acl

package module
v0.0.0-...-d10489e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2016 License: BSD-2-Clause Imports: 4 Imported by: 35

README

postgresql-acl

acl Library

acl parses PostgreSQL's ACL syntax and returns a usable structure. Library documentation is available at https://godoc.org/github.com/sean-/postgresql-acl.

package main

import (
	"fmt"

	"github.com/sean-/postgresql-acl"
)

func structToString() acl.ACL {
	return acl.ACL{
		Role:         "foo",
		GrantedBy:    "bar",
		Privileges:   acl.Usage | acl.Create,
		GrantOptions: acl.Create,
	}
}

func stringToStruct() acl.Schema {
	// Parse an aclitem string
	aclitem, err := acl.Parse("foo=C*U/bar")
	if err != nil {
		panic(fmt.Sprintf("bad: %v", err))
	}

	// Verify that ACL permissions are appropriate for a schema type
	schema, err := acl.NewSchema(aclitem)
	if err != nil {
		panic(fmt.Sprintf("bad: %v", err))
	}

	return schema
}

func main() {
	fmt.Printf("ACL Struct to String: %+q\n", structToString().String())
	fmt.Printf("ACL String to Struct: %#v\n", stringToStruct().String())
}

ACL Struct to String: "foo=UC*/bar"
ACL String to Struct: "foo=UC*/bar"

Supported PostgreSQL aclitem Types

  • column permissions
  • database
  • domain
  • foreign data wrappers
  • foreign server
  • function
  • language
  • large object
  • schema
  • sequences
  • table
  • table space
  • type

Notes

The output from String() should match the ordering of characters in aclitem.

The target of each of these ACLs (e.g. schema name, table name, etc) is not contained within PostgreSQLs aclitem and it is expected this value is managed elsewhere in your object model.

Arrays of aclitem are supposed to be iterated over by the caller. For example:

const schema = "public"
var name, owner string
var acls []string
err := conn.QueryRow("SELECT n.nspname, pg_catalog.pg_get_userbyid(n.nspowner), COALESCE(n.nspacl, '{}'::aclitem[])::TEXT[] FROM pg_catalog.pg_namespace n WHERE n.nspname = $1", schema).Scan(&name, &owner, pq.Array(&acls))
if err == nil {
    for _, acl := range acls {
        acl, err = pgacl.NewSchema(acl)
        if err != nil {
            return err
        }
        // ...
    }
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ACL 

type ACL struct {
	Privileges   Privileges
	GrantOptions Privileges
	Role         string
	GrantedBy    string
}

ACL represents a single PostgreSQL `aclitem` entry.

func Parse 

func Parse(aclStr string) (ACL, error)

Parse parses a PostgreSQL aclitem string and returns an ACL

func (ACL) GetGrantOption 

func (a ACL) GetGrantOption(priv Privileges) bool

GetGrantOption returns true if the acl has the grant option set for the specified priviledge.

func (ACL) GetPrivilege 

func (a ACL) GetPrivilege(priv Privileges) bool

GetPriviledge returns true if the acl has the specified priviledge set.

func (ACL) String 

func (a ACL) String() string

String produces a PostgreSQL aclitem-compatible string

type Column 

type Column struct {
	ACL
}

Column models the privileges of a column aclitem

func NewColumn 

func NewColumn(acl ACL) (Column, error)

NewColumn parses an ACL object and returns a Column object.

type Database 

type Database struct {
	ACL
}

Database models the privileges of a database aclitem

func NewDatabase 

func NewDatabase(acl ACL) (Database, error)

NewDatabase parses an ACL object and returns a Database object.

type Domain 

type Domain struct {
	ACL
}

Domain models the privileges of a domain aclitem

func NewDomain 

func NewDomain(acl ACL) (Domain, error)

NewDomain parses an ACL object and returns a Domain object.

type ForeignDataWrapper 

type ForeignDataWrapper struct {
	ACL
}

ForeignDataWrapper models the privileges of a domain aclitem

func NewForeignDataWrapper 

func NewForeignDataWrapper(acl ACL) (ForeignDataWrapper, error)

NewForeignDataWrapper parses an ACL object and returns a ForeignDataWrapper object.

type ForeignServer 

type ForeignServer struct {
	ACL
}

ForeignServer models the privileges of a foreign server aclitem

func NewForeignServer 

func NewForeignServer(acl ACL) (ForeignServer, error)

NewForeignServer parses an ACL object and returns a ForeignServer object.

type Function 

type Function struct {
	ACL
}

Function models the privileges of a function aclitem

func NewFunction 

func NewFunction(acl ACL) (Function, error)

NewFunction parses an ACL object and returns a Function object.

type Language 

type Language struct {
	ACL
}

Language models the privileges of a language aclitem

func NewLanguage 

func NewLanguage(acl ACL) (Language, error)

NewLanguage parses an ACL object and returns a Language object.

type LargeObject 

type LargeObject struct {
	ACL
}

LargeObject models the privileges of a large object aclitem

func NewLargeObject 

func NewLargeObject(acl ACL) (LargeObject, error)

NewLargeObject parses an ACL object and returns a LargeObject object.

type Privileges 

type Privileges uint16

Privileges represents a PostgreSQL ACL bitmask 

const (
	NoPrivs Privileges = 0

	// Ordering taken from postgresql/src/include/nodes/parsenodes.h
	Insert Privileges = 1 << iota
	Select
	Update
	Delete
	Truncate
	References
	Trigger
	Execute
	Usage
	Create
	Temporary
	Connect
)

See postgresql/src/include/utils/acl.h for inspiration. Like PostgreSQL, "rights" refer to the combined grant option and privilege bits fields.

type Schema 

type Schema struct {
	ACL
}

Schema models the privileges of a schema aclitem

func NewSchema 

func NewSchema(acl ACL) (Schema, error)

NewSchema parses an ACL object and returns a Schema object.

func (Schema) Grants 

func (s Schema) Grants(target string) []string

Grants returns a list of SQL queries that constitute the privileges specified in the receiver for the target schema.

func (Schema) Merge 

func (s Schema) Merge(x Schema) Schema

Merge adds the argument's attributes to the receiver for values that are composable or not set and returns a new Schema object with the resulting values. Be careful with the role "" which is implicitly interpreted as the PUBLIC role.

func (Schema) Revokes 

func (s Schema) Revokes(target string) []string

Revokes returns a list of SQL queries that remove the privileges specified in the receiver from the target schema.

type Sequence 

type Sequence struct {
	ACL
}

Sequence models the privileges of a sequence aclitem

func NewSequence 

func NewSequence(acl ACL) (Sequence, error)

NewSequence parses a PostgreSQL ACL string for a sequence and returns a Sequence object

type Table 

type Table struct {
	ACL
}

Table models the privileges of a table aclitem

func NewTable 

func NewTable(acl ACL) (Table, error)

NewTable parses a PostgreSQL ACL string for a table and returns a Table object

type Tablespace 

type Tablespace struct {
	ACL
}

Tablespace models the privileges of a tablespace aclitem

func NewTablespace 

func NewTablespace(acl ACL) (Tablespace, error)

NewTablespace parses an ACL object and returns a Tablespace object.

type Type 

type Type struct {
	ACL
}

Type models the privileges of a type aclitem

func NewType 

func NewType(acl ACL) (Type, error)

NewType parses an ACL object and returns a Type object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.