scope

Documentation

Index

• Constants
• func AddLightweightAccountScope(role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func AddOCMShareScope(share *ocmv1beta1.Share, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func AddOwnerScope(scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func AddPublicShareScope(share *link.PublicShare, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func AddReceivedShareScope(share *collaboration.ReceivedShare, role authpb.Role, ...) (map[string]*authpb.Scope, error)
• func AddResourceInfoScope(r *provider.ResourceInfo, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func AddShareScope(share *collaboration.Share, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)
• func FormatScope(scopeType string, scope *authpb.Scope) (string, error)
• func GetOCMSharesFromScopes(scopes map[string]*authpb.Scope) ([]*ocmv1beta1.Share, error)
• func VerifyScope(ctx context.Context, scopeMap map[string]*authpb.Scope, resource interface{}) (bool, error)
• type Verifier

Constants

const PublicStorageProviderID = "7993447f-687f-490d-875c-ac95e89a62a4"

PublicStorageProviderID is the space id used for the public links storage space

Functions

func AddLightweightAccountScope

func AddLightweightAccountScope(role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddLightweightAccountScope adds the scope to allow access to lightweight user.

func AddOCMShareScope

func AddOCMShareScope(share *ocmv1beta1.Share, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddOCMShareScope adds the scope to allow access to an OCM share and the share resource.

func AddOwnerScope

func AddOwnerScope(scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddOwnerScope adds the default owner scope with access to all resources.

func AddPublicShareScope

func AddPublicShareScope(share *link.PublicShare, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddPublicShareScope adds the scope to allow access to a public share and the shared resource.

func AddReceivedShareScope

func AddReceivedShareScope(share *collaboration.ReceivedShare, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddReceivedShareScope adds the scope to allow access to a received user/group share and the shared resource.

func AddResourceInfoScope

func AddResourceInfoScope(r *provider.ResourceInfo, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddResourceInfoScope adds the scope to allow access to a resource info object.

func AddShareScope

func AddShareScope(share *collaboration.Share, role authpb.Role, scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error)

AddShareScope adds the scope to allow access to a user/group share and the shared resource.

func FormatScope

func FormatScope(scopeType string, scope *authpb.Scope) (string, error)

FormatScope create a pretty print of the scope

func GetOCMSharesFromScopes

func GetOCMSharesFromScopes(scopes map[string]*authpb.Scope) ([]*ocmv1beta1.Share, error)

GetOCMSharesFromScopes returns all OCM shares in the given scope.

func VerifyScope

func VerifyScope(ctx context.Context, scopeMap map[string]*authpb.Scope, resource interface{}) (bool, error)

VerifyScope is the function to be called when dismantling tokens to check if the token has access to a particular resource.

Types

type Verifier

type Verifier func(context.Context, *authpb.Scope, interface{}, *zerolog.Logger) (bool, error)

Verifier is the function signature which every scope verifier should implement.