Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
- type CreatePolicyRequest
- func (*CreatePolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *CreatePolicyRequest) GetNamespace() string
- func (x *CreatePolicyRequest) GetRole() string
- func (x *CreatePolicyRequest) GetUsername() string
- func (*CreatePolicyRequest) ProtoMessage()
- func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
- func (x *CreatePolicyRequest) Reset()
- func (x *CreatePolicyRequest) String() string
- func (req *CreatePolicyRequest) Validate() error
- type Policy
- func (*Policy) Descriptor() ([]byte, []int)deprecated
- func (x *Policy) GetCreateAt() int64
- func (x *Policy) GetId() string
- func (x *Policy) GetSpec() *CreatePolicyRequest
- func (*Policy) ProtoMessage()
- func (x *Policy) ProtoReflect() protoreflect.Message
- func (x *Policy) Reset()
- func (x *Policy) String() string
- type PolicySet
- func (s *PolicySet) Add(item *Policy)
- func (*PolicySet) Descriptor() ([]byte, []int)deprecated
- func (x *PolicySet) GetItems() []*Policy
- func (s *PolicySet) GetPolicyByRole(role string) *Policy
- func (x *PolicySet) GetTotal() int64
- func (*PolicySet) ProtoMessage()
- func (x *PolicySet) ProtoReflect() protoreflect.Message
- func (x *PolicySet) Reset()
- func (s *PolicySet) Roles() (roles []string)
- func (x *PolicySet) String() string
- type QueryPolicyRequest
- func (*QueryPolicyRequest) Descriptor() ([]byte, []int)deprecated
- func (x *QueryPolicyRequest) GetNamespace() string
- func (x *QueryPolicyRequest) GetPage() *request.PageRequest
- func (x *QueryPolicyRequest) GetRole() string
- func (x *QueryPolicyRequest) GetUsername() string
- func (*QueryPolicyRequest) ProtoMessage()
- func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
- func (x *QueryPolicyRequest) Reset()
- func (x *QueryPolicyRequest) String() string
- type RPCClient
- type RPCServer
- type Service
- type UnimplementedRPCServer
- type UnsafeRPCServer
- type ValidatePermissionRequest
- func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)deprecated
- func (x *ValidatePermissionRequest) GetAction() string
- func (x *ValidatePermissionRequest) GetNamespace() string
- func (x *ValidatePermissionRequest) GetResource() string
- func (x *ValidatePermissionRequest) GetService() string
- func (x *ValidatePermissionRequest) GetUsername() string
- func (*ValidatePermissionRequest) ProtoMessage()
- func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
- func (x *ValidatePermissionRequest) Reset()
- func (x *ValidatePermissionRequest) String() string
Constants ¶
const (
AppName = "policy"
)
Variables ¶
var File_apps_policy_pb_policy_proto protoreflect.FileDescriptor
var RPC_ServiceDesc = grpc.ServiceDesc{ ServiceName: "keyauth.policy.RPC", HandlerType: (*RPCServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "ValidatePermission", Handler: _RPC_ValidatePermission_Handler, }, { MethodName: "QueryPolicy", Handler: _RPC_QueryPolicy_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "apps/policy/pb/policy.proto", }
RPC_ServiceDesc is the grpc.ServiceDesc for RPC service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func RegisterRPCServer ¶
func RegisterRPCServer(s grpc.ServiceRegistrar, srv RPCServer)
Types ¶
type CreatePolicyRequest ¶
type CreatePolicyRequest struct { // 用户名 // @gotags: json:"username" bson:"username" // @gotags: json:"username" bson:"username" validate:"required" Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username" validate:"required"` // 角色名称 // @gotags: json:"role" bson:"role" // @gotags: json:"role" bson:"role" validate:"required" Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role" bson:"role" validate:"required"` // 空间 // @gotags: json:"namespace" bson:"namespace" Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace" bson:"namespace"` // contains filtered or unexported fields }
PRBAC
func NewCreatePolicyRequest ¶ added in v0.0.12
func NewCreatePolicyRequest() *CreatePolicyRequest
func (*CreatePolicyRequest) Descriptor
deprecated
func (*CreatePolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use CreatePolicyRequest.ProtoReflect.Descriptor instead.
func (*CreatePolicyRequest) GetNamespace ¶
func (x *CreatePolicyRequest) GetNamespace() string
func (*CreatePolicyRequest) GetRole ¶
func (x *CreatePolicyRequest) GetRole() string
func (*CreatePolicyRequest) GetUsername ¶
func (x *CreatePolicyRequest) GetUsername() string
func (*CreatePolicyRequest) ProtoMessage ¶
func (*CreatePolicyRequest) ProtoMessage()
func (*CreatePolicyRequest) ProtoReflect ¶
func (x *CreatePolicyRequest) ProtoReflect() protoreflect.Message
func (*CreatePolicyRequest) Reset ¶
func (x *CreatePolicyRequest) Reset()
func (*CreatePolicyRequest) String ¶
func (x *CreatePolicyRequest) String() string
func (*CreatePolicyRequest) Validate ¶ added in v0.0.12
func (req *CreatePolicyRequest) Validate() error
只检查参数的有无
type Policy ¶
type Policy struct { // 角色id // @gotags: json:"id" bson:"_id" Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id" bson:"_id"` // 角色创建时间 // @gotags: json:"create_at" bson:"create_at" CreateAt int64 `protobuf:"varint,2,opt,name=create_at,json=createAt,proto3" json:"create_at" bson:"create_at"` // 策略定义 // @gotags: json:"spec" bson:"spec" Spec *CreatePolicyRequest `protobuf:"bytes,3,opt,name=spec,proto3" json:"spec" bson:"spec"` // contains filtered or unexported fields }
策略定义
func NewDefaultPolicy ¶ added in v0.0.12
func NewDefaultPolicy() *Policy
func NewPolicy ¶ added in v0.0.12
func NewPolicy(req *CreatePolicyRequest) (*Policy, error)
func (*Policy) Descriptor
deprecated
func (*Policy) GetCreateAt ¶
func (*Policy) GetSpec ¶ added in v0.0.12
func (x *Policy) GetSpec() *CreatePolicyRequest
func (*Policy) ProtoMessage ¶
func (*Policy) ProtoMessage()
func (*Policy) ProtoReflect ¶
func (x *Policy) ProtoReflect() protoreflect.Message
type PolicySet ¶ added in v0.0.12
type PolicySet struct { // 总量 // @gotags: json:"id" bson:"_id" Total int64 `protobuf:"varint,1,opt,name=total,proto3" json:"id" bson:"_id"` // 列表 // @gotags: json:"items" bson:"items" Items []*Policy `protobuf:"bytes,2,rep,name=items,proto3" json:"items" bson:"items"` // contains filtered or unexported fields }
func NewPolicySet ¶ added in v0.0.12
func NewPolicySet() *PolicySet
func (*PolicySet) Descriptor
deprecated
added in
v0.0.12
func (*PolicySet) GetPolicyByRole ¶ added in v0.0.12
func (*PolicySet) ProtoMessage ¶ added in v0.0.12
func (*PolicySet) ProtoMessage()
func (*PolicySet) ProtoReflect ¶ added in v0.0.12
func (x *PolicySet) ProtoReflect() protoreflect.Message
type QueryPolicyRequest ¶ added in v0.0.12
type QueryPolicyRequest struct { // 分页参数 // @gotags: json:"page" Page *request.PageRequest `protobuf:"bytes,1,opt,name=page,proto3" json:"page"` // 用户名 // @gotags: json:"username" Username string `protobuf:"bytes,2,opt,name=username,proto3" json:"username"` // 空间 // @gotags: json:"namespace" Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace"` // 角色名称 // @gotags: json:"role" Role string `protobuf:"bytes,3,opt,name=role,proto3" json:"role"` // contains filtered or unexported fields }
func NewQueryPolicyRequest ¶ added in v0.0.12
func NewQueryPolicyRequest() *QueryPolicyRequest
func (*QueryPolicyRequest) Descriptor
deprecated
added in
v0.0.12
func (*QueryPolicyRequest) Descriptor() ([]byte, []int)
Deprecated: Use QueryPolicyRequest.ProtoReflect.Descriptor instead.
func (*QueryPolicyRequest) GetNamespace ¶ added in v0.0.12
func (x *QueryPolicyRequest) GetNamespace() string
func (*QueryPolicyRequest) GetPage ¶ added in v0.0.12
func (x *QueryPolicyRequest) GetPage() *request.PageRequest
func (*QueryPolicyRequest) GetRole ¶ added in v0.0.12
func (x *QueryPolicyRequest) GetRole() string
func (*QueryPolicyRequest) GetUsername ¶ added in v0.0.12
func (x *QueryPolicyRequest) GetUsername() string
func (*QueryPolicyRequest) ProtoMessage ¶ added in v0.0.12
func (*QueryPolicyRequest) ProtoMessage()
func (*QueryPolicyRequest) ProtoReflect ¶ added in v0.0.12
func (x *QueryPolicyRequest) ProtoReflect() protoreflect.Message
func (*QueryPolicyRequest) Reset ¶ added in v0.0.12
func (x *QueryPolicyRequest) Reset()
func (*QueryPolicyRequest) String ¶ added in v0.0.12
func (x *QueryPolicyRequest) String() string
type RPCClient ¶
type RPCClient interface { ValidatePermission(ctx context.Context, in *ValidatePermissionRequest, opts ...grpc.CallOption) (*Policy, error) QueryPolicy(ctx context.Context, in *QueryPolicyRequest, opts ...grpc.CallOption) (*PolicySet, error) }
RPCClient is the client API for RPC service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewRPCClient ¶
func NewRPCClient(cc grpc.ClientConnInterface) RPCClient
type RPCServer ¶
type RPCServer interface { ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error) QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error) // contains filtered or unexported methods }
RPCServer is the server API for RPC service. All implementations must embed UnimplementedRPCServer for forward compatibility
type UnimplementedRPCServer ¶
type UnimplementedRPCServer struct { }
UnimplementedRPCServer must be embedded to have forward compatible implementations.
func (UnimplementedRPCServer) QueryPolicy ¶ added in v0.0.12
func (UnimplementedRPCServer) QueryPolicy(context.Context, *QueryPolicyRequest) (*PolicySet, error)
func (UnimplementedRPCServer) ValidatePermission ¶
func (UnimplementedRPCServer) ValidatePermission(context.Context, *ValidatePermissionRequest) (*Policy, error)
type UnsafeRPCServer ¶
type UnsafeRPCServer interface {
// contains filtered or unexported methods
}
UnsafeRPCServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to RPCServer will result in compilation errors.
type ValidatePermissionRequest ¶
type ValidatePermissionRequest struct { // 用户名 // @gotags: json:"username" bson:"username" Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username" bson:"username"` // 空间 // @gotags: json:"namespace" bson:"namespace" Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace" bson:"namespace"` // 服务 // @gotags: json:"service" bson:"service" Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service" bson:"service"` // 资源 // @gotags: json:"resource" bson:"resource" Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource" bson:"resource"` // 操作 // @gotags: json:"action" bson:"action" Action string `protobuf:"bytes,4,opt,name=action,proto3" json:"action" bson:"action"` // contains filtered or unexported fields }
鉴权请求:用户能不发操作该资源
func NewValidatePermissionRequest ¶ added in v0.0.12
func NewValidatePermissionRequest() *ValidatePermissionRequest
func (*ValidatePermissionRequest) Descriptor
deprecated
func (*ValidatePermissionRequest) Descriptor() ([]byte, []int)
Deprecated: Use ValidatePermissionRequest.ProtoReflect.Descriptor instead.
func (*ValidatePermissionRequest) GetAction ¶
func (x *ValidatePermissionRequest) GetAction() string
func (*ValidatePermissionRequest) GetNamespace ¶
func (x *ValidatePermissionRequest) GetNamespace() string
func (*ValidatePermissionRequest) GetResource ¶
func (x *ValidatePermissionRequest) GetResource() string
func (*ValidatePermissionRequest) GetService ¶
func (x *ValidatePermissionRequest) GetService() string
func (*ValidatePermissionRequest) GetUsername ¶
func (x *ValidatePermissionRequest) GetUsername() string
func (*ValidatePermissionRequest) ProtoMessage ¶
func (*ValidatePermissionRequest) ProtoMessage()
func (*ValidatePermissionRequest) ProtoReflect ¶
func (x *ValidatePermissionRequest) ProtoReflect() protoreflect.Message
func (*ValidatePermissionRequest) Reset ¶
func (x *ValidatePermissionRequest) Reset()
func (*ValidatePermissionRequest) String ¶
func (x *ValidatePermissionRequest) String() string