Documentation ¶
Index ¶
- func NewAuditLogger(client AuthzInterface) ladon.AuditLogger
- func NewPolicyManager(client AuthzInterface) ladon.Manager
- type AuditLogger
- type Authorizer
- type AuthzInterface
- type PolicyGetter
- type PolicyManager
- func (m *PolicyManager) Create(policy ladon.Policy) error
- func (m *PolicyManager) Delete(id string) error
- func (m *PolicyManager) FindPoliciesForResource(resource string) (ladon.Policies, error)
- func (m *PolicyManager) FindPoliciesForSubject(subject string) (ladon.Policies, error)
- func (m *PolicyManager) FindRequestCandidates(r *ladon.Request) (ladon.Policies, error)
- func (m *PolicyManager) Get(id string) (ladon.Policy, error)
- func (m *PolicyManager) GetAll(limit, offset int64) (ladon.Policies, error)
- func (m *PolicyManager) Update(policy ladon.Policy) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuditLogger ¶
func NewAuditLogger(client AuthzInterface) ladon.AuditLogger
NewAuditLogger 创建一个 AuditLogger 实例.
func NewPolicyManager ¶
func NewPolicyManager(client AuthzInterface) ladon.Manager
NewPolicyManager 创建一个 PolicyManager 实例.
Types ¶
type AuditLogger ¶
type AuditLogger struct {
// contains filtered or unexported fields
}
AuditLogger 输出并缓存批准或拒绝授权的日志.
func (*AuditLogger) LogGrantedAccessRequest ¶
func (*AuditLogger) LogRejectedAccessRequest ¶
type Authorizer ¶
type Authorizer struct {
// contains filtered or unexported fields
}
Authorizer 实现了授权审核接口.
func NewAuthorizer ¶
func NewAuthorizer(getter PolicyGetter) *Authorizer
NewAuthorizer 创建一个 Authorizer 实例.
func (*Authorizer) Authorize ¶
func (a *Authorizer) Authorize(request *ladon.Request) *response.AuthzResponse
Authorize 确定访问权限.
type AuthzInterface ¶
type AuthzInterface interface { Create(*ladon.DefaultPolicy) error // 创建授权策略 Update(*ladon.DefaultPolicy) error // 更新授权策略 Delete(id string) error // 删除授权策略 DeleteCollection(idList []string) error // 批量删除授权策略 Get(id string) (*ladon.DefaultPolicy, error) // 获取授权策略 List(username string) ([]*ladon.DefaultPolicy, error) // 获取指定用户的授权策略列表 LogRejectedAccessRequest(request *ladon.Request, pool ladon.Policies, deciders ladon.Policies) // 记录拒绝授权的请求 LogGrantedAccessRequest(request *ladon.Request, pool ladon.Policies, deciders ladon.Policies) // 记录批准授权的请求 }
type PolicyGetter ¶
type PolicyGetter interface {
GetPolicy(key string) ([]*ladon.DefaultPolicy, error)
}
PolicyGetter 定义获取指定用户授权策略的接口.
type PolicyManager ¶
type PolicyManager struct {
// contains filtered or unexported fields
}
PolicyManager 是一个基于 MySQL 实现的授权策略持久化 Manager.
func (*PolicyManager) Delete ¶
func (m *PolicyManager) Delete(id string) error
func (*PolicyManager) FindPoliciesForResource ¶
func (m *PolicyManager) FindPoliciesForResource(resource string) (ladon.Policies, error)
func (*PolicyManager) FindPoliciesForSubject ¶
func (m *PolicyManager) FindPoliciesForSubject(subject string) (ladon.Policies, error)
func (*PolicyManager) FindRequestCandidates ¶
Click to show internal directories.
Click to hide internal directories.