rbac

package
v1.6.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 23, 2021 License: Apache-2.0 Imports: 16 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_github_com_solo_io_gloo_projects_gloo_api_v1_enterprise_options_rbac_rbac_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type ExtensionSettings

type ExtensionSettings struct {

	// Disable RBAC checks on this resource (default false). This is useful to allow access to static resources/login page without RBAC checks.
	// If provided on a route, all route settings override any vhost settings
	Disable bool `protobuf:"varint,1,opt,name=disable,proto3" json:"disable,omitempty"`
	// Named policies to apply.
	Policies map[string]*Policy `` /* 157-byte string literal not displayed */
	// contains filtered or unexported fields
}

RBAC settings for Virtual Hosts and Routes

func (*ExtensionSettings) Descriptor deprecated

func (*ExtensionSettings) Descriptor() ([]byte, []int)

Deprecated: Use ExtensionSettings.ProtoReflect.Descriptor instead.

func (*ExtensionSettings) Equal

func (m *ExtensionSettings) Equal(that interface{}) bool

Equal function

func (*ExtensionSettings) GetDisable

func (x *ExtensionSettings) GetDisable() bool

func (*ExtensionSettings) GetPolicies

func (x *ExtensionSettings) GetPolicies() map[string]*Policy

func (*ExtensionSettings) Hash added in v1.2.13

func (m *ExtensionSettings) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ExtensionSettings) ProtoMessage

func (*ExtensionSettings) ProtoMessage()

func (*ExtensionSettings) ProtoReflect added in v1.6.0

func (x *ExtensionSettings) ProtoReflect() protoreflect.Message

func (*ExtensionSettings) Reset

func (x *ExtensionSettings) Reset()

func (*ExtensionSettings) String

func (x *ExtensionSettings) String() string

type JWTPrincipal

type JWTPrincipal struct {

	// Set of claims that make up this principal. Commonly, the 'iss' and 'sub' or 'email' claims are used.
	// all claims must be present on the JWT.
	Claims map[string]string `` /* 153-byte string literal not displayed */
	// Verify that the JWT came from a specific provider. This usually can be left empty
	// and a provider will be chosen automatically.
	Provider string `protobuf:"bytes,2,opt,name=provider,proto3" json:"provider,omitempty"`
	// contains filtered or unexported fields
}

A JWT principal. To use this, JWT option MUST be enabled.

func (*JWTPrincipal) Descriptor deprecated

func (*JWTPrincipal) Descriptor() ([]byte, []int)

Deprecated: Use JWTPrincipal.ProtoReflect.Descriptor instead.

func (*JWTPrincipal) Equal

func (m *JWTPrincipal) Equal(that interface{}) bool

Equal function

func (*JWTPrincipal) GetClaims

func (x *JWTPrincipal) GetClaims() map[string]string

func (*JWTPrincipal) GetProvider

func (x *JWTPrincipal) GetProvider() string

func (*JWTPrincipal) Hash added in v1.2.13

func (m *JWTPrincipal) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*JWTPrincipal) ProtoMessage

func (*JWTPrincipal) ProtoMessage()

func (*JWTPrincipal) ProtoReflect added in v1.6.0

func (x *JWTPrincipal) ProtoReflect() protoreflect.Message

func (*JWTPrincipal) Reset

func (x *JWTPrincipal) Reset()

func (*JWTPrincipal) String

func (x *JWTPrincipal) String() string

type Permissions

type Permissions struct {

	// Paths that have this prefix will be allowed.
	PathPrefix string `protobuf:"bytes,1,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"`
	// What http methods (GET, POST, ...) are allowed.
	Methods []string `protobuf:"bytes,2,rep,name=methods,proto3" json:"methods,omitempty"`
	// contains filtered or unexported fields
}

What permissions should be granted. An empty field means allow-all. If more than one field is added, all of them need to match.

func (*Permissions) Descriptor deprecated

func (*Permissions) Descriptor() ([]byte, []int)

Deprecated: Use Permissions.ProtoReflect.Descriptor instead.

func (*Permissions) Equal

func (m *Permissions) Equal(that interface{}) bool

Equal function

func (*Permissions) GetMethods

func (x *Permissions) GetMethods() []string

func (*Permissions) GetPathPrefix

func (x *Permissions) GetPathPrefix() string

func (*Permissions) Hash added in v1.2.13

func (m *Permissions) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Permissions) ProtoMessage

func (*Permissions) ProtoMessage()

func (*Permissions) ProtoReflect added in v1.6.0

func (x *Permissions) ProtoReflect() protoreflect.Message

func (*Permissions) Reset

func (x *Permissions) Reset()

func (*Permissions) String

func (x *Permissions) String() string

type Policy

type Policy struct {

	// Principals in this policy.
	Principals []*Principal `protobuf:"bytes,1,rep,name=principals,proto3" json:"principals,omitempty"`
	// Permissions granted to the principals.
	Permissions *Permissions `protobuf:"bytes,2,opt,name=permissions,proto3" json:"permissions,omitempty"`
	// contains filtered or unexported fields
}

func (*Policy) Descriptor deprecated

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) Equal

func (m *Policy) Equal(that interface{}) bool

Equal function

func (*Policy) GetPermissions

func (x *Policy) GetPermissions() *Permissions

func (*Policy) GetPrincipals

func (x *Policy) GetPrincipals() []*Principal

func (*Policy) Hash added in v1.2.13

func (m *Policy) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Policy) ProtoMessage

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect added in v1.6.0

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset

func (x *Policy) Reset()

func (*Policy) String

func (x *Policy) String() string

type Principal

type Principal struct {
	JwtPrincipal *JWTPrincipal `protobuf:"bytes,1,opt,name=jwt_principal,json=jwtPrincipal,proto3" json:"jwt_principal,omitempty"`
	// contains filtered or unexported fields
}

An RBAC principal - the identity entity (usually a user or a service account).

func (*Principal) Descriptor deprecated

func (*Principal) Descriptor() ([]byte, []int)

Deprecated: Use Principal.ProtoReflect.Descriptor instead.

func (*Principal) Equal

func (m *Principal) Equal(that interface{}) bool

Equal function

func (*Principal) GetJwtPrincipal

func (x *Principal) GetJwtPrincipal() *JWTPrincipal

func (*Principal) Hash added in v1.2.13

func (m *Principal) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Principal) ProtoMessage

func (*Principal) ProtoMessage()

func (*Principal) ProtoReflect added in v1.6.0

func (x *Principal) ProtoReflect() protoreflect.Message

func (*Principal) Reset

func (x *Principal) Reset()

func (*Principal) String

func (x *Principal) String() string

type Settings

type Settings struct {

	// Require RBAC for all virtual hosts. A vhost without an RBAC policy set will fallback to a deny-all policy.
	RequireRbac bool `protobuf:"varint,1,opt,name=require_rbac,json=requireRbac,proto3" json:"require_rbac,omitempty"`
	// contains filtered or unexported fields
}

Global RBAC settings

func (*Settings) Descriptor deprecated

func (*Settings) Descriptor() ([]byte, []int)

Deprecated: Use Settings.ProtoReflect.Descriptor instead.

func (*Settings) Equal

func (m *Settings) Equal(that interface{}) bool

Equal function

func (*Settings) GetRequireRbac

func (x *Settings) GetRequireRbac() bool

func (*Settings) Hash added in v1.2.13

func (m *Settings) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Settings) ProtoMessage

func (*Settings) ProtoMessage()

func (*Settings) ProtoReflect added in v1.6.0

func (x *Settings) ProtoReflect() protoreflect.Message

func (*Settings) Reset

func (x *Settings) Reset()

func (*Settings) String

func (x *Settings) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL