rbac

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 2, 2023 License: MPL-2.0 Imports: 2 Imported by: 0

Documentation

Overview

Package rbac is concerned with authorization

Index

Constants

This section is empty.

Variables

View Source
var (
	// OrganizationMinPermissions are permissions granted to all team
	// members within an organization.
	OrganizationMinPermissions = Role{
								// contains filtered or unexported fields
	}

	// WorkspaceReadRole is scoped to a workspace and permits read-only actions
	// on the workspace.
	WorkspaceReadRole = Role{
						// contains filtered or unexported fields
	}

	// WorkspacePlanRole is scoped to a workspace and permits creating plans on
	// the workspace.
	WorkspacePlanRole = Role{
						// contains filtered or unexported fields
	}

	// WorkspaceWriteRole is scoped to a workspace and permits write actions on
	// the workspace.
	WorkspaceWriteRole = Role{
						// contains filtered or unexported fields
	}

	// WorkspaceAdminRole is scoped to a workspace and permits management of the
	// workspace.
	WorkspaceAdminRole = Role{
						// contains filtered or unexported fields
	}

	// WorkspaceManagerRole is scoped to an organization and permits management
	// of workspaces.
	WorkspaceManagerRole = Role{
							// contains filtered or unexported fields
	}

	// VCSManagerRole is scoped to an organization and permits management of VCS
	// providers.
	VCSManagerRole = Role{
					// contains filtered or unexported fields
	}

	// RegistryManagerRole is scoped to an organization and permits management
	// of registry of modules and providers
	RegistryManagerRole = Role{
						// contains filtered or unexported fields
	}
)

Functions

This section is empty.

Types

type Action

type Action int

Action identifies an action a subject carries out on a resource for authorization purposes.

const (
	WatchAction Action = iota
	CreateOrganizationAction
	UpdateOrganizationAction
	GetOrganizationAction
	ListOrganizationsAction
	GetEntitlementsAction
	DeleteOrganizationAction

	CreateVCSProviderAction
	GetVCSProviderAction
	ListVCSProvidersAction
	DeleteVCSProviderAction

	CreateAgentTokenAction
	ListAgentTokensAction
	DeleteAgentTokenAction

	CreateOrganizationTokenAction
	DeleteOrganizationTokenAction

	CreateRunTokenAction

	CreateModuleAction
	CreateModuleVersionAction
	UpdateModuleAction
	ListModulesAction
	GetModuleAction
	DeleteModuleAction
	DeleteModuleVersionAction

	CreateVariableAction
	UpdateVariableAction
	ListVariablesAction
	GetVariableAction
	DeleteVariableAction

	GetRunAction
	ListRunsAction
	ApplyRunAction
	CreateRunAction
	DiscardRunAction
	DeleteRunAction
	CancelRunAction
	EnqueuePlanAction
	StartPhaseAction
	FinishPhaseAction
	PutChunkAction
	TailLogsAction

	GetPlanFileAction
	UploadPlanFileAction

	GetLockFileAction
	UploadLockFileAction

	ListWorkspacesAction
	GetWorkspaceAction
	CreateWorkspaceAction
	DeleteWorkspaceAction
	SetWorkspacePermissionAction
	UnsetWorkspacePermissionAction
	UpdateWorkspaceAction

	ListTagsAction
	DeleteTagsAction
	TagWorkspacesAction
	AddTagsAction
	RemoveTagsAction
	ListWorkspaceTags

	LockWorkspaceAction
	UnlockWorkspaceAction
	ForceUnlockWorkspaceAction

	CreateStateVersionAction
	ListStateVersionsAction
	GetStateVersionAction
	DeleteStateVersionAction
	RollbackStateVersionAction
	DownloadStateAction
	GetStateVersionOutputAction

	CreateConfigurationVersionAction
	ListConfigurationVersionsAction
	GetConfigurationVersionAction
	DownloadConfigurationVersionAction
	DeleteConfigurationVersionAction

	CreateUserAction
	ListUsersAction
	GetUserAction
	DeleteUserAction

	CreateTeamAction
	UpdateTeamAction
	GetTeamAction
	ListTeamsAction
	DeleteTeamAction
	AddTeamMembershipAction
	RemoveTeamMembershipAction

	CreateNotificationConfigurationAction
	UpdateNotificationConfigurationAction
	ListNotificationConfigurationsAction
	GetNotificationConfigurationAction
	DeleteNotificationConfigurationAction
)

func (Action) String

func (i Action) String() string

type Role

type Role struct {
	// contains filtered or unexported fields
}

Role is a set of permitted actions

func WorkspaceRoleFromString

func WorkspaceRoleFromString(role string) (Role, error)

func (Role) IsAllowed

func (r Role) IsAllowed(action Action) bool

func (Role) String

func (r Role) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL