README
¶
Interceptor module for client and server based on cerbos authorization
click here to view sample implementation using this interceptor module
Documentation
¶
Index ¶
- type CerbosConfig
- type CheckPolicy
- func (p *CheckPolicy) AddActions(action []string) *CheckPolicy
- func (p *CheckPolicy) AddPrinciple(principle string) *CheckPolicy
- func (p *CheckPolicy) AddRole(role string) *CheckPolicy
- func (p *CheckPolicy) AddScope(scope string) *CheckPolicy
- func (p *CheckPolicy) GetAction() []string
- func (p *CheckPolicy) GetPrinciple() string
- func (p *CheckPolicy) GetRole() string
- func (p *CheckPolicy) GetScope() string
- func (p *CheckPolicy) IsValid() bool
- func (p *CheckPolicy) Valid() (*Valid, error)
- type Valid
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CerbosConfig ¶
type CerbosConfig struct {
// contains filtered or unexported fields
}
func NewCerbosConfig ¶
func NewCerbosConfig(addr string) *CerbosConfig
func (*CerbosConfig) UnaryServerInterceptor ¶
func (c *CerbosConfig) UnaryServerInterceptor() grpc.UnaryServerInterceptor
type CheckPolicy ¶
type CheckPolicy struct {
// Kind string `json:"kind"`
Scope string `json:"scope"`
Role string `json:"role"`
Action []string `json:"actions"`
Principle string `json:"principle"`
}
role action scope resource PolicyPayload is the payload that is sent to the server in the metadata of the request to check if the user has the required permissions
func (*CheckPolicy) AddActions ¶
func (p *CheckPolicy) AddActions(action []string) *CheckPolicy
AddActions adds the actions to the CheckPolicy
func (*CheckPolicy) AddPrinciple ¶ added in v1.0.0
func (p *CheckPolicy) AddPrinciple(principle string) *CheckPolicy
AddPrinciple adds the principle to the CheckPolicy
func (*CheckPolicy) AddRole ¶
func (p *CheckPolicy) AddRole(role string) *CheckPolicy
AddKind adds the kind to the CheckPolicy
func (*CheckPolicy) AddScope ¶
func (p *CheckPolicy) AddScope(scope string) *CheckPolicy
AddScope adds the scope to the CheckPolicy
func (*CheckPolicy) GetAction ¶ added in v0.1.2
func (p *CheckPolicy) GetAction() []string
func (*CheckPolicy) GetPrinciple ¶ added in v1.0.0
func (p *CheckPolicy) GetPrinciple() string
func (*CheckPolicy) GetRole ¶ added in v0.1.2
func (p *CheckPolicy) GetRole() string
func (*CheckPolicy) GetScope ¶ added in v0.1.2
func (p *CheckPolicy) GetScope() string
func (*CheckPolicy) IsValid ¶
func (p *CheckPolicy) IsValid() bool
func (*CheckPolicy) Valid ¶
func (p *CheckPolicy) Valid() (*Valid, error)
type Valid ¶
type Valid struct {
CheckPolicy *CheckPolicy `json:"check_policy"`
}
Valid is for checking if all the fields are added to the CheckPolicy
func (*Valid) UnaryClientInterceptor ¶
func (v *Valid) UnaryClientInterceptor() grpc.UnaryClientInterceptor
UnaryClientInterceptor is a client interceptor that appends the scope, resource, role and actions to the metadata of the request use this function while dialing the server from client
conn, err := grpc.Dial(
"localhost:5565", grpc.WithInsecure(), grpc.WithUnaryInterceptor(interceptor.UnaryClientInterceptor()),
)
Source Files