Documentation ¶
Index ¶
- Constants
- func NewContext(ctx context.Context, p *Permission) context.Context
- type Limits
- type Options
- func SetACLs(acls []acl.ACL) Options
- func SetCategories(categories []category.Category) Options
- func SetDescription(description string) Options
- func SetExcludes(excludes []string) Options
- func SetIncludes(includes []string) Options
- func SetIndices(indices []string) Options
- func SetLimits(limits *Limits, isAdmin bool) Options
- func SetOps(ops []op.Operation) Options
- func SetOwner(owner string) Options
- func SetReactivesearchConfig(config ReactiveSearchConfig) Options
- func SetReferers(referers []string) Options
- func SetRole(role string) Options
- func SetSources(sources []string) Options
- func SetSourcesXffValue(value *int) Options
- func SetTTL(duration time.Duration) Options
- type Permission
- func (p *Permission) CanAccessCluster() (bool, error)
- func (p *Permission) CanAccessIndex(name string) (bool, error)
- func (p *Permission) CanAccessIndices(indices ...string) (bool, error)
- func (p *Permission) CanDo(op op.Operation) bool
- func (p *Permission) GetIPLimit() int64
- func (p *Permission) GetLimitFor(c category.Category) (int64, error)
- func (p *Permission) GetPatch(rolePatched bool) (map[string]interface{}, error)
- func (p *Permission) HasACL(acl acl.ACL) bool
- func (p *Permission) HasCategory(category category.Category) bool
- func (p *Permission) Id() string
- func (p *Permission) IsExpired() (bool, error)
- func (p *Permission) ValidateACLs(acls ...acl.ACL) error
- type ReactiveSearchConfig
Constants ¶
const ( // Credential is a value stored against request.Maker key in the context. // It basically acts as an identifier that tells whether the request uses // permission credential. Credential = contextKey("permission_credential") )
Variables ¶
This section is empty.
Functions ¶
func NewContext ¶
func NewContext(ctx context.Context, p *Permission) context.Context
NewContext returns a new context with the given permission.
Types ¶
type Limits ¶
type Limits struct { IPLimit int64 `json:"ip_limit"` DocsLimit int64 `json:"docs_limit"` SearchLimit int64 `json:"search_limit"` IndicesLimit int64 `json:"indices_limit"` CatLimit int64 `json:"cat_limit"` ClustersLimit int64 `json:"clusters_limit"` MiscLimit int64 `json:"misc_limit"` UserLimit int64 `json:"user_limit"` PermissionLimit int64 `json:"permission_limit"` AnalyticsLimit int64 `json:"analytics_limit"` RulesLimit int64 `json:"rules_limit"` SuggestionsLimit int64 `json:"suggestions_limit"` StreamsLimit int64 `json:"streams_limit"` AuthLimit int64 `json:"auth_limit"` ReactiveSearchLimit int64 `json:"reactivesearch_limit"` SearchRelevancyLimit int64 `json:"searchrelevancy_limit"` SearchGraderLimit int64 `json:"searchgrader_limit"` EcommIntegrationLimit int64 `json:"ecommintegration_limit"` LogsLimit int64 `json:"logs_limit"` SynonymsLimit int64 `json:"synonyms_limit"` CacheLimit int64 `json:"cache_limit"` StoredQueryLimit int64 `json:"storedquery_limit"` PipelinesLimit int64 `json:"pipelines_limit"` SyncLimit int64 `json:"sync_limit"` }
Limits defines the rate limits for each category.
type Options ¶
type Options func(p *Permission) error
Options is a function type used to define a permission's properties.
func SetCategories ¶
SetCategories sets the categories a permission can have access to.
func SetDescription ¶
SetDescription sets the permission description.
func SetIndices ¶
SetIndices sets the indices or index patterns a permission can have access to.
func SetReactivesearchConfig ¶
func SetReactivesearchConfig(config ReactiveSearchConfig) Options
SetDescription sets the permission reactivesearchConfig.
func SetReferers ¶
SetReferers sets the referers from which the permission can make request from.
func SetSources ¶
SetSources sets the sources from which the permission can make request from. Sources are accepted and parsed in CIDR notation.
func SetSourcesXffValue ¶
SetIncludes sets the sources_xff_value fields
type Permission ¶
type Permission struct { Username string `json:"username"` Password string `json:"password"` Owner string `json:"owner"` Creator string `json:"creator"` Role string `json:"role"` Categories []category.Category `json:"categories"` ACLs []acl.ACL `json:"acls"` Ops []op.Operation `json:"ops"` Indices []string `json:"indices"` Sources []string `json:"sources"` SourcesXffValue *int `json:"sources_xff_value"` Referers []string `json:"referers"` CreatedAt string `json:"created_at"` TTL time.Duration `json:"ttl"` Limits *Limits `json:"limits"` Description string `json:"description"` Includes []string `json:"include_fields"` Excludes []string `json:"exclude_fields"` Expired bool `json:"expired"` ReactiveSearchConfig *ReactiveSearchConfig `json:"reactivesearchConfig,omitempty"` UpdatedAt string `json:"updated_at"` }
Permission defines a permission type.
func FromContext ¶
func FromContext(ctx context.Context) (*Permission, error)
FromContext retrieves the permission stored against permission.CtxKey from the context.
func New ¶
func New(creator string, opts ...Options) (*Permission, error)
New creates a new permission by running the Options on it. It returns a default permission in case no Options are provided. The default owner of the permission is the creator itself.
func NewAdmin ¶
func NewAdmin(creator string, opts ...Options) (*Permission, error)
NewAdmin creates a new admin permission by running the Options on it. It returns a permission with admin defaults in case no Options are provided. The default owner of the permission is the creator itself.
func (*Permission) CanAccessCluster ¶
func (p *Permission) CanAccessCluster() (bool, error)
CanAccessCluster checks whether the user can access cluster level routes.
func (*Permission) CanAccessIndex ¶
func (p *Permission) CanAccessIndex(name string) (bool, error)
CanAccessIndex checks whether the permission has access to given index or index pattern.
func (*Permission) CanAccessIndices ¶
func (p *Permission) CanAccessIndices(indices ...string) (bool, error)
CanAccessIndices checks whether the user has access to the given indices.
func (*Permission) CanDo ¶
func (p *Permission) CanDo(op op.Operation) bool
CanDo checks whether the permission can perform a given operation.
func (*Permission) GetIPLimit ¶
func (p *Permission) GetIPLimit() int64
GetIPLimit returns the IPLimit i.e. the number of requests allowed per IP address per hour.
func (*Permission) GetLimitFor ¶
func (p *Permission) GetLimitFor(c category.Category) (int64, error)
GetLimitFor returns the rate limit for the given category in the permission.
func (*Permission) GetPatch ¶
func (p *Permission) GetPatch(rolePatched bool) (map[string]interface{}, error)
GetPatch generates a patch doc from the non-zero values in the permission.
func (*Permission) HasACL ¶
func (p *Permission) HasACL(acl acl.ACL) bool
HasACL checks whether the permission has access to the given acl.
func (*Permission) HasCategory ¶
func (p *Permission) HasCategory(category category.Category) bool
HasCategory checks whether the permission has access to the given category.
func (*Permission) Id ¶
func (p *Permission) Id() string
func (*Permission) IsExpired ¶
func (p *Permission) IsExpired() (bool, error)
IsExpired checks whether the permission is expired or not.
func (*Permission) ValidateACLs ¶
func (p *Permission) ValidateACLs(acls ...acl.ACL) error
ValidateACLs checks if the permission can possess the given set of categories.