authv1

package

v0.1.0 Latest Latest Go to latest Published: Apr 21, 2023 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/CrowdStrike/crwdapis

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Auth
type Auth_Expression
type Auth_Permission
type Operation
type Permission
type PermissionExpression

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Operation_name = map[int32]string{
		0: "OPERATION_UNSPECIFIED",
		1: "OPERATION_AND",
		2: "OPERATION_OR",
	}
	Operation_value = map[string]int32{
		"OPERATION_UNSPECIFIED": 0,
		"OPERATION_AND":         1,
		"OPERATION_OR":          2,
	}
)

Enum value maps for Operation.

View Source

var (
	// optional crwd.api.v1.Auth auth = 1000;
	E_Auth = &file_crwd_api_v1_auth_proto_extTypes[0]
)

Extension fields to descriptorpb.MethodOptions.

View Source

var File_crwd_api_v1_auth_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type Auth ¶

type Auth struct {

	// Types that are assignable to Policy:
	//
	//	*Auth_Permission
	//	*Auth_Expression
	Policy isAuth_Policy `protobuf_oneof:"policy"`
	// contains filtered or unexported fields
}

Auth expresses authorization policies for an RPC.

func (*Auth) Descriptor deprecated

func (*Auth) Descriptor() ([]byte, []int)

Deprecated: Use Auth.ProtoReflect.Descriptor instead.

func (*Auth) GetExpression ¶

func (x *Auth) GetExpression() *PermissionExpression

func (*Auth) GetPermission ¶

func (x *Auth) GetPermission() *Permission

func (*Auth) GetPolicy ¶

func (m *Auth) GetPolicy() isAuth_Policy

func (*Auth) ProtoMessage ¶

func (*Auth) ProtoMessage()

func (*Auth) ProtoReflect ¶

func (x *Auth) ProtoReflect() protoreflect.Message

func (*Auth) Reset ¶

func (x *Auth) Reset()

func (*Auth) String ¶

func (x *Auth) String() string

type Auth_Expression ¶

type Auth_Expression struct {
	Expression *PermissionExpression `protobuf:"bytes,3,opt,name=expression,proto3,oneof"`
}

type Auth_Permission ¶

type Auth_Permission struct {
	Permission *Permission `protobuf:"bytes,1,opt,name=permission,proto3,oneof"`
}

type Operation ¶

type Operation int32

Operation defines allowed boolean operations.

const (
	Operation_OPERATION_UNSPECIFIED Operation = 0
	Operation_OPERATION_AND         Operation = 1
	Operation_OPERATION_OR          Operation = 2
)

func (Operation) Descriptor ¶

func (Operation) Descriptor() protoreflect.EnumDescriptor

func (Operation) Enum ¶

func (x Operation) Enum() *Operation

func (Operation) EnumDescriptor deprecated

func (Operation) EnumDescriptor() ([]byte, []int)

Deprecated: Use Operation.Descriptor instead.

func (Operation) Number ¶

func (x Operation) Number() protoreflect.EnumNumber

func (Operation) String ¶

func (x Operation) String() string

func (Operation) Type ¶

func (Operation) Type() protoreflect.EnumType

type Permission ¶

type Permission struct {

	// The object, predicate, and subject fields are the types that are being
	// permission checked. For example, can a user subject read a book object?
	Object    string  `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"`
	Predicate *string `protobuf:"bytes,2,opt,name=predicate,proto3,oneof" json:"predicate,omitempty"`
	Subject   *string `protobuf:"bytes,3,opt,name=subject,proto3,oneof" json:"subject,omitempty"`
	// contains filtered or unexported fields
}

Permission is the building block for expressing authorization.

Example:

rpc CreateFoo(CreateFooRequest) returns (CreateFooResponse) {
	option (crwd.api.v1.auth) = {
		permission: {
			predicate: "create"
			resource: "foo"
		}
	};
};

func (*Permission) Descriptor deprecated

func (*Permission) Descriptor() ([]byte, []int)

Deprecated: Use Permission.ProtoReflect.Descriptor instead.

func (*Permission) GetObject ¶

func (x *Permission) GetObject() string

func (*Permission) GetPredicate ¶

func (x *Permission) GetPredicate() string

func (*Permission) GetSubject ¶

func (x *Permission) GetSubject() string

func (*Permission) ProtoMessage ¶

func (*Permission) ProtoMessage()

func (*Permission) ProtoReflect ¶

func (x *Permission) ProtoReflect() protoreflect.Message

func (*Permission) Reset ¶

func (x *Permission) Reset()

func (*Permission) String ¶

func (x *Permission) String() string

type PermissionExpression ¶

type PermissionExpression struct {
	Policies []*Auth   `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
	Op       Operation `protobuf:"varint,2,opt,name=op,proto3,enum=crwd.api.v1.Operation" json:"op,omitempty"`
	// contains filtered or unexported fields
}

PermissionExpression allows for boolean operations on policies.

Example:

option (crwd.api.v1.auth) = {
	permission_expression: {
		policies: [
			{
				permission: {
					predicate: "update"
					resource: "foo"
				}
			},
			{
				permission: {
					predicate: "delete"
					resource: "foo"
				},
			}
		]
		op: OR
	}
};

func (*PermissionExpression) Descriptor deprecated

func (*PermissionExpression) Descriptor() ([]byte, []int)

Deprecated: Use PermissionExpression.ProtoReflect.Descriptor instead.

func (*PermissionExpression) GetOp ¶

func (x *PermissionExpression) GetOp() Operation

func (*PermissionExpression) GetPolicies ¶

func (x *PermissionExpression) GetPolicies() []*Auth

func (*PermissionExpression) ProtoMessage ¶

func (*PermissionExpression) ProtoMessage()

func (*PermissionExpression) ProtoReflect ¶

func (x *PermissionExpression) ProtoReflect() protoreflect.Message

func (*PermissionExpression) Reset ¶

func (x *PermissionExpression) Reset()

func (*PermissionExpression) String ¶

func (x *PermissionExpression) String() string

Source Files ¶

View all Source files

auth.pb.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL