Documentation ¶
Overview ¶
Package internal implements the role service defined in v.io/x/ref/services/role
Index ¶
- Variables
- func NewDispatcher(configRoot, dischargerLocation string) rpc.Dispatcher
- type Config
- type ConfigTarget
- func (t *ConfigTarget) FinishField(_, _ vdl.Target) error
- func (t *ConfigTarget) FinishFields(_ vdl.FieldsTarget) error
- func (t *ConfigTarget) StartField(name string) (key, field vdl.Target, _ error)
- func (t *ConfigTarget) StartFields(tt *vdl.Type) (vdl.FieldsTarget, error)
- func (t *ConfigTarget) ZeroField(name string) error
Constants ¶
This section is empty.
Variables ¶
View Source
var LoggingCaveat = security.CaveatDescriptor{ Id: uniqueid.Id{ 176, 52, 28, 237, 226, 223, 129, 189, 237, 112, 151, 187, 85, 173, 128, 0, }, ParamType: vdl.TypeOf((*[]string)(nil)), }
LoggingCaveat is a caveat that will always validate but it logs the parameter on every attempt to validate it.
Functions ¶
func NewDispatcher ¶
func NewDispatcher(configRoot, dischargerLocation string) rpc.Dispatcher
NewDispatcher returns a dispatcher object for a role service and its associated discharger service. The configRoot is the top level directory where the role configuration files are stored. The dischargerLocation is the object name or address of the discharger service for the third-party caveats attached to the role blessings returned by the role service.
Types ¶
type Config ¶
type Config struct { // List of role objects, relative to this role, from which to import // the set of members. File path notation like "." and ".." may be used. // The set of members who have access to this role is the union of this // role's members and those of all the imported roles. ImportMembers []string // Blessings that match at least one of the patterns in this set are // allowed to act on behalf of the role. Members []security.BlessingPattern // Indicates that the blessing name of the caller should be appended to // the role blessing name. Extend bool // If Audit is true, each use of the role blessing will be reported to // an auditing service and will be usable only if the report was // successful. Audit bool // The amount of time for which the role blessing will be valid. It is a // string representation of a time.Duration, e.g. "24h". An empty string // indicates that the role blessing will not expire. Expiry string // The blessings issued for this role will only be valid for // communicating with peers that match at least one of these patterns. // If the list is empty, all peers are allowed. Peers []security.BlessingPattern }
Config contains the attributes of the role, and the list of members who have access to it.
func (*Config) MakeVDLTarget ¶
type ConfigTarget ¶
type ConfigTarget struct { Value *Config vdl.TargetBase vdl.FieldsTargetBase // contains filtered or unexported fields }
func (*ConfigTarget) FinishField ¶
func (t *ConfigTarget) FinishField(_, _ vdl.Target) error
func (*ConfigTarget) FinishFields ¶
func (t *ConfigTarget) FinishFields(_ vdl.FieldsTarget) error
func (*ConfigTarget) StartField ¶
func (t *ConfigTarget) StartField(name string) (key, field vdl.Target, _ error)
func (*ConfigTarget) StartFields ¶
func (t *ConfigTarget) StartFields(tt *vdl.Type) (vdl.FieldsTarget, error)
func (*ConfigTarget) ZeroField ¶
func (t *ConfigTarget) ZeroField(name string) error
Click to show internal directories.
Click to hide internal directories.