secure

package

v0.0.0-...-9543e79 Latest Latest Go to latest Published: Jun 27, 2024 License: Apache-2.0 Imports: 16 Imported by: 1

Details

This section is empty.

This section is empty.

func Manage(rbac *Rbac) node.Node

type AccessControl struct {
	Path        string
	Permissions Permission
}

type Auth interface {
	ConstrainRoot(role string, c *node.Constraints)
}

type Cert struct {
	PrivateKey *rsa.PrivateKey
	Cert       *x509.Certificate
	Raw        []byte
}

func Decode(inKey io.Reader, inCert io.Reader) (*Cert, error)

func (self *Cert) EncodeCert(out io.Writer) error

func (self *Cert) EncodeKey(out io.Writer) error

type CertHandler struct {
	Authority *stock.Tls
}

func (self *CertHandler) VerifyRequest(certs []*x509.Certificate) error

type Generator struct {
	Country      string
	Organization string
}

func (self *Generator) CA() (*Cert, error)

func (self *Generator) Cert(parent *Cert) (*Cert, error)

type Permission int

const (
	None Permission = iota
	Read
	Full
)

type Rbac struct {
	Roles map[string]*Role
}

This does not implement NETMOD ACLs, but rather a simplistic implementation to be both useful and example of more complex implementations

func NewRbac() *Rbac

func (self *Rbac) ConstrainRoot(role string, c *node.Constraints)

type Role struct {
	Id     string
	Access map[string]*AccessControl
}

func NewRole() *Role

func (role *Role) CheckActionPreConstraints(r *node.ActionRequest) (bool, error)

func (role *Role) CheckContainerPreConstraints(r *node.ChildRequest) (bool, error)

func (role *Role) CheckFieldPreConstraints(r *node.FieldRequest, hnd *node.ValueHandle) (bool, error)

func (role *Role) CheckListPreConstraints(r *node.ListRequest) (bool, error)

func (role *Role) CheckNotifyFilterConstraints(msg *node.Selection) (bool, error)

func (role *Role) ContextConstraint(s *node.Selection) context.Context