Documentation ¶
Index ¶
- Variables
- func BroaderPermission(a, b model.ACLPermission) bool
- func MigrateImportPermissions(ctx context.Context, kvStore kv.Store, cfg *config.Config) error
- func MigrateToACL(ctx context.Context, kvStore kv.Store, cfg *config.Config, ...) error
- type ACLsMigrator
- func (mig *ACLsMigrator) ComputeAddedActions(permission model.ACLPermission, alreadyAllowedActions map[string]struct{}) []string
- func (mig *ACLsMigrator) ComputePermission(ctx context.Context, actions []string) (model.ACLPermission, error)
- func (mig *ACLsMigrator) GetMinPermission(action string) model.ACLPermission
- func (mig *ACLsMigrator) NewACLForPolicies(ctx context.Context, policies []*model.Policy) (acl *model.ACL, warn error, err error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrTooMany is returned when this migration does not support a // particular number of resources. It should not occur on any // reasonably sized installation. ErrTooMany = errors.New("too many") ErrTooManyPolicies = fmt.Errorf("%w policies", ErrTooMany) ErrTooManyGroups = fmt.Errorf("%w groups", ErrTooMany) ErrNotAllowed = fmt.Errorf("not allowed") ErrAlreadyHasACL = errors.New("already has ACL") ErrAddedActions = errors.New("added actions") ErrEmpty = errors.New("empty") ErrPolicyExists = errors.New("policy exists") ErrHasWarnings = errors.New("has warnings") )
Functions ¶
func BroaderPermission ¶
func BroaderPermission(a, b model.ACLPermission) bool
BroaderPermission returns true if a offers strictly more permissions than b. Unknown ACLPermission will panic.
Types ¶
type ACLsMigrator ¶
type ACLsMigrator struct { Actions map[model.ACLPermission]map[string]struct{} // contains filtered or unexported fields }
ACLsMigrator migrates from policies to ACLs.
func NewACLsMigrator ¶
func NewACLsMigrator(svc auth.Service, doUpdate bool) *ACLsMigrator
NewACLsMigrator returns an ACLsMigrator. That ACLsMigrator will only check (change nothing) if doUpdate is false.
func (*ACLsMigrator) ComputeAddedActions ¶
func (mig *ACLsMigrator) ComputeAddedActions(permission model.ACLPermission, alreadyAllowedActions map[string]struct{}) []string
ComputeAddedActions returns the list of actions that permission allows that are not in alreadyAllowedActions.
func (*ACLsMigrator) ComputePermission ¶
func (mig *ACLsMigrator) ComputePermission(ctx context.Context, actions []string) (model.ACLPermission, error)
ComputePermission returns ACL permission for actions and the actions that applying that permission will add to it.
func (*ACLsMigrator) GetMinPermission ¶
func (mig *ACLsMigrator) GetMinPermission(action string) model.ACLPermission
func (*ACLsMigrator) NewACLForPolicies ¶
func (mig *ACLsMigrator) NewACLForPolicies(ctx context.Context, policies []*model.Policy) (acl *model.ACL, warn error, err error)
NewACLForPolicies converts policies of group name to an ACL. warn summarizes all losses in converting policies to ACL. err holds an error if conversion failed.
Click to show internal directories.
Click to hide internal directories.