Documentation
¶
Index ¶
- Constants
- func AwaitHealthy(ctx context.Context, svc blobcache.Service) error
- func LoadPrivateKey(p string) (inet256.PrivateKey, error)
- func Run(ctx context.Context, stateDir string, pc net.PacketConn, serveAPI net.Listener) error
- func SavePolicy(stateDir string, policy *Policy) error
- func SavePrivateKey(p string, privKey inet256.PrivateKey) error
- func WriteAuthnFile(w io.Writer, membership []Membership) error
- func WriteAuthzFile(w io.Writer, grants []Grant) error
- type Action
- type Daemon
- type Grant
- type Identity
- type Membership
- type Object
- type Policy
- func (p *Policy) AddGrant(grant Grant) bool
- func (p *Policy) AddMember(group string, member Identity) bool
- func (p *Policy) AllGrants() iter.Seq[Grant]
- func (p *Policy) AllGroups() iter.Seq[string]
- func (p *Policy) AllMemberships() iter.Seq[Membership]
- func (p *Policy) CanLook(subject blobcache.PeerID, oid blobcache.OID) bool
- func (p *Policy) IsIdentityDefined(iden Identity) bool
- func (p *Policy) MembersOf(group string) iter.Seq[Identity]
- func (p *Policy) RemoveGrant(grant Grant) bool
- func (p *Policy) RemoveMember(group string, member Identity) (didChange bool)
- func (p *Policy) Supersets(a, b Identity) bool
Constants ¶
const ( AuthnFilename = "AUTHN" AuthzFilename = "AUTHZ" )
Variables ¶
This section is empty.
Functions ¶
func LoadPrivateKey ¶
func LoadPrivateKey(p string) (inet256.PrivateKey, error)
func Run ¶
Run runs the blobcache daemon, until the context is cancelled. If the context is cancelled, Run returns nil. Run returns an error if it returns for any other reason.
func SavePolicy ¶
func SavePrivateKey ¶
func SavePrivateKey(p string, privKey inet256.PrivateKey) error
func WriteAuthnFile ¶
func WriteAuthnFile(w io.Writer, membership []Membership) error
WriteAuthnFile writes the memberships to the writer, such that they can be parsed by ParseAuthnFile. It inserts an extra newline every time the group changes from the previous membership.
Types ¶
type Daemon ¶
type Daemon struct {
StateDir string
}
func (*Daemon) EnsurePrivateKey ¶
func (d *Daemon) EnsurePrivateKey() (inet256.PrivateKey, error)
EnsurePrivateKey generates a private key if it doesn't exist, and returns it.
type Grant ¶
func LoadAuthzFile ¶
LoadAuthzFile loads the authz file from the filesystem.
type Identity ¶
type Identity struct {
// Name references a group.
Name *string
// Peer is a single peer.
Peer *blobcache.PeerID
}
func ParseIdentity ¶
type Membership ¶
func LoadAuthnFile ¶
func LoadAuthnFile(p string) ([]Membership, error)
LoadAuthnFile loads the authn file from the filesystem.
func ParseAuthnFile ¶
func ParseAuthnFile(r io.Reader) (ret []Membership, _ error)
type Object ¶
Object is something that Actions are performed on. It can be a specific OID, or a set of names defined by a regular expression.
func ParseObject ¶
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
func LoadPolicy ¶
LoadPolicy loads the 2 policy files ( {stateDir}/AUTHN and {stateDir}/AUTHZ ) from the filesystem.
func NewPolicy ¶
func NewPolicy(membership []Membership, grants []Grant) *Policy
func (*Policy) AllMemberships ¶
func (p *Policy) AllMemberships() iter.Seq[Membership]
AllMemberships returns all the memberships in topological order. The order is such that a group can only be mentioned after all the groups it depends on have been mentioned.
func (*Policy) IsIdentityDefined ¶
IsDefined returns true if the identity is a defined group, or a peer.
Source Files