	}
 	logger.Debugf("Accepting IP %s", clientIP)

-	wl.next.ServeHTTP(rw, req)
+	al.next.ServeHTTP(rw, req)
 }

 func reject(ctx context.Context, rw http.ResponseWriter) {
--- a/pkg/middlewares/ipallowlist/ip_allowlist_test.go
+++ b/pkg/middlewares/ipallowlist/ip_allowlist_test.go
@ -1,4 +1,4 @@
-package ipwhitelist
+package ipallowlist

 import (
 	"context"
@ -11,22 +11,22 @@ import (
 	"github.com/traefik/traefik/v2/pkg/config/dynamic"
 )

-func TestNewIPWhiteLister(t *testing.T) {
+func TestNewIPAllowLister(t *testing.T) {
 	testCases := []struct {
 		desc          string
-		whiteList     dynamic.IPWhiteList
+		allowList     dynamic.IPAllowList
 		expectedError bool
 	}{
 		{
 			desc: "invalid IP",
-			whiteList: dynamic.IPWhiteList{
+			allowList: dynamic.IPAllowList{
 				SourceRange: []string{"foo"},
 			},
 			expectedError: true,
 		},
 		{
 			desc: "valid IP",
-			whiteList: dynamic.IPWhiteList{
+			allowList: dynamic.IPAllowList{
 				SourceRange: []string{"10.10.10.10"},
 			},
 		},
@ -38,28 +38,28 @@ func TestNewIPWhiteLister(t *testing.T) {
 			t.Parallel()

 			next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})
-			whiteLister, err := New(context.Background(), next, test.whiteList, "traefikTest")
+			allowLister, err := New(context.Background(), next, test.allowList, "traefikTest")

 			if test.expectedError {
 				assert.Error(t, err)
 			} else {
 				require.NoError(t, err)
-				assert.NotNil(t, whiteLister)
+				assert.NotNil(t, allowLister)
 			}
 		})
 	}
 }

-func TestIPWhiteLister_ServeHTTP(t *testing.T) {
+func TestIPAllowLister_ServeHTTP(t *testing.T) {
 	testCases := []struct {
 		desc       string
-		whiteList  dynamic.IPWhiteList
+		allowList  dynamic.IPAllowList
 		remoteAddr string
 		expected   int
 	}{
 		{
 			desc: "authorized with remote address",
-			whiteList: dynamic.IPWhiteList{
+			allowList: dynamic.IPAllowList{
 				SourceRange: []string{"20.20.20.20"},
 			},
 			remoteAddr: "20.20.20.20:1234",
@ -67,7 +67,7 @@ func TestIPWhiteLister_ServeHTTP(t *testing.T) {
 		},
 		{
 			desc: "non authorized with remote address",
-			whiteList: dynamic.IPWhiteList{
+			allowList: dynamic.IPAllowList{
 				SourceRange: []string{"20.20.20.20"},
 			},
 			remoteAddr: "20.20.20.21:1234",
@ -81,7 +81,7 @@ func TestIPWhiteLister_ServeHTTP(t *testing.T) {
 			t.Parallel()

 			next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})
-			whiteLister, err := New(context.Background(), next, test.whiteList, "traefikTest")
+			allowLister, err := New(context.Background(), next, test.allowList, "traefikTest")
 			require.NoError(t, err)

 			recorder := httptest.NewRecorder()
@ -92,7 +92,7 @@ func TestIPWhiteLister_ServeHTTP(t *testing.T) {
 				req.RemoteAddr = test.remoteAddr
 			}

-			whiteLister.ServeHTTP(recorder, req)
+			allowLister.ServeHTTP(recorder, req)

 			assert.Equal(t, test.expected, recorder.Code)
 		})
--- a/pkg/middlewares/tcp/ipallowlist/ip_allowlist.go
+++ b/pkg/middlewares/tcp/ipallowlist/ip_allowlist.go
@ -1,4 +1,4 @@
-package tcpipwhitelist
+package tcpipallowlist

 import (
 	"context"
@ -13,46 +13,46 @@ import (
 )

 const (
-	typeName = "IPWhiteListerTCP"
+	typeName = "IPAllowListerTCP"
 )

-// ipWhiteLister is a middleware that provides Checks of the Requesting IP against a set of Whitelists.
-type ipWhiteLister struct {
+// ipAllowLister is a middleware that provides Checks of the Requesting IP against a set of Allowlists.
+type ipAllowLister struct {
 	next        tcp.Handler
-	whiteLister *ip.Checker
+	allowLister *ip.Checker
 	name        string
 }

-// New builds a new TCP IPWhiteLister given a list of CIDR-Strings to whitelist.
-func New(ctx context.Context, next tcp.Handler, config dynamic.TCPIPWhiteList, name string) (tcp.Handler, error) {
+// New builds a new TCP IPAllowLister given a list of CIDR-Strings to allow.
+func New(ctx context.Context, next tcp.Handler, config dynamic.TCPIPAllowList, name string) (tcp.Handler, error) {
 	logger := log.FromContext(middlewares.GetLoggerCtx(ctx, name, typeName))
 	logger.Debug("Creating middleware")

 	if len(config.SourceRange) == 0 {
-		return nil, errors.New("sourceRange is empty, IPWhiteLister not created")
+		return nil, errors.New("sourceRange is empty, IPAllowLister not created")
 	}

 	checker, err := ip.NewChecker(config.SourceRange)
 	if err != nil {
-		return nil, fmt.Errorf("cannot parse CIDR whitelist %s: %w", config.SourceRange, err)
+		return nil, fmt.Errorf("cannot parse CIDRs %s: %w", config.SourceRange, err)
 	}

