Documentation
¶
Overview ¶
`acl` a generic ACL server-side middleware for gRPC.
ACL Middleware ¶
TODO documentation
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func StreamServerInterceptor ¶
func StreamServerInterceptor(aclFunc AclFunc) grpc.StreamServerInterceptor
StreamServerInterceptor returns a new streaming server interceptors that validates incoming messages.
The stage at which invalid messages will be rejected with `InvalidArgument` varies based on the type of the RPC. For `ServerStream` (1:m) requests, it will happen before reaching any userspace handlers. For `ClientStream` (n:1) or `BidiStream` (n:m) RPCs, the messages will be rejected on calls to `stream.Recv()`.
func UnaryServerInterceptor ¶
func UnaryServerInterceptor(aclFunc AclFunc) grpc.UnaryServerInterceptor
Types ¶
type AclFunc ¶
AclFunc is the pluggable function that performs Access Control List check.
If error is returned, the error and `codes.PermissionDenied` will be returned to the user as well as the verbatim message.
type ServiceAclFuncOverride ¶
type ServiceAclFuncOverride interface {
AclFuncOverride(ctx context.Context, fullMethodName string, req proto.Message) error
}
ServiceAclFuncOverride allows a given gRPC service implementation to override the global `AclFunc`.
If a service implements the AclFuncOverride method, it takes precedence over the `AclFunc` method, and will be called instead of AclFunc for all method invocations within that service.
Source Files