accessctl

package
v0.2202.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 29, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package accessctl implements access control for an Oasis node.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Action

type Action string

Action is an access control action.

type Policy

type Policy map[Action]map[Subject]bool

Policy maps from Actions to a mapping from Subjects to booleans indicating whether the given subject is allowed to perform the given action or not.

The policy is not safe for concurrent use.

func NewPolicy

func NewPolicy() Policy

NewPolicy returns an empty policy.

func (Policy) Allow

func (p Policy) Allow(sub Subject, act Action)

Allow adds a policy rule that allows the given Subject to perform the given Action.

func (Policy) AllowAll added in v0.2100.0

func (p Policy) AllowAll(act Action)

AllowAll adds a policy rule that allows anyone to perform the given action. The effect is similar as defining the action to have no access control, but is better suited for configuration that depends on runtime parameters.

func (Policy) Deny

func (p Policy) Deny(sub Subject, act Action)

Deny removes a policy rule that allows the given Subject to perform the given Action.

func (Policy) IsAllowed

func (p Policy) IsAllowed(sub Subject, act Action) bool

IsAllowed returns a boolean indicating whether the given Subject is allowed to perform the given Action under the current Policy.

func (Policy) String

func (p Policy) String() string

String returns the string representation of the policy.

type Subject

type Subject string

Subject is an access control subject.

const AnySubject Subject = "*"

AnySubject is a wildcard subject. When set for an action in a policy, it matches any subject.

func SubjectFromPublicKey

func SubjectFromPublicKey(pubKey signature.PublicKey) Subject

SubjectFromPublicKey returns a Subject from the given public key.

func SubjectFromX509Certificate

func SubjectFromX509Certificate(cert *x509.Certificate) Subject

SubjectFromX509Certificate returns a Subject from the given X.509 certificate.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL