authorization

package
v2.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 13, 2021 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const MaxIDGenerationN = 100
View Source 
const ReservedIDs = 1000

Variables

View Source 
var (
	// ErrInvalidAuthID is used when the Authorization's ID cannot be encoded
	ErrInvalidAuthID = &influxdb.Error{
		Code: influxdb.EInvalid,
		Msg:  "authorization ID is invalid",
	}

	// ErrAuthNotFound is used when the specified auth cannot be found
	ErrAuthNotFound = &influxdb.Error{
		Code: influxdb.ENotFound,
		Msg:  "authorization not found",
	}

	// NotUniqueIDError occurs when attempting to create an Authorization with an ID that already belongs to another one
	NotUniqueIDError = &influxdb.Error{
		Code: influxdb.EConflict,
		Msg:  "ID already exists",
	}

	// ErrFailureGeneratingID occurs ony when the random number generator
	// cannot generate an ID in MaxIDGenerationN times.
	ErrFailureGeneratingID = &influxdb.Error{
		Code: influxdb.EInternal,
		Msg:  "unable to generate valid id",
	}

	// ErrTokenAlreadyExistsError is used when attempting to create an authorization
	// with a token that already exists
	ErrTokenAlreadyExistsError = &influxdb.Error{
		Code: influxdb.EConflict,
		Msg:  "token already exists",
	}
)

Functions

func ErrInternalServiceError 

func ErrInternalServiceError(err error) *influxdb.Error

ErrInternalServiceError is used when the error comes from an internal system.

func ErrInvalidAuthIDError 

func ErrInvalidAuthIDError(err error) *influxdb.Error

ErrInvalidAuthIDError is used when a service was provided an invalid ID.

func NewService 

func NewService(st *Store, ts TenantService) influxdb.AuthorizationService

func UnexpectedAuthIndexError 

func UnexpectedAuthIndexError(err error) *influxdb.Error

UnexpectedAuthIndexError is used when the error comes from an internal system.

func VerifyPermissions 

func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error

VerifyPermissions ensures that an authorization is allowed all of the appropriate permissions.

Types

type AuthHandler 

type AuthHandler struct {
	chi.Router
	// contains filtered or unexported fields
}

func NewHTTPAuthHandler 

func NewHTTPAuthHandler(log *zap.Logger, authService influxdb.AuthorizationService, tenantService TenantService) *AuthHandler

NewHTTPAuthHandler constructs a new http server.

func (*AuthHandler) Prefix 

func (h *AuthHandler) Prefix() string

type AuthLogger 

type AuthLogger struct {
	// contains filtered or unexported fields
}

func NewAuthLogger 

func NewAuthLogger(log *zap.Logger, s influxdb.AuthorizationService) *AuthLogger

NewAuthLogger returns a logging service middleware for the Authorization Service.

func (*AuthLogger) CreateAuthorization 

func (l *AuthLogger) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) (err error)

func (*AuthLogger) DeleteAuthorization 

func (l *AuthLogger) DeleteAuthorization(ctx context.Context, id influxdb.ID) (err error)

func (*AuthLogger) FindAuthorizationByID 

func (l *AuthLogger) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (a *influxdb.Authorization, err error)

func (*AuthLogger) FindAuthorizationByToken 

func (l *AuthLogger) FindAuthorizationByToken(ctx context.Context, t string) (a *influxdb.Authorization, err error)

func (*AuthLogger) FindAuthorizations 

func (l *AuthLogger) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) (as []*influxdb.Authorization, count int, err error)

func (*AuthLogger) UpdateAuthorization 

func (l *AuthLogger) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (a *influxdb.Authorization, err error)

type AuthMetrics 

type AuthMetrics struct {
	// contains filtered or unexported fields
}

func NewAuthMetrics 

func NewAuthMetrics(reg prometheus.Registerer, s influxdb.AuthorizationService, opts ...metric.ClientOptFn) *AuthMetrics

func (*AuthMetrics) CreateAuthorization 

func (m *AuthMetrics) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

func (*AuthMetrics) DeleteAuthorization 

func (m *AuthMetrics) DeleteAuthorization(ctx context.Context, id influxdb.ID) error

func (*AuthMetrics) FindAuthorizationByID 

func (m *AuthMetrics) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error)

func (*AuthMetrics) FindAuthorizationByToken 

func (m *AuthMetrics) FindAuthorizationByToken(ctx context.Context, t string) (*influxdb.Authorization, error)

func (*AuthMetrics) FindAuthorizations 

func (m *AuthMetrics) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

func (*AuthMetrics) UpdateAuthorization 

func (m *AuthMetrics) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

type AuthedAuthorizationService 

type AuthedAuthorizationService struct {
	// contains filtered or unexported fields
}

func NewAuthedAuthorizationService 

func NewAuthedAuthorizationService(s influxdb.AuthorizationService, ts TenantService) *AuthedAuthorizationService

func (*AuthedAuthorizationService) CreateAuthorization 

func (s *AuthedAuthorizationService) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

