authv1

package

v0.1.0 Latest Latest Go to latest Published: Apr 21, 2023 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/CrowdStrike/crwdapis

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Operation_name = map[int32]string{
		0: "OPERATION_UNSPECIFIED",
		1: "OPERATION_AND",
		2: "OPERATION_OR",
	}
	Operation_value = map[string]int32{
		"OPERATION_UNSPECIFIED": 0,
		"OPERATION_AND":         1,
		"OPERATION_OR":          2,
	}
)

Enum value maps for Operation.

View Source

var (
	// optional crwd.api.v1.Auth auth = 1000;
	E_Auth = &file_crwd_api_v1_auth_proto_extTypes[0]
)

Extension fields to descriptorpb.MethodOptions.

View Source

var File_crwd_api_v1_auth_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type Auth ¶

type Auth struct {

	// Types that are assignable to Policy:
	//
	//	*Auth_Permission
	//	*Auth_Expression
	Policy isAuth_Policy `protobuf_oneof:"policy"`
	// contains filtered or unexported fields
}

Auth expresses authorization policies for an RPC.

func (*Auth) Descriptor deprecated

func (*Auth) Descriptor() ([]byte, []int)

Deprecated: Use Auth.ProtoReflect.Descriptor instead.

func (*Auth) GetExpression ¶

func (x *Auth) GetExpression() *PermissionExpression

func (*Auth) GetPermission ¶

func (x *Auth) GetPermission() *Permission

func (*Auth) GetPolicy ¶

func (m *Auth) GetPolicy() isAuth_Policy

func (*Auth) ProtoMessage ¶

func (*Auth) ProtoMessage()

func (*Auth) ProtoReflect ¶

func (x *Auth) ProtoReflect() protoreflect.Message

func (*Auth) Reset ¶

func (x *Auth) Reset()

func (*Auth) String ¶

func (x *Auth) String() string

type Auth_Expression ¶

type Auth_Expression struct {
	Expression *PermissionExpression `protobuf:"bytes,3,opt,name=expression,proto3,oneof"`
}

type Auth_Permission ¶

type Auth_Permission struct {
	Permission *Permission `protobuf:"bytes,1,opt,name=permission,proto3,oneof"`
}

type Operation ¶

type Operation int32

Operation defines allowed boolean operations.

const (
	Operation_OPERATION_UNSPECIFIED Operation = 0
	Operation_OPERATION_AND         Operation = 1
	Operation_OPERATION_OR          Operation = 2
)

func (Operation) Descriptor ¶

func (Operation) Descriptor() protoreflect.EnumDescriptor

func (Operation) Enum ¶

func (x Operation) Enum() *Operation

func (Operation) EnumDescriptor deprecated

func (Operation) EnumDescriptor() ([]byte, []int)

Deprecated: Use Operation.Descriptor instead.

func (Operation) Number ¶

func (x Operation) Number() protoreflect.EnumNumber

func (Operation) String ¶

func (x Operation) String() string

func (Operation) Type ¶

func (Operation) Type() protoreflect.EnumType

type Permission ¶

type Permission struct {

	// The object, predicate, and subject fields are the types that are being
	// permission checked. For example, can a user subject read a book object?
	Object    string  `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"`
	Predicate *string `protobuf:"bytes,2,opt,name=predicate,proto3,oneof" json:"predicate,omitempty"`
	Subject   *string `protobuf:"bytes,3,opt,name=subject,proto3,oneof" json:"subject,omitempty"`
	// contains filtered or unexported fields
}

Permission is the building block for expressing authorization.

Example:

rpc CreateFoo(CreateFooRequest) returns (CreateFooResponse) {
	option (crwd.api.v1.auth) = {
		permission: {
			predicate: "create"
			resource: "foo"
		}
	};
};

func (*Permission) Descriptor deprecated

func (*Permission) Descriptor() ([]byte, []int)

Deprecated: Use Permission.ProtoReflect.Descriptor instead.

func (*Permission) GetObject ¶

func (x *Permission) GetObject() string

func (*Permission) GetPredicate ¶

func (x *Permission) GetPredicate() string

func (*Permission) GetSubject ¶

func (x *Permission) GetSubject() string

func (*Permission) ProtoMessage ¶

func (*Permission) ProtoMessage()

func (*Permission) ProtoReflect ¶

func (x *Permission) ProtoReflect() protoreflect.Message

func (*Permission) Reset ¶

func (x *Permission) Reset()

func (*Permission) String ¶

func (x *Permission) String() string

type PermissionExpression ¶

type PermissionExpression struct {
	Policies []*Auth   `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
	Op       Operation `protobuf:"varint,2,opt,name=op,proto3,enum=crwd.api.v1.Operation" json:"op,omitempty"`
	// contains filtered or unexported fields
}

PermissionExpression allows for boolean operations on policies.

Example:

option (crwd.api.v1.auth) = {
	permission_expression: {
		policies: [
			{
				permission: {
					predicate: "update"
					resource: "foo"
				}
			},
			{
				permission: {
					predicate: "delete"
					resource: "foo"
				},
			}
		]
		op: OR
	}
};

func (*PermissionExpression) Descriptor deprecated

func (*PermissionExpression) Descriptor() ([]byte, []int)

Deprecated: Use PermissionExpression.ProtoReflect.Descriptor instead.

func (*PermissionExpression) GetOp ¶

func (x *PermissionExpression) GetOp() Operation

func (*PermissionExpression) GetPolicies ¶

func (x *PermissionExpression) GetPolicies() []*Auth

func (*PermissionExpression) ProtoMessage ¶

func (*PermissionExpression) ProtoMessage()

func (*PermissionExpression) ProtoReflect ¶

func (x *PermissionExpression) ProtoReflect() protoreflect.Message

func (*PermissionExpression) Reset ¶

func (x *PermissionExpression) Reset()

func (*PermissionExpression) String ¶

func (x *PermissionExpression) String() string

Source Files ¶

View all Source files

auth.pb.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL