permissions

package

v0.0.54-rc4 Latest Latest Go to latest Published: Jan 5, 2026 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

gitlab.com/codebox4073715/codebox

Links

Open Source Insights

Documentation ¶

Index ¶

func AdminRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc
func AuthenticationRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc
func IPRateLimitedRoute(handler gin.HandlerFunc, callsPerPeriod int, defaultPeriodSeconds int) gin.HandlerFunc
func RunnerTokenAuthenticationRequired(handler gin.HandlerFunc) gin.HandlerFunc
func TemplateManagerRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AdminRequiredRoute ¶

func AdminRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc

Wrap a Gin handler to require that the user is an admin (superuser). If the user is not authenticated, returns 401 Unauthorized. If the user is authenticated but not an admin, returns 403 Forbidden. Otherwise, calls the original handler.

func AuthenticationRequiredRoute ¶

func AuthenticationRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc

Wrap a Gin handler to require that the user is authenticated. If the user is not authenticated, returns 401 Unauthorized. Otherwise, calls the original handler.

func IPRateLimitedRoute ¶

func IPRateLimitedRoute(
	handler gin.HandlerFunc,
	callsPerPeriod int,
	defaultPeriodSeconds int,
) gin.HandlerFunc

IPRateLimitedRoute wraps a Gin route handler with IP-based rate limiting.

The rate limit is enforced per client IP address and request path. Each incoming request creates a cache key with a time-based suffix and a TTL representing the rate-limit window.

TTL Calculation Algorithm:

Each request key is created with a base TTL equal to `periodSeconds` multiplied for the power of two the number of violations in last 24hrs
When the number of requests exceeds `callsPerPeriod`, a violation record is created

func RunnerTokenAuthenticationRequired ¶

func RunnerTokenAuthenticationRequired(handler gin.HandlerFunc) gin.HandlerFunc

Wrap a Gin handler to require that the request is authenticated using a valid runner token. The runner urls must contain the :runnerId parameter. If the token is missing or invalid, returns 401 Unauthorized. Otherwise, calls the original handler.

func TemplateManagerRequiredRoute ¶

func TemplateManagerRequiredRoute(handler gin.HandlerFunc) gin.HandlerFunc

Wrap a Gin handler to require that the user is a template manager. If the user is not authenticated, returns 401 Unauthorized. If the user is authenticated but not a template manager, returns 403 Forbidden. Otherwise, calls the original handler.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL