condition

package
v1.0.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 14, 2021 License: AGPL-3.0 Imports: 13 Imported by: 13

Documentation

Index

Constants

This section is empty.

Variables

AllSupportedAdminKeys - is list of all admin supported keys.

AllSupportedKeys - is list of all all supported keys.

CommonKeys - is list of all common condition keys.

JWTKeys - Supported JWT keys, non-exhaustive list please expand as new claims are standardized.

Functions

This section is empty.

Types

type Function

type Function interface {

	// String() - returns string representation of function.
	String() string
	// contains filtered or unexported methods
}

Function - condition function interface.

func NewBinaryEqualsFunc

func NewBinaryEqualsFunc(key Key, values ...string) (Function, error)

NewBinaryEqualsFunc - returns new BinaryEquals function.

func NewBoolFunc

func NewBoolFunc(key Key, value string) (Function, error)

NewBoolFunc - returns new Bool function.

func NewDateEqualsFunc

func NewDateEqualsFunc(key Key, value time.Time) (Function, error)

NewDateEqualsFunc - returns new DateEquals function.

func NewDateGreaterThanEqualsFunc

func NewDateGreaterThanEqualsFunc(key Key, value time.Time) (Function, error)

NewDateGreaterThanEqualsFunc - returns new DateNotEquals function.

func NewDateGreaterThanFunc

func NewDateGreaterThanFunc(key Key, value time.Time) (Function, error)

NewDateGreaterThanFunc - returns new DateGreaterThan function.

func NewDateLessThanEqualsFunc

func NewDateLessThanEqualsFunc(key Key, value time.Time) (Function, error)

NewDateLessThanEqualsFunc - returns new DateNotEquals function.

func NewDateLessThanFunc

func NewDateLessThanFunc(key Key, value time.Time) (Function, error)

NewDateLessThanFunc - returns new DateLessThan function.

func NewDateNotEqualsFunc

func NewDateNotEqualsFunc(key Key, value time.Time) (Function, error)

NewDateNotEqualsFunc - returns new DateNotEquals function.

func NewIPAddressFunc

func NewIPAddressFunc(key Key, IPNets ...*net.IPNet) (Function, error)

NewIPAddressFunc - returns new IP address function.

func NewNotIPAddressFunc

func NewNotIPAddressFunc(key Key, IPNets ...*net.IPNet) (Function, error)

NewNotIPAddressFunc - returns new Not IP address function.

func NewNullFunc

func NewNullFunc(key Key, value bool) (Function, error)

NewNullFunc - returns new Null function.

func NewNumericEqualsFunc

func NewNumericEqualsFunc(key Key, value int) (Function, error)

NewNumericEqualsFunc - returns new NumericEquals function.

func NewNumericGreaterThanEqualsFunc

func NewNumericGreaterThanEqualsFunc(key Key, value int) (Function, error)

NewNumericGreaterThanEqualsFunc - returns new NumericGreaterThanEquals function.

func NewNumericGreaterThanFunc

func NewNumericGreaterThanFunc(key Key, value int) (Function, error)

NewNumericGreaterThanFunc - returns new NumericGreaterThan function.

func NewNumericLessThanEqualsFunc

func NewNumericLessThanEqualsFunc(key Key, value int) (Function, error)

NewNumericLessThanEqualsFunc - returns new NumericLessThanEquals function.

func NewNumericLessThanFunc

func NewNumericLessThanFunc(key Key, value int) (Function, error)

NewNumericLessThanFunc - returns new NumericLessThan function.

func NewNumericNotEqualsFunc

func NewNumericNotEqualsFunc(key Key, value int) (Function, error)

NewNumericNotEqualsFunc - returns new NumericNotEquals function.

func NewStringEqualsFunc

func NewStringEqualsFunc(key Key, values ...string) (Function, error)

NewStringEqualsFunc - returns new StringEquals function.

func NewStringEqualsIgnoreCaseFunc

func NewStringEqualsIgnoreCaseFunc(key Key, values ...string) (Function, error)

NewStringEqualsIgnoreCaseFunc - returns new StringEqualsIgnoreCase function.

func NewStringLikeFunc

func NewStringLikeFunc(key Key, values ...string) (Function, error)

NewStringLikeFunc - returns new StringLike function.

func NewStringNotEqualsFunc

func NewStringNotEqualsFunc(key Key, values ...string) (Function, error)

NewStringNotEqualsFunc - returns new StringNotEquals function.

func NewStringNotEqualsIgnoreCaseFunc

func NewStringNotEqualsIgnoreCaseFunc(key Key, values ...string) (Function, error)

NewStringNotEqualsIgnoreCaseFunc - returns new StringNotEqualsIgnoreCase function.

func NewStringNotLikeFunc

func NewStringNotLikeFunc(key Key, values ...string) (Function, error)

NewStringNotLikeFunc - returns new StringNotLike function.

type Functions

type Functions []Function

Functions - list of functions.

func NewFunctions

func NewFunctions(functions ...Function) Functions

NewFunctions - returns new Functions with given function list.

func (Functions) Clone

func (functions Functions) Clone() Functions

Clone clones Functions structure

func (Functions) Equals

func (functions Functions) Equals(funcs Functions) bool

Equals returns true if two Functions structures are equal

func (Functions) Evaluate

func (functions Functions) Evaluate(values map[string][]string) bool

Evaluate - evaluates all functions with given values map. Each function is evaluated sequencely and next function is called only if current function succeeds.

func (*Functions) GobDecode

func (functions *Functions) GobDecode(data []byte) error

GobDecode - decodes gob data to Functions.

func (Functions) GobEncode

func (functions Functions) GobEncode() ([]byte, error)

GobEncode - encodes Functions to gob data.

func (Functions) Keys

func (functions Functions) Keys() KeySet

Keys - returns list of keys used in all functions.

func (Functions) MarshalJSON

func (functions Functions) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Functions to JSON data.

func (Functions) String

func (functions Functions) String() string

func (*Functions) UnmarshalJSON

func (functions *Functions) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data to Functions.

type Key

type Key string

Key - conditional key which is used to fetch values for any condition. Refer https://docs.aws.amazon.com/IAM/latest/UserGuide/list_s3.html for more information about available condition keys.

const (
	// JWTSub - JWT subject claim substitution.
	JWTSub Key = "jwt:sub"

	// JWTIss issuer claim substitution.
	JWTIss Key = "jwt:iss"

	// JWTAud audience claim substitution.
	JWTAud Key = "jwt:aud"

	// JWTJti JWT unique identifier claim substitution.
	JWTJti Key = "jwt:jti"

	JWTUpn          Key = "jwt:upn"
	JWTName         Key = "jwt:name"
	JWTGroups       Key = "jwt:groups"
	JWTGivenName    Key = "jwt:given_name"
	JWTFamilyName   Key = "jwt:family_name"
	JWTMiddleName   Key = "jwt:middle_name"
	JWTNickName     Key = "jwt:nickname"
	JWTPrefUsername Key = "jwt:preferred_username"
	JWTProfile      Key = "jwt:profile"
	JWTPicture      Key = "jwt:picture"
	JWTWebsite      Key = "jwt:website"
	JWTEmail        Key = "jwt:email"
	JWTGender       Key = "jwt:gender"
	JWTBirthdate    Key = "jwt:birthdate"
	JWTPhoneNumber  Key = "jwt:phone_number"
	JWTAddress      Key = "jwt:address"
	JWTScope        Key = "jwt:scope"
	JWTClientID     Key = "jwt:client_id"
)

JWT claims supported substitutions. https://www.iana.org/assignments/jwt/jwt.xhtml#claims

const (
	// S3XAmzCopySource - key representing x-amz-copy-source HTTP header applicable to PutObject API only.
	S3XAmzCopySource Key = "s3:x-amz-copy-source"

	// S3XAmzServerSideEncryption - key representing x-amz-server-side-encryption HTTP header applicable
	// to PutObject API only.
	S3XAmzServerSideEncryption Key = "s3:x-amz-server-side-encryption"

	// S3XAmzServerSideEncryptionCustomerAlgorithm - key representing
	// x-amz-server-side-encryption-customer-algorithm HTTP header applicable to PutObject API only.
	S3XAmzServerSideEncryptionCustomerAlgorithm Key = "s3:x-amz-server-side-encryption-customer-algorithm"

	// S3XAmzMetadataDirective - key representing x-amz-metadata-directive HTTP header applicable to
	// PutObject API only.
	S3XAmzMetadataDirective Key = "s3:x-amz-metadata-directive"

	// S3XAmzContentSha256 - set a static content-sha256 for all calls for a given action.
	S3XAmzContentSha256 = "s3:x-amz-content-sha256"

	// S3XAmzStorageClass - key representing x-amz-storage-class HTTP header applicable to PutObject API
	// only.
	S3XAmzStorageClass Key = "s3:x-amz-storage-class"

	// S3LocationConstraint - key representing LocationConstraint XML tag of CreateBucket API only.
	S3LocationConstraint Key = "s3:LocationConstraint"

	// S3Prefix - key representing prefix query parameter of ListBucket API only.
	S3Prefix Key = "s3:prefix"

	// S3Delimiter - key representing delimiter query parameter of ListBucket API only.
	S3Delimiter Key = "s3:delimiter"

	// S3VersionID - Enables you to limit the permission for the
	// s3:PutObjectVersionTagging action to a specific object version.
	S3VersionID Key = "s3:versionid"

	// S3MaxKeys - key representing max-keys query parameter of ListBucket API only.
	S3MaxKeys Key = "s3:max-keys"

	// S3ObjectLockRemainingRetentionDays - key representing object-lock-remaining-retention-days
	// Enables enforcement of an object relative to the remaining retention days, you can set
	// minimum and maximum allowable retention periods for a bucket using a bucket policy.
	// This key are specific for s3:PutObjectRetention API.
	S3ObjectLockRemainingRetentionDays Key = "s3:object-lock-remaining-retention-days"

	// S3ObjectLockMode - key representing object-lock-mode
	// Enables enforcement of the specified object retention mode
	S3ObjectLockMode Key = "s3:object-lock-mode"

	// S3ObjectLockRetainUntilDate - key representing object-lock-retain-util-date
	// Enables enforcement of a specific retain-until-date
	S3ObjectLockRetainUntilDate Key = "s3:object-lock-retain-until-date"

	// S3ObjectLockLegalHold - key representing object-local-legal-hold
	// Enables enforcement of the specified object legal hold status
	S3ObjectLockLegalHold Key = "s3:object-lock-legal-hold"

	// AWSReferer - key representing Referer header of any API.
	AWSReferer Key = "aws:Referer"

	// AWSSourceIP - key representing client's IP address (not intermittent proxies) of any API.
	AWSSourceIP Key = "aws:SourceIp"

	// AWSUserAgent - key representing UserAgent header for any API.
	AWSUserAgent Key = "aws:UserAgent"

	// AWSSecureTransport - key representing if the clients request is authenticated or not.
	AWSSecureTransport Key = "aws:SecureTransport"

	// AWSCurrentTime - key representing the current time.
	AWSCurrentTime Key = "aws:CurrentTime"

	// AWSEpochTime - key representing the current epoch time.
	AWSEpochTime Key = "aws:EpochTime"

	// AWSPrincipalType - user principal type currently supported values are "User" and "Anonymous".
	AWSPrincipalType Key = "aws:principaltype"

	// AWSUserID - user unique ID, in MinIO this value is same as your user Access Key.
	AWSUserID Key = "aws:userid"

	// AWSUsername - user friendly name, in MinIO this value is same as your user Access Key.
	AWSUsername Key = "aws:username"

	// S3SignatureVersion - identifies the version of AWS Signature that you want to support for authenticated requests.
	S3SignatureVersion = "s3:signatureversion"

	// S3AuthType - optionally use this condition key to restrict incoming requests to use a specific authentication method.
	S3AuthType = "s3:authType"
)
const (
	// LDAPUser - LDAP user DN, in MinIO this value is equal to user DN of the authenticated user.
	LDAPUser Key = "ldap:user"

	// LDAPUsername - LDAP username, in MinIO is the authenticated simply user.
	LDAPUsername Key = "ldap:username"
)

func (Key) IsValid

func (key Key) IsValid() bool

IsValid - checks if key is valid or not.

func (Key) MarshalJSON

func (key Key) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Key to JSON data.

func (Key) Name

func (key Key) Name() string

Name - returns key name which is stripped value of prefixes "aws:" and "s3:"

func (*Key) UnmarshalJSON

func (key *Key) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data to Key.

func (Key) VarName

func (key Key) VarName() string

VarName - returns variable key name, such as "${aws:username}"

type KeySet

type KeySet map[Key]struct{}

KeySet - set representation of slice of keys.

func NewKeySet

func NewKeySet(keys ...Key) KeySet

NewKeySet - returns new KeySet contains given keys.

func (KeySet) Add

func (set KeySet) Add(key Key)

Add - add a key to key set.

func (KeySet) Difference

func (set KeySet) Difference(sset KeySet) KeySet

Difference - returns a key set contains difference of two keys. Example:

keySet1 := ["one", "two", "three"]
keySet2 := ["two", "four", "three"]
keySet1.Difference(keySet2) == ["one"]

func (KeySet) IsEmpty

func (set KeySet) IsEmpty() bool

IsEmpty - returns whether key set is empty or not.

func (KeySet) Merge

func (set KeySet) Merge(mset KeySet)

Merge merges two key sets, duplicates are overwritten

func (KeySet) String

func (set KeySet) String() string

func (KeySet) ToSlice

func (set KeySet) ToSlice() []Key

ToSlice - returns slice of keys.

type Value

type Value struct {
	// contains filtered or unexported fields
}

Value - is enum type of string, int or bool.

func NewBoolValue

func NewBoolValue(b bool) Value

NewBoolValue - returns new bool value.

func NewIntValue

func NewIntValue(i int) Value

NewIntValue - returns new int value.

func NewStringValue

func NewStringValue(s string) Value

NewStringValue - returns new string value.

func (Value) GetBool

func (v Value) GetBool() (bool, error)

GetBool - gets stored bool value.

func (Value) GetInt

func (v Value) GetInt() (int, error)

GetInt - gets stored int value.

func (Value) GetString

func (v Value) GetString() (string, error)

GetString - gets stored string value.

func (Value) GetType

func (v Value) GetType() reflect.Kind

GetType - gets enum type.

func (Value) MarshalJSON

func (v Value) MarshalJSON() ([]byte, error)

MarshalJSON - encodes Value to JSON data.

func (*Value) StoreBool

func (v *Value) StoreBool(b bool)

StoreBool - stores bool value.

func (*Value) StoreInt

func (v *Value) StoreInt(i int)

StoreInt - stores int value.

func (*Value) StoreString

func (v *Value) StoreString(s string)

StoreString - stores string value.

func (Value) String

func (v Value) String() string

String - returns string representation of value.

func (*Value) UnmarshalJSON

func (v *Value) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

type ValueSet

type ValueSet map[Value]struct{}

ValueSet - unique list of values.

func NewValueSet

func NewValueSet(values ...Value) ValueSet

NewValueSet - returns new value set containing given values.

func (ValueSet) Add

func (set ValueSet) Add(value Value)

Add - adds given value to value set.

func (ValueSet) Clone

func (set ValueSet) Clone() ValueSet

Clone clones ValueSet structure

func (ValueSet) MarshalJSON

func (set ValueSet) MarshalJSON() ([]byte, error)

MarshalJSON - encodes ValueSet to JSON data.

func (ValueSet) ToSlice

func (set ValueSet) ToSlice() []Value

ToSlice converts ValueSet to a slice of Value

func (*ValueSet) UnmarshalJSON

func (set *ValueSet) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL