authorization

package
v0.0.0-...-7662171 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 1, 2021 License: MIT Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Errors map[int]string = map[int]string{
	10310000: "Security.OnChange: fail",

	10310100: "SecurityATRZ.AddUser: user %v already exists",
	10300101: "SecurityATRZ.AddUser: Permission check fail",
	10300102: "SecurityATRZ.AddUser: Permission denied",

	10310200: "SecurityATRZ.SetUserAdmin: user %v does not exists",
	10300201: "SecurityATRZ.SetUserAdmin: Permission check fail",
	10300202: "SecurityATRZ.SetUserAdmin: Permission denied",

	10310300: "SecurityATRZ.DropUser: user %v does not exists",
	10300301: "SecurityATRZ.DropUser: Permission check fail",
	10300302: "SecurityATRZ.DropUser: Permission denied",

	10310400: "SecurityATRZ.UserRuleSet: user %v does not exists",
	10300401: "SecurityATRZ.UserRuleSet: Permission check fail",
	10300402: "SecurityATRZ.UserRuleSet: Permission denied",

	10310500: "SecurityATRZ.UserRuleDrop: user %v does not exists",
	10300501: "SecurityATRZ.UserRuleDrop: Permission check fail",
	10300502: "SecurityATRZ.UserRuleDrop: Permission denied",

	10310600: "StorageOnChangeFuncGenerator: fail generate json",
	10310601: "StorageOnChangeFuncGenerator: fail save data",

	10310700: "SecurityATRZ.StorageLoad: fail load data",
	10310701: "SecurityATRZ.StorageLoad: fail unmarshal data",

	10310800: "SecurityATRZ.Get: fail marshal",
	10310801: "SecurityATRZ.Get: fail unmarshal",
	10310802: "SecurityATRZ.Get: Permission check fail",
	10310803: "SecurityATRZ.Get: Permission denied",
}

Errors codes and description

View Source 
var WaitTimeout = time.Second * 5

Functions

func AddUserUseCluster 

func AddUserUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser, name string, isAdmin bool) (err *mft.Error)

func DropUserUseCluster 

func DropUserUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser, name string) (err *mft.Error)

func GenerateError 

func GenerateError(key int, a ...interface{}) *mft.Error

GenerateError -

func GenerateErrorE 

func GenerateErrorE(key int, err error, a ...interface{}) *mft.Error

GenerateErrorE -

func GenerateErrorForClusterUser 

func GenerateErrorForClusterUser(user cn.CapUser, key int, a ...interface{}) *mft.Error

GenerateError -

func GenerateErrorForClusterUserE 

func GenerateErrorForClusterUserE(user cn.CapUser, key int, err error, a ...interface{}) *mft.Error

GenerateError -

func SetUserAdminUseCluster 

func SetUserAdminUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser, name string, isAdmin bool) (err *mft.Error)

func StorageOnChangeFuncGenerator 

func StorageOnChangeFuncGenerator(s storage.Storage, file string) func(sec *SecurityATRZ) (err *mft.Error)

func UserRuleDropUseCluster 

func UserRuleDropUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser, name string, objectType string, action string, objectName string) (err *mft.Error)

func UserRuleSetUseCluster 

func UserRuleSetUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser, name string, objectType string, action string, objectName string, allowed bool) (err *mft.Error)

Types

type AddUserRequest 

type AddUserRequest struct {
	Name    string `json:"name"`
	IsAdmin bool   `json:"is_admin"`
}

type SecurityATRZ 

type SecurityATRZ struct {
	Users map[string]*User `json:"users"`

	// OnChange event func (send self)
	OnChangeFunc func(s *SecurityATRZ) (err *mft.Error) `json:"-"`

	// case nil then ignore
	CheckPermissionFunc func(ctx context.Context, user cn.CapUser, objectType string, action string, objectName string) (allowed bool, err *mft.Error) `json:"-"`
	// contains filtered or unexported fields
}

SecurityATRZ - authorization

func GetUseCluster 

func GetUseCluster(eac *cluster.ExternalAbstractCluster, user cn.CapUser) (sOut *SecurityATRZ, err *mft.Error)

func StorageLoad 

func StorageLoad(s storage.Storage, file string) (sec *SecurityATRZ, err *mft.Error)

func (*SecurityATRZ) AddUser 

func (s *SecurityATRZ) AddUser(ctx context.Context, user cn.CapUser, name string, isAdmin bool) (err *mft.Error)

func (*SecurityATRZ) AdditionalCallFuncInClusterFunc 

func (s *SecurityATRZ) AdditionalCallFuncInClusterFunc(ctx context.Context,
	cl cluster.Cluster, request *cluster.RequestBody) (responce *cluster.ResponceBody, ok bool)

func (*SecurityATRZ) CheckPermission 

func (s *SecurityATRZ) CheckPermission(ctx context.Context, user cn.CapUser, objectType string, action string, objectName string) (allowed bool, err *mft.Error)

func (*SecurityATRZ) CheckPermissionForInternal 

func (s *SecurityATRZ) CheckPermissionForInternal(ctx context.Context, user cn.CapUser, objectType string, action string, objectName string) (allowed bool, err *mft.Error)

func (*SecurityATRZ) DropUser 

func (s *SecurityATRZ) DropUser(ctx context.Context, user cn.CapUser, name string) (err *mft.Error)

func (*SecurityATRZ) Get 

func (s *SecurityATRZ) Get(ctx context.Context, user cn.CapUser) (sOut *SecurityATRZ, err *mft.Error)

func (*SecurityATRZ) OnChange 

func (s *SecurityATRZ) OnChange() (err *mft.Error)

func (*SecurityATRZ) SetUserAdmin 

func (s *SecurityATRZ) SetUserAdmin(ctx context.Context, user cn.CapUser, name string, isAdmin bool) (err *mft.Error)

func (*SecurityATRZ) UserRuleDrop 

func (s *SecurityATRZ) UserRuleDrop(ctx context.Context, user cn.CapUser, name string, objectType string, action string, objectName string) (err *mft.Error)

func (*SecurityATRZ) UserRuleSet 

func (s *SecurityATRZ) UserRuleSet(ctx context.Context, user cn.CapUser, name string, objectType string, action string, objectName string, allowed bool) (err *mft.Error)

type SetUserAdminRequest 

type SetUserAdminRequest struct {
	Name    string `json:"name"`
	IsAdmin bool   `json:"is_admin"`
}

type User 

type User struct {
	Name    string                                `json:"name"`
	IsAdmin bool                                  `json:"is_admin,omitempty"`
	Rules   map[string]map[string]map[string]bool `json:"rule"`
}

func (*User) Allow 

func (u *User) Allow(objectType string, action string, objectName string) bool

func (*User) AllowRow 

func (u *User) AllowRow(objectType string, action string, objectName string) bool

func (*User) Drop 

func (u *User) Drop(objectType string, action string, objectName string)

func (*User) Set 

func (u *User) Set(objectType string, action string, objectName string, value bool)

type UserRuleDropRequest 

type UserRuleDropRequest struct {
	Name       string `json:"name"`
	ObjectType string `json:"object_type"`
	Action     string `json:"action"`
	ObjectName string `json:"object_name"`
}

type UserRuleSetRequest 

type UserRuleSetRequest struct {
	Name       string `json:"name"`
	ObjectType string `json:"object_type"`
	Action     string `json:"action"`
	ObjectName string `json:"object_name"`
	Allowed    bool   `json:"allowed"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.