Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Access ¶
An Access Grant contains everything to access a project and specific buckets. It includes a potentially-restricted API Key, a potentially-restricted set of encryption information, and information about the Satellite responsible for the project's metadata.
func ParseAccess ¶
ParseAccess parses a serialized access grant string.
This should be the main way to instantiate an access grant for opening a project. See the note on RequestAccessWithPassphrase.
func (*Access) SatelliteAddress ¶
SatelliteAddress returns the satellite node URL for this access grant.
func (*Access) Serialize ¶
Serialize serializes an access grant such that it can be used later with ParseAccess or other tools.
func (*Access) Share ¶
func (access *Access) Share(permission Permission, prefixes ...SharePrefix) (*Access, error)
Share creates a new access grant with specific permissions.
Access grants can only have their existing permissions restricted, and the resulting access grant will only allow for the intersection of all previous Share calls in the access grant construction chain.
Prefixes, if provided, restrict the access grant (and internal encryption information) to only contain enough information to allow access to just those prefixes.
To revoke an access grant see the Project.RevokeAccess method.
type Permission ¶
type Permission struct {
// AllowDownload gives permission to download the object's content. It
// allows getting object metadata, but it does not allow listing buckets.
AllowDownload bool
// AllowUpload gives permission to create buckets and upload new objects.
// It does not allow overwriting existing objects unless AllowDelete is
// granted too.
AllowUpload bool
// AllowList gives permission to list buckets. It allows getting object
// metadata, but it does not allow downloading the object's content.
AllowList bool
// AllowDelete gives permission to delete buckets and objects. Unless
// either AllowDownload or AllowList is granted too, no object metadata and
// no error info will be returned for deleted objects.
AllowDelete bool
// NotBefore restricts when the resulting access grant is valid for.
// If set, the resulting access grant will not work if the Satellite
// believes the time is before NotBefore.
// If set, this value should always be before NotAfter.
NotBefore time.Time
// NotAfter restricts when the resulting access grant is valid for.
// If set, the resulting access grant will not work if the Satellite
// believes the time is after NotAfter.
// If set, this value should always be after NotBefore.
NotAfter time.Time
}
Permission defines what actions can be used to share.
func FullPermission ¶
func FullPermission() Permission
FullPermission returns a Permission that allows all actions that the parent access grant already allows.
func ReadOnlyPermission ¶
func ReadOnlyPermission() Permission
ReadOnlyPermission returns a Permission that allows reading and listing (if the parent access grant already allows those things).
func WriteOnlyPermission ¶
func WriteOnlyPermission() Permission
WriteOnlyPermission returns a Permission that allows writing and deleting (if the parent access grant already allows those things).
type SharePrefix ¶
type SharePrefix struct {
//
// Note: that within a bucket, the hierarchical key derivation scheme is
// delineated by forward slashes (/), so encryption information will be
// included in the resulting access grant to decrypt any key that shares
// the same prefix up until the last slash.
Prefix string
}
SharePrefix defines a prefix that will be shared.
Source Files