Documentation
¶
Index ¶
- Constants
- Variables
- func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
- type CreatePolicyRequest
- func (*CreatePolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *CreatePolicyRequest) GetNamespace() string
- func (x *CreatePolicyRequest) GetRole() string
- func (x *CreatePolicyRequest) GetUsername() string
- func (*CreatePolicyRequest) ProtoMessage()
- func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
- func (x *CreatePolicyRequest) Reset()
- func (x *CreatePolicyRequest) String() string
- func (req *CreatePolicyRequest) Validate() error
- type Policy
- func (*Policy) Descriptor() ([]byte, []int)deprecated
- func (x *Policy) GetCreateAt() int64
- func (x *Policy) GetId() string
- func (x *Policy) GetSpec() *CreatePolicyRequest
- func (*Policy) ProtoMessage()
- func (x *Policy) ProtoReflect() protoreflect.Message
- func (x *Policy) Reset()
- func (x *Policy) String() string
- type PolicySet
- func (s *PolicySet) Add(item *Policy)
- func (*PolicySet) Descriptor() ([]byte, []int)deprecated
- func (x *PolicySet) GetItems() []*Policy
- func (s *PolicySet) GetPolicyByRole(role string) *Policy
- func (x *PolicySet) GetTotal() int64
- func (*PolicySet) ProtoMessage()
- func (x *PolicySet) ProtoReflect() protoreflect.Message
- func (x *PolicySet) Reset()
- func (s *PolicySet) Roles() (roles []string)
- func (x *PolicySet) String() string
- type QueryPolicyRequest
- func (*QueryPolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *QueryPolicyRequest) GetNamespace() string
- func (x *QueryPolicyRequest) GetPage() *request.PageRequest
- func (x *QueryPolicyRequest) GetRole() string
- func (x *QueryPolicyRequest) GetUsername() string
- func (*QueryPolicyRequest) ProtoMessage()
- func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
- func (x *QueryPolicyRequest) Reset()
- func (x *QueryPolicyRequest) String() string
- type RPCClient
- type RPCServer
- type Service
- type UnimplementedRPCServer
- type UnsafeRPCServer
- type ValidatePermissionRequest
- func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)deprecated
- func (x *ValidatePermissionRequest) GetAction() string
- func (x *ValidatePermissionRequest) GetNamespace() string
- func (x *ValidatePermissionRequest) GetResource() string
- func (x *ValidatePermissionRequest) GetService() string
- func (x *ValidatePermissionRequest) GetUsername() string
- func (*ValidatePermissionRequest) ProtoMessage()
- func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
- func (x *ValidatePermissionRequest) Reset()
- func (x *ValidatePermissionRequest) String() string
Constants ¶
View Source
const ( RPC_ValidatePermission_FullMethodName = "/keyauth_gp.policy.RPC/ValidatePermission" RPC_QueryPolicy_FullMethodName = "/keyauth_gp.policy.RPC/QueryPolicy" )
View Source
const (
AppName = "policy"
)
Variables ¶
View Source
var File_apps_policy_pb_policy_proto protoreflect.FileDescriptor
View Source
var RPC_ServiceDesc = grpc.ServiceDesc{ ServiceName: "keyauth_gp.policy.RPC", HandlerType: (*RPCServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "ValidatePermission", Handler: _RPC_ValidatePermission_Handler, }, { MethodName: "QueryPolicy", Handler: _RPC_QueryPolicy_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "apps/policy/pb/policy.proto", }
RPC_ServiceDesc is the grpc.ServiceDesc for RPC service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func RegisterRPCServer ¶
func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
Types ¶
type CreatePolicyRequest ¶
type CreatePolicyRequest struct {
// 用户名,针对哪一个用户.validate:"required" 参数必传
// @gotags: json:"username" bson:"username" validate:"required"
Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username" validate:"required"`
// 角色名称
// @gotags: json:"role" bson:"role" validate:"required"
Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role" bson:"role" validate:"required"`
// 空间:多条业务线
// @gotags: json:"namespace" bson:"namespace"
Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace" bson:"namespace"`
// contains filtered or unexported fields
}
PRBAC:基于策略的RBAC
func NewCreatePolicyRequest ¶
func NewCreatePolicyRequest() *CreatePolicyRequest
func (*CreatePolicyRequest) Descriptor
deprecated
func (*CreatePolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreatePolicyRequest.ProtoReflect.Descriptor instead.
func (*CreatePolicyRequest) GetNamespace ¶
func (x *CreatePolicyRequest) GetNamespace() string
func (*CreatePolicyRequest) GetRole ¶
func (x *CreatePolicyRequest) GetRole() string
func (*CreatePolicyRequest) GetUsername ¶
func (x *CreatePolicyRequest) GetUsername() string
func (*CreatePolicyRequest) ProtoMessage ¶
func (*CreatePolicyRequest) ProtoMessage()
func (*CreatePolicyRequest) ProtoReflect ¶
func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
func (*CreatePolicyRequest) Reset ¶
func (x *CreatePolicyRequest) Reset()
func (*CreatePolicyRequest) String ¶
func (x *CreatePolicyRequest) String() string
func (*CreatePolicyRequest) Validate ¶
func (req *CreatePolicyRequest) Validate() error
type Policy ¶
type Policy struct {
// 角色id
// @gotags: json:"id" bson:"_id"
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id" bson:"_id"`
// 角色创建时间
// @gotags: json:"create_at" bson:"create_at"
CreateAt int64 `protobuf:"varint,2,opt,name=create_at,json=createAt,proto3" json:"create_at" bson:"create_at"`
// 策略定义
// @gotags: json:"spec" bson:"spec"
Spec *CreatePolicyRequest `protobuf:"bytes,3,opt,name=spec,proto3" json:"spec" bson:"spec"`
// contains filtered or unexported fields
}
策略定义
func NewDefaultPolicy ¶
func NewDefaultPolicy() *Policy
func NewPolicy ¶
func NewPolicy(req *CreatePolicyRequest) (*Policy, error)
func (*Policy) Descriptor
deprecated
func (*Policy) GetCreateAt ¶
func (*Policy) GetSpec ¶
func (x *Policy) GetSpec() *CreatePolicyRequest
func (*Policy) ProtoMessage ¶
func (*Policy) ProtoMessage()
func (*Policy) ProtoReflect ¶
func (x *Policy) ProtoReflect() protoreflect.Message
type PolicySet ¶
type PolicySet struct {
// 总量
// @gotags: json:"id" bson:"_id"
Total int64 `protobuf:"varint,1,opt,name=total,proto3" json:"id" bson:"_id"`
// 列表
// @gotags: json:"items" bson:"items"
Items []*Policy `protobuf:"bytes,2,rep,name=items,proto3" json:"items" bson:"items"`
// contains filtered or unexported fields
}
func NewPolicySet ¶
func NewPolicySet() *PolicySet
func (*PolicySet) Descriptor
deprecated
func (*PolicySet) GetPolicyByRole ¶
GetPolicyByRole 根据role的名称查询Policy
func (*PolicySet) ProtoMessage ¶
func (*PolicySet) ProtoMessage()
func (*PolicySet) ProtoReflect ¶
func (x *PolicySet) ProtoReflect() protoreflect.Message
type QueryPolicyRequest ¶
type QueryPolicyRequest struct {
// 分页参数
// @gotags: json:"page"
Page *request.PageRequest `protobuf:"bytes,1,opt,name=page,proto3" json:"page"`
// 用户名:某个用户的policy
// @gotags: json:"username"
Username string `protobuf:"bytes,2,opt,name=username,proto3" json:"username"`
// 空间
// @gotags: json:"namespace"
Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace"`
// 角色名称
// @gotags: json:"role"
Role string `protobuf:"bytes,3,opt,name=role,proto3" json:"role"`
// contains filtered or unexported fields
}
func NewQueryPolicyRequest ¶
func NewQueryPolicyRequest() *QueryPolicyRequest
func (*QueryPolicyRequest) Descriptor
deprecated
func (*QueryPolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use QueryPolicyRequest.ProtoReflect.Descriptor instead.
func (*QueryPolicyRequest) GetNamespace ¶
func (x *QueryPolicyRequest) GetNamespace() string
func (*QueryPolicyRequest) GetPage ¶
func (x *QueryPolicyRequest) GetPage() *request.PageRequest
func (*QueryPolicyRequest) GetRole ¶
func (x *QueryPolicyRequest) GetRole() string
func (*QueryPolicyRequest) GetUsername ¶
func (x *QueryPolicyRequest) GetUsername() string
func (*QueryPolicyRequest) ProtoMessage ¶
func (*QueryPolicyRequest) ProtoMessage()
func (*QueryPolicyRequest) ProtoReflect ¶
func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
func (*QueryPolicyRequest) Reset ¶
func (x *QueryPolicyRequest) Reset()
func (*QueryPolicyRequest) String ¶
func (x *QueryPolicyRequest) String() string
type RPCClient ¶
type RPCClient interface {
ValidatePermission(ctx context.Context, in *ValidatePermissionRequest, opts ...grpc.CallOption) (*Policy, error)
QueryPolicy(ctx context.Context, in *QueryPolicyRequest, opts ...grpc.CallOption) (*PolicySet, error)
}
RPCClient is the client API for RPC service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewRPCClient ¶
func NewRPCClient(cc grpc.ClientConnInterface) RPCClient
type RPCServer ¶
type RPCServer interface {
ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error)
QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error)
// contains filtered or unexported methods
}
RPCServer is the server API for RPC service. All implementations must embed UnimplementedRPCServer for forward compatibility
type UnimplementedRPCServer ¶
type UnimplementedRPCServer struct {
}
UnimplementedRPCServer must be embedded to have forward compatible implementations.
func (UnimplementedRPCServer) QueryPolicy ¶
func (UnimplementedRPCServer) QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error)
func (UnimplementedRPCServer) ValidatePermission ¶
func (UnimplementedRPCServer) ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error)
type UnsafeRPCServer ¶
type UnsafeRPCServer interface {
// contains filtered or unexported methods
}
UnsafeRPCServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to RPCServer will result in compilation errors.
type ValidatePermissionRequest ¶
type ValidatePermissionRequest struct {
// 用户名
// @gotags: json:"username" bson:"username"
Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username"`
// 空间
// @gotags: json:"namespace" bson:"namespace"
Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace" bson:"namespace"`
// 服务
// @gotags: json:"service" bson:"service"
Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service" bson:"service"`
// 资源
// @gotags: json:"resource" bson:"resource"
Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource" bson:"resource"`
// 操作
// @gotags: json:"action" bson:"action"
Action string `protobuf:"bytes,4,opt,name=action,proto3" json:"action" bson:"action"`
// contains filtered or unexported fields
}
鉴权请求:用户能不能操作该资源--------> 这个用户在这个空间下面,对这个服务的 这个资源 有没有操作能力---------> 一次鉴权行为 用户:username;操作:action;资源:resource;哪一个空间:namespace;那个服务:service
func NewValidatePermissionRequest ¶
func NewValidatePermissionRequest() *ValidatePermissionRequest
func (*ValidatePermissionRequest) Descriptor
deprecated
func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)
Deprecated: Use ValidatePermissionRequest.ProtoReflect.Descriptor instead.
func (*ValidatePermissionRequest) GetAction ¶
func (x *ValidatePermissionRequest) GetAction() string
func (*ValidatePermissionRequest) GetNamespace ¶
func (x *ValidatePermissionRequest) GetNamespace() string
func (*ValidatePermissionRequest) GetResource ¶
func (x *ValidatePermissionRequest) GetResource() string
func (*ValidatePermissionRequest) GetService ¶
func (x *ValidatePermissionRequest) GetService() string
func (*ValidatePermissionRequest) GetUsername ¶
func (x *ValidatePermissionRequest) GetUsername() string
func (*ValidatePermissionRequest) ProtoMessage ¶
func (*ValidatePermissionRequest) ProtoMessage()
func (*ValidatePermissionRequest) ProtoReflect ¶
func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
func (*ValidatePermissionRequest) Reset ¶
func (x *ValidatePermissionRequest) Reset()
func (*ValidatePermissionRequest) String ¶
func (x *ValidatePermissionRequest) String() string
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.