pgmanager

package

v0.0.11 Latest Latest Go to latest Published: Feb 3, 2017 License: MIT Imports: 27 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jimmy-go/qra

Documentation ¶

Overview ¶

Package pgmanager contains a QRA manager for PostgreSQL.

MIT License ¶

Copyright (c) 2016 Angel Del Castillo ¶

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Package pgmanager contains a QRA manager for PostgreSQL.

This implementation has no flavor for permission structure. In the meanwhile
will be named "QRA PG A" flavor.

MIT License ¶

Copyright (c) 2016 Angel Del Castillo ¶

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Package pgmanager contains a QRA manager for PostgreSQL.

MIT License ¶

Copyright (c) 2016 Angel Del Castillo ¶

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Index ¶

Constants
Variables
func AESCBCDecrypt(key, ciphertext []byte) ([]byte, error)
func AESCBCEncrypt(key, plaintext []byte) ([]byte, error)
func Connect(driver, connectURL string) error
func MakePassword(l int) (string, error)
func Terminal(driver, connectURL string) error
type Authenticationer
- func (s *Authenticationer) Authenticate(ctx qra.Identity, password string, dst interface{}) error
- func (s *Authenticationer) Close(ctx qra.Identity) error
type Context
- func (c Context) Me() string
- func (c Context) Session(dst interface{}) error
type Designation
type Designationer
type Filter
type IdentityRevoke
type IdentitySimple
type NPE

Constants ¶

View Source

const (

	// PermSessionOn permission for session on web, terminal or others that developer
	// want to implement.
	PermSessionOn = "session-on"
	// PermIdentityCreate  _
	PermIdentityCreate = "identity-create"
	// PermIdentityEdit _
	PermIdentityEdit = "identity-edit"
	// PermIdentityDelete _
	PermIdentityDelete = "identity-delete"
	// PermRead _
	PermRead = "read"
	// PermWrite _
	PermWrite = "write"
	// PermDelete _
	PermDelete = "delete"
)

View Source

const (
	// PassMin defines the minimum length of a password.
	PassMin = 8

	// System defines identity username for SYSTEM.
	System = "system"

	// SessionDuration defines the duration for a session on database.
	// default 3 months.
	SessionDuration = time.Duration(24 * time.Hour * 30 * 3)

	// PermissionDuration defines the duration default for a permission.
	// default 1 year.
	PermissionDuration = time.Duration(24 * time.Hour * 365 * 1)

	// StatusActive permission status active.
	StatusActive = "active"
	// StatusInactive permission status inactive.
	StatusInactive = "inactive"
)

Variables ¶

View Source

var (

	// Db database for this manager.
	Db *sqlx.DB

	// I info log.
	I = log.New(os.Stdout, "[I] ", log.Lshortfile|log.Ltime|log.Ldate|log.Lmicroseconds)
	// E error log.
	E = log.New(os.Stderr, "[E] ", log.Lshortfile|log.Ltime|log.Ldate|log.Lmicroseconds)
)

Functions ¶

func AESCBCDecrypt ¶ added in v0.0.2

func AESCBCDecrypt(key, ciphertext []byte) ([]byte, error)

AESCBCDecrypt decrypts cipher text using AES CBC mode.

func AESCBCEncrypt ¶ added in v0.0.2

func AESCBCEncrypt(key, plaintext []byte) ([]byte, error)

AESCBCEncrypt encrypts using AES CBC mode. FIXME; padding plaintext and key.

func Connect ¶

func Connect(driver, connectURL string) error

Connect starts the manager.

func MakePassword ¶ added in v0.0.2

func MakePassword(l int) (string, error)

MakePassword generates a random password of l length.

func Terminal ¶ added in v0.0.2

func Terminal(driver, connectURL string) error

Terminal starts an infinite loop to read the user's input.

Types ¶

type Authenticationer ¶ added in v0.0.2

type Authenticationer struct{}

Authenticationer struct

func (*Authenticationer) Authenticate ¶ added in v0.0.2

func (s *Authenticationer) Authenticate(ctx qra.Identity, password string, dst interface{}) error

Authenticate makes login for Identity.

func (*Authenticationer) Close ¶ added in v0.0.2

func (s *Authenticationer) Close(ctx qra.Identity) error

Close deletes current session of Identity.

type Context ¶ added in v0.0.2

type Context struct {
	Username string
	Token    string
}

Context satisfies qra.Identity interface.

func (Context) Me ¶ added in v0.0.2

func (c Context) Me() string

Me method satisfies qra.Identity.

func (Context) Session ¶ added in v0.0.2

func (c Context) Session(dst interface{}) error

Session method satisfies qra.Identity.

type Designation ¶ added in v0.0.2

type Designation struct {
	ID              string `db:"id"`
	Identity        string `db:"identity"`
	Permission      []byte `db:"permission"`
	Resource        []byte `db:"resource"`
	IssuerID        string `db:"issuer_id"`
	IssuerSignature string `db:"issuer_signature"`
	ExpiresAt       string `db:"expires_at"`
}

Designation type from database.

type Designationer ¶ added in v0.0.2

type Designationer struct{}

Designationer struct

func (*Designationer) Allow ¶ added in v0.0.2

func (p *Designationer) Allow(ctx qra.Identity, password, permission, resource, dst string, expires time.Time) error

Allow method share permission from ctx to dst identity.

func (*Designationer) Revoke ¶ added in v0.0.2

func (p *Designationer) Revoke(ctx qra.Identity, password, permission, resource, dst string) error

Revoke method revokes a permission that ctx give to dst.

Every revoke operation verifies signed x509 encryption.

func (*Designationer) Search ¶ added in v0.0.2

func (p *Designationer) Search(ctx qra.Identity, v interface{}, filter string) error

Search method searchs permission-designation relations for Identity.

It doesn't validate permission signature because it would be CPU expensive. Every permission in database is view AS secure because Allow and Revoke methods do all the x509 operations.

if dst is nil then Search will act as "HasPermission" method.

format 1: permission:resource format 2: "designation.id" + "." + "designation.signature"

type Filter ¶ added in v0.0.3

type Filter struct {
	Permission string
	Resource   string
}

Filter struct.

type IdentityRevoke ¶ added in v0.0.2

type IdentityRevoke struct {
	ID        string `db:"id"`
	Signature []byte `db:"issuer_signature"`
}

IdentityRevoke selects ID and Signature for comparison.

type IdentitySimple ¶ added in v0.0.2

type IdentitySimple struct {
	ID       string `db:"id"`
	Password []byte `db:"password"`
}

IdentitySimple for identity retrieve.

type NPE ¶ added in v0.0.2

type NPE struct {
	ID         string `db:"id"`
	Name       string `db:"name"`
	Password   []byte `db:"password"`
	PrivateKey []byte `db:"private_key"`
	PublicKey  []byte `db:"public_key"`
}

NPE struct stands for Non-Person Entity.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL