rbac

package
v0.2.27 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 9, 2021 License: Apache-2.0 Imports: 11 Imported by: 16

Documentation

Index

Constants

View Source
const (
	ResourceCluster           = "cluster"
	ResourceGlobalEnvironment = "global-environment"
	ResourceEnvironment       = "environment"
	ResourceGit               = "git"
	ResourceDocker            = "docker"
	ResourceMigrate           = "migrate"
	ResourceUser              = "user"
	ResourceNotification      = "notification"
	ResourceTemplate          = "template"

	ResourceProjects     = "projects"
	ResourceApplications = "applications"
	ResourceDockerAuto   = "docker-auto"
	ResourceGitAuto      = "git-auto"

	ResourceAutocomplete = "autocomplete"
	ResourceChartGroup   = "chart-group"

	ResourceTeam   = "team"
	ResourceAdmin  = "admin"
	ResourceGlobal = "global-resource"

	ActionGet     = "get"
	ActionCreate  = "create"
	ActionUpdate  = "update"
	ActionDelete  = "delete"
	ActionSync    = "sync"
	ActionTrigger = "trigger"
	ActionNotify  = "notify"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Enforcer

type Enforcer interface {
	Enforce(rvals ...interface{}) bool
	EnforceErr(rvals ...interface{}) error
	EnforceByEmail(rvals ...interface{}) bool
}

type EnforcerImpl

type EnforcerImpl struct {
	*casbin.Enforcer
	*session.SessionManager
	// contains filtered or unexported fields
}

Enforcer is a wrapper around an Casbin enforcer that: * is backed by a kubernetes config map * has a predefined RBAC model * supports a built-in policy * supports a user-defined bolicy * supports a custom JWT claims enforce function

func NewEnforcerImpl

func NewEnforcerImpl(
	enforcer *casbin.Enforcer,
	sessionManager *session.SessionManager,
	logger *zap.SugaredLogger) *EnforcerImpl

func (*EnforcerImpl) Enforce

func (e *EnforcerImpl) Enforce(rvals ...interface{}) bool

Enforce is a wrapper around casbin.Enforce to additionally enforce a default role and a custom claims function

func (*EnforcerImpl) EnforceByEmail

func (e *EnforcerImpl) EnforceByEmail(rvals ...interface{}) bool

func (*EnforcerImpl) EnforceErr

func (e *EnforcerImpl) EnforceErr(rvals ...interface{}) error

EnforceErr is a convenience helper to wrap a failed enforcement with a detailed error about the request

type EnforcerUtil

type EnforcerUtil interface {
	GetAppRBACName(appName string) string
	GetRbacObjectsForAllApps() map[int]string
	GetAppRBACNameByAppId(appId int) string
	GetAppRBACByAppNameAndEnvId(appName string, envId int) string
	GetAppRBACByAppIdAndPipelineId(appId int, pipelineId int) string
	GetEnvRBACNameByAppId(appId int, envId int) string
	GetTeamRBACByCiPipelineId(pipelineId int) string
	GetEnvRBACArrayByAppId(appId int) []string
	GetEnvRBACNameByCiPipelineIdAndEnvId(ciPipelineId int, envId int) string
	GetTeamRbacObjectByCiPipelineId(ciPipelineId int) string
	GetTeamAndEnvironmentRbacObjectByCDPipelineId(pipelineId int) (string, string)
	GetRbacObjectsForAllAppsAndEnvironments() (map[int]string, map[string]string)
}

type EnforcerUtilImpl

type EnforcerUtilImpl struct {
	// contains filtered or unexported fields
}

func NewEnforcerUtilImpl

func NewEnforcerUtilImpl(logger *zap.SugaredLogger, teamRepository team.TeamRepository,
	appRepo pipelineConfig.AppRepository, environmentRepository cluster.EnvironmentRepository,
	pipelineRepository pipelineConfig.PipelineRepository, ciPipelineRepository pipelineConfig.CiPipelineRepository) *EnforcerUtilImpl

func (EnforcerUtilImpl) GetAppRBACByAppIdAndPipelineId

func (impl EnforcerUtilImpl) GetAppRBACByAppIdAndPipelineId(appId int, pipelineId int) string

func (EnforcerUtilImpl) GetAppRBACByAppNameAndEnvId

func (impl EnforcerUtilImpl) GetAppRBACByAppNameAndEnvId(appName string, envId int) string

func (EnforcerUtilImpl) GetAppRBACName

func (impl EnforcerUtilImpl) GetAppRBACName(appName string) string

func (EnforcerUtilImpl) GetAppRBACNameByAppId

func (impl EnforcerUtilImpl) GetAppRBACNameByAppId(appId int) string

func (EnforcerUtilImpl) GetEnvRBACArrayByAppId

func (impl EnforcerUtilImpl) GetEnvRBACArrayByAppId(appId int) []string

func (EnforcerUtilImpl) GetEnvRBACNameByAppId

func (impl EnforcerUtilImpl) GetEnvRBACNameByAppId(appId int, envId int) string

func (EnforcerUtilImpl) GetEnvRBACNameByCiPipelineIdAndEnvId

func (impl EnforcerUtilImpl) GetEnvRBACNameByCiPipelineIdAndEnvId(ciPipelineId int, envId int) string

func (EnforcerUtilImpl) GetRbacObjectsForAllApps

func (impl EnforcerUtilImpl) GetRbacObjectsForAllApps() map[int]string

func (EnforcerUtilImpl) GetRbacObjectsForAllAppsAndEnvironments added in v0.2.17

func (impl EnforcerUtilImpl) GetRbacObjectsForAllAppsAndEnvironments() (map[int]string, map[string]string)

func (EnforcerUtilImpl) GetTeamAndEnvironmentRbacObjectByCDPipelineId

func (impl EnforcerUtilImpl) GetTeamAndEnvironmentRbacObjectByCDPipelineId(pipelineId int) (string, string)

func (EnforcerUtilImpl) GetTeamRBACByCiPipelineId

func (impl EnforcerUtilImpl) GetTeamRBACByCiPipelineId(pipelineId int) string

func (EnforcerUtilImpl) GetTeamRbacObjectByCiPipelineId

func (impl EnforcerUtilImpl) GetTeamRbacObjectByCiPipelineId(ciPipelineId int) string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL