gcs

package
v0.12.8-alpha.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	BucketRoleAdmin         = "roles/storage.admin"
	BucketRoleOwner         = "roles/storage.legacyBucketOwner "
	BucketRoleReader        = "roles/storage.legacyBucketReader"
	BucketRoleWriter        = "roles/storage.legacyBucketWriter"
	BucketRoleObjectOwner   = "roles/storage.legacyObjectOwner"
	BucketRoleObjectReader  = "roles/storage.legacyObjectReader"
	BucketRoleObjectAdmin   = "roles/storage.objectAdmin"
	BucketRoleObjectCreator = "roles/storage.objectCreator"
	BucketRoleObjectViewer  = "roles/storage.objectViewer"

	AccountTypeUser           = "user"
	AccountTypeServiceAccount = "serviceAccount"
	AccountTypeGroup          = "group"
	AccountTypeDomain         = "domain"
)
View Source
const (
	ResourceTypeBucket = "bucket"
)

Variables

View Source
var (
	ErrInvalidPermissionConfig       = errors.New("invalid permission config type")
	ErrUnableToDecryptNilCredentials = errors.New("unable to decrypt nil credentials")

	ErrInvalidResourceType           = errors.New("invalid resource type")
	ErrUnableToEncryptNilCredentials = errors.New("unable to encrypt nil credentials")
	ErrInvalidCredentialsType        = errors.New("invalid credentials type")

	ErrNilProviderConfig    = errors.New("provider config can't be nil")
	ErrNilAppeal            = errors.New("appeal can't be nil")
	ErrNilResource          = errors.New("designated resource can't be nil")
	ErrProviderTypeMismatch = errors.New("provider type in the config and in the appeal don't match")
	ErrProviderURNMismatch  = errors.New("provider urn in the config and in the appeal don't match")

	ErrInvalidRole             = errors.New("invalid role")
	ErrPermissionAlreadyExists = errors.New("permission already exists")
)

Functions

This section is empty.

Types

type Bucket

type Bucket struct {
	Name string
}

type Config

type Config struct {
	ProviderConfig *domain.ProviderConfig
	// contains filtered or unexported fields
}

func NewConfig

func NewConfig(pc *domain.ProviderConfig, crypto domain.Crypto) *Config

type Credentials

type Credentials struct {
	ServiceAccountKey string `json:"service_account_key" mapstructure:"service_account_key" validate:"required,base64"`
	ResourceName      string `json:"resource_name" mapstructure:"resource_name" validate:"required"`
}

func (*Credentials) Decrypt

func (c *Credentials) Decrypt(decryptor domain.Decryptor) error

func (*Credentials) Encrypt

func (c *Credentials) Encrypt(encryptor domain.Encryptor) error

type Crypto

type Crypto interface {
	domain.Crypto
}

type GCSClient

type GCSClient interface {
	GetBuckets(context.Context) ([]*Bucket, error)
	GrantBucketAccess(ctx context.Context, b Bucket, identity string, roleName iam.RoleName) error
	RevokeBucketAccess(ctx context.Context, b Bucket, identity string, roleName iam.RoleName) error
	ListAccess(context.Context, []*domain.Resource) (domain.MapResourceAccess, error)
}

type Permission

type Permission string

type Provider

type Provider struct {
	provider.UnimplementedClient
	provider.PermissionManager

	Clients map[string]GCSClient
	// contains filtered or unexported fields
}

func NewProvider

func NewProvider(typeName string, crypto Crypto) *Provider

func (*Provider) CreateConfig

func (p *Provider) CreateConfig(pc *domain.ProviderConfig) error

func (*Provider) GetAccountTypes

func (p *Provider) GetAccountTypes() []string

func (*Provider) GetResources

func (p *Provider) GetResources(ctx context.Context, pc *domain.ProviderConfig) ([]*domain.Resource, error)

func (*Provider) GetRoles

func (p *Provider) GetRoles(pc *domain.ProviderConfig, resourceType string) ([]*domain.Role, error)

func (*Provider) GetType

func (p *Provider) GetType() string

func (*Provider) GrantAccess

func (p *Provider) GrantAccess(ctx context.Context, pc *domain.ProviderConfig, a domain.Grant) error

func (*Provider) ListAccess

func (p *Provider) ListAccess(ctx context.Context, pc domain.ProviderConfig, resources []*domain.Resource) (domain.MapResourceAccess, error)

func (*Provider) RevokeAccess

func (p *Provider) RevokeAccess(ctx context.Context, pc *domain.ProviderConfig, a domain.Grant) error

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL