defaultauth

package
v1.13.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 24, 2022 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 3 more Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// TokenPattern token 的格式 随机字符串::[uid/xxx | groupid/xxx]
	TokenPattern string = "%s::%s"
	// TokenSplit token 的分隔符
	TokenSplit string = "::"
)
View Source 
const (
	// PluginName default auth name
	PluginName = "defaultAuth"
)

Variables

View Source 
var (
	// ErrorNotAllowedAccess 鉴权失败
	ErrorNotAllowedAccess error = errors.New(api.Code2Info(api.NotAllowedAccess))

	// ErrorInvalidParameter 不合法的参数
	ErrorInvalidParameter error = errors.New(api.Code2Info(api.InvalidParameter))
)
View Source 
var (
	// MustOwner 必须超级账户 or 主账户
	MustOwner = true
	// NotOwner 任意账户
	NotOwner = false
	// WriteOp 写操作
	WriteOp = true
	// ReadOp 读操作
	ReadOp = false
)
View Source 
var AuthOption = DefaultAuthConfig()

AuthOption 鉴权的配置信息

View Source 
var (
	// StrategyFilterAttributes strategy filter attributes
	StrategyFilterAttributes = map[string]bool{
		"id":             true,
		"name":           true,
		"owner":          true,
		"offset":         true,
		"limit":          true,
		"principal_id":   true,
		"principal_type": true,
		"res_id":         true,
		"res_type":       true,
		"default":        true,
		"show_detail":    true,
	}
)
View Source 
var (

	// UserFilterAttributes 查询用户所能允许的参数查询列表
	UserFilterAttributes = map[string]bool{
		"id":         true,
		"name":       true,
		"owner":      true,
		"source":     true,
		"offset":     true,
		"group_id":   true,
		"limit":      true,
		"hide_admin": true,
	}
)
View Source 
var (
	// UserLinkGroupAttributes is the user link group attributes
	UserLinkGroupAttributes = map[string]bool{
		"id":        true,
		"user_id":   true,
		"user_name": true,
		"group_id":  true,
		"name":      true,
		"offset":    true,
		"limit":     true,
	}
)

Functions

func IsEmptyOperator 

func IsEmptyOperator(t OperatorInfo) bool

IsEmptyOperator token 是否是一个空类型

func IsSubAccount 

func IsSubAccount(t OperatorInfo) bool

IsSubAccount 当前 token 对应的账户类型

func StoreCode2APICode 

func StoreCode2APICode(err error) uint32

StoreCode2APICode store code to api code

Types

type AuthConfig 

type AuthConfig struct {
	// ConsoleOpen 控制台是否开启鉴权
	ConsoleOpen bool `json:"consoleOpen" xml:"consoleOpen"`
	// ClientOpen 是否开启客户端接口鉴权
	ClientOpen bool `json:"clientOpen" xml:"clientOpen"`
	// Salt 相关密码、token加密的salt
	Salt string `json:"salt" xml:"salt"`
	// Strict 是否启用鉴权的严格模式,即对于没有任何鉴权策略的资源,也必须带上正确的token才能操作, 默认关闭
	Strict bool `json:"strict"`
}

AuthConfig 鉴权配置

func DefaultAuthConfig 

func DefaultAuthConfig() *AuthConfig

DefaultAuthConfig 返回一个默认的鉴权配置

func (*AuthConfig) Verify 

func (cfg *AuthConfig) Verify() error

Verify 检查配置是否合法

type OperatorInfo 

type OperatorInfo struct {

	// Origin 原始 token 字符串
	Origin string

	// OperatorID 当前 token 绑定的 用户/用户组 ID
	OperatorID string

	// OwnerID 当前用户/用户组对应的 owner
	OwnerID string

	// Role 如果当前是 user token 的话,该值才能有信息
	Role model.UserRoleType

	// IsUserToken 当前 token 是否是 user 的 token
	IsUserToken bool

	// Disable 标识用户 token 是否被禁用
	Disable bool

	// 是否属于匿名操作者
	Anonymous bool
}

OperatorInfo 根据 token 解析出来的具体额外信息

func (*OperatorInfo) String 

func (t *OperatorInfo) String() string

type StrategyDetail2Api 

type StrategyDetail2Api func(user *model.StrategyDetail) *api.AuthStrategy

StrategyDetail2Api strategy detail to *api.AuthStrategy func

type User2Api 

type User2Api func(user *model.User) *api.User

User2Api convert user to api.User

type UserGroup2Api 

type UserGroup2Api func(user *model.UserGroup) *api.UserGroup

UserGroup2Api is the user group to api

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.