auth

package
v3.3.22+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 20, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package auth implements etcd authentication.

Index

Constants

View Source 
const (
	// StorePermsPrefix is the internal prefix of the storage layer dedicated to storing user data.
	StorePermsPrefix = "/2"

	// RootRoleName is the name of the ROOT role, with privileges to manage the cluster.
	RootRoleName = "root"

	// GuestRoleName is the name of the role that defines the privileges of an unauthenticated user.
	GuestRoleName = "guest"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Error 

type Error struct {
	Status int
	Errmsg string
}

func (Error) Error 

func (ae Error) Error() string

func (Error) HTTPStatus 

func (ae Error) HTTPStatus() int

type PasswordStore 

type PasswordStore interface {
	CheckPassword(user User, password string) bool
	HashPassword(password string) (string, error)
}

type Permissions 

type Permissions struct {
	KV RWPermission `json:"kv"`
}

func (Permissions) Grant 

func (p Permissions) Grant(n *Permissions) (Permissions, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (*Permissions) IsEmpty 

func (p *Permissions) IsEmpty() bool

func (Permissions) Revoke 

func (p Permissions) Revoke(n *Permissions) (Permissions, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type RWPermission 

type RWPermission struct {
	Read  []string `json:"read"`
	Write []string `json:"write"`
}

func (RWPermission) Grant 

func (rw RWPermission) Grant(n RWPermission) (RWPermission, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (RWPermission) HasAccess 

func (rw RWPermission) HasAccess(key string, write bool) bool

func (RWPermission) HasRecursiveAccess 

func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool

func (RWPermission) Revoke 

func (rw RWPermission) Revoke(n RWPermission) (RWPermission, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type Role 

type Role struct {
	Role        string       `json:"role"`
	Permissions Permissions  `json:"permissions"`
	Grant       *Permissions `json:"grant,omitempty"`
	Revoke      *Permissions `json:"revoke,omitempty"`
}

func (Role) HasKeyAccess 

func (r Role) HasKeyAccess(key string, write bool) bool

func (Role) HasRecursiveAccess 

func (r Role) HasRecursiveAccess(key string, write bool) bool

type Store 

type Store interface {
	AllUsers() ([]string, error)
	GetUser(name string) (User, error)
	CreateOrUpdateUser(user User) (out User, created bool, err error)
	CreateUser(user User) (User, error)
	DeleteUser(name string) error
	UpdateUser(user User) (User, error)
	AllRoles() ([]string, error)
	GetRole(name string) (Role, error)
	CreateRole(role Role) error
	DeleteRole(name string) error
	UpdateRole(role Role) (Role, error)
	AuthEnabled() bool
	EnableAuth() error
	DisableAuth() error
	PasswordStore
}

func NewStore 

func NewStore(server doer, timeout time.Duration) Store

type User 

type User struct {
	User     string   `json:"user"`
	Password string   `json:"password,omitempty"`
	Roles    []string `json:"roles"`
	Grant    []string `json:"grant,omitempty"`
	Revoke   []string `json:"revoke,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.