policy

package
v1.33.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 5, 2021 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ActionRead  = "read"
	ActionWrite = "write"
)
View Source
var (
	RedactorRead  = Must(NewPolicy(ActionRead, "redactor."))
	RedactorWrite = Must(NewPolicy(ActionWrite, "redactor."))
)
View Source
var (
	BackupRead            = Must(NewPolicy(ActionRead, "backup."))
	BackupWrite           = Must(NewPolicy(ActionWrite, "backup."))
	RestoreRead           = Must(NewPolicy(ActionRead, "restore."))
	RestoreWrite          = Must(NewPolicy(ActionWrite, "restore."))
	SnapshotsettingsRead  = Must(NewPolicy(ActionRead, "snapshotsettings."))
	SnapshotsettingsWrite = Must(NewPolicy(ActionWrite, "snapshotsettings."))
)
View Source
var (
	ClusterRead  = Must(NewPolicy(ActionRead, "cluster."))
	ClusterWrite = Must(NewPolicy(ActionWrite, "cluster."))
)
View Source
var (
	GitopsRead  = Must(NewPolicy(ActionRead, "gitops."))
	GitopsWrite = Must(NewPolicy(ActionWrite, "gitops."))
)
View Source
var (
	IdentityServiceWrite = Must(NewPolicy(ActionWrite, "identityservice."))
	IdentityServiceRead  = Must(NewPolicy(ActionRead, "identityservice."))
)
View Source
var (
	AppIdentityServiceWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.identityservice."))
	AppIdentityServiceRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.identityservice."))
)

App Identity Service

View Source
var (
	AppList   = Must(NewPolicy(ActionRead, "app."))
	AppRead   = Must(NewPolicy(ActionRead, "app.{{.appSlug}}"))
	AppCreate = Must(NewPolicy(ActionWrite, "app."))
	AppUpdate = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}", appSlugFromAppIDGetter))
)
View Source
var (
	AppSupportbundleRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.supportbundle.", appSlugFromSupportbundleGetter))
	AppSupportbundleWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.supportbundle.", appSlugFromAppIDGetter))
)
View Source
var (
	AppBackupRead            = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.backup."))
	AppBackupWrite           = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.backup."))
	AppRestoreRead           = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.restore."))
	AppRestoreWrite          = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.restore."))
	AppSnapshotsettingsRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.snapshotsettings."))
	AppSnapshotsettingsWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.snapshotsettings."))
)
View Source
var (
	AppRegistryRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.registry."))
	AppRegistryWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.registry."))
)
View Source
var (
	AppLicenseRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.license."))
	AppLicenseWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.license."))
)
View Source
var (
	AppGitopsRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.gitops.", appSlugFromAppIDGetter))
	AppGitopsWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.gitops.", appSlugFromAppIDGetter))
)
View Source
var (
	AppDownstreamRead         = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.downstream."))
	AppDownstreamWrite        = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.downstream."))
	AppDownstreamLogsRead     = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.downstream.logs."))
	AppDownstreamFiletreeRead = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.downstream.filetree."))
)
View Source
var (
	AppDownstreamPreflightRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.downstream.preflight."))
	AppDownstreamPreflightWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.downstream.preflight."))
)
View Source
var (
	AppDownstreamConfigRead  = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.downstream.config."))
	AppDownstreamConfigWrite = Must(NewPolicy(ActionWrite, "app.{{.appSlug}}.downstream.config."))
)
View Source
var (
	AppStatusRead = Must(NewPolicy(ActionRead, "app.{{.appSlug}}.status."))
)
View Source
var (
	PrometheussettingsWrite = Must(NewPolicy(ActionWrite, "prometheussettings."))
)
View Source
var (
	RegistryRead = Must(NewPolicy(ActionRead, "registry."))
)

Functions

func JSON

func JSON(w http.ResponseWriter, code int, payload interface{})

Types

type ErrorResponse

type ErrorResponse struct {
	Error   string `json:"error"`
	Success bool   `json:"success"` // NOTE: the frontend relies on this for some routes
	Err     error  `json:"-"`
}

func NewErrorResponse

func NewErrorResponse(err error) ErrorResponse

type Middleware

type Middleware struct {
	KOTSStore store.Store
	Roles     []rbactypes.Role
}

func NewMiddleware

func NewMiddleware(kotsStore store.Store, roles []rbactypes.Role) *Middleware

func (*Middleware) EnforceAccess

func (m *Middleware) EnforceAccess(p *Policy, handler http.HandlerFunc) http.HandlerFunc

type Policy

type Policy struct {
	// contains filtered or unexported fields
}

func Must

func Must(p *Policy, err error) *Policy

func NewPolicy

func NewPolicy(action, resource string, fns ...VarsGetter) (policy *Policy, err error)

type RBACError

type RBACError struct {
	Resource string
}

func NewRBACError

func NewRBACError(resource string) *RBACError

func (RBACError) Abort

func (e RBACError) Abort(w http.ResponseWriter) error

type VarsGetter

type VarsGetter func(kotsStore store.Store, vars map[string]string) (map[string]string, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL