group

package
v0.0.0-...-314c4ad Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 14, 2015 License: LGPL-3.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source
const AffinityGroupsUri = "affinity-group-service:"

AffinityGroupsUri defines a namespace for roles affecting the entire group database -- such as adding and removing groups.

Variables

View Source
var AdminRole *groupRole = &groupRole{"admin", adminCapabilities}

AdminRole is allowed to add, remove and check membership.

View Source
var CreatorRole *groupRole = &groupRole{"creator", creatorCapabilities}

CreatorRole is allowed to create groups

View Source
var GroupRoles RoleMap = NewRoleMap(ServiceRole, CreatorRole, OwnerRole, AdminRole, ObserverRole)
View Source
var ObserverRole *groupRole = &groupRole{"observer", observerCapabilities}

ObserverRole is allow to check membership of a group.

View Source
var OwnerRole *groupRole = &groupRole{"owner", ownerCapabilities}

OwnerRole is allowed all group-level operations on a group

View Source
var ServiceResource Resource = serviceResource{}
View Source
var ServiceRole *groupRole = &groupRole{"service", serviceCapabilities}

ServiceRole is allowed to manage the service

Functions

This section is empty.

Types

type AddGroupPerm

type AddGroupPerm struct{}

AddGroupPerm is permission on this service to add a group.

func (AddGroupPerm) Perm

func (p AddGroupPerm) Perm() string

type AddMemberPerm

type AddMemberPerm struct{}

AddMemberPerm is permission to add a member to a group.

func (AddMemberPerm) Perm

func (p AddMemberPerm) Perm() string

type CheckMemberPerm

type CheckMemberPerm struct{}

CheckMemberPerm is permission to check membership on a group.

func (CheckMemberPerm) Perm

func (p CheckMemberPerm) Perm() string

type GrantOnGroupPerm

type GrantOnGroupPerm struct{}

GrantOnGroupPerm is permission to grant permissions on a group.

func (GrantOnGroupPerm) Perm

func (p GrantOnGroupPerm) Perm() string

type GrantOnServicePerm

type GrantOnServicePerm struct{}

GrantOnServicePerm is permission to grant permissions on this service.

func (GrantOnServicePerm) Perm

func (p GrantOnServicePerm) Perm() string

type GroupService

type GroupService struct {
	*rbac.Admin
	AsUser User
}

GroupService provides group administration and queries with access controls.

func NewGroupService

func NewGroupService(store rbac.Store, asUser User) *GroupService

NewGroupService creates a new group service using the given storage, with access to operations as the given user.

func (*GroupService) AddGroup

func (s *GroupService) AddGroup(groupId string) error

AddGroup defines a new group. The current user is granted the Owner role over the group. The current user must be allowed to add groups on this service.

func (*GroupService) AddMember

func (s *GroupService) AddMember(groupId string, principal Principal) error

AddMember adds a new member to an existing group.

func (*GroupService) CheckMember

func (s *GroupService) CheckMember(groupId string, member Principal) (bool, error)

CheckMember tests if a principal is immediately or transitively a member of a group.

func (*GroupService) GrantOnGroup

func (s *GroupService) GrantOnGroup(principal Principal, role rbac.Role, groupId string) error

GrantOnGroup grants a principal (user or group) role permissions on a group. The current user must own the group.

func (*GroupService) GrantOnService

func (s *GroupService) GrantOnService(principal Principal, role rbac.Role) error

func (*GroupService) Group

func (s *GroupService) Group(groupId string) (Group, error)

func (*GroupService) RemoveGroup

func (s *GroupService) RemoveGroup(groupId string) error

RemoveGroup removes an existing group. The current user must own the group.

func (*GroupService) RemoveMember

func (s *GroupService) RemoveMember(groupId string, principal Principal) error

RemoveMember removes an existing member from a group.

func (*GroupService) RevokeOnGroup

func (s *GroupService) RevokeOnGroup(principal Principal, role rbac.Role, groupId string) error

RevokeOnGroup revokes a principal (user or group) role permissions from a group. The current user must own the group.

func (*GroupService) RevokeOnService

func (s *GroupService) RevokeOnService(principal Principal, role rbac.Role) error

type RemoveGroupPerm

type RemoveGroupPerm struct{}

RemoveGroupPerm is permission to remove a group.

func (RemoveGroupPerm) Perm

func (p RemoveGroupPerm) Perm() string

type RemoveMemberPerm

type RemoveMemberPerm struct{}

RemoveMemberPerm is permission to remove a member from a group.

func (RemoveMemberPerm) Perm

func (p RemoveMemberPerm) Perm() string

type RevokeOnGroupPerm

type RevokeOnGroupPerm struct{}

RevokeOnGroupPerm is permission to revoke permissions on a group.

func (RevokeOnGroupPerm) Perm

func (p RevokeOnGroupPerm) Perm() string

type RevokeOnServicePerm

type RevokeOnServicePerm struct{}

RevokeOnServicePerm is permission to revoke permissions on this service.

func (RevokeOnServicePerm) Perm

func (p RevokeOnServicePerm) Perm() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL