permission

package

v0.0.0-...-8ff1004 Latest Latest Go to latest Published: Feb 15, 2019 License: AGPL-3.0 Imports: 3 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/niedbalski/juju

Documentation ¶

Index ¶

func IsEmptyUserAccess(a UserAccess) bool
func ValidateCloudAccess(access Access) error
func ValidateControllerAccess(access Access) error
func ValidateModelAccess(access Access) error
func ValidateOfferAccess(access Access) error
type Access
type UserAccess

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IsEmptyUserAccess ¶

func IsEmptyUserAccess(a UserAccess) bool

IsEmptyUserAccess returns true if the passed UserAccess instance is empty.

func ValidateCloudAccess ¶

func ValidateCloudAccess(access Access) error

ValidateCloudAccess returns error if the passed access is not a valid cloud access level.

func ValidateControllerAccess ¶

func ValidateControllerAccess(access Access) error

ValidateControllerAccess returns error if the passed access is not a valid controller access level.

func ValidateModelAccess ¶

func ValidateModelAccess(access Access) error

ValidateModelAccess returns error if the passed access is not a valid model access level.

func ValidateOfferAccess ¶

func ValidateOfferAccess(access Access) error

ValidateOfferAccess returns error if the passed access is not a valid offer access level.

Types ¶

type Access ¶

type Access string

Access represents a level of access.

const (
	// NoAccess allows a user no permissions at all.
	NoAccess Access = ""

	// ReadAccess allows a user to read information about a permission subject,
	// without being able to make any changes.
	ReadAccess Access = "read"

	// WriteAccess allows a user to make changes to a permission subject.
	WriteAccess Access = "write"

	// ConsumeAccess allows a user to consume a permission subject.
	ConsumeAccess Access = "consume"

	// AdminAccess allows a user full control over the subject.
	AdminAccess Access = "admin"

	// LoginAccess allows a user to log-ing into the subject.
	LoginAccess Access = "login"

	// AddModelAccess allows user to add new models in subjects supporting it.
	AddModelAccess Access = "add-model"

	// SuperuserAccess allows user unrestricted permissions in the subject.
	SuperuserAccess Access = "superuser"
)

func (Access) EqualOrGreaterCloudAccessThan ¶

func (a Access) EqualOrGreaterCloudAccessThan(access Access) bool

EqualOrGreaterCloudAccessThan returns true if the current access is equal or greater than the passed in access level.

func (Access) EqualOrGreaterControllerAccessThan ¶

func (a Access) EqualOrGreaterControllerAccessThan(access Access) bool

EqualOrGreaterControllerAccessThan returns true if the current access is equal or greater than the passed in access level.

func (Access) EqualOrGreaterModelAccessThan ¶

func (a Access) EqualOrGreaterModelAccessThan(access Access) bool

EqualOrGreaterModelAccessThan returns true if the current access is equal or greater than the passed in access level.

func (Access) EqualOrGreaterOfferAccessThan ¶

func (a Access) EqualOrGreaterOfferAccessThan(access Access) bool

EqualOrGreaterOfferAccessThan returns true if the current access is equal or greater than the passed in access level.

func (Access) GreaterControllerAccessThan ¶

func (a Access) GreaterControllerAccessThan(access Access) bool

GreaterControllerAccessThan returns true if the current access is greater than the passed in access level.

func (Access) GreaterModelAccessThan ¶

func (a Access) GreaterModelAccessThan(access Access) bool

GreaterModelAccessThan returns true if the current access is greater than the passed in access level.

func (Access) GreaterOfferAccessThan ¶

func (a Access) GreaterOfferAccessThan(access Access) bool

GreaterOfferAccessThan returns true if the current access is greater than the passed in access level.

func (Access) Validate ¶

func (a Access) Validate() error

Validate returns error if the current is not a valid access level.

type UserAccess ¶

type UserAccess struct {
	// UserID is the stored ID of the user.
	UserID string
	// UserTag is the tag for the user.
	UserTag names.UserTag
	// Object is the tag for the object of this access grant.
	Object names.Tag
	// Access represents the level of access subject has over object.
	Access Access
	// CreatedBy is the tag of the user that granted the access.
	CreatedBy names.UserTag
	// DateCreated is the date the user was created in UTC.
	DateCreated time.Time
	// DisplayName is the name we are showing for this user.
	DisplayName string
	// UserName is the actual username for this access.
	UserName string
}

UserAccess represents a user access to a target whereas the user could represent a remote user or a user across multiple models the user access always represents a single user for a single target. There should be no more than one UserAccess per target/user pair. Many of these fields are storage artifacts but generate them from other fields implies out of band knowledge of other packages.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL