Documentation
¶
Overview ¶
Package auth NOTES
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BKRepoVerified ¶
BKRepoVerified bk_repo 回调鉴权
Types ¶
type Authorizer ¶
type Authorizer interface {
// AuthorizeDecision if user has permission to the resources, returns auth status per resource and for all.
AuthorizeDecision(kt *kit.Kit, resources ...*meta.ResourceAttribute) ([]*meta.Decision, bool, error)
// Authorize authorize if user has permission to the resources.
// If user is unauthorized, assign apply url and resources into error.
Authorize(kt *kit.Kit, resources ...*meta.ResourceAttribute) error
// UnifiedAuthentication API 鉴权中间件
UnifiedAuthentication(next http.Handler) http.Handler
// GrantResourceCreatorAction grant a user's resource creator action.
GrantResourceCreatorAction(kt *kit.Kit, opts *client.GrantResourceCreatorActionOption) error
// WebAuthentication 网页鉴权中间件
WebAuthentication(webHost string) func(http.Handler) http.Handler
// AppVerified App校验中间件, 需要放到 UnifiedAuthentication 后面, url 需要添加 {app_id} 变量
AppVerified(next http.Handler) http.Handler
// BizVerified 业务鉴权
BizVerified(next http.Handler) http.Handler
// ContentVerified 内容(上传下载)鉴权
ContentVerified(next http.Handler) http.Handler
// LogOut handler will build login url, client should make redirect
LogOut(r *http.Request) *rest.UnauthorizedData
// HasBiz 业务是否存在
HasBiz(bizID uint32) bool
}
Authorizer defines all the supported functionalities to do auth operation.
func NewAuthorizer ¶
NewAuthorizer create an authorizer for iam authorize related operation.
Source Files
Click to show internal directories.
Click to hide internal directories.