tree

package
v0.0.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 28, 2018 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrDuplicateEntityID is returned when the entity ID
	// requested is already in use.
	ErrDuplicateEntityID = errors.New("this ID is already allocated")

	// ErrDuplicateGroupName is returned when the group name
	// requested is already in use.
	ErrDuplicateGroupName = errors.New("this name is already allocated")

	// ErrDuplicateNumber is returned if the number requested is
	// already in use.
	ErrDuplicateNumber = errors.New("this number is already allocated")

	// ErrUnknownCapability is returned when an action is
	// requested that involves a capability not known to the
	// system.
	ErrUnknownCapability = errors.New("the capability specified is unknown")

	// ErrExistingExpansion is returned when an action would
	// create an expansion that already exists.
	ErrExistingExpansion = errors.New("this expansion already exists")
)

Functions

This section is empty.

Types

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

The Manager binds all methods for managing a tree of entities with the associated groups, capabilities, and other assorted functions. This is the type that is served up by the RPC layer.

func New

func New(db db.DB, crypto crypto.EMCrypto) *Manager

New returns an initialized tree.Manager on to which all other functions are bound.

func (*Manager) AddEntityToGroup

func (m *Manager) AddEntityToGroup(entityID, groupName string) error

AddEntityToGroup is the same as the internal function, but takes an entity ID rather than a pointer

func (*Manager) DeleteEntityByID

func (m *Manager) DeleteEntityByID(ID string) error

DeleteEntityByID deletes the named entity. This function will delete the entity in a non-atomic way, but will ensure that the entity cannot be authenticated with before returning. If the named ID does not exist the function will return errors.E_NO_ENTITY, in all other cases nil is returned.

func (*Manager) DeleteGroup

func (m *Manager) DeleteGroup(name string) error

DeleteGroup unsurprisingly deletes a group. There's no real logic here, it just passes the delete call through to the storage layer.

func (*Manager) DisableBootstrap

func (m *Manager) DisableBootstrap()

DisableBootstrap disables the ability to bootstrap after the opportunity to do so has passed.

func (*Manager) GetEntity

func (m *Manager) GetEntity(ID string) (*pb.Entity, error)

GetEntity returns an entity to the caller after first making a safe copy of it to remove secure fields.

func (*Manager) GetGroupByName

func (m *Manager) GetGroupByName(name string) (*pb.Group, error)

GetGroupByName fetches a group by name and returns a pointer to the group and a nil error. If the group cannot be loaded the error will explain why. This is very thin since it just obtains a value from the storage layer.

func (*Manager) GetMemberships

func (m *Manager) GetMemberships(e *pb.Entity, includeIndirects bool) []string

GetMemberships returns all groups the entity is a member of, optionally including indirect memberships

func (*Manager) ListGroups

func (m *Manager) ListGroups() ([]*pb.Group, error)

ListGroups literally returns a list of groups

func (*Manager) ListMembers

func (m *Manager) ListMembers(groupID string) ([]*pb.Entity, error)

ListMembers fulfills the same function as the private version of this function, but with one crucial difference, it produces copies of the entities that have the secret redacted.

func (*Manager) MakeBootstrap

func (m *Manager) MakeBootstrap(ID string, secret string)

MakeBootstrap is a function that can be called during the startup of the srever to create an entity that has the appropriate authority to create more entities and otherwise manage the server. This can only be called once during startup, attepts to call it again will result in no change. The bootstrap user will always get the next available number which in most cases will be 1.

func (*Manager) ManageUntypedEntityMeta added in v0.0.10

func (m *Manager) ManageUntypedEntityMeta(entityID, mode, key, value string) ([]string, error)

ManageUntypedEntityMeta handles the things that may be annotated onto an entity. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.

func (*Manager) ManageUntypedGroupMeta added in v0.0.10

func (m *Manager) ManageUntypedGroupMeta(name, mode, key, value string) ([]string, error)

ManageUntypedGroupMeta handles the things that may be annotated onto a group. These annotations should be used sparingly as they incur a non-trivial lookup cost on the server.

func (*Manager) ModifyGroupExpansions

func (m *Manager) ModifyGroupExpansions(parent, child string, mode pb.ExpansionMode) error

ModifyGroupExpansions handles changing the expansions on a group. This can include adding an INCLUDE or EXCLUDE type expansion, or using the special expansion type DROP, removing an existing one.

func (*Manager) NewEntity

func (m *Manager) NewEntity(ID string, number int32, secret string) error

NewEntity creates a new entity given an ID, number, and secret. Its not necessary to set the secret upon creation and it can be set later. If not set on creation then the entity will not be usable. number must be a unique positive integer. Because these are generally allocated in sequence the special value '-1' may be specified which will select the next available number.

func (*Manager) NewGroup

func (m *Manager) NewGroup(name, displayName, managedBy string, number int32) error

NewGroup adds a group to the datastore if it does not currently exist. If the group exists then it cannot be added and an error is returned.

func (*Manager) RemoveEntityCapabilityByID

func (m *Manager) RemoveEntityCapabilityByID(ID string, c string) error

RemoveEntityCapabilityByID is a convenience function to get the entity and hand it off to the actual removeEntityCapability function

func (*Manager) RemoveEntityFromGroup

func (m *Manager) RemoveEntityFromGroup(entityID, groupName string) error

RemoveEntityFromGroup performs the same function as the internal variant, but does so by name rather than by entity pointer.

func (*Manager) RemoveGroupCapabilityByName

func (m *Manager) RemoveGroupCapabilityByName(name string, c string) error

RemoveGroupCapabilityByName is a convenience function to get the group and hand it off to the actual removeGroupCapability function

func (*Manager) SetEntityCapabilityByID

func (m *Manager) SetEntityCapabilityByID(ID string, c string) error

SetEntityCapabilityByID is a convenience function to get the entity and hand it off to the actual setEntityCapability function

func (*Manager) SetEntitySecretByID

func (m *Manager) SetEntitySecretByID(ID string, secret string) error

SetEntitySecretByID sets the secret on a given entity using the crypto interface.

func (*Manager) SetGroupCapabilityByName

func (m *Manager) SetGroupCapabilityByName(name string, c string) error

SetGroupCapabilityByName is a convenience function to get the group and hand it off to the actual setGroupCapability function

func (*Manager) UpdateEntityKeys

func (m *Manager) UpdateEntityKeys(entityID, mode, keytype, key string) ([]string, error)

UpdateEntityKeys is the exported version of updateEntityKeys

func (*Manager) UpdateEntityMeta

func (m *Manager) UpdateEntityMeta(entityID string, newMeta *pb.EntityMeta) error

UpdateEntityMeta drives the internal version by obtaining the entity from the database based on the ID.

func (*Manager) UpdateGroupMeta

func (m *Manager) UpdateGroupMeta(name string, update *pb.Group) error

UpdateGroupMeta updates metadata within the group. Certain information is not mutable and so that information is not merged in.

func (*Manager) ValidateSecret

func (m *Manager) ValidateSecret(ID string, secret string) error

ValidateSecret validates the identity of an entity by validating the authenticating entity with the secret.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL