Documentation ¶
Overview ¶
Package auth is a generated protocol buffer package.
It is generated from these files:
client/auth/auth.proto
It has these top-level messages:
ActivateRequest ActivateResponse DeactivateRequest DeactivateResponse GetAdminsRequest GetAdminsResponse ModifyAdminsRequest ModifyAdminsResponse TokenInfo AuthenticateRequest AuthenticateResponse WhoAmIRequest WhoAmIResponse ACL AuthorizeRequest AuthorizeResponse GetScopeRequest GetScopeResponse SetScopeRequest SetScopeResponse GetACLRequest ACLEntry GetACLResponse SetACLRequest SetACLResponse GetAuthTokenRequest GetAuthTokenResponse ExtendAuthTokenRequest ExtendAuthTokenResponse RevokeAuthTokenRequest RevokeAuthTokenResponse
Index ¶
- Constants
- Variables
- func In2Out(ctx context.Context) context.Context
- func IsErrBadToken(err error) bool
- func IsErrInvalidPrincipal(err error) bool
- func IsErrNoToken(err error) bool
- func IsErrNotActivated(err error) bool
- func IsErrNotAuthorized(err error) bool
- func IsErrNotSignedIn(err error) bool
- func IsErrPartiallyActivated(err error) bool
- func IsErrTooShortTTL(err error) bool
- func RegisterAPIServer(s *grpc.Server, srv APIServer)
- type ACL
- func (*ACL) Descriptor() ([]byte, []int)
- func (m *ACL) GetEntries() map[string]Scope
- func (m *ACL) Marshal() (dAtA []byte, err error)
- func (m *ACL) MarshalTo(dAtA []byte) (int, error)
- func (*ACL) ProtoMessage()
- func (m *ACL) Reset()
- func (m *ACL) Size() (n int)
- func (m *ACL) String() string
- func (m *ACL) Unmarshal(dAtA []byte) error
- type ACLEntry
- func (*ACLEntry) Descriptor() ([]byte, []int)
- func (m *ACLEntry) GetScope() Scope
- func (m *ACLEntry) GetUsername() string
- func (m *ACLEntry) Marshal() (dAtA []byte, err error)
- func (m *ACLEntry) MarshalTo(dAtA []byte) (int, error)
- func (*ACLEntry) ProtoMessage()
- func (m *ACLEntry) Reset()
- func (m *ACLEntry) Size() (n int)
- func (m *ACLEntry) String() string
- func (m *ACLEntry) Unmarshal(dAtA []byte) error
- type APIClient
- type APIServer
- type ActivateRequest
- func (*ActivateRequest) Descriptor() ([]byte, []int)
- func (m *ActivateRequest) GetGitHubToken() string
- func (m *ActivateRequest) GetSubject() string
- func (m *ActivateRequest) Marshal() (dAtA []byte, err error)
- func (m *ActivateRequest) MarshalTo(dAtA []byte) (int, error)
- func (*ActivateRequest) ProtoMessage()
- func (m *ActivateRequest) Reset()
- func (m *ActivateRequest) Size() (n int)
- func (m *ActivateRequest) String() string
- func (m *ActivateRequest) Unmarshal(dAtA []byte) error
- type ActivateResponse
- func (*ActivateResponse) Descriptor() ([]byte, []int)
- func (m *ActivateResponse) GetPachToken() string
- func (m *ActivateResponse) Marshal() (dAtA []byte, err error)
- func (m *ActivateResponse) MarshalTo(dAtA []byte) (int, error)
- func (*ActivateResponse) ProtoMessage()
- func (m *ActivateResponse) Reset()
- func (m *ActivateResponse) Size() (n int)
- func (m *ActivateResponse) String() string
- func (m *ActivateResponse) Unmarshal(dAtA []byte) error
- type AuthenticateRequest
- func (*AuthenticateRequest) Descriptor() ([]byte, []int)
- func (m *AuthenticateRequest) GetGitHubToken() string
- func (m *AuthenticateRequest) Marshal() (dAtA []byte, err error)
- func (m *AuthenticateRequest) MarshalTo(dAtA []byte) (int, error)
- func (*AuthenticateRequest) ProtoMessage()
- func (m *AuthenticateRequest) Reset()
- func (m *AuthenticateRequest) Size() (n int)
- func (m *AuthenticateRequest) String() string
- func (m *AuthenticateRequest) Unmarshal(dAtA []byte) error
- type AuthenticateResponse
- func (*AuthenticateResponse) Descriptor() ([]byte, []int)
- func (m *AuthenticateResponse) GetPachToken() string
- func (m *AuthenticateResponse) Marshal() (dAtA []byte, err error)
- func (m *AuthenticateResponse) MarshalTo(dAtA []byte) (int, error)
- func (*AuthenticateResponse) ProtoMessage()
- func (m *AuthenticateResponse) Reset()
- func (m *AuthenticateResponse) Size() (n int)
- func (m *AuthenticateResponse) String() string
- func (m *AuthenticateResponse) Unmarshal(dAtA []byte) error
- type AuthorizeRequest
- func (*AuthorizeRequest) Descriptor() ([]byte, []int)
- func (m *AuthorizeRequest) GetRepo() string
- func (m *AuthorizeRequest) GetScope() Scope
- func (m *AuthorizeRequest) Marshal() (dAtA []byte, err error)
- func (m *AuthorizeRequest) MarshalTo(dAtA []byte) (int, error)
- func (*AuthorizeRequest) ProtoMessage()
- func (m *AuthorizeRequest) Reset()
- func (m *AuthorizeRequest) Size() (n int)
- func (m *AuthorizeRequest) String() string
- func (m *AuthorizeRequest) Unmarshal(dAtA []byte) error
- type AuthorizeResponse
- func (*AuthorizeResponse) Descriptor() ([]byte, []int)
- func (m *AuthorizeResponse) GetAuthorized() bool
- func (m *AuthorizeResponse) Marshal() (dAtA []byte, err error)
- func (m *AuthorizeResponse) MarshalTo(dAtA []byte) (int, error)
- func (*AuthorizeResponse) ProtoMessage()
- func (m *AuthorizeResponse) Reset()
- func (m *AuthorizeResponse) Size() (n int)
- func (m *AuthorizeResponse) String() string
- func (m *AuthorizeResponse) Unmarshal(dAtA []byte) error
- type DeactivateRequest
- func (*DeactivateRequest) Descriptor() ([]byte, []int)
- func (m *DeactivateRequest) Marshal() (dAtA []byte, err error)
- func (m *DeactivateRequest) MarshalTo(dAtA []byte) (int, error)
- func (*DeactivateRequest) ProtoMessage()
- func (m *DeactivateRequest) Reset()
- func (m *DeactivateRequest) Size() (n int)
- func (m *DeactivateRequest) String() string
- func (m *DeactivateRequest) Unmarshal(dAtA []byte) error
- type DeactivateResponse
- func (*DeactivateResponse) Descriptor() ([]byte, []int)
- func (m *DeactivateResponse) Marshal() (dAtA []byte, err error)
- func (m *DeactivateResponse) MarshalTo(dAtA []byte) (int, error)
- func (*DeactivateResponse) ProtoMessage()
- func (m *DeactivateResponse) Reset()
- func (m *DeactivateResponse) Size() (n int)
- func (m *DeactivateResponse) String() string
- func (m *DeactivateResponse) Unmarshal(dAtA []byte) error
- type ErrInvalidPrincipal
- type ErrNotAuthorized
- type ErrTooShortTTL
- type ExtendAuthTokenRequest
- func (*ExtendAuthTokenRequest) Descriptor() ([]byte, []int)
- func (m *ExtendAuthTokenRequest) GetTTL() int64
- func (m *ExtendAuthTokenRequest) GetToken() string
- func (m *ExtendAuthTokenRequest) Marshal() (dAtA []byte, err error)
- func (m *ExtendAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
- func (*ExtendAuthTokenRequest) ProtoMessage()
- func (m *ExtendAuthTokenRequest) Reset()
- func (m *ExtendAuthTokenRequest) Size() (n int)
- func (m *ExtendAuthTokenRequest) String() string
- func (m *ExtendAuthTokenRequest) Unmarshal(dAtA []byte) error
- type ExtendAuthTokenResponse
- func (*ExtendAuthTokenResponse) Descriptor() ([]byte, []int)
- func (m *ExtendAuthTokenResponse) Marshal() (dAtA []byte, err error)
- func (m *ExtendAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
- func (*ExtendAuthTokenResponse) ProtoMessage()
- func (m *ExtendAuthTokenResponse) Reset()
- func (m *ExtendAuthTokenResponse) Size() (n int)
- func (m *ExtendAuthTokenResponse) String() string
- func (m *ExtendAuthTokenResponse) Unmarshal(dAtA []byte) error
- type GetACLRequest
- func (*GetACLRequest) Descriptor() ([]byte, []int)
- func (m *GetACLRequest) GetRepo() string
- func (m *GetACLRequest) Marshal() (dAtA []byte, err error)
- func (m *GetACLRequest) MarshalTo(dAtA []byte) (int, error)
- func (*GetACLRequest) ProtoMessage()
- func (m *GetACLRequest) Reset()
- func (m *GetACLRequest) Size() (n int)
- func (m *GetACLRequest) String() string
- func (m *GetACLRequest) Unmarshal(dAtA []byte) error
- type GetACLResponse
- func (*GetACLResponse) Descriptor() ([]byte, []int)
- func (m *GetACLResponse) GetEntries() []*ACLEntry
- func (m *GetACLResponse) GetRobotEntries() []*ACLEntry
- func (m *GetACLResponse) Marshal() (dAtA []byte, err error)
- func (m *GetACLResponse) MarshalTo(dAtA []byte) (int, error)
- func (*GetACLResponse) ProtoMessage()
- func (m *GetACLResponse) Reset()
- func (m *GetACLResponse) Size() (n int)
- func (m *GetACLResponse) String() string
- func (m *GetACLResponse) Unmarshal(dAtA []byte) error
- type GetAdminsRequest
- func (*GetAdminsRequest) Descriptor() ([]byte, []int)
- func (m *GetAdminsRequest) Marshal() (dAtA []byte, err error)
- func (m *GetAdminsRequest) MarshalTo(dAtA []byte) (int, error)
- func (*GetAdminsRequest) ProtoMessage()
- func (m *GetAdminsRequest) Reset()
- func (m *GetAdminsRequest) Size() (n int)
- func (m *GetAdminsRequest) String() string
- func (m *GetAdminsRequest) Unmarshal(dAtA []byte) error
- type GetAdminsResponse
- func (*GetAdminsResponse) Descriptor() ([]byte, []int)
- func (m *GetAdminsResponse) GetAdmins() []string
- func (m *GetAdminsResponse) Marshal() (dAtA []byte, err error)
- func (m *GetAdminsResponse) MarshalTo(dAtA []byte) (int, error)
- func (*GetAdminsResponse) ProtoMessage()
- func (m *GetAdminsResponse) Reset()
- func (m *GetAdminsResponse) Size() (n int)
- func (m *GetAdminsResponse) String() string
- func (m *GetAdminsResponse) Unmarshal(dAtA []byte) error
- type GetAuthTokenRequest
- func (*GetAuthTokenRequest) Descriptor() ([]byte, []int)
- func (m *GetAuthTokenRequest) GetSubject() string
- func (m *GetAuthTokenRequest) GetTTL() int64
- func (m *GetAuthTokenRequest) Marshal() (dAtA []byte, err error)
- func (m *GetAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
- func (*GetAuthTokenRequest) ProtoMessage()
- func (m *GetAuthTokenRequest) Reset()
- func (m *GetAuthTokenRequest) Size() (n int)
- func (m *GetAuthTokenRequest) String() string
- func (m *GetAuthTokenRequest) Unmarshal(dAtA []byte) error
- type GetAuthTokenResponse
- func (*GetAuthTokenResponse) Descriptor() ([]byte, []int)
- func (m *GetAuthTokenResponse) GetSubject() string
- func (m *GetAuthTokenResponse) GetToken() string
- func (m *GetAuthTokenResponse) Marshal() (dAtA []byte, err error)
- func (m *GetAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
- func (*GetAuthTokenResponse) ProtoMessage()
- func (m *GetAuthTokenResponse) Reset()
- func (m *GetAuthTokenResponse) Size() (n int)
- func (m *GetAuthTokenResponse) String() string
- func (m *GetAuthTokenResponse) Unmarshal(dAtA []byte) error
- type GetScopeRequest
- func (*GetScopeRequest) Descriptor() ([]byte, []int)
- func (m *GetScopeRequest) GetRepos() []string
- func (m *GetScopeRequest) GetUsername() string
- func (m *GetScopeRequest) Marshal() (dAtA []byte, err error)
- func (m *GetScopeRequest) MarshalTo(dAtA []byte) (int, error)
- func (*GetScopeRequest) ProtoMessage()
- func (m *GetScopeRequest) Reset()
- func (m *GetScopeRequest) Size() (n int)
- func (m *GetScopeRequest) String() string
- func (m *GetScopeRequest) Unmarshal(dAtA []byte) error
- type GetScopeResponse
- func (*GetScopeResponse) Descriptor() ([]byte, []int)
- func (m *GetScopeResponse) GetScopes() []Scope
- func (m *GetScopeResponse) Marshal() (dAtA []byte, err error)
- func (m *GetScopeResponse) MarshalTo(dAtA []byte) (int, error)
- func (*GetScopeResponse) ProtoMessage()
- func (m *GetScopeResponse) Reset()
- func (m *GetScopeResponse) Size() (n int)
- func (m *GetScopeResponse) String() string
- func (m *GetScopeResponse) Unmarshal(dAtA []byte) error
- type ModifyAdminsRequest
- func (*ModifyAdminsRequest) Descriptor() ([]byte, []int)
- func (m *ModifyAdminsRequest) GetAdd() []string
- func (m *ModifyAdminsRequest) GetRemove() []string
- func (m *ModifyAdminsRequest) Marshal() (dAtA []byte, err error)
- func (m *ModifyAdminsRequest) MarshalTo(dAtA []byte) (int, error)
- func (*ModifyAdminsRequest) ProtoMessage()
- func (m *ModifyAdminsRequest) Reset()
- func (m *ModifyAdminsRequest) Size() (n int)
- func (m *ModifyAdminsRequest) String() string
- func (m *ModifyAdminsRequest) Unmarshal(dAtA []byte) error
- type ModifyAdminsResponse
- func (*ModifyAdminsResponse) Descriptor() ([]byte, []int)
- func (m *ModifyAdminsResponse) Marshal() (dAtA []byte, err error)
- func (m *ModifyAdminsResponse) MarshalTo(dAtA []byte) (int, error)
- func (*ModifyAdminsResponse) ProtoMessage()
- func (m *ModifyAdminsResponse) Reset()
- func (m *ModifyAdminsResponse) Size() (n int)
- func (m *ModifyAdminsResponse) String() string
- func (m *ModifyAdminsResponse) Unmarshal(dAtA []byte) error
- type RevokeAuthTokenRequest
- func (*RevokeAuthTokenRequest) Descriptor() ([]byte, []int)
- func (m *RevokeAuthTokenRequest) GetToken() string
- func (m *RevokeAuthTokenRequest) Marshal() (dAtA []byte, err error)
- func (m *RevokeAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
- func (*RevokeAuthTokenRequest) ProtoMessage()
- func (m *RevokeAuthTokenRequest) Reset()
- func (m *RevokeAuthTokenRequest) Size() (n int)
- func (m *RevokeAuthTokenRequest) String() string
- func (m *RevokeAuthTokenRequest) Unmarshal(dAtA []byte) error
- type RevokeAuthTokenResponse
- func (*RevokeAuthTokenResponse) Descriptor() ([]byte, []int)
- func (m *RevokeAuthTokenResponse) Marshal() (dAtA []byte, err error)
- func (m *RevokeAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
- func (*RevokeAuthTokenResponse) ProtoMessage()
- func (m *RevokeAuthTokenResponse) Reset()
- func (m *RevokeAuthTokenResponse) Size() (n int)
- func (m *RevokeAuthTokenResponse) String() string
- func (m *RevokeAuthTokenResponse) Unmarshal(dAtA []byte) error
- type Scope
- type SetACLRequest
- func (*SetACLRequest) Descriptor() ([]byte, []int)
- func (m *SetACLRequest) GetEntries() []*ACLEntry
- func (m *SetACLRequest) GetRepo() string
- func (m *SetACLRequest) Marshal() (dAtA []byte, err error)
- func (m *SetACLRequest) MarshalTo(dAtA []byte) (int, error)
- func (*SetACLRequest) ProtoMessage()
- func (m *SetACLRequest) Reset()
- func (m *SetACLRequest) Size() (n int)
- func (m *SetACLRequest) String() string
- func (m *SetACLRequest) Unmarshal(dAtA []byte) error
- type SetACLResponse
- func (*SetACLResponse) Descriptor() ([]byte, []int)
- func (m *SetACLResponse) Marshal() (dAtA []byte, err error)
- func (m *SetACLResponse) MarshalTo(dAtA []byte) (int, error)
- func (*SetACLResponse) ProtoMessage()
- func (m *SetACLResponse) Reset()
- func (m *SetACLResponse) Size() (n int)
- func (m *SetACLResponse) String() string
- func (m *SetACLResponse) Unmarshal(dAtA []byte) error
- type SetScopeRequest
- func (*SetScopeRequest) Descriptor() ([]byte, []int)
- func (m *SetScopeRequest) GetRepo() string
- func (m *SetScopeRequest) GetScope() Scope
- func (m *SetScopeRequest) GetUsername() string
- func (m *SetScopeRequest) Marshal() (dAtA []byte, err error)
- func (m *SetScopeRequest) MarshalTo(dAtA []byte) (int, error)
- func (*SetScopeRequest) ProtoMessage()
- func (m *SetScopeRequest) Reset()
- func (m *SetScopeRequest) Size() (n int)
- func (m *SetScopeRequest) String() string
- func (m *SetScopeRequest) Unmarshal(dAtA []byte) error
- type SetScopeResponse
- func (*SetScopeResponse) Descriptor() ([]byte, []int)
- func (m *SetScopeResponse) Marshal() (dAtA []byte, err error)
- func (m *SetScopeResponse) MarshalTo(dAtA []byte) (int, error)
- func (*SetScopeResponse) ProtoMessage()
- func (m *SetScopeResponse) Reset()
- func (m *SetScopeResponse) Size() (n int)
- func (m *SetScopeResponse) String() string
- func (m *SetScopeResponse) Unmarshal(dAtA []byte) error
- type TokenInfo
- func (*TokenInfo) Descriptor() ([]byte, []int)
- func (m *TokenInfo) GetSource() TokenInfo_TokenSource
- func (m *TokenInfo) GetSubject() string
- func (m *TokenInfo) Marshal() (dAtA []byte, err error)
- func (m *TokenInfo) MarshalTo(dAtA []byte) (int, error)
- func (*TokenInfo) ProtoMessage()
- func (m *TokenInfo) Reset()
- func (m *TokenInfo) Size() (n int)
- func (m *TokenInfo) String() string
- func (m *TokenInfo) Unmarshal(dAtA []byte) error
- type TokenInfo_TokenSource
- type WhoAmIRequest
- func (*WhoAmIRequest) Descriptor() ([]byte, []int)
- func (m *WhoAmIRequest) Marshal() (dAtA []byte, err error)
- func (m *WhoAmIRequest) MarshalTo(dAtA []byte) (int, error)
- func (*WhoAmIRequest) ProtoMessage()
- func (m *WhoAmIRequest) Reset()
- func (m *WhoAmIRequest) Size() (n int)
- func (m *WhoAmIRequest) String() string
- func (m *WhoAmIRequest) Unmarshal(dAtA []byte) error
- type WhoAmIResponse
- func (*WhoAmIResponse) Descriptor() ([]byte, []int)
- func (m *WhoAmIResponse) GetIsAdmin() bool
- func (m *WhoAmIResponse) GetUsername() string
- func (m *WhoAmIResponse) Marshal() (dAtA []byte, err error)
- func (m *WhoAmIResponse) MarshalTo(dAtA []byte) (int, error)
- func (*WhoAmIResponse) ProtoMessage()
- func (m *WhoAmIResponse) Reset()
- func (m *WhoAmIResponse) Size() (n int)
- func (m *WhoAmIResponse) String() string
- func (m *WhoAmIResponse) Unmarshal(dAtA []byte) error
Constants ¶
const ( // ContextTokenKey is the key of the auth token in an // authenticated context ContextTokenKey = "authn-token" // GitHubPrefix indicates that this Subject is a GitHub user (because users // can authenticate via GitHub, and Pachyderm doesn't have a users table, // every GitHub user is also a logical Pachyderm user (but most won't be on // any ACLs) GitHubPrefix = "github:" // RobotPrefix indicates that this Subject is a Pachyderm robot user. Any // string (with this prefix) is a logical Pachyderm robot user. RobotPrefix = "robot:" // PipelinePrefix indicates that this Subject is a PPS pipeline. Any string // (with this prefix) is a logical PPS pipeline (even though the pipeline may // not exist). PipelinePrefix = "pipeline:" )
Variables ¶
var ( // ErrNotActivated is returned by an Auth API if the Auth service // has not been activated. // // Note: This error message string is matched in the UI. If edited, // it also needs to be updated in the UI code ErrNotActivated = errors.New("the auth service is not activated") // ErrPartiallyActivated is returned by the auth API to indicated that it's // in an intermediate state (in this state, users can retry Activate() or // revert with Deactivate(), but not much else) ErrPartiallyActivated = errors.New("the auth service is partially activated") // ErrNotSignedIn indicates that the caller isn't signed in // // Note: This error message string is matched in the UI. If edited, // it also needs to be updated in the UI code ErrNotSignedIn = errors.New("auth token not found in context (user may not be signed in)") // ErrNoToken is returned by the Auth API if the caller sent a request // containing no auth token. ErrNoToken = errors.New("no authentication metadata found in context") // ErrBadToken is returned by the Auth API if the caller's token is corruped // or has expired. ErrBadToken = errors.New("provided auth token is corrupted or has expired (try logging in again)") )
var ( ErrInvalidLengthAuth = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowAuth = fmt.Errorf("proto: integer overflow") )
var Scope_name = map[int32]string{
0: "NONE",
1: "READER",
2: "WRITER",
3: "OWNER",
}
var Scope_value = map[string]int32{
"NONE": 0,
"READER": 1,
"WRITER": 2,
"OWNER": 3,
}
var TokenInfo_TokenSource_name = map[int32]string{
0: "INVALID",
1: "AUTHENTICATE",
2: "GET_TOKEN",
}
var TokenInfo_TokenSource_value = map[string]int32{
"INVALID": 0,
"AUTHENTICATE": 1,
"GET_TOKEN": 2,
}
Functions ¶
func In2Out ¶ added in v1.5.2
In2Out converts an incoming context containing auth information into an outgoing context containing auth information, stripping other keys (e.g. for metrics) in the process. If the incoming context doesn't have any auth information, then the returned context won't either.
func IsErrBadToken ¶ added in v1.7.0
IsErrBadToken returns true if 'err' is a ErrBadToken
func IsErrInvalidPrincipal ¶ added in v1.7.0
IsErrInvalidPrincipal returns true if 'err' is an ErrInvalidPrincipal
func IsErrNoToken ¶ added in v1.7.0
IsErrNoToken returns true if 'err' is a ErrNoToken (uses string comparison to work across RPC boundaries)
func IsErrNotActivated ¶ added in v1.7.0
IsErrNotActivated checks if an error is a ErrNotActivated
func IsErrNotAuthorized ¶ added in v1.7.0
IsErrNotAuthorized checks if an error is a ErrNotAuthorized
func IsErrNotSignedIn ¶ added in v1.7.0
IsErrNotSignedIn returns true if 'err' is a ErrNotSignedIn
func IsErrPartiallyActivated ¶ added in v1.7.1
IsErrPartiallyActivated checks if an error is a ErrPartiallyActivated
func IsErrTooShortTTL ¶ added in v1.7.0
IsErrTooShortTTL returns true if 'err' is a ErrTooShortTTL
func RegisterAPIServer ¶
Types ¶
type ACL ¶
type ACL struct { // principal -> scope. All principals are the default principal of a Pachyderm // subject (i.e. all keys in this map are strings prefixed with either // "github:" or "robot:", followed by the name of a GitHub user, all of whom // are Pachyderm subjects, or a Pachyderm robot user) Entries map[string]Scope `` /* 165-byte string literal not displayed */ }
func (*ACL) Descriptor ¶
func (*ACL) GetEntries ¶
func (*ACL) ProtoMessage ¶
func (*ACL) ProtoMessage()
type ACLEntry ¶
type ACLEntry struct { // username is the principal posessing this level of access to this ACL's // repo (despite the name, this principal may be for a human github user or a // pachyderm robot) Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` // scope is the level of access that the owner of 'principal' has to this // ACL's repo (actually a role in typical security terminology) Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"` }
func (*ACLEntry) Descriptor ¶
func (*ACLEntry) GetUsername ¶
func (*ACLEntry) ProtoMessage ¶
func (*ACLEntry) ProtoMessage()
type APIClient ¶
type APIClient interface { // Activate/Deactivate the auth API. 'Activate' sets an initial set of admins // for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and // admins from the Pachyderm cluster, making all data publicly accessable Activate(ctx context.Context, in *ActivateRequest, opts ...grpc.CallOption) (*ActivateResponse, error) Deactivate(ctx context.Context, in *DeactivateRequest, opts ...grpc.CallOption) (*DeactivateResponse, error) // GetAdmins returns the current list of cluster admins GetAdmins(ctx context.Context, in *GetAdminsRequest, opts ...grpc.CallOption) (*GetAdminsResponse, error) // ModifyAdmins adds or removes admins from the cluster ModifyAdmins(ctx context.Context, in *ModifyAdminsRequest, opts ...grpc.CallOption) (*ModifyAdminsResponse, error) Authenticate(ctx context.Context, in *AuthenticateRequest, opts ...grpc.CallOption) (*AuthenticateResponse, error) Authorize(ctx context.Context, in *AuthorizeRequest, opts ...grpc.CallOption) (*AuthorizeResponse, error) WhoAmI(ctx context.Context, in *WhoAmIRequest, opts ...grpc.CallOption) (*WhoAmIResponse, error) GetScope(ctx context.Context, in *GetScopeRequest, opts ...grpc.CallOption) (*GetScopeResponse, error) SetScope(ctx context.Context, in *SetScopeRequest, opts ...grpc.CallOption) (*SetScopeResponse, error) GetACL(ctx context.Context, in *GetACLRequest, opts ...grpc.CallOption) (*GetACLResponse, error) SetACL(ctx context.Context, in *SetACLRequest, opts ...grpc.CallOption) (*SetACLResponse, error) GetAuthToken(ctx context.Context, in *GetAuthTokenRequest, opts ...grpc.CallOption) (*GetAuthTokenResponse, error) ExtendAuthToken(ctx context.Context, in *ExtendAuthTokenRequest, opts ...grpc.CallOption) (*ExtendAuthTokenResponse, error) RevokeAuthToken(ctx context.Context, in *RevokeAuthTokenRequest, opts ...grpc.CallOption) (*RevokeAuthTokenResponse, error) }
func NewAPIClient ¶
func NewAPIClient(cc *grpc.ClientConn) APIClient
type APIServer ¶
type APIServer interface { // Activate/Deactivate the auth API. 'Activate' sets an initial set of admins // for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and // admins from the Pachyderm cluster, making all data publicly accessable Activate(context.Context, *ActivateRequest) (*ActivateResponse, error) Deactivate(context.Context, *DeactivateRequest) (*DeactivateResponse, error) // GetAdmins returns the current list of cluster admins GetAdmins(context.Context, *GetAdminsRequest) (*GetAdminsResponse, error) // ModifyAdmins adds or removes admins from the cluster ModifyAdmins(context.Context, *ModifyAdminsRequest) (*ModifyAdminsResponse, error) Authenticate(context.Context, *AuthenticateRequest) (*AuthenticateResponse, error) Authorize(context.Context, *AuthorizeRequest) (*AuthorizeResponse, error) WhoAmI(context.Context, *WhoAmIRequest) (*WhoAmIResponse, error) GetScope(context.Context, *GetScopeRequest) (*GetScopeResponse, error) SetScope(context.Context, *SetScopeRequest) (*SetScopeResponse, error) GetACL(context.Context, *GetACLRequest) (*GetACLResponse, error) SetACL(context.Context, *SetACLRequest) (*SetACLResponse, error) GetAuthToken(context.Context, *GetAuthTokenRequest) (*GetAuthTokenResponse, error) ExtendAuthToken(context.Context, *ExtendAuthTokenRequest) (*ExtendAuthTokenResponse, error) RevokeAuthToken(context.Context, *RevokeAuthTokenRequest) (*RevokeAuthTokenResponse, error) }
type ActivateRequest ¶
type ActivateRequest struct { // If set, Pachyderm will authenticate the caller as this user. // - If set to a github user (i.e. it has a 'github:' prefix or no prefix) // then Pachyderm will confirm that it matches the user associated with // 'github_token' // - If set to a robot user (i.e. it has a 'robot:' prefix), then Pachyderm // will generate a new token for the robot user; this token will be the only // way to administer this cluster until more admins are added. Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` // This is the token returned by GitHub and used to authenticate the caller. // When Pachyderm is deployed locally, setting this value to a given string // will automatically authenticate the caller as a GitHub user whose username // is that string (unless this "looks like" a GitHub access code, in which // case Pachyderm does retrieve the corresponding GitHub username) GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"` }
ActivateRequest mirrors AuthenticateRequest. The caller is authenticated via GitHub OAuth, and then promoted to the cluster's first Admin. Afterwards, the caller can promote other users to Admin and remove themselves
func (*ActivateRequest) Descriptor ¶
func (*ActivateRequest) Descriptor() ([]byte, []int)
func (*ActivateRequest) GetGitHubToken ¶ added in v1.7.0
func (m *ActivateRequest) GetGitHubToken() string
func (*ActivateRequest) GetSubject ¶ added in v1.7.1
func (m *ActivateRequest) GetSubject() string
func (*ActivateRequest) Marshal ¶
func (m *ActivateRequest) Marshal() (dAtA []byte, err error)
func (*ActivateRequest) ProtoMessage ¶
func (*ActivateRequest) ProtoMessage()
func (*ActivateRequest) Reset ¶
func (m *ActivateRequest) Reset()
func (*ActivateRequest) Size ¶
func (m *ActivateRequest) Size() (n int)
func (*ActivateRequest) String ¶
func (m *ActivateRequest) String() string
func (*ActivateRequest) Unmarshal ¶
func (m *ActivateRequest) Unmarshal(dAtA []byte) error
type ActivateResponse ¶
type ActivateResponse struct { // pach_token authenticates the caller with Pachyderm (if you want to perform // Pachyderm operations after auth has been activated as themselves, you must // present this token along with your regular request) PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"` }
func (*ActivateResponse) Descriptor ¶
func (*ActivateResponse) Descriptor() ([]byte, []int)
func (*ActivateResponse) GetPachToken ¶ added in v1.6.0
func (m *ActivateResponse) GetPachToken() string
func (*ActivateResponse) Marshal ¶
func (m *ActivateResponse) Marshal() (dAtA []byte, err error)
func (*ActivateResponse) ProtoMessage ¶
func (*ActivateResponse) ProtoMessage()
func (*ActivateResponse) Reset ¶
func (m *ActivateResponse) Reset()
func (*ActivateResponse) Size ¶
func (m *ActivateResponse) Size() (n int)
func (*ActivateResponse) String ¶
func (m *ActivateResponse) String() string
func (*ActivateResponse) Unmarshal ¶
func (m *ActivateResponse) Unmarshal(dAtA []byte) error
type AuthenticateRequest ¶
type AuthenticateRequest struct { // This is the token returned by GitHub and used to authenticate the caller. // When Pachyderm is deployed locally, setting this value to a given string // will automatically authenticate the caller as a GitHub user whose username // is that string (unless this "looks like" a GitHub access code, in which // case Pachyderm does retrieve the corresponding GitHub username) GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"` }
func (*AuthenticateRequest) Descriptor ¶
func (*AuthenticateRequest) Descriptor() ([]byte, []int)
func (*AuthenticateRequest) GetGitHubToken ¶ added in v1.7.0
func (m *AuthenticateRequest) GetGitHubToken() string
func (*AuthenticateRequest) Marshal ¶
func (m *AuthenticateRequest) Marshal() (dAtA []byte, err error)
func (*AuthenticateRequest) MarshalTo ¶
func (m *AuthenticateRequest) MarshalTo(dAtA []byte) (int, error)
func (*AuthenticateRequest) ProtoMessage ¶
func (*AuthenticateRequest) ProtoMessage()
func (*AuthenticateRequest) Reset ¶
func (m *AuthenticateRequest) Reset()
func (*AuthenticateRequest) Size ¶
func (m *AuthenticateRequest) Size() (n int)
func (*AuthenticateRequest) String ¶
func (m *AuthenticateRequest) String() string
func (*AuthenticateRequest) Unmarshal ¶
func (m *AuthenticateRequest) Unmarshal(dAtA []byte) error
type AuthenticateResponse ¶
type AuthenticateResponse struct { // pach_token authenticates the caller with Pachyderm (if you want to perform // Pachyderm operations after auth has been activated as themselves, you must // present this token along with your regular request) PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"` }
func (*AuthenticateResponse) Descriptor ¶
func (*AuthenticateResponse) Descriptor() ([]byte, []int)
func (*AuthenticateResponse) GetPachToken ¶
func (m *AuthenticateResponse) GetPachToken() string
func (*AuthenticateResponse) Marshal ¶
func (m *AuthenticateResponse) Marshal() (dAtA []byte, err error)
func (*AuthenticateResponse) MarshalTo ¶
func (m *AuthenticateResponse) MarshalTo(dAtA []byte) (int, error)
func (*AuthenticateResponse) ProtoMessage ¶
func (*AuthenticateResponse) ProtoMessage()
func (*AuthenticateResponse) Reset ¶
func (m *AuthenticateResponse) Reset()
func (*AuthenticateResponse) Size ¶
func (m *AuthenticateResponse) Size() (n int)
func (*AuthenticateResponse) String ¶
func (m *AuthenticateResponse) String() string
func (*AuthenticateResponse) Unmarshal ¶
func (m *AuthenticateResponse) Unmarshal(dAtA []byte) error
type AuthorizeRequest ¶
type AuthorizeRequest struct { // repo is the object that the caller wants to access Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"` // scope is the access level that the caller needs to perform an action Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"` }
func (*AuthorizeRequest) Descriptor ¶
func (*AuthorizeRequest) Descriptor() ([]byte, []int)
func (*AuthorizeRequest) GetRepo ¶
func (m *AuthorizeRequest) GetRepo() string
func (*AuthorizeRequest) GetScope ¶
func (m *AuthorizeRequest) GetScope() Scope
func (*AuthorizeRequest) Marshal ¶
func (m *AuthorizeRequest) Marshal() (dAtA []byte, err error)
func (*AuthorizeRequest) ProtoMessage ¶
func (*AuthorizeRequest) ProtoMessage()
func (*AuthorizeRequest) Reset ¶
func (m *AuthorizeRequest) Reset()
func (*AuthorizeRequest) Size ¶
func (m *AuthorizeRequest) Size() (n int)
func (*AuthorizeRequest) String ¶
func (m *AuthorizeRequest) String() string
func (*AuthorizeRequest) Unmarshal ¶
func (m *AuthorizeRequest) Unmarshal(dAtA []byte) error
type AuthorizeResponse ¶
type AuthorizeResponse struct { // authorized is true if the caller has at least // 'AuthorizeRequest.scope'-level access to 'AuthorizeRequest.repo', and false // otherwise Authorized bool `protobuf:"varint,1,opt,name=authorized,proto3" json:"authorized,omitempty"` }
func (*AuthorizeResponse) Descriptor ¶
func (*AuthorizeResponse) Descriptor() ([]byte, []int)
func (*AuthorizeResponse) GetAuthorized ¶
func (m *AuthorizeResponse) GetAuthorized() bool
func (*AuthorizeResponse) Marshal ¶
func (m *AuthorizeResponse) Marshal() (dAtA []byte, err error)
func (*AuthorizeResponse) MarshalTo ¶
func (m *AuthorizeResponse) MarshalTo(dAtA []byte) (int, error)
func (*AuthorizeResponse) ProtoMessage ¶
func (*AuthorizeResponse) ProtoMessage()
func (*AuthorizeResponse) Reset ¶
func (m *AuthorizeResponse) Reset()
func (*AuthorizeResponse) Size ¶
func (m *AuthorizeResponse) Size() (n int)
func (*AuthorizeResponse) String ¶
func (m *AuthorizeResponse) String() string
func (*AuthorizeResponse) Unmarshal ¶
func (m *AuthorizeResponse) Unmarshal(dAtA []byte) error
type DeactivateRequest ¶ added in v1.6.0
type DeactivateRequest struct { }
func (*DeactivateRequest) Descriptor ¶ added in v1.6.0
func (*DeactivateRequest) Descriptor() ([]byte, []int)
func (*DeactivateRequest) Marshal ¶ added in v1.6.0
func (m *DeactivateRequest) Marshal() (dAtA []byte, err error)
func (*DeactivateRequest) MarshalTo ¶ added in v1.6.0
func (m *DeactivateRequest) MarshalTo(dAtA []byte) (int, error)
func (*DeactivateRequest) ProtoMessage ¶ added in v1.6.0
func (*DeactivateRequest) ProtoMessage()
func (*DeactivateRequest) Reset ¶ added in v1.6.0
func (m *DeactivateRequest) Reset()
func (*DeactivateRequest) Size ¶ added in v1.6.0
func (m *DeactivateRequest) Size() (n int)
func (*DeactivateRequest) String ¶ added in v1.6.0
func (m *DeactivateRequest) String() string
func (*DeactivateRequest) Unmarshal ¶ added in v1.6.0
func (m *DeactivateRequest) Unmarshal(dAtA []byte) error
type DeactivateResponse ¶ added in v1.6.0
type DeactivateResponse struct { }
func (*DeactivateResponse) Descriptor ¶ added in v1.6.0
func (*DeactivateResponse) Descriptor() ([]byte, []int)
func (*DeactivateResponse) Marshal ¶ added in v1.6.0
func (m *DeactivateResponse) Marshal() (dAtA []byte, err error)
func (*DeactivateResponse) MarshalTo ¶ added in v1.6.0
func (m *DeactivateResponse) MarshalTo(dAtA []byte) (int, error)
func (*DeactivateResponse) ProtoMessage ¶ added in v1.6.0
func (*DeactivateResponse) ProtoMessage()
func (*DeactivateResponse) Reset ¶ added in v1.6.0
func (m *DeactivateResponse) Reset()
func (*DeactivateResponse) Size ¶ added in v1.6.0
func (m *DeactivateResponse) Size() (n int)
func (*DeactivateResponse) String ¶ added in v1.6.0
func (m *DeactivateResponse) String() string
func (*DeactivateResponse) Unmarshal ¶ added in v1.6.0
func (m *DeactivateResponse) Unmarshal(dAtA []byte) error
type ErrInvalidPrincipal ¶ added in v1.7.0
type ErrInvalidPrincipal struct {
Principal string
}
ErrInvalidPrincipal indicates that a an argument to e.g. GetScope, SetScope, or SetACL is invalid
func (*ErrInvalidPrincipal) Error ¶ added in v1.7.0
func (e *ErrInvalidPrincipal) Error() string
type ErrNotAuthorized ¶ added in v1.7.0
type ErrNotAuthorized struct { Subject string // subject trying to perform blocked operation -- always set Repo string // Repo that the user is attempting to access Required Scope // Caller needs 'Required'-level access to 'Repo' // Group 2: // AdminOp indicates an operation that the caller couldn't perform because // they're not an admin AdminOp string }
ErrNotAuthorized is returned if the user is not authorized to perform a certain operation. Either
- the operation is a user operation, in which case 'Repo' and/or 'Required' should be set (indicating that the user needs 'Required'-level access to 'Repo').
- the operation is an admin-only operation (e.g. DeleteAll), in which case AdminOp should be set
func (*ErrNotAuthorized) Error ¶ added in v1.7.0
func (e *ErrNotAuthorized) Error() string
type ErrTooShortTTL ¶ added in v1.7.0
type ErrTooShortTTL struct {
RequestTTL, ExistingTTL int64
}
ErrTooShortTTL is returned by the ExtendAuthToken if request.Token already has a TTL longer than request.TTL.
func (ErrTooShortTTL) Error ¶ added in v1.7.0
func (e ErrTooShortTTL) Error() string
type ExtendAuthTokenRequest ¶ added in v1.7.0
type ExtendAuthTokenRequest struct { // token indicates the Pachyderm token whose TTL is being extended Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` // ttl indicates the new TTL of 'token' (if it's longer than the existing TTL) TTL int64 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"` }
func (*ExtendAuthTokenRequest) Descriptor ¶ added in v1.7.0
func (*ExtendAuthTokenRequest) Descriptor() ([]byte, []int)
func (*ExtendAuthTokenRequest) GetTTL ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) GetTTL() int64
func (*ExtendAuthTokenRequest) GetToken ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) GetToken() string
func (*ExtendAuthTokenRequest) Marshal ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) Marshal() (dAtA []byte, err error)
func (*ExtendAuthTokenRequest) MarshalTo ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
func (*ExtendAuthTokenRequest) ProtoMessage ¶ added in v1.7.0
func (*ExtendAuthTokenRequest) ProtoMessage()
func (*ExtendAuthTokenRequest) Reset ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) Reset()
func (*ExtendAuthTokenRequest) Size ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) Size() (n int)
func (*ExtendAuthTokenRequest) String ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) String() string
func (*ExtendAuthTokenRequest) Unmarshal ¶ added in v1.7.0
func (m *ExtendAuthTokenRequest) Unmarshal(dAtA []byte) error
type ExtendAuthTokenResponse ¶ added in v1.7.0
type ExtendAuthTokenResponse struct { }
func (*ExtendAuthTokenResponse) Descriptor ¶ added in v1.7.0
func (*ExtendAuthTokenResponse) Descriptor() ([]byte, []int)
func (*ExtendAuthTokenResponse) Marshal ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) Marshal() (dAtA []byte, err error)
func (*ExtendAuthTokenResponse) MarshalTo ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
func (*ExtendAuthTokenResponse) ProtoMessage ¶ added in v1.7.0
func (*ExtendAuthTokenResponse) ProtoMessage()
func (*ExtendAuthTokenResponse) Reset ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) Reset()
func (*ExtendAuthTokenResponse) Size ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) Size() (n int)
func (*ExtendAuthTokenResponse) String ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) String() string
func (*ExtendAuthTokenResponse) Unmarshal ¶ added in v1.7.0
func (m *ExtendAuthTokenResponse) Unmarshal(dAtA []byte) error
type GetACLRequest ¶
type GetACLRequest struct {
Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
}
func (*GetACLRequest) Descriptor ¶
func (*GetACLRequest) Descriptor() ([]byte, []int)
func (*GetACLRequest) GetRepo ¶
func (m *GetACLRequest) GetRepo() string
func (*GetACLRequest) Marshal ¶
func (m *GetACLRequest) Marshal() (dAtA []byte, err error)
func (*GetACLRequest) ProtoMessage ¶
func (*GetACLRequest) ProtoMessage()
func (*GetACLRequest) Reset ¶
func (m *GetACLRequest) Reset()
func (*GetACLRequest) Size ¶
func (m *GetACLRequest) Size() (n int)
func (*GetACLRequest) String ¶
func (m *GetACLRequest) String() string
func (*GetACLRequest) Unmarshal ¶
func (m *GetACLRequest) Unmarshal(dAtA []byte) error
type GetACLResponse ¶
type GetACLResponse struct { // entries contains all [user principal] -> [role] mappings. This is separate // from robot_entries to avoid migration pain the Pachyderm dashboard Entries []*ACLEntry `protobuf:"bytes,1,rep,name=entries" json:"entries,omitempty"` // robot_entries contains all [robot principal] -> [role] mappings. This is // separate from entries to be unambiguous (all keys are robot principals, but // have no prefixes) while avoiding migration pain in the Pachyderm dashboard. RobotEntries []*ACLEntry `protobuf:"bytes,2,rep,name=robot_entries,json=robotEntries" json:"robot_entries,omitempty"` }
GetACLReponse contains the list of entries on a Pachyderm ACL.
To avoid migration pain with the Pachyderm dash the list of user principal entries and robot principal entries are separate. This way, no prefix or other disambiguating device is needed in 'entries' to separate user principals from robot principals (which would confuse the dash). Instead, the dash can simply ignore robot principals.
func (*GetACLResponse) Descriptor ¶
func (*GetACLResponse) Descriptor() ([]byte, []int)
func (*GetACLResponse) GetEntries ¶ added in v1.6.0
func (m *GetACLResponse) GetEntries() []*ACLEntry
func (*GetACLResponse) GetRobotEntries ¶ added in v1.7.0
func (m *GetACLResponse) GetRobotEntries() []*ACLEntry
func (*GetACLResponse) Marshal ¶
func (m *GetACLResponse) Marshal() (dAtA []byte, err error)
func (*GetACLResponse) ProtoMessage ¶
func (*GetACLResponse) ProtoMessage()
func (*GetACLResponse) Reset ¶
func (m *GetACLResponse) Reset()
func (*GetACLResponse) Size ¶
func (m *GetACLResponse) Size() (n int)
func (*GetACLResponse) String ¶
func (m *GetACLResponse) String() string
func (*GetACLResponse) Unmarshal ¶
func (m *GetACLResponse) Unmarshal(dAtA []byte) error
type GetAdminsRequest ¶ added in v1.6.0
type GetAdminsRequest struct { }
Get the current list of cluster admins
func (*GetAdminsRequest) Descriptor ¶ added in v1.6.0
func (*GetAdminsRequest) Descriptor() ([]byte, []int)
func (*GetAdminsRequest) Marshal ¶ added in v1.6.0
func (m *GetAdminsRequest) Marshal() (dAtA []byte, err error)
func (*GetAdminsRequest) MarshalTo ¶ added in v1.6.0
func (m *GetAdminsRequest) MarshalTo(dAtA []byte) (int, error)
func (*GetAdminsRequest) ProtoMessage ¶ added in v1.6.0
func (*GetAdminsRequest) ProtoMessage()
func (*GetAdminsRequest) Reset ¶ added in v1.6.0
func (m *GetAdminsRequest) Reset()
func (*GetAdminsRequest) Size ¶ added in v1.6.0
func (m *GetAdminsRequest) Size() (n int)
func (*GetAdminsRequest) String ¶ added in v1.6.0
func (m *GetAdminsRequest) String() string
func (*GetAdminsRequest) Unmarshal ¶ added in v1.6.0
func (m *GetAdminsRequest) Unmarshal(dAtA []byte) error
type GetAdminsResponse ¶ added in v1.6.0
type GetAdminsResponse struct { // admins contains the list of cluster admins Admins []string `protobuf:"bytes,1,rep,name=admins" json:"admins,omitempty"` }
func (*GetAdminsResponse) Descriptor ¶ added in v1.6.0
func (*GetAdminsResponse) Descriptor() ([]byte, []int)
func (*GetAdminsResponse) GetAdmins ¶ added in v1.6.0
func (m *GetAdminsResponse) GetAdmins() []string
func (*GetAdminsResponse) Marshal ¶ added in v1.6.0
func (m *GetAdminsResponse) Marshal() (dAtA []byte, err error)
func (*GetAdminsResponse) MarshalTo ¶ added in v1.6.0
func (m *GetAdminsResponse) MarshalTo(dAtA []byte) (int, error)
func (*GetAdminsResponse) ProtoMessage ¶ added in v1.6.0
func (*GetAdminsResponse) ProtoMessage()
func (*GetAdminsResponse) Reset ¶ added in v1.6.0
func (m *GetAdminsResponse) Reset()
func (*GetAdminsResponse) Size ¶ added in v1.6.0
func (m *GetAdminsResponse) Size() (n int)
func (*GetAdminsResponse) String ¶ added in v1.6.0
func (m *GetAdminsResponse) String() string
func (*GetAdminsResponse) Unmarshal ¶ added in v1.6.0
func (m *GetAdminsResponse) Unmarshal(dAtA []byte) error
type GetAuthTokenRequest ¶ added in v1.7.0
type GetAuthTokenRequest struct { // The returned token will allow the caller to access resources as this // subject Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"` // ttl indicates the approximate remaining lifetime of this token, in seconds TTL int64 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"` }
func (*GetAuthTokenRequest) Descriptor ¶ added in v1.7.0
func (*GetAuthTokenRequest) Descriptor() ([]byte, []int)
func (*GetAuthTokenRequest) GetSubject ¶ added in v1.7.0
func (m *GetAuthTokenRequest) GetSubject() string
func (*GetAuthTokenRequest) GetTTL ¶ added in v1.7.0
func (m *GetAuthTokenRequest) GetTTL() int64
func (*GetAuthTokenRequest) Marshal ¶ added in v1.7.0
func (m *GetAuthTokenRequest) Marshal() (dAtA []byte, err error)
func (*GetAuthTokenRequest) MarshalTo ¶ added in v1.7.0
func (m *GetAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
func (*GetAuthTokenRequest) ProtoMessage ¶ added in v1.7.0
func (*GetAuthTokenRequest) ProtoMessage()
func (*GetAuthTokenRequest) Reset ¶ added in v1.7.0
func (m *GetAuthTokenRequest) Reset()
func (*GetAuthTokenRequest) Size ¶ added in v1.7.0
func (m *GetAuthTokenRequest) Size() (n int)
func (*GetAuthTokenRequest) String ¶ added in v1.7.0
func (m *GetAuthTokenRequest) String() string
func (*GetAuthTokenRequest) Unmarshal ¶ added in v1.7.0
func (m *GetAuthTokenRequest) Unmarshal(dAtA []byte) error
type GetAuthTokenResponse ¶ added in v1.7.0
type GetAuthTokenResponse struct { // A canonicalized version of the subject in the request Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` // A new auth token for the user in 'GetAuthTokenRequest.Subject' token Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` }
func (*GetAuthTokenResponse) Descriptor ¶ added in v1.7.0
func (*GetAuthTokenResponse) Descriptor() ([]byte, []int)
func (*GetAuthTokenResponse) GetSubject ¶ added in v1.7.1
func (m *GetAuthTokenResponse) GetSubject() string
func (*GetAuthTokenResponse) GetToken ¶ added in v1.7.0
func (m *GetAuthTokenResponse) GetToken() string
func (*GetAuthTokenResponse) Marshal ¶ added in v1.7.0
func (m *GetAuthTokenResponse) Marshal() (dAtA []byte, err error)
func (*GetAuthTokenResponse) MarshalTo ¶ added in v1.7.0
func (m *GetAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
func (*GetAuthTokenResponse) ProtoMessage ¶ added in v1.7.0
func (*GetAuthTokenResponse) ProtoMessage()
func (*GetAuthTokenResponse) Reset ¶ added in v1.7.0
func (m *GetAuthTokenResponse) Reset()
func (*GetAuthTokenResponse) Size ¶ added in v1.7.0
func (m *GetAuthTokenResponse) Size() (n int)
func (*GetAuthTokenResponse) String ¶ added in v1.7.0
func (m *GetAuthTokenResponse) String() string
func (*GetAuthTokenResponse) Unmarshal ¶ added in v1.7.0
func (m *GetAuthTokenResponse) Unmarshal(dAtA []byte) error
type GetScopeRequest ¶
type GetScopeRequest struct { // username is the principal (some of which belong to robots rather than // users, but the name is preserved for now to provide compatibility with the // pachyderm dash) whose access level is queried. To query the access level // of a robot user, the caller must prefix username with "robot:". If // 'username' has no prefix (i.e. no ":"), then it's assumed to be a github // user's principal. Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` // repos are the objects to which 'username's access level is being queried Repos []string `protobuf:"bytes,2,rep,name=repos" json:"repos,omitempty"` }
func (*GetScopeRequest) Descriptor ¶
func (*GetScopeRequest) Descriptor() ([]byte, []int)
func (*GetScopeRequest) GetRepos ¶ added in v1.5.3
func (m *GetScopeRequest) GetRepos() []string
func (*GetScopeRequest) GetUsername ¶
func (m *GetScopeRequest) GetUsername() string
func (*GetScopeRequest) Marshal ¶
func (m *GetScopeRequest) Marshal() (dAtA []byte, err error)
func (*GetScopeRequest) ProtoMessage ¶
func (*GetScopeRequest) ProtoMessage()
func (*GetScopeRequest) Reset ¶
func (m *GetScopeRequest) Reset()
func (*GetScopeRequest) Size ¶
func (m *GetScopeRequest) Size() (n int)
func (*GetScopeRequest) String ¶
func (m *GetScopeRequest) String() string
func (*GetScopeRequest) Unmarshal ¶
func (m *GetScopeRequest) Unmarshal(dAtA []byte) error
type GetScopeResponse ¶
type GetScopeResponse struct { // scopes (actually a "role"--see "Scope") are the access level that // 'GetScopeRequest.username' has to each repo in 'GetScopeRequest.repos', in // the same order that repos appeared in 'repos'. Scopes []Scope `protobuf:"varint,1,rep,packed,name=scopes,enum=auth.Scope" json:"scopes,omitempty"` }
func (*GetScopeResponse) Descriptor ¶
func (*GetScopeResponse) Descriptor() ([]byte, []int)
func (*GetScopeResponse) GetScopes ¶ added in v1.5.3
func (m *GetScopeResponse) GetScopes() []Scope
func (*GetScopeResponse) Marshal ¶
func (m *GetScopeResponse) Marshal() (dAtA []byte, err error)
func (*GetScopeResponse) ProtoMessage ¶
func (*GetScopeResponse) ProtoMessage()
func (*GetScopeResponse) Reset ¶
func (m *GetScopeResponse) Reset()
func (*GetScopeResponse) Size ¶
func (m *GetScopeResponse) Size() (n int)
func (*GetScopeResponse) String ¶
func (m *GetScopeResponse) String() string
func (*GetScopeResponse) Unmarshal ¶
func (m *GetScopeResponse) Unmarshal(dAtA []byte) error
type ModifyAdminsRequest ¶ added in v1.6.0
type ModifyAdminsRequest struct { Add []string `protobuf:"bytes,1,rep,name=add" json:"add,omitempty"` Remove []string `protobuf:"bytes,2,rep,name=remove" json:"remove,omitempty"` }
Add or remove cluster admins
func (*ModifyAdminsRequest) Descriptor ¶ added in v1.6.0
func (*ModifyAdminsRequest) Descriptor() ([]byte, []int)
func (*ModifyAdminsRequest) GetAdd ¶ added in v1.6.0
func (m *ModifyAdminsRequest) GetAdd() []string
func (*ModifyAdminsRequest) GetRemove ¶ added in v1.6.0
func (m *ModifyAdminsRequest) GetRemove() []string
func (*ModifyAdminsRequest) Marshal ¶ added in v1.6.0
func (m *ModifyAdminsRequest) Marshal() (dAtA []byte, err error)
func (*ModifyAdminsRequest) MarshalTo ¶ added in v1.6.0
func (m *ModifyAdminsRequest) MarshalTo(dAtA []byte) (int, error)
func (*ModifyAdminsRequest) ProtoMessage ¶ added in v1.6.0
func (*ModifyAdminsRequest) ProtoMessage()
func (*ModifyAdminsRequest) Reset ¶ added in v1.6.0
func (m *ModifyAdminsRequest) Reset()
func (*ModifyAdminsRequest) Size ¶ added in v1.6.0
func (m *ModifyAdminsRequest) Size() (n int)
func (*ModifyAdminsRequest) String ¶ added in v1.6.0
func (m *ModifyAdminsRequest) String() string
func (*ModifyAdminsRequest) Unmarshal ¶ added in v1.6.0
func (m *ModifyAdminsRequest) Unmarshal(dAtA []byte) error
type ModifyAdminsResponse ¶ added in v1.6.0
type ModifyAdminsResponse struct { }
func (*ModifyAdminsResponse) Descriptor ¶ added in v1.6.0
func (*ModifyAdminsResponse) Descriptor() ([]byte, []int)
func (*ModifyAdminsResponse) Marshal ¶ added in v1.6.0
func (m *ModifyAdminsResponse) Marshal() (dAtA []byte, err error)
func (*ModifyAdminsResponse) MarshalTo ¶ added in v1.6.0
func (m *ModifyAdminsResponse) MarshalTo(dAtA []byte) (int, error)
func (*ModifyAdminsResponse) ProtoMessage ¶ added in v1.6.0
func (*ModifyAdminsResponse) ProtoMessage()
func (*ModifyAdminsResponse) Reset ¶ added in v1.6.0
func (m *ModifyAdminsResponse) Reset()
func (*ModifyAdminsResponse) Size ¶ added in v1.6.0
func (m *ModifyAdminsResponse) Size() (n int)
func (*ModifyAdminsResponse) String ¶ added in v1.6.0
func (m *ModifyAdminsResponse) String() string
func (*ModifyAdminsResponse) Unmarshal ¶ added in v1.6.0
func (m *ModifyAdminsResponse) Unmarshal(dAtA []byte) error
type RevokeAuthTokenRequest ¶
type RevokeAuthTokenRequest struct {
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
}
func (*RevokeAuthTokenRequest) Descriptor ¶
func (*RevokeAuthTokenRequest) Descriptor() ([]byte, []int)
func (*RevokeAuthTokenRequest) GetToken ¶
func (m *RevokeAuthTokenRequest) GetToken() string
func (*RevokeAuthTokenRequest) Marshal ¶
func (m *RevokeAuthTokenRequest) Marshal() (dAtA []byte, err error)
func (*RevokeAuthTokenRequest) MarshalTo ¶
func (m *RevokeAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)
func (*RevokeAuthTokenRequest) ProtoMessage ¶
func (*RevokeAuthTokenRequest) ProtoMessage()
func (*RevokeAuthTokenRequest) Reset ¶
func (m *RevokeAuthTokenRequest) Reset()
func (*RevokeAuthTokenRequest) Size ¶
func (m *RevokeAuthTokenRequest) Size() (n int)
func (*RevokeAuthTokenRequest) String ¶
func (m *RevokeAuthTokenRequest) String() string
func (*RevokeAuthTokenRequest) Unmarshal ¶
func (m *RevokeAuthTokenRequest) Unmarshal(dAtA []byte) error
type RevokeAuthTokenResponse ¶
type RevokeAuthTokenResponse struct { }
func (*RevokeAuthTokenResponse) Descriptor ¶
func (*RevokeAuthTokenResponse) Descriptor() ([]byte, []int)
func (*RevokeAuthTokenResponse) Marshal ¶
func (m *RevokeAuthTokenResponse) Marshal() (dAtA []byte, err error)
func (*RevokeAuthTokenResponse) MarshalTo ¶
func (m *RevokeAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)
func (*RevokeAuthTokenResponse) ProtoMessage ¶
func (*RevokeAuthTokenResponse) ProtoMessage()
func (*RevokeAuthTokenResponse) Reset ¶
func (m *RevokeAuthTokenResponse) Reset()
func (*RevokeAuthTokenResponse) Size ¶
func (m *RevokeAuthTokenResponse) Size() (n int)
func (*RevokeAuthTokenResponse) String ¶
func (m *RevokeAuthTokenResponse) String() string
func (*RevokeAuthTokenResponse) Unmarshal ¶
func (m *RevokeAuthTokenResponse) Unmarshal(dAtA []byte) error
type Scope ¶
type Scope int32
Scope (actually a "role" in canonical security nomenclature) represents a rough level of access that a principal has to a repo
func ParseScope ¶
ParseScope parses the string 's' to a scope (for example, parsing a command- line argument.
func (Scope) EnumDescriptor ¶
type SetACLRequest ¶ added in v1.5.3
type SetACLRequest struct { Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"` Entries []*ACLEntry `protobuf:"bytes,2,rep,name=entries" json:"entries,omitempty"` }
func (*SetACLRequest) Descriptor ¶ added in v1.5.3
func (*SetACLRequest) Descriptor() ([]byte, []int)
func (*SetACLRequest) GetEntries ¶ added in v1.6.0
func (m *SetACLRequest) GetEntries() []*ACLEntry
func (*SetACLRequest) GetRepo ¶ added in v1.5.3
func (m *SetACLRequest) GetRepo() string
func (*SetACLRequest) Marshal ¶ added in v1.5.3
func (m *SetACLRequest) Marshal() (dAtA []byte, err error)
func (*SetACLRequest) MarshalTo ¶ added in v1.5.3
func (m *SetACLRequest) MarshalTo(dAtA []byte) (int, error)
func (*SetACLRequest) ProtoMessage ¶ added in v1.5.3
func (*SetACLRequest) ProtoMessage()
func (*SetACLRequest) Reset ¶ added in v1.5.3
func (m *SetACLRequest) Reset()
func (*SetACLRequest) Size ¶ added in v1.5.3
func (m *SetACLRequest) Size() (n int)
func (*SetACLRequest) String ¶ added in v1.5.3
func (m *SetACLRequest) String() string
func (*SetACLRequest) Unmarshal ¶ added in v1.5.3
func (m *SetACLRequest) Unmarshal(dAtA []byte) error
type SetACLResponse ¶ added in v1.5.3
type SetACLResponse struct { }
func (*SetACLResponse) Descriptor ¶ added in v1.5.3
func (*SetACLResponse) Descriptor() ([]byte, []int)
func (*SetACLResponse) Marshal ¶ added in v1.5.3
func (m *SetACLResponse) Marshal() (dAtA []byte, err error)
func (*SetACLResponse) MarshalTo ¶ added in v1.5.3
func (m *SetACLResponse) MarshalTo(dAtA []byte) (int, error)
func (*SetACLResponse) ProtoMessage ¶ added in v1.5.3
func (*SetACLResponse) ProtoMessage()
func (*SetACLResponse) Reset ¶ added in v1.5.3
func (m *SetACLResponse) Reset()
func (*SetACLResponse) Size ¶ added in v1.5.3
func (m *SetACLResponse) Size() (n int)
func (*SetACLResponse) String ¶ added in v1.5.3
func (m *SetACLResponse) String() string
func (*SetACLResponse) Unmarshal ¶ added in v1.5.3
func (m *SetACLResponse) Unmarshal(dAtA []byte) error
type SetScopeRequest ¶
type SetScopeRequest struct { // username is the principal (some of which belong to robots rather than // users, but the name is preserved for now to provide compatibility with the // pachyderm dash) whose access is being granted/revoked. As with // GetScopeRequest, to set the access level of a robot user, the caller must // prefix username with "robot:". If 'username' has no prefix (i.e. no ":"), // then it's assumed to be a github user's principal. Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` // repo is the object to which access is being granted/revoked Repo string `protobuf:"bytes,2,opt,name=repo,proto3" json:"repo,omitempty"` // scope (actually a "role"--see "Scope") is the access level that the owner // of 'principal' will now have Scope Scope `protobuf:"varint,3,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"` }
func (*SetScopeRequest) Descriptor ¶
func (*SetScopeRequest) Descriptor() ([]byte, []int)
func (*SetScopeRequest) GetRepo ¶
func (m *SetScopeRequest) GetRepo() string
func (*SetScopeRequest) GetScope ¶
func (m *SetScopeRequest) GetScope() Scope
func (*SetScopeRequest) GetUsername ¶
func (m *SetScopeRequest) GetUsername() string
func (*SetScopeRequest) Marshal ¶
func (m *SetScopeRequest) Marshal() (dAtA []byte, err error)
func (*SetScopeRequest) ProtoMessage ¶
func (*SetScopeRequest) ProtoMessage()
func (*SetScopeRequest) Reset ¶
func (m *SetScopeRequest) Reset()
func (*SetScopeRequest) Size ¶
func (m *SetScopeRequest) Size() (n int)
func (*SetScopeRequest) String ¶
func (m *SetScopeRequest) String() string
func (*SetScopeRequest) Unmarshal ¶
func (m *SetScopeRequest) Unmarshal(dAtA []byte) error
type SetScopeResponse ¶
type SetScopeResponse struct { }
func (*SetScopeResponse) Descriptor ¶
func (*SetScopeResponse) Descriptor() ([]byte, []int)
func (*SetScopeResponse) Marshal ¶
func (m *SetScopeResponse) Marshal() (dAtA []byte, err error)
func (*SetScopeResponse) ProtoMessage ¶
func (*SetScopeResponse) ProtoMessage()
func (*SetScopeResponse) Reset ¶
func (m *SetScopeResponse) Reset()
func (*SetScopeResponse) Size ¶
func (m *SetScopeResponse) Size() (n int)
func (*SetScopeResponse) String ¶
func (m *SetScopeResponse) String() string
func (*SetScopeResponse) Unmarshal ¶
func (m *SetScopeResponse) Unmarshal(dAtA []byte) error
type TokenInfo ¶ added in v1.7.0
type TokenInfo struct { // Subject (i.e. Pachyderm account) that a given token authorizes. Prefixed // with "github:" or "robot:" to distinguish the two classes of // Subject in Pachyderm Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"` Source TokenInfo_TokenSource `protobuf:"varint,2,opt,name=source,proto3,enum=auth.TokenInfo_TokenSource" json:"source,omitempty"` }
TokenInfo is the 'value' of an auth token 'key' in the 'tokens' collection
func (*TokenInfo) Descriptor ¶ added in v1.7.0
func (*TokenInfo) GetSource ¶ added in v1.7.0
func (m *TokenInfo) GetSource() TokenInfo_TokenSource
func (*TokenInfo) GetSubject ¶ added in v1.7.0
func (*TokenInfo) ProtoMessage ¶ added in v1.7.0
func (*TokenInfo) ProtoMessage()
type TokenInfo_TokenSource ¶ added in v1.7.0
type TokenInfo_TokenSource int32
const ( TokenInfo_INVALID TokenInfo_TokenSource = 0 TokenInfo_AUTHENTICATE TokenInfo_TokenSource = 1 TokenInfo_GET_TOKEN TokenInfo_TokenSource = 2 )
func (TokenInfo_TokenSource) EnumDescriptor ¶ added in v1.7.0
func (TokenInfo_TokenSource) EnumDescriptor() ([]byte, []int)
func (TokenInfo_TokenSource) String ¶ added in v1.7.0
func (x TokenInfo_TokenSource) String() string
type WhoAmIRequest ¶
type WhoAmIRequest struct { }
func (*WhoAmIRequest) Descriptor ¶
func (*WhoAmIRequest) Descriptor() ([]byte, []int)
func (*WhoAmIRequest) Marshal ¶
func (m *WhoAmIRequest) Marshal() (dAtA []byte, err error)
func (*WhoAmIRequest) ProtoMessage ¶
func (*WhoAmIRequest) ProtoMessage()
func (*WhoAmIRequest) Reset ¶
func (m *WhoAmIRequest) Reset()
func (*WhoAmIRequest) Size ¶
func (m *WhoAmIRequest) Size() (n int)
func (*WhoAmIRequest) String ¶
func (m *WhoAmIRequest) String() string
func (*WhoAmIRequest) Unmarshal ¶
func (m *WhoAmIRequest) Unmarshal(dAtA []byte) error
type WhoAmIResponse ¶
type WhoAmIResponse struct { Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` IsAdmin bool `protobuf:"varint,2,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"` }
func (*WhoAmIResponse) Descriptor ¶
func (*WhoAmIResponse) Descriptor() ([]byte, []int)
func (*WhoAmIResponse) GetIsAdmin ¶ added in v1.6.0
func (m *WhoAmIResponse) GetIsAdmin() bool
func (*WhoAmIResponse) GetUsername ¶
func (m *WhoAmIResponse) GetUsername() string
func (*WhoAmIResponse) Marshal ¶
func (m *WhoAmIResponse) Marshal() (dAtA []byte, err error)
func (*WhoAmIResponse) ProtoMessage ¶
func (*WhoAmIResponse) ProtoMessage()
func (*WhoAmIResponse) Reset ¶
func (m *WhoAmIResponse) Reset()
func (*WhoAmIResponse) Size ¶
func (m *WhoAmIResponse) Size() (n int)
func (*WhoAmIResponse) String ¶
func (m *WhoAmIResponse) String() string
func (*WhoAmIResponse) Unmarshal ¶
func (m *WhoAmIResponse) Unmarshal(dAtA []byte) error