security

package
v0.0.0-...-080b9e8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 7, 2025 License: Apache-2.0 Imports: 2 Imported by: 5

Documentation

Index

Examples

Constants

View Source 
const (
	ActionIsAllowed = iota
	ActionIsConditional
	ActionIsDenied
)

Variables

This section is empty.

Functions

func IsActionAllowed 

func IsActionAllowed(rights []*types.UserRights, controller string, action string, index string, collection string) int

IsActionAllowed indicates whether an action is allowed, denied or conditional based on user rights provided as the first argument. An action is defined as a couple of action and controller (mandatory), plus an index and a collection(optional).

Example 
package main

import (
	"fmt"

	"github.com/kuzzleio/sdk-go/security"
	"github.com/kuzzleio/sdk-go/types"
)

func main() {
	userRights := []*types.UserRights{
		{Controller: "wow-controller", Action: "*", Index: "much-index", Collection: "very-collection", Value: "allowed"},
	}

	res := security.IsActionAllowed(userRights, "wow-controller", "such-action", "much-index", "very-collection")
	fmt.Println(res)
}

Types

type Profile 

type Profile struct {
	Id       string `json:"_id"`
	Policies []*types.Policy
}

func NewProfile 

func NewProfile(id string, policies []*types.Policy) *Profile

func (*Profile) ProfileToJson 

func (p *Profile) ProfileToJson() ([]byte, error)

type ProfileSearchResult 

type ProfileSearchResult struct {
	Aggregations json.RawMessage `json:"aggregations"`
	Hits         []*Profile
	Total        int `json:"total"`
	Fetched      int
	ScrollId     string `json:"scrollId"`
	// contains filtered or unexported fields
}

func (*ProfileSearchResult) Next 

func (psr *ProfileSearchResult) Next() (*ProfileSearchResult, error)

Next returns the next page of profiles

func (*ProfileSearchResult) Options 

func (sr *ProfileSearchResult) Options() types.QueryOptions

func (*ProfileSearchResult) Request 

func (sr *ProfileSearchResult) Request() *types.KuzzleRequest

func (*ProfileSearchResult) Response 

func (sr *ProfileSearchResult) Response() *types.KuzzleResponse

type Role 

type Role struct {
	Id          string `json:"_id"`
	Controllers map[string]*types.Controller
}

func NewRole 

func NewRole(id string, controllers *types.Controllers) *Role

func (*Role) RoleToJson 

func (r *Role) RoleToJson() ([]byte, error)

type RoleSearchResult 

type RoleSearchResult struct {
	Aggregations json.RawMessage `json:"aggregations"`
	Hits         []*Role
	Total        int `json:"total"`
	Fetched      int
	ScrollId     string `json:"scrollId"`
	// contains filtered or unexported fields
}

func (*RoleSearchResult) Next 

func (rsr *RoleSearchResult) Next() (*RoleSearchResult, error)

Next returns the next page of roles

func (*RoleSearchResult) Options 

func (sr *RoleSearchResult) Options() types.QueryOptions

func (*RoleSearchResult) Request 

func (sr *RoleSearchResult) Request() *types.KuzzleRequest

func (*RoleSearchResult) Response 

func (sr *RoleSearchResult) Response() *types.KuzzleResponse

type Security 

type Security struct {
	Kuzzle types.IKuzzle
}

func NewSecurity 

func NewSecurity(kuzzle types.IKuzzle) *Security

NewSecurity returns a new instance of Security

func (*Security) CreateCredentials 

func (s *Security) CreateCredentials(strategy, id string, body json.RawMessage, options types.QueryOptions) (json.RawMessage, error)

CreateCredentials create credentials of the specified strategy with given body infos.

func (*Security) CreateFirstAdmin 

func (s *Security) CreateFirstAdmin(body json.RawMessage, options types.QueryOptions) (json.RawMessage, error)

CreateFirstAdmin create credentials of the specified strategy with given body infos.

func (*Security) CreateOrReplaceProfile 

func (s *Security) CreateOrReplaceProfile(id string, body json.RawMessage, options types.QueryOptions) (*Profile, error)

CreateOrReplaceProfile creates or replaces (if _id matches an existing one) a profile with a list of policies.

func (*Security) CreateOrReplaceRole 

func (s *Security) CreateOrReplaceRole(id string, body json.RawMessage, options types.QueryOptions) (*Role, error)

CreateOrReplaceRole creates or replaces (if _id matches an existing one) a Role with a list of policies.

func (*Security) CreateProfile 

func (s *Security) CreateProfile(id string, body json.RawMessage, options types.QueryOptions) (*Profile, error)

CreateProfile creates or replaces (if _id matches an existing one) a profile with a list of policies.

func (*Security) CreateRestrictedUser 

func (s *Security) CreateRestrictedUser(body json.RawMessage, options types.QueryOptions) (json.RawMessage, error)

CreateRestrictedUser create credentials of the specified strategy with given body infos.

func (*Security) CreateRole 

func (s *Security) CreateRole(id string, body json.RawMessage, options types.QueryOptions) (*Role, error)

CreateRole creates or replaces (if _id matches an existing one) a Role with a list of policies.

func (*Security) CreateUser 

func (s *Security) CreateUser(body json.RawMessage, options types.QueryOptions) (json.RawMessage, error)

CreateUser creates or replaces (if _id matches an existing one) a User with a list of policies.

func (*Security) DeleteCredentials 

func (s *Security) DeleteCredentials(strategy, id string, options types.QueryOptions) error

DeleteCredentials delete credentials of the specified strategy with given body infos.

func (*Security) DeleteProfile 

func (s *Security) DeleteProfile(id string, options types.QueryOptions) (string, error)

DeleteProfile deletes (if _id matches an existing one) a Profile with a list of policies.

func (*Security) DeleteRole 

func (s *Security) DeleteRole(id string, options types.QueryOptions) (string, error)

DeleteRole creates or replaces (if _id matches an existing one) a Profile with a list of policies.

func (*Security) DeleteUser 

func (s *Security) DeleteUser(id string, options types.QueryOptions) (string, error)

DeleteUser deletes (if _id matches an existing one) a Profile with a list of policies.

func (*Security) GetAllCredentialFields 

func (s *Security) GetAllCredentialFields(options types.QueryOptions) (json.RawMessage, error)

GetAllCredentialFields gets an array of strategy's fieldnames for each strategies

Example 
package main

import (
	"fmt"

	"github.com/kuzzleio/sdk-go/kuzzle"
	"github.com/kuzzleio/sdk-go/protocol/websocket"
)

func main() {
	c := websocket.NewWebSocket("localhost:7512", nil)
	k, _ := kuzzle.NewKuzzle(c, nil)
	res, err := k.Security.GetAllCredentialFields(nil)

	if err != nil {
		fmt.Println(err.Error())
		return
	}

	fmt.Println(res)
}

func (*Security) GetCredentialFields 

func (s *Security) GetCredentialFields(strategy string, options types.QueryOptions) (json.RawMessage, error)

GetCredentialFields gets an array of strategy's fieldnames

Example 
package main

import (
	"fmt"

	"github.com/kuzzleio/sdk-go/kuzzle"
	"github.com/kuzzleio/sdk-go/protocol/websocket"
)

func main() {
	c := websocket.NewWebSocket("localhost:7512", nil)
	k, _ := kuzzle.NewKuzzle(c, nil)
	res, err := k.Security.GetCredentialFields("local", nil)

	if err != nil {
		fmt.Println(err.Error())
		return
	}

	fmt.Println(res)
}

func (*Security) GetCredentials 

func (s *Security) GetCredentials(strategy, id string, options types.QueryOptions) (json.RawMessage, error)

func (*Security) GetCredentialsByID 

func (s *Security) GetCredentialsByID(strategy, id string, options types.QueryOptions) (json.RawMessage, error)

GetCredentialsByID recover credentials from given strategy identified by given id

func (*Security) GetProfile 

func (s *Security) GetProfile(id string, options types.QueryOptions) (*Profile, error)

GetProfile fetch profile matching with given id

func (*Security) GetProfileMapping 

func (s *Security) GetProfileMapping(options types.QueryOptions) (json.RawMessage, error)

GetProfileMapping gets an array of strategy's fieldnames for each strategies

func (*Security) GetProfileRights 

func (s *Security) GetProfileRights(id string, options types.QueryOptions) (json.RawMessage, error)

GetProfileRights gets rights for given profile id

func (*Security) GetRole 

func (s *Security) GetRole(id string, options types.QueryOptions) (*Role, error)

func (*Security) GetRoleMapping 

func (s *Security) GetRoleMapping(options types.QueryOptions) (json.RawMessage, error)

GetRoleMapping gets mapping for Roles

func (*Security) GetUser 

func (s *Security) GetUser(id string, options types.QueryOptions) (*User, error)

func (*Security) GetUserMapping 

func (s *Security) GetUserMapping(options types.QueryOptions) (json.RawMessage, error)

GetUserMapping gets mapping for Users

func (*Security) GetUserRights 

func (s *Security) GetUserRights(id string, options types.QueryOptions) (json.RawMessage, error)

GetUserRights gets rights for given profile id

func (*Security) HasCredentials 

func (s *Security) HasCredentials(strategy, id string, options types.QueryOptions) (bool, error)

HasCredentials check the existence of the specified strategy credentials for the id

func (*Security) MDeleteCredentials 

func (s *Security) MDeleteCredentials(ids []string, options types.QueryOptions) ([]string, error)

MDeleteCredentials deletes all credentials matching with given ids

func (*Security) MDeleteRoles 

func (s *Security) MDeleteRoles(ids []string, options types.QueryOptions) ([]string, error)

MDeleteRoles deletes all roles matching with given ids

func (*Security) MDeleteUsers 

func (s *Security) MDeleteUsers(ids []string, options types.QueryOptions) ([]string, error)

MDeleteUsers deletes all users matching with given ids

func (*Security) MGetProfiles 

func (s *Security) MGetProfiles(ids []string, options types.QueryOptions) ([]*Profile, error)

MGetProfiles deletes all roles matching with given ids

func (*Security) MGetRoles 

func (s *Security) MGetRoles(ids []string, options types.QueryOptions) ([]*Role, error)

MGetRoles gets all roles matching with given ids

func (*Security) ReplaceUser 

func (s *Security) ReplaceUser(id string, content json.RawMessage, options types.QueryOptions) (*User, error)

ReplaceUser replaces the matching user with the given one

func (*Security) SearchProfiles 

func (s *Security) SearchProfiles(body json.RawMessage, options types.QueryOptions) (*ProfileSearchResult, error)

func (*Security) SearchRoles 

func (s *Security) SearchRoles(body json.RawMessage, options types.QueryOptions) (*RoleSearchResult, error)

SearchRoles returns the roles matching the given query

func (*Security) SearchUsers 

func (s *Security) SearchUsers(body json.RawMessage, options types.QueryOptions) (*UserSearchResult, error)

SearchUsers retrieves the users matching the given query

func (*Security) UpdateCredentials 

func (s *Security) UpdateCredentials(strategy string, kuid string, body json.RawMessage, options types.QueryOptions) error

UpdateCredentials updates credentials of the specified strategy for the given user.

Example 
package main

import (
	"fmt"

	"github.com/kuzzleio/sdk-go/kuzzle"
	"github.com/kuzzleio/sdk-go/protocol/websocket"
)

func main() {
	c := websocket.NewWebSocket("localhost:7512", nil)
	k, _ := kuzzle.NewKuzzle(c, nil)
	err := k.Security.UpdateCredentials("local", "someId", []byte(`{"body": "test"}`), nil)

	if err != nil {
		fmt.Println(err.Error())
		return
	}
}

func (*Security) UpdateProfile 

func (s *Security) UpdateProfile(id string, body json.RawMessage, options types.QueryOptions) (*Profile, error)

func (*Security) UpdateProfileMapping 

func (s *Security) UpdateProfileMapping(body json.RawMessage, options types.QueryOptions) error

func (*Security) UpdateRole 

func (s *Security) UpdateRole(id string, body json.RawMessage, options types.QueryOptions) (*Role, error)

func (*Security) UpdateRoleMapping 

func (s *Security) UpdateRoleMapping(body json.RawMessage, options types.QueryOptions) error

func (*Security) UpdateUser 

func (s *Security) UpdateUser(id string, body json.RawMessage, options types.QueryOptions) (*User, error)

func (*Security) UpdateUserMapping 

func (s *Security) UpdateUserMapping(body json.RawMessage, options types.QueryOptions) error

func (*Security) ValidateCredentials 

func (s *Security) ValidateCredentials(strategy string, kuid string, body json.RawMessage, options types.QueryOptions) (bool, error)

ValidateCredentials validates credentials of the specified strategy for the given user.

Example 
package main

import (
	"fmt"

	"github.com/kuzzleio/sdk-go/kuzzle"
	"github.com/kuzzleio/sdk-go/protocol/websocket"
)

func main() {
	c := websocket.NewWebSocket("localhost:7512", nil)
	k, _ := kuzzle.NewKuzzle(c, nil)
	res, err := k.Security.ValidateCredentials("local", "someId", []byte(`{"body": "test"}`), nil)

	if err != nil {
		fmt.Println(err.Error())
		return
	}

	fmt.Println(res)
}

type User 

type User struct {
	Id         string                 `json:"_id"`
	Content    map[string]interface{} `json:"_source"`
	ProfileIds []string
}

func NewUser 

func NewUser(id string, content *types.UserData) *User

type UserSearchResult 

type UserSearchResult struct {
	Aggregations json.RawMessage `json:"aggregations"`
	Hits         []*User
	Total        int `json:"total"`
	Fetched      int
	ScrollId     string `json:"scrollId"`
	// contains filtered or unexported fields
}

func (*UserSearchResult) Next 

func (usr *UserSearchResult) Next() (*UserSearchResult, error)

Next returns the next page of roles

func (*UserSearchResult) Options 

func (sr *UserSearchResult) Options() types.QueryOptions

func (*UserSearchResult) Request 

func (sr *UserSearchResult) Request() *types.KuzzleRequest

func (*UserSearchResult) Response 

func (sr *UserSearchResult) Response() *types.KuzzleResponse

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.