Affected by GO-2024-3010 and 2 other vulnerabilities

GO-2024-3010: CVE-2024-6984 in github.com/juju/juju

GO-2024-3040: Juju's unprivileged user running on charm node can leak any secret or relation data accessible to the local charm in github.com/juju/juju

GO-2024-3175: Vulnerable juju introspection abstract UNIX domain socket in github.com/juju/juju

service

package

v0.0.0-...-a81527e Latest Latest Go to latest Published: Feb 27, 2025 License: AGPL-3.0 Imports: 12 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/juju/juju

Documentation ¶

Index ¶

type ImporterService
- func NewImporterService(modelUUID model.UUID, keyImporter PublicKeyImporter, state State) *ImporterService
- func (s *ImporterService) ImportPublicKeysForUser(ctx context.Context, userUUID user.UUID, subject *url.URL) error
type PublicKeyImporter
type Service
- func NewService(modelUUID model.UUID, state State) *Service
type State

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ImporterService ¶

type ImporterService struct {
	*Service
	// contains filtered or unexported fields
}

ImporterService provides the means for interacting with a users underlying public keys for a model while also offering a mechanism to import keys for a user from an external source.

func NewImporterService ¶

func NewImporterService(
	modelUUID model.UUID,
	keyImporter PublicKeyImporter,
	state State,
) *ImporterService

NewImporterService constructs a new ImporterService that can both be used for interacting with a user's public keys and also importing new public keys from external sources.

func (*ImporterService) ImportPublicKeysForUser ¶

func (s *ImporterService) ImportPublicKeysForUser(
	ctx context.Context,
	userUUID user.UUID,
	subject *url.URL,
) error

ImportPublicKeysForUser will import all of the public keys available for a given subject and add them to the specified Juju user. If the user already has one or more of the public keys being imported they will safely be skipped with no errors being returned. The following errors can be expected: - errors.NotValid when the user uuid is not valid - github.com/juju/juju/domain/access/errors.UserNotFound when the user does not exist. - keyerrors.InvalidPublicKey when a key being imported fails validation. - keyerrors.ReservedCommentViolation when a key being added contains a comment string that is reserved. - keyerrors.UnknownImportSource when the source for the import operation is unknown to the service. - keyerrors.ImportSubjectNotFound when the source has indicated that the subject for the import operation does not exist. - github.com/juju/juju/domain/access/errors.UserNotFound when the provided user does not exist. - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist.

type PublicKeyImporter ¶

type PublicKeyImporter interface {
	// FetchPublicKeysForSubject is responsible for gathering all of the
	// public keys available for a specified subject.
	// The following errors can be expected:
	// - [importererrors.NoResolver] when there is import resolver the subject
	// schema.
	// - [importerrors.SubjectNotFound] when the resolver has reported that no
	// subject exists.
	FetchPublicKeysForSubject(context.Context, *url.URL) ([]string, error)
}

PublicKeyImporter describes a service that is capable of fetching and providing public keys for a subject from a set of well known sources that don't need to be understood by this service.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service provides the means for interacting with a users underlying public keys for a model.

func NewService ¶

func NewService(modelUUID model.UUID, state State) *Service

NewService constructs a new Service for interacting with a user's public keys on a model.

func (*Service) AddPublicKeysForUser ¶

func (s *Service) AddPublicKeysForUser(
	ctx context.Context,
	userUUID user.UUID,
	keys ...string,
) error

AddPublicKeysForUser is responsible for adding public keys for a user to a model. The following errors can be expected: - errors.NotValid when the user uuid is not valid - github.com/juju/juju/domain/access/errors.UserNotFound when the user does not exist. - keyerrors.InvalidPublicKey - When a public key fails validation. - keyerrors.ReservedCommentViolation - When a key being added contains a comment string that is reserved. - keyerrors.PublicKeyAlreadyExists - When a public key being added for a user already exists. - github.com/juju/juju/domain/access/errors.UserNotFound - When the provided user does not exist. - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist.

func (*Service) DeleteKeysForUser ¶

func (s *Service) DeleteKeysForUser(
	ctx context.Context,
	userUUID user.UUID,
	targets ...string,
) error

DeletePublicKeysForUser removes the keys associated with targets from the user's list of public keys. Targets can be an arbitrary list of a public key fingerprint (sha256), comment or full key value to be removed. Where a match is found the key will be removed. If no key exists for a target this will result in no operation. The following errors can be expected: - errors.NotValid when the user uuid is not valid - github.com/juju/juju/domain/access/errors.UserNotFound when the provided user does not exist. - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist. - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist.

func (*Service) GetAllUsersPublicKeys ¶

func (s *Service) GetAllUsersPublicKeys(
	ctx context.Context,
) (map[user.Name][]string, error)

GetAllUserPublicKeys returns all of the public keys in the model for each user grouped by user.Name. The following errors can be expected: - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist.

func (*Service) ListPublicKeysForUser ¶

func (s *Service) ListPublicKeysForUser(
	ctx context.Context,
	userUUID user.UUID,
) ([]coressh.PublicKey, error)

ListPublicKeysForUser is responsible for returning the public ssh keys for the specified user. The following errors can be expected: - errors.NotValid when the user uuid is not valid. - github.com/juju/juju/domain/access/errors.UserNotFound when the provided user does not exist. - github.com/juju/juju/domain/model/errors.NotFound - When the model does not exist.

type State ¶

type State interface {
	// AddPublicKeyForUser is responsible for adding one or more ssh public keys
	// for a user to a given model.
	// The following errors can be expected:
	// - [keyerrors.PublicKeyAlreadyExists] - When one of the public keys being
	// added for a user already exists on the model.
	// - [github.com/juju/juju/domain/access/errors.UserNotFound] - When the user does not exist.
	// - [modelerrors.NotFound] - When the model does not exist.
	AddPublicKeysForUser(context.Context, model.UUID, user.UUID, []keymanager.PublicKey) error

	// EnsurePublicKeysForUser will attempt to add the given set of public
	// keys for the user to the specified model. If the user already has the
	// public key in the model it will be skipped and no
	// [keyerrors.PublicKeyAlreadyExists] error will be returned.
	// The following errors can be expected:
	// - [github.com/juju/juju/domain/access/errors.UserNotFound] - When the user does not exist.
	// - [modelerrors.NotFound] - When the model does not exist.
	EnsurePublicKeysForUser(context.Context, model.UUID, user.UUID, []keymanager.PublicKey) error

	// GetPublicKeysForUser is responsible for returning all of the public
	// keys for the user uuid on a model. If the user does not exist no error is
	// returned.
	// The following errors can be expected:
	// - [github.com/juju/juju/domain/access/errors.UserNotFound] - If the user does not exist.
	// - [modelerrors.NotFound] - If the model does not exist.
	GetPublicKeysForUser(context.Context, model.UUID, user.UUID) ([]coressh.PublicKey, error)

	// GetAllUsersPublicKeys returns all of the public keys that are in a model
	// and their respective username. This is useful for building a view during
	// model migration. The following errors can be expected:
	// - [modelerrors.NotFound] - When no model exists for the uuid.
	GetAllUsersPublicKeys(context.Context, model.UUID) (map[user.Name][]string, error)

	// DeletePublicKeysForUser is responsible for removing the keys from the
	// users list of public keys on the given model. keyIds represent one of the
	// keys fingerprint, public key data or comment.
	// The following errors can be expected:
	// - [github.com/juju/juju/domain/access/errors.UserNotFound] - When the user does not exist.
	// - [modelerrors.NotFound] - When the model does not exist.
	DeletePublicKeysForUser(context.Context, model.UUID, user.UUID, []string) error
}

State provides the access layer the Service needs for persisting and retrieving a user's public keys on a model.

Source Files ¶

View all Source files

service.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL