condition

package
v0.1.0-cvefix.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 18, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

AllSupportedAdminKeys - is list of all admin supported keys.

AllSupportedKeys - is list of all all supported keys.

CommonKeys - is list of all common condition keys.

JWTKeys - Supported JWT keys, non-exhaustive list please expand as new claims are standardized.

Functions

This section is empty.

Types

type Function

type Function interface {

	// String() - returns string representation of function.
	String() string
	// contains filtered or unexported methods
}

Function - condition function interface.

func NewBinaryEqualsFunc

func NewBinaryEqualsFunc(key Key, values ...string) (Function, error)

NewBinaryEqualsFunc - returns new BinaryEquals function.

func NewBoolFunc

func NewBoolFunc(key Key, value string) (Function, error)

NewBoolFunc - returns new Bool function.

func NewDateEqualsFunc

func NewDateEqualsFunc(key Key, value time.Time) (Function, error)

NewDateEqualsFunc - returns new DateEquals function.

func NewDateGreaterThanEqualsFunc

func NewDateGreaterThanEqualsFunc(key Key, value time.Time) (Function, error)

NewDateGreaterThanEqualsFunc - returns new DateNotEquals function.

func NewDateGreaterThanFunc

func NewDateGreaterThanFunc(key Key, value time.Time) (Function, error)

NewDateGreaterThanFunc - returns new DateGreaterThan function.

func NewDateLessThanEqualsFunc

func NewDateLessThanEqualsFunc(key Key, value time.Time) (Function, error)

NewDateLessThanEqualsFunc - returns new DateNotEquals function.

func NewDateLessThanFunc

func NewDateLessThanFunc(key Key, value time.Time) (Function, error)

NewDateLessThanFunc - returns new DateLessThan function.

func NewDateNotEqualsFunc

func NewDateNotEqualsFunc(key Key, value time.Time) (Function, error)

NewDateNotEqualsFunc - returns new DateNotEquals function.

func NewIPAddressFunc

func NewIPAddressFunc(key Key, IPNets ...*net.IPNet) (Function, error)

NewIPAddressFunc - returns new IP address function.

func NewNotIPAddressFunc

func NewNotIPAddressFunc(key Key, IPNets ...*net.IPNet) (Function, error)

NewNotIPAddressFunc - returns new Not IP address function.

func NewNullFunc

func NewNullFunc(key Key, value bool) (Function, error)

NewNullFunc - returns new Null function.

func NewNumericEqualsFunc

func NewNumericEqualsFunc(key Key, value int) (Function, error)

NewNumericEqualsFunc - returns new NumericEquals function.

func NewNumericGreaterThanEqualsFunc

func NewNumericGreaterThanEqualsFunc(key Key, value int) (Function, error)

NewNumericGreaterThanEqualsFunc - returns new NumericGreaterThanEquals function.

func NewNumericGreaterThanFunc

func NewNumericGreaterThanFunc(key Key, value int) (Function, error)

NewNumericGreaterThanFunc - returns new NumericGreaterThan function.

func NewNumericLessThanEqualsFunc

func NewNumericLessThanEqualsFunc(key Key, value int) (Function, error)

NewNumericLessThanEqualsFunc - returns new NumericLessThanEquals function.

func NewNumericLessThanFunc

func NewNumericLessThanFunc(key Key, value int) (Function, error)

NewNumericLessThanFunc - returns new NumericLessThan function.

func NewNumericNotEqualsFunc

func NewNumericNotEqualsFunc(key Key, value int) (Function, error)

NewNumericNotEqualsFunc - returns new NumericNotEquals function.

func NewStringEqualsFunc

func NewStringEqualsFunc(key Key, values ...string) (Function, error)

NewStringEqualsFunc - returns new StringEquals function.

func NewStringEqualsIgnoreCaseFunc

func NewStringEqualsIgnoreCaseFunc(key Key, values ...string) (Function, error)

NewStringEqualsIgnoreCaseFunc - returns new StringEqualsIgnoreCase function.

func NewStringLikeFunc

func NewStringLikeFunc(key Key, values ...string) (Function, error)

NewStringLikeFunc - returns new StringLike function.

func NewStringNotEqualsFunc

func NewStringNotEqualsFunc(key Key, values ...string) (Function, error)

NewStringNotEqualsFunc - returns new StringNotEquals function.

func NewStringNotEqualsIgnoreCaseFunc

func NewStringNotEqualsIgnoreCaseFunc(key Key, values ...string) (Function, error)

NewStringNotEqualsIgnoreCaseFunc - returns new StringNotEqualsIgnoreCase function.

func NewStringNotLikeFunc

func NewStringNotLikeFunc(key Key, values ...string) (Function, error)

NewStringNotLikeFunc - returns new StringNotLike function.

type Functions

type Functions []Function

Functions - list of functions.

func NewFunctions

func NewFunctions(functions ...Function) Functions

NewFunctions - returns new Functions with given function list.

func (Functions) Evaluate

func (functions Functions) Evaluate(values map[string][]string) bool

Evaluate - evaluates all functions with given values map. Each function is evaluated sequencely and next function is called only if current function succeeds.

func (*Functions) GobDecode

func (functions *Functions) GobDecode(data []byte) error

GobDecode - decodes gob data to Functions.

func (Functions) GobEncode

func (functions Functions) GobEncode() ([]byte, error)

GobEncode - encodes Functions to gob data.

func (Functions) Keys

func (functions Functions) Keys() KeySet

Keys - returns list of keys used in all functions.

func (Functions) MarshalJSON

func (functions Functions) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Functions to JSON data.

func (Functions) String

func (functions Functions) String() string

func (*Functions) UnmarshalJSON

func (functions *Functions) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data to Functions.

type Key

type Key string

Key - conditional key which is used to fetch values for any condition. Refer https://docs.aws.amazon.com/IAM/latest/UserGuide/list_s3.html for more information about available condition keys.

const (
	// JWTSub - JWT subject claim substitution.
	JWTSub Key = "jwt:sub"

	// JWTIss issuer claim substitution.
	JWTIss Key = "jwt:iss"

	// JWTAud audience claim substitution.
	JWTAud Key = "jwt:aud"

	// JWTJti JWT unique identifier claim substitution.
	JWTJti Key = "jwt:jti"

	JWTUpn          Key = "jwt:upn"
	JWTName         Key = "jwt:name"
	JWTGroups       Key = "jwt:groups"
	JWTGivenName    Key = "jwt:given_name"
	JWTFamilyName   Key = "jwt:family_name"
	JWTMiddleName   Key = "jwt:middle_name"
	JWTNickName     Key = "jwt:nickname"
	JWTPrefUsername Key = "jwt:preferred_username"
	JWTProfile      Key = "jwt:profile"
	JWTPicture      Key = "jwt:picture"
	JWTWebsite      Key = "jwt:website"
	JWTEmail        Key = "jwt:email"
	JWTGender       Key = "jwt:gender"
	JWTBirthdate    Key = "jwt:birthdate"
	JWTPhoneNumber  Key = "jwt:phone_number"
	JWTAddress      Key = "jwt:address"
	JWTScope        Key = "jwt:scope"
	JWTClientID     Key = "jwt:client_id"
)

JWT claims supported substitutions. https://www.iana.org/assignments/jwt/jwt.xhtml#claims

const (
	// S3XAmzCopySource - key representing x-amz-copy-source HTTP header applicable to PutObject API only.
	S3XAmzCopySource Key = "s3:x-amz-copy-source"

	// S3XAmzServerSideEncryption - key representing x-amz-server-side-encryption HTTP header applicable
	// to PutObject API only.
	S3XAmzServerSideEncryption Key = "s3:x-amz-server-side-encryption"

	// S3XAmzServerSideEncryptionCustomerAlgorithm - key representing
	// x-amz-server-side-encryption-customer-algorithm HTTP header applicable to PutObject API only.
	S3XAmzServerSideEncryptionCustomerAlgorithm Key = "s3:x-amz-server-side-encryption-customer-algorithm"

	// S3XAmzMetadataDirective - key representing x-amz-metadata-directive HTTP header applicable to
	// PutObject API only.
	S3XAmzMetadataDirective Key = "s3:x-amz-metadata-directive"

	// S3XAmzContentSha256 - set a static content-sha256 for all calls for a given action.
	S3XAmzContentSha256 = "s3:x-amz-content-sha256"

	// S3XAmzStorageClass - key representing x-amz-storage-class HTTP header applicable to PutObject API
	// only.
	S3XAmzStorageClass Key = "s3:x-amz-storage-class"

	// S3LocationConstraint - key representing LocationConstraint XML tag of CreateBucket API only.
	S3LocationConstraint Key = "s3:LocationConstraint"

	// S3Prefix - key representing prefix query parameter of ListBucket API only.
	S3Prefix Key = "s3:prefix"

	// S3Delimiter - key representing delimiter query parameter of ListBucket API only.
	S3Delimiter Key = "s3:delimiter"

	// S3VersionID - Enables you to limit the permission for the
	// s3:PutObjectVersionTagging action to a specific object version.
	S3VersionID Key = "s3:versionid"

	// S3MaxKeys - key representing max-keys query parameter of ListBucket API only.
	S3MaxKeys Key = "s3:max-keys"

	// S3ObjectLockRemainingRetentionDays - key representing object-lock-remaining-retention-days
	// Enables enforcement of an object relative to the remaining retention days, you can set
	// minimum and maximum allowable retention periods for a bucket using a bucket policy.
	// This key are specific for s3:PutObjectRetention API.
	S3ObjectLockRemainingRetentionDays Key = "s3:object-lock-remaining-retention-days"

	// S3ObjectLockMode - key representing object-lock-mode
	// Enables enforcement of the specified object retention mode
	S3ObjectLockMode Key = "s3:object-lock-mode"

	// S3ObjectLockRetainUntilDate - key representing object-lock-retain-util-date
	// Enables enforcement of a specific retain-until-date
	S3ObjectLockRetainUntilDate Key = "s3:object-lock-retain-until-date"

	// S3ObjectLockLegalHold - key representing object-local-legal-hold
	// Enables enforcement of the specified object legal hold status
	S3ObjectLockLegalHold Key = "s3:object-lock-legal-hold"

	// AWSReferer - key representing Referer header of any API.
	AWSReferer Key = "aws:Referer"

	// AWSSourceIP - key representing client's IP address (not intermittent proxies) of any API.
	AWSSourceIP Key = "aws:SourceIp"

	// AWSUserAgent - key representing UserAgent header for any API.
	AWSUserAgent Key = "aws:UserAgent"

	// AWSSecureTransport - key representing if the clients request is authenticated or not.
	AWSSecureTransport Key = "aws:SecureTransport"

	// AWSCurrentTime - key representing the current time.
	AWSCurrentTime Key = "aws:CurrentTime"

	// AWSEpochTime - key representing the current epoch time.
	AWSEpochTime Key = "aws:EpochTime"

	// AWSPrincipalType - user principal type currently supported values are "User" and "Anonymous".
	AWSPrincipalType Key = "aws:principaltype"

	// AWSUserID - user unique ID, in MinIO this value is same as your user Access Key.
	AWSUserID Key = "aws:userid"

	// AWSUsername - user friendly name, in MinIO this value is same as your user Access Key.
	AWSUsername Key = "aws:username"
)
const (
	// LDAPUser - LDAP username, in MinIO this value is equal to your authenticating LDAP user.
	LDAPUser Key = "ldap:user"
)

func (Key) IsValid

func (key Key) IsValid() bool

IsValid - checks if key is valid or not.

func (Key) MarshalJSON

func (key Key) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Key to JSON data.

func (Key) Name

func (key Key) Name() string

Name - returns key name which is stripped value of prefixes "aws:" and "s3:"

func (*Key) UnmarshalJSON

func (key *Key) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data to Key.

func (Key) VarName

func (key Key) VarName() string

VarName - returns variable key name, such as "${aws:username}"

type KeySet

type KeySet map[Key]struct{}

KeySet - set representation of slice of keys.

func NewKeySet

func NewKeySet(keys ...Key) KeySet

NewKeySet - returns new KeySet contains given keys.

func (KeySet) Add

func (set KeySet) Add(key Key)

Add - add a key to key set.

func (KeySet) Difference

func (set KeySet) Difference(sset KeySet) KeySet

Difference - returns a key set contains difference of two keys. Example:

keySet1 := ["one", "two", "three"]
keySet2 := ["two", "four", "three"]
keySet1.Difference(keySet2) == ["one"]

func (KeySet) IsEmpty

func (set KeySet) IsEmpty() bool

IsEmpty - returns whether key set is empty or not.

func (KeySet) String

func (set KeySet) String() string

func (KeySet) ToSlice

func (set KeySet) ToSlice() []Key

ToSlice - returns slice of keys.

type Value

type Value struct {
	// contains filtered or unexported fields
}

Value - is enum type of string, int or bool.

func NewBoolValue

func NewBoolValue(b bool) Value

NewBoolValue - returns new bool value.

func NewIntValue

func NewIntValue(i int) Value

NewIntValue - returns new int value.

func NewStringValue

func NewStringValue(s string) Value

NewStringValue - returns new string value.

func (Value) GetBool

func (v Value) GetBool() (bool, error)

GetBool - gets stored bool value.

func (Value) GetInt

func (v Value) GetInt() (int, error)

GetInt - gets stored int value.

func (Value) GetString

func (v Value) GetString() (string, error)

GetString - gets stored string value.

func (Value) GetType

func (v Value) GetType() reflect.Kind

GetType - gets enum type.

func (Value) MarshalJSON

func (v Value) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Value to JSON data.

func (*Value) StoreBool

func (v *Value) StoreBool(b bool)

StoreBool - stores bool value.

func (*Value) StoreInt

func (v *Value) StoreInt(i int)

StoreInt - stores int value.

func (*Value) StoreString

func (v *Value) StoreString(s string)

StoreString - stores string value.

func (Value) String

func (v Value) String() string

String - returns string representation of value.

func (*Value) UnmarshalJSON

func (v *Value) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

type ValueSet

type ValueSet map[Value]struct{}

ValueSet - unique list of values.

func NewValueSet

func NewValueSet(values ...Value) ValueSet

NewValueSet - returns new value set containing given values.

func (ValueSet) Add

func (set ValueSet) Add(value Value)

Add - adds given value to value set.

func (ValueSet) MarshalJSON

func (set ValueSet) MarshalJSON() ([]byte, error)

MarshalJSON - encodes ValueSet to JSON data.

func (*ValueSet) UnmarshalJSON

func (set *ValueSet) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL