Documentation
¶
Index ¶
Constants ¶
View Source
const AABroadcastRead = "bc/read"
details: name
View Source
const AABroadcastWrite = "bc/write"
View Source
const AAFsoAdminRegistry = "fso/admin-registry"
View Source
const AAFsoAdminRepo = "fso/admin-repo"
details: path
View Source
const AAFsoAdminRoot = "fso/admin-root"
View Source
const AAFsoArchiveRepo = "fso/archive-repo"
View Source
const AAFsoConfirmRepo = "fso/confirm-repo"
View Source
const AAFsoDeleteRoot = "fso/delete-root"
View Source
const AAFsoEnableDiscoveryPath = "fso/enable-discovery-path"
View Source
const AAFsoExecArchiveRepo = "fso/exec-archive-repo"
View Source
const AAFsoExecDu = "fso/exec-du"
View Source
const AAFsoExecFreezeRepo = "fso/exec-freeze-repo"
View Source
const AAFsoExecPingRegistry = "fso/exec-ping-registry"
View Source
const AAFsoExecRepoFreeze = "fso/exec-repo-freeze"
View Source
const AAFsoExecSplitRoot = "fso/exec-split-root"
View Source
const AAFsoExecUnarchiveRepo = "fso/exec-unarchive-repo"
View Source
const AAFsoExecUnfreezeRepo = "fso/exec-unfreeze-repo"
View Source
const AAFsoFind = "fso/find"
View Source
const AAFsoFreezeRepo = "fso/freeze-repo"
View Source
const AAFsoInitRegistry = "fso/init-registry"
View Source
const AAFsoInitRepo = "fso/init-repo"
View Source
const AAFsoInitRepoShadowBackup = "fso/init-repo-shadow-backup"
View Source
const AAFsoInitRepoTartt = "fso/init-repo-tartt"
View Source
const AAFsoInitRoot = "fso/init-root"
View Source
const AAFsoReadMain = "fso/read-main"
View Source
const AAFsoReadRegistry = "fso/read-registry"
View Source
const AAFsoReadRepo = "fso/read-repo"
View Source
const AAFsoReadRoot = "fso/read-root"
View Source
const AAFsoRefreshRepo = "fso/refresh-repo"
View Source
const AAFsoSession = "fso/session"
View Source
const AAFsoTestUdo = "fso/test-udo"
View Source
const AAFsoTestUdoAs = "fso/test-udo-as"
View Source
const AAFsoUnarchiveRepo = "fso/unarchive-repo"
View Source
const AAFsoUnfreezeRepo = "fso/unfreeze-repo"
View Source
const AAFsoWriteRepo = "fso/write-repo"
View Source
const AAInitUnixDomain = "uxd/init-unix-domain"
View Source
const AAReadUnixDomain = "uxd/read-unix-domain"
View Source
const AAWriteUnixDomain = "uxd/write-unix-domain"
Variables ¶
Functions ¶
This section is empty.
Types ¶
type InsecureLogAuthz ¶
type InsecureLogAuthz struct {
// contains filtered or unexported fields
}
`InsecureLogAuthz` logs authz requests, without actually checking permission.
func CreateInsecureLogAuthz ¶
func CreateInsecureLogAuthz(lg Logger) *InsecureLogAuthz
func (*InsecureLogAuthz) Authorize ¶
func (a *InsecureLogAuthz) Authorize( euid auth.Identity, action auth.Action, opts auth.ActionDetails, ) error
type InsecureLogScopeAuthz ¶
type InsecureLogScopeAuthz struct {
// contains filtered or unexported fields
}
`InsecureLogScopeAuthz` determines whether an action would be permitted by comparing the action with the `euid` scope. It only logs the decision without actually denying access.
func CreateInsecureLogScopeAuthz ¶
func CreateInsecureLogScopeAuthz(lg Logger) *InsecureLogScopeAuthz
func (*InsecureLogScopeAuthz) Authorize ¶
func (a *InsecureLogScopeAuthz) Authorize( euid auth.Identity, action auth.Action, opts auth.ActionDetails, ) error
type ScopeAuthz ¶
type ScopeAuthz struct {
// contains filtered or unexported fields
}
`ScopeAuthz` determines whether an action is permitted by comparing the action with the `euid` scope. It logs decisions with info level.
func CreateScopeAuthz ¶
func CreateScopeAuthz(lg Logger) *ScopeAuthz
func (*ScopeAuthz) Authorize ¶
func (a *ScopeAuthz) Authorize( euid auth.Identity, action auth.Action, opts auth.ActionDetails, ) error
func (*ScopeAuthz) AuthorizeAny ¶
func (authz *ScopeAuthz) AuthorizeAny( euid auth.Identity, actions ...auth.ScopedAction, ) error
Source Files
Click to show internal directories.
Click to hide internal directories.