Documentation ¶
Index ¶
- func FromContext(ctx context.Context) (*permissions.AccessList, bool)
- func HasAdminKey(ctx context.Context) bool
- func HasPresetACL(ctx context.Context) bool
- func MustFromContext(ctx context.Context) *permissions.AccessList
- func ToContext(ctx context.Context, acl *permissions.AccessList) context.Context
- func WithAccessList() nodes.Option
- func WithAdminKey(ctx context.Context) context.Context
- func WithContentLockFilter() nodes.Option
- func WithFilter() nodes.Option
- func WithLock() nodes.Option
- func WithPresetACL(ctx context.Context, acl *permissions.AccessList) context.Context
- func WithQuota() nodes.Option
- type AccessListHandler
- type ContentLockFilter
- func (a *ContentLockFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
- func (a *ContentLockFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, ...) (models.ObjectInfo, error)
- func (a *ContentLockFilter) MultipartCreate(ctx context.Context, target *tree.Node, ...) (string, error)
- func (a *ContentLockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, ...) (models.ObjectInfo, error)
- func (a *ContentLockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, ...) error
- type FilterHandler
- func (a *FilterHandler) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
- func (a *FilterHandler) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, ...) (models.ObjectInfo, error)
- func (a *FilterHandler) CreateNode(ctx context.Context, in *tree.CreateNodeRequest, opts ...grpc.CallOption) (*tree.CreateNodeResponse, error)
- func (a *FilterHandler) DeleteNode(ctx context.Context, in *tree.DeleteNodeRequest, opts ...grpc.CallOption) (*tree.DeleteNodeResponse, error)
- func (a *FilterHandler) GetObject(ctx context.Context, node *tree.Node, requestData *models.GetRequestData) (io.ReadCloser, error)
- func (a *FilterHandler) ListNodes(ctx context.Context, in *tree.ListNodesRequest, opts ...grpc.CallOption) (streamer tree.NodeProvider_ListNodesClient, e error)
- func (a *FilterHandler) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)
- func (a *FilterHandler) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, ...) (models.ObjectInfo, error)
- func (a *FilterHandler) ReadNode(ctx context.Context, in *tree.ReadNodeRequest, opts ...grpc.CallOption) (*tree.ReadNodeResponse, error)
- func (a *FilterHandler) UpdateNode(ctx context.Context, in *tree.UpdateNodeRequest, opts ...grpc.CallOption) (*tree.UpdateNodeResponse, error)
- func (a *FilterHandler) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, ...) error
- type LockFilter
- func (a *LockFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
- func (a *LockFilter) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)
- func (a *LockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, ...) (models.ObjectInfo, error)
- func (a *LockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, ...) error
- type QuotaFilter
- func (a *QuotaFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
- func (a *QuotaFilter) ComputeQuota(ctx context.Context, workspace *idm.Workspace) (quota int64, usage int64, err error)
- func (a *QuotaFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, ...) (models.ObjectInfo, error)
- func (a *QuotaFilter) FindParentWorkspaces(ctx context.Context, workspace *idm.Workspace) (parentWorkspaces []*idm.Workspace, parentContext context.Context, err error)
- func (a *QuotaFilter) MultipartPutObjectPart(ctx context.Context, target *tree.Node, uploadID string, partNumberMarker int, ...) (models.MultipartObjectPart, error)
- func (a *QuotaFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, ...) (models.ObjectInfo, error)
- func (a *QuotaFilter) QuotaForWorkspace(ctx context.Context, workspace *idm.Workspace, orderedRoles []string) (maxQuota int64, currentUsage int64, err error)
- func (a *QuotaFilter) ReadNode(ctx context.Context, in *tree.ReadNodeRequest, opts ...grpc.CallOption) (*tree.ReadNodeResponse, error)
- func (a *QuotaFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FromContext ¶
func FromContext(ctx context.Context) (*permissions.AccessList, bool)
func HasAdminKey ¶
func HasPresetACL ¶
func MustFromContext ¶
func MustFromContext(ctx context.Context) *permissions.AccessList
func ToContext ¶
func ToContext(ctx context.Context, acl *permissions.AccessList) context.Context
func WithAccessList ¶
func WithContentLockFilter ¶
func WithFilter ¶
func WithPresetACL ¶
func WithPresetACL(ctx context.Context, acl *permissions.AccessList) context.Context
Types ¶
type AccessListHandler ¶
AccessListHandler appends permissions.AccessList to the context.
func NewAccessListHandler ¶
func NewAccessListHandler(adminView bool) *AccessListHandler
NewAccessListHandler creates a new AccessListHandler
func (*AccessListHandler) Adapt ¶
func (a *AccessListHandler) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
type ContentLockFilter ¶
ContentLockFilter checks for user-defined content locks in the context AccessList.
func (*ContentLockFilter) Adapt ¶
func (a *ContentLockFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
func (*ContentLockFilter) CopyObject ¶
func (a *ContentLockFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)
CopyObject should check: quota on CopyObject operation? Can we copy an object on top of an existing node?
func (*ContentLockFilter) MultipartCreate ¶
func (a *ContentLockFilter) MultipartCreate(ctx context.Context, target *tree.Node, requestData *models.MultipartRequestData) (string, error)
func (*ContentLockFilter) PutObject ¶
func (a *ContentLockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)
PutObject check locks before allowing Put operation.
func (*ContentLockFilter) WrappedCanApply ¶
func (a *ContentLockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error
type FilterHandler ¶
FilterHandler checks for read/write permissions depending on the call using the context AccessList.
func (*FilterHandler) Adapt ¶
func (a *FilterHandler) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
func (*FilterHandler) CopyObject ¶
func (a *FilterHandler) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)
func (*FilterHandler) CreateNode ¶
func (a *FilterHandler) CreateNode(ctx context.Context, in *tree.CreateNodeRequest, opts ...grpc.CallOption) (*tree.CreateNodeResponse, error)
func (*FilterHandler) DeleteNode ¶
func (a *FilterHandler) DeleteNode(ctx context.Context, in *tree.DeleteNodeRequest, opts ...grpc.CallOption) (*tree.DeleteNodeResponse, error)
func (*FilterHandler) GetObject ¶
func (a *FilterHandler) GetObject(ctx context.Context, node *tree.Node, requestData *models.GetRequestData) (io.ReadCloser, error)
func (*FilterHandler) ListNodes ¶
func (a *FilterHandler) ListNodes(ctx context.Context, in *tree.ListNodesRequest, opts ...grpc.CallOption) (streamer tree.NodeProvider_ListNodesClient, e error)
ListNodes filters list results with ACLs permissions
func (*FilterHandler) MultipartCreate ¶
func (a *FilterHandler) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)
func (*FilterHandler) PutObject ¶
func (a *FilterHandler) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)
func (*FilterHandler) ReadNode ¶
func (a *FilterHandler) ReadNode(ctx context.Context, in *tree.ReadNodeRequest, opts ...grpc.CallOption) (*tree.ReadNodeResponse, error)
ReadNode checks if node is readable and forward to next middleware.
func (*FilterHandler) UpdateNode ¶
func (a *FilterHandler) UpdateNode(ctx context.Context, in *tree.UpdateNodeRequest, opts ...grpc.CallOption) (*tree.UpdateNodeResponse, error)
func (*FilterHandler) WrappedCanApply ¶
func (a *FilterHandler) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error
type LockFilter ¶
LockFilter filters call by checking internal locks.
func (*LockFilter) Adapt ¶
func (a *LockFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
func (*LockFilter) MultipartCreate ¶
func (a *LockFilter) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)
func (*LockFilter) PutObject ¶
func (a *LockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)
PutObject check locks before allowing Put operation.
func (*LockFilter) WrappedCanApply ¶
func (a *LockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error
WrappedCanApply will perform checks on quota to make sure an operation is authorized
type QuotaFilter ¶
QuotaFilter applies storage quota limitation on a per-workspace basis.
func (*QuotaFilter) Adapt ¶
func (a *QuotaFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler
func (*QuotaFilter) ComputeQuota ¶
func (a *QuotaFilter) ComputeQuota(ctx context.Context, workspace *idm.Workspace) (quota int64, usage int64, err error)
ComputeQuota finds quota and current usage for a given workspace
func (*QuotaFilter) CopyObject ¶
func (a *QuotaFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)
CopyObject checks quota on CopyObject operation.
func (*QuotaFilter) FindParentWorkspaces ¶
func (a *QuotaFilter) FindParentWorkspaces(ctx context.Context, workspace *idm.Workspace) (parentWorkspaces []*idm.Workspace, parentContext context.Context, err error)
FindParentWorkspaces finds possible parents for the current workspace based on the RESOURCE_OWNER uuid.
func (*QuotaFilter) MultipartPutObjectPart ¶
func (a *QuotaFilter) MultipartPutObjectPart(ctx context.Context, target *tree.Node, uploadID string, partNumberMarker int, reader io.Reader, requestData *models.PutRequestData) (models.MultipartObjectPart, error)
MultipartPutObjectPart checks quota on MultipartPutObjectPart.
func (*QuotaFilter) PutObject ¶
func (a *QuotaFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)
PutObject checks quota on PutObject operation.
func (*QuotaFilter) QuotaForWorkspace ¶
func (a *QuotaFilter) QuotaForWorkspace(ctx context.Context, workspace *idm.Workspace, orderedRoles []string) (maxQuota int64, currentUsage int64, err error)
QuotaForWorkspace finds quota and computes current usage from ACLs and Tree for a given workspace, in a specific context given by the orderedRoles list.
func (*QuotaFilter) ReadNode ¶
func (a *QuotaFilter) ReadNode(ctx context.Context, in *tree.ReadNodeRequest, opts ...grpc.CallOption) (*tree.ReadNodeResponse, error)
ReadNode append quota info on workspace roots
func (*QuotaFilter) WrappedCanApply ¶
func (a *QuotaFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error
WrappedCanApply will perform checks on quota to make sure an operation is authorized