rbac

package
v1.8.6-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 15, 2019 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ActionAll = Action("*") // action match any other actions

	ActionPull = Action("pull") // pull repository tag
	ActionPush = Action("push") // push repository tag

	// create, read, update, delete, list actions compatible with restful api methods
	ActionCreate = Action("create")
	ActionRead   = Action("read")
	ActionUpdate = Action("update")
	ActionDelete = Action("delete")
	ActionList   = Action("list")
)

const action variables

View Source
const (
	ResourceAll                        = Resource("*")             // resource match any other resources
	ResourceConfiguration              = Resource("configuration") // project configuration compatible for portal only
	ResourceHelmChart                  = Resource("helm-chart")
	ResourceHelmChartVersion           = Resource("helm-chart-version")
	ResourceHelmChartVersionLabel      = Resource("helm-chart-version-label")
	ResourceLabel                      = Resource("label")
	ResourceLabelResource              = Resource("label-resource")
	ResourceLog                        = Resource("log")
	ResourceMember                     = Resource("member")
	ResourceMetadata                   = Resource("metadata")
	ResourceReplication                = Resource("replication")     // TODO remove
	ResourceReplicationJob             = Resource("replication-job") // TODO remove
	ResourceReplicationExecution       = Resource("replication-execution")
	ResourceReplicationTask            = Resource("replication-task")
	ResourceRepository                 = Resource("repository")
	ResourceRepositoryLabel            = Resource("repository-label")
	ResourceRepositoryTag              = Resource("repository-tag")
	ResourceRepositoryTagLabel         = Resource("repository-tag-label")
	ResourceRepositoryTagManifest      = Resource("repository-tag-manifest")
	ResourceRepositoryTagScanJob       = Resource("repository-tag-scan-job")
	ResourceRepositoryTagVulnerability = Resource("repository-tag-vulnerability")
	ResourceRobot                      = Resource("robot")
	ResourceSelf                       = Resource("") // subresource for self
)

const resource variables

View Source
const (
	// EffectAllow allow effect
	EffectAllow = Effect("allow")
	// EffectDeny deny effect
	EffectDeny = Effect("deny")
)

Variables

This section is empty.

Functions

func HasPermission

func HasPermission(user User, resource Resource, action Action) bool

HasPermission returns whether the user has action permission on resource

Types

type Action

type Action string

Action the type of action

func (Action) String

func (act Action) String() string

type BaseUser

type BaseUser struct{}

BaseUser the type implement User interface whose policies are empty

func (*BaseUser) GetPolicies

func (u *BaseUser) GetPolicies() []*Policy

GetPolicies returns policies of the user

func (*BaseUser) GetRoles

func (u *BaseUser) GetRoles() []Role

GetRoles returns roles of the user

func (*BaseUser) GetUserName

func (u *BaseUser) GetUserName() string

GetUserName returns user identity

type Effect

type Effect string

Effect the type of effect

func (Effect) String

func (eff Effect) String() string

type Namespace

type Namespace interface {
	// Kind returns the kind of namespace
	Kind() string
	// Resource returns new resource for subresources with the namespace
	Resource(subresources ...Resource) Resource
	// Identity returns identity attached with namespace
	Identity() interface{}
	// IsPublic returns true if namespace is public
	IsPublic() bool
}

Namespace the namespace interface

func NewProjectNamespace

func NewProjectNamespace(projectID int64, isPublic ...bool) Namespace

NewProjectNamespace returns namespace for project

type Policy

type Policy struct {
	Resource
	Action
	Effect
}

Policy the type of policy

func (*Policy) GetEffect

func (p *Policy) GetEffect() string

GetEffect returns effect of resource, default is allow

func (*Policy) String added in v1.8.4

func (p *Policy) String() string

type Resource

type Resource string

Resource the type of resource

func (Resource) GetNamespace

func (res Resource) GetNamespace() (Namespace, error)

GetNamespace returns namespace from resource

func (Resource) RelativeTo

func (res Resource) RelativeTo(other Resource) (Resource, error)

RelativeTo returns relative resource to other resource

func (Resource) String

func (res Resource) String() string

func (Resource) Subresource

func (res Resource) Subresource(resources ...Resource) Resource

Subresource returns subresource

type Role

type Role interface {
	// GetRoleName returns the role identity, if empty string role's policies will be ignore
	GetRoleName() string
	GetPolicies() []*Policy
}

Role the interface of rbac role

type User

type User interface {
	// GetUserName returns the user identity, if empty string user's all policies will be ignore
	GetUserName() string
	GetPolicies() []*Policy
	GetRoles() []Role
}

User the interface of rbac user

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL