Documentation ¶
Index ¶
- Constants
- func Create() *casbin.Enforcer
- func DeleteRoleForUser(user string, role string) bool
- func GetAllSubjects() []string
- func GetRolesForUser(user string) ([]string, error)
- func GetUserByRole(role string) ([]string, error)
- func LoadPolicy()
- type Action
- type Enforcer
- type EnforcerImpl
- type Object
- type Policy
- type PolicyType
- type Resource
- type Subject
Constants ¶
View Source
const ( ResourceCluster = "cluster" ResourceGlobalEnvironment = "global-environment" ResourceEnvironment = "environment" ResourceGit = "git" ResourceDocker = "docker" ResourceMigrate = "migrate" ResourceUser = "user" ResourceNotification = "notification" ResourceTemplate = "template" ResourceProjects = "projects" ResourceApplications = "applications" ResourceDockerAuto = "docker-auto" ResourceGitAuto = "git-auto" ResourceAutocomplete = "autocomplete" ResourceChartGroup = "chart-group" ResourceTeam = "team" ResourceAdmin = "admin" ResourceGlobal = "global-resource" ResourceHelmApp = "helm-app" ActionGet = "get" ActionCreate = "create" ActionUpdate = "update" ActionDelete = "delete" ActionSync = "sync" ActionTrigger = "trigger" ActionNotify = "notify" )
Variables ¶
This section is empty.
Functions ¶
func DeleteRoleForUser ¶
func GetAllSubjects ¶
func GetAllSubjects() []string
func GetRolesForUser ¶
func GetUserByRole ¶
func LoadPolicy ¶
func LoadPolicy()
Types ¶
type EnforcerImpl ¶
type EnforcerImpl struct { *casbin.Enforcer *middleware.SessionManager // contains filtered or unexported fields }
Enforcer is a wrapper around an Casbin enforcer that: * is backed by a kubernetes config map * has a predefined RBAC model * supports a built-in policy * supports a user-defined bolicy * supports a custom JWT claims enforce function
func NewEnforcerImpl ¶
func NewEnforcerImpl( enforcer *casbin.Enforcer, sessionManager *middleware.SessionManager, logger *zap.SugaredLogger) *EnforcerImpl
func (*EnforcerImpl) Enforce ¶
func (e *EnforcerImpl) Enforce(rvals ...interface{}) bool
Enforce is a wrapper around casbin.Enforce to additionally enforce a default role and a custom claims function
func (*EnforcerImpl) EnforceByEmail ¶
func (e *EnforcerImpl) EnforceByEmail(rvals ...interface{}) bool
func (*EnforcerImpl) EnforceErr ¶
func (e *EnforcerImpl) EnforceErr(rvals ...interface{}) error
EnforceErr is a convenience helper to wrap a failed enforcement with a detailed error about the request
type Policy ¶
type Policy struct { Type PolicyType `json:"type"` Sub Subject `json:"sub"` Res Resource `json:"res"` Act Action `json:"act"` Obj Object `json:"obj"` }
func RemovePolicy ¶
type PolicyType ¶
type PolicyType string
Click to show internal directories.
Click to hide internal directories.