acl

package

v0.0.0-...-7b2e207 Latest Latest Go to latest Published: Jan 26, 2018 License: AGPL-3.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ncodes/cocoon

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func IsValidPrivilege(p string) bool
type Interpreter
- func NewInterpreter(rules map[string]interface{}, defaultPolicy bool) *Interpreter
- func NewInterpreterFromACLMap(rules types.ACLMap, defaultPolicy bool) *Interpreter
- func (i *Interpreter) IsAllowed(ledgerName, actorID, operation string) bool
- func (i *Interpreter) Validate() []error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// PrivAllow allows all operations
	PrivAllow = "allow"
	// PrivAllowCreateLedger allows a ledger creation operation
	PrivAllowCreateLedger = "allow-create-ledger"
	// PrivAllowPut allows a put operation
	PrivAllowPut = "allow-put"
	// PrivAllowGet allows a get operation
	PrivAllowGet = "allow-get"
	// PrivDeny denies all operations
	PrivDeny = "deny"
	// PrivDenyCreateLedger denies a ledger creation operation
	PrivDenyCreateLedger = "deny-create-ledger"
	// PrivDenyPut denies a put operation
	PrivDenyPut = "deny-put"
	// PrivDenyGet denies a get operation
	PrivDenyGet = "deny-get"
)

View Source

var SystemACL = map[string]interface{}{
	"*":       fmt.Sprintf("%s %s", PrivDenyCreateLedger, PrivDenyPut),
	"private": PrivDeny,
}

SystemACL represents the system's access control list. Here we are only disabling the ability to create a ledger and to put a transaction on all of the system's ledgers.

Functions ¶

func IsValidPrivilege ¶

func IsValidPrivilege(p string) bool

IsValidPrivilege checks whether a privilege is valid

Types ¶

type Interpreter ¶

type Interpreter struct {
	// contains filtered or unexported fields
}

Interpreter represents an ACL rule interpreter.

func NewInterpreter ¶

func NewInterpreter(rules map[string]interface{}, defaultPolicy bool) *Interpreter

NewInterpreter creates a new ACLInterpreter object

func NewInterpreterFromACLMap ¶

func NewInterpreterFromACLMap(rules types.ACLMap, defaultPolicy bool) *Interpreter

NewInterpreterFromACLMap creates a new ACLInterpreter using an ACLMap

func (*Interpreter) IsAllowed ¶

func (i *Interpreter) IsAllowed(ledgerName, actorID, operation string) bool

IsAllowed checks whether an operation is permitted. The supported operations are all Tx operations in the types/transactions.go file. If actorID is set, the specific actor rule takes precedence over the wildcard rule (if set). If no rule is found for an operation and no wildcard ledger rule, the operation is considered allowed.

func (*Interpreter) Validate ¶

func (i *Interpreter) Validate() []error

Validate takes acl rules and checks whether it is value

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL