acl

package
v4.11.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 22, 2018 License: GPL-3.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultPrefix = "btrdb"
View Source 
const UserCacheTime = 3 * time.Minute

Variables

View Source 
var KnownCapabilities = map[string]bool{
	"plotter":    true,
	"api":        true,
	"insert":     true,
	"read":       true,
	"delete":     true,
	"obliterate": true,
	"admin":      true,
}

Functions

func NewACLModule 

func NewACLModule(c *etcd.Client, loggedInUser string) admincli.CLIModule

Types

type ACLEngine 

type ACLEngine struct {
	// contains filtered or unexported fields
}

func NewACLEngine 

func NewACLEngine(prefix string, c *etcd.Client) *ACLEngine

func (*ACLEngine) AddCapabilityToGroup 

func (e *ACLEngine) AddCapabilityToGroup(group string, capability string) error

func (*ACLEngine) AddGroup 

func (e *ACLEngine) AddGroup(name string) error

func (*ACLEngine) AddPrefixToGroup 

func (e *ACLEngine) AddPrefixToGroup(group string, prefix string) error

func (*ACLEngine) AddUserToGroup 

func (e *ACLEngine) AddUserToGroup(user string, group string) error

func (*ACLEngine) AuthenticateUser 

func (e *ACLEngine) AuthenticateUser(name string, password string) (bool, *User, error)

Returns false, nil, nil if password is incorrect or user does not exist

func (*ACLEngine) ConstructUser 

func (e *ACLEngine) ConstructUser(groups []string) (*User, error)

func (*ACLEngine) CreateDefaultAdminUser 

func (e *ACLEngine) CreateDefaultAdminUser(password string) error

func (*ACLEngine) CreateUser 

func (e *ACLEngine) CreateUser(username, password string) error

func (*ACLEngine) DeleteGroup 

func (e *ACLEngine) DeleteGroup(name string) error

func (*ACLEngine) DeleteUser 

func (e *ACLEngine) DeleteUser(username string) error

func (*ACLEngine) GetAllUsers 

func (e *ACLEngine) GetAllUsers() ([]string, error)

func (*ACLEngine) GetBuiltinUser 

func (e *ACLEngine) GetBuiltinUser(name string) (*User, error)

func (*ACLEngine) GetGroup 

func (e *ACLEngine) GetGroup(name string) (*Group, error)

func (*ACLEngine) GetGroups 

func (e *ACLEngine) GetGroups() ([]*Group, error)

func (*ACLEngine) GetIDP 

func (e *ACLEngine) GetIDP() (IdentityProvider, error)

func (*ACLEngine) RemoveCapabilityFromGroup 

func (e *ACLEngine) RemoveCapabilityFromGroup(group string, capability string) error

func (*ACLEngine) RemovePrefixFromGroup 

func (e *ACLEngine) RemovePrefixFromGroup(group string, prefix string) error

func (*ACLEngine) RemoveUserFromGroup 

func (e *ACLEngine) RemoveUserFromGroup(user string, group string) error

func (*ACLEngine) SetIDP 

func (e *ACLEngine) SetIDP(p IdentityProvider) error

func (*ACLEngine) SetPassword 

func (e *ACLEngine) SetPassword(username, password string) error

func (*ACLEngine) WatchForAuthChanges 

func (e *ACLEngine) WatchForAuthChanges(ctx context.Context) (chan struct{}, error)

type BuiltinUser 

type BuiltinUser struct {
	Groups   []string
	Password string
}

type CachedUser 

type CachedUser struct {
	User   *User
	Expiry time.Time
}

type CachedUserKey 

type CachedUserKey struct {
	Name     string
	Password string
}

type Capability 

type Capability string

type Group 

type Group struct {
	Name         string
	Prefixes     []string
	Capabilities []string
}

type IdentityProvider 

type IdentityProvider string
var IDP_Builtin IdentityProvider = "BuiltIn"
var IDP_Invalid IdentityProvider = "invalid"
var IDP_LDAP IdentityProvider = "LDAP"

type User 

type User struct {
	Groups   []string
	Password string

	//Calculated at load time
	Prefixes     []string
	Capabilities []string
}

func (*User) HasCapability 

func (u *User) HasCapability(c string) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.