rbac

package
v1.5.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 18, 2018 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source
const (
	VCenter = iota
	DatacenterReadOnly
	Datacenter
	Cluster
	DatastoreFolder
	Datastore
	VSANDatastore
	Network
	Endpoint
)

Variables

This section is empty.

Functions

func Cleanup

func Cleanup(ctx context.Context, t *testing.T, am *AuthzManager, checkCount bool)

func DoTestRoles

func DoTestRoles(ctx context.Context, t *testing.T, am *AuthzManager, testRoleNames []string, testRolePrivileges []string)

func InitRoles

func InitRoles(ctx context.Context, t *testing.T, am *AuthzManager) int

func VerifyResourcePermissions

func VerifyResourcePermissions(ctx context.Context, t *testing.T, am *AuthzManager, retPerms []ResourcePermission)

Types

type AuthzManager

type AuthzManager struct {
	TargetRoles []types.AuthorizationRole
	RolePrefix  string
	Principal   string
	Config      *Config
	// contains filtered or unexported fields
}

func NewAuthzManager

func NewAuthzManager(ctx context.Context, client *vim25.Client) *AuthzManager

func (*AuthzManager) AddPermission

func (am *AuthzManager) AddPermission(ctx context.Context, ref types.ManagedObjectReference, resourceType int8, isGroup bool) (*ResourcePermission, error)

func (*AuthzManager) CreateRoles

func (am *AuthzManager) CreateRoles(ctx context.Context) (int, error)

func (*AuthzManager) DeleteRoles

func (am *AuthzManager) DeleteRoles(ctx context.Context) (int, error)

func (*AuthzManager) GetPermissions

func (am *AuthzManager) GetPermissions(ctx context.Context,
	ref types.ManagedObjectReference) ([]types.Permission, error)

func (*AuthzManager) InitConfig

func (am *AuthzManager) InitConfig(principal string, rolePrefix string, config *Config)

func (*AuthzManager) IsPrincipalAnAdministrator

func (am *AuthzManager) IsPrincipalAnAdministrator(ctx context.Context) (bool, error)

func (*AuthzManager) PrincipalBelongsToGroup

func (am *AuthzManager) PrincipalBelongsToGroup(ctx context.Context, group string) (bool, error)

func (*AuthzManager) PrincipalHasRole

func (am *AuthzManager) PrincipalHasRole(ctx context.Context, roleName string) (bool, error)

func (*AuthzManager) ReadPermsOnDC

func (am *AuthzManager) ReadPermsOnDC(ctx context.Context, dcRef types.ManagedObjectReference) (bool, error)

ReadPermsOnDC returns true if the user (principal) in the AuthzManager has at least read permissions on the input datacenter ref, false otherwise.

func (*AuthzManager) RoleList

type Config

type Config struct {
	Resources []Resource
}

type NameToRef

type NameToRef map[string]types.ManagedObjectReference

type Resource

type Resource struct {
	Type      int8
	Propagate bool
	Role      types.AuthorizationRole
}

type ResourcePermission

type ResourcePermission struct {
	RType      int8
	Reference  types.ManagedObjectReference
	Permission types.Permission
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL