Documentation

Overview

    Package acl performs access control with ACL.

    Index

    Constants

    View Source
    const (
    	// new goma client client_id
    	// https://chromium.googlesource.com/infra/goma/client/+/70685d6cbb19c108d8abf2235edd2d02bed8dded/client/oauth2.cc#72
    	GomaClientClientID = "687418631491-r6m1c3pr0lth5atp4ie07f03ae8omefc.apps.googleusercontent.com"
    )

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type ACL

    type ACL struct {
    	Loader
    	Checker
    }

      ACL manages access control list.

      func (*ACL) Update

      func (a *ACL) Update(ctx context.Context) error

        Update loads acl by Loader and sets it to Checker.

        type AuthDB

        type AuthDB interface {
        	IsMember(ctx context.Context, email, group string) bool
        }

          AuthDB provides authentication database; user groups.

          type Checker

          type Checker struct {
          	AuthDB
          	account.Pool
          	// contains filtered or unexported fields
          }

            Checker checks token.

            func (*Checker) CheckToken

            func (c *Checker) CheckToken(ctx context.Context, token *oauth2.Token, tokenInfo *auth.TokenInfo) (string, *oauth2.Token, error)

              CheckToken checks token and returns group id and token used for backend API.

              func (*Checker) Set

              func (c *Checker) Set(ctx context.Context, config *pb.ACL) error

                Set sets config in the checker.

                type DefaultAllowlist

                type DefaultAllowlist struct{}

                  DefaultAllowlist is a loader to provide default allow list, which pass through EUC.

                  func (DefaultAllowlist) Load

                  func (DefaultAllowlist) Load(ctx context.Context) (*pb.ACL, error)

                  type FileLoader

                  type FileLoader struct {
                  	Filename string
                  }

                    FileLoader loads acl data from Filename.

                    func (FileLoader) Load

                    func (l FileLoader) Load(ctx context.Context) (*pb.ACL, error)

                      Loads loads acl stored as text proto in file.

                      type Loader

                      type Loader interface {
                      	Load(ctx context.Context) (*pb.ACL, error)
                      }

                        Loader loads acl data.

                        type StaticLoader

                        type StaticLoader struct {
                        	*pb.ACL
                        }

                          StaticLoader loads static acl data.

                          func (StaticLoader) Load

                          func (l StaticLoader) Load(ctx context.Context) (*pb.ACL, error)