Documentation
¶
Index ¶
- Variables
- func AddUserExec(user *model.User) error
- func GetAgentUserGroup(userID model.UserID, e *model.Experiment) (*model.AgentUserGroup, error)
- func InitService(db *db.PgDB, system *actor.System, extConfig *model.ExternalSessions)
- func NewCookieFromToken(token string) *http.Cookie
- func RegisterAPIHandler(echo *echo.Echo, m *Service, middleware ...echo.MiddlewareFunc)
- func SetDisplayName(userID int32, displayName *string) error
- func UserByExternalToken(tokenText string, ext *model.ExternalSessions) (*model.User, *model.UserSession, error)
- func UserByID(userID model.UserID) (*model.FullUser, error)
- func UserByToken(token string, ext *model.ExternalSessions) (*model.User, *model.UserSession, error)
- func UserByUsername(username string) (*model.User, error)
- type Service
- type UserAuthZ
- type UserAuthZBasic
- func (a *UserAuthZBasic) CanCreateUser(ctx context.Context, curUser, userToAdd model.User, ...) error
- func (a *UserAuthZBasic) CanCreateUsersOwnSetting(ctx context.Context, curUser model.User, setting model.UserWebSetting) error
- func (a *UserAuthZBasic) CanGetUser(ctx context.Context, curUser, targetUser model.User) (canGetUser bool, serverError error)
- func (a *UserAuthZBasic) CanGetUsersImage(ctx context.Context, curUser, targetUser model.User) error
- func (a *UserAuthZBasic) CanGetUsersOwnSettings(ctx context.Context, curUser model.User) error
- func (a *UserAuthZBasic) CanResetUsersOwnSettings(ctx context.Context, curUser model.User) error
- func (a *UserAuthZBasic) CanSetUsersActive(ctx context.Context, curUser, targetUser model.User, toActiveVal bool) error
- func (a *UserAuthZBasic) CanSetUsersAdmin(ctx context.Context, curUser, targetUser model.User, toAdminVal bool) error
- func (a *UserAuthZBasic) CanSetUsersAgentUserGroup(ctx context.Context, curUser, targetUser model.User, ...) error
- func (a *UserAuthZBasic) CanSetUsersDisplayName(ctx context.Context, curUser, targetUser model.User) error
- func (a *UserAuthZBasic) CanSetUsersPassword(ctx context.Context, curUser, targetUser model.User) error
- func (a *UserAuthZBasic) CanSetUsersRemote(ctx context.Context, curUser model.User) error
- func (a *UserAuthZBasic) CanSetUsersUsername(ctx context.Context, curUser, targetUser model.User) error
- func (a *UserAuthZBasic) FilterUserList(ctx context.Context, curUser model.User, users []model.FullUser) ([]model.FullUser, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var AuthZProvider authz.AuthZProviderType[UserAuthZ]
AuthZProvider is the authz registry for `user` package.
Functions ¶
func AddUserExec ¶
AddUserExec execs an INSERT to create a new user.
func GetAgentUserGroup ¶
func GetAgentUserGroup(userID model.UserID, e *model.Experiment) (*model.AgentUserGroup, error)
GetAgentUserGroup returns AgentUserGroup for a user + (optional) experiment.
func InitService ¶
InitService creates the user service singleton.
func NewCookieFromToken ¶
NewCookieFromToken creates a new cookie from the given token.
func RegisterAPIHandler ¶
func RegisterAPIHandler(echo *echo.Echo, m *Service, middleware ...echo.MiddlewareFunc)
RegisterAPIHandler initializes and registers the API handlers for all command related features.
func SetDisplayName ¶
SetDisplayName in User.
func UserByExternalToken ¶
func UserByExternalToken(tokenText string, ext *model.ExternalSessions, ) (*model.User, *model.UserSession, error)
UserByExternalToken returns a user session derived from an external authentication token.
func UserByToken ¶
func UserByToken(token string, ext *model.ExternalSessions) ( *model.User, *model.UserSession, error, )
UserByToken returns a user session given an authentication token.
Types ¶
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service describes a user manager.
func GetService ¶
func GetService() *Service
GetService returns a reference to the user service singleton.
func (*Service) ProcessAuthentication ¶
func (s *Service) ProcessAuthentication(next echo.HandlerFunc) echo.HandlerFunc
ProcessAuthentication is a middleware processing function that attempts to authenticate incoming HTTP requests.
func (*Service) UserAndSessionFromRequest ¶
func (s *Service) UserAndSessionFromRequest( r *http.Request, ) (*model.User, *model.UserSession, error)
UserAndSessionFromRequest gets the user and session corresponding to the given request.
type UserAuthZ ¶
type UserAuthZ interface {
// GET /api/v1/users/:user_id
// Denying a user shouldn't return an error. Only a server error that needs to be
// reported to the user should return an errr.
CanGetUser(ctx context.Context, curUser, targetUser model.User) (
canGetUser bool, serverError error)
// GET /users
// GET /api/v1/users
// FilterUserList normally shouldn't return an error. It should just remove
// users that the requesting user shouldn't see. It returns an error directly without
// indication it occurred during a filtering stage to bubble up a failure to the user.
FilterUserList(ctx context.Context, curUser model.User, users []model.FullUser) (
[]model.FullUser, error)
// POST /user
// POST /api/v1/users
CanCreateUser(
ctx context.Context, curUser, userToAdd model.User, agentUserGroup *model.AgentUserGroup,
) error
// PATCH /users/:username
// POST /api/v1/users/:user_id/password
CanSetUsersPassword(ctx context.Context, curUser, targetUser model.User) error
// PATCH /users/:username
CanSetUsersActive(ctx context.Context, curUser, targetUser model.User, toActiveVal bool) error
// PATCH /users/:username
CanSetUsersAdmin(ctx context.Context, curUser, targetUser model.User, toAdminVal bool) error
// PATCH /users/:username
CanSetUsersRemote(ctx context.Context, curUser model.User) error
// PATCH /users/:username
CanSetUsersAgentUserGroup(
ctx context.Context, curUser, targetUser model.User, agentUserGroup model.AgentUserGroup,
) error
// PATCH /users/:username/username
CanSetUsersUsername(ctx context.Context, curUser, targetUser model.User) error
// PATCH /api/v1/users/:user_id
CanSetUsersDisplayName(ctx context.Context, curUser, targetUser model.User) error
// GET /users/:username/image
CanGetUsersImage(ctx context.Context, curUser, targetUsername model.User) error
// GET /api/v1/users/setting
CanGetUsersOwnSettings(ctx context.Context, curUser model.User) error
// POST /api/v1/users/setting/reset
CanCreateUsersOwnSetting(
ctx context.Context, curUser model.User, setting model.UserWebSetting,
) error
// POST /api/v1/users/setting
CanResetUsersOwnSettings(ctx context.Context, curUser model.User) error
}
UserAuthZ describes authz methods for `user` package.
type UserAuthZBasic ¶
type UserAuthZBasic struct{}
UserAuthZBasic is basic OSS controls.
func (*UserAuthZBasic) CanCreateUser ¶
func (a *UserAuthZBasic) CanCreateUser( ctx context.Context, curUser, userToAdd model.User, agentUserGroup *model.AgentUserGroup, ) error
CanCreateUser returns an error if the user is not an admin.
func (*UserAuthZBasic) CanCreateUsersOwnSetting ¶
func (a *UserAuthZBasic) CanCreateUsersOwnSetting( ctx context.Context, curUser model.User, setting model.UserWebSetting, ) error
CanCreateUsersOwnSetting always returns nil.
func (*UserAuthZBasic) CanGetUser ¶
func (a *UserAuthZBasic) CanGetUser( ctx context.Context, curUser, targetUser model.User, ) (canGetUser bool, serverError error)
CanGetUser always returns true.
func (*UserAuthZBasic) CanGetUsersImage ¶
func (a *UserAuthZBasic) CanGetUsersImage( ctx context.Context, curUser, targetUser model.User, ) error
CanGetUsersImage always returns nil.
func (*UserAuthZBasic) CanGetUsersOwnSettings ¶
CanGetUsersOwnSettings always returns nil.
func (*UserAuthZBasic) CanResetUsersOwnSettings ¶
CanResetUsersOwnSettings always returns nil.
func (*UserAuthZBasic) CanSetUsersActive ¶
func (a *UserAuthZBasic) CanSetUsersActive( ctx context.Context, curUser, targetUser model.User, toActiveVal bool, ) error
CanSetUsersActive returns an error if the user is not an admin.
func (*UserAuthZBasic) CanSetUsersAdmin ¶
func (a *UserAuthZBasic) CanSetUsersAdmin( ctx context.Context, curUser, targetUser model.User, toAdminVal bool, ) error
CanSetUsersAdmin returns an error if the user is not an admin.
func (*UserAuthZBasic) CanSetUsersAgentUserGroup ¶
func (a *UserAuthZBasic) CanSetUsersAgentUserGroup( ctx context.Context, curUser, targetUser model.User, agentUserGroup model.AgentUserGroup, ) error
CanSetUsersAgentUserGroup returns an error if the user is not an admin.
func (*UserAuthZBasic) CanSetUsersDisplayName ¶
func (a *UserAuthZBasic) CanSetUsersDisplayName( ctx context.Context, curUser, targetUser model.User, ) error
CanSetUsersDisplayName returns an error if the user is not an admin when trying to set another user's display name.
func (*UserAuthZBasic) CanSetUsersPassword ¶
func (a *UserAuthZBasic) CanSetUsersPassword( ctx context.Context, curUser, targetUser model.User, ) error
CanSetUsersPassword returns an error if the user is not an admin when trying to set another user's password.
func (*UserAuthZBasic) CanSetUsersRemote ¶
CanSetUsersRemote returns an error if the user is not an admin.
func (*UserAuthZBasic) CanSetUsersUsername ¶
func (a *UserAuthZBasic) CanSetUsersUsername( ctx context.Context, curUser, targetUser model.User, ) error
CanSetUsersUsername returns an error if the user is not an admin.
Source Files
Click to show internal directories.
Click to hide internal directories.