enforcer

package
v1.7.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 24, 2023 License: Apache-2.0 Imports: 12 Imported by: 2

Documentation

Index

Constants

View Source
const (
	// DefaultURL default Keto server URL
	DefaultURL = "http://localhost:4466"
	// DefaultFlavor default Keto flavor to be used
	DefaultFlavor = FlavorGlob
	// DefaultTimeout maximum call duration to Keto Server before considered as timeout
	DefaultTimeout = 5 * time.Second
)
View Source
const (
	// ActionCreate action to create a resource
	ActionCreate = "actions:create"
	// ActionRead action to read a resource
	ActionRead = "actions:read"
	// ActionUpdate action to update a resource
	ActionUpdate = "actions:update"
	// ActionDelete action to delete a resource
	ActionDelete = "actions:delete"
	// ActionAll all action
	ActionAll = "actions:**"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Builder

type Builder struct {
	// contains filtered or unexported fields
}

Builder builder of enforcer.Enforcer

func NewEnforcerBuilder

func NewEnforcerBuilder() *Builder

NewEnforcerBuilder create new enforcer builder with all default parameters

func (*Builder) Build

func (b *Builder) Build() (Enforcer, error)

Build build an enforcer.Enforcer instance

func (*Builder) Flavor

func (b *Builder) Flavor(flavor Flavor) *Builder

Flavor set Keto flavor

func (*Builder) Product

func (b *Builder) Product(product string) *Builder

Product set product name

func (*Builder) Timeout

func (b *Builder) Timeout(timeout time.Duration) *Builder

Timeout set timeout

func (*Builder) URL

func (b *Builder) URL(url string) *Builder

URL set Keto URL

type Enforcer

type Enforcer interface {
	// Enforce check whether user is authorized to do certain action against a resource
	Enforce(user string, resource string, action string) (*bool, error)
	// FilterAuthorizedResource filter and return list of authorized resource for certain user
	FilterAuthorizedResource(user string, resources []string, action string) ([]string, error)
	// GetRole get role with name
	GetRole(roleName string) (*types.Role, error)
	// GetPolicy get policy with name
	GetPolicy(policyName string) (*types.Policy, error)
	// UpsertRole create or update a role containing member as specified by users argument
	UpsertRole(roleName string, users []string) (*types.Role, error)
	// UpsertPolicy create or update a policy to allow subjects do actions against the specified resources
	UpsertPolicy(
		policyName string,
		roles []string,
		users []string,
		resources []string,
		actions []string,
	) (*types.Policy, error)
}

Enforcer thin client providing interface for authorizing users

type Flavor

type Flavor string

Flavor flavor type

const (
	// FlavorExact keto flavor using "exact" semantics
	FlavorExact Flavor = "exact"
	// FlavorGlob keto flavor using "glob" pattern matching
	FlavorGlob Flavor = "glob"
	// FlavorRegex keto flavor using "regex" pattern matching
	FlavorRegex Flavor = "regex"
)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL