Documentation
¶
Index ¶
- Variables
- type Manager
- func (m *Manager) AddEntityToGroup(entityID, groupName string) error
- func (m *Manager) DeleteEntityByID(ID string) error
- func (m *Manager) DeleteGroup(name string) error
- func (m *Manager) DisableBootstrap()
- func (m *Manager) GetEntity(ID string) (*pb.Entity, error)
- func (m *Manager) GetGroupByName(name string) (*pb.Group, error)
- func (m *Manager) GetMemberships(e *pb.Entity, includeIndirects bool) []string
- func (m *Manager) ListGroups() ([]*pb.Group, error)
- func (m *Manager) ListMembers(groupID string) ([]*pb.Entity, error)
- func (m *Manager) MakeBootstrap(ID string, secret string)
- func (m *Manager) ManageUntypedEntityMeta(entityID, mode, key, value string) ([]string, error)
- func (m *Manager) ManageUntypedGroupMeta(name, mode, key, value string) ([]string, error)
- func (m *Manager) ModifyGroupExpansions(parent, child string, mode pb.ExpansionMode) error
- func (m *Manager) NewEntity(ID string, number int32, secret string) error
- func (m *Manager) NewGroup(name, displayName, managedBy string, number int32) error
- func (m *Manager) RemoveEntityCapabilityByID(ID string, c string) error
- func (m *Manager) RemoveEntityFromGroup(entityID, groupName string) error
- func (m *Manager) RemoveGroupCapabilityByName(name string, c string) error
- func (m *Manager) SetEntityCapabilityByID(ID string, c string) error
- func (m *Manager) SetEntitySecretByID(ID string, secret string) error
- func (m *Manager) SetGroupCapabilityByName(name string, c string) error
- func (m *Manager) UpdateEntityKeys(entityID, mode, keytype, key string) ([]string, error)
- func (m *Manager) UpdateEntityMeta(entityID string, newMeta *pb.EntityMeta) error
- func (m *Manager) UpdateGroupMeta(name string, update *pb.Group) error
- func (m *Manager) ValidateSecret(ID string, secret string) error
Constants ¶
This section is empty.
Variables ¶
var ( // ErrDuplicateEntityID is returned when the entity ID // requested is already in use. ErrDuplicateEntityID = errors.New("this ID is already allocated") // ErrDuplicateGroupName is returned when the group name // requested is already in use. ErrDuplicateGroupName = errors.New("this name is already allocated") // ErrDuplicateNumber is returned if the number requested is // already in use. ErrDuplicateNumber = errors.New("this number is already allocated") // ErrUnknownCapability is returned when an action is // requested that involves a capability not known to the // system. ErrUnknownCapability = errors.New("the capability specified is unknown") // ErrExistingExpansion is returned when an action would // create an expansion that already exists. ErrExistingExpansion = errors.New("this expansion already exists") )
Functions ¶
This section is empty.
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
The Manager binds all methods for managing a tree of entities with the associated groups, capabilities, and other assorted functions. This is the type that is served up by the RPC layer.
func (*Manager) AddEntityToGroup ¶
AddEntityToGroup is the same as the internal function, but takes an entity ID rather than a pointer
func (*Manager) DeleteEntityByID ¶
DeleteEntityByID deletes the named entity. This function will delete the entity in a non-atomic way, but will ensure that the entity cannot be authenticated with before returning. If the named ID does not exist the function will return errors.E_NO_ENTITY, in all other cases nil is returned.
func (*Manager) DeleteGroup ¶
DeleteGroup unsurprisingly deletes a group. There's no real logic here, it just passes the delete call through to the storage layer.
func (*Manager) DisableBootstrap ¶
func (m *Manager) DisableBootstrap()
DisableBootstrap disables the ability to bootstrap after the opportunity to do so has passed.
func (*Manager) GetEntity ¶
GetEntity returns an entity to the caller after first making a safe copy of it to remove secure fields.
func (*Manager) GetGroupByName ¶
GetGroupByName fetches a group by name and returns a pointer to the group and a nil error. If the group cannot be loaded the error will explain why. This is very thin since it just obtains a value from the storage layer.
func (*Manager) GetMemberships ¶
GetMemberships returns all groups the entity is a member of, optionally including indirect memberships
func (*Manager) ListGroups ¶
ListGroups literally returns a list of groups
func (*Manager) ListMembers ¶
ListMembers fulfills the same function as the private version of this function, but with one crucial difference, it produces copies of the entities that have the secret redacted.
func (*Manager) MakeBootstrap ¶
MakeBootstrap is a function that can be called during the startup of the srever to create an entity that has the appropriate authority to create more entities and otherwise manage the server. This can only be called once during startup, attepts to call it again will result in no change. The bootstrap user will always get the next available number which in most cases will be 1.
func (*Manager) ManageUntypedEntityMeta ¶ added in v0.0.10
ManageUntypedEntityMeta handles the things that may be annotated onto an entity. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.
func (*Manager) ManageUntypedGroupMeta ¶ added in v0.0.10
ManageUntypedGroupMeta handles the things that may be annotated onto a group. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.
func (*Manager) ModifyGroupExpansions ¶
func (m *Manager) ModifyGroupExpansions(parent, child string, mode pb.ExpansionMode) error
ModifyGroupExpansions handles changing the expansions on a group. This can include adding an INCLUDE or EXCLUDE type expansion, or using the special expansion type DROP, removing an existing one.
func (*Manager) NewEntity ¶
NewEntity creates a new entity given an ID, number, and secret. Its not necessary to set the secret upon creation and it can be set later. If not set on creation then the entity will not be usable. number must be a unique positive integer. Because these are generally allocated in sequence the special value '-1' may be specified which will select the next available number.
func (*Manager) NewGroup ¶
NewGroup adds a group to the datastore if it does not currently exist. If the group exists then it cannot be added and an error is returned.
func (*Manager) RemoveEntityCapabilityByID ¶
RemoveEntityCapabilityByID is a convenience function to get the entity and hand it off to the actual removeEntityCapability function
func (*Manager) RemoveEntityFromGroup ¶
RemoveEntityFromGroup performs the same function as the internal variant, but does so by name rather than by entity pointer.
func (*Manager) RemoveGroupCapabilityByName ¶
RemoveGroupCapabilityByName is a convenience function to get the group and hand it off to the actual removeGroupCapability function
func (*Manager) SetEntityCapabilityByID ¶
SetEntityCapabilityByID is a convenience function to get the entity and hand it off to the actual setEntityCapability function
func (*Manager) SetEntitySecretByID ¶
SetEntitySecretByID sets the secret on a given entity using the crypto interface.
func (*Manager) SetGroupCapabilityByName ¶
SetGroupCapabilityByName is a convenience function to get the group and hand it off to the actual setGroupCapability function
func (*Manager) UpdateEntityKeys ¶
UpdateEntityKeys is the exported version of updateEntityKeys
func (*Manager) UpdateEntityMeta ¶
func (m *Manager) UpdateEntityMeta(entityID string, newMeta *pb.EntityMeta) error
UpdateEntityMeta drives the internal version by obtaining the entity from the database based on the ID.
func (*Manager) UpdateGroupMeta ¶
UpdateGroupMeta updates metadata within the group. Certain information is not mutable and so that information is not merged in.
Source Files