authorization

package
v0.0.0-...-d4d4b81 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 7, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AuthKey    = contextKey("authorization")
	UserClaim  = contextKey("user-claims")
	CookieName = "litmus-cc-token"
)

Variables

View Source 
var MutationRbacRules = map[RoleQuery][]string{
	UserClusterReg:         {MemberRoleOwnerString, MemberRoleEditorString},
	CreateChaosWorkFlow:    {MemberRoleOwnerString, MemberRoleEditorString},
	ReRunChaosWorkFlow:     {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteChaosWorkflow:    {MemberRoleOwnerString, MemberRoleEditorString},
	TerminateChaosWorkflow: {MemberRoleOwnerString, MemberRoleEditorString},
	SyncWorkflow:           {MemberRoleOwnerString, MemberRoleEditorString},
	SendInvitation:         {MemberRoleOwnerString},
	AcceptInvitation:       {MemberRoleViewerString, MemberRoleEditorString},
	DeclineInvitation:      {MemberRoleViewerString, MemberRoleEditorString},
	RemoveInvitation:       {MemberRoleOwnerString},
	LeaveProject:           {MemberRoleViewerString, MemberRoleEditorString},
	UpdateProjectName:      {MemberRoleOwnerString},
	AddChaosHub:            {MemberRoleOwnerString, MemberRoleEditorString},
	SyncHub:                {MemberRoleOwnerString, MemberRoleEditorString},
	UpdateChaosWorkflow:    {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteClusters:         {MemberRoleOwnerString, MemberRoleEditorString},
	UpdateChaosHub:         {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteChaosHub:         {MemberRoleOwnerString, MemberRoleEditorString},
	EnableGitOps:           {MemberRoleOwnerString},
	DisableGitOps:          {MemberRoleOwnerString},
	UpdateGitOps:           {MemberRoleOwnerString},
	CreateDataSource:       {MemberRoleOwnerString, MemberRoleEditorString},
	CreateDashBoard:        {MemberRoleOwnerString, MemberRoleEditorString},
	UpdateDataSource:       {MemberRoleOwnerString, MemberRoleEditorString},
	UpdateDashboard:        {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteDashboard:        {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteDataSource:       {MemberRoleOwnerString, MemberRoleEditorString},
	ListWorkflowRuns:       {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListClusters: {MemberRoleOwnerString, MemberRoleEditorString,
		MemberRoleViewerString},
	GetManifest:     {MemberRoleOwnerString, MemberRoleEditorString},
	GetAgentDetails: {MemberRoleOwnerString, MemberRoleEditorString},
	GetProject: {MemberRoleOwnerString, MemberRoleEditorString,
		MemberRoleViewerString},
	ListHeatmapData:              {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListWorkflowStats:            {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListCharts:                   {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetHubExperiment:             {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetWorkflowRunStats:          {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListHubStatus:                {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListPortalDashboardData:      {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListWorkflow:                 {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	SaveChaosHub:                 {MemberRoleOwnerString, MemberRoleEditorString},
	CreateWorkflowTemplate:       {MemberRoleOwnerString, MemberRoleEditorString},
	DeleteWorkflowTemplate:       {MemberRoleOwnerString, MemberRoleEditorString},
	CreateImageRegistry:          {MemberRoleOwnerString},
	UpdateImageRegistry:          {MemberRoleOwnerString},
	DeleteImageRegistry:          {MemberRoleOwnerString},
	GetYAMLData:                  {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	PredefinedWorkflowOperations: {MemberRoleOwnerString, MemberRoleEditorString},
	ListPredefinedWorkflows:      {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetPredefinedExperimentYaml:  {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListDataSource:               {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListDashboard:                {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetGitOpsDetails:             {MemberRoleOwnerString},
	ListWorkflowManifests:        {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetExperimentDetails:         {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	GetWorkflowManifestByID:      {MemberRoleOwnerString, MemberRoleEditorString, MemberRoleViewerString},
	ListImageRegistry:            {MemberRoleOwnerString},
	GetImageRegistry:             {MemberRoleOwnerString},
}

Functions

func GetUsername 

func GetUsername(token string) (string, error)

GetUsername returns the username from the jwt token

func IsRevokedToken 

func IsRevokedToken(tokenString string, mongoClient *mongo.Client) bool

IsRevokedToken checks if the given JWT Token is revoked

func Middleware 

func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc

Middleware verifies jwt and checks if user has enough privilege to access route (no roles' info needed)

func RestMiddlewareWithRole 

func RestMiddlewareWithRole(handler gin.HandlerFunc, mongoClient *mongo.Client, roles []string) gin.HandlerFunc

RestMiddlewareWithRole verifies jwt and checks if user has enough privilege to access route

func UserValidateJWT 

func UserValidateJWT(token string) (jwt.MapClaims, error)

UserValidateJWT validates the cluster jwt

func ValidateRole 

func ValidateRole(ctx context.Context, projectID string,
	requiredRoles []string, invitation string) error

ValidateRole Validates the role of a user in a given project

Types

type RoleQuery 

type RoleQuery string

RoleQuery states the query for the roles 

const (
	UserClusterReg               RoleQuery = "userClusterReg"
	CreateChaosWorkFlow          RoleQuery = "CreateChaosWorkFlow"
	ReRunChaosWorkFlow           RoleQuery = "ReRunChaosWorkFlow"
	DeleteChaosWorkflow          RoleQuery = "DeleteChaosWorkflow"
	TerminateChaosWorkflow       RoleQuery = "TerminateChaosWorkflow"
	SyncWorkflow                 RoleQuery = "SyncWorkflow"
	SendInvitation               RoleQuery = "SendInvitation"
	AcceptInvitation             RoleQuery = "AcceptInvitation"
	DeclineInvitation            RoleQuery = "DeclineInvitation"
	RemoveInvitation             RoleQuery = "RemoveInvitation"
	LeaveProject                 RoleQuery = "LeaveProject"
	UpdateProjectName            RoleQuery = "UpdateProjectName"
	AddChaosHub                  RoleQuery = "AddChaosHub"
	SyncHub                      RoleQuery = "SyncHub"
	UpdateChaosWorkflow          RoleQuery = "UpdateChaosWorkflow"
	DeleteClusters               RoleQuery = "DeleteClusters"
	UpdateChaosHub               RoleQuery = "UpdateChaosHub"
	DeleteChaosHub               RoleQuery = "DeleteChaosHub"
	EnableGitOps                 RoleQuery = "EnableGitOps"
	DisableGitOps                RoleQuery = "DisableGitOps"
	UpdateGitOps                 RoleQuery = "UpdateGitOps"
	CreateDataSource             RoleQuery = "CreateDataSource"
	CreateDashBoard              RoleQuery = "CreateDashBoard"
	UpdateDataSource             RoleQuery = "UpdateDataSource"
	UpdateDashboard              RoleQuery = "UpdateDashboard"
	DeleteDashboard              RoleQuery = "DeleteDashboard"
	DeleteDataSource             RoleQuery = "DeleteDataSource"
	ListWorkflowRuns             RoleQuery = "ListWorkflowRuns"
	ListClusters                 RoleQuery = "ListClusters"
	GetManifest                  RoleQuery = "GetManifest"
	GetAgentDetails              RoleQuery = "GetAgentDetails"
	GetProject                   RoleQuery = "GetProject"
	ListHeatmapData              RoleQuery = "ListHeatmapData"
	ListWorkflowStats            RoleQuery = "ListWorkflowStats"
	ListCharts                   RoleQuery = "ListCharts"
	GetHubExperiment             RoleQuery = "GetHubExperiment"
	GetWorkflowRunStats          RoleQuery = "GetWorkflowRunStats"
	ListHubStatus                RoleQuery = "ListHubStatus"
	ListPortalDashboardData      RoleQuery = "ListPortalDashboardData"
	ListWorkflow                 RoleQuery = "ListWorkflow"
	SaveChaosHub                 RoleQuery = "SaveChaosHub"
	CreateWorkflowTemplate       RoleQuery = "CreateWorkflowTemplate"
	DeleteWorkflowTemplate       RoleQuery = "DeleteWorkflowTemplate"
	CreateImageRegistry          RoleQuery = "CreateImageRegistry"
	UpdateImageRegistry          RoleQuery = "UpdateImageRegistry"
	DeleteImageRegistry          RoleQuery = "DeleteImageRegistry"
	GetYAMLData                  RoleQuery = "GetYAMLData"
	PredefinedWorkflowOperations RoleQuery = "PredefinedWorkflowOperations"
	ListPredefinedWorkflows      RoleQuery = "ListPredefinedWorkflows"
	GetPredefinedExperimentYaml  RoleQuery = "GetPredefinedExperimentYaml"
	GetExperimentDetails         RoleQuery = "GetExperimentDetails"
	ListDataSource               RoleQuery = "ListDataSource"
	ListDashboard                RoleQuery = "ListDashboard"
	GetGitOpsDetails             RoleQuery = "GetGitOpsDetails"
	ListWorkflowManifests        RoleQuery = "ListWorkflowManifests"
	GetWorkflowManifestByID      RoleQuery = "GetWorkflowManifestByID"
	ListImageRegistry            RoleQuery = "ListImageRegistry"
	GetImageRegistry             RoleQuery = "GetImageRegistry"

	MemberRoleOwnerString  = string(model.MemberRoleOwner)
	MemberRoleEditorString = string(model.MemberRoleEditor)
	MemberRoleViewerString = string(model.MemberRoleViewer)
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.