meta

package
v0.0.0-...-a046173 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2020 License: Apache-2.0 Imports: 4 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrFieldIncomplete = errors.New("incomplete fields")
	ErrEmptyStructure  = errors.New("empty structure")
)

define a set of errors

Functions

This section is empty.

Types

type Permission 

type Permission struct {
	// AuthorizedRoles defines roles that allow access to specified resource
	// Accepted type: non-empty string, *
	//      *: means any role, but visitors should have at least one role,
	//      non-empty string: specified role
	AuthorizedRoles []string `json:"authorized_roles" yaml:"authorized_roles"`
	// ForbiddenRoles defines roles that not allow access to specified resource
	// ForbiddenRoles has a higher priority than AuthorizedRoles
	// Accepted type: non-empty string, *
	//      *: means any role, but visitors should have at least one role,
	//      non-empty string: specified role
	//
	ForbiddenRoles []string `json:"forbidden_roles" yaml:"forbidden_roles"`
	// AllowAnyone has a higher priority than ForbiddenRoles/AuthorizedRoles
	// If set to true, anyone will be able to pass authentication.
	// Note that this will include people without any role.
	AllowAnyone bool `json:"allow_anyone" yaml:"allow_anyone"`
}

Permission is used to define permission control information

func (*Permission) IsGranted 

func (p *Permission) IsGranted(roles []string) (PermissionState, error)

IsGranted is used to determine whether the given role can pass the authentication of *Permission.

func (*Permission) IsValid 

func (p *Permission) IsValid() error

IsValid is used to test the validity of the Rule

type PermissionState 

type PermissionState uint8

PermissionState identifies the status of the permission 

const (
	// PermissionUnknown is an initial state, usually specified when an error occurs
	PermissionUnknown PermissionState = iota
	// PermissionGranted means permission is granted
	PermissionGranted
	// PermissionUngranted means permission is ungranted
	PermissionUngranted
	// PermissionNeglected means could not find the matching rule in the list of rules
	PermissionNeglected
)

func (PermissionState) IsGranted 

func (state PermissionState) IsGranted() bool

IsGranted is used to determine whether the current request is granted in a strict sense. Note that it only returns true when state equals PermissionGranted Because we recommend that you configure permissions for all possible requests to prevent forgetting to configure some addresses * If you want it to return true when PermissionNeglected as well, you should use IsLooselyGranted

func (PermissionState) IsLooselyGranted 

func (state PermissionState) IsLooselyGranted() bool

IsLooselyGranted is used to determine whether a request is authorized in a non-strict sense It returns true when state equals PermissionGranted or PermissionNeglected * This means if you forget to configure some addresses, they may be accessed by anyone.

func (PermissionState) IsNeglected 

func (state PermissionState) IsNeglected() bool

IsNeglected is used to determine if the current state is equal to PermissionNeglected PermissionNeglected means could not find the matching rule in the list of rules

func (PermissionState) String 

func (state PermissionState) String() string

type Permissions 

type Permissions []*Permission

Permissions is the set of Permission

type Query 

type Query Resource

Query defines the data structure of the query parameters

func (*Query) GetArguments 

func (query *Query) GetArguments() []string

GetArguments is used to convert the current argument to a string slice

type Resource 

type Resource struct {
	// Host defines the host of the resource, allowing wildcards to be used.
	Host string `json:"host" yaml:"host"`
	// Path defines the path of the resource, allowing wildcards to be used.
	Path string `json:"path" yaml:"path"`
	// Method defines the method of the resource, allowing wildcards to be used.
	Method string `json:"method" yaml:"method"`
}

Resource defines resources

func (*Resource) GetArguments 

func (r *Resource) GetArguments() []string

GetArguments is used to convert the current argument to a string slice

func (*Resource) IsValid 

func (r *Resource) IsValid() error

IsValid is used to test the validity of the Rule

func (*Resource) Match 

func (r *Resource) Match(query *Query) (bool, error)

Match is used to calculate whether the query matches the resource

type Rule 

type Rule struct {
	// The ID controls the priority of the rule.
	// The higher the ID means the higher the priority of the rule.
	// When a request is matched to more than one rule,
	// then authentication will only use the permission configuration for the rule with the highest ID value.
	// If there are multiple rules that are the largest ID, then one of them will be used randomly.
	ID          int `json:"id" yaml:"id"`
	*Resource   `yaml:",inline"`
	*Permission `yaml:",inline"`
}

Rule is used to define the relationship between "resource" and "permission"

func (*Rule) IsValid 

func (rule *Rule) IsValid() error

IsValid is used to test the validity of the Rule

type Rules 

type Rules []*Rule

Rules is the list of Rule

func (Rules) IsRolesGranted 

func (rules Rules) IsRolesGranted(roles []string) (PermissionState, error)

IsRolesGranted is used to determine whether the current role is admitted by the current rule.

func (Rules) IsValid 

func (rules Rules) IsValid() error

IsValid is used to test the validity of the Rule

func (Rules) String 

func (rules Rules) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.