Documentation ¶
Overview ¶
Package acl implements ACLs for enforcement in API and UI.
Deprecated and being replaced with LUCI Realms.
Index ¶
Constants ¶
View Source
const ( // Reader role allows listing invocations and config of a job/trigger. Reader = Role("READER") // Triggerer role allows sending triggers to a job/trigger. // // Implies read access. Triggerer = Role("TRIGGERER") // Owner role provides full control of a job/trigger. Owner = Role("OWNER") )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GrantsByRole ¶
type GrantsByRole struct { Owners []string `gae:",noindex"` Triggerers []string `gae:",noindex"` Readers []string `gae:",noindex"` }
GrantsByRole can answer questions who can READ, TRIGGER, or who OWNs the task.
func ValidateTaskACLs ¶
func ValidateTaskACLs(ctx *validation.Context, pSets Sets, tSets []string, tAcls []*messages.Acl) *GrantsByRole
ValidateTaskACLs validates task's ACLs and returns TaskAcls.
Errors are returned via validation.Context.
func (*GrantsByRole) CallerHasRole ¶
CallerHasRole does what it says and returns only transient errors.
func (*GrantsByRole) Equal ¶
func (g *GrantsByRole) Equal(o *GrantsByRole) bool
Equal returns true if both security descriptors are equivalent.
type Sets ¶
Sets are parsed and indexed `AclSet` of a project.
func ValidateACLSets ¶
func ValidateACLSets(ctx *validation.Context, sets []*messages.AclSet) Sets
ValidateACLSets validates list of AclSet of a project and returns Sets.
Errors are returned via validation.Context.
Click to show internal directories.
Click to hide internal directories.