Documentation
¶
Overview ¶
Package imqsauth implements a service that answers various authentication and authorization questions.
'imqsauth' is built on top of Authaus, which is a generic authentication and authorization package.
There may come a day when we need data-dependent permissions, such as "Allowed to edit assets with ID = 3017". These kinds of permissions cannot be hard-coded into the application, so they don't fit into this scheme. However, it should not be too difficult to expand this system to accomodate that kind of thing.
Example config file:
{
"Authaus": {...}, -- See config.go in Authaus package for description of the Authaus config
"PasswordResetExpirySeconds": 3600,
"HostnameFile": "hostname", -- Relative to the location of imqsauthconfig.json, or an absolute path
"SendMailPassword": "password123",
"SendMailDetails": {
"URL": "https://imqs-mailer.appspot.com",
"PasswordReset": {
"TemplateName": "skypipe-inc-reset-password", -- See https://github.com/IMQS/imqs-mailer#api for more info on valid templates
"From": "SkyPipe Inc. Password Reset <noreply@skypipeinc.com>"
},
"NewAccount": {
"TemplateName": "skypipe-inc-new-account-confirm", -- See https://github.com/IMQS/imqs-mailer#api for more info on valid templates
"From": "SkyPipe Inc. Account Confirmation <noreply@skypipeinc.com>"
},
"LDAPPasswordReset": {
"From": "SkyPipe Inc. Password Reset <noreply@skypipeinc.com>",
"Subject": "SkyPipe Inc. Reset Password"
}
}
}
Index ¶
- Constants
- Variables
- func LoadTestConfig(ic *ImqsCentral, testConfigName string) bool
- func ModifyGroup(icentral *ImqsCentral, mode GroupModifyMode, groupName string, ...) error
- func ResetAuthGroups(icentral *ImqsCentral) error
- func RollbackUnwantedGroups(icentral *ImqsCentral) error
- func RollbackUnwantedGroupsOnce(icentral *ImqsCentral) error
- type Config
- type ContextDetails
- type GroupModifyMode
- type HttpMethod
- type IMQSAuditor
- type ImqsCentral
- type LoginType
- type MailParameters
- type ManagePermissions
- type Permission
- type SendMailDetails
Constants ¶
View Source
const ( // Hard-coded group names, which a lot of the system depends on RoleGroupAdmin = "admin" RoleGroupEnabled = "enabled" // Hard-coded group names, which used to be created by our Windows ruby installer scripts. // Since moving to docker, we've moved these elements into ResetAuthGroups RoleGroupFileDrop = "filedrop" RoleGroupReportCreator = "reportcreator" RoleGroupReportViewer = "reportviewer" RoleGroupPCS = "PCS" )
View Source
const ( HttpMethodGet HttpMethod = "GET" HttpMethodPost = "POST" HttpMethodPut = "PUT" HttpMethodAny = "*" )
View Source
const ( PermReservedZero authaus.PermissionU16 = 0 // Avoid the danger of having a zero mean something PermAdmin authaus.PermissionU16 = 1 // Super-user who can control all aspects of the auth system PermEnabled authaus.PermissionU16 = 2 // User is allowed to use the system. Without this no request is authorized PermBulkSms authaus.PermissionU16 = 4 // User is allowed to send SMS messages. PermPcsSuperUser authaus.PermissionU16 = 100 // User can perform all actions in PCS} PermPcsBudgetAddAndDelete authaus.PermissionU16 = 101 // User is allowed to add and delete a budget to PCS PermPcsBudgetUpdate authaus.PermissionU16 = 102 // User is allowed to update a budget in PCS PermPcsBudgetView authaus.PermissionU16 = 103 // User is allowed to view budgets in PCS. PermPcsProjectAddAndDelete authaus.PermissionU16 = 104 // User is allowed to add and delete a project to PCS PermPcsProjectUpdate authaus.PermissionU16 = 105 // User is allowed to update a project in PCS PermPcsProjectView authaus.PermissionU16 = 106 // User is allowed to view projects in PCS PermPcsProgrammeAddAndDelete authaus.PermissionU16 = 107 // User is allowed to add and delete a programme to PCS PermPcsProgrammeUpdate authaus.PermissionU16 = 108 // User is allowed to update a programme in PCS PermPcsProgrammeView authaus.PermissionU16 = 109 // User is allowed to view programmes in PCS PermPcsLookupAddAndDelete authaus.PermissionU16 = 110 // User is allowed to add a lookup/employee/legal entity to PCS PermPcsLookupUpdate authaus.PermissionU16 = 111 // User is allowed to update a lookup/employee/legal entity in PCS PermPcsLookupView authaus.PermissionU16 = 112 // User is allowed to view lookup/employee/legal entity in PCS PermPcsBudgetItemList authaus.PermissionU16 = 113 // User is allowed to view budget items in PCS PermPcsDynamicContent authaus.PermissionU16 = 114 // User is allowed to get dynamic configuration PermPcsProjectsUnassignedView authaus.PermissionU16 = 115 // User is allowed to view all the projects that are not assigned to programmes PermPcsBudgetItemsAvailable authaus.PermissionU16 = 116 // User is allowed to view the allocatable budget items PermPcsProjectViewAll authaus.PermissionU16 = 117 // User is allowed to view all projects PermPcsProjectEditAll authaus.PermissionU16 = 118 // User is allowed to edit all projects PermReportCreator authaus.PermissionU16 = 200 // Can create reports PermReportViewer authaus.PermissionU16 = 201 // Can view reports PermImporter authaus.PermissionU16 = 300 // User is allowed to handle data imports PermFileDrop authaus.PermissionU16 = 301 // User is allowed to drop files onto IMQS Web PermMm authaus.PermissionU16 = 400 // MM PermMmWorkRequestView authaus.PermissionU16 = 401 // Work Request View PermMmWorkRequestAddAndDelete authaus.PermissionU16 = 402 // Work Request Add/Delete PermMmWorkRequestUpdate authaus.PermissionU16 = 403 // Work Request Update PermMmPmWorkRequestAddAndDelete authaus.PermissionU16 = 404 // MM Work Request Add/Delete PermMmPmWorkRequestUpdate authaus.PermissionU16 = 405 // MM Work Request Update PermMmPmWorkRequestView authaus.PermissionU16 = 406 // MM Work Request View PermMmPmRegionalManagerAddAndDelete authaus.PermissionU16 = 407 // MM Work Request Regional Manager Add/Delete PermMmPmRegionalManagerUpdate authaus.PermissionU16 = 408 // MM Work Request Regional Manager Update PermMmPmRegionalManagerView authaus.PermissionU16 = 409 // MM Work Request Regional Manager View PermMmPmDivisionalManagerAddAndDelete authaus.PermissionU16 = 410 // MM Work Request Divisional Manager Add/Delete PermMmPmDivisionalManagerUpdate authaus.PermissionU16 = 411 // MM Work Request Divisional Manager Update PermMmPmDivisionalManagerView authaus.PermissionU16 = 412 // MM Work Request Divisional Manager View PermMmPmGeneralManagerAddAndDelete authaus.PermissionU16 = 413 // MM Work Request General Manager Add/Delete PermMmPmGeneralManagerUpdate authaus.PermissionU16 = 414 // MM Work Request General Manager Update PermMmPmGeneralManagerView authaus.PermissionU16 = 415 // MM Work Request General Manager View PermMmPmRoutingDepartmentAddAndDelete authaus.PermissionU16 = 416 // MM Work Request Routing Department Add/Delete PermMmPmRoutingDepartmentUpdate authaus.PermissionU16 = 417 // MM Work Request Routing Department Update PermMmPmRoutingDepartmentView authaus.PermissionU16 = 418 // MM Work Request Routing Department View PermMmFormBuilder authaus.PermissionU16 = 419 // MM Form Builder PermMmLookup authaus.PermissionU16 = 420 // MM Lookup PermMmServiceRequest authaus.PermissionU16 = 421 // MM Service Request PermMmSetup authaus.PermissionU16 = 422 // MM Setup PermMmSuperUser authaus.PermissionU16 = 423 // MM Super User PermMmSetupWorkFlow authaus.PermissionU16 = 424 // MM Setup Workflow PermMmSetupPM authaus.PermissionU16 = 425 // MM Setup Preventative Maintenance PermMmSetupPMSchedule authaus.PermissionU16 = 426 // MM Setup Preventative Maintenance Schedule PermMmIncidentLogger authaus.PermissionU16 = 427 // MM Incident Logger PermMmResourceManagerView authaus.PermissionU16 = 428 // MM Resource Manager View PermMmResourceManagerAddAndDelete authaus.PermissionU16 = 429 // MM Resource Manager Add/Delete PermMmResourceManagerUpdate authaus.PermissionU16 = 430 // MM Resource Manager Update PermMmTimeAndCostView authaus.PermissionU16 = 431 // MM Time and Cost View PermMmTimeAndCostAddAndDelete authaus.PermissionU16 = 432 // MM Time and Cost Add/Delete PermMmTimeAndCostUpdate authaus.PermissionU16 = 433 // MM Time and Cost Update PermMmDocuments authaus.PermissionU16 = 434 // MM Documents PermMmMeterMaintenance authaus.PermissionU16 = 435 // MM Meter Maintenance Map PermMmReAssignEditOfDisabledControl authaus.PermissionU16 = 436 // Disabled controls become active for a user with this permission PermMmEmployeeView authaus.PermissionU16 = 437 // MM Employee View PermMmEmployeeAddAndDelete authaus.PermissionU16 = 438 // MM Employee Add/Delete PermMmEmployeeUpdate authaus.PermissionU16 = 439 // MM Employee Update PermMmFleetView authaus.PermissionU16 = 440 // MM Fleet View PermMmFleetAddAndDelete authaus.PermissionU16 = 441 // MM Fleet Add/Delete PermMmFleetUpdate authaus.PermissionU16 = 442 // MM Fleet Update PermMmMaterialView authaus.PermissionU16 = 443 // MM Material View PermMmMaterialAddAndDelete authaus.PermissionU16 = 444 // MM Material Add/Delete PermMmMaterialUpdate authaus.PermissionU16 = 445 // MM Material Update PermMmContractorView authaus.PermissionU16 = 446 // MM Contractor View PermMmContractorAddAndDelete authaus.PermissionU16 = 447 // MM Contractor Add/Delete PermMmContractorUpdate authaus.PermissionU16 = 448 // MM Contractor Update PermMmContractorDocsView authaus.PermissionU16 = 449 // MM Contractor Documents View PermMmContractorDocsAddAndDelete authaus.PermissionU16 = 450 // MM Contractor Documents Add/Delete PermMmContractorDocsUpdate authaus.PermissionU16 = 451 // MM Contractor Documents Update PermMmStandardTimesView authaus.PermissionU16 = 452 // MM Standard Times View PermMmStandardTimesAddAndDelete authaus.PermissionU16 = 453 // MM Standard Times Add/Delete PermMmStandardTimesUpdate authaus.PermissionU16 = 454 // MM Standard Times Update PermMmTariffsView authaus.PermissionU16 = 455 // MM Tariffs View PermMmTariffsAddAndDelete authaus.PermissionU16 = 456 // MM Tariffs Add/Delete PermMmTariffsUpdate authaus.PermissionU16 = 457 // MM Tariffs Update PermMmIncidentLoggerView authaus.PermissionU16 = 458 // MM Incident Logger View PermMmIncidentLoggerAddAndDelete authaus.PermissionU16 = 459 // MM Incident Logger Add/Delete PermMmIncidentLoggerUpdate authaus.PermissionU16 = 460 // MM Incident Logger Update PermMmLeaveManagementView authaus.PermissionU16 = 461 // MM Leave Management View PermMmLeaveManagementAddAndDelete authaus.PermissionU16 = 462 // MM Leave Management Add/Delete PermMmLeaveManagementUpdate authaus.PermissionU16 = 463 // MM Leave Management Update PermMmProjectCodeManagementView authaus.PermissionU16 = 464 // MM Project Code Management View PermMmProjectCodeManagementAddAndDelete authaus.PermissionU16 = 465 // MM Project Code Management Add/Delete PermMmProjectCodeManagementUpdate authaus.PermissionU16 = 466 // MM Project Code Management Update PermMmProjectSapManagementView authaus.PermissionU16 = 467 // MM Project Sap Management View PermMmProjectSapManagementAddAndDelete authaus.PermissionU16 = 468 // MM Project Sap Management Add/Delete PermMmProjectSapManagementUpdate authaus.PermissionU16 = 469 // MM Project Sap Management Update PermWipEnabled authaus.PermissionU16 = 500 // User is allowed to use the WIP module PermWipWorkflowStart authaus.PermissionU16 = 501 // User is allowed to start a workflow PermWipWorkflowSuspend authaus.PermissionU16 = 502 // User is allowed to suspend a workflow PermWipWorkflowDiscard authaus.PermissionU16 = 503 // User is allowed to discard a workflow PermWipProjectView authaus.PermissionU16 = 510 // User is allowed to view a WIP project PermWipProjectAdd authaus.PermissionU16 = 511 // User is allowed to add a WIP project PermWipProjectEdit authaus.PermissionU16 = 512 // User is allowed to edit a WIP project PermWipProjectDelete authaus.PermissionU16 = 513 // User is allowed to delete a WIP project PermWipComponentView authaus.PermissionU16 = 514 // User is allowed to view a WIP component PermWipComponentAdd authaus.PermissionU16 = 515 // User is allowed to add a WIP component PermWipComponentEdit authaus.PermissionU16 = 516 // User is allowed to edit a WIP component PermWipComponentDelete authaus.PermissionU16 = 517 // User is allowed to delete a WIP component PermWipActualView authaus.PermissionU16 = 518 // User is allowed to view a WIP actual PermWipActualAdd authaus.PermissionU16 = 519 // User is allowed to add a WIP actual PermWipActualEdit authaus.PermissionU16 = 520 // User is allowed to edit a WIP actual PermWipActualDelete authaus.PermissionU16 = 521 // User is allowed to delete a WIP actual PermWipBudgetView authaus.PermissionU16 = 522 // User is allowed to view a WIP budget PermWipBudgetAdd authaus.PermissionU16 = 523 // User is allowed to add a WIP budget PermWipBudgetEdit authaus.PermissionU16 = 524 // User is allowed to edit a WIP budget PermWipBudgetDelete authaus.PermissionU16 = 525 // User is allowed to delete a WIP budget PermWipCapitalize authaus.PermissionU16 = 526 // User is allowed to perform capitalization tasks PermEnergyConfigAddAndDelete authaus.PermissionU16 = 600 // User is allowed to add and delete an energy site configuration PermEnergyConfigUpdate authaus.PermissionU16 = 601 // User is allowed to update an energy site configuration PermEnergyConfigView authaus.PermissionU16 = 602 // User is allowed to view an energy site configuration PermEnergyConfigLockUnlock authaus.PermissionU16 = 603 // User is allowed to lock/unlock site configuration PermEnergyGeneratorsStartStop authaus.PermissionU16 = 604 // User is allowed to start/stop generators PermEnergyGateUnlock authaus.PermissionU16 = 605 // User is allowed to unlock gate PermEnergySimSwitch authaus.PermissionU16 = 606 // User is allowed to switch site controller SIM PermEnergyAlarmsMute authaus.PermissionU16 = 607 // User is allowed to mute site alarms PermEnergyAnalogDataRefresh authaus.PermissionU16 = 608 // User is allowed to refresh analog data PermEnergyControllerFirmwareVersionRefresh authaus.PermissionU16 = 609 // User is allowed to refresh controller firmware version PermEnergyTimeSync authaus.PermissionU16 = 610 // User is allowed to synchronise controller clock with server PermEnergyAlarmsAcknowledge authaus.PermissionU16 = 611 // User is allowed to acknowledge alarms PermEnergyGateAccessFirmwareVersionRefresh authaus.PermissionU16 = 612 // User is allowed to refresh gate access firmware version PermEnergySiteInfoEdit authaus.PermissionU16 = 613 // User is allowed to edit site info PermEnergySitePACEdit authaus.PermissionU16 = 614 // User is allowed to edit site PAC PermDevconProjectEdit authaus.PermissionU16 = 700 // User is allowed to edit projects PermDevconProjectCreate authaus.PermissionU16 = 701 // User is allowed to create new projects PermDevconProjectDelete authaus.PermissionU16 = 702 // User is allowed to delete projects PermDevconProjectMerge authaus.PermissionU16 = 703 // User is allowed to merge projects PermDevconApplicationEdit authaus.PermissionU16 = 704 // User is allowed to edit applications PermDevconApplicationCreate authaus.PermissionU16 = 705 // User is allowed to create new applications PermDevconApplicationDelete authaus.PermissionU16 = 706 // User is allowed to delete applications PermDevconLookupEdit authaus.PermissionU16 = 707 // User is allowed to edit lookups, such as applicant and organisation PermDevconLookupCreate authaus.PermissionU16 = 708 // User is allowed to create new lookups PermDevconLookupDelete authaus.PermissionU16 = 709 // User is allowed to delete lookups PermDevconLookupManagement authaus.PermissionU16 = 710 // User is allowed to access the lookup management page and manage lookups PermDevconTemplateManagement authaus.PermissionU16 = 711 // User is allowed to access the feedback template management page and update templates PermDevconReportViewing authaus.PermissionU16 = 712 // User is allowed to view reports PermHydroWorkOrderCreation authaus.PermissionU16 = 800 // User is allowed to view and use the hydrojet work order creation tool PermWmm authaus.PermissionU16 = 900 // User is allowed to access the Meter Maintenance PermWmmSearchEdit authaus.PermissionU16 = 901 // User can access the Seach and Edit module PermWmmCreateIncident authaus.PermissionU16 = 902 // User can create an Incident PermWmmEditMeter authaus.PermissionU16 = 903 // User can edit a meters details PermWmmDm authaus.PermissionU16 = 904 // User can access the Dropdown Manager PermWmmDmEdit authaus.PermissionU16 = 905 // User can add, edit or delete a Dropdown item PermWmmExport authaus.PermissionU16 = 906 // User can access the Export Manager PermWmmReports authaus.PermissionU16 = 907 // User can access the Meter Maintenance reports PermImqsDeveloper authaus.PermissionU16 = 999 // IMQS Developer PermAssetsModuleAccess authaus.PermissionU16 = 1100 // User is allowed to access the Assets module PermCogtaModuleAccess authaus.PermissionU16 = 1101 // User is allowed to access the COGTA module PermConditionAssessmentModuleAccess authaus.PermissionU16 = 1102 // User is allowed to access the Condition Assessment module PermDocumentExplorerModuleAccess authaus.PermissionU16 = 1103 // User is allowed to access the Document Explorer module PermElectricityModuleAccess authaus.PermissionU16 = 1104 // User is allowed to access the Electricity module PermElectricityDemandModuleAccess authaus.PermissionU16 = 1105 // User is allowed to access the Electricity Demand module PermElectricityDemoModuleAccess authaus.PermissionU16 = 1106 // User is allowed to access the Electricity Demo module PermEnergyModuleAccess authaus.PermissionU16 = 1107 // User is allowed to access the Energy module PermIndigentModuleAccess authaus.PermissionU16 = 1108 // User is allowed to access the Indigent module PermLandUseModuleAccess authaus.PermissionU16 = 1109 // User is allowed to access the Land Use module PermMaintenanceManagementModuleAccess authaus.PermissionU16 = 1110 // User is allowed to access the Maintenance Management module PermMeterMaintenanceModuleAccess authaus.PermissionU16 = 1111 // User is allowed to access the Meter Maintenance module PermPcsModuleAccess authaus.PermissionU16 = 3 // User is allowed to access the PCS module PermPropertiesandBuildingsModuleAccess authaus.PermissionU16 = 1113 // User is allowed to access the Properties and Buildings module PermRevenueEnhancementModuleAccess authaus.PermissionU16 = 1114 // User is allowed to access the Revenue Enhancement module PermRoadsModuleAccess authaus.PermissionU16 = 1115 // User is allowed to access the Roads module PermSewerModuleAccess authaus.PermissionU16 = 1116 // User is allowed to access the Sewer module PermSewerPRPModuleAccess authaus.PermissionU16 = 1117 // User is allowed to access the Sewer PRP module PermStormwaterModuleAccess authaus.PermissionU16 = 1118 // User is allowed to access the Stormwater module PermTelcosModuleAccess authaus.PermissionU16 = 1119 // User is allowed to access the Telcos module PermWaterModuleAccess authaus.PermissionU16 = 1120 // User is allowed to access the Water module PermWaterDemandModuleAccess authaus.PermissionU16 = 1121 // User is allowed to access the Water Demand module PermWaterPRPModuleAccess authaus.PermissionU16 = 1122 // User is allowed to access the Water PRP module PermWipModuleAccess authaus.PermissionU16 = 1123 // User is allowed to access the WIP module PermDevelopmentControlModuleAccess authaus.PermissionU16 = 1124 // User is allowed to access the Development Control module PermRoadSignsModuleAccess authaus.PermissionU16 = 1125 // User is allowed to access the Road Signs module PermElectricityRPModuleAccess authaus.PermissionU16 = 1126 // User is allowed to access the Electricity RP module PermFacilitiesModuleAccess authaus.PermissionU16 = 1127 // User is allowed to access the Facilities module PermResourceManagerModuleAccess authaus.PermissionU16 = 1128 // User is allowed to access the Resource Manager module PermNewMm authaus.PermissionU16 = 1200 // User can access the MM module PermNewMmIl authaus.PermissionU16 = 1201 // User can access the Incident Logger module PermNewMmIlCreateBulkIncidents authaus.PermissionU16 = 1202 // User can create bulk incidents PermNewMmIlCreateAdd authaus.PermissionU16 = 1203 // User can add a new incident PermNewMmIlArchive authaus.PermissionU16 = 1204 // User can archive an incident PermNewMmIlEditLogRequest authaus.PermissionU16 = 1205 // User can edit incident in Log Request state PermNewMmIlViewLogRequest authaus.PermissionU16 = 1206 // User can view incident in Log Request state PermNewMmIlLogRequestSubmitIncident authaus.PermissionU16 = 1207 // User can submit an incident PermNewMmIlEditAllocateDepot authaus.PermissionU16 = 1208 // User can edit incident in Allocate Depot state PermNewMmIlViewAllocateDepot authaus.PermissionU16 = 1209 // User can view incident in Allocate Depot state PermNewMmIlAllocateDepotApprove authaus.PermissionU16 = 1210 // User can approve incident in Allocate Depot state PermNewMmIlAllocateDepotPostpone authaus.PermissionU16 = 1211 // User can postpone incident in Allocate Depot state PermNewMmIlAllocateDepotReject authaus.PermissionU16 = 1212 // User can reject incident in Allocate Depot state PermNewMmIlEditProcessTask authaus.PermissionU16 = 1213 // User can edit incident in Process Task state PermNewMmIlViewProcessTask authaus.PermissionU16 = 1214 // User can view incident in Process Task state PermNewMmIlProcessTaskPostpone authaus.PermissionU16 = 1215 // User can postpone incident in Process Task state PermNewMmIlProcessTaskReject authaus.PermissionU16 = 1216 // User can reject incident in Process Task state PermNewMmIlProcessTaskResolve authaus.PermissionU16 = 1217 // User can resolve incident in Process Task state PermNewMmIlProcessTaskClose authaus.PermissionU16 = 1218 // User can close incident in Process Task state PermNewMmIlMap authaus.PermissionU16 = 1219 // User can view the map PermNewMmIlLinkedRequests authaus.PermissionU16 = 1220 // User can view the linked requests PermNewMmIlFollowUp authaus.PermissionU16 = 1221 // User can view the follow up incidents PermNewMmIlAuditTrail authaus.PermissionU16 = 1222 // User can view the Audit Trail PermNewMmIlPrintPreview authaus.PermissionU16 = 1223 // User can view the Print Preview PermNewMmIlDocuments authaus.PermissionU16 = 1224 // User can view the Documents PermNewMmIlSapNotificationImportCreateAdd authaus.PermissionU16 = 1225 // User can import SAP Notifitications PermNewMmIlReportsView authaus.PermissionU16 = 1226 // User can view Incident Logger Reports PermNewMmTc authaus.PermissionU16 = 1227 // User can access the Time and Cost Module PermNewMmTcCreateAdd authaus.PermissionU16 = 1228 // User can create a new Time Sheet PermNewMmTcEdit authaus.PermissionU16 = 1229 // User can edit an Time Sheet PermNewMmTcView authaus.PermissionU16 = 1230 // User can view a Time Sheet PermNewMmTcArchive authaus.PermissionU16 = 1231 // User can archive a Time Sheet PermNewMmTcTimeExports authaus.PermissionU16 = 1232 // User can export Time Sheets PermNewMmTcReportsView authaus.PermissionU16 = 1233 // User can view Time and Cost Reports PermNewMmRm authaus.PermissionU16 = 1234 // User can access the Resource Manager Module PermNewMmRmEmployeeCreateAddEmployee authaus.PermissionU16 = 1235 // User can add a new Employee PermNewMmRmEmployeeView authaus.PermissionU16 = 1236 // User can view Employees grid and Employee data PermNewMmRmEmployeeEdit authaus.PermissionU16 = 1237 // User can edit an Employee PermNewMmRmEmployeeArchive authaus.PermissionU16 = 1238 // User can archive an Employee PermNewMmRmEmployeeEditGeneral authaus.PermissionU16 = 1239 // User can edit Employee data in the General Tab PermNewMmRmEmployeeViewGeneral authaus.PermissionU16 = 1240 // User can view Employee data in the General Tab PermNewMmRmEmployeeEditAppointment authaus.PermissionU16 = 1241 // User can edit Employee data in the Appointment Tab PermNewMmRmEmployeeViewAppointment authaus.PermissionU16 = 1242 // User can view Employee data in the Appointment Tab PermNewMmRmEmployeeEditLicense authaus.PermissionU16 = 1243 // User can edit Employee data in the Driver’s License Tab PermNewMmRmEmployeeViewLicense authaus.PermissionU16 = 1244 // User can view Employee data in the Driver’s License Tab PermNewMmRmEmployeeEditTimeProgram authaus.PermissionU16 = 1245 // User can edit Employee data in the Time Program Tab PermNewMmRmEmployeeViewTimeProgram authaus.PermissionU16 = 1246 // User can view Employee data in the Time Program Tab PermNewMmRmEmployeeEditButtonHistory authaus.PermissionU16 = 1247 // User can edit Employee data in the Button History Tab PermNewMmRmEmployeeViewButtonHistory authaus.PermissionU16 = 1248 // User can view Employee data in the Button History Tab PermNewMmRmEmployeeEditAttachment authaus.PermissionU16 = 1249 // User can edit Employee data in the Attachment Tab PermNewMmRmEmployeeViewAttachment authaus.PermissionU16 = 1250 // User can view Employee data in the Attachment Tab PermNewMmRmEmployeeEditFitnessForDuty authaus.PermissionU16 = 1251 // User can edit Employee data in the Fitness For Duty Tab PermNewMmRmEmployeeViewFitnessForDuty authaus.PermissionU16 = 1252 // User can view Employee data in the Fitness For Duty Tab PermNewMmRmEmployeeEditGrievance authaus.PermissionU16 = 1253 // User can edit Employee data in the Grievance Tab PermNewMmRmEmployeeViewGrievance authaus.PermissionU16 = 1254 // User can view Employee data in the Grievance Tab PermNewMmRmEmployeeEditDisciplinary authaus.PermissionU16 = 1255 // User can edit Employee data in the Disciplinary Tab PermNewMmRmEmployeeViewDisciplinary authaus.PermissionU16 = 1256 // User can view Employee data in the Disciplinary Tab PermNewMmRmContractorsCreateAdd authaus.PermissionU16 = 1257 // User can add a new Contractor PermNewMmRmContractorsEdit authaus.PermissionU16 = 1258 // User can edit a Contractor PermNewMmRmContractorsView authaus.PermissionU16 = 1259 // User can view a Contractor PermNewMmRmContractorsArchive authaus.PermissionU16 = 1260 // User can archive a Contractor PermNewMmRmOrganogramCreateAddPosition authaus.PermissionU16 = 1261 // User can create a new position in the organogram PermNewMmRmOrganogramEdit authaus.PermissionU16 = 1262 // User can edit an entry in the organogram PermNewMmRmOrganogramView authaus.PermissionU16 = 1263 // User can view the Organogram PermNewMmRmOrganogramFreese authaus.PermissionU16 = 1264 // User can freeze a position on the Organogram PermNewMmRmOrganogramUnfreezes authaus.PermissionU16 = 1265 // User can unfreeze a position on the Organogram PermNewMmRmOrganogramAbolish authaus.PermissionU16 = 1266 // User can abolish a position on the Organogram PermNewMmRmStandardTimeCreateAdd authaus.PermissionU16 = 1267 // User can create a new Standard Time entry PermNewMmRmStandardTimeEdit authaus.PermissionU16 = 1268 // User can edit a Standard Time PermNewMmRmStandardTimeView authaus.PermissionU16 = 1269 // User can view a Standard Time PermNewMmRmStandardTimeArchive authaus.PermissionU16 = 1270 // User can archive a Standard Time PermNewMmRmPayDaysCreateAdd authaus.PermissionU16 = 1271 // User can create a new Pay Day entry PermNewMmRmPayDaysEdit authaus.PermissionU16 = 1272 // User can edit a Pay Day PermNewMmRmPayDaysView authaus.PermissionU16 = 1273 // User can view a Pay Day PermNewMmRmPayDaysArchive authaus.PermissionU16 = 1274 // User can archive a Pay Day PermNewMmRmPublicHolidaysCreateAdd authaus.PermissionU16 = 1275 // User can create a new Public Holiday PermNewMmRmPublicHolidaysEdit authaus.PermissionU16 = 1276 // User can edit a Public Holiday PermNewMmRmPublicHolidaysView authaus.PermissionU16 = 1277 // User can view a Public Holiday PermNewMmRmPublicHolidaysArchive authaus.PermissionU16 = 1278 // User can archive a Public Holiday PermNewMmRmLeaveManagementCreateAdd authaus.PermissionU16 = 1279 // User can create a new Leave entry PermNewMmRmLeaveManagementEdit authaus.PermissionU16 = 1280 // User can edit a Leave entry PermNewMmRmLeaveManagementView authaus.PermissionU16 = 1281 // User can view a Leave entry PermNewMmRmLeaveManagementArchive authaus.PermissionU16 = 1282 // User can archive a Leave PermNewMmRmContractCreateAdd authaus.PermissionU16 = 1283 // User can create a new Contract entry PermNewMmRmContractEdit authaus.PermissionU16 = 1284 // User can edit a Contract PermNewMmRmContractView authaus.PermissionU16 = 1285 // User can view a Contract PermNewMmRmContractArchive authaus.PermissionU16 = 1286 // User can archive a Contract PermNewMmRmAgreementsCreateAdd authaus.PermissionU16 = 1287 // User can create a new Contract Agreement PermNewMmRmAgreementsEdit authaus.PermissionU16 = 1288 // User can edit a Contract Agreement PermNewMmRmAgreementsView authaus.PermissionU16 = 1289 // User can view a Contract Agreement PermNewMmRmAgreementsArchive authaus.PermissionU16 = 1290 // User can archive a Contract Agreement PermNewMmRmPenaltiesCreateAdd authaus.PermissionU16 = 1291 // User can create a new Penalty PermNewMmRmPenaltiesEdit authaus.PermissionU16 = 1292 // User can edit a Penalty PermNewMmRmPenaltiesView authaus.PermissionU16 = 1293 // User can view a Penalty PermNewMmRmPenaltiesArchive authaus.PermissionU16 = 1294 // User can archive a Penalty PermNewMmRmReportsView authaus.PermissionU16 = 1295 // User can view the Resource Manager Reports PermNewMmIm authaus.PermissionU16 = 1296 // User can access the Inventory Management module PermNewMmImFleetCreateAdd authaus.PermissionU16 = 1297 // User can create a new Fleet item PermNewMmImFleetEdit authaus.PermissionU16 = 1298 // User can edit a Fleet item PermNewMmImFleetView authaus.PermissionU16 = 1299 // User can view a Fleet item PermNewMmImFleetArchive authaus.PermissionU16 = 1300 // User can archive a Fleet item PermNewMmImFleetIssue authaus.PermissionU16 = 1301 // User can issue a Fleet item PermNewMmImEquipmentCreateAdd authaus.PermissionU16 = 1302 // User can create a new Equipment item PermNewMmImEquipmentEdit authaus.PermissionU16 = 1303 // User can edit a Equipment item PermNewMmImEquipmentView authaus.PermissionU16 = 1304 // User can view a Equipment item PermNewMmImEquipmentArchive authaus.PermissionU16 = 1305 // User can archive a Equipment item PermNewMmImEquipmentIssue authaus.PermissionU16 = 1306 // User can issue a Equipment item PermNewMmImSapMaterialsCreateAdd authaus.PermissionU16 = 1307 // User can create a new SAP Materials item PermNewMmImSapMaterialsEdit authaus.PermissionU16 = 1308 // User can edit a SAP Materials item PermNewMmImSapMaterialsView authaus.PermissionU16 = 1309 // User can view a SAP Materials item PermNewMmImSapMaterialsArchive authaus.PermissionU16 = 1310 // User can archive a SAP Materials item PermNewMmImSapMaterialsIssue authaus.PermissionU16 = 1311 // User can issue a SAP Materials item PermNewMmImInformalStoresCreateAdd authaus.PermissionU16 = 1312 // User can create a new Informal Store item PermNewMmImInformalStoresEdit authaus.PermissionU16 = 1313 // User can edit a Informal Store item PermNewMmImInformalStoresView authaus.PermissionU16 = 1314 // User can view a Informal Store item PermNewMmImInformalStoresArchive authaus.PermissionU16 = 1315 // User can archive a Informal Store item PermNewMmImInformalStoresIssue authaus.PermissionU16 = 1316 // User can issue a Informal Store item PermNewMmImProducedMaterialCreateAdd authaus.PermissionU16 = 1317 // User can create a new Produced Material item PermNewMmImProducedMaterialEdit authaus.PermissionU16 = 1318 // User can edit a Produced Material item PermNewMmImProducedMaterialView authaus.PermissionU16 = 1319 // User can view a Produced Material item PermNewMmImProducedMaterialArchive authaus.PermissionU16 = 1320 // User can archive a Produced Material item PermNewMmImProducedMaterialIssue authaus.PermissionU16 = 1321 // User can issue a Produced Material item PermNewMmImTrafficSignsCreateAdd authaus.PermissionU16 = 1322 // User can create a new Traffic Sign item PermNewMmImTrafficSignsEdit authaus.PermissionU16 = 1323 // User can edit a Traffic Sign item PermNewMmImTrafficSignsView authaus.PermissionU16 = 1324 // User can view a Traffic Sign item PermNewMmImTrafficSignsArchive authaus.PermissionU16 = 1325 // User can archive a Traffic Sign item PermNewMmImTrafficSignsIssue authaus.PermissionU16 = 1326 // User can issue a Traffic Sign item PermNewMmImMeterCreateAddQr authaus.PermissionU16 = 1327 // User can create new Meters using QR codes PermNewMmImMeterCreateAddSingle authaus.PermissionU16 = 1328 // User can create a new Meter PermNewMmImMeterCreateAddBulk authaus.PermissionU16 = 1329 // User can create bulk Meters PermNewMmImMeterEdit authaus.PermissionU16 = 1330 // User can edit a Meter PermNewMmImMeterView authaus.PermissionU16 = 1331 // User can view a Meter PermNewMmImMeterArchive authaus.PermissionU16 = 1332 // User can archive a Meter PermNewMmImMeterIssue authaus.PermissionU16 = 1333 // User can issue a Meter PermNewMmImPersonalInventoryView authaus.PermissionU16 = 1334 // User can view the Personal Inventory grid PermNewMmImPersonalInventoryMetersReturn authaus.PermissionU16 = 1335 // User can return a meter from Personal Inventory PermNewMmImPersonalInventoryInformalStoreReturn authaus.PermissionU16 = 1336 // User can return a informal store item from Personal Inventory PermNewMmImPersonalInventoryTrafficSignsReturn authaus.PermissionU16 = 1337 // User can return a traffic sign from Personal Inventory PermNewMmImPersonalInventoryProducedMaterialReturn authaus.PermissionU16 = 1338 // User can return a produced material item from Personal Inventory PermNewMmImPersonalInventoryFleetReturn authaus.PermissionU16 = 1339 // User can return a equipment item from Personal Inventory PermNewMmImPersonalInventoryEquipmentReturn authaus.PermissionU16 = 1340 // User can return a fleet item from Personal Inventory PermNewMmImPersonalInventoryMetersTransfer authaus.PermissionU16 = 1341 // User can transfer a meter in Personal Inventory PermNewMmImPersonalInventoryInformalStoreTransfer authaus.PermissionU16 = 1342 // User can transfer a informal store item in Personal Inventory PermNewMmImPersonalInventoryTrafficSignsTransfer authaus.PermissionU16 = 1343 // User can transfer a traffic sign in Personal Inventory PermNewMmImPersonalInventoryProducedMaterialTransfer authaus.PermissionU16 = 1344 // User can transfer a produced material item in Personal Inventory PermNewMmImPersonalInventoryFleetTransfer authaus.PermissionU16 = 1345 // User can transfer a equipment item in Personal Inventory PermNewMmImPersonalInventoryEquipmentTransfer authaus.PermissionU16 = 1346 // User can transfer a fleet item in Personal Inventory PermNewMmImReportsView authaus.PermissionU16 = 1347 // User can view the Inventory Management Reports PermNewMmClock authaus.PermissionU16 = 1348 // User can access the Clock module PermNewMmClockEdit authaus.PermissionU16 = 1349 // User can edit a Clock entry PermNewMmClockViewDetail authaus.PermissionU16 = 1350 // User can view a Clock entry PermNewMmClockCreate authaus.PermissionU16 = 1351 // User can create clock times from Time Sheet PermNewMmClockReportsView authaus.PermissionU16 = 1352 // User can view the Clock Reports PermNewMmFi authaus.PermissionU16 = 1353 // User can access the Finance module PermNewMmFiTariffCreateAdd authaus.PermissionU16 = 1354 // User can create a new Tariff entry PermNewMmFiTariffEdit authaus.PermissionU16 = 1355 // User can edit a Tariff entry PermNewMmFiTariffView authaus.PermissionU16 = 1356 // User can view a Tariff entry PermNewMmFiTariffArchive authaus.PermissionU16 = 1357 // User can archive a Tariff entry PermNewMmFiProjectCodesCreateAdd authaus.PermissionU16 = 1358 // User can create a new Project Code PermNewMmFiProjectCodesEdit authaus.PermissionU16 = 1359 // User can edit a Project Code PermNewMmFiProjectCodesView authaus.PermissionU16 = 1360 // User can view a Project Code PermNewMmFiProjectCodesArchive authaus.PermissionU16 = 1361 // User can archive a Project Code PermNewMmFiSapProjectCreateAdd authaus.PermissionU16 = 1362 // User can create a new SAP Project PermNewMmFiSapProjectEdit authaus.PermissionU16 = 1363 // User can edit a SAP Project PermNewMmFiSapProjectView authaus.PermissionU16 = 1364 // User can view a SAP Project PermNewMmFiSapProjectArchive authaus.PermissionU16 = 1365 // User can archive a SAP Project PermNewMmFiCostCentresCreateAdd authaus.PermissionU16 = 1366 // User can create a new Cost Centre PermNewMmFiCostCentresEdit authaus.PermissionU16 = 1367 // User can edit a Cost Centre PermNewMmFiCostCentresView authaus.PermissionU16 = 1368 // User can view a Cost Centre PermNewMmFiCostCentresArchive authaus.PermissionU16 = 1369 // User can archive a Cost Centre PermNewMmFiReportsView authaus.PermissionU16 = 1370 // User can view the Finance Reports PermNewMmDmEdit authaus.PermissionU16 = 1371 // User can edit a Dropdown Manager entry PermNewMmDmCreateAdd authaus.PermissionU16 = 1372 // User can add a new Dropdown Manager entry PermNewMmDmView authaus.PermissionU16 = 1373 // User can view the Dropdown Manager module PermNewMmDmDisable authaus.PermissionU16 = 1374 // User can disable a Dropdown Manager entry PermNewMmSetup authaus.PermissionU16 = 1375 // User can access the Setup module PermNewMmSetupPmFile authaus.PermissionU16 = 1376 // User can import a PM file PermNewMmSetupIncident authaus.PermissionU16 = 1377 // User can import a SAP Incident create notification file PermNewMmSetupClockingData authaus.PermissionU16 = 1378 // User can import Clocking Data PermNewMmSetupExports authaus.PermissionU16 = 1379 // User can pull exports for SAP PermNewMmDocument authaus.PermissionU16 = 1380 // User can access the Document viewer module PermMmWaterDataFilter authaus.PermissionU16 = 1381 // User can see data in grid and dropdowns for the Water Department PermMmRoadsDataFilter authaus.PermissionU16 = 1382 // User can see data in grid and dropdowns for the Roads and Storm Water Department PermMmSolidWasteDataFilter authaus.PermissionU16 = 1383 // User can see data in grid and dropdowns for the Solid Waste Department PermMmSewerDataFilter authaus.PermissionU16 = 1384 // User can see data in grid and dropdowns for the Sewer Department PermNewMmIlDocumentsCreate authaus.PermissionU16 = 1385 // User can create a Document PermNewMmIlDocumentsDelete authaus.PermissionU16 = 1386 // User can delete a Document PermThemeEditorModuleAccess authaus.PermissionU16 = 2000 // User can access the theme editor module PermThemeEditorPublisher authaus.PermissionU16 = 2001 // User can publish private themes to global themes, un-publish, edit, create, delete global themes PermWayleaveModuleAccess authaus.PermissionU16 = 3000 // User can access the wayleave module PermLeasingModuleAccess authaus.PermissionU16 = 10000 // User can access the Leasing module PermLeasingLeasedInView authaus.PermissionU16 = 10001 // User can view Leased In agreements PermLeasingLeasedInCreate authaus.PermissionU16 = 10002 // User can create Leased In agreements PermLeasingLeasedInUpdate authaus.PermissionU16 = 10003 // User can update Leased In agreements PermLeasingLeasedInDelete authaus.PermissionU16 = 10004 // User can delete Leased In agreements PermLeasingLeasedInApproval authaus.PermissionU16 = 10005 // User can change the approval Leased In agreements PermLeasingOwnerCreate authaus.PermissionU16 = 10006 // User can create an Owner in the Leasing Module PermLeasingFacilityCreate authaus.PermissionU16 = 10007 // User can create facilities that will appear both in Leasing and in the Asset Core database PermLeasingLeasedOutView authaus.PermissionU16 = 10008 // User can view Leased Out agreements PermLeasingLeasedOutCreate authaus.PermissionU16 = 10009 // User can create Leased Out agreements PermLeasingLeasedOutUpdate authaus.PermissionU16 = 10010 // User can update Leased Out agreements PermLeasingLeasedOutDelete authaus.PermissionU16 = 10011 // User can delete Leased Out agreements PermLeasingLeasedOutApproval authaus.PermissionU16 = 10012 // User can change the approval Leased Out agreements PermLeasingTenantCreate authaus.PermissionU16 = 10013 // User can create a Tenant in the Leasing Module PermLeasingFacilityConfigure authaus.PermissionU16 = 10014 // User can configure the leasing configurations of facilities, subdiving these facilities into lettable units PermLeasingLandlordView authaus.PermissionU16 = 10015 // User can view Maintain Landlord sub-module PermLeasingLandlordCreate authaus.PermissionU16 = 10016 // User can create a new landlord PermLeasingLandlordUpdate authaus.PermissionU16 = 10017 // User can edit and update landlord details PermLeasingLandlordDelete authaus.PermissionU16 = 10018 // User can delete a landlord PermLeasingLandlordImport authaus.PermissionU16 = 10019 // User can import supplier list file PermLeasingLeasedInCancel authaus.PermissionU16 = 10020 // User can cancel a leased in agreement PermLeasingLeasedOutCancel authaus.PermissionU16 = 10021 // User can cancel a leased out agreement PermLeasingOwnerView authaus.PermissionU16 = 10022 // User can view list of owners and content of a selected owner record PermLeasingOwnerUpdate authaus.PermissionU16 = 10023 // User can update the owner record during the Manage Owner process PermLeasingOwnerDelete authaus.PermissionU16 = 10024 // User can delete the owner record during the Manage Owner process PermLeasingFacilityView authaus.PermissionU16 = 10025 // User can view the list of facilities and the content of a selected facility record PermLeasingFacilityUpdate authaus.PermissionU16 = 10026 // User can update the leasing content of a facility record during the Manage Facility process PermLeasingFacilityDelete authaus.PermissionU16 = 10027 // User can delete the leasing content of a facility record during the Manage Facility process PermLeasingTenantView authaus.PermissionU16 = 10028 // User can view a list of tenants and be able to view the content of a selected tenant record PermLeasingTenantUpdate authaus.PermissionU16 = 10029 // User can update a tenant record during the Manage Tenant process PermLeasingTenantDelete authaus.PermissionU16 = 10030 // User can delete a tenant record during the Manage Tenant process PermLeasingLookupView authaus.PermissionU16 = 10031 // User can view a list of lookups and be able to view the content of a selected lookup record PermLeasingLookupCreate authaus.PermissionU16 = 10032 // User can create a new lookup record PermLeasingLookupUpdate authaus.PermissionU16 = 10033 // User can update a lookup record during the Manage lookup process PermLeasingLookupDelete authaus.PermissionU16 = 10034 // User can delete a lookup record during the Manage lookup process PermLeasingPaymentView authaus.PermissionU16 = 10035 // User can view Payment transactions and projections. PermLeasingPaymentCreate authaus.PermissionU16 = 10036 // User can create Payment transactions and projections. PermLeasingPaymentUpdate authaus.PermissionU16 = 10037 // User can update Payment transactions and projections. PermLeasingPaymentDelete authaus.PermissionU16 = 10038 // User can delete Payment transactions and projections. PermLeasingBillingView authaus.PermissionU16 = 10039 // User can view Billing transactions and projections. PermLeasingBillingCreate authaus.PermissionU16 = 10040 // User can create Billing transactions and projections. PermLeasingBillingUpdate authaus.PermissionU16 = 10041 // User can update Billing transactions and projections. PermLeasingBillingDelete authaus.PermissionU16 = 10042 // User can delete Billing transactions and projections. )
View Source
const TestConfig1 = "!TESTCONFIG1"
View Source
const TestPort = "3377"
Variables ¶
View Source
var (
ErrUserDisabled = errors.New("Your user profile has been disabled")
)
View Source
var PermissionModuleMap map[string]authaus.PermissionU16
PermissionModuleMap is a map from a model name (eg "Water") to the permission required to use that module (eg 1120, aka PermWaterModuleAccess)
View Source
var PermissionsTable authaus.PermissionNameTable
PermissionsTable is a map from 16-bit permission integer to string-based name (eg 1120 to watermoduleaccess)
Functions ¶
func LoadTestConfig ¶
func LoadTestConfig(ic *ImqsCentral, testConfigName string) bool
func ModifyGroup ¶
func ModifyGroup(icentral *ImqsCentral, mode GroupModifyMode, groupName string, perms authaus.PermissionList) error
func ResetAuthGroups ¶
func ResetAuthGroups(icentral *ImqsCentral) error
Reset auth groups to a sane state. After running this, you should be able to use the web interface to do everything else. That's the idea at least.
func RollbackUnwantedGroups ¶
func RollbackUnwantedGroups(icentral *ImqsCentral) error
RollbackUnwantedGroups was created on 8 November 2019. On 4 September a change was comitted (https://github.com/IMQS/imqsauth/commit/a30698f3432d213a9e4b50789b9482f028c80632) which automatically created a bunch of groups. After this was rolled out, we discovered that customers REALLY don't want this. So this function reverses those automatic group creations. Once it's rolled out to clients, we can delete this function.
func RollbackUnwantedGroupsOnce ¶
func RollbackUnwantedGroupsOnce(icentral *ImqsCentral) error
Types ¶
type Config ¶
type Config struct {
Authaus authaus.Config
ForbiddenPasswords []string
PasswordResetExpirySeconds float64
NewAccountExpirySeconds float64
SendMailPassword string // NB: When moving SendMailPassword to a standalone secrets file, change for PCS also. PCS reads imqsauth config file.
SendMailDetails SendMailDetails
NotificationUrl string
Permissions *ManagePermissions
// contains filtered or unexported fields
}
func (*Config) GetHostname ¶
func (*Config) IsContainer ¶
func (*Config) MakeOutsideDocker ¶
func (x *Config) MakeOutsideDocker()
MakeOutsideDocker changes all of the hostnames from our common hostnames in docker-compose files, to 'localhost'. This is built to allow a developer to debug the Auth service, while running everything else in docker.
func (*Config) ResetForUnitTests ¶
func (x *Config) ResetForUnitTests()
Performs setup specific to unit tests
func (*Config) SetDefaults ¶ added in v1.2.0
func (x *Config) SetDefaults()
type ContextDetails ¶
type GroupModifyMode ¶
type GroupModifyMode int
const ( GroupModifySet GroupModifyMode = iota GroupModifyAdd GroupModifyRemove )
type HttpMethod ¶
type HttpMethod string
type IMQSAuditor ¶
func NewIMQSAuditor ¶
func NewIMQSAuditor(logger *log.Logger) *IMQSAuditor
func (*IMQSAuditor) AuditUserAction ¶
func (a *IMQSAuditor) AuditUserAction(username, item, context string, auditActionType authaus.AuditActionType)
type ImqsCentral ¶
type ImqsCentral struct {
Config *Config
Central *authaus.Central
// contains filtered or unexported fields
}
func (*ImqsCentral) IsLockable ¶
func (x *ImqsCentral) IsLockable(identity string) (bool, error)
Admin accounts are not lockable, otherwise an attack could lock all accounts with noone to unlock them. Additionally inter-service accounts are also admins, and we dont want "machine" accounts to be lockable.
func (*ImqsCentral) ResetPasswordStart ¶
Returns (responseCode, message)
func (*ImqsCentral) RunHttp ¶
func (x *ImqsCentral) RunHttp() error
type MailParameters ¶ added in v1.2.0
type MailParameters struct {
// Name of the template that the mail server should use when generating the
// email body. Optional.
TemplateName *string `json:"TemplateName,omitempty"`
// Custom from variable to be used by mailer service. Optional
// eg: IMQS Password Reset <noreply@imqs.co.za>
From *string `json:"From,omitempty"`
// Custom subject variable to be used by mailer service. Optional
// eg: IMQS Reset Password
Subject *string `json:"Subject,omitempty"`
}
type ManagePermissions ¶ added in v1.0.2
type ManagePermissions struct {
Dynamic []*Permission `json:"dynamic,omitempty"` // List of client specific permissions
Disable []string `json:"disable,omitempty"` // Disable is to prevent static permissions from being shown in User Management
Relabel []*Permission `json:"relabel,omitempty"` // Relabel is used to change the labels of static permissions
}
ManagePermissions is used to store all of the dynamic, disable and rename/relabel permission details
type Permission ¶ added in v1.0.2
type Permission struct {
ID string `json:"id"`
Name string `json:"name"`
Friendly string `json:"friendly"`
Description string `json:"description"`
Module string `json:"module"`
}
Permission holds all of the details to create the dynamic permission list. These permissions are used for code implementations which are purely driven by configuration requiring different permissions per client which the static permissions cannot service. The static permissions also contain values which are client specific and these additional changes will us to prevent these static permissions from being shown in the User Management screen or they can be renamed to match specific client requirements. Client/dynamic permissions are added to the imqsauth.json file using the following as an example:
{
"Permissions": {
"dynamic": [
{"id": "15000", "name": "MMTest", "friendly": "An MM Test Permission",
"description": "MM Test permission", "module": "Maintenance Management"}
],
"disable": ["newMmIlCreateAdd"],
"relabel": [
{"id": "1204", "name": "newMmIlArchive", "friendly": "Archive incident",
"description": "MM Acrhive an incident", "module": "Maintenance Management"}
]
}
}
type SendMailDetails ¶ added in v1.2.0
type SendMailDetails struct {
// URL of mail server. Optional.
URL *string `json:"URL,omitempty"`
PasswordReset *MailParameters `json:"PasswordReset,omitempty"`
NewAccount *MailParameters `json:"NewAccount,omitempty"`
// Currently does not make use of `TemplateName`
LDAPPasswordReset *MailParameters `json:"LDAPPasswordReset,omitempty"`
}
func (*SendMailDetails) SetDefaults ¶ added in v1.2.0
func (x *SendMailDetails) SetDefaults()
Source Files
Click to show internal directories.
Click to hide internal directories.