gcs

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	BucketRoleAdmin         = "roles/storage.admin"
	BucketRoleOwner         = "roles/storage.legacyBucketOwner "
	BucketRoleReader        = "roles/storage.legacyBucketReader"
	BucketRoleWriter        = "roles/storage.legacyBucketWriter"
	BucketRoleObjectOwner   = "roles/storage.legacyObjectOwner"
	BucketRoleObjectReader  = "roles/storage.legacyObjectReader"
	BucketRoleObjectAdmin   = "roles/storage.objectAdmin"
	BucketRoleObjectCreator = "roles/storage.objectCreator"
	BucketRoleObjectViewer  = "roles/storage.objectViewer"

	AccountTypeUser           = "user"
	AccountTypeServiceAccount = "serviceAccount"
	AccountTypeGroup          = "group"
	AccountTypeDomain         = "domain"
)
View Source 
const (
	ResourceTypeBucket = "bucket"
)

Variables

View Source 
var (
	ErrInvalidPermissionConfig       = errors.New("invalid permission config type")
	ErrUnableToDecryptNilCredentials = errors.New("unable to decrypt nil credentials")

	ErrInvalidResourceType           = errors.New("invalid resource type")
	ErrUnableToEncryptNilCredentials = errors.New("unable to encrypt nil credentials")
	ErrInvalidCredentialsType        = errors.New("invalid credentials type")

	ErrNilProviderConfig    = errors.New("provider config can't be nil")
	ErrNilAppeal            = errors.New("appeal can't be nil")
	ErrNilResource          = errors.New("designated resource can't be nil")
	ErrProviderTypeMismatch = errors.New("provider type in the config and in the appeal don't match")
	ErrProviderURNMismatch  = errors.New("provider urn in the config and in the appeal don't match")

	ErrInvalidRole             = errors.New("invalid role")
	ErrPermissionAlreadyExists = errors.New("permission already exists")
)
View Source 
var (
	AllowedAccountTypes = []string{
		AccountTypeUser,
		AccountTypeServiceAccount,
		AccountTypeGroup,
		AccountTypeDomain,
	}
)

Functions

This section is empty.

Types

type Bucket 

type Bucket struct {
	Name string
}

type Config 

type Config struct {
	ProviderConfig *domain.ProviderConfig
	// contains filtered or unexported fields
}

func NewConfig 

func NewConfig(pc *domain.ProviderConfig, crypto domain.Crypto) *Config

type Credentials 

type Credentials struct {
	ServiceAccountKey string `json:"service_account_key" mapstructure:"service_account_key" validate:"required,base64"`
	ResourceName      string `json:"resource_name" mapstructure:"resource_name" validate:"required"`
}

func (*Credentials) Decrypt 

func (c *Credentials) Decrypt(decryptor domain.Decryptor) error

func (*Credentials) Encrypt 

func (c *Credentials) Encrypt(encryptor domain.Encryptor) error

type Crypto 

type Crypto interface {
	domain.Crypto
}

type GCSClient 

type GCSClient interface {
	GetBuckets(context.Context) ([]*Bucket, error)
	GrantBucketAccess(ctx context.Context, b Bucket, identity string, roleName iam.RoleName) error
	RevokeBucketAccess(ctx context.Context, b Bucket, identity string, roleName iam.RoleName) error
	ListAccess(context.Context, []*domain.Resource) (domain.MapResourceAccess, error)
}

type Permission 

type Permission string

type Provider 

type Provider struct {
	provider.UnimplementedClient
	provider.PermissionManager

	Clients map[string]GCSClient
	// contains filtered or unexported fields
}

func NewProvider 

func NewProvider(typeName string, crypto Crypto) *Provider

func (*Provider) CreateConfig 

func (p *Provider) CreateConfig(pc *domain.ProviderConfig) error

func (*Provider) GetAccountTypes 

func (p *Provider) GetAccountTypes() []string

func (*Provider) GetResources 

func (p *Provider) GetResources(ctx context.Context, pc *domain.ProviderConfig) ([]*domain.Resource, error)

func (*Provider) GetRoles 

func (p *Provider) GetRoles(pc *domain.ProviderConfig, resourceType string) ([]*domain.Role, error)

func (*Provider) GetType 

func (p *Provider) GetType() string

func (*Provider) GrantAccess 

func (p *Provider) GrantAccess(ctx context.Context, pc *domain.ProviderConfig, a domain.Grant) error

func (*Provider) ListAccess 

func (p *Provider) ListAccess(ctx context.Context, pc domain.ProviderConfig, resources []*domain.Resource) (domain.MapResourceAccess, error)

func (*Provider) RevokeAccess 

func (p *Provider) RevokeAccess(ctx context.Context, pc *domain.ProviderConfig, a domain.Grant) error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.