accessctl

package

v0.2202.6 Latest Latest Go to latest Published: Feb 7, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/oasisprotocol/oasis-core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package accessctl implements access control for an Oasis node.

Index ¶

type Action
type Policy
- func NewPolicy() Policy
type Subject
- func SubjectFromPublicKey(pubKey signature.PublicKey) Subject
- func SubjectFromX509Certificate(cert *x509.Certificate) Subject

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Policy ¶

type Policy map[Action]map[Subject]bool

Policy maps from Actions to a mapping from Subjects to booleans indicating whether the given subject is allowed to perform the given action or not.

The policy is not safe for concurrent use.

func (Policy) Allow ¶

func (p Policy) Allow(sub Subject, act Action)

Allow adds a policy rule that allows the given Subject to perform the given Action.

func (Policy) AllowAll ¶ added in v0.2100.0

func (p Policy) AllowAll(act Action)

AllowAll adds a policy rule that allows anyone to perform the given action. The effect is similar as defining the action to have no access control, but is better suited for configuration that depends on runtime parameters.

func (Policy) Deny ¶

func (p Policy) Deny(sub Subject, act Action)

Deny removes a policy rule that allows the given Subject to perform the given Action.

func (Policy) IsAllowed ¶

func (p Policy) IsAllowed(sub Subject, act Action) bool

IsAllowed returns a boolean indicating whether the given Subject is allowed to perform the given Action under the current Policy.

func (Policy) String ¶

func (p Policy) String() string

String returns the string representation of the policy.

type Subject ¶

type Subject string

Subject is an access control subject.

const AnySubject Subject = "*"

AnySubject is a wildcard subject. When set for an action in a policy, it matches any subject.

func SubjectFromPublicKey ¶

func SubjectFromPublicKey(pubKey signature.PublicKey) Subject

SubjectFromPublicKey returns a Subject from the given public key.

func SubjectFromX509Certificate ¶

func SubjectFromX509Certificate(cert *x509.Certificate) Subject

SubjectFromX509Certificate returns a Subject from the given X.509 certificate.

Source Files ¶

View all Source files

accessctl.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

accessctl

Documentation ¶

Overview ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Action ¶

type Policy ¶

func NewPolicy ¶

func (Policy) Allow ¶

func (Policy) AllowAll ¶ added in v0.2100.0

func (Policy) Deny ¶

func (Policy) IsAllowed ¶

func (Policy) String ¶

type Subject ¶

func SubjectFromPublicKey ¶

func SubjectFromX509Certificate ¶

Source Files ¶