-	logger.Debugf("Setting up IPWhiteLister with sourceRange: %s", config.SourceRange)
+	logger.Debugf("Setting up IPAllowLister with sourceRange: %s", config.SourceRange)

-	return &ipWhiteLister{
-		whiteLister: checker,
+	return &ipAllowLister{
+		allowLister: checker,
 		next:        next,
 		name:        name,
 	}, nil
 }

-func (wl *ipWhiteLister) ServeTCP(conn tcp.WriteCloser) {
-	ctx := middlewares.GetLoggerCtx(context.Background(), wl.name, typeName)
+func (al *ipAllowLister) ServeTCP(conn tcp.WriteCloser) {
+	ctx := middlewares.GetLoggerCtx(context.Background(), al.name, typeName)
 	logger := log.FromContext(ctx)

 	addr := conn.RemoteAddr().String()

-	err := wl.whiteLister.IsAuthorized(addr)
+	err := al.allowLister.IsAuthorized(addr)
 	if err != nil {
 		logger.Errorf("Connection from %s rejected: %v", addr, err)
 		conn.Close()
@ -61,5 +61,5 @@ func (wl *ipWhiteLister) ServeTCP(conn tcp.WriteCloser) {

 	logger.Debugf("Connection from %s accepted", addr)

-	wl.next.ServeTCP(conn)
+	al.next.ServeTCP(conn)
 }
--- a/pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go
+++ b/pkg/middlewares/tcp/ipallowlist/ip_allowlist_test.go
@ -1,4 +1,4 @@
-package tcpipwhitelist
+package tcpipallowlist

 import (
 	"context"
@ -12,27 +12,27 @@ import (
 	"github.com/traefik/traefik/v2/pkg/tcp"
 )

-func TestNewIPWhiteLister(t *testing.T) {
+func TestNewIPAllowLister(t *testing.T) {
 	testCases := []struct {
 		desc          string
-		whiteList     dynamic.TCPIPWhiteList
+		allowList     dynamic.TCPIPAllowList
 		expectedError bool
 	}{
 		{
 			desc:          "Empty config",
-			whiteList:     dynamic.TCPIPWhiteList{},
+			allowList:     dynamic.TCPIPAllowList{},
 			expectedError: true,
 		},
 		{
 			desc: "invalid IP",
-			whiteList: dynamic.TCPIPWhiteList{
+			allowList: dynamic.TCPIPAllowList{
 				SourceRange: []string{"foo"},
 			},
 			expectedError: true,
 		},
 		{
 			desc: "valid IP",
-			whiteList: dynamic.TCPIPWhiteList{
+			allowList: dynamic.TCPIPAllowList{
 				SourceRange: []string{"10.10.10.10"},
 			},
 		},
@ -44,28 +44,28 @@ func TestNewIPWhiteLister(t *testing.T) {
 			t.Parallel()

 			next := tcp.HandlerFunc(func(conn tcp.WriteCloser) {})
-			whiteLister, err := New(context.Background(), next, test.whiteList, "traefikTest")
+			allowLister, err := New(context.Background(), next, test.allowList, "traefikTest")

 			if test.expectedError {
 				assert.Error(t, err)
 			} else {
 				require.NoError(t, err)
-				assert.NotNil(t, whiteLister)
+				assert.NotNil(t, allowLister)
 			}
 		})
 	}
 }

-func TestIPWhiteLister_ServeHTTP(t *testing.T) {
+func TestIPAllowLister_ServeHTTP(t *testing.T) {
 	testCases := []struct {
 		desc       string
-		whiteList  dynamic.TCPIPWhiteList
+		allowList  dynamic.TCPIPAllowList
 		remoteAddr string
 		expected   string
 	}{
 		{
 			desc: "authorized with remote address",
-			whiteList: dynamic.TCPIPWhiteList{
+			allowList: dynamic.TCPIPAllowList{
 				SourceRange: []string{"20.20.20.20"},
 			},
 			remoteAddr: "20.20.20.20:1234",
@ -73,7 +73,7 @@ func TestIPWhiteLister_ServeHTTP(t *testing.T) {
 		},
 		{
 			desc: "non authorized with remote address",
-			whiteList: dynamic.TCPIPWhiteList{
+			allowList: dynamic.TCPIPAllowList{
 				SourceRange: []string{"20.20.20.20"},
 			},
 			remoteAddr: "20.20.20.21:1234",
@ -94,13 +94,13 @@ func TestIPWhiteLister_ServeHTTP(t *testing.T) {
 				require.NoError(t, err)
 			})

-			whiteLister, err := New(context.Background(), next, test.whiteList, "traefikTest")
+			allowLister, err := New(context.Background(), next, test.allowList, "traefikTest")
 			require.NoError(t, err)

 			server, client := net.Pipe()

 			go func() {
-				whiteLister.ServeTCP(&contextWriteCloser{client, addr{test.remoteAddr}})
+				allowLister.ServeTCP(&contextWriteCloser{client, addr{test.remoteAddr}})
 			}()

 			read, err := io.ReadAll(server)