user

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrUserDoesNotFulfilRequirement indicates that a User does not
	// meet the provided Requirement.
	ErrUserDoesNotFulfilRequirement = errors.New("user does not fulfill requirement")

	// ErrGroupDoesNotFulfilRequirement indicates that a Group does not
	// meet the provided GroupRequirement.
	ErrGroupDoesNotFulfilRequirement = errors.New("group does not fulfill requirement")
)
View Source 
var (
	DefaultFileSystemSyncThreshold = time.Second * 2
	DefaultCreateFilesIfAbsent     = false
	DefaultAllowBadName            = true
	DefaultAllowBadLine            = true
)
View Source 
var (
	// ErrNoSuchUser indicates that a User which was requested
	// does not exist.
	ErrNoSuchUser = errors.Newf(errors.Unknown, "no such user")

	// ErrNoSuchGroup indicates that a Group which was requested
	// does not exist.
	ErrNoSuchGroup = errors.Newf(errors.Unknown, "no such group")

	// DefaultRepositoryProvider holds the default instance of RepositoryProvider.
	DefaultRepositoryProvider RepositoryProvider = &failingRepositoryProvider{}
)
View Source 
var (
	DefaultEtcGroup = "/etc/group"
)
View Source 
var (
	DefaultEtcPasswd = "/etc/passwd"
)
View Source 
var (
	DefaultEtcShadow = "/etc/shadow"
)

Functions

func GroupIdEqualsP 

func GroupIdEqualsP(a, b *GroupId) bool

func IdEqualsP 

func IdEqualsP(a, b *Id) bool

Types

type CloseableRepository 

type CloseableRepository interface {
	Repository
	io.Closer
}

CloseableRepository represents a Repository which needs to be closed after final usage (via Close).

type DeleteOpts 

type DeleteOpts struct {
	// HomeDir defines if the home directory of the User should be
	// deleted or not (does not affect Group). Default: true
	HomeDir *bool

	// KillProcesses will also kill all running processes of this user
	// if any.
	KillProcesses *bool
}

DeleteOpts adds some more hints what should happen when Repository.DeleteById or its derivates is used.

func (*DeleteOpts) IsHomeDir 

func (this *DeleteOpts) IsHomeDir() bool

func (*DeleteOpts) IsKillProcesses 

func (this *DeleteOpts) IsKillProcesses() bool

type EnsureOnHomeDirExist 

type EnsureOnHomeDirExist uint8
const (
	EnsureOnHomeDirExistUnknown EnsureOnHomeDirExist = iota
	EnsureOnHomeDirExistFail
	EnsureOnHomeDirExistTakeover
	EnsureOnHomeDirExistOverwrite
)

func (EnsureOnHomeDirExist) Clone 

func (this EnsureOnHomeDirExist) Clone() EnsureOnHomeDirExist

func (EnsureOnHomeDirExist) IsEqualTo 

func (this EnsureOnHomeDirExist) IsEqualTo(other any) bool

func (EnsureOnHomeDirExist) IsZero 

func (this EnsureOnHomeDirExist) IsZero() bool

func (EnsureOnHomeDirExist) MarshalText 

func (this EnsureOnHomeDirExist) MarshalText() (text []byte, err error)

func (*EnsureOnHomeDirExist) Set 

func (this *EnsureOnHomeDirExist) Set(text string) error

func (EnsureOnHomeDirExist) String 

func (this EnsureOnHomeDirExist) String() string

func (*EnsureOnHomeDirExist) UnmarshalText 

func (this *EnsureOnHomeDirExist) UnmarshalText(text []byte) error

func (EnsureOnHomeDirExist) Validate 

func (this EnsureOnHomeDirExist) Validate() error

type EnsureOpts 

type EnsureOpts struct {
	// CreateAllowed defines that a User or Group can be created if not
	// already present. Default: true
	CreateAllowed *bool

	// ModifyAllowed defines that a User or Group can be modified if it
	// does not meet the provided requirement. Default: true
	ModifyAllowed *bool

	// HomeDir defines if the home directory of the User should be
	// touched or not (does not affect Group). This will create
	// the home directory upon the user is created and move it once
	// the home directory of an existing user is changing.
	// Default: true
	HomeDir *bool

	// OnHomeDirExist defines what should happen if the destination of the
	// home directory (on creation and move) already exist.
	// Default: EnsureOnHomeDirExistOverwrite
	OnHomeDirExist EnsureOnHomeDirExist
}

EnsureOpts adds some more hints what should happen when Ensurer.Ensure or Ensurer.EnsureGroup is used.

