Documentation
¶
Index ¶
- func ReceiveBlob(res *model.StoredResource, accessToken string, receiverFn blobReceiverFn) (io.ReadCloser, error)
- func Register(vaultType string, ctor VaultConstructor)
- func SendBlob(r io.Reader, vaultID string, cleartext bool, senderFn blobSenderFn) (*model.StoredResource, error)
- type Config
- type LocalBlobManager
- func (lbm *LocalBlobManager) AddVault(v Vault, cfg *Config)
- func (lbm *LocalBlobManager) GetBlob(ctx context.Context, res *model.StoredResource, accessToken string) (io.ReadCloser, error)
- func (lbm *LocalBlobManager) GetVault(id string) (Vault, error)
- func (lbm *LocalBlobManager) GetVaultMap(ctx context.Context) (map[string]*model.VaultProperties, error)
- func (lbm *LocalBlobManager) PurgeBlob(ctx context.Context, res *model.StoredResource) error
- func (lbm *LocalBlobManager) SendBlob(ctx context.Context, data io.Reader, cleartext bool, vaultName string) (*model.StoredResource, error)
- type Params
- type Vault
- type VaultConstructor
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ReceiveBlob ¶
func ReceiveBlob(res *model.StoredResource, accessToken string, receiverFn blobReceiverFn) (io.ReadCloser, error)
ReceiveBlob returns a decrypted blob stream from the vault (either local or remote)
func Register ¶
func Register(vaultType string, ctor VaultConstructor)
Types ¶
type Config ¶
type Config struct {
// ID is the vault's globally unique ID.
ID string `json:"id"`
// ID is the vault's locally (within the MetaLocker node) unique name.
Name string `json:"name"`
// Type is the registered vault algorithm type.
Type string `json:"type"`
// SSE is true if the vault uses Server Side Encryption
SSE bool `json:"sse"`
// CAS is true if the vault generates content addressable resource IDs
CAS bool `json:"cas"`
// Params are vault parameters that are specific to its Type.
Params Params `json:"params"`
}
Config defines vault's configuration.
type LocalBlobManager ¶
type LocalBlobManager struct {
// contains filtered or unexported fields
}
func NewLocalBlobManager ¶
func NewLocalBlobManager() *LocalBlobManager
func (*LocalBlobManager) AddVault ¶
func (lbm *LocalBlobManager) AddVault(v Vault, cfg *Config)
func (*LocalBlobManager) GetBlob ¶
func (lbm *LocalBlobManager) GetBlob(ctx context.Context, res *model.StoredResource, accessToken string) (io.ReadCloser, error)
func (*LocalBlobManager) GetVaultMap ¶
func (lbm *LocalBlobManager) GetVaultMap(ctx context.Context) (map[string]*model.VaultProperties, error)
func (*LocalBlobManager) PurgeBlob ¶
func (lbm *LocalBlobManager) PurgeBlob(ctx context.Context, res *model.StoredResource) error
type Vault ¶
type Vault interface {
io.Closer
// ID returns the vault's globally unique ID.
ID() string
// Name returns the vault's locally (within the node) unique name.
Name() string
// SSE returns true if server side encryption is enabled in this vault
// If true, there may be no need to encrypt the blob before storing it in the vault.
SSE() bool
// CAS returns true if the vault produces content-addressable blob IDs. This means that
// if the same blob is uploaded twice, it will receive a storage configuration with
// the same ID and same parameters. This may not be desirable for private storage
// as records can be correlated by its data asset IDs. However, it is essential
// for off-chain operation storage to use content-addressable IDs.
CAS() bool
// CreateBlob stores a blob in the vault and returns a resource definition.
CreateBlob(ctx context.Context, blob io.Reader) (*model.StoredResource, error)
// ServeBlob returns a binary stream for the stored resource. Depending on the vault's
// SSE property, it may be in cleartext or encrypted. The vault will check if
// the caller can access the resource by checking the provided accessToken
// against the ledger and other sources.
ServeBlob(ctx context.Context, id string, params map[string]any, accessToken string) (io.ReadCloser, error)
// PurgeBlob permanently purges the given resource from the vault. If will only
// succeed in the resource is related to a revoked lease.
PurgeBlob(ctx context.Context, id string, params map[string]any) error
}
Vault is a data storage facility for all user's datasets that are stored in MetaLocker.
func CreateVault ¶
func CreateVault(cfg *Config, resolver cmdbase.ParameterResolver, verifier model.AccessVerifier) (Vault, error)
type VaultConstructor ¶
type VaultConstructor func(cfg *Config, resolver cmdbase.ParameterResolver, verifier model.AccessVerifier) (Vault, error)
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.