func (*AuthedAuthorizationService) DeleteAuthorization 

func (s *AuthedAuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error

func (*AuthedAuthorizationService) FindAuthorizationByID 

func (s *AuthedAuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error)

func (*AuthedAuthorizationService) FindAuthorizationByToken 

func (s *AuthedAuthorizationService) FindAuthorizationByToken(ctx context.Context, t string) (*influxdb.Authorization, error)

func (*AuthedAuthorizationService) FindAuthorizations 

func (s *AuthedAuthorizationService) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

func (*AuthedAuthorizationService) UpdateAuthorization 

func (s *AuthedAuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

type AuthorizationClientService 

type AuthorizationClientService struct {
	Client *httpc.Client
}

AuthorizationClientService connects to Influx via HTTP using tokens to manage authorizations

func (*AuthorizationClientService) CreateAuthorization 

func (s *AuthorizationClientService) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

CreateAuthorization creates a new authorization and sets b.ID with the new identifier.

func (*AuthorizationClientService) DeleteAuthorization 

func (s *AuthorizationClientService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error

DeleteAuthorization removes a authorization by id.

func (*AuthorizationClientService) FindAuthorizationByID 

func (s *AuthorizationClientService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error)

FindAuthorizationByID finds a single Authorization by its ID against a remote influx server.

func (*AuthorizationClientService) FindAuthorizationByToken 

func (s *AuthorizationClientService) FindAuthorizationByToken(ctx context.Context, token string) (*influxdb.Authorization, error)

FindAuthorizationByToken is not supported by the HTTP authorization service.

func (*AuthorizationClientService) FindAuthorizations 

func (s *AuthorizationClientService) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

FindAuthorizations returns a list of authorizations that match filter and the total count of matching authorizations. Additional options provide pagination & sorting.

func (*AuthorizationClientService) UpdateAuthorization 

func (s *AuthorizationClientService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

UpdateAuthorization updates the status and description if available.

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func (*Service) CreateAuthorization 

func (s *Service) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

func (*Service) DeleteAuthorization 

func (s *Service) DeleteAuthorization(ctx context.Context, id influxdb.ID) error

func (*Service) FindAuthorizationByID 

func (s *Service) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error)

func (*Service) FindAuthorizationByToken 

func (s *Service) FindAuthorizationByToken(ctx context.Context, n string) (*influxdb.Authorization, error)

FindAuthorizationByToken returns a authorization by token for a particular authorization.

func (*Service) FindAuthorizations 

func (s *Service) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

FindAuthorizations retrieves all authorizations that match an arbitrary authorization filter. Filters using ID, or Token should be efficient. Other filters will do a linear scan across all authorizations searching for a match.

func (*Service) UpdateAuthorization 

func (s *Service) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

UpdateAuthorization updates the status and description if available.

type Store 

type Store struct {
	IDGen influxdb.IDGenerator
	// contains filtered or unexported fields
}

func NewStore 

func NewStore(kvStore kv.Store) (*Store, error)

func (*Store) CreateAuthorization 

func (s *Store) CreateAuthorization(ctx context.Context, tx kv.Tx, a *influxdb.Authorization) error

CreateAuthorization takes an Authorization object and saves it in storage using its token using its token property as an index

func (*Store) DeleteAuthorization 

func (s *Store) DeleteAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID) error

DeleteAuthorization removes an authorization from storage

func (*Store) GetAuthorizationByID 

func (s *Store) GetAuthorizationByID(ctx context.Context, tx kv.Tx, id influxdb.ID) (*influxdb.Authorization, error)

GetAuthorization gets an authorization by its ID from the auth bucket in kv

func (*Store) GetAuthorizationByToken 

func (s *Store) GetAuthorizationByToken(ctx context.Context, tx kv.Tx, token string) (*influxdb.Authorization, error)

func (*Store) ListAuthorizations 

func (s *Store) ListAuthorizations(ctx context.Context, tx kv.Tx, f influxdb.AuthorizationFilter) ([]*influxdb.Authorization, error)

ListAuthorizations returns all the authorizations matching a set of FindOptions. This function is used for FindAuthorizationByID, FindAuthorizationByToken, and FindAuthorizations in the AuthorizationService implementation

func (*Store) Update 

func (s *Store) Update(ctx context.Context, fn func(kv.Tx) error) error

Update opens up a transaction that will mutate data.

func (*Store) UpdateAuthorization 

func (s *Store) UpdateAuthorization(ctx context.Context, tx kv.Tx, id influxdb.ID, a *influxdb.Authorization) (*influxdb.Authorization, error)

UpdateAuthorization updates the status and description only of an authorization

func (*Store) View 

func (s *Store) View(ctx context.Context, fn func(kv.Tx) error) error

View opens up a transaction that will not write to any data. Implementing interfaces should take care to ensure that all view transactions do not mutate any data.

type TenantService 

type TenantService interface {
	FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error)
	FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)
	FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error)
	FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error)
	FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error)
}

TenantService is used to look up the Organization and User for an Authorization

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.