rbac

package

v1.7.8-patch2 Latest Latest Go to latest Published: Aug 5, 2021 License: Apache-2.0 Imports: 16 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/solo-io/gloo

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var File_github_com_solo_io_gloo_projects_gloo_api_v1_enterprise_options_rbac_rbac_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type ExtensionSettings ¶

type ExtensionSettings struct {

	// Disable RBAC checks on this resource (default false). This is useful to allow access to static resources/login page without RBAC checks.
	// If provided on a route, all route settings override any vhost settings
	Disable bool `protobuf:"varint,1,opt,name=disable,proto3" json:"disable,omitempty"`
	// Named policies to apply.
	Policies map[string]*Policy `` /* 157-byte string literal not displayed */
	// contains filtered or unexported fields
}

RBAC settings for Virtual Hosts and Routes

func (*ExtensionSettings) Descriptor deprecated

func (*ExtensionSettings) Descriptor() ([]byte, []int)

Deprecated: Use ExtensionSettings.ProtoReflect.Descriptor instead.

func (*ExtensionSettings) Equal ¶

func (m *ExtensionSettings) Equal(that interface{}) bool

Equal function

func (*ExtensionSettings) GetDisable ¶

func (x *ExtensionSettings) GetDisable() bool

func (*ExtensionSettings) GetPolicies ¶

func (x *ExtensionSettings) GetPolicies() map[string]*Policy

func (*ExtensionSettings) Hash ¶ added in v1.2.13

func (m *ExtensionSettings) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ExtensionSettings) ProtoMessage ¶

func (*ExtensionSettings) ProtoMessage()

func (*ExtensionSettings) ProtoReflect ¶ added in v1.6.0

func (x *ExtensionSettings) ProtoReflect() protoreflect.Message

func (*ExtensionSettings) Reset ¶

func (x *ExtensionSettings) Reset()

func (*ExtensionSettings) String ¶

func (x *ExtensionSettings) String() string

type JWTPrincipal ¶

type JWTPrincipal struct {

	// Set of claims that make up this principal. Commonly, the 'iss' and 'sub' or 'email' claims are used.
	// all claims must be present on the JWT.
	Claims map[string]string `` /* 153-byte string literal not displayed */
	// Verify that the JWT came from a specific provider. This usually can be left empty
	// and a provider will be chosen automatically.
	Provider string `protobuf:"bytes,2,opt,name=provider,proto3" json:"provider,omitempty"`
	// contains filtered or unexported fields
}

A JWT principal. To use this, JWT option MUST be enabled.

func (*JWTPrincipal) Descriptor deprecated

func (*JWTPrincipal) Descriptor() ([]byte, []int)

Deprecated: Use JWTPrincipal.ProtoReflect.Descriptor instead.

func (*JWTPrincipal) Equal ¶

func (m *JWTPrincipal) Equal(that interface{}) bool

Equal function

func (*JWTPrincipal) GetClaims ¶

func (x *JWTPrincipal) GetClaims() map[string]string

func (*JWTPrincipal) GetProvider ¶

func (x *JWTPrincipal) GetProvider() string

func (*JWTPrincipal) Hash ¶ added in v1.2.13

func (m *JWTPrincipal) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*JWTPrincipal) ProtoMessage ¶

func (*JWTPrincipal) ProtoMessage()

func (*JWTPrincipal) ProtoReflect ¶ added in v1.6.0

func (x *JWTPrincipal) ProtoReflect() protoreflect.Message

func (*JWTPrincipal) Reset ¶

func (x *JWTPrincipal) Reset()

func (*JWTPrincipal) String ¶

func (x *JWTPrincipal) String() string

type Permissions ¶

type Permissions struct {

	// Paths that have this prefix will be allowed.
	PathPrefix string `protobuf:"bytes,1,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"`
	// What http methods (GET, POST, ...) are allowed.
	Methods []string `protobuf:"bytes,2,rep,name=methods,proto3" json:"methods,omitempty"`
	// contains filtered or unexported fields
}

What permissions should be granted. An empty field means allow-all. If more than one field is added, all of them need to match.

func (*Permissions) Descriptor deprecated

func (*Permissions) Descriptor() ([]byte, []int)

Deprecated: Use Permissions.ProtoReflect.Descriptor instead.

func (*Permissions) Equal ¶

func (m *Permissions) Equal(that interface{}) bool

Equal function

func (*Permissions) GetMethods ¶

func (x *Permissions) GetMethods() []string

func (*Permissions) GetPathPrefix ¶

func (x *Permissions) GetPathPrefix() string

func (*Permissions) Hash ¶ added in v1.2.13

func (m *Permissions) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Permissions) ProtoMessage ¶

func (*Permissions) ProtoMessage()

func (*Permissions) ProtoReflect ¶ added in v1.6.0

func (x *Permissions) ProtoReflect() protoreflect.Message

func (*Permissions) Reset ¶

func (x *Permissions) Reset()

func (*Permissions) String ¶

func (x *Permissions) String() string

type Policy ¶

type Policy struct {

	// Principals in this policy.
	Principals []*Principal `protobuf:"bytes,1,rep,name=principals,proto3" json:"principals,omitempty"`
	// Permissions granted to the principals.
	Permissions *Permissions `protobuf:"bytes,2,opt,name=permissions,proto3" json:"permissions,omitempty"`
	// contains filtered or unexported fields
}

func (*Policy) Descriptor deprecated

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) Equal ¶

func (m *Policy) Equal(that interface{}) bool

Equal function

func (*Policy) GetPermissions ¶

func (x *Policy) GetPermissions() *Permissions

func (*Policy) GetPrincipals ¶

func (x *Policy) GetPrincipals() []*Principal

func (*Policy) Hash ¶ added in v1.2.13

func (m *Policy) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Policy) ProtoMessage ¶

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect ¶ added in v1.6.0

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset ¶

func (x *Policy) Reset()

func (*Policy) String ¶

func (x *Policy) String() string

type Principal ¶

type Principal struct {
	JwtPrincipal *JWTPrincipal `protobuf:"bytes,1,opt,name=jwt_principal,json=jwtPrincipal,proto3" json:"jwt_principal,omitempty"`
	// contains filtered or unexported fields
}

An RBAC principal - the identity entity (usually a user or a service account).

func (*Principal) Descriptor deprecated

func (*Principal) Descriptor() ([]byte, []int)

Deprecated: Use Principal.ProtoReflect.Descriptor instead.

func (*Principal) Equal ¶

func (m *Principal) Equal(that interface{}) bool

Equal function

func (*Principal) GetJwtPrincipal ¶

func (x *Principal) GetJwtPrincipal() *JWTPrincipal

func (*Principal) Hash ¶ added in v1.2.13

func (m *Principal) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Principal) ProtoMessage ¶

func (*Principal) ProtoMessage()

func (*Principal) ProtoReflect ¶ added in v1.6.0

func (x *Principal) ProtoReflect() protoreflect.Message

func (*Principal) Reset ¶

func (x *Principal) Reset()

func (*Principal) String ¶

func (x *Principal) String() string

type Settings ¶

type Settings struct {

	// Require RBAC for all virtual hosts. A vhost without an RBAC policy set will fallback to a deny-all policy.
	RequireRbac bool `protobuf:"varint,1,opt,name=require_rbac,json=requireRbac,proto3" json:"require_rbac,omitempty"`
	// contains filtered or unexported fields
}

Global RBAC settings

func (*Settings) Descriptor deprecated

func (*Settings) Descriptor() ([]byte, []int)

Deprecated: Use Settings.ProtoReflect.Descriptor instead.

func (*Settings) Equal ¶

func (m *Settings) Equal(that interface{}) bool

Equal function

func (*Settings) GetRequireRbac ¶

func (x *Settings) GetRequireRbac() bool

func (*Settings) Hash ¶ added in v1.2.13

func (m *Settings) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*Settings) ProtoMessage ¶

func (*Settings) ProtoMessage()

func (*Settings) ProtoReflect ¶ added in v1.6.0

func (x *Settings) ProtoReflect() protoreflect.Message

func (*Settings) Reset ¶

func (x *Settings) Reset()

func (*Settings) String ¶

func (x *Settings) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL