auth

package
v6.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DriverTLS is the default TLS authorization driver. It is not compatible with OIDC or Candid authentication.
	DriverTLS string = "tls"

	// DriverOpenFGA provides fine-grained authorization. It is compatible with any authentication method.
	DriverOpenFGA string = "openfga"

	// DriverScriptlet provides scriptlet-based authorization. It is compatible with any authentication method.
	DriverScriptlet string = "scriptlet"
)

Variables

View Source 
var ErrUnknownDriver = fmt.Errorf("Unknown driver")

ErrUnknownDriver is the "Unknown driver" error.

Functions

func WithConfig 

func WithConfig(c map[string]any) func(*Opts)

WithConfig can be passed into LoadAuthorizer to pass in driver specific configuration.

func WithProjectsGetFunc 

func WithProjectsGetFunc(f func(ctx context.Context) (map[int64]string, error)) func(*Opts)

WithProjectsGetFunc should be passed into LoadAuthorizer when DriverRBAC is used.

func WithResourcesFunc 

func WithResourcesFunc(f func() (*Resources, error)) func(*Opts)

WithResourcesFunc should be passed into LoadAuthorizer when DriverOpenFGA is used.

Types

type Authorizer 

type Authorizer interface {
	Driver() string
	StopService(ctx context.Context) error
	ApplyPatch(ctx context.Context, name string) error

	CheckPermission(ctx context.Context, r *http.Request, object Object, entitlement Entitlement) error
	GetPermissionChecker(ctx context.Context, r *http.Request, entitlement Entitlement, objectType ObjectType) (PermissionChecker, error)

	AddProject(ctx context.Context, projectID int64, projectName string) error
	DeleteProject(ctx context.Context, projectID int64, projectName string) error
	RenameProject(ctx context.Context, projectID int64, oldName string, newName string) error

	AddCertificate(ctx context.Context, fingerprint string) error
	DeleteCertificate(ctx context.Context, fingerprint string) error

	AddStoragePool(ctx context.Context, storagePoolName string) error
	DeleteStoragePool(ctx context.Context, storagePoolName string) error

	AddImage(ctx context.Context, projectName string, fingerprint string) error
	DeleteImage(ctx context.Context, projectName string, fingerprint string) error

	AddImageAlias(ctx context.Context, projectName string, imageAliasName string) error
	DeleteImageAlias(ctx context.Context, projectName string, imageAliasName string) error
	RenameImageAlias(ctx context.Context, projectName string, oldAliasName string, newAliasName string) error

	AddInstance(ctx context.Context, projectName string, instanceName string) error
	DeleteInstance(ctx context.Context, projectName string, instanceName string) error
	RenameInstance(ctx context.Context, projectName string, oldInstanceName string, newInstanceName string) error

	AddNetwork(ctx context.Context, projectName string, networkName string) error
	DeleteNetwork(ctx context.Context, projectName string, networkName string) error
	RenameNetwork(ctx context.Context, projectName string, oldNetworkName string, newNetworkName string) error

	AddNetworkZone(ctx context.Context, projectName string, networkZoneName string) error
	DeleteNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

	AddNetworkIntegration(ctx context.Context, networkIntegrationName string) error
	DeleteNetworkIntegration(ctx context.Context, networkIntegrationName string) error
	RenameNetworkIntegration(ctx context.Context, oldNetworkIntegrationName string, newNetworkIntegrationName string) error

	AddNetworkACL(ctx context.Context, projectName string, networkACLName string) error
	DeleteNetworkACL(ctx context.Context, projectName string, networkACLName string) error
	RenameNetworkACL(ctx context.Context, projectName string, oldNetworkACLName string, newNetworkACLName string) error

	AddProfile(ctx context.Context, projectName string, profileName string) error
	DeleteProfile(ctx context.Context, projectName string, profileName string) error
	RenameProfile(ctx context.Context, projectName string, oldProfileName string, newProfileName string) error

	AddStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error
	DeleteStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error
	RenameStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, oldStorageVolumeName string, newStorageVolumeName string, storageVolumeLocation string) error

	AddStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error
	DeleteStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

	GetInstanceAccess(ctx context.Context, projectName string, instanceName string) (*api.Access, error)
	GetProjectAccess(ctx context.Context, projectName string) (*api.Access, error)
}

Authorizer is the primary external API for this package.

func LoadAuthorizer 

func LoadAuthorizer(ctx context.Context, driver string, logger logger.Logger, certificateCache *certificate.Cache, options ...func(opts *Opts)) (Authorizer, error)

LoadAuthorizer instantiates, configures, and initializes an Authorizer.

type Entitlement 

type Entitlement string

Entitlement is a type representation of a permission as it applies to a particular ObjectType. 

const (
	// Entitlements that apply to all resources.
	EntitlementCanEdit Entitlement = "can_edit"
	EntitlementCanView Entitlement = "can_view"

	// Server entitlements.
	EntitlementCanCreateCertificates               Entitlement = "can_create_certificates"
	EntitlementCanCreateNetworkIntegrations        Entitlement = "can_create_network_integrations"
	EntitlementCanCreateProjects                   Entitlement = "can_create_projects"
	EntitlementCanCreateStoragePools               Entitlement = "can_create_storage_pools"
	EntitlementCanOverrideClusterTargetRestriction Entitlement = "can_override_cluster_target_restriction"
	EntitlementCanViewMetrics                      Entitlement = "can_view_metrics"
	EntitlementCanViewPrivilegedEvents             Entitlement = "can_view_privileged_events"
	EntitlementCanViewResources                    Entitlement = "can_view_resources"
	EntitlementCanViewSensitive                    Entitlement = "can_view_sensitive"

	// Project entitlements.
	EntitlementCanCreateImageAliases   Entitlement = "can_create_image_aliases"
	EntitlementCanCreateImages         Entitlement = "can_create_images"
	EntitlementCanCreateInstances      Entitlement = "can_create_instances"
	EntitlementCanCreateNetworkACLs    Entitlement = "can_create_network_acls"
	EntitlementCanCreateNetworks       Entitlement = "can_create_networks"
	EntitlementCanCreateNetworkZones   Entitlement = "can_create_network_zones"
	EntitlementCanCreateProfiles       Entitlement = "can_create_profiles"
	EntitlementCanCreateStorageBuckets Entitlement = "can_create_storage_buckets"
	EntitlementCanCreateStorageVolumes Entitlement = "can_create_storage_volumes"
	EntitlementCanViewEvents           Entitlement = "can_view_events"
	EntitlementCanViewOperations       Entitlement = "can_view_operations"

	// Instance entitlements.
	EntitlementCanAccessConsole Entitlement = "can_access_console"
	EntitlementCanAccessFiles   Entitlement = "can_access_files"
	EntitlementCanConnectSFTP   Entitlement = "can_connect_sftp"
	EntitlementCanExec          Entitlement = "can_exec"
	EntitlementCanUpdateState   Entitlement = "can_update_state"

	// Instance and storage volume entitlements.
	EntitlementCanManageBackups   Entitlement = "can_manage_backups"
	EntitlementCanManageSnapshots Entitlement = "can_manage_snapshots"
)

type FGA added in v6.8.0 

type FGA struct {
	// contains filtered or unexported fields
}

FGA represents an OpenFGA authorizer.

func (*FGA) AddCertificate added in v6.8.0 

func (f *FGA) AddCertificate(ctx context.Context, fingerprint string) error

AddCertificate adds a certificate to the authorizer.

func (*FGA) AddImage added in v6.8.0 

func (f *FGA) AddImage(ctx context.Context, projectName string, fingerprint string) error

AddImage adds an image to the authorizer.

func (*FGA) AddImageAlias added in v6.8.0 

func (f *FGA) AddImageAlias(ctx context.Context, projectName string, imageAliasName string) error

AddImageAlias adds an image alias to the authorizer.

func (*FGA) AddInstance added in v6.8.0 

func (f *FGA) AddInstance(ctx context.Context, projectName string, instanceName string) error

AddInstance adds an instance to the authorizer.

func (*FGA) AddNetwork added in v6.8.0 

func (f *FGA) AddNetwork(ctx context.Context, projectName string, networkName string) error

AddNetwork adds a network to the authorizer.

func (*FGA) AddNetworkACL added in v6.8.0 

func (f *FGA) AddNetworkACL(ctx context.Context, projectName string, networkACLName string) error

AddNetworkACL adds a network ACL in the authorizer.

func (*FGA) AddNetworkIntegration added in v6.8.0 

func (f *FGA) AddNetworkIntegration(ctx context.Context, networkIntegrationName string) error

AddNetworkIntegration adds a network integration to the authorizer.

func (*FGA) AddNetworkZone added in v6.8.0 

func (f *FGA) AddNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

AddNetworkZone adds a network zone in the authorizer.

func (*FGA) AddProfile added in v6.8.0 

func (f *FGA) AddProfile(ctx context.Context, projectName string, profileName string) error

AddProfile adds a profile in the authorizer.

func (*FGA) AddProject added in v6.8.0 

func (f *FGA) AddProject(ctx context.Context, _ int64, projectName string) error

AddProject adds a project to the authorizer.

func (*FGA) AddStorageBucket added in v6.8.0 

func (f *FGA) AddStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

AddStorageBucket adds a storage bucket to the authorizer.

func (*FGA) AddStoragePool added in v6.8.0 

func (f *FGA) AddStoragePool(ctx context.Context, storagePoolName string) error

AddStoragePool adds a storage pool to the authorizer.

func (*FGA) AddStoragePoolVolume added in v6.8.0 

func (f *FGA) AddStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

AddStoragePoolVolume adds a storage volume to the authorizer.

func (*FGA) ApplyPatch added in v6.8.0 

func (f *FGA) ApplyPatch(ctx context.Context, name string) error

ApplyPatch is called when an applicable server patch is run, this triggers a model re-upload.

func (*FGA) CheckPermission added in v6.8.0 

func (f *FGA) CheckPermission(ctx context.Context, r *http.Request, object Object, entitlement Entitlement) error

CheckPermission returns an error if the user does not have the given Entitlement on the given Object.

func (*FGA) DeleteCertificate added in v6.8.0 

func (f *FGA) DeleteCertificate(ctx context.Context, fingerprint string) error

DeleteCertificate deletes a certificate from the authorizer.

func (*FGA) DeleteImage added in v6.8.0 

func (f *FGA) DeleteImage(ctx context.Context, projectName string, fingerprint string) error

DeleteImage deletes an image from the authorizer.

func (*FGA) DeleteImageAlias added in v6.8.0 

func (f *FGA) DeleteImageAlias(ctx context.Context, projectName string, imageAliasName string) error

DeleteImageAlias deletes an image alias from the authorizer.

func (*FGA) DeleteInstance added in v6.8.0 

func (f *FGA) DeleteInstance(ctx context.Context, projectName string, instanceName string) error

DeleteInstance deletes an instance from the authorizer.

func (*FGA) DeleteNetwork added in v6.8.0 

func (f *FGA) DeleteNetwork(ctx context.Context, projectName string, networkName string) error

DeleteNetwork deletes a network from the authorizer.

func (*FGA) DeleteNetworkACL added in v6.8.0 

func (f *FGA) DeleteNetworkACL(ctx context.Context, projectName string, networkACLName string) error

DeleteNetworkACL deletes a network ACL from the authorizer.

func (*FGA) DeleteNetworkIntegration added in v6.8.0 

func (f *FGA) DeleteNetworkIntegration(ctx context.Context, networkIntegrationName string) error

DeleteNetworkIntegration deletes a network integration from the authorizer.

func (*FGA) DeleteNetworkZone added in v6.8.0 

func (f *FGA) DeleteNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

DeleteNetworkZone deletes a network zone from the authorizer.

func (*FGA) DeleteProfile added in v6.8.0 

func (f *FGA) DeleteProfile(ctx context.Context, projectName string, profileName string) error

DeleteProfile deletes a profile from the authorizer.

func (*FGA) DeleteProject added in v6.8.0 

func (f *FGA) DeleteProject(ctx context.Context, _ int64, projectName string) error

DeleteProject deletes a project from the authorizer.

func (*FGA) DeleteStorageBucket added in v6.8.0 

func (f *FGA) DeleteStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

DeleteStorageBucket deletes a storage bucket from the authorizer.

func (*FGA) DeleteStoragePool added in v6.8.0 

func (f *FGA) DeleteStoragePool(ctx context.Context, storagePoolName string) error

DeleteStoragePool deletes a storage pool from the authorizer.

func (*FGA) DeleteStoragePoolVolume added in v6.8.0 

func (f *FGA) DeleteStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

DeleteStoragePoolVolume deletes a storage volume from the authorizer.

func (*FGA) Driver added in v6.8.0 

func (c *FGA) Driver() string

func (*FGA) GetInstanceAccess added in v6.8.0 

func (f *FGA) GetInstanceAccess(ctx context.Context, projectName string, instanceName string) (*api.Access, error)

GetInstanceAccess returns the list of entities who have access to the instance.

func (*FGA) GetPermissionChecker added in v6.8.0 

func (f *FGA) GetPermissionChecker(ctx context.Context, r *http.Request, entitlement Entitlement, objectType ObjectType) (PermissionChecker, error)

GetPermissionChecker returns a function that can be used to check whether a user has the required entitlement on an authorization object.

func (*FGA) GetProjectAccess added in v6.8.0 

func (f *FGA) GetProjectAccess(ctx context.Context, projectName string) (*api.Access, error)

GetProjectAccess returns the list of entities who have access to the project.

func (*FGA) RenameImageAlias added in v6.8.0 

func (f *FGA) RenameImageAlias(ctx context.Context, projectName string, oldAliasName string, newAliasName string) error

RenameImageAlias renames an image alias in the authorizer.

func (*FGA) RenameInstance added in v6.8.0 

func (f *FGA) RenameInstance(ctx context.Context, projectName string, oldInstanceName string, newInstanceName string) error

RenameInstance renames an instance in the authorizer.

func (*FGA) RenameNetwork added in v6.8.0 

func (f *FGA) RenameNetwork(ctx context.Context, projectName string, oldNetworkName string, newNetworkName string) error

RenameNetwork renames a network in the authorizer.

func (*FGA) RenameNetworkACL added in v6.8.0 

func (f *FGA) RenameNetworkACL(ctx context.Context, projectName string, oldNetworkACLName string, newNetworkACLName string) error

RenameNetworkACL renames a network ACL in the authorizer.

func (*FGA) RenameNetworkIntegration added in v6.8.0 

func (f *FGA) RenameNetworkIntegration(ctx context.Context, oldNetworkIntegrationName string, newNetworkIntegrationName string) error

RenameNetworkIntegration renames a network integration in the authorizer.

func (*FGA) RenameProfile added in v6.8.0 

func (f *FGA) RenameProfile(ctx context.Context, projectName string, oldProfileName string, newProfileName string) error

RenameProfile renames a profile in the authorizer.

func (*FGA) RenameProject added in v6.8.0 

func (f *FGA) RenameProject(ctx context.Context, _ int64, oldName string, newName string) error

RenameProject renames a project in the authorizer.

func (*FGA) RenameStoragePoolVolume added in v6.8.0 

func (f *FGA) RenameStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, oldStorageVolumeName string, newStorageVolumeName string, storageVolumeLocation string) error

RenameStoragePoolVolume renames a storage volume in the authorizer.

func (*FGA) StopService added in v6.8.0 

func (f *FGA) StopService(ctx context.Context) error

StopService stops the authorizer gracefully.

type Object 

type Object string

Object is a string alias that represents an authorization object. These are formatted strings that uniquely identify an API resource, and can be constructed/deconstructed reliably. An Object is always of the form <ObjectType>:<identifier> where the identifier is a "/" delimited path containing elements that uniquely identify a resource. If the resource is defined at the project level, the first element of this path is always the project. Some example objects would be:

  • `instance:default/c1`: Instance object in project "default" and name "c1".
  • `storage_pool:local`: Storage pool object with name "local".
  • `storage_volume:default/local/custom/vol1`: Storage volume object in project "default", storage pool "local", type "custom", and name "vol1".

func NewObject 

func NewObject(objectType ObjectType, projectName string, identifierElements ...string) (Object, error)

NewObject returns an Object of the given type. The passed in arguments must be in the correct order (as found in the URL for the resource). This function will error if an invalid object type is given, or if the correct number of arguments is not passed in.

func ObjectCertificate 

func ObjectCertificate(fingerprint string) Object

ObjectCertificate represents a certificate.

func ObjectFromRequest 

func ObjectFromRequest(r *http.Request, objectType ObjectType, expandProject func(string) string, expandFingerprint func(string, string) string, expandVolumeLocation func(string, string, string, string) string, muxVars ...string) (Object, error)

ObjectFromRequest returns an object created from the request by evaluating the given mux vars. Mux vars must be provided in the order that they are found in the endpoint path. If the object requires a project name, this is taken from the project query parameter unless the URL begins with /1.0/projects.

func ObjectFromString 

func ObjectFromString(objectstr string) (Object, error)

ObjectFromString parses a string into an Object. It returns an error if the string is not valid.

func ObjectImage 

func ObjectImage(projectName string, imageFingerprint string) Object

ObjectImage represents an image.

func ObjectImageAlias 

func ObjectImageAlias(projectName string, aliasName string) Object

ObjectImageAlias represents an image alias.

func ObjectInstance 

func ObjectInstance(projectName string, instanceName string) Object

ObjectInstance represents an instance.

func ObjectNetwork 

func ObjectNetwork(projectName string, networkName string) Object

ObjectNetwork represents a network.

func ObjectNetworkACL 

func ObjectNetworkACL(projectName string, networkACLName string) Object

ObjectNetworkACL represents a network ACL.

func ObjectNetworkIntegration 

func ObjectNetworkIntegration(networkIntegrationName string) Object

ObjectNetworkIntegration represents a network integration.

func ObjectNetworkZone 

func ObjectNetworkZone(projectName string, networkZoneName string) Object

ObjectNetworkZone represents a network zone.

func ObjectProfile 

func ObjectProfile(projectName string, profileName string) Object

ObjectProfile represents a profile.

func ObjectProject 

func ObjectProject(projectName string) Object

ObjectProject represents a project.

func ObjectServer 

func ObjectServer() Object

ObjectServer represents a server.

func ObjectStorageBucket 

func ObjectStorageBucket(projectName string, poolName string, bucketName string, location string) Object

ObjectStorageBucket represents a storage bucket.

func ObjectStoragePool 

func ObjectStoragePool(storagePoolName string) Object

ObjectStoragePool represents a storage pool.

func ObjectStorageVolume 

func ObjectStorageVolume(projectName string, poolName string, volumeType string, volumeName string, location string) Object

ObjectStorageVolume represents a storage volume.

func ObjectUser 

func ObjectUser(userName string) Object

ObjectUser represents a user.

func (Object) Elements 

func (o Object) Elements() []string

Elements returns the elements that uniquely identify the authorization Object.

func (Object) Project 

func (o Object) Project() string

Project returns the project of the Object if present.

func (Object) String 

func (o Object) String() string

String implements fmt.Stringer for Object.

func (Object) Type 

func (o Object) Type() ObjectType

Type returns the ObjectType of the Object.

type ObjectType 

type ObjectType string

ObjectType is a type of resource within Incus. 

const (
	// ObjectTypeUser represents a user.
	ObjectTypeUser ObjectType = "user"

	// ObjectTypeServer represents a server.
	ObjectTypeServer ObjectType = "server"

	// ObjectTypeCertificate represents a certificate.
	ObjectTypeCertificate ObjectType = "certificate"

	// ObjectTypeStoragePool represents a storage pool.
	ObjectTypeStoragePool ObjectType = "storage_pool"

	// ObjectTypeProject represents a project.
	ObjectTypeProject ObjectType = "project"

	// ObjectTypeImage represents an image.
	ObjectTypeImage ObjectType = "image"

	// ObjectTypeImageAlias represents an image alias.
	ObjectTypeImageAlias ObjectType = "image_alias"

	// ObjectTypeInstance represents an instance.
	ObjectTypeInstance ObjectType = "instance"

	// ObjectTypeNetwork represents a network.
	ObjectTypeNetwork ObjectType = "network"

	// ObjectTypeNetworkACL represents a network ACL.
	ObjectTypeNetworkACL ObjectType = "network_acl"

	// ObjectTypeNetworkIntegration represents a network integration.
	ObjectTypeNetworkIntegration ObjectType = "network_integration"

	// ObjectTypeNetworkZone represents a network zone.
	ObjectTypeNetworkZone ObjectType = "network_zone"

	// ObjectTypeProfile represents a profile.
	ObjectTypeProfile ObjectType = "profile"

	// ObjectTypeStorageBucket represents a storage bucket.
	ObjectTypeStorageBucket ObjectType = "storage_bucket"

	// ObjectTypeStorageVolume represents a storage volume.
	ObjectTypeStorageVolume ObjectType = "storage_volume"
)

type Opts 

type Opts struct {
	// contains filtered or unexported fields
}

Opts is used as part of the LoadAuthorizer function so that only the relevant configuration fields are passed into a particular driver.

type PermissionChecker 

type PermissionChecker func(object Object) bool

PermissionChecker is a type alias for a function that returns whether a user has required permissions on an object. It is returned by Authorizer.GetPermissionChecker.

type Resources 

type Resources struct {
	CertificateObjects       []Object
	StoragePoolObjects       []Object
	ProjectObjects           []Object
	ImageObjects             []Object
	ImageAliasObjects        []Object
	InstanceObjects          []Object
	NetworkObjects           []Object
	NetworkACLObjects        []Object
	NetworkZoneObjects       []Object
	ProfileObjects           []Object
	StoragePoolVolumeObjects []Object
	StorageBucketObjects     []Object
}

Resources represents a set of current API resources as Object slices for use when loading an Authorizer.

type Scriptlet added in v6.8.0 

type Scriptlet struct {
	// contains filtered or unexported fields
}

Scriptlet represents a scriptlet authorizer.

func (*Scriptlet) AddCertificate added in v6.8.0 

func (c *Scriptlet) AddCertificate(ctx context.Context, fingerprint string) error

AddCertificate is a no-op.

func (*Scriptlet) AddImage added in v6.8.0 

func (c *Scriptlet) AddImage(ctx context.Context, projectName string, fingerprint string) error

AddImage is a no-op.

func (*Scriptlet) AddImageAlias added in v6.8.0 

func (c *Scriptlet) AddImageAlias(ctx context.Context, projectName string, imageAliasName string) error

AddImageAlias is a no-op.

func (*Scriptlet) AddInstance added in v6.8.0 

func (c *Scriptlet) AddInstance(ctx context.Context, projectName string, instanceName string) error

AddInstance is a no-op.

func (*Scriptlet) AddNetwork added in v6.8.0 

func (c *Scriptlet) AddNetwork(ctx context.Context, projectName string, networkName string) error

AddNetwork is a no-op.

func (*Scriptlet) AddNetworkACL added in v6.8.0 

func (c *Scriptlet) AddNetworkACL(ctx context.Context, projectName string, networkACLName string) error

AddNetworkACL is a no-op.

func (*Scriptlet) AddNetworkIntegration added in v6.8.0 

func (c *Scriptlet) AddNetworkIntegration(ctx context.Context, networkIntegrationName string) error

AddNetworkIntegration is a no-op.

func (*Scriptlet) AddNetworkZone added in v6.8.0 

func (c *Scriptlet) AddNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

AddNetworkZone is a no-op.

func (*Scriptlet) AddProfile added in v6.8.0 

func (c *Scriptlet) AddProfile(ctx context.Context, projectName string, profileName string) error

AddProfile is a no-op.

func (*Scriptlet) AddProject added in v6.8.0 

func (c *Scriptlet) AddProject(ctx context.Context, projectID int64, name string) error

AddProject is a no-op.

func (*Scriptlet) AddStorageBucket added in v6.8.0 

func (c *Scriptlet) AddStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

AddStorageBucket is a no-op.

func (*Scriptlet) AddStoragePool added in v6.8.0 

func (c *Scriptlet) AddStoragePool(ctx context.Context, storagePoolName string) error

AddStoragePool is a no-op.

func (*Scriptlet) AddStoragePoolVolume added in v6.8.0 

func (c *Scriptlet) AddStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

AddStoragePoolVolume is a no-op.

func (*Scriptlet) ApplyPatch added in v6.8.0 

func (c *Scriptlet) ApplyPatch(ctx context.Context, name string) error

ApplyPatch is a no-op.

func (*Scriptlet) CheckPermission added in v6.8.0 

func (s *Scriptlet) CheckPermission(ctx context.Context, r *http.Request, object Object, entitlement Entitlement) error

CheckPermission returns an error if the user does not have the given Entitlement on the given Object.

func (*Scriptlet) DeleteCertificate added in v6.8.0 

func (c *Scriptlet) DeleteCertificate(ctx context.Context, fingerprint string) error

DeleteCertificate is a no-op.

func (*Scriptlet) DeleteImage added in v6.8.0 

func (c *Scriptlet) DeleteImage(ctx context.Context, projectName string, fingerprint string) error

DeleteImage is a no-op.

func (*Scriptlet) DeleteImageAlias added in v6.8.0 

func (c *Scriptlet) DeleteImageAlias(ctx context.Context, projectName string, imageAliasName string) error

DeleteImageAlias is a no-op.

func (*Scriptlet) DeleteInstance added in v6.8.0 

func (c *Scriptlet) DeleteInstance(ctx context.Context, projectName string, instanceName string) error

DeleteInstance is a no-op.

func (*Scriptlet) DeleteNetwork added in v6.8.0 

func (c *Scriptlet) DeleteNetwork(ctx context.Context, projectName string, networkName string) error

DeleteNetwork is a no-op.

func (*Scriptlet) DeleteNetworkACL added in v6.8.0 

func (c *Scriptlet) DeleteNetworkACL(ctx context.Context, projectName string, networkACLName string) error

DeleteNetworkACL is a no-op.

func (*Scriptlet) DeleteNetworkIntegration added in v6.8.0 

func (c *Scriptlet) DeleteNetworkIntegration(ctx context.Context, networkIntegrationName string) error

DeleteNetworkIntegration is a no-op.

func (*Scriptlet) DeleteNetworkZone added in v6.8.0 

func (c *Scriptlet) DeleteNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

DeleteNetworkZone is a no-op.

func (*Scriptlet) DeleteProfile added in v6.8.0 

func (c *Scriptlet) DeleteProfile(ctx context.Context, projectName string, profileName string) error

DeleteProfile is a no-op.

func (*Scriptlet) DeleteProject added in v6.8.0 

func (c *Scriptlet) DeleteProject(ctx context.Context, projectID int64, name string) error

DeleteProject is a no-op.

func (*Scriptlet) DeleteStorageBucket added in v6.8.0 

func (c *Scriptlet) DeleteStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

DeleteStorageBucket is a no-op.

func (*Scriptlet) DeleteStoragePool added in v6.8.0 

func (c *Scriptlet) DeleteStoragePool(ctx context.Context, storagePoolName string) error

DeleteStoragePool is a no-op.

func (*Scriptlet) DeleteStoragePoolVolume added in v6.8.0 

func (c *Scriptlet) DeleteStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

DeleteStoragePoolVolume is a no-op.

func (*Scriptlet) Driver added in v6.8.0 

func (c *Scriptlet) Driver() string

func (*Scriptlet) GetInstanceAccess added in v6.8.0 

func (s *Scriptlet) GetInstanceAccess(ctx context.Context, projectName string, instanceName string) (*api.Access, error)

GetInstanceAccess returns the list of entities who have access to the instance.

func (*Scriptlet) GetPermissionChecker added in v6.8.0 

func (s *Scriptlet) GetPermissionChecker(ctx context.Context, r *http.Request, entitlement Entitlement, objectType ObjectType) (PermissionChecker, error)

GetPermissionChecker returns a function that can be used to check whether a user has the required entitlement on an authorization object.

func (*Scriptlet) GetProjectAccess added in v6.8.0 

func (s *Scriptlet) GetProjectAccess(ctx context.Context, projectName string) (*api.Access, error)

GetProjectAccess returns the list of entities who have access to the project.

func (*Scriptlet) RenameImageAlias added in v6.8.0 

func (c *Scriptlet) RenameImageAlias(ctx context.Context, projectName string, oldAliasName string, newAliasName string) error

RenameImageAlias is a no-op.

func (*Scriptlet) RenameInstance added in v6.8.0 

func (c *Scriptlet) RenameInstance(ctx context.Context, projectName string, oldInstanceName string, newInstanceName string) error

RenameInstance is a no-op.

func (*Scriptlet) RenameNetwork added in v6.8.0 

func (c *Scriptlet) RenameNetwork(ctx context.Context, projectName string, oldNetworkName string, newNetworkName string) error

RenameNetwork is a no-op.

func (*Scriptlet) RenameNetworkACL added in v6.8.0 

func (c *Scriptlet) RenameNetworkACL(ctx context.Context, projectName string, oldNetworkACLName string, newNetworkACLName string) error

RenameNetworkACL is a no-op.

func (*Scriptlet) RenameNetworkIntegration added in v6.8.0 

func (c *Scriptlet) RenameNetworkIntegration(ctx context.Context, oldNetworkIntegrationName string, newNetworkIntegrationName string) error

RenameNetworkIntegration is a no-op.

func (*Scriptlet) RenameProfile added in v6.8.0 

func (c *Scriptlet) RenameProfile(ctx context.Context, projectName string, oldProfileName string, newProfileName string) error

RenameProfile is a no-op.

func (*Scriptlet) RenameProject added in v6.8.0 

func (c *Scriptlet) RenameProject(ctx context.Context, projectID int64, oldName string, newName string) error

RenameProject is a no-op.

func (*Scriptlet) RenameStoragePoolVolume added in v6.8.0 

func (c *Scriptlet) RenameStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, oldStorageVolumeName string, newStorageVolumeName string, storageVolumeLocation string) error

RenameStoragePoolVolume is a no-op.

func (*Scriptlet) StopService added in v6.8.0 

func (c *Scriptlet) StopService(ctx context.Context) error

StopService is a no-op.

type TLS added in v6.8.0 

type TLS struct {
	// contains filtered or unexported fields
}

TLS represents a TLS authorizer.

func (*TLS) AddCertificate added in v6.8.0 

func (c *TLS) AddCertificate(ctx context.Context, fingerprint string) error

AddCertificate is a no-op.

func (*TLS) AddImage added in v6.8.0 

func (c *TLS) AddImage(ctx context.Context, projectName string, fingerprint string) error

AddImage is a no-op.

func (*TLS) AddImageAlias added in v6.8.0 

func (c *TLS) AddImageAlias(ctx context.Context, projectName string, imageAliasName string) error

AddImageAlias is a no-op.

func (*TLS) AddInstance added in v6.8.0 

func (c *TLS) AddInstance(ctx context.Context, projectName string, instanceName string) error

AddInstance is a no-op.

func (*TLS) AddNetwork added in v6.8.0 

func (c *TLS) AddNetwork(ctx context.Context, projectName string, networkName string) error

AddNetwork is a no-op.

func (*TLS) AddNetworkACL added in v6.8.0 

func (c *TLS) AddNetworkACL(ctx context.Context, projectName string, networkACLName string) error

AddNetworkACL is a no-op.

func (*TLS) AddNetworkIntegration added in v6.8.0 

func (c *TLS) AddNetworkIntegration(ctx context.Context, networkIntegrationName string) error

AddNetworkIntegration is a no-op.

func (*TLS) AddNetworkZone added in v6.8.0 

func (c *TLS) AddNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

AddNetworkZone is a no-op.

func (*TLS) AddProfile added in v6.8.0 

func (c *TLS) AddProfile(ctx context.Context, projectName string, profileName string) error

AddProfile is a no-op.

func (*TLS) AddProject added in v6.8.0 

func (c *TLS) AddProject(ctx context.Context, projectID int64, name string) error

AddProject is a no-op.

func (*TLS) AddStorageBucket added in v6.8.0 

func (c *TLS) AddStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

AddStorageBucket is a no-op.

func (*TLS) AddStoragePool added in v6.8.0 

func (c *TLS) AddStoragePool(ctx context.Context, storagePoolName string) error

AddStoragePool is a no-op.

func (*TLS) AddStoragePoolVolume added in v6.8.0 

func (c *TLS) AddStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

AddStoragePoolVolume is a no-op.

func (*TLS) ApplyPatch added in v6.8.0 

func (c *TLS) ApplyPatch(ctx context.Context, name string) error

ApplyPatch is a no-op.

func (*TLS) CheckPermission added in v6.8.0 

func (t *TLS) CheckPermission(ctx context.Context, r *http.Request, object Object, entitlement Entitlement) error

CheckPermission returns an error if the user does not have the given Entitlement on the given Object.

func (*TLS) DeleteCertificate added in v6.8.0 

func (c *TLS) DeleteCertificate(ctx context.Context, fingerprint string) error

DeleteCertificate is a no-op.

func (*TLS) DeleteImage added in v6.8.0 

func (c *TLS) DeleteImage(ctx context.Context, projectName string, fingerprint string) error

DeleteImage is a no-op.

func (*TLS) DeleteImageAlias added in v6.8.0 

func (c *TLS) DeleteImageAlias(ctx context.Context, projectName string, imageAliasName string) error

DeleteImageAlias is a no-op.

func (*TLS) DeleteInstance added in v6.8.0 

func (c *TLS) DeleteInstance(ctx context.Context, projectName string, instanceName string) error

DeleteInstance is a no-op.

func (*TLS) DeleteNetwork added in v6.8.0 

func (c *TLS) DeleteNetwork(ctx context.Context, projectName string, networkName string) error

DeleteNetwork is a no-op.

func (*TLS) DeleteNetworkACL added in v6.8.0 

func (c *TLS) DeleteNetworkACL(ctx context.Context, projectName string, networkACLName string) error

DeleteNetworkACL is a no-op.

func (*TLS) DeleteNetworkIntegration added in v6.8.0 

func (c *TLS) DeleteNetworkIntegration(ctx context.Context, networkIntegrationName string) error

DeleteNetworkIntegration is a no-op.

func (*TLS) DeleteNetworkZone added in v6.8.0 

func (c *TLS) DeleteNetworkZone(ctx context.Context, projectName string, networkZoneName string) error

DeleteNetworkZone is a no-op.

func (*TLS) DeleteProfile added in v6.8.0 

func (c *TLS) DeleteProfile(ctx context.Context, projectName string, profileName string) error

DeleteProfile is a no-op.

func (*TLS) DeleteProject added in v6.8.0 

func (c *TLS) DeleteProject(ctx context.Context, projectID int64, name string) error

DeleteProject is a no-op.

func (*TLS) DeleteStorageBucket added in v6.8.0 

func (c *TLS) DeleteStorageBucket(ctx context.Context, projectName string, storagePoolName string, storageBucketName string, storageBucketLocation string) error

DeleteStorageBucket is a no-op.

func (*TLS) DeleteStoragePool added in v6.8.0 

func (c *TLS) DeleteStoragePool(ctx context.Context, storagePoolName string) error

DeleteStoragePool is a no-op.

func (*TLS) DeleteStoragePoolVolume added in v6.8.0 

func (c *TLS) DeleteStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, storageVolumeName string, storageVolumeLocation string) error

DeleteStoragePoolVolume is a no-op.

func (*TLS) Driver added in v6.8.0 

func (c *TLS) Driver() string

func (*TLS) GetInstanceAccess added in v6.8.0 

func (t *TLS) GetInstanceAccess(ctx context.Context, projectName string, instanceName string) (*api.Access, error)

GetInstanceAccess returns the list of entities who have access to the instance.

func (*TLS) GetPermissionChecker added in v6.8.0 

func (t *TLS) GetPermissionChecker(ctx context.Context, r *http.Request, entitlement Entitlement, objectType ObjectType) (PermissionChecker, error)

GetPermissionChecker returns a function that can be used to check whether a user has the required entitlement on an authorization object.

func (*TLS) GetProjectAccess added in v6.8.0 

func (t *TLS) GetProjectAccess(ctx context.Context, projectName string) (*api.Access, error)

GetProjectAccess returns the list of entities who have access to the project.

func (*TLS) RenameImageAlias added in v6.8.0 

func (c *TLS) RenameImageAlias(ctx context.Context, projectName string, oldAliasName string, newAliasName string) error

RenameImageAlias is a no-op.

func (*TLS) RenameInstance added in v6.8.0 

func (c *TLS) RenameInstance(ctx context.Context, projectName string, oldInstanceName string, newInstanceName string) error

RenameInstance is a no-op.

func (*TLS) RenameNetwork added in v6.8.0 

func (c *TLS) RenameNetwork(ctx context.Context, projectName string, oldNetworkName string, newNetworkName string) error

RenameNetwork is a no-op.

func (*TLS) RenameNetworkACL added in v6.8.0 

func (c *TLS) RenameNetworkACL(ctx context.Context, projectName string, oldNetworkACLName string, newNetworkACLName string) error

RenameNetworkACL is a no-op.

func (*TLS) RenameNetworkIntegration added in v6.8.0 

func (c *TLS) RenameNetworkIntegration(ctx context.Context, oldNetworkIntegrationName string, newNetworkIntegrationName string) error

RenameNetworkIntegration is a no-op.

func (*TLS) RenameProfile added in v6.8.0 

func (c *TLS) RenameProfile(ctx context.Context, projectName string, oldProfileName string, newProfileName string) error

RenameProfile is a no-op.

func (*TLS) RenameProject added in v6.8.0 

func (c *TLS) RenameProject(ctx context.Context, projectID int64, oldName string, newName string) error

RenameProject is a no-op.

func (*TLS) RenameStoragePoolVolume added in v6.8.0 

func (c *TLS) RenameStoragePoolVolume(ctx context.Context, projectName string, storagePoolName string, storageVolumeType string, oldStorageVolumeName string, newStorageVolumeName string, storageVolumeLocation string) error

RenameStoragePoolVolume is a no-op.

func (*TLS) StopService added in v6.8.0 

func (c *TLS) StopService(ctx context.Context) error

StopService is a no-op.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.