Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
- type CreatePolicyRequest
- func (*CreatePolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *CreatePolicyRequest) GetNamespace() string
- func (x *CreatePolicyRequest) GetRole() string
- func (x *CreatePolicyRequest) GetUsername() string
- func (*CreatePolicyRequest) ProtoMessage()
- func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
- func (x *CreatePolicyRequest) Reset()
- func (x *CreatePolicyRequest) String() string
- func (req *CreatePolicyRequest) Validate() error
- type Policy
- func (*Policy) Descriptor() ([]byte, []int)deprecated
- func (x *Policy) GetCreateAt() int64
- func (x *Policy) GetId() string
- func (x *Policy) GetSpec() *CreatePolicyRequest
- func (*Policy) ProtoMessage()
- func (x *Policy) ProtoReflect() protoreflect.Message
- func (x *Policy) Reset()
- func (x *Policy) String() string
- type PolicySet
- func (s *PolicySet) Add(item *Policy)
- func (*PolicySet) Descriptor() ([]byte, []int)deprecated
- func (x *PolicySet) GetItems() []*Policy
- func (s *PolicySet) GetPolicyByRole(role string) *Policy
- func (x *PolicySet) GetTotal() int64
- func (*PolicySet) ProtoMessage()
- func (x *PolicySet) ProtoReflect() protoreflect.Message
- func (x *PolicySet) Reset()
- func (s *PolicySet) Roles() (roles []string)
- func (x *PolicySet) String() string
- type QueryPolicyRequest
- func (*QueryPolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *QueryPolicyRequest) GetNamespace() string
- func (x *QueryPolicyRequest) GetPage() *request.PageRequest
- func (x *QueryPolicyRequest) GetRole() string
- func (x *QueryPolicyRequest) GetUsername() string
- func (*QueryPolicyRequest) ProtoMessage()
- func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
- func (x *QueryPolicyRequest) Reset()
- func (x *QueryPolicyRequest) String() string
- type RPCClient
- type RPCServer
- type Service
- type UnimplementedRPCServer
- type UnsafeRPCServer
- type ValidatePermissionRequest
- func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)deprecated
- func (x *ValidatePermissionRequest) GetAction() string
- func (x *ValidatePermissionRequest) GetNamespace() string
- func (x *ValidatePermissionRequest) GetResource() string
- func (x *ValidatePermissionRequest) GetService() string
- func (x *ValidatePermissionRequest) GetUsername() string
- func (*ValidatePermissionRequest) ProtoMessage()
- func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
- func (x *ValidatePermissionRequest) Reset()
- func (x *ValidatePermissionRequest) String() string
Constants ¶
const ( RPC_ValidatePermission_FullMethodName = "/keyauth_g7.policy.RPC/ValidatePermission" RPC_QueryPolicy_FullMethodName = "/keyauth_g7.policy.RPC/QueryPolicy" )
const (
AppName = "policy"
)
Variables ¶
var File_apps_policy_pb_policy_proto protoreflect.FileDescriptor
var RPC_ServiceDesc = grpc.ServiceDesc{ ServiceName: "keyauth_g7.policy.RPC", HandlerType: (*RPCServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "ValidatePermission", Handler: _RPC_ValidatePermission_Handler, }, { MethodName: "QueryPolicy", Handler: _RPC_QueryPolicy_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "apps/policy/pb/policy.proto", }
RPC_ServiceDesc is the grpc.ServiceDesc for RPC service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func RegisterRPCServer ¶
func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
Types ¶
type CreatePolicyRequest ¶
type CreatePolicyRequest struct { // 用户名 // @gotags: json:"username" bson:"username" validate:"required" Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username" validate:"required"` // 角色名称 // @gotags: json:"role" bson:"role" Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role" bson:"role"` // 空间 // @gotags: json:"namespace" bson:"namespace" validate:"required" Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace" bson:"namespace" validate:"required"` // contains filtered or unexported fields }
PRBAC
func NewCreatePolicyRequest ¶
func NewCreatePolicyRequest() *CreatePolicyRequest
func (*CreatePolicyRequest) Descriptor
deprecated
func (*CreatePolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreatePolicyRequest.ProtoReflect.Descriptor instead.
