Documentation
¶
Overview ¶
Package user contains structures and functions to manage users, their roles and permissions.
Index ¶
- Variables
- func Authenticate(email, password, file string) error
- func AuthenticateForRole(email, password, file string, roleType RoleType) error
- func Authorize(email, password, file, resource string) error
- func ChangePassword(email, password, newPassword, confirmPassword, file string) error
- func CreateUser(email, password, description, roleID, file, adminUsr, adminPwd string) error
- func ExpireUser(email string)
- func GetRoleIDFor(name string) (string, error)
- func ListRoles() map[string]interface{}
- type AccessPermissions
- type Configuration
- type FilePermission
- type Protocol
- type Role
- type RoleType
- type User
Constants ¶
This section is empty.
Variables ¶
var FilePermissionTable = make(map[string]map[string][]FilePermission)
FilePermissionTable is a map of UserID to a map of File to FilePermission
var RoleTable = make(map[string]Role)
RoleTable is a map of RoleID to Role
var UserTable = make(map[string]User)
UserTable is a map of user email to User
Functions ¶
func Authenticate ¶
Authenticate authenticates a user's credentials for access to the system.
func AuthenticateForRole ¶
AuthenticateForRole authenticates a user's credentials and then validates if the user is of a required role for that operation.
func ChangePassword ¶
ChangePassword changes the password for a user.
func CreateUser ¶
CreateUser creates a new user.
func ExpireUser ¶
func ExpireUser(email string)
ExpireUser sets the expiration date of the user to now.
func GetRoleIDFor ¶
GetRoleIDFor returns the RoleID for a RoleName
Types ¶
type AccessPermissions ¶
type AccessPermissions int
AccessPermissions is a enumeration constant for resource access permissions.
const ( // Read indicates read right Read AccessPermissions = iota // Write indicates write right Write // ReadWrite indicates both read and write right ReadWrite )
type Configuration ¶
Configuration represents userd configuration.
func NewConfig ¶
func NewConfig(file string) (*Configuration, error)
NewConfig builds a new Configuration by taking a file directory as an input. For e.g.
file:/etc/userd https://openspock.org/userd
func (*Configuration) InitRead ¶
func (c *Configuration) InitRead() error
InitRead initializes userd configuration.
1. init user conf 2. int fperm conf
func (*Configuration) WriteFP ¶
func (c *Configuration) WriteFP(fp *FilePermission) error
WriteFP writes a FilePermission to file permission conf file.
func (*Configuration) WriteRole ¶
func (c *Configuration) WriteRole(r *Role) error
WriteRole writes a role to the role conf file.
func (*Configuration) WriteUser ¶
func (c *Configuration) WriteUser(u *User) error
WriteUser writes a user to the user conf file.
type FilePermission ¶
type FilePermission struct {
File string
UserID string
Role Role
Assignment time.Time
Expiration time.Time
}
FilePermission represents permissions per file/ resource, per user.
Either UserID or Role is mandatory ¶
A file or resource can be identified with a URL. Examples - file:/etc/userd/user.conf https://openspock.org/userd/user.conf
FilePermissions are persisted in fperm.conf
type RoleType ¶
type RoleType int
RoleType helps define the type of a role that can be used by operations to ascertain that only users with certain roles can perform these operations.
type User ¶
type User struct {
UserID string
Salt string
Email string
Description string
Since time.Time
RoleID string
// contains filtered or unexported fields
}
User represents a user which requires authorization. Authentication is managed separately using FilePermission
Users are stored in user.conf
Source Files