permission

Documentation

Index

• Constants
• func NewContext(ctx context.Context, p *Permission) context.Context
• type Limits
• type Options
  • func SetACLs(acls []acl.ACL) Options
  • func SetCategories(categories []category.Category) Options
  • func SetDescription(description string) Options
  • func SetExcludes(excludes []string) Options
  • func SetIncludes(includes []string) Options
  • func SetIndices(indices []string) Options
  • func SetLimits(limits *Limits, isAdmin bool) Options
  • func SetOps(ops []op.Operation) Options
  • func SetOwner(owner string) Options
  • func SetReactivesearchConfig(config ReactiveSearchConfig) Options
  • func SetReferers(referers []string) Options
  • func SetRole(role string) Options
  • func SetSources(sources []string) Options
  • func SetSourcesXffValue(value *int) Options
  • func SetTTL(duration time.Duration) Options
• type Permission
  • func FromContext(ctx context.Context) (*Permission, error)
  • func New(creator string, opts ...Options) (*Permission, error)
  • func NewAdmin(creator string, opts ...Options) (*Permission, error)
  • func (p *Permission) CanAccessCluster() (bool, error)
  • func (p *Permission) CanAccessIndex(name string) (bool, error)
  • func (p *Permission) CanAccessIndices(indices ...string) (bool, error)
  • func (p *Permission) CanDo(op op.Operation) bool
  • func (p *Permission) GetIPLimit() int64
  • func (p *Permission) GetLimitFor(c category.Category) (int64, error)
  • func (p *Permission) GetPatch(rolePatched bool) (map[string]interface{}, error)
  • func (p *Permission) HasACL(acl acl.ACL) bool
  • func (p *Permission) HasCategory(category category.Category) bool
  • func (p *Permission) Id() string
  • func (p *Permission) IsExpired() (bool, error)
  • func (p *Permission) ValidateACLs(acls ...acl.ACL) error
• type ReactiveSearchConfig

Constants

const (
	// Credential is a value stored against request.Maker key in the context.
	// It basically acts as an identifier that tells whether the request uses
	// permission credential.
	Credential = contextKey("permission_credential")
)

Functions

func NewContext

func NewContext(ctx context.Context, p *Permission) context.Context

NewContext returns a new context with the given permission.

Types

type Limits

type Limits struct {
	IPLimit               int64 `json:"ip_limit"`
	DocsLimit             int64 `json:"docs_limit"`
	SearchLimit           int64 `json:"search_limit"`
	IndicesLimit          int64 `json:"indices_limit"`
	CatLimit              int64 `json:"cat_limit"`
	ClustersLimit         int64 `json:"clusters_limit"`
	MiscLimit             int64 `json:"misc_limit"`
	UserLimit             int64 `json:"user_limit"`
	PermissionLimit       int64 `json:"permission_limit"`
	AnalyticsLimit        int64 `json:"analytics_limit"`
	RulesLimit            int64 `json:"rules_limit"`
	SuggestionsLimit      int64 `json:"suggestions_limit"`
	StreamsLimit          int64 `json:"streams_limit"`
	AuthLimit             int64 `json:"auth_limit"`
	ReactiveSearchLimit   int64 `json:"reactivesearch_limit"`
	SearchRelevancyLimit  int64 `json:"searchrelevancy_limit"`
	SearchGraderLimit     int64 `json:"searchgrader_limit"`
	EcommIntegrationLimit int64 `json:"ecommintegration_limit"`
	LogsLimit             int64 `json:"logs_limit"`
	SynonymsLimit         int64 `json:"synonyms_limit"`
	CacheLimit            int64 `json:"cache_limit"`
	StoredQueryLimit      int64 `json:"storedquery_limit"`
	PipelinesLimit        int64 `json:"pipelines_limit"`
	SyncLimit             int64 `json:"sync_limit"`
}

Limits defines the rate limits for each category.

type Options

type Options func(p *Permission) error

Options is a function type used to define a permission's properties.

func SetACLs

func SetACLs(acls []acl.ACL) Options

SetACLs sets the acls a permission can have access to.

func SetCategories

func SetCategories(categories []category.Category) Options

SetCategories sets the categories a permission can have access to.

func SetDescription

func SetDescription(description string) Options

SetDescription sets the permission description.

func SetExcludes

func SetExcludes(excludes []string) Options

SetExcludes sets the excludes fields

func SetIncludes

func SetIncludes(includes []string) Options

SetIncludes sets the includes fields

func SetIndices

func SetIndices(indices []string) Options

SetIndices sets the indices or index patterns a permission can have access to.

func SetLimits

func SetLimits(limits *Limits, isAdmin bool) Options

SetLimits sets the rate limits for each category in a permission.

func SetOps

func SetOps(ops []op.Operation) Options

SetOps sets the operations a permission can perform.

func SetOwner

func SetOwner(owner string) Options

SetOwner sets the owner of a permission.

func SetReactivesearchConfig

func SetReactivesearchConfig(config ReactiveSearchConfig) Options

SetDescription sets the permission reactivesearchConfig.

func SetReferers

func SetReferers(referers []string) Options

SetReferers sets the referers from which the permission can make request from.

func SetRole

func SetRole(role string) Options

func SetSources

func SetSources(sources []string) Options

SetSources sets the sources from which the permission can make request from. Sources are accepted and parsed in CIDR notation.

func SetSourcesXffValue

func SetSourcesXffValue(value *int) Options

SetIncludes sets the sources_xff_value fields

func SetTTL

func SetTTL(duration time.Duration) Options

SetTTL sets the permission's time-to-live.

type Permission

type Permission struct {
	Username             string                `json:"username"`
	Password             string                `json:"password"`
	Owner                string                `json:"owner"`
	Creator              string                `json:"creator"`
	Role                 string                `json:"role"`
	Categories           []category.Category   `json:"categories"`
	ACLs                 []acl.ACL             `json:"acls"`
	Ops                  []op.Operation        `json:"ops"`
	Indices              []string              `json:"indices"`
	Sources              []string              `json:"sources"`
	SourcesXffValue      *int                  `json:"sources_xff_value"`
	Referers             []string              `json:"referers"`
	CreatedAt            string                `json:"created_at"`
	TTL                  time.Duration         `json:"ttl"`
	Limits               *Limits               `json:"limits"`
	Description          string                `json:"description"`
	Includes             []string              `json:"include_fields"`
	Excludes             []string              `json:"exclude_fields"`
	Expired              bool                  `json:"expired"`
	ReactiveSearchConfig *ReactiveSearchConfig `json:"reactivesearchConfig,omitempty"`
	UpdatedAt            string                `json:"updated_at"`
}

Permission defines a permission type.

func FromContext

func FromContext(ctx context.Context) (*Permission, error)

FromContext retrieves the permission stored against permission.CtxKey from the context.

func New

func New(creator string, opts ...Options) (*Permission, error)

New creates a new permission by running the Options on it. It returns a default permission in case no Options are provided. The default owner of the permission is the creator itself.

func NewAdmin

func NewAdmin(creator string, opts ...Options) (*Permission, error)

NewAdmin creates a new admin permission by running the Options on it. It returns a permission with admin defaults in case no Options are provided. The default owner of the permission is the creator itself.

func (*Permission) CanAccessCluster

func (p *Permission) CanAccessCluster() (bool, error)

CanAccessCluster checks whether the user can access cluster level routes.

func (*Permission) CanAccessIndex

func (p *Permission) CanAccessIndex(name string) (bool, error)

CanAccessIndex checks whether the permission has access to given index or index pattern.

func (*Permission) CanAccessIndices

func (p *Permission) CanAccessIndices(indices ...string) (bool, error)

CanAccessIndices checks whether the user has access to the given indices.

func (*Permission) CanDo

func (p *Permission) CanDo(op op.Operation) bool

CanDo checks whether the permission can perform a given operation.

func (*Permission) GetIPLimit

func (p *Permission) GetIPLimit() int64

GetIPLimit returns the IPLimit i.e. the number of requests allowed per IP address per hour.

func (*Permission) GetLimitFor

func (p *Permission) GetLimitFor(c category.Category) (int64, error)

GetLimitFor returns the rate limit for the given category in the permission.

func (*Permission) GetPatch

func (p *Permission) GetPatch(rolePatched bool) (map[string]interface{}, error)

GetPatch generates a patch doc from the non-zero values in the permission.

func (*Permission) HasACL

func (p *Permission) HasACL(acl acl.ACL) bool

HasACL checks whether the permission has access to the given acl.

func (*Permission) HasCategory

func (p *Permission) HasCategory(category category.Category) bool

HasCategory checks whether the permission has access to the given category.

func (*Permission) Id

func (p *Permission) Id() string

func (*Permission) IsExpired

func (p *Permission) IsExpired() (bool, error)

IsExpired checks whether the permission is expired or not.

func (*Permission) ValidateACLs

func (p *Permission) ValidateACLs(acls ...acl.ACL) error

ValidateACLs checks if the permission can possess the given set of categories.

type ReactiveSearchConfig

type ReactiveSearchConfig struct {
	MaxSize            *int  `json:"maxSize,omitempty"`
	MaxAggregationSize *int  `json:"maxAggregationSize,omitempty"`
	DisbaleQueryDSL    *bool `json:"disableQueryDSL,omitempty"`
}