func (*CreatePolicyRequest) GetNamespace ¶
func (x *CreatePolicyRequest) GetNamespace() string
func (*CreatePolicyRequest) GetRole ¶
func (x *CreatePolicyRequest) GetRole() string
func (*CreatePolicyRequest) GetUsername ¶
func (x *CreatePolicyRequest) GetUsername() string
func (*CreatePolicyRequest) ProtoMessage ¶
func (*CreatePolicyRequest) ProtoMessage()
func (*CreatePolicyRequest) ProtoReflect ¶
func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
func (*CreatePolicyRequest) Reset ¶
func (x *CreatePolicyRequest) Reset()
func (*CreatePolicyRequest) String ¶
func (x *CreatePolicyRequest) String() string
func (*CreatePolicyRequest) Validate ¶
func (req *CreatePolicyRequest) Validate() error
type Policy ¶
type Policy struct { // 角色id // @gotags: json:"id" bson:"_id" Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id" bson:"_id"` // 角色创建时间 // @gotags: json:"create_at" bson:"create_at" CreateAt int64 `protobuf:"varint,2,opt,name=create_at,json=createAt,proto3" json:"create_at" bson:"create_at"` // 策略定义 // @gotags: json:"spec" bson:"spec" Spec *CreatePolicyRequest `protobuf:"bytes,3,opt,name=spec,proto3" json:"spec" bson:"spec"` // contains filtered or unexported fields }
策略定义
func NewDefaultPolicy ¶
func NewDefaultPolicy() *Policy
func NewPolicy ¶
func NewPolicy(req *CreatePolicyRequest) (*Policy, error)
func (*Policy) Descriptor
deprecated
func (*Policy) GetCreateAt ¶
func (*Policy) GetSpec ¶
func (x *Policy) GetSpec() *CreatePolicyRequest
func (*Policy) ProtoMessage ¶
func (*Policy) ProtoMessage()
func (*Policy) ProtoReflect ¶
func (x *Policy) ProtoReflect() protoreflect.Message
type PolicySet ¶
type PolicySet struct { // 总量 // @gotags: json:"id" bson:"_id" Total int64 `protobuf:"varint,1,opt,name=total,proto3" json:"id" bson:"_id"` // 列表 // @gotags: json:"items" bson:"items" Items []*Policy `protobuf:"bytes,2,rep,name=items,proto3" json:"items" bson:"items"` // contains filtered or unexported fields }
func NewPolicySet ¶
func NewPolicySet() *PolicySet
func (*PolicySet) Descriptor
deprecated
func (*PolicySet) GetPolicyByRole ¶
根据Role名称查询集合里面的策略
func (*PolicySet) ProtoMessage ¶
func (*PolicySet) ProtoMessage()
func (*PolicySet) ProtoReflect ¶
func (x *PolicySet) ProtoReflect() protoreflect.Message
type QueryPolicyRequest ¶
type QueryPolicyRequest struct { // 分页参数 // @gotags: json:"page" Page *request.PageRequest `protobuf:"bytes,1,opt,name=page,proto3" json:"page"` // 用户名 // @gotags: json:"username" Username string `protobuf:"bytes,2,opt,name=username,proto3" json:"username"` // 空间 // @gotags: json:"namespace" Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace"` // 角色名称 // @gotags: json:"role" Role string `protobuf:"bytes,3,opt,name=role,proto3" json:"role"` // contains filtered or unexported fields }
func NewQueryPolicyRequest ¶
func NewQueryPolicyRequest() *QueryPolicyRequest
func (*QueryPolicyRequest) Descriptor
deprecated
func (*QueryPolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use QueryPolicyRequest.ProtoReflect.Descriptor instead.
func (*QueryPolicyRequest) GetNamespace ¶
func (x *QueryPolicyRequest) GetNamespace() string
func (*QueryPolicyRequest) GetPage ¶
func (x *QueryPolicyRequest) GetPage() *request.PageRequest
func (*QueryPolicyRequest) GetRole ¶
func (x *QueryPolicyRequest) GetRole() string
func (*QueryPolicyRequest) GetUsername ¶
func (x *QueryPolicyRequest) GetUsername() string
func (*QueryPolicyRequest) ProtoMessage ¶
func (*QueryPolicyRequest) ProtoMessage()
func (*QueryPolicyRequest) ProtoReflect ¶
func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
func (*QueryPolicyRequest) Reset ¶
func (x *QueryPolicyRequest) Reset()
func (*QueryPolicyRequest) String ¶
func (x *QueryPolicyRequest) String() string
type RPCClient ¶
type RPCClient interface { ValidatePermission(ctx context.Context, in *ValidatePermissionRequest, opts ...grpc.CallOption) (*Policy, error) QueryPolicy(ctx context.Context, in *QueryPolicyRequest, opts ...grpc.CallOption) (*PolicySet, error) }
RPCClient is the client API for RPC service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewRPCClient ¶
func NewRPCClient(cc grpc.ClientConnInterface) RPCClient
type RPCServer ¶
type RPCServer interface { ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error) QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error) // contains filtered or unexported methods }
RPCServer is the server API for RPC service. All implementations must embed UnimplementedRPCServer for forward compatibility
type UnimplementedRPCServer ¶
type UnimplementedRPCServer struct { }
UnimplementedRPCServer must be embedded to have forward compatible implementations.
func (UnimplementedRPCServer) QueryPolicy ¶
func (UnimplementedRPCServer) QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error)
func (UnimplementedRPCServer) ValidatePermission ¶
func (UnimplementedRPCServer) ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error)
type UnsafeRPCServer ¶
type UnsafeRPCServer interface {
// contains filtered or unexported methods
}
UnsafeRPCServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to RPCServer will result in compilation errors.
type ValidatePermissionRequest ¶
type ValidatePermissionRequest struct { // 用户名 // @gotags: json:"username" bson:"username" Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username"` // 空间 // @gotags: json:"namespace" bson:"namespace" Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace" bson:"namespace"` // 服务 // @gotags: json:"service" bson:"service" Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service" bson:"service"` // 资源 // @gotags: json:"resource" bson:"resource" Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource" bson:"resource"` // 操作 // @gotags: json:"action" bson:"action" Action string `protobuf:"bytes,4,opt,name=action,proto3" json:"action" bson:"action"` // contains filtered or unexported fields }
鉴权请求:用户能不发操作该资源
func NewValidatePermissionRequest ¶
func NewValidatePermissionRequest() *ValidatePermissionRequest
func (*ValidatePermissionRequest) Descriptor
deprecated
func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)
Deprecated: Use ValidatePermissionRequest.ProtoReflect.Descriptor instead.
func (*ValidatePermissionRequest) GetAction ¶
func (x *ValidatePermissionRequest) GetAction() string
func (*ValidatePermissionRequest) GetNamespace ¶
func (x *ValidatePermissionRequest) GetNamespace() string
func (*ValidatePermissionRequest) GetResource ¶
func (x *ValidatePermissionRequest) GetResource() string
func (*ValidatePermissionRequest) GetService ¶
func (x *ValidatePermissionRequest) GetService() string
func (*ValidatePermissionRequest) GetUsername ¶
func (x *ValidatePermissionRequest) GetUsername() string
func (*ValidatePermissionRequest) ProtoMessage ¶
func (*ValidatePermissionRequest) ProtoMessage()
func (*ValidatePermissionRequest) ProtoReflect ¶
func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
func (*ValidatePermissionRequest) Reset ¶
func (x *ValidatePermissionRequest) Reset()
func (*ValidatePermissionRequest) String ¶
func (x *ValidatePermissionRequest) String() string