Back to godoc.org

Package auth

v3.1.10+incompatible
Latest Go to latest

The latest major version is .

Published: Jul 14, 2017 | License: Apache-2.0 | Module: go.etcd.io/etcd

Overview

Package auth implements etcd authentication.

Index

Constants

const (
	// StorePermsPrefix is the internal prefix of the storage layer dedicated to storing user data.
	StorePermsPrefix = "/2"

	// RootRoleName is the name of the ROOT role, with privileges to manage the cluster.
	RootRoleName = "root"

	// GuestRoleName is the name of the role that defines the privileges of an unauthenticated user.
	GuestRoleName = "guest"
)

type Error

type Error struct {
	Status int
	Errmsg string
}

func (Error) Error

func (ae Error) Error() string

func (Error) HTTPStatus

func (ae Error) HTTPStatus() int

type PasswordStore

type PasswordStore interface {
	CheckPassword(user User, password string) bool
	HashPassword(password string) (string, error)
}

type Permissions

type Permissions struct {
	KV RWPermission `json:"kv"`
}

func (Permissions) Grant

func (p Permissions) Grant(n *Permissions) (Permissions, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (*Permissions) IsEmpty

func (p *Permissions) IsEmpty() bool

func (Permissions) Revoke

func (p Permissions) Revoke(n *Permissions) (Permissions, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type RWPermission

type RWPermission struct {
	Read  []string `json:"read"`
	Write []string `json:"write"`
}

func (RWPermission) Grant

func (rw RWPermission) Grant(n RWPermission) (RWPermission, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (RWPermission) HasAccess

func (rw RWPermission) HasAccess(key string, write bool) bool

func (RWPermission) HasRecursiveAccess

func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool

func (RWPermission) Revoke

func (rw RWPermission) Revoke(n RWPermission) (RWPermission, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type Role

type Role struct {
	Role        string       `json:"role"`
	Permissions Permissions  `json:"permissions"`
	Grant       *Permissions `json:"grant,omitempty"`
	Revoke      *Permissions `json:"revoke,omitempty"`
}

func (Role) HasKeyAccess

func (r Role) HasKeyAccess(key string, write bool) bool

func (Role) HasRecursiveAccess

func (r Role) HasRecursiveAccess(key string, write bool) bool

type Store

type Store interface {
	AllUsers() ([]string, error)
	GetUser(name string) (User, error)
	CreateOrUpdateUser(user User) (out User, created bool, err error)
	CreateUser(user User) (User, error)
	DeleteUser(name string) error
	UpdateUser(user User) (User, error)
	AllRoles() ([]string, error)
	GetRole(name string) (Role, error)
	CreateRole(role Role) error
	DeleteRole(name string) error
	UpdateRole(role Role) (Role, error)
	AuthEnabled() bool
	EnableAuth() error
	DisableAuth() error
	PasswordStore
}

func NewStore

func NewStore(server doer, timeout time.Duration) Store

type User

type User struct {
	User     string   `json:"user"`
	Password string   `json:"password,omitempty"`
	Roles    []string `json:"roles"`
	Grant    []string `json:"grant,omitempty"`
	Revoke   []string `json:"revoke,omitempty"`
}

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier