acl

package
v4.3.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2023 License: AGPL-3.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FromContext

func FromContext(ctx context.Context) (*permissions.AccessList, bool)

func HasAdminKey

func HasAdminKey(ctx context.Context) bool

func HasPresetACL

func HasPresetACL(ctx context.Context) bool

func MustFromContext

func MustFromContext(ctx context.Context) *permissions.AccessList

func ToContext

func ToContext(ctx context.Context, acl *permissions.AccessList) context.Context

func WithAccessList

func WithAccessList() nodes.Option

func WithAdminKey

func WithAdminKey(ctx context.Context) context.Context

func WithContentLockFilter

func WithContentLockFilter() nodes.Option

func WithFilter

func WithFilter() nodes.Option

func WithLock

func WithLock() nodes.Option

func WithPresetACL

func WithPresetACL(ctx context.Context, acl *permissions.AccessList) context.Context

func WithQuota

func WithQuota() nodes.Option

Types

type AccessListHandler

type AccessListHandler struct {
	abstract.Handler
}

AccessListHandler appends permissions.AccessList to the context.

func NewAccessListHandler

func NewAccessListHandler(adminView bool) *AccessListHandler

NewAccessListHandler creates a new AccessListHandler

func (*AccessListHandler) Adapt

type ContentLockFilter

type ContentLockFilter struct {
	abstract.Handler
}

ContentLockFilter checks for user-defined content locks in the context AccessList.

func (*ContentLockFilter) Adapt

func (*ContentLockFilter) CopyObject

func (a *ContentLockFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)

CopyObject should check: quota on CopyObject operation? Can we copy an object on top of an existing node?

func (*ContentLockFilter) MultipartCreate

func (a *ContentLockFilter) MultipartCreate(ctx context.Context, target *tree.Node, requestData *models.MultipartRequestData) (string, error)

func (*ContentLockFilter) PutObject

func (a *ContentLockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)

PutObject check locks before allowing Put operation.

func (*ContentLockFilter) WrappedCanApply

func (a *ContentLockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error

type FilterHandler

type FilterHandler struct {
	abstract.Handler
}

FilterHandler checks for read/write permissions depending on the call using the context AccessList.

func (*FilterHandler) Adapt

func (*FilterHandler) CopyObject

func (a *FilterHandler) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)

func (*FilterHandler) CreateNode

func (*FilterHandler) DeleteNode

func (*FilterHandler) GetObject

func (a *FilterHandler) GetObject(ctx context.Context, node *tree.Node, requestData *models.GetRequestData) (io.ReadCloser, error)

func (*FilterHandler) ListNodes

ListNodes filters list results with ACLs permissions

func (*FilterHandler) MultipartCreate

func (a *FilterHandler) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)

func (*FilterHandler) PutObject

func (a *FilterHandler) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)

func (*FilterHandler) ReadNode

ReadNode checks if node is readable and forward to next middleware.

func (*FilterHandler) UpdateNode

func (*FilterHandler) WrappedCanApply

func (a *FilterHandler) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error

type LockFilter

type LockFilter struct {
	abstract.Handler
}

LockFilter filters call by checking internal locks.

func (*LockFilter) Adapt

func (a *LockFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler

func (*LockFilter) MultipartCreate

func (a *LockFilter) MultipartCreate(ctx context.Context, node *tree.Node, requestData *models.MultipartRequestData) (string, error)

func (*LockFilter) PutObject

func (a *LockFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)

PutObject check locks before allowing Put operation.

func (*LockFilter) WrappedCanApply

func (a *LockFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error

WrappedCanApply will perform checks on quota to make sure an operation is authorized

type QuotaFilter

type QuotaFilter struct {
	abstract.Handler
	// contains filtered or unexported fields
}

QuotaFilter applies storage quota limitation on a per-workspace basis.

func (*QuotaFilter) Adapt

func (a *QuotaFilter) Adapt(h nodes.Handler, options nodes.RouterOptions) nodes.Handler

func (*QuotaFilter) ComputeQuota

func (a *QuotaFilter) ComputeQuota(ctx context.Context, workspace *idm.Workspace) (quota int64, usage int64, err error)

ComputeQuota finds quota and current usage for a given workspace

func (*QuotaFilter) CopyObject

func (a *QuotaFilter) CopyObject(ctx context.Context, from *tree.Node, to *tree.Node, requestData *models.CopyRequestData) (models.ObjectInfo, error)

CopyObject checks quota on CopyObject operation.

func (*QuotaFilter) FindParentWorkspaces

func (a *QuotaFilter) FindParentWorkspaces(ctx context.Context, workspace *idm.Workspace) (parentWorkspaces []*idm.Workspace, parentContext context.Context, err error)

FindParentWorkspaces finds possible parents for the current workspace based on the RESOURCE_OWNER uuid.

func (*QuotaFilter) MultipartPutObjectPart

func (a *QuotaFilter) MultipartPutObjectPart(ctx context.Context, target *tree.Node, uploadID string, partNumberMarker int, reader io.Reader, requestData *models.PutRequestData) (models.MultipartObjectPart, error)

MultipartPutObjectPart checks quota on MultipartPutObjectPart.

func (*QuotaFilter) PutObject

func (a *QuotaFilter) PutObject(ctx context.Context, node *tree.Node, reader io.Reader, requestData *models.PutRequestData) (models.ObjectInfo, error)

PutObject checks quota on PutObject operation.

func (*QuotaFilter) QuotaForWorkspace

func (a *QuotaFilter) QuotaForWorkspace(ctx context.Context, workspace *idm.Workspace, orderedRoles []string) (maxQuota int64, currentUsage int64, err error)

QuotaForWorkspace finds quota and computes current usage from ACLs and Tree for a given workspace, in a specific context given by the orderedRoles list.

func (*QuotaFilter) ReadNode

ReadNode append quota info on workspace roots

func (*QuotaFilter) WrappedCanApply

func (a *QuotaFilter) WrappedCanApply(srcCtx context.Context, targetCtx context.Context, operation *tree.NodeChangeEvent) error

WrappedCanApply will perform checks on quota to make sure an operation is authorized

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL