authz

package
v0.0.0-...-4e9b90d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 21, 2018 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Overview

Package authz is a generated protocol buffer package.

It is generated from these files:

grant.proto

It has these top-level messages:

GrantList
Grant

Index

Constants

This section is empty.

Variables

View Source
var ErrNotAuthorized = errors.New("not authorized")

Functions

func EqualGrants

func EqualGrants(a, b Grant) bool

func ValidX509SubjectField

func ValidX509SubjectField(s string) bool

Types

type Authorizer

type Authorizer struct {
	// contains filtered or unexported fields
}

func NewAuthorizer

func NewAuthorizer(l Loader, policyMap map[string][]string) *Authorizer

func (*Authorizer) Authorize

func (a *Authorizer) Authorize(req *http.Request) error

type Grant

type Grant struct {
	GuardType string `protobuf:"bytes,1,opt,name=guard_type,json=guardType" json:"guard_type,omitempty"`
	GuardData []byte `protobuf:"bytes,2,opt,name=guard_data,json=guardData,proto3" json:"guard_data,omitempty"`
	Policy    string `protobuf:"bytes,3,opt,name=policy" json:"policy,omitempty"`
	CreatedAt string `protobuf:"bytes,4,opt,name=created_at,json=createdAt" json:"created_at,omitempty"`
	Protected bool   `protobuf:"varint,5,opt,name=protected" json:"protected,omitempty"`
}

func (*Grant) Descriptor

func (*Grant) Descriptor() ([]byte, []int)

func (*Grant) GetCreatedAt

func (m *Grant) GetCreatedAt() string

func (*Grant) GetGuardData

func (m *Grant) GetGuardData() []byte

func (*Grant) GetGuardType

func (m *Grant) GetGuardType() string

func (*Grant) GetPolicy

func (m *Grant) GetPolicy() string

func (*Grant) GetProtected

func (m *Grant) GetProtected() bool

func (*Grant) ProtoMessage

func (*Grant) ProtoMessage()

func (*Grant) Reset

func (m *Grant) Reset()

func (*Grant) String

func (m *Grant) String() string

type GrantList

type GrantList struct {
	Grants []*Grant `protobuf:"bytes,1,rep,name=grants" json:"grants,omitempty"`
}

func (*GrantList) Descriptor

func (*GrantList) Descriptor() ([]byte, []int)

func (*GrantList) GetGrants

func (m *GrantList) GetGrants() []*Grant

func (*GrantList) ProtoMessage

func (*GrantList) ProtoMessage()

func (*GrantList) Reset

func (m *GrantList) Reset()

func (*GrantList) String

func (m *GrantList) String() string

type Loader

type Loader interface {
	Load(ctx context.Context, policy []string) ([]*Grant, error)
}

Loader loads all grants for any of the given policies.

type PKIXName

type PKIXName struct {
	Country            []string `json:"C,omitempty"`
	Organization       []string `json:"O,omitempty"`
	OrganizationalUnit []string `json:"OU,omitempty"`
	Locality           []string `json:"L,omitempty"`
	Province           []string `json:"ST,omitempty"`
	StreetAddress      []string `json:"STREET,omitempty"`
	PostalCode         []string `json:"POSTALCODE,omitempty"`
	SerialNumber       string   `json:"SERIALNUMBER,omitempty"`
	CommonName         string   `json:"CN,omitempty"`

	Names      []pkix.AttributeTypeAndValue `json:"-"`
	ExtraNames []pkix.AttributeTypeAndValue `json:"-"`
}

PKIXName represents a PKIX Distinguished Name. It is the same type as Name in package crypto/x509/pkix, but with JSON tags declaring the X.500 standard "short name" for each field.

type Store

type Store struct {
	// contains filtered or unexported fields
}

Store provides persistent storage for grant objects.

func NewStore

func NewStore(db *sinkdb.DB, keyPrefix string) *Store

NewStore returns a new *Store storing grants in db under keyPrefix. It implements the Loader interface.

func (*Store) Delete

func (s *Store) Delete(policy string, delete func(*Grant) bool) sinkdb.Op

Delete returns an Op to delete from policy all stored grants for which delete returns true.

func (*Store) Load

func (s *Store) Load(ctx context.Context, policy []string) ([]*Grant, error)

Load satisfies the Loader interface.

func (*Store) Save

func (s *Store) Save(ctx context.Context, g *Grant) sinkdb.Op

Save returns an Op to store g. If a grant equivalent to g is already stored, the returned Op has no effect. It also sets field CreatedAt to the time g is stored (the current time), or to the time the original grant was stored, if there is one.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL