admin

package

v1.1.8 Latest Latest Go to latest Published: Jun 15, 2026 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nself-org/cli

Links

Open Source Insights

Documentation ¶

Overview ¶

Package admin provides admin dashboard support: audit logging, ACL, multi-project management, and remote connect helpers.

Index ¶

Constants
func AdminURL(localPort int, project string) string
func AlertRules() []alerts.AlertRule
func BootstrapSession(localPort int, token string) error
func CheckACLSQL() string
func EnsureRemoteAdmin(ctx context.Context, user, host string, port int) error
func HashBody(body []byte) string
func InsertAuditSQL() string
func ListProjectsForUserSQL() string
func MigrationAdminACL() string
func MigrationAdminAudit() string
func NewSessionToken() (string, error)
func OpenBrowser(url string) error
func OpenTunnel(ctx context.Context, opts ConnectOpts) (*exec.Cmd, error)
func SeedOperatorSQL(email, project string) string
func SeedOwnerSQL(email string) string
func ShouldAudit(method string, readSampleRate float64) bool
func VerifySSHKey(ctx context.Context, user, host string, port int) error
type ACLEntry
type AuditEntry
type ConnectOpts

Constants ¶

View Source

const (
	RoleOwner    = "owner"
	RoleOperator = "operator"
	RoleViewer   = "viewer"
)

ACLRole constants.

View Source

const DefaultReadSampleRate = 0.01

DefaultReadSampleRate is 1 % for read-only requests.

Variables ¶

This section is empty.

Functions ¶

func AdminURL ¶

func AdminURL(localPort int, project string) string

AdminURL builds the admin URL without embedding the session token. The token is delivered via BootstrapSession (POST /auth/bootstrap) before the browser is opened, so the URL itself never carries a credential.

func AlertRules ¶

func AlertRules() []alerts.AlertRule

AlertRules returns the two admin-specific Prometheus alert rules.

func BootstrapSession ¶ added in v1.1.8

func BootstrapSession(localPort int, token string) error

BootstrapSession delivers the session token to the admin server via a localhost-only POST to /auth/bootstrap. The server stores the token in memory and responds with an HttpOnly session cookie. Call this BEFORE OpenBrowser so the browser already has the cookie when it loads the admin UI.

func CheckACLSQL ¶

func CheckACLSQL() string

CheckACLSQL returns a query that resolves whether a user may access a given project. It accounts for the wildcard ("*") entry.

func EnsureRemoteAdmin ¶

func EnsureRemoteAdmin(ctx context.Context, user, host string, port int) error

EnsureRemoteAdmin starts nself-admin on the remote host if it is not already running, via systemctl --user.

func HashBody ¶

func HashBody(body []byte) string

HashBody returns a hex-encoded SHA-256 hash of the request body. Returns empty string for nil or empty bodies.

func InsertAuditSQL ¶

func InsertAuditSQL() string

InsertAuditSQL returns the parameterised INSERT statement.

func ListProjectsForUserSQL ¶

func ListProjectsForUserSQL() string

ListProjectsForUserSQL returns all projects a user may access.

func MigrationAdminACL ¶

func MigrationAdminACL() string

MigrationAdminACL returns the SQL to create the admin_acl table. Roles: owner, operator, viewer. A wildcard project ("*") grants access to every project.

func MigrationAdminAudit ¶

func MigrationAdminAudit() string

MigrationAdminAudit returns the SQL to create the np_admin_audit table. Every admin write mutation creates one row. Read-only reads are sampled at 1 % to keep volume sane.

func NewSessionToken ¶

func NewSessionToken() (string, error)

NewSessionToken generates a cryptographically random session token.

func OpenBrowser ¶

func OpenBrowser(url string) error

OpenBrowser opens the admin URL in the user's default browser.

func OpenTunnel ¶

func OpenTunnel(ctx context.Context, opts ConnectOpts) (*exec.Cmd, error)

OpenTunnel starts an SSH tunnel: -L localPort:127.0.0.1:remotePort. It returns the started exec.Cmd so the caller can wait on it or kill it.

func SeedOperatorSQL ¶

func SeedOperatorSQL(email, project string) string

SeedOperatorSQL returns the INSERT for a single-project operator.

func SeedOwnerSQL ¶

func SeedOwnerSQL(email string) string

SeedOwnerSQL returns the INSERT for the wildcard owner row.

func ShouldAudit ¶

func ShouldAudit(method string, readSampleRate float64) bool

ShouldAudit determines whether a request should be logged based on method. All writes are logged. Reads are sampled at the given rate (0.0-1.0, default 0.01 = 1%).

func VerifySSHKey ¶

func VerifySSHKey(ctx context.Context, user, host string, port int) error

VerifySSHKey checks that key-based SSH auth works for the given host. Returns nil on success, an error describing the failure otherwise.

Types ¶

type ACLEntry ¶

type ACLEntry struct {
	UserEmail string
	Project   string
	Role      string
}

ACLEntry represents one row in admin_acl.

type AuditEntry ¶

type AuditEntry struct {
	ActorEmail string
	ActorIP    string
	Method     string
	Path       string
	BodyHash   string
	ResultCode int
	DurationMs int
	SessionID  string
}

AuditEntry represents a single row in np_admin_audit, used by the middleware and query helpers.

type ConnectOpts ¶

type ConnectOpts struct {
	Host       string
	User       string
	SSHPort    int
	LocalPort  int
	RemotePort int
	// AllProjects opens the switcher with every registered project.
	AllProjects bool
	// AsUser overrides the authenticated identity (for ACL testing).
	AsUser string
}

ConnectOpts holds all parameters for an admin remote connection.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL