auth

package

v2.7.7 Latest Latest Go to latest Published: Mar 13, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pachyderm/pachyderm

Links

Open Source Insights

Documentation ¶

Index ¶

func CreateAuthTokensTable(ctx context.Context, tx *pachsql.Tx) error
type APIServer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateAuthTokensTable ¶

func CreateAuthTokensTable(ctx context.Context, tx *pachsql.Tx) error

CreateTokensTable sets up the postgres table which tracks active clusters

Types ¶

type APIServer ¶

type APIServer interface {
	auth.APIServer

	CheckClusterIsAuthorized(ctx context.Context, p ...auth.Permission) error
	CheckProjectIsAuthorized(context.Context, *pfs.Project, ...auth.Permission) error
	CheckRepoIsAuthorized(context.Context, *pfs.Repo, ...auth.Permission) error
	CheckClusterIsAuthorizedInTransaction(*txncontext.TransactionContext, ...auth.Permission) error
	CheckProjectIsAuthorizedInTransaction(*txncontext.TransactionContext, *pfs.Project, ...auth.Permission) error
	CheckRepoIsAuthorizedInTransaction(*txncontext.TransactionContext, *pfs.Repo, ...auth.Permission) error

	AuthorizeInTransaction(*txncontext.TransactionContext, *auth.AuthorizeRequest) (*auth.AuthorizeResponse, error)
	ModifyRoleBindingInTransaction(*txncontext.TransactionContext, *auth.ModifyRoleBindingRequest) (*auth.ModifyRoleBindingResponse, error)
	GetRoleBindingInTransaction(*txncontext.TransactionContext, *auth.GetRoleBindingRequest) (*auth.GetRoleBindingResponse, error)

	// Methods to add and remove pipelines from input and output repos. These do their own auth checks
	// for specific permissions required to use a repo as a pipeline input/output.
	AddPipelineReaderToRepoInTransaction(*txncontext.TransactionContext, *pfs.Repo, *pps.Pipeline) error
	AddPipelineWriterToRepoInTransaction(*txncontext.TransactionContext, *pps.Pipeline) error
	AddPipelineWriterToSourceRepoInTransaction(*txncontext.TransactionContext, *pfs.Repo, *pps.Pipeline) error
	RemovePipelineReaderFromRepoInTransaction(*txncontext.TransactionContext, *pfs.Repo, *pps.Pipeline) error

	// Create and Delete are internal-only APIs used by other services when creating/destroying resources.
	CreateRoleBindingInTransaction(*txncontext.TransactionContext, string, []string, *auth.Resource) error
	DeleteRoleBindingInTransaction(*txncontext.TransactionContext, *auth.Resource) error

	// GetPipelineAuthTokenInTransaction is an internal API used by PPS to generate tokens for pipelines
	GetPipelineAuthTokenInTransaction(*txncontext.TransactionContext, *pps.Pipeline) (string, error)
	RevokeAuthTokenInTransaction(*txncontext.TransactionContext, *auth.RevokeAuthTokenRequest) (*auth.RevokeAuthTokenResponse, error)

	GetPermissionsInTransaction(*txncontext.TransactionContext, *auth.GetPermissionsRequest) (*auth.GetPermissionsResponse, error)
}

APIServer is the internal interface for other services to call this one. This includes all the public RPC methods and additional internal-only methods for use within pachd. These methods *do not* check that a user is authorized unless otherwise noted.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmds
server
testing

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL