privilege

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	AllPrivileges    = List{ALL, CONNECT, CREATE, DROP, GRANT, SELECT, INSERT, DELETE, UPDATE, USAGE, ZONECONFIG}
	ReadData         = List{GRANT, SELECT}
	ReadWriteData    = List{GRANT, SELECT, INSERT, DELETE, UPDATE}
	DBPrivileges     = List{ALL, CONNECT, CREATE, DROP, GRANT, ZONECONFIG}
	TablePrivileges  = List{ALL, CREATE, DROP, GRANT, SELECT, INSERT, DELETE, UPDATE, ZONECONFIG}
	SchemaPrivileges = List{ALL, GRANT, CREATE, USAGE}
	TypePrivileges   = List{ALL, GRANT, USAGE}
)

Predefined sets of privileges.

View Source 
var ByName = map[string]Kind{
	"ALL":        ALL,
	"CONNECT":    CONNECT,
	"CREATE":     CREATE,
	"DROP":       DROP,
	"GRANT":      GRANT,
	"SELECT":     SELECT,
	"INSERT":     INSERT,
	"DELETE":     DELETE,
	"UPDATE":     UPDATE,
	"ZONECONFIG": ZONECONFIG,
	"USAGE":      USAGE,
	"RULE":       RULE,
}

ByName is a map of string -> kind value.

View Source 
var ByValue = [...]Kind{
	ALL, CREATE, DROP, GRANT, SELECT, INSERT, DELETE, UPDATE, USAGE, ZONECONFIG, CONNECT, RULE,
}

ByValue is just an array of privilege kinds sorted by value.

Functions

func ValidatePrivileges 

func ValidatePrivileges(privileges List, objectType ObjectType) error

ValidatePrivileges returns an error if any privilege in privileges cannot be granted on the given objectType.

Types

type Kind 

type Kind uint32

Kind defines a privilege. This is output by the parser, and used to generate the privilege bitfields in the PrivilegeDescriptor. 

const (
	ALL        Kind = 1
	CREATE     Kind = 2
	DROP       Kind = 3
	GRANT      Kind = 4
	SELECT     Kind = 5
	INSERT     Kind = 6
	DELETE     Kind = 7
	UPDATE     Kind = 8
	USAGE      Kind = 9
	ZONECONFIG Kind = 10
	CONNECT    Kind = 11
	RULE       Kind = 12
)

List of privileges. ALL is specifically encoded so that it will automatically pick up new privileges. Do not change values of privileges. These correspond to the position of the privilege in a bit field and are expected to stay constant.

func (Kind) IsSetIn 

func (k Kind) IsSetIn(bits uint32) bool

IsSetIn returns true if this privilege kind is set in the supplied bitfield.

func (Kind) Mask 

func (k Kind) Mask() uint32

Mask returns the bitmask for a given privilege.

func (Kind) String 

func (i Kind) String() string

type List 

type List []Kind

List is a list of privileges.

func GetValidPrivilegesForObject 

func GetValidPrivilegesForObject(objectType ObjectType) List

GetValidPrivilegesForObject returns the list of valid privileges for the specified object type.

func ListFromBitField 

func ListFromBitField(m uint32, objectType ObjectType) List

ListFromBitField takes a bitfield of privileges and a ObjectType returns a List. It is ordered in increasing value of privilege.Kind.

func ListFromStrings 

func ListFromStrings(strs []string) (List, error)

ListFromStrings takes a list of strings and attempts to build a list of Kind. We convert each string to uppercase and search for it in the ByName map. If an entry is not found in ByName, an error is returned.

func (List) Contains 

func (pl List) Contains(k Kind) bool

Contains returns true iff the list contains the given privilege kind.

func (List) Format 

func (pl List) Format(buf *bytes.Buffer)

Format prints out the list in a buffer. This keeps the existing order and uses ", " as separator.

func (List) Len 

func (pl List) Len() int

Len, Swap, and Less implement the Sort interface.

func (List) Less 

func (pl List) Less(i, j int) bool

func (List) ListToACL 

func (pl List) ListToACL(grantOptions List, objectType ObjectType) string

ListToACL converts a list of privileges to a list of Postgres ACL items. See: https://www.postgresql.org/docs/13/ddl-priv.html#PRIVILEGE-ABBREVS-TABLE 

for privileges and their ACL abbreviations.

func (List) SortedNames 

func (pl List) SortedNames() []string

SortedNames returns a list of privilege names in sorted order.

func (List) SortedString 

func (pl List) SortedString() string

SortedString is similar to String() but returns privileges sorted by name and uses "," as separator.

func (List) String 

func (pl List) String() string

String implements the Stringer interface. This keeps the existing order and uses ", " as separator.

func (List) Swap 

func (pl List) Swap(i, j int)

func (List) ToBitField 

func (pl List) ToBitField() uint32

ToBitField returns the bitfield representation of a list of privileges.

type ObjectType 

type ObjectType string

ObjectType represents objects that can have privileges. 

const (
	// Any represents any object type.
	Any ObjectType = "any"
	// Database represents a database object.
	Database ObjectType = "database"
	// Schema represents a schema object.
	Schema ObjectType = "schema"
	// Table represents a table object.
	Table ObjectType = "table"
	// Type represents a type object.
	Type ObjectType = "type"
)

type Privilege 

type Privilege struct {
	Kind Kind
	// Each privilege Kind has an optional "grant option" flag associated with
	// it. A role can only grant a privilege on an object to others if it is the
	// owner of the object or if it itself holds that privilege WITH GRANT OPTION
	// on the object. This replaces the CockroachDB-specific GRANT privilege.
	GrantOption bool
}

Privilege represents a privilege parsed from an Access Privilege Inquiry Function's privilege string argument.

func PrivilegesFromBitFields 

func PrivilegesFromBitFields(
	kindBits uint32, grantOptionBits uint32, objectType ObjectType,
) []Privilege

PrivilegesFromBitFields takes a bitfield of privilege kinds, a bitfield of grant options, and an ObjectType returns a List. It is ordered in increasing value of privilege.Kind.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.