Documentation
¶
Overview ¶
Code generated by go generate; DO NOT EDIT.
user.go file is all related to calling APIs to get user and token information and formatting them to secretInfo User.
It calls 3 APIs:
- /v2/caller-identity
- /v2/tokens/<id> (with token id from previous api response)
- /v2/roles/<role_id> (if custom role id is present in tokens) (more than one role can be assigned to token as well)
it formats all these responses into one User struct for secretInfo.
Index ¶
- Variables
- func AnalyzeAndPrintPermissions(cfg *config.Config, token string)
- func CaptureResources(client *http.Client, token string, secretInfo *SecretInfo) error
- func CaptureUserInformation(client *http.Client, token string, secretInfo *SecretInfo) error
- type Analyzer
- type CustomRole
- type Permission
- type Policy
- type Resource
- type SecretInfo
- type Token
- type User
Constants ¶
This section is empty.
Variables ¶
var ( PermissionStrings = map[Permission]string{ Admin: "admin", Writer: "writer", Reader: "reader", Inlinepolicy: "inlinepolicy", Customroles: "customroles", } StringToPermission = map[string]Permission{ "admin": Admin, "writer": Writer, "reader": Reader, "inlinepolicy": Inlinepolicy, "customroles": Customroles, } PermissionIDs = map[Permission]int{ Admin: 1, Writer: 2, Reader: 3, Inlinepolicy: 4, Customroles: 5, } IdToPermission = map[int]Permission{ 1: Admin, 2: Writer, 3: Reader, 4: Inlinepolicy, 5: Customroles, } )
var (
MetadataKey = "key"
)
Functions ¶
func CaptureResources ¶
func CaptureResources(client *http.Client, token string, secretInfo *SecretInfo) error
func CaptureUserInformation ¶
func CaptureUserInformation(client *http.Client, token string, secretInfo *SecretInfo) error
CaptureUserInformation call following three APIs:
- /v2/caller-identity
- /v2/tokens/<token_id> (token_id from previous API response)
- /v2/roles/<role_id> (roles_id from previous API response if exist)
It format all responses into one secret info User
Types ¶
type Analyzer ¶
func (Analyzer) Type ¶
func (a Analyzer) Type() analyzers.AnalyzerType
type CustomRole ¶
type CustomRole struct {
ID string
Key string
Name string
Polices []Policy
BasePermission string
AssignedToMembers int
AssignedToTeams int
}
CustomRole is a flexible policies providing fine-grained access control to everything in launch darkly
type Permission ¶
type Permission int
const ( Invalid Permission = iota Admin Permission = iota Writer Permission = iota Reader Permission = iota Inlinepolicy Permission = iota Customroles Permission = iota )
func PermissionFromID ¶
func PermissionFromID(id int) (Permission, error)
PermissionFromID converts an ID to its Permission enum
func PermissionFromString ¶
func PermissionFromString(s string) (Permission, error)
PermissionFromString converts a string representation to its Permission enum
func (Permission) ToID ¶
func (p Permission) ToID() (int, error)
ToID converts a Permission enum to its ID
func (Permission) ToString ¶
func (p Permission) ToString() (string, error)
ToString converts a Permission enum to its string representation
type Policy ¶
type Policy struct {
Resources []string
NotResources []string
Actions []string
NotActions []string
Effect string
}
policy is a set of statements
type SecretInfo ¶
type SecretInfo struct {
User User
Permissions []string
Resources []Resource
// contains filtered or unexported fields
}
func AnalyzePermissions ¶
func AnalyzePermissions(cfg *config.Config, token string) (*SecretInfo, error)
AnalyzePermissions will collect all the scopes assigned to token along with resource it can access
type Token ¶
type Token struct {
ID string // id of the token
Name string // name of the token
CustomRoles []CustomRole // custom roles assigned to the token
InlineRole []Policy // any policy statements maybe used in place of a built-in custom role
Role string // role of token
IsServiceToken bool // is a service token or not
APIVersion int // default api version assigned to the token
}
Token is the token details
Source Files