func (*EnsureOpts) GetOnHomeDirExist 

func (this *EnsureOpts) GetOnHomeDirExist() EnsureOnHomeDirExist

func (*EnsureOpts) IsCreateAllowed 

func (this *EnsureOpts) IsCreateAllowed() bool

func (*EnsureOpts) IsHomeDir 

func (this *EnsureOpts) IsHomeDir() bool

func (*EnsureOpts) IsModifyAllowed 

func (this *EnsureOpts) IsModifyAllowed() bool

type EnsureResult 

type EnsureResult uint8
const (
	EnsureResultUnknown EnsureResult = iota
	EnsureResultError
	EnsureResultUnchanged
	EnsureResultModified
	EnsureResultCreated
)

type Ensurer 

type Ensurer interface {
	// Ensure ensures that User exists for the given Requirement.
	//
	// If the User does not exist and EnsureOpts.CreateAllowed is false,
	// ErrNoSuchUser will be returned as error.
	//
	// If the User does exist but does not match the Requirement and
	// EnsureOpts.ModifyAllowed is false,  ErrUserDoesNotFulfilRequirement
	// will be returned as error.
	Ensure(context.Context, *Requirement, *EnsureOpts) (*User, EnsureResult, error)

	// EnsureGroup ensures that Group exists for the given GroupRequirement.
	//
	// If the Group does not exist and EnsureOpts.CreateAllowed is false,
	// ErrNoSuchUser will be returned as error.
	//
	// If the Group does exist but does not match the GroupRequirement and
	// EnsureOpts.ModifyAllowed is false, ErrGroupDoesNotFulfilRequirement
	// will be returned as error.
	EnsureGroup(context.Context, *GroupRequirement, *EnsureOpts) (*Group, EnsureResult, error)
}

Ensurer ensures that a User or Group meets the provided requirements.

type EtcColonRepository 

type EtcColonRepository struct {
	// PasswdFilename defines which file to use for reading the base user
	// information from. If empty DefaultEtcPasswd will be used.
	PasswdFilename string

	// GroupFilename defines which file to use for reading the group
	// information from. If empty DefaultEtcGroup will be used.
	GroupFilename string

	// ShadowFilename defines which file to use for reading the hashed
	// password information of a user from.
	// If empty DefaultEtcShadow will be used.
	ShadowFilename string

	// CreateFilesIfAbsent tells the repository to create the related files if
	// they do not exist. This only makes in very few amount of cases really
	// sense; so: You should now what you're doing.
	//
	// If empty DefaultCreateFilesIfAbsent will be used.
	CreateFilesIfAbsent *bool

	// AllowBadName defines that if bad names of users and groups are allowed
	// within the files.
	//
	// It leads to that also other characters than the default ones are
	// allowed. Usually are only ^[a-z][-a-z0-9]*$ allowed. As nowadays
	// often also . (dots) or @ (ats) are used in usernames, it makes
	// sense to enable them. The majority of the current unix systems are
	// supporting those username, too.
	//
	// If empty DefaultAllowBadName will be used.
	AllowBadName *bool

	// AllowBadLine defines that if malformed lines within the files are
	// allowed and will be preserved.
	//
	// If the repository will neither read nor write those files successfully
	// in those cases. If mainly used to work on existing ones, true is
	// recommended.
	//
	// If empty DefaultAllowBadLine will be used.
	AllowBadLine *bool

	// OnUnhandledAsyncError will be called when in async contexts are errors
	// appearing. By default, those errors are leading to a log message and
	// that the whole application will exit with code 17.
	OnUnhandledAsyncError func(logger log.Logger, err error, detail string)

	// FileSystemSyncThreshold ensures that only external changes are accepted
	// if there are no more new ones within this duration. This prevents that
	// everything is loaded too often. This defaults to
	// DefaultFileSystemSyncThreshold.
	FileSystemSyncThreshold time.Duration

	// Logger will be used to log events to. If empty the
	// log.GetLogger("user-repository") will be used.
	Logger log.Logger
	// contains filtered or unexported fields
}

EtcColonRepository implements Repository based on the /etc/passwd file standard commonly used in Unix operating systems (see Wikipedia article for more information).

This repository does listen to external changes to the underlying files. As a consequence this repository always contain the latest data which are created by itself or externally. There is a lack defined by FileSystemSyncThreshold to ensure that changes are not applied too often.

It is required to call Init before first usage and Close for disposing.

func (*EtcColonRepository) Close 

func (this *EtcColonRepository) Close() error

Close disposes this repository after usage.

func (*EtcColonRepository) DeleteById 

func (this *EtcColonRepository) DeleteById(ctx context.Context, id Id, opts *DeleteOpts) (rErr error)

DeleteById implements Repository.DeleteById.

func (*EtcColonRepository) DeleteByName 

func (this *EtcColonRepository) DeleteByName(ctx context.Context, name string, opts *DeleteOpts) (rErr error)

DeleteByName implements Repository.DeleteByName.

func (*EtcColonRepository) DeleteGroupById 

func (this *EtcColonRepository) DeleteGroupById(ctx context.Context, id GroupId, opts *DeleteOpts) (rErr error)

DeleteGroupById implements Repository.DeleteGroupById.

func (*EtcColonRepository) DeleteGroupByName 

func (this *EtcColonRepository) DeleteGroupByName(ctx context.Context, name string, opts *DeleteOpts) (rErr error)

DeleteGroupByName implements Repository.DeleteGroupByName.

func (*EtcColonRepository) Ensure 

func (this *EtcColonRepository) Ensure(ctx context.Context, req *Requirement, opts *EnsureOpts) (_ *User, _ EnsureResult, rErr error)

Ensure implements Ensurer.Ensure.

func (*EtcColonRepository) EnsureGroup 

func (this *EtcColonRepository) EnsureGroup(ctx context.Context, req *GroupRequirement, opts *EnsureOpts) (_ *Group, _ EnsureResult, rErr error)

EnsureGroup implements Ensurer.EnsureGroup.

func (*EtcColonRepository) Init 

func (this *EtcColonRepository) Init(ctx context.Context) error

Init will initialize this repository.

func (*EtcColonRepository) LookupById 

func (this *EtcColonRepository) LookupById(ctx context.Context, id Id) (*User, error)

LookupById implements Repository.LookupById.

func (*EtcColonRepository) LookupByName 

func (this *EtcColonRepository) LookupByName(ctx context.Context, name string) (*User, error)

LookupByName implements Repository.LookupByName.

func (*EtcColonRepository) LookupGroupById 

func (this *EtcColonRepository) LookupGroupById(ctx context.Context, id GroupId) (*Group, error)

LookupGroupById implements Repository.LookupGroupById.

func (*EtcColonRepository) LookupGroupByName 

func (this *EtcColonRepository) LookupGroupByName(_ context.Context, name string) (*Group, error)

LookupGroupByName implements Repository.LookupGroupByName.

func (*EtcColonRepository) ValidatePasswordById 

func (this *EtcColonRepository) ValidatePasswordById(ctx context.Context, id Id, pass string) (bool, error)

ValidatePasswordById implements Repository.ValidatePasswordById.

func (*EtcColonRepository) ValidatePasswordByName 

func (this *EtcColonRepository) ValidatePasswordByName(ctx context.Context, name string, pass string) (bool, error)

ValidatePasswordByName implements Repository.ValidatePasswordByName.

type Group 

type Group struct {
	Gid  GroupId
	Name string
}

func (Group) Clone 

func (this Group) Clone() (*Group, error)

func (Group) GetField 

func (this Group) GetField(name string) (any, bool, error)

func (Group) IsEqualTo 

func (this Group) IsEqualTo(other any) bool

func (Group) String 

func (this Group) String() string

type GroupId 

type GroupId uint32

func (GroupId) MarshalText 

func (this GroupId) MarshalText() (text []byte, err error)

func (GroupId) String 

func (this GroupId) String() string

func (*GroupId) UnmarshalText 

func (this *GroupId) UnmarshalText(text []byte) error

type GroupRequirement 

type GroupRequirement struct {
	Gid  *GroupId `yaml:"gid,omitempty"`
	Name string   `yaml:"name,omitempty"`
}

func (GroupRequirement) Clone 

func (this GroupRequirement) Clone() GroupRequirement

func (GroupRequirement) IsEqualTo 

func (this GroupRequirement) IsEqualTo(other any) bool

func (GroupRequirement) IsZero 

func (this GroupRequirement) IsZero() bool

func (GroupRequirement) OrDefaults 

func (this GroupRequirement) OrDefaults() GroupRequirement

func (GroupRequirement) OrDefaultsForUser 

func (this GroupRequirement) OrDefaultsForUser(user *Requirement) GroupRequirement

func (GroupRequirement) String 

func (this GroupRequirement) String() string

type GroupRequirements 

type GroupRequirements []GroupRequirement

func (GroupRequirements) Clone 

func (this GroupRequirements) Clone() GroupRequirements

func (GroupRequirements) Contains 

func (this GroupRequirements) Contains(other *GroupRequirement) bool

func (GroupRequirements) IsEqualTo 

func (this GroupRequirements) IsEqualTo(other any) bool

func (GroupRequirements) IsZero 

func (this GroupRequirements) IsZero() bool

type Groups 

type Groups []Group

func (Groups) Clone 

func (this Groups) Clone() (*Groups, error)

func (Groups) Contains 

func (this Groups) Contains(other *Group) bool

func (Groups) IsEqualTo 

func (this Groups) IsEqualTo(other any) bool

func (Groups) IsZero 

func (this Groups) IsZero() bool

type Id 

type Id uint32

func (Id) MarshalText 

func (this Id) MarshalText() (text []byte, err error)

func (Id) String 

func (this Id) String() string

func (*Id) UnmarshalText 

func (this *Id) UnmarshalText(text []byte) error

type Repository 

type Repository interface {
	Ensurer

	// LookupByName is used to look up a user by its name. If the
	// user does not exist ErrNoSuchUser is returned.
	LookupByName(context.Context, string) (*User, error)

	// LookupById is used to look up a user by its Id. If the
	// user does not exist ErrNoSuchUser is returned.
	LookupById(context.Context, Id) (*User, error)

	// LookupGroupByName is used to look up a group by its name. If
	// the group does not exist ErrNoSuchGroup is returned.
	LookupGroupByName(context.Context, string) (*Group, error)

	// LookupGroupById is used to look up a group by its GroupId.
	// If the group does not exist ErrNoSuchGroup is returned.
	LookupGroupById(context.Context, GroupId) (*Group, error)

	// DeleteById will delete the user by the given Id. If the
	// user does not exist ErrNoSuchUser is returned.
	DeleteById(context.Context, Id, *DeleteOpts) error

	// DeleteByName will delete the user by the given name. If the
	// user does not exist ErrNoSuchUser is returned.
	DeleteByName(context.Context, string, *DeleteOpts) error

	// ValidatePasswordById will validate the given password
	// the given user by its Id. It returns true if the given
	// password is valid. It will return ErrNoSuchUser if the
	// given user does not exist.
	ValidatePasswordById(ctx context.Context, id Id, pass string) (bool, error)

	// ValidatePasswordByName will validate the given password
	// the given user by its name. It returns true if the given
	// password is valid. It will return ErrNoSuchUser if the
	// given user does not exist.
	ValidatePasswordByName(ctx context.Context, name string, pass string) (bool, error)

	// DeleteGroupById will delete the group by the given GroupId.
	// If the group does not exist ErrNoSuchGroup is returned.
	DeleteGroupById(context.Context, GroupId, *DeleteOpts) error

	// DeleteGroupByName will delete the group by the given name.
	// If the group does not exist ErrNoSuchGroup is returned.
	DeleteGroupByName(context.Context, string, *DeleteOpts) error
}

Repository gives access to User and Group objects.

type RepositoryProvider 

type RepositoryProvider interface {
	// Create provides a working instance of Repository.
	//
	// It is important to call CloseableRepository.Close after usage.
	Create(context.Context) (CloseableRepository, error)
}

RepositoryProvider provides a working instance of Repository.

type Requirement 

type Requirement struct {
	Name        string            `yaml:"name,omitempty"`
	DisplayName string            `yaml:"displayName,omitempty"`
	Uid         *Id               `yaml:"uid,omitempty"`
	Group       GroupRequirement  `yaml:"group,omitempty"`
	Groups      GroupRequirements `yaml:"groups,omitempty"`
	Shell       string            `yaml:"shell,omitempty"`
	HomeDir     string            `yaml:"homeDir,omitempty"`
	Skel        string            `yaml:"skel,omitempty"`
}

func (Requirement) Clone 

func (this Requirement) Clone() Requirement

func (Requirement) IsEqualTo 

func (this Requirement) IsEqualTo(other any) bool

func (Requirement) IsZero 

func (this Requirement) IsZero() bool

func (Requirement) OrDefaults 

func (this Requirement) OrDefaults() Requirement

func (Requirement) String 

func (this Requirement) String() string

type SharedRepositoryProvider 

type SharedRepositoryProvider[T interface {
	CloseableRepository
	Init(context.Context) error
}] struct {
	V T
	// contains filtered or unexported fields
}

func (*SharedRepositoryProvider[T]) Create 

func (this *SharedRepositoryProvider[T]) Create(ctx context.Context) (CloseableRepository, error)

type StringError 

type StringError string

func (StringError) Error 

func (this StringError) Error() string

type User 

type User struct {
	Name        string
	DisplayName string
	Uid         Id
	Group       Group
	Groups      Groups
	Shell       string
	HomeDir     string
}

func (User) Clone 

func (this User) Clone() (*User, error)

func (User) GetField 

func (this User) GetField(name string) (any, bool, error)

func (User) IsEqualTo 

func (this User) IsEqualTo(other any) bool

func (User) String 

func (this User) String() string

func (User) ToCredentials 

func (this User) ToCredentials() syscall.Credential

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.