acl

package

v0.0.1 Latest Latest Go to latest Published: Apr 29, 2023 License: BSD-3-Clause Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/digitalautonomy/grumble

Links

Open Source Insights

Documentation ¶

Overview ¶

Index ¶

Constants
func GroupMemberCheck(current *Context, acl *Context, name string, user User) (ok bool)
func HasPermission(ctx *Context, user User, perm Permission) bool
type ACL
- func (acl *ACL) IsChannelACL() bool
- func (acl *ACL) IsUserACL() bool
type Channel
type Context
- func (ctx *Context) GroupNames() []string
type Group
- func EmptyGroupWithName(name string) Group
type Permission
- func (perm Permission) Clean() Permission
- func (perm Permission) IsCached() bool
type User

Constants ¶

View Source

const (
	// Per-channel permissions
	NonePermission        = 0x0
	WritePermission       = 0x1
	TraversePermission    = 0x2
	EnterPermission       = 0x4
	SpeakPermission       = 0x8
	MuteDeafenPermission  = 0x10
	MovePermission        = 0x20
	MakeChannelPermission = 0x40
	LinkChannelPermission = 0x80
	WhisperPermission     = 0x100
	TextMessagePermission = 0x200
	TempChannelPermission = 0x400

	// Root channel only
	KickPermission         = 0x10000
	BanPermission          = 0x20000
	RegisterPermission     = 0x40000
	SelfRegisterPermission = 0x80000

	// Extra flags
	CachedPermission = 0x8000000
	AllPermissions   = 0xf07ff
)

Variables ¶

This section is empty.

Functions ¶

func GroupMemberCheck ¶

func GroupMemberCheck(current *Context, acl *Context, name string, user User) (ok bool)

GroupMemberCheck checks whether a user is a member of the group as defined in the given context.

The 'current' context is the context that group membership is currently being evaluated for.

The 'acl' context is the context of the ACL that that group membership is being evaluated for.

The acl context will always be either equal to current, or be an ancestor.

func HasPermission ¶

func HasPermission(ctx *Context, user User, perm Permission) bool

HasPermission checks whether the given user has permission perm in the given context. The permission perm must be a single permission and not a combination of permissions.

Types ¶

type ACL ¶

type ACL struct {
	// The user id that this ACL applied to. If this
	// field is -1, the ACL is a group ACL.
	UserId int
	// The group that this ACL applies to.
	Group string

	// The ApplyHere flag determines whether the ACL
	// should apply to the current channel.
	ApplyHere bool
	// The ApplySubs flag determines whethr the ACL
	// should apply to subchannels.
	ApplySubs bool

	// The allowed permission flags.
	Allow Permission
	// The allowed permission flags. The Deny flags override
	// permissions set in Allow.
	Deny Permission
}

An ACL as defined in an ACL context. An ACL can be defined for either a user or a group.

func (*ACL) IsChannelACL ¶

func (acl *ACL) IsChannelACL() bool

IsChannelACL returns true if the ACL is defined for a group, as opposed to a user.

func (*ACL) IsUserACL ¶

func (acl *ACL) IsUserACL() bool

IsUserACL returns true if the ACL is defined for a user, as opposed to a group.

type Channel ¶

type Channel interface {
	ChannelId() int
}

Channel represents a Channel on a Mumble server.

type Context ¶

type Context struct {
	// Parent points to the context's parent.
	// May be nil if the Context does not have a parent.
	Parent *Context

	// ACLs is the Context's list of ACL entries.
	ACLs []ACL

	// Groups is the Context's representation of groups.
	// It is indexed by the Group's name.
	Groups map[string]Group

	// InheritACL determines whether this context should
	// inherit ACLs from its parent.
	InheritACL bool
}

Context represents a context in which ACLs can be understood. Typically embedded into a type that represents a Mumble channel.

func (*Context) GroupNames ¶

func (ctx *Context) GroupNames() []string

GroupNames gets the list of group names for the given ACL context.

This function walks the through the context chain to figure out all groups that affect the given context whilst considering group inheritance.

type Group ¶

type Group struct {
	// The name of this group
	Name string

	// The inherit flag means that this group will inherit group
	// members from its parent.
	Inherit bool

	// The inheritable flag means that subchannels can
	// inherit the members of this group.
	Inheritable bool

	// Group adds permissions to these users
	Add map[int]bool
	// Group removes permissions from these users
	Remove map[int]bool
	// Temporary add (authenticators)
	Temporary map[int]bool
}

Group represents a Group in an Context.

func EmptyGroupWithName ¶

func EmptyGroupWithName(name string) Group

EmptyGroupWithName creates a new Group with the given name.

func (*Group) AddContains ¶

func (group *Group) AddContains(id int) (ok bool)

AddContains checks whether the Add set contains id.

func (*Group) AddUsers ¶

func (group *Group) AddUsers() []int

AddUsers gets the list of user ids in the Add set.

func (*Group) MembersInContext ¶

func (group *Group) MembersInContext(ctx *Context) map[int]bool

MembersInContext gets the set of user id's from the group in the given context. This includes group members that have been inherited from an ancestor context.

func (*Group) RemoveContains ¶

func (group *Group) RemoveContains(id int) (ok bool)

RemoveContains checks whether the Remove set contains id.

func (*Group) RemoveUsers ¶

func (group *Group) RemoveUsers() []int

RemoveUsers gets the list of user ids in the Remove set.

func (*Group) TemporaryContains ¶

func (group *Group) TemporaryContains(id int) (ok bool)

TemporaryContains checks whether the Temporary set contains id.

type Permission ¶

type Permission uint32

Permission represents a permission in Mumble's ACL system.

func (Permission) Clean ¶

func (perm Permission) Clean() Permission

Clean returns a Permission that has its cache bit cleared.

func (Permission) IsCached ¶

func (perm Permission) IsCached() bool

IsCached checks whether the ACL has its cache bit set, signalling that it was returned from an ACLCache.

type User ¶

type User interface {
	Session() uint32
	UserId() int

	CertHash() string
	Tokens() []string
	ACLContext() *Context
}

User represents a user on a Mumble server. The User interface represents the method set that must be implemented in order to check a user's permissions in an ACL context.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL