authorizer

package
v2.7.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 15, 2024 License: MIT Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInactiveTask = &errors.Error{
		Code: errors.EInvalid,
		Msg:  "inactive task",
	}

	ErrFailedPermission = &errors.Error{
		Code: errors.EInvalid,
		Msg:  "unauthorized",
	}
)

Functions

func AuthorizeCreate 

func AuthorizeCreate(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeCreate authorizes a user to create a resource of the given type for the given org.

func AuthorizeFindAnnotations added in v2.1.0 

func AuthorizeFindAnnotations(ctx context.Context, rs []influxdb.StoredAnnotation) ([]influxdb.StoredAnnotation, int, error)

AuthorizeFindAnnotations takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindAuthorizations 

func AuthorizeFindAuthorizations(ctx context.Context, rs []*influxdb.Authorization) ([]*influxdb.Authorization, int, error)

AuthorizeFindAuthorizations takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindBuckets 

func AuthorizeFindBuckets(ctx context.Context, rs []*influxdb.Bucket) ([]*influxdb.Bucket, int, error)

AuthorizeFindBuckets takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindChecks 

func AuthorizeFindChecks(ctx context.Context, rs []influxdb.Check) ([]influxdb.Check, int, error)

AuthorizeFindChecks takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindDBRPs 

func AuthorizeFindDBRPs(ctx context.Context, rs []*influxdb.DBRPMapping) ([]*influxdb.DBRPMapping, int, error)

AuthorizeFindDBRPs takes the given items and returns only the ones that the user is authorized to access.

func AuthorizeFindDashboards 

func AuthorizeFindDashboards(ctx context.Context, rs []*influxdb.Dashboard) ([]*influxdb.Dashboard, int, error)

AuthorizeFindDashboards takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindLabels 

func AuthorizeFindLabels(ctx context.Context, rs []*influxdb.Label) ([]*influxdb.Label, int, error)

AuthorizeFindLabels takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindNotebooks added in v2.1.0 

func AuthorizeFindNotebooks(ctx context.Context, rs []*influxdb.Notebook) ([]*influxdb.Notebook, int, error)

AuthorizeFindNotebooks takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindNotificationEndpoints 

func AuthorizeFindNotificationEndpoints(ctx context.Context, rs []influxdb.NotificationEndpoint) ([]influxdb.NotificationEndpoint, int, error)

AuthorizeFindNotificationEndpoints takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindNotificationRules 

func AuthorizeFindNotificationRules(ctx context.Context, rs []influxdb.NotificationRule) ([]influxdb.NotificationRule, int, error)

AuthorizeFindNotificationRules takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindOrganizations 

func AuthorizeFindOrganizations(ctx context.Context, rs []*influxdb.Organization) ([]*influxdb.Organization, int, error)

AuthorizeFindOrganizations takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindScrapers 

func AuthorizeFindScrapers(ctx context.Context, rs []influxdb.ScraperTarget) ([]influxdb.ScraperTarget, int, error)

AuthorizeFindScrapers takes the given items and returns only the ones that the user is authorize to read.

func AuthorizeFindSources 

func AuthorizeFindSources(ctx context.Context, rs []*influxdb.Source) ([]*influxdb.Source, int, error)

AuthorizeFindSources takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindStreams added in v2.1.0 

func AuthorizeFindStreams(ctx context.Context, rs []influxdb.StoredStream) ([]influxdb.StoredStream, int, error)

AuthorizeFindStreams takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindTasks 

func AuthorizeFindTasks(ctx context.Context, rs []*taskmodel.Task) ([]*taskmodel.Task, int, error)

AuthorizeFindTasks takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindTelegrafs 

func AuthorizeFindTelegrafs(ctx context.Context, rs []*influxdb.TelegrafConfig) ([]*influxdb.TelegrafConfig, int, error)

AuthorizeFindTelegrafs takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindUserResourceMappings 

func AuthorizeFindUserResourceMappings(ctx context.Context, os OrgIDResolver, rs []*influxdb.UserResourceMapping) ([]*influxdb.UserResourceMapping, int, error)

AuthorizeFindUserResourceMappings takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindUsers 

func AuthorizeFindUsers(ctx context.Context, rs []*influxdb.User) ([]*influxdb.User, int, error)

AuthorizeFindUsers takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeFindVariables 

func AuthorizeFindVariables(ctx context.Context, rs []*influxdb.Variable) ([]*influxdb.Variable, int, error)

AuthorizeFindVariables takes the given items and returns only the ones that the user is authorized to read.

func AuthorizeOrgReadResource 

func AuthorizeOrgReadResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeOrgReadResource authorizes the given org to read the resources of the given type. NOTE: this is pretty much the same as AuthorizeRead, in the case that the resource ID is ignored. Use it in the case that you do not know which resource in particular you want to give access to.

func AuthorizeOrgWriteResource 

func AuthorizeOrgWriteResource(ctx context.Context, rt influxdb.ResourceType, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeOrgWriteResource authorizes the given org to write the resources of the given type. NOTE: this is pretty much the same as AuthorizeWrite, in the case that the resource ID is ignored. Use it in the case that you do not know which resource in particular you want to give access to.

func AuthorizeRead 

func AuthorizeRead(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID, and orgID). NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.

func AuthorizeReadBucket 

func AuthorizeReadBucket(ctx context.Context, bt influxdb.BucketType, bid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeReadBucket exists because buckets are a special case and should use this method. I.e., instead of: 

AuthorizeRead(ctx, influxdb.BucketsResourceType, b.ID, b.OrgID)

use: 

AuthorizeReadBucket(ctx, b.Type, b.ID, b.OrgID)

func AuthorizeReadGlobal 

func AuthorizeReadGlobal(ctx context.Context, rt influxdb.ResourceType) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeReadGlobal authorizes to read resources of the given type.

func AuthorizeReadOrg 

func AuthorizeReadOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeReadOrg authorizes the user to read the given org.

func AuthorizeReadResource 

func AuthorizeReadResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeRead authorizes the user in the context to read the specified resource (identified by its type, ID). NOTE: authorization will pass only if the user has a specific permission for the given resource.

func AuthorizeWrite 

func AuthorizeWrite(ctx context.Context, rt influxdb.ResourceType, rid, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID, and orgID). NOTE: authorization will pass even if the user only has permissions for the resource type and organization ID only.

func AuthorizeWriteGlobal 

func AuthorizeWriteGlobal(ctx context.Context, rt influxdb.ResourceType) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeWriteGlobal authorizes to write resources of the given type.

func AuthorizeWriteOrg 

func AuthorizeWriteOrg(ctx context.Context, oid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeWriteOrg authorizes the user to write the given org.

func AuthorizeWriteResource 

func AuthorizeWriteResource(ctx context.Context, rt influxdb.ResourceType, rid platform.ID) (influxdb.Authorizer, influxdb.Permission, error)

AuthorizeWrite authorizes the user in the context to write the specified resource (identified by its type, ID). NOTE: authorization will pass only if the user has a specific permission for the given resource.

func IsAllowed 

func IsAllowed(ctx context.Context, p influxdb.Permission) error

IsAllowed checks to see if an action is authorized by retrieving the authorizer off of context and authorizing the action appropriately.

func IsAllowedAll 

func IsAllowedAll(ctx context.Context, permissions []influxdb.Permission) error

IsAllowedAll checks to see if an action is authorized by ALL permissions. Also see IsAllowed.

func IsAllowedAny 

func IsAllowedAny(ctx context.Context, permissions []influxdb.Permission) error

IsAllowedAll checks to see if an action is authorized by ALL permissions. Also see IsAllowed.

func NewDocumentService 

func NewDocumentService(s influxdb.DocumentService) influxdb.DocumentService

NewDocumentService constructs an instance of an authorizing document service.

func NewTaskService 

func NewTaskService(log *zap.Logger, ts taskmodel.TaskService) taskmodel.TaskService

TaskService wraps ts and checks appropriate permissions before calling requested methods on ts. Authorization failures are logged to the logger.

func VerifyPermissions 

func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error

VerifyPermissions ensures that an authorization is allowed all of the appropriate permissions.

Types

type AnnotationService added in v2.1.0 

type AnnotationService struct {
	// contains filtered or unexported fields
}

AnnotationService wraps an influxdb.AnnotationService and authorizes actions against it appropriately.

func NewAnnotationService added in v2.1.0 

func NewAnnotationService(s influxdb.AnnotationService) *AnnotationService

NewAnnotationService constructs an instance of an authorizing check service

func (*AnnotationService) CreateAnnotations added in v2.1.0 

func (s *AnnotationService) CreateAnnotations(ctx context.Context, orgID platform.ID, create []influxdb.AnnotationCreate) ([]influxdb.AnnotationEvent, error)

CreateAnnotations checks to see if the authorizer on context has write access for annotations for the provided orgID

func (*AnnotationService) CreateOrUpdateStream added in v2.1.0 

func (s *AnnotationService) CreateOrUpdateStream(ctx context.Context, orgID platform.ID, stream influxdb.Stream) (*influxdb.ReadStream, error)

func (*AnnotationService) DeleteAnnotation added in v2.1.0 

func (s *AnnotationService) DeleteAnnotation(ctx context.Context, id platform.ID) error

DeleteAnnotation checks to see if the authorizer on context has write access to the requested annotation

func (*AnnotationService) DeleteAnnotations added in v2.1.0 

func (s *AnnotationService) DeleteAnnotations(ctx context.Context, orgID platform.ID, delete influxdb.AnnotationDeleteFilter) error

DeleteAnnotations checks to see if the authorizer on context has write access to the provided orgID

func (*AnnotationService) DeleteStreamByID added in v2.1.0 

func (s *AnnotationService) DeleteStreamByID(ctx context.Context, id platform.ID) error

DeleteStreamByID checks to see if the authorizer on context has write access to the requested stream

func (*AnnotationService) DeleteStreams added in v2.1.0 

func (s *AnnotationService) DeleteStreams(ctx context.Context, orgID platform.ID, delete influxdb.BasicStream) error

DeleteStreams checks to see if the authorizer on context has write access to the provided orgID

func (*AnnotationService) GetAnnotation added in v2.1.0 

func (s *AnnotationService) GetAnnotation(ctx context.Context, id platform.ID) (*influxdb.StoredAnnotation, error)

GetAnnotation checks to see if the authorizer on context has read access to the requested annotation

func (*AnnotationService) GetStream added in v2.1.0 

func (s *AnnotationService) GetStream(ctx context.Context, id platform.ID) (*influxdb.StoredStream, error)

GetStream checks to see if the authorizer on context has read access to the requested stream

func (*AnnotationService) ListAnnotations added in v2.1.0 

func (s *AnnotationService) ListAnnotations(ctx context.Context, orgID platform.ID, filter influxdb.AnnotationListFilter) ([]influxdb.StoredAnnotation, error)

ListAnnotations checks to see if the authorizer on context has read access for annotations for the provided orgID and then filters the list down to only the resources that are authorized

func (*AnnotationService) ListStreams added in v2.1.0 

func (s *AnnotationService) ListStreams(ctx context.Context, orgID platform.ID, filter influxdb.StreamListFilter) ([]influxdb.StoredStream, error)

ListStreams checks to see if the authorizer on context has read access for streams for the provided orgID and then filters the list down to only the resources that are authorized

func (*AnnotationService) UpdateAnnotation added in v2.1.0 

func (s *AnnotationService) UpdateAnnotation(ctx context.Context, id platform.ID, update influxdb.AnnotationCreate) (*influxdb.AnnotationEvent, error)

UpdateAnnotation checks to see if the authorizer on context has write access to the requested annotation

func (*AnnotationService) UpdateStream added in v2.1.0 

func (s *AnnotationService) UpdateStream(ctx context.Context, id platform.ID, stream influxdb.Stream) (*influxdb.ReadStream, error)

UpdateStream checks to see if the authorizer on context has write access to the requested stream

type AuthAgent 

type AuthAgent struct{}

AuthAgent provides a means to authenticate users with resource and their associate actions. It makes for a clear dependency, to an auth middleware for instance.

func (*AuthAgent) IsWritable 

func (a *AuthAgent) IsWritable(ctx context.Context, orgID platform.ID, resType influxdb.ResourceType) error

func (*AuthAgent) OrgPermissions 

func (a *AuthAgent) OrgPermissions(ctx context.Context, orgID platform.ID, action influxdb.Action, rest ...influxdb.Action) error

OrgPermissions identifies if a user has access to the org by the specified action.

type AuthorizationService 

type AuthorizationService struct {
	// contains filtered or unexported fields
}

AuthorizationService wraps a influxdb.AuthorizationService and authorizes actions against it appropriately.

func NewAuthorizationService 

func NewAuthorizationService(s influxdb.AuthorizationService) *AuthorizationService

NewAuthorizationService constructs an instance of an authorizing authorization service.

func (*AuthorizationService) CreateAuthorization 

func (s *AuthorizationService) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

CreateAuthorization checks to see if the authorizer on context has write access to the global authorizations resource.

func (*AuthorizationService) DeleteAuthorization 

func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id platform.ID) error

DeleteAuthorization checks to see if the authorizer on context has write access to the authorization provided.

func (*AuthorizationService) FindAuthorizationByID 

func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id platform.ID) (*influxdb.Authorization, error)

FindAuthorizationByID checks to see if the authorizer on context has read access to the id provided.

func (*AuthorizationService) FindAuthorizationByToken 

func (s *AuthorizationService) FindAuthorizationByToken(ctx context.Context, t string) (*influxdb.Authorization, error)

FindAuthorizationByToken retrieves the authorization and checks to see if the authorizer on context has read access to the authorization.

func (*AuthorizationService) FindAuthorizations 

func (s *AuthorizationService) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

FindAuthorizations retrieves all authorizations that match the provided filter and then filters the list down to only the resources that are authorized.

func (*AuthorizationService) UpdateAuthorization 

func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id platform.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

UpdateAuthorization checks to see if the authorizer on context has write access to the authorization provided.

type BackupService 

type BackupService struct {
	// contains filtered or unexported fields
}

BackupService wraps a influxdb.BackupService and authorizes actions against it appropriately.

func NewBackupService 

func NewBackupService(s influxdb.BackupService) *BackupService

NewBackupService constructs an instance of an authorizing backup service.

func (BackupService) BackupKVStore 

func (b BackupService) BackupKVStore(ctx context.Context, w io.Writer) error

func (BackupService) BackupShard 

func (b BackupService) BackupShard(ctx context.Context, w io.Writer, shardID uint64, since time.Time) error

func (BackupService) RLockKVStore added in v2.1.0 

func (b BackupService) RLockKVStore()

The Lock and Unlock methods below do not have authorization checks and should only be used when appropriate authorization has already been confirmed, such as behind a middleware. They are intended to be used for coordinating the locking and unlocking of the kv and sql metadata databases during a backup. They are made available here to allow the calls to pass-through to the underlying service.

func (BackupService) RUnlockKVStore added in v2.1.0 

func (b BackupService) RUnlockKVStore()

type BucketService 

type BucketService struct {
	// contains filtered or unexported fields
}

BucketService wraps a influxdb.BucketService and authorizes actions against it appropriately.

func NewBucketService 

func NewBucketService(s influxdb.BucketService) *BucketService

NewBucketService constructs an instance of an authorizing bucket service.

func (*BucketService) CreateBucket 

func (s *BucketService) CreateBucket(ctx context.Context, b *influxdb.Bucket) error

CreateBucket checks to see if the authorizer on context has write access to the global buckets resource.

func (*BucketService) DeleteBucket 

func (s *BucketService) DeleteBucket(ctx context.Context, id platform.ID) error

DeleteBucket checks to see if the authorizer on context has write access to the bucket provided.

func (*BucketService) FindBucket 

func (s *BucketService) FindBucket(ctx context.Context, filter influxdb.BucketFilter) (*influxdb.Bucket, error)

FindBucket retrieves the bucket and checks to see if the authorizer on context has read access to the bucket.

func (*BucketService) FindBucketByID 

func (s *BucketService) FindBucketByID(ctx context.Context, id platform.ID) (*influxdb.Bucket, error)

FindBucketByID checks to see if the authorizer on context has read access to the id provided.

func (*BucketService) FindBucketByName 

func (s *BucketService) FindBucketByName(ctx context.Context, orgID platform.ID, n string) (*influxdb.Bucket, error)

FindBucketByName returns a bucket by name for a particular organization.

func (*BucketService) FindBuckets 

func (s *BucketService) FindBuckets(ctx context.Context, filter influxdb.BucketFilter, opt ...influxdb.FindOptions) ([]*influxdb.Bucket, int, error)

FindBuckets retrieves all buckets that match the provided filter and then filters the list down to only the resources that are authorized.

func (*BucketService) UpdateBucket 

func (s *BucketService) UpdateBucket(ctx context.Context, id platform.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error)

UpdateBucket checks to see if the authorizer on context has write access to the bucket provided.

type CheckService 

type CheckService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	taskmodel.TaskService
	// contains filtered or unexported fields
}

CheckService wraps a influxdb.CheckService and authorizes actions against it appropriately.

func NewCheckService 

func NewCheckService(s influxdb.CheckService, urm influxdb.UserResourceMappingService, org influxdb.OrganizationService) *CheckService

NewCheckService constructs an instance of an authorizing check service.

func (*CheckService) CreateCheck 

func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID platform.ID) error

CreateCheck checks to see if the authorizer on context has write access to the global check resource.

func (*CheckService) DeleteCheck 

func (s *CheckService) DeleteCheck(ctx context.Context, id platform.ID) error

DeleteCheck checks to see if the authorizer on context has write access to the check provided.

func (*CheckService) FindCheck 

func (s *CheckService) FindCheck(ctx context.Context, filter influxdb.CheckFilter) (influxdb.Check, error)

FindCheck will return the check.

func (*CheckService) FindCheckByID 

func (s *CheckService) FindCheckByID(ctx context.Context, id platform.ID) (influxdb.Check, error)

FindCheckByID checks to see if the authorizer on context has read access to the id provided.

func (*CheckService) FindChecks 

func (s *CheckService) FindChecks(ctx context.Context, filter influxdb.CheckFilter, opt ...influxdb.FindOptions) ([]influxdb.Check, int, error)

FindChecks retrieves all checks that match the provided filter and then filters the list down to only the resources that are authorized.

func (*CheckService) PatchCheck 

func (s *CheckService) PatchCheck(ctx context.Context, id platform.ID, upd influxdb.CheckUpdate) (influxdb.Check, error)

PatchCheck checks to see if the authorizer on context has write access to the check provided.

func (*CheckService) UpdateCheck 

func (s *CheckService) UpdateCheck(ctx context.Context, id platform.ID, upd influxdb.CheckCreate) (influxdb.Check, error)

UpdateCheck checks to see if the authorizer on context has write access to the check provided.

type DashboardService 

type DashboardService struct {
	// contains filtered or unexported fields
}

DashboardService wraps a influxdb.DashboardService and authorizes actions against it appropriately.

func NewDashboardService 

func NewDashboardService(s influxdb.DashboardService) *DashboardService

NewDashboardService constructs an instance of an authorizing dashboard service.

func (*DashboardService) AddDashboardCell 

func (s *DashboardService) AddDashboardCell(ctx context.Context, id platform.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error

func (*DashboardService) CreateDashboard 

func (s *DashboardService) CreateDashboard(ctx context.Context, b *influxdb.Dashboard) error

CreateDashboard checks to see if the authorizer on context has write access to the global dashboards resource.

func (*DashboardService) DeleteDashboard 

func (s *DashboardService) DeleteDashboard(ctx context.Context, id platform.ID) error

DeleteDashboard checks to see if the authorizer on context has write access to the dashboard provided.

func (*DashboardService) FindDashboardByID 

func (s *DashboardService) FindDashboardByID(ctx context.Context, id platform.ID) (*influxdb.Dashboard, error)

FindDashboardByID checks to see if the authorizer on context has read access to the id provided.

func (*DashboardService) FindDashboards 

func (s *DashboardService) FindDashboards(ctx context.Context, filter influxdb.DashboardFilter, opt influxdb.FindOptions) ([]*influxdb.Dashboard, int, error)

FindDashboards retrieves all dashboards that match the provided filter and then filters the list down to only the resources that are authorized.

func (*DashboardService) GetDashboardCellView 

func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID) (*influxdb.View, error)

func (*DashboardService) RemoveDashboardCell 

func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID) error

func (*DashboardService) ReplaceDashboardCells 

func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id platform.ID, c []*influxdb.Cell) error

func (*DashboardService) UpdateDashboard 

func (s *DashboardService) UpdateDashboard(ctx context.Context, id platform.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error)

UpdateDashboard checks to see if the authorizer on context has write access to the dashboard provided.

func (*DashboardService) UpdateDashboardCell 

func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error)

func (*DashboardService) UpdateDashboardCellView 

func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID platform.ID, cellID platform.ID, upd influxdb.ViewUpdate) (*influxdb.View, error)

type DocumentService 

type DocumentService struct {
	// contains filtered or unexported fields
}

func (*DocumentService) CreateDocumentStore 

func (s *DocumentService) CreateDocumentStore(ctx context.Context, name string) (influxdb.DocumentStore, error)

func (*DocumentService) FindDocumentStore 

func (s *DocumentService) FindDocumentStore(ctx context.Context, name string) (influxdb.DocumentStore, error)

type LabelService 

type LabelService struct {
	// contains filtered or unexported fields
}

LabelService wraps a influxdb.LabelService and authorizes actions against it appropriately.

func NewLabelServiceWithOrg 

func NewLabelServiceWithOrg(s influxdb.LabelService, orgIDResolver OrgIDResolver) *LabelService

NewLabelServiceWithOrg constructs an instance of an authorizing label service. Replaces NewLabelService.

func (*LabelService) CreateLabel 

func (s *LabelService) CreateLabel(ctx context.Context, l *influxdb.Label) error

CreateLabel checks to see if the authorizer on context has write access to the new label's org.

func (*LabelService) CreateLabelMapping 

func (s *LabelService) CreateLabelMapping(ctx context.Context, m *influxdb.LabelMapping) error

CreateLabelMapping checks to see if the authorizer on context has write access to the label and the resource contained by the label mapping in creation.

func (*LabelService) DeleteLabel 

func (s *LabelService) DeleteLabel(ctx context.Context, id platform.ID) error

DeleteLabel checks to see if the authorizer on context has write access to the label provided.

func (*LabelService) DeleteLabelMapping 

func (s *LabelService) DeleteLabelMapping(ctx context.Context, m *influxdb.LabelMapping) error

DeleteLabelMapping checks to see if the authorizer on context has write access to the label and the resource of the label mapping to delete.

func (*LabelService) FindLabelByID 

func (s *LabelService) FindLabelByID(ctx context.Context, id platform.ID) (*influxdb.Label, error)

FindLabelByID checks to see if the authorizer on context has read access to the label id provided.

func (*LabelService) FindLabels 

func (s *LabelService) FindLabels(ctx context.Context, filter influxdb.LabelFilter, opt ...influxdb.FindOptions) ([]*influxdb.Label, error)

FindLabels retrieves all labels that match the provided filter and then filters the list down to only the resources that are authorized.

func (*LabelService) FindResourceLabels 

func (s *LabelService) FindResourceLabels(ctx context.Context, filter influxdb.LabelMappingFilter) ([]*influxdb.Label, error)

FindResourceLabels retrieves all labels belonging to the filtering resource if the authorizer on context has read access to it. Then it filters the list down to only the labels that are authorized.

func (*LabelService) UpdateLabel 

func (s *LabelService) UpdateLabel(ctx context.Context, id platform.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error)

UpdateLabel checks to see if the authorizer on context has write access to the label provided.

type NotebookService added in v2.1.0 

type NotebookService struct {
	// contains filtered or unexported fields
}

NotebookService wraps an influxdb.NotebookService and authorizes actions against it appropriately.

func NewNotebookService added in v2.1.0 

func NewNotebookService(s influxdb.NotebookService) *NotebookService

NewNotebookService constructs an instance of an authorizing check service.

func (*NotebookService) CreateNotebook added in v2.1.0 

func (s *NotebookService) CreateNotebook(ctx context.Context, create *influxdb.NotebookReqBody) (*influxdb.Notebook, error)

CreateNotebook checks to see if the authorizer on context has write access for notebooks for organization id provided in the notebook body.

func (*NotebookService) DeleteNotebook added in v2.1.0 

func (s *NotebookService) DeleteNotebook(ctx context.Context, id platform.ID) error

DeleteNotebook checks to see if the authorizer on context has write access to the notebook provided.

func (*NotebookService) GetNotebook added in v2.1.0 

func (s *NotebookService) GetNotebook(ctx context.Context, id platform.ID) (*influxdb.Notebook, error)

GetNotebook checks to see if the authorizer on context has read access to the id provided.

func (*NotebookService) ListNotebooks added in v2.1.0 

func (s *NotebookService) ListNotebooks(ctx context.Context, filter influxdb.NotebookListFilter) ([]*influxdb.Notebook, error)

ListNotebooks checks to see if the requesting user has read access to the provided org and returns a list of notebooks for that org if so.

func (*NotebookService) UpdateNotebook added in v2.1.0 

func (s *NotebookService) UpdateNotebook(ctx context.Context, id platform.ID, update *influxdb.NotebookReqBody) (*influxdb.Notebook, error)

UpdateNotebook checks to see if the authorizer on context has write access to the notebook provided.

type NotificationEndpointService 

type NotificationEndpointService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

NotificationEndpointService wraps a influxdb.NotificationEndpointService and authorizes actions against it appropriately.

func NewNotificationEndpointService 

func NewNotificationEndpointService(
	s influxdb.NotificationEndpointService,
	urm influxdb.UserResourceMappingService,
	org influxdb.OrganizationService,
) *NotificationEndpointService

NewNotificationEndpointService constructs an instance of an authorizing notification endpoint service.

func (*NotificationEndpointService) CreateNotificationEndpoint 

func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID platform.ID) error

CreateNotificationEndpoint checks to see if the authorizer on context has write access to the global notification endpoint resource.

func (*NotificationEndpointService) DeleteNotificationEndpoint 

func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id platform.ID) ([]influxdb.SecretField, platform.ID, error)

DeleteNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

func (*NotificationEndpointService) FindNotificationEndpointByID 

func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id platform.ID) (influxdb.NotificationEndpoint, error)

FindNotificationEndpointByID checks to see if the authorizer on context has read access to the id provided.

func (*NotificationEndpointService) FindNotificationEndpoints 

func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Context, filter influxdb.NotificationEndpointFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationEndpoint, int, error)

FindNotificationEndpoints retrieves all notification endpoints that match the provided filter and then filters the list down to only the resources that are authorized.

func (*NotificationEndpointService) PatchNotificationEndpoint 

func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error)

PatchNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

func (*NotificationEndpointService) UpdateNotificationEndpoint 

func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id platform.ID, upd influxdb.NotificationEndpoint, userID platform.ID) (influxdb.NotificationEndpoint, error)

UpdateNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

type NotificationRuleStore 

type NotificationRuleStore struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

NotificationRuleStore wraps a influxdb.NotificationRuleStore and authorizes actions against it appropriately.

func NewNotificationRuleStore 

func NewNotificationRuleStore(s influxdb.NotificationRuleStore, urm influxdb.UserResourceMappingService, org influxdb.OrganizationService) *NotificationRuleStore

NewNotificationRuleStore constructs an instance of an authorizing notification rule service.

func (*NotificationRuleStore) CreateNotificationRule 

func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID platform.ID) error

CreateNotificationRule checks to see if the authorizer on context has write access to the global notification rule resource.

func (*NotificationRuleStore) DeleteNotificationRule 

func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id platform.ID) error

DeleteNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

func (*NotificationRuleStore) FindNotificationRuleByID 

func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id platform.ID) (influxdb.NotificationRule, error)

FindNotificationRuleByID checks to see if the authorizer on context has read access to the id provided.

func (*NotificationRuleStore) FindNotificationRules 

func (s *NotificationRuleStore) FindNotificationRules(ctx context.Context, filter influxdb.NotificationRuleFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationRule, int, error)

FindNotificationRules retrieves all notification rules that match the provided filter and then filters the list down to only the resources that are authorized.

func (*NotificationRuleStore) PatchNotificationRule 

func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error)

PatchNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

func (*NotificationRuleStore) UpdateNotificationRule 

func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id platform.ID, upd influxdb.NotificationRuleCreate, userID platform.ID) (influxdb.NotificationRule, error)

UpdateNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

type OrgIDResolver 

type OrgIDResolver interface {
	FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id platform.ID) (platform.ID, error)
}

type OrgService 

type OrgService struct {
	// contains filtered or unexported fields
}

OrgService wraps a influxdb.OrganizationService and authorizes actions against it appropriately.

func NewOrgService 

func NewOrgService(s influxdb.OrganizationService) *OrgService

NewOrgService constructs an instance of an authorizing org service.

func (*OrgService) CreateOrganization 

func (s *OrgService) CreateOrganization(ctx context.Context, o *influxdb.Organization) error

CreateOrganization checks to see if the authorizer on context has write access to the global orgs resource.

func (*OrgService) DeleteOrganization 

func (s *OrgService) DeleteOrganization(ctx context.Context, id platform.ID) error

DeleteOrganization checks to see if the authorizer on context has write access to the organization provided.

func (*OrgService) FindOrganization 

func (s *OrgService) FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)

FindOrganization retrieves the organization and checks to see if the authorizer on context has read access to the org.

func (*OrgService) FindOrganizationByID 

func (s *OrgService) FindOrganizationByID(ctx context.Context, id platform.ID) (*influxdb.Organization, error)

FindOrganizationByID checks to see if the authorizer on context has read access to the id provided.

func (*OrgService) FindOrganizations 

func (s *OrgService) FindOrganizations(ctx context.Context, filter influxdb.OrganizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Organization, int, error)

FindOrganizations retrieves all organizations that match the provided filter and then filters the list down to only the resources that are authorized.

func (*OrgService) UpdateOrganization 

func (s *OrgService) UpdateOrganization(ctx context.Context, id platform.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error)

UpdateOrganization checks to see if the authorizer on context has write access to the organization provided.

type PasswordService 

type PasswordService struct {
	// contains filtered or unexported fields
}

PasswordService is a new authorization middleware for a password service.

func NewPasswordService 

func NewPasswordService(svc influxdb.PasswordsService) *PasswordService

NewPasswordService wraps an existing password service with auth middleware.

func (*PasswordService) CompareAndSetPassword 

func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID platform.ID, old string, new string) error

CompareAndSetPassword checks the password and if they match updates to the new password.

func (*PasswordService) ComparePassword 

func (s *PasswordService) ComparePassword(ctx context.Context, userID platform.ID, password string) error

ComparePassword checks if the password matches the password recorded. Passwords that do not match return errors.

func (*PasswordService) SetPassword 

func (s *PasswordService) SetPassword(ctx context.Context, userID platform.ID, password string) error

SetPassword overrides the password of a known user.

type RestoreService 

type RestoreService struct {
	// contains filtered or unexported fields
}

RestoreService wraps a influxdb.RestoreService and authorizes actions against it appropriately.

func NewRestoreService 

func NewRestoreService(s influxdb.RestoreService) *RestoreService

NewRestoreService constructs an instance of an authorizing restore service.

func (RestoreService) RestoreBucket 

func (b RestoreService) RestoreBucket(ctx context.Context, id platform.ID, dbi []byte) (shardIDMap map[uint64]uint64, err error)

func (RestoreService) RestoreKVStore 

func (b RestoreService) RestoreKVStore(ctx context.Context, r io.Reader) error

func (RestoreService) RestoreShard 

func (b RestoreService) RestoreShard(ctx context.Context, shardID uint64, r io.Reader) error

type ScraperTargetStoreService 

type ScraperTargetStoreService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

ScraperTargetStoreService wraps a influxdb.ScraperTargetStoreService and authorizes actions against it appropriately.

func NewScraperTargetStoreService 

func NewScraperTargetStoreService(s influxdb.ScraperTargetStoreService,
	urm influxdb.UserResourceMappingService,
	org influxdb.OrganizationService,
) *ScraperTargetStoreService

NewScraperTargetStoreService constructs an instance of an authorizing scraper target store service.

func (*ScraperTargetStoreService) AddTarget 

func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID platform.ID) error

AddTarget checks to see if the authorizer on context has write access to the global scraper target resource.

func (*ScraperTargetStoreService) GetTargetByID 

func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id platform.ID) (*influxdb.ScraperTarget, error)

GetTargetByID checks to see if the authorizer on context has read access to the id provided.

func (*ScraperTargetStoreService) ListTargets 

func (s *ScraperTargetStoreService) ListTargets(ctx context.Context, filter influxdb.ScraperTargetFilter) ([]influxdb.ScraperTarget, error)

ListTargets retrieves all scraper targets that match the provided filter and then filters the list down to only the resources that are authorized.

func (*ScraperTargetStoreService) RemoveTarget 

func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id platform.ID) error

RemoveTarget checks to see if the authorizer on context has write access to the scraper target provided.

func (*ScraperTargetStoreService) UpdateTarget 

func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID platform.ID) (*influxdb.ScraperTarget, error)

UpdateTarget checks to see if the authorizer on context has write access to the scraper target provided.

type SecretService 

type SecretService struct {
	// contains filtered or unexported fields
}

SecretService wraps a influxdb.SecretService and authorizes actions against it appropriately.

func NewSecretService 

func NewSecretService(s influxdb.SecretService) *SecretService

NewSecretService constructs an instance of an authorizing secret service.

func (*SecretService) DeleteSecret 

func (s *SecretService) DeleteSecret(ctx context.Context, orgID platform.ID, keys ...string) error

DeleteSecret checks to see if the authorizer on context has write access to the secret keys provided.

func (*SecretService) GetSecretKeys 

func (s *SecretService) GetSecretKeys(ctx context.Context, orgID platform.ID) ([]string, error)

GetSecretKeys checks to see if the authorizer on context has read access to all the secrets belonging to orgID.

func (*SecretService) LoadSecret 

func (s *SecretService) LoadSecret(ctx context.Context, orgID platform.ID, key string) (string, error)

LoadSecret checks to see if the authorizer on context has read access to the secret key provided.

func (*SecretService) PatchSecrets 

func (s *SecretService) PatchSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error

PatchSecrets checks to see if the authorizer on context has write access to the secret keys provided.

func (*SecretService) PutSecret 

func (s *SecretService) PutSecret(ctx context.Context, orgID platform.ID, key string, val string) error

PutSecret checks to see if the authorizer on context has write access to the secret key provided.

func (*SecretService) PutSecrets 

func (s *SecretService) PutSecrets(ctx context.Context, orgID platform.ID, m map[string]string) error

PutSecrets checks to see if the authorizer on context has read and write access to the secret keys provided.

type SourceService 

type SourceService struct {
	// contains filtered or unexported fields
}

SourceService wraps a influxdb.SourceService and authorizes actions against it appropriately.

func NewSourceService 

func NewSourceService(s influxdb.SourceService) *SourceService

NewSourceService constructs an instance of an authorizing source service.

func (*SourceService) CreateSource 

func (s *SourceService) CreateSource(ctx context.Context, src *influxdb.Source) error

CreateSource checks to see if the authorizer on context has write access to the global source resource.

func (*SourceService) DefaultSource 

func (s *SourceService) DefaultSource(ctx context.Context) (*influxdb.Source, error)

DefaultSource checks to see if the authorizer on context has read access to the default source.

func (*SourceService) DeleteSource 

func (s *SourceService) DeleteSource(ctx context.Context, id platform.ID) error

DeleteSource checks to see if the authorizer on context has write access to the source provided.

func (*SourceService) FindSourceByID 

func (s *SourceService) FindSourceByID(ctx context.Context, id platform.ID) (*influxdb.Source, error)

FindSourceByID checks to see if the authorizer on context has read access to the id provided.

func (*SourceService) FindSources 

func (s *SourceService) FindSources(ctx context.Context, opts influxdb.FindOptions) ([]*influxdb.Source, int, error)

FindSources retrieves all sources that match the provided options and then filters the list down to only the resources that are authorized.

func (*SourceService) UpdateSource 

func (s *SourceService) UpdateSource(ctx context.Context, id platform.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error)

UpdateSource checks to see if the authorizer on context has write access to the source provided.

type SqlBackupRestoreService added in v2.1.0 

type SqlBackupRestoreService struct {
	// contains filtered or unexported fields
}

SqlBackupRestoreService wraps a influxdb.SqlBackupRestoreService and authorizes actions against it appropriately.

func NewSqlBackupRestoreService added in v2.1.0 

func NewSqlBackupRestoreService(s influxdb.SqlBackupRestoreService) *SqlBackupRestoreService

NewSqlBackupRestoreService constructs an instance of an authorizing backup service.

func (SqlBackupRestoreService) BackupSqlStore added in v2.1.0 

func (s SqlBackupRestoreService) BackupSqlStore(ctx context.Context, w io.Writer) error

func (SqlBackupRestoreService) RLockSqlStore added in v2.1.0 

func (s SqlBackupRestoreService) RLockSqlStore()

The Lock and Unlock methods below do not have authorization checks and should only be used when appropriate authorization has already been confirmed, such as behind a middleware. They are intended to be used for coordinating the locking and unlocking of the kv and sql metadata databases during a backup. They are made available here to allow the calls to pass-through to the underlying service.

func (SqlBackupRestoreService) RUnlockSqlStore added in v2.1.0 

func (s SqlBackupRestoreService) RUnlockSqlStore()

func (SqlBackupRestoreService) RestoreSqlStore added in v2.1.0 

func (s SqlBackupRestoreService) RestoreSqlStore(ctx context.Context, r io.Reader) error

type TelegrafConfigService 

type TelegrafConfigService struct {
	influxdb.UserResourceMappingService
	// contains filtered or unexported fields
}

TelegrafConfigService wraps a influxdb.TelegrafConfigStore and authorizes actions against it appropriately.

func NewTelegrafConfigService 

func NewTelegrafConfigService(s influxdb.TelegrafConfigStore, urm influxdb.UserResourceMappingService) *TelegrafConfigService

NewTelegrafConfigService constructs an instance of an authorizing telegraf service.

func (*TelegrafConfigService) CreateTelegrafConfig 

func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID platform.ID) error

CreateTelegrafConfig checks to see if the authorizer on context has write access to the global telegraf config resource.

func (*TelegrafConfigService) DeleteTelegrafConfig 

func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id platform.ID) error

DeleteTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.

func (*TelegrafConfigService) FindTelegrafConfigByID 

func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id platform.ID) (*influxdb.TelegrafConfig, error)

FindTelegrafConfigByID checks to see if the authorizer on context has read access to the id provided.

func (*TelegrafConfigService) FindTelegrafConfigs 

func (s *TelegrafConfigService) FindTelegrafConfigs(ctx context.Context, filter influxdb.TelegrafConfigFilter, opt ...influxdb.FindOptions) ([]*influxdb.TelegrafConfig, int, error)

FindTelegrafConfigs retrieves all telegraf configs that match the provided filter and then filters the list down to only the resources that are authorized.

func (*TelegrafConfigService) UpdateTelegrafConfig 

func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id platform.ID, upd *influxdb.TelegrafConfig, userID platform.ID) (*influxdb.TelegrafConfig, error)

UpdateTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.

type URMService 

type URMService struct {
	// contains filtered or unexported fields
}

func NewURMService 

func NewURMService(orgIDResolver OrgIDResolver, s influxdb.UserResourceMappingService) *URMService

func (*URMService) CreateUserResourceMapping 

func (s *URMService) CreateUserResourceMapping(ctx context.Context, m *influxdb.UserResourceMapping) error

func (*URMService) DeleteUserResourceMapping 

func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID platform.ID, userID platform.ID) error

func (*URMService) FindUserResourceMappings 

func (s *URMService) FindUserResourceMappings(ctx context.Context, filter influxdb.UserResourceMappingFilter, opt ...influxdb.FindOptions) ([]*influxdb.UserResourceMapping, int, error)

type UserService 

type UserService struct {
	// contains filtered or unexported fields
}

UserService wraps a influxdb.UserService and authorizes actions against it appropriately.

func NewUserService 

func NewUserService(s influxdb.UserService) *UserService

NewUserService constructs an instance of an authorizing user service.

func (*UserService) CreateUser 

func (s *UserService) CreateUser(ctx context.Context, o *influxdb.User) error

CreateUser checks to see if the authorizer on context has write access to the global users resource.

func (*UserService) DeleteUser 

func (s *UserService) DeleteUser(ctx context.Context, id platform.ID) error

DeleteUser checks to see if the authorizer on context has write access to the user provided.

func (*UserService) FindPermissionForUser 

func (s *UserService) FindPermissionForUser(ctx context.Context, uid platform.ID) (influxdb.PermissionSet, error)

func (*UserService) FindUser 

func (s *UserService) FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error)

FindUser retrieves the user and checks to see if the authorizer on context has read access to the user.

func (*UserService) FindUserByID 

func (s *UserService) FindUserByID(ctx context.Context, id platform.ID) (*influxdb.User, error)

FindUserByID checks to see if the authorizer on context has read access to the id provided.

func (*UserService) FindUsers 

func (s *UserService) FindUsers(ctx context.Context, filter influxdb.UserFilter, opt ...influxdb.FindOptions) ([]*influxdb.User, int, error)

FindUsers retrieves all users that match the provided filter and then filters the list down to only the resources that are authorized.

func (*UserService) UpdateUser 

func (s *UserService) UpdateUser(ctx context.Context, id platform.ID, upd influxdb.UserUpdate) (*influxdb.User, error)

UpdateUser checks to see if the authorizer on context has write access to the user provided.

type VariableService 

type VariableService struct {
	// contains filtered or unexported fields
}

VariableService wraps a influxdb.VariableService and authorizes actions against it appropriately.

func NewVariableService 

func NewVariableService(s influxdb.VariableService) *VariableService

NewVariableService constructs an instance of an authorizing variable service.

func (*VariableService) CreateVariable 

func (s *VariableService) CreateVariable(ctx context.Context, v *influxdb.Variable) error

CreateVariable checks to see if the authorizer on context has write access to the global variable resource.

func (*VariableService) DeleteVariable 

func (s *VariableService) DeleteVariable(ctx context.Context, id platform.ID) error

DeleteVariable checks to see if the authorizer on context has write access to the variable provided.

func (*VariableService) FindVariableByID 

func (s *VariableService) FindVariableByID(ctx context.Context, id platform.ID) (*influxdb.Variable, error)

FindVariableByID checks to see if the authorizer on context has read access to the id provided.

func (*VariableService) FindVariables 

func (s *VariableService) FindVariables(ctx context.Context, filter influxdb.VariableFilter, opt ...influxdb.FindOptions) ([]*influxdb.Variable, error)

FindVariables retrieves all variables that match the provided filter and then filters the list down to only the resources that are authorized.

func (*VariableService) ReplaceVariable 

func (s *VariableService) ReplaceVariable(ctx context.Context, m *influxdb.Variable) error

ReplaceVariable checks to see if the authorizer on context has write access to the variable provided.

func (*VariableService) UpdateVariable 

func (s *VariableService) UpdateVariable(ctx context.Context, id platform.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error)

UpdateVariable checks to see if the authorizer on context has write access to the variable provided.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.