Documentation
¶
Index ¶
- Constants
- Variables
- func GetAdminPermissions(projectID, environmentID string) []*role.Permission
- func GetDeveloperPermissions(projectID, environmentID string) []*role.Permission
- func GetOwnerPermissions(projectID, environmentID string) []*role.Permission
- func GetViewerPermissions(projectID, environmentID string) []*role.Permission
- func WithEmpty(resource string) string
- func WithID(resource, id string) string
- func WithWildcard(resource string) string
Constants ¶
View Source
const ( ActionSettingsView = "settings:view" ActionSettingsEdit = "settings:edit" )
Settings actions
View Source
const ( ActionUserView = "user:view" ActionUserEdit = "user:edit" )
Users actions
View Source
const ( ActionGroupView = "group:view" ActionGroupEdit = "group:edit" )
Groups actions
View Source
const ( ActionRoleView = "role:view" ActionRoleEdit = "role:edit" ActionRoleAssign = "role:assign" ActionRoleRevoke = "role:retract" )
Roles actions
View Source
const ( ActionServiceAccountView = "serviceaccount:view" ActionServiceAccountEdit = "serviceaccount:edit" )
Service accounts actions
View Source
const ( ActionProjectView = "project:view" ActionProjectEdit = "project:edit" )
Projects actions
View Source
const ( // Get, List, GetRollout, ListRollout, ListEvents, Logs, ListImages, // ListInstances, ListInstanceStatuses, GetInstanceSatatus, CapsuleMetrics ActionCapsuleView = "capsule:view" // Update Capsules ActionCapsuleEdit = "capsule:edit" // Create ActionCapsuleCreate = "capsule:create" // Delete ActionCapsuleDelete = "capsule:delete" // Execute ActionCapsuleExecute = "capsule:execute" // Restart instance ActionCapsuleRestartInstance = "capsule:restartinstance" // Abort rollout ActionCapsuleAbortRollout = "capsule:abortrollout" // Stop rollout ActionCapsuleStopRollout = "capsule:stoprollout" // Deploy ActionCapsuleDeploy = "capsule:deploy" // Horizontally scaling - replicas ActionCapsuleDeployReplica = "capsule:deploy:replica" // Autoscaling - min, max and cpu threshold - Horizontal scaling ActionCapsuleDeployAutoscale = "capsule:deploy:autoscale" // Container Settings - Vertical scaling, Environment variables, Command and Args ActionCapsuleDeployContainer = "capsule:deploy:container" // Config Files - Add and remove config files ActionCapsuleDeployConfigFiles = "capsule:deploy:configfiles" // Network - Add, remove and update networks ActionCapsuleDeployNetwork = "capsule:deploy:network" // Rollback ActionCapsuleDeployRollback = "capsule:deploy:rollback" // Deploy a new image ActionCapsuleDeployImage = "capsule:deploy:image" // Auto add service account to the capsule ActionCapsuleDeployServiceAccount = "capsule:deploy:serviceaccount" // Chron jobs ActionCapsuleDeployChron = "capsule:deploy:chron" // Environment variables - set or remove environment variables ActionCapsuleDeployEnvironmentVariables = "capsule:deploy:environmentvariables" // Environment sources - set or remove environment sources ActionCapsuleDeployEnvironmentSources = "capsule:deploy:environmentsources" // Container Settings - Vertical scaling, Environment variables, Command and Args ActionCapsuleDeployAnnotations = "capsule:deploy:annotations" )
Capsules actions
View Source
const ( // Create images ActionImageAdd = "image:add" // Delete images ActionImageDelete = "image:delete" // View all parts of the build - GetImage, GetImageImageInfo, GetRepositoryInfo, GetImageLogs, GetImageStatus ActionImageView = "image:view" )
View Source
const ( ActionEnvironmentEdit = "environment:edit" // Create and delete ephemeral environments ActionEnvironmentEditEphemeral = "environment:edit:ephemeral" ActionEnvironmentView = "environment:view" )
View Source
const ( ResourceCapsule = "capsule" ResourceImage = "image" ResourceUser = "user" ResourceGroup = "group" ResourceProject = "project" ResourceRole = "role" ResourceServiceAccount = "serviceaccount" ResourceSettings = "settings" ResourceCluster = "cluster" ResourceEnvironment = "environment" )
View Source
const (
ActionClusterConfigView = "clusterconfig:view"
)
Cluster config actions
Variables ¶
View Source
var CapsuleActionMap = map[string]string{ capsuleconnect.ServiceGetStatusProcedure: ActionCapsuleView, capsuleconnect.ServiceGetProcedure: ActionCapsuleView, capsuleconnect.ServiceListProcedure: ActionCapsuleView, capsuleconnect.ServiceGetRolloutProcedure: ActionCapsuleView, capsuleconnect.ServiceListRolloutsProcedure: ActionCapsuleView, capsuleconnect.ServiceListEventsProcedure: ActionCapsuleView, capsuleconnect.ServiceLogsProcedure: ActionCapsuleView, capsuleconnect.ServiceListInstancesProcedure: ActionCapsuleView, capsuleconnect.ServiceListInstanceStatusesProcedure: ActionCapsuleView, capsuleconnect.ServiceGetInstanceStatusProcedure: ActionCapsuleView, capsuleconnect.ServiceCapsuleMetricsProcedure: ActionCapsuleView, capsuleconnect.ServiceGetCustomInstanceMetricsProcedure: ActionCapsuleView, capsuleconnect.ServiceCreateProcedure: ActionCapsuleCreate, capsuleconnect.ServiceDeleteProcedure: ActionCapsuleDelete, capsuleconnect.ServiceUpdateProcedure: ActionCapsuleEdit, capsuleconnect.ServiceGetJobExecutionsProcedure: ActionCapsuleView, capsuleconnect.ServiceDeployProcedure: ActionCapsuleDeploy, capsuleconnect.ServiceAbortRolloutProcedure: ActionCapsuleAbortRollout, capsuleconnect.ServiceStopRolloutProcedure: ActionCapsuleStopRollout, capsuleconnect.ServiceExecuteProcedure: ActionCapsuleExecute, capsuleconnect.ServiceRestartInstanceProcedure: ActionCapsuleRestartInstance, }
View Source
var ClusterActionMap = map[string]string{ clusterconnect.ServiceGetConfigProcedure: ActionClusterConfigView, clusterconnect.ServiceGetConfigsProcedure: ActionClusterConfigView, clusterconnect.ServiceListProcedure: ActionClusterConfigView, }
View Source
var EnvironmentActionMap = map[string]string{ environmentconnect.ServiceCreateProcedure: ActionEnvironmentEdit, environmentconnect.ServiceDeleteProcedure: ActionEnvironmentEdit, environmentconnect.ServiceGetNamespacesProcedure: ActionEnvironmentView, environmentconnect.ServiceListProcedure: ActionEnvironmentView, environmentconnect.ServiceUpdateProcedure: ActionEnvironmentEdit, }
View Source
var GroupActionMap = map[string]string{ groupconnect.ServiceAddMemberProcedure: ActionGroupEdit, groupconnect.ServiceCreateProcedure: ActionGroupEdit, groupconnect.ServiceDeleteProcedure: ActionGroupEdit, groupconnect.ServiceRemoveMemberProcedure: ActionGroupEdit, groupconnect.ServiceUpdateProcedure: ActionGroupEdit, groupconnect.ServiceGetProcedure: ActionGroupView, groupconnect.ServiceListProcedure: ActionGroupView, groupconnect.ServiceListGroupsForMemberProcedure: ActionGroupView, groupconnect.ServiceListMembersProcedure: ActionGroupView, }
View Source
var ImageActionMap = map[string]string{ imageconnect.ServiceAddProcedure: ActionImageAdd, imageconnect.ServiceDeleteProcedure: ActionImageDelete, imageconnect.ServiceGetProcedure: ActionImageView, imageconnect.ServiceGetImageInfoProcedure: ActionImageView, imageconnect.ServiceGetRepositoryInfoProcedure: ActionImageView, imageconnect.ServiceListProcedure: ActionImageView, }
View Source
var ProjectActionMap = map[string]string{ projectconnect.ServiceCreateProcedure: ActionProjectEdit, projectconnect.ServiceDeleteProcedure: ActionProjectEdit, projectconnect.ServiceGetProcedure: ActionProjectView, projectconnect.ServiceGetCustomObjectMetricsProcedure: ActionProjectView, projectconnect.ServiceGetObjectsByKindProcedure: ActionProjectView, projectconnect.ServiceListProcedure: ActionProjectView, projectconnect.ServicePublicKeyProcedure: ActionProjectView, projectconnect.ServiceUpdateProcedure: ActionProjectEdit, }
View Source
var RoleActionMap = map[string]string{ roleconnect.ServiceCreateProcedure: ActionRoleEdit, roleconnect.ServiceDeleteProcedure: ActionRoleEdit, roleconnect.ServiceUpdateProcedure: ActionRoleEdit, roleconnect.ServiceRevokeProcedure: ActionRoleRevoke, roleconnect.ServiceAssignProcedure: ActionRoleAssign, roleconnect.ServiceGetProcedure: ActionRoleView, roleconnect.ServiceListProcedure: ActionRoleView, roleconnect.ServiceListForEntityProcedure: ActionRoleView, roleconnect.ServiceListAssigneesProcedure: ActionRoleView, }
View Source
var ServiceAccountActionMap = map[string]string{ service_accountconnect.ServiceCreateProcedure: ActionServiceAccountEdit, service_accountconnect.ServiceDeleteProcedure: ActionServiceAccountEdit, service_accountconnect.ServiceListProcedure: ActionServiceAccountView, }
View Source
var SettingsActionMap = map[string]string{ project_settingsconnect.ServiceGetSettingsProcedure: ActionSettingsView, user_settingsconnect.ServiceGetSettingsProcedure: ActionSettingsView, project_settingsconnect.ServiceGetLicenseInfoProcedure: ActionSettingsView, project_settingsconnect.ServiceUpdateSettingsProcedure: ActionSettingsEdit, user_settingsconnect.ServiceUpdateSettingsProcedure: ActionSettingsEdit, }
View Source
var UserActionMap = map[string]string{ userconnect.ServiceCreateProcedure: ActionUserEdit, userconnect.ServiceDeleteProcedure: ActionUserEdit, userconnect.ServiceUpdateProcedure: ActionUserEdit, userconnect.ServiceGetProcedure: ActionUserView, userconnect.ServiceGetByIdentifierProcedure: ActionUserView, userconnect.ServiceListProcedure: ActionUserView, userconnect.ServiceListSessionsProcedure: ActionUserView, }
Functions ¶
func GetAdminPermissions ¶
func GetAdminPermissions(projectID, environmentID string) []*role.Permission
Admins can do everything - Thing that are not only in the others are: - Project Edit. This means Create, Delete and Update projects - Settings Edit. This means Update project and user settings - Environment Edit. This means Create, Delete and Update environments - Role Edit. This means Create, Delete and Update roles - Role Assign. Assign roles to users, groups and service accounts - Role Revoke. Revoke roles from users, groups and service accounts - User Edit. This means Create, Delete and Update users - Group Edit. This means Create, Delete and Update groups, aswell as add users to groups - Service Account Edit. This means Create, Delete and Update service accounts
func GetDeveloperPermissions ¶
func GetDeveloperPermissions(projectID, environmentID string) []*role.Permission
Developers can do everything a viewer can do, in addition to:
- editing ephemeral environments
- work with capsules and images in all aspects except creating and deleting them
func GetOwnerPermissions ¶
func GetOwnerPermissions(projectID, environmentID string) []*role.Permission
Owners can do everything a developer can do, plus: - Capsule Create, Delete and Edit. - Image Delete. This means Delete images - Capsule Stop Rollout. This means Stop rollouts
func GetViewerPermissions ¶
func GetViewerPermissions(projectID, environmentID string) []*role.Permission
Viewers can view all resources
func WithWildcard ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.