Documentation
¶
Index ¶
- Constants
- Variables
- func Auth(providers []security.HttpProvider, ...) gin.HandlerFunc
- func Authorize(obj string, act string, enforcer security.Enforcer) gin.HandlerFunc
- func AuthorizeAtLeastOnePerm(permChecks []apisecurity.PermCheck, enforcer security.Enforcer) gin.HandlerFunc
- func AuthorizeByID(act string, enforcer security.Enforcer) gin.HandlerFunc
- func AuthorizeOwnership(strategy security.OwnershipStrategy) gin.HandlerFunc
- func CacheControl() gin.HandlerFunc
- func Logger(logger zerolog.Logger, logBody bool, logBodyOnError bool) gin.HandlerFunc
- func OnlyAuth() gin.HandlerFunc
- func PreProcessBulk(configProvider config.ApiConfigProvider, addAuthor bool) func(c *gin.Context)
- func ProvideAuthorizedIds(act string, enforcer security.Enforcer, ...) gin.HandlerFunc
- func Recovery(logger zerolog.Logger) gin.HandlerFunc
- func ReloadEnforcerPolicyOnChange(enforcer security.Enforcer) gin.HandlerFunc
- func SessionAuth(db mongo.DbClient, configProvider config.ApiConfigProvider, ...) gin.HandlerFunc
- func SetAuthor() func(c *gin.Context)
- type CacheMiddlewareGetter
Constants ¶
const ( CacheControlHeaderKey = "Cache-Control" DefaultCacheControlHeaderValue = "public, no-cache" )
const AuthorizedIds = "authorized_ids"
const OwnedIds = "owned_ids"
Variables ¶
Functions ¶
func Auth ¶
func Auth(providers []security.HttpProvider, maintenanceAdapter config.MaintenanceAdapter, enforcer security.Enforcer) gin.HandlerFunc
Auth middleware uses http providers to authenticate user. It checks auth only if request contains credentials.
func Authorize ¶
Authorize determines if current subject has been authorized to take an action on an object. Use OnlyAuth middleware to only check if user is authenticated.
Note: if new user is created, then enforcer.LoadPolicy() should be called to reload security policies, it throws http.StatusForbidden otherwise!
func AuthorizeAtLeastOnePerm ¶
func AuthorizeAtLeastOnePerm( permChecks []apisecurity.PermCheck, enforcer security.Enforcer, ) gin.HandlerFunc
AuthorizeAtLeastOnePerm allows access if at least one PermCheck pair is permitted for the user
func AuthorizeByID ¶
func AuthorizeByID( act string, enforcer security.Enforcer, ) gin.HandlerFunc
AuthorizeByID determines if current subject has been authorized to take an action on a object by id.
func AuthorizeOwnership ¶
func AuthorizeOwnership(strategy security.OwnershipStrategy) gin.HandlerFunc
AuthorizeOwnership determines if current subject is the owner of an object.
func CacheControl ¶
func CacheControl() gin.HandlerFunc
CacheControl middleware adds default cache headers to response.
func OnlyAuth ¶
func OnlyAuth() gin.HandlerFunc
OnlyAuth determines if user is authenticated. Use Authorize middleware to check user permissions.
func PreProcessBulk ¶
func PreProcessBulk(configProvider config.ApiConfigProvider, addAuthor bool) func(c *gin.Context)
PreProcessBulk middleware checks if bulk has valid size and sets authorized user id to author field to bulk request body. Use it for create and update model endpoints.
func ProvideAuthorizedIds ¶
func ProvideAuthorizedIds( act string, enforcer security.Enforcer, provider apisecurity.OwnedObjectsProvider, ) gin.HandlerFunc
ProvideAuthorizedIds determines on which objects current subject has been authorized to take an action.
func Recovery ¶
func Recovery(logger zerolog.Logger) gin.HandlerFunc
Recovery recovers from any panics and if there was one it logs error and writes InternalServerError response.
func ReloadEnforcerPolicyOnChange ¶
func ReloadEnforcerPolicyOnChange(enforcer security.Enforcer) gin.HandlerFunc
ReloadEnforcerPolicyOnChange loads security policy if request changes policy.
func SessionAuth ¶
func SessionAuth(db mongo.DbClient, configProvider config.ApiConfigProvider, store sessions.Store) gin.HandlerFunc
SessionAuth returns a Session Authorization middleware. It checks session and retrieves user using provider. It checks auth only if session exists. Deprecated : don't use session.
Types ¶
type CacheMiddlewareGetter ¶
type CacheMiddlewareGetter struct {
// contains filtered or unexported fields
}
func NewCacheMiddlewareGetter ¶
func NewCacheMiddlewareGetter(defaultExpire time.Duration, getExpire func() time.Duration) *CacheMiddlewareGetter
func (*CacheMiddlewareGetter) Cache ¶
func (g *CacheMiddlewareGetter) Cache() gin.HandlerFunc
func (*CacheMiddlewareGetter) ClearCache ¶
func (g *CacheMiddlewareGetter) ClearCache(path string) gin.HandlerFunc
Source Files