entityManagement

package
v0.0.0-...-5211220 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2016 License: Apache-2.0 Imports: 9 Imported by: 7

Documentation

Overview

Package entityManagement : The entityManagement package includes implementation of User, Group, Resource and a container of all theses entities.

There are three types of entities: User, Group and resource

  • Users have a name and a list of properties
  • Groups have a name, list of users associated with it (each user is a name of an existing User entityy) and a list of properties
  • Resources have a name and a list of properties

There is a special group entity, that is not defined explicitly, with the name "All". 

This entity is used in the ACL when the resource has permission properties that applies to all the entities in the system

Note: The GetEntityAccount is the only external function that can be called without crudential checking 

therefore, it is protected against timming attacks (where the attacker tries to gain information
such as if a specific user name is already defined in the system)

Index

Constants

This section is empty.

Variables

View Source 
var (

	// RemoveEntityFromAcl : call back function to enable remove of entity from ACL
	RemoveEntityFromAcl func(el1 interface{}, name string)
)

Functions

func IsEntityNameValid 

func IsEntityNameValid(name string) error

IsEntityNameValid : Verify that the entity name is valid, the current limit is that its size must be at least 1 character

func LoadInfo 

func LoadInfo(filePath string, secret []byte, el *EntityManager) error

LoadInfo : Load the EntityManager data from the storage and constract/reconstract the EntityManager

Types

type Entity 

type Entity struct {
	Name             string
	EntityProperties entityProperties
}

Entity : structure that holds the entity name and the properties associated to it

func (Entity) String 

func (e Entity) String() string

type EntityManager 

type EntityManager struct {
	Users       uList
	Groups      gList
	Resources   rList
	Permissions pList
}

EntityManager : structure that holds lists of users, gropus and resources

func New 

func New() *EntityManager

New : Create and initilize a new EntityManager, add all the protected entities to avoid giving regular entities protected names

func (*EntityManager) AddGroup 

func (el *EntityManager) AddGroup(name string) error

AddGroup : Add a new group to the EntityManager (only for valid group name)

func (*EntityManager) AddPermission 

func (el *EntityManager) AddPermission(permission Permission) error

AddPermission : Add a new permission to the EntityManager permisions list (only for valid permissions)

func (*EntityManager) AddPropertyToEntity 

func (el *EntityManager) AddPropertyToEntity(name string, propertyName string, data interface{}) error

AddPropertyToEntity : Add the given property to the entity using the given property name

func (*EntityManager) AddResource 

func (el *EntityManager) AddResource(name string) error

AddResource : Add a new resource to the EntityManager (only for valid resource name)

func (*EntityManager) AddUser 

func (el *EntityManager) AddUser(name string) error

AddUser : Add a new user to the EntityManager (only for valid user name)

func (*EntityManager) AddUserToGroup 

func (el *EntityManager) AddUserToGroup(groupName string, name string) error

AddUserToGroup : Add a new user to the given group the user name must be in the EntityManager before it can be added as a user of a group

func (*EntityManager) GetEntityAccount 

func (el *EntityManager) GetEntityAccount(name string, pwd []byte) (*accounts.AmUserInfo, error)

GetEntityAccount : The recommanded API function to be used for login: it handles timing attacks Return the entity account information if the given entity name (user/group/resource) and password are as expected avoid timming attacks by adding delay if one of the checks fails

func (*EntityManager) GetEntityAccountHandler 

func (el *EntityManager) GetEntityAccountHandler(name string, pwd []byte, throttleMiliSec int64, randomThrottleMiliSec int64) (*accounts.AmUserInfo, error)

GetEntityAccountHandler : call GetEntityAccount with the given throttling parameters for testing

func (*EntityManager) GetGroupUsers 

func (el *EntityManager) GetGroupUsers(groupName string) []string

GetGroupUsers : Get the group users

func (*EntityManager) GetPropertyAttachedToEntity 

func (el *EntityManager) GetPropertyAttachedToEntity(name string, propertyName string) (interface{}, error)

GetPropertyAttachedToEntity : Return the given property name property from the entity (User/Group/Resource)

func (*EntityManager) IsEntityInList 

func (el *EntityManager) IsEntityInList(name string) bool

IsEntityInList : Check if the given entity name (user/group/resource) is in the entity list

func (*EntityManager) IsPermissionInList 

func (el *EntityManager) IsPermissionInList(permission Permission) bool

IsPermissionInList : Check if the given permission is in the permissions list

func (*EntityManager) IsUserPartOfAGroup 

func (el *EntityManager) IsUserPartOfAGroup(groupName string, userName string) bool

IsUserPartOfAGroup : Check if the given user is part of the given group

func (*EntityManager) RemoveGroup 

func (el *EntityManager) RemoveGroup(name string) error

RemoveGroup : Remove the given group from the EntityManager and from all the ACLs that give it permissions

func (*EntityManager) RemovePermission 

func (el *EntityManager) RemovePermission(permission Permission) error

RemovePermission the given permission from the EntityManager permissions list

func (*EntityManager) RemovePropertyFromEntity 

func (el *EntityManager) RemovePropertyFromEntity(name string, propertyName string) error

RemovePropertyFromEntity : Remove the given property name property from the user

func (*EntityManager) RemoveResource 

func (el *EntityManager) RemoveResource(name string) error

RemoveResource : Remove the given resource from the EntityManager

func (*EntityManager) RemoveUser 

func (el *EntityManager) RemoveUser(name string) error

RemoveUser : Remove the given user from the EntityManager, from all the groups it is a part of and from all the ACLs that give it permissions

func (*EntityManager) RemoveUserFromGroup 

func (el *EntityManager) RemoveUserFromGroup(groupName string, name string) error

RemoveUserFromGroup : Remove the given user name from the group's users

func (*EntityManager) StoreInfo 

func (el *EntityManager) StoreInfo(filePath string, secret []byte, checkSecretStrength bool) error

StoreInfo : Store all the data of all the entities in the list including their properties in the secure storage

func (EntityManager) String 

func (el EntityManager) String() string

type Group 

type Group struct {
	Entity
	Group groupOfUsers
}

Group : structure that holds the group data: Entity and list of users associated to this group

func (Group) String 

func (g Group) String() string

type Permission 

type Permission string

Permission could be any string

type Resource 

type Resource struct {
	Entity
}

Resource : structure that holds the resource data: Entity

func (Resource) String 

func (r Resource) String() string

type User 

type User struct {
	Entity
}

User : structure that holds the user data: Entity

func (User) String 

func (u User) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.