tree

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2019 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrDuplicateEntityID is returned when the entity ID
	// requested is already in use.
	ErrDuplicateEntityID = errors.New("this ID is already allocated")

	// ErrDuplicateGroupName is returned when the group name
	// requested is already in use.
	ErrDuplicateGroupName = errors.New("this name is already allocated")

	// ErrDuplicateNumber is returned if the number requested is
	// already in use.
	ErrDuplicateNumber = errors.New("this number is already allocated")

	// ErrUnknownCapability is returned when an action is
	// requested that involves a capability not known to the
	// system.
	ErrUnknownCapability = errors.New("the capability specified is unknown")

	// ErrExistingExpansion is returned when an action would
	// create an expansion that already exists.
	ErrExistingExpansion = errors.New("this expansion already exists")

	// ErrEntityLocked is returned when certain actions are
	// attempted on a locked entity.  Locked entities cannot
	// authenticate or change secrets.  They are effectively dead
	// to the system.
	ErrEntityLocked = errors.New("this entity is locked")

	// ErrHookExists is returned when a hook attempts to register
	// for a name that is already registered in the system.
	ErrHookExists = errors.New("a hook with this name already exists")

	// ErrUnknownHook is returned when a loader tries to add a
	// hook that is unknown to the chain.
	ErrUnknownHook = errors.New("no hook with this name exists")

	// ErrUnknownHookChain is returned when a processor attempts
	// to grab hooks from an unknown chain.
	ErrUnknownHookChain = errors.New("no chain with that ID exists")

	// ErrEmptyHookChain is returned when a chain was successfully
	// aquired, but it was empty.  In theory this shouldn't ever
	// happen, but its possible.
	ErrEmptyHookChain = errors.New("the specified chain is empty")
)

Functions

func RegisterEntityHookConstructor added in v0.0.12 

func RegisterEntityHookConstructor(name string, c EntityHookConstructor)

RegisterEntityHookConstructor registers the entity hook constructors to be called during the initialization of the main tree manager.

func RegisterGroupHookConstructor added in v0.0.12 

func RegisterGroupHookConstructor(name string, c GroupHookConstructor)

RegisterGroupHookConstructor registers the group hook constructors to be called during the initialization of the main tree manager.

Types

type BaseHook added in v0.0.12 

type BaseHook struct {
	// contains filtered or unexported fields
}

The BaseHook contains the critical fields needed to register and run hook pipelines.

func NewBaseHook added in v0.0.12 

func NewBaseHook(n string, p int) BaseHook

NewBaseHook returns a BaseHook struct for compact initialization during callback constructors.

func (*BaseHook) Name added in v0.0.12 

func (h *BaseHook) Name() string

Name returns the name of a hook. Names should be kabob case.

func (*BaseHook) Priority added in v0.0.12 

func (h *BaseHook) Priority() int

Priority returns the priority of a hook. Priorities are banded as follows: 0-10: 

Loaders

11-19: 

Load time integrity checks

20-29: 

User defined pre processing

30-49: 

Checks and data validation

50-89: 

User defined post processing

90-99: 

Serialization and storage

type ChainConfig added in v0.0.12 

type ChainConfig map[string][]string

The ChainConfig type maps from chain name to a list of hooks that should be in this chain. The same type is used for entities and groups, but as these each have seperate chains, different configs must be created and loaded for each.

type EntityHook added in v0.0.12 

type EntityHook interface {
	Priority() int
	Name() string
	Run(*pb.Entity, *pb.Entity) error
}

An EntityHook is a function that transforms an entity as part of an EntityProcessor pipeline.

type EntityHookConstructor added in v0.0.12 

type EntityHookConstructor func(RefContext) (EntityHook, error)

EntityHookConstructor functions construct EntityHook instances and return the hooks for registration into the map of hooks. This allows the hooks to notify the module of thier presence and defer construction until a RefContext can be prepared.

type GroupHook added in v0.0.12 

type GroupHook interface {
	Priority() int
	Name() string
	Run(*pb.Group, *pb.Group) error
}

An GroupHook is a function that transforms an group as part of an GroupProcessor pipeline.

type GroupHookConstructor added in v0.0.12 

type GroupHookConstructor func(RefContext) (GroupHook, error)

GroupHookConstructor functions construct GroupHook instances and return the hooks for registration into the map of hooks. This allows the hooks to notify the module of thier presence and defer construction until a RefContext can be prepared.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

The Manager binds all methods for managing a tree of entities with the associated groups, capabilities, and other assorted functions. This is the type that is served up by the RPC layer.

func New 

func New(db db.DB, crypto crypto.EMCrypto) (*Manager, error)

New returns an initialized tree.Manager on to which all other functions are bound.

func (*Manager) AddEntityToGroup 

func (m *Manager) AddEntityToGroup(entityID, groupName string) error

AddEntityToGroup is the same as the internal function, but takes an entity ID rather than a pointer

func (*Manager) Bootstrap added in v0.0.12 

func (m *Manager) Bootstrap(ID string, secret string)

Bootstrap is a function that can be called during the startup of the srever to create an entity that has the appropriate authority to create more entities and otherwise manage the server. This can only be called once during startup, attepts to call it again will result in no change. The bootstrap user will always get the next available number which in most cases will be 1.

func (*Manager) CheckRequiredEntityChains added in v0.0.12 

func (m *Manager) CheckRequiredEntityChains() error

CheckRequiredEntityChains searches for all chains in the default chains list and logs a fatal error if one isn't found in the configured list. This allows the system to later assert the presence of chains without checking, since they cannot be modified after loading.

func (*Manager) CheckRequiredGroupChains added in v0.0.12 

func (m *Manager) CheckRequiredGroupChains() error

CheckRequiredGroupChains searches for all chains in the default chains list and logs a fatal error if one isn't found in the configured list. This allows the system to later assert the presence of chains without checking, since they cannot be modified after loading.

func (*Manager) CreateEntity added in v0.0.12 

func (m *Manager) CreateEntity(ID string, number int32, secret string) error

CreateEntity creates a new entity given an ID, number, and secret. Its not necessary to set the secret upon creation and it can be set later. If not set on creation then the entity will not be usable. number must be a unique positive integer. Because these are generally allocated in sequence the special value '-1' may be specified which will select the next available number.

func (*Manager) CreateGroup added in v0.0.12 

func (m *Manager) CreateGroup(name, displayName, managedBy string, number int32) error

CreateGroup adds a group to the datastore if it does not currently exist. If the group exists then it cannot be added and an error is returned.

func (*Manager) DestroyEntity added in v0.0.12 

func (m *Manager) DestroyEntity(ID string) error

DestroyEntity deletes the named entity. This function will delete the entity in a non-atomic way, but will ensure that the entity cannot be authenticated with before returning. If the named ID does not exist the function will return tree.E_NO_ENTITY, in all other cases nil is returned.

func (*Manager) DestroyGroup added in v0.0.12 

func (m *Manager) DestroyGroup(name string) error

DestroyGroup unsurprisingly deletes a group. There's no real logic here, it just passes the delete call through to the storage layer.

func (*Manager) DisableBootstrap 

func (m *Manager) DisableBootstrap()

DisableBootstrap disables the ability to bootstrap after the opportunity to do so has passed.

func (*Manager) DropEntityCapability added in v0.0.12 

func (m *Manager) DropEntityCapability(ID string, c string) error

DropEntityCapability is a convenience function to get the entity and hand it off to the actual removeEntityCapability function

func (*Manager) DropGroupCapability added in v0.0.12 

func (m *Manager) DropGroupCapability(name string, c string) error

DropGroupCapability removes capabilities from groups. It should be preferred to add/remove capabilities to groups, rather than to entities directly.

func (*Manager) FetchEntity added in v0.0.12 

func (m *Manager) FetchEntity(ID string) (*pb.Entity, error)

FetchEntity returns an entity to the caller after first making a safe copy of it to remove secure fields.

func (*Manager) FetchGroup added in v0.0.12 

func (m *Manager) FetchGroup(name string) (*pb.Group, error)

FetchGroup fetches a group by name and returns a pointer to the group and a nil error. If the group cannot be loaded the error will explain why. This is very thin since it just obtains a value from the storage layer.

func (*Manager) GetMemberships 

func (m *Manager) GetMemberships(e *pb.Entity, includeIndirects bool) []string

GetMemberships returns all groups the entity is a member of, optionally including indirect memberships

func (*Manager) InitializeEntityChains added in v0.0.12 

func (m *Manager) InitializeEntityChains(c ChainConfig) error

InitializeEntityChains initializes the map of chains stored on the manager. It is expected that any merging of an external configuration has happened before this function is called.

func (*Manager) InitializeEntityHooks added in v0.0.12 

func (m *Manager) InitializeEntityHooks()

InitializeEntityHooks runs all the EntityHookConstructors and registers the resulting hooks by name into m.entityProcessorHooks

func (*Manager) InitializeGroupChains added in v0.0.12 

func (m *Manager) InitializeGroupChains(c ChainConfig) error

InitializeGroupChains initializes the map of chains stored on the manager. It is expected that any merging of an external configuration has happened before this function is called.

func (*Manager) InitializeGroupHooks added in v0.0.12 

func (m *Manager) InitializeGroupHooks()

InitializeGroupHooks runs all the GroupHookConstructors and registers the resulting hooks by name into m.groupProcessorHooks

func (*Manager) ListMembers 

func (m *Manager) ListMembers(groupID string) ([]*pb.Entity, error)

ListMembers fulfills the same function as the private version of this function, but with one crucial difference, it produces copies of the entities that have the secret redacted.

func (*Manager) LockEntity added in v0.0.11 

func (m *Manager) LockEntity(ID string) error

LockEntity allows external callers to lock entities directly. Internal users can just set the value directly.

func (*Manager) ManageUntypedEntityMeta added in v0.0.10 

func (m *Manager) ManageUntypedEntityMeta(ID, mode, key, value string) ([]string, error)

ManageUntypedEntityMeta handles the things that may be annotated onto an entity. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.

func (*Manager) ManageUntypedGroupMeta added in v0.0.10 

func (m *Manager) ManageUntypedGroupMeta(name, mode, key, value string) ([]string, error)

ManageUntypedGroupMeta handles the things that may be annotated onto a group. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.

func (*Manager) ModifyGroupExpansions 

func (m *Manager) ModifyGroupExpansions(parent, child string, mode pb.ExpansionMode) error

ModifyGroupExpansions handles changing the expansions on a group. This can include adding an INCLUDE or EXCLUDE type expansion, or using the special expansion type DROP, removing an existing one.

func (*Manager) RegisterEntityHookToChain added in v0.2.0 

func (m *Manager) RegisterEntityHookToChain(hook, chain string) error

RegisterEntityHookToChain registers a hook to a given chain.

func (*Manager) RegisterGroupHookToChain added in v0.2.0 

func (m *Manager) RegisterGroupHookToChain(hook, chain string) error

RegisterGroupHookToChain registers a hook to a given chain.

func (*Manager) RemoveEntityFromGroup 

func (m *Manager) RemoveEntityFromGroup(entityID, groupName string) error

RemoveEntityFromGroup performs the same function as the internal variant, but does so by name rather than by entity pointer.

func (*Manager) RunEntityChain added in v0.0.12 

func (m *Manager) RunEntityChain(chain string, de *pb.Entity) (*pb.Entity, error)

RunEntityChain runs the specified chain with de specifying values to be consumed by the chain.

func (*Manager) RunGroupChain added in v0.0.12 

func (m *Manager) RunGroupChain(chain string, de *pb.Group) (*pb.Group, error)

RunGroupChain runs the specified chain with de specifying values to be consumed by the chain.

func (*Manager) SearchEntities added in v0.0.12 

func (m *Manager) SearchEntities(r db.SearchRequest) ([]*pb.Entity, error)

SearchEntities returns a list of entities filtered by the search criteria.

func (*Manager) SearchGroups added in v0.0.12 

func (m *Manager) SearchGroups(r db.SearchRequest) ([]*pb.Group, error)

SearchGroups returns a list of groups filtered by the search criteria.

func (*Manager) SetEntityCapability added in v0.0.12 

func (m *Manager) SetEntityCapability(ID string, c string) error

SetEntityCapability adds a capability to an entry directly.

func (*Manager) SetGroupCapability added in v0.0.12 

func (m *Manager) SetGroupCapability(name string, c string) error

SetGroupCapability adds a capability to an existing group. It should be preferred to add capabilities to groups rather than to entities directly.

func (*Manager) SetSecret added in v0.0.12 

func (m *Manager) SetSecret(ID string, secret string) error

SetSecret sets the secret on a given entity using the crypto interface.

func (*Manager) UnlockEntity added in v0.0.11 

func (m *Manager) UnlockEntity(ID string) error

UnlockEntity allows external callers to lock entities directly. Internal users can just set the value directly.

func (*Manager) UpdateEntityKeys 

func (m *Manager) UpdateEntityKeys(ID, mode, keytype, key string) ([]string, error)

UpdateEntityKeys manages entity public keys. Additional setup occurs to select the correct processing chain based on what action was requested.

func (*Manager) UpdateEntityMeta 

func (m *Manager) UpdateEntityMeta(ID string, newMeta *pb.EntityMeta) error

UpdateEntityMeta drives the internal version by obtaining the entity from the database based on the ID.

func (*Manager) UpdateGroupMeta 

func (m *Manager) UpdateGroupMeta(name string, update *pb.Group) error

UpdateGroupMeta updates metadata within the group. Certain information is not mutable and so that information is not merged in.

func (*Manager) ValidateSecret 

func (m *Manager) ValidateSecret(ID string, secret string) error

ValidateSecret validates the identity of an entity by validating the authenticating entity with the secret.

type RefContext added in v0.0.12 

type RefContext struct {
	DB     db.DB
	Crypto crypto.EMCrypto
}

A RefContext is a container of references that are needed to bootstrap the tree manager and associated plugins.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.