domain

package
v0.0.0-...-156699b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2023 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SubVarNamePrefix = "sub_"
	ObjVarNamePrefix = "obj_"
	EnvVarNamePrefix = "env_"
)
View Source 
const DefaultEvalResult = EvalResultDenied

Variables

View Source 
var (
	ErrInvalidOperation    = errors.New("expression operation invalid")
	ErrInvalidVariableName = errors.New("expression variable name invalid")
	ErrInvalidNode         = errors.New("expression nodes must be literals, variable names or supported operations")
	ErrParsing             = errors.New("not an expression")
)
View Source 
var (
	RootResource = Resource{resourceId{"", "root"}, nil}
)

Functions

This section is empty.

Types

type AdministrationResp 

type AdministrationResp struct {
	Error error
}

type Attribute 

type Attribute struct {
	// contains filtered or unexported fields
}

func NewAttribute 

func NewAttribute(id AttributeId, kind AttributeKind, value interface{}) (*Attribute, error)

func (Attribute) Kind 

func (attr Attribute) Kind() AttributeKind

func (Attribute) Name 

func (attr Attribute) Name() string

func (Attribute) Value 

func (attr Attribute) Value() interface{}

type AttributeId 

type AttributeId struct {
	// contains filtered or unexported fields
}

func NewAttributeId 

func NewAttributeId(name string) (*AttributeId, error)

func (AttributeId) Name 

func (attr AttributeId) Name() string

type AttributeKind 

type AttributeKind int64
const (
	Int64 AttributeKind = iota
	Float64
	String
	Bool
)

type AuthorizationReq 

type AuthorizationReq struct {
	Subject,
	Object Resource
	PermissionName string
	Env            []Attribute
}

type AuthorizationResp 

type AuthorizationResp struct {
	Authorized bool
	Error      error
}

type Condition 

type Condition struct {
	// contains filtered or unexported fields
}

func NewCondition 

func NewCondition(expression string) (*Condition, error)

func (Condition) Eval 

func (c Condition) Eval(sub, obj, env []Attribute) bool

func (Condition) Expression 

func (c Condition) Expression() string

func (Condition) IsEmpty 

func (c Condition) IsEmpty() bool

type CreateInheritanceRelReq 

type CreateInheritanceRelReq struct {
	From Resource
	To   Resource
}

type CreatePolicyReq 

type CreatePolicyReq struct {
	SubjectScope,
	ObjectScope Resource
	Permission Permission
}

type CreateResourceReq 

type CreateResourceReq struct {
	Resource Resource
}

type DeleteAttributeReq 

type DeleteAttributeReq struct {
	Resource    Resource
	AttributeId AttributeId
}

type DeleteInheritanceRelReq 

type DeleteInheritanceRelReq struct {
	From Resource
	To   Resource
}

type DeletePolicyReq 

type DeletePolicyReq struct {
	SubjectScope,
	ObjectScope Resource
	Permission Permission
}

type DeleteResourceReq 

type DeleteResourceReq struct {
	Resource Resource
}

type EvalResult 

type EvalResult int
const (
	EvalResultAllowed EvalResult = iota
	EvalResultDenied
	EvalResultNonEvaluative
)

type GetApplicablePoliciesReq 

type GetApplicablePoliciesReq struct {
	Subject Resource
}

type GetApplicablePoliciesResp 

type GetApplicablePoliciesResp struct {
	Policies []Policy
	Error    error
}

type GetAttributeReq 

type GetAttributeReq struct {
	Resource Resource
}

type GetAttributeResp 

type GetAttributeResp struct {
	Attributes []Attribute
	Error      error
}

type GetGrantedPermissionsReq 

type GetGrantedPermissionsReq struct {
	Subject Resource
	Env     []Attribute
}

type GetGrantedPermissionsResp 

type GetGrantedPermissionsResp struct {
	Permissions []GrantedPermission
	Error       error
}

type GetPermissionHierarchyReq 

type GetPermissionHierarchyReq struct {
	Subject,
	Object Resource
	PermissionName string
}

type GetPermissionHierarchyResp 

type GetPermissionHierarchyResp struct {
	Hierarchy PermissionHierarchy
	Error     error
}

type GetResourceReq 

type GetResourceReq struct {
	Resource Resource
}

type GetResourceResp 

type GetResourceResp struct {
	Resource *Resource
	Error    error
}

type GrantedPermission 

type GrantedPermission struct {
	PermissionName string
	Object         Resource
}

type Permission 

type Permission struct {
	// contains filtered or unexported fields
}

func NewPermission 

func NewPermission(name string, kind PermissionKind, condition Condition) (*Permission, error)

func (Permission) Condition 

func (p Permission) Condition() Condition

func (Permission) Kind 

func (p Permission) Kind() PermissionKind

func (Permission) Name 

func (p Permission) Name() string

type PermissionEvalRequest 

type PermissionEvalRequest struct {
	Subject []Attribute
	Object  []Attribute
	Env     []Attribute
}

type PermissionHierarchy 

type PermissionHierarchy map[PermissionPriority]PermissionObjHierarchy

func (PermissionHierarchy) Eval 

func (hierarchy PermissionHierarchy) Eval(req PermissionEvalRequest) EvalResult

type PermissionKind 

type PermissionKind int
const (
	PermissionKindAllow PermissionKind = iota
	PermissionKindDeny
)

type PermissionLevel 

type PermissionLevel []Permission

type PermissionObjHierarchy 

type PermissionObjHierarchy map[PermissionPriority]PermissionLevel

type PermissionPriority 

type PermissionPriority int

type Policy 

type Policy struct {
	PermissionName string
	Subject,
	Object Resource
}

type PutAttributeReq 

type PutAttributeReq struct {
	Resource  Resource
	Attribute Attribute
}

type RHABACRepo 

type RHABACRepo interface {
	CreateResource(req CreateResourceReq) AdministrationResp
	DeleteResource(req DeleteResourceReq) AdministrationResp
	GetResource(req GetResourceReq) GetResourceResp
	PutAttribute(req PutAttributeReq) AdministrationResp
	DeleteAttribute(req DeleteAttributeReq) AdministrationResp
	CreateInheritanceRel(req CreateInheritanceRelReq) AdministrationResp
	DeleteInheritanceRel(req DeleteInheritanceRelReq) AdministrationResp
	CreatePolicy(req CreatePolicyReq) AdministrationResp
	DeletePolicy(req DeletePolicyReq) AdministrationResp
	GetPermissionHierarchy(req GetPermissionHierarchyReq) GetPermissionHierarchyResp
	GetApplicablePolicies(req GetApplicablePoliciesReq) GetApplicablePoliciesResp
}

type Resource 

type Resource struct {
	Attributes []Attribute
	// contains filtered or unexported fields
}

func NewResource 

func NewResource(id, kind string) (*Resource, error)

func NewResourceFromName 

func NewResourceFromName(name string) (*Resource, error)

func (Resource) Id 

func (r Resource) Id() string

func (Resource) Kind 

func (r Resource) Kind() string

func (Resource) Name 

func (r Resource) Name() string

func (Resource) SetId 

func (r Resource) SetId(id string)

func (Resource) SetKind 

func (r Resource) SetKind(kind string)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.