engine

package

v1.0.2 Latest Latest Go to latest Published: Nov 28, 2024 License: MIT Imports: 3 Imported by: 8

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tx7do/kratos-authz

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func ContextWithAuthClaims(parent context.Context, claims *AuthClaims) context.Context
type Action
type Actions
- func MakeActions(actions ...Action) Actions
type AuthClaims
- func AuthClaimsFromContext(ctx context.Context) (*AuthClaims, bool)
type AuthErrorCode
type Authorizer
type Engine
type Pair
- func MakePair(res, act string) Pair
type Pairs
- func MakePairs(pairs ...Pair) Pairs
type PolicyMap
type Project
type Projects
- func MakeProjects(projects ...Project) Projects
type Resource
type Resources
- func MakeResources(resources ...Resource) Resources
type RoleMap
type Subject
type Subjects
- func MakeSubjects(subs ...Subject) Subjects
type Type
type Writer

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrMissingAuthClaims = status.Error(codes.Code(AuthErrorCodeMissingAuthClaims), "context missing authz claims")
	ErrInvalidClaims     = status.Error(codes.Code(AuthErrorCodeInvalidClaims), "invalid claims")
)

Functions ¶

func ContextWithAuthClaims ¶

func ContextWithAuthClaims(parent context.Context, claims *AuthClaims) context.Context

ContextWithAuthClaims injects the provided AuthClaims into the parent context.

Types ¶

type Action ¶

type Action string

type Actions ¶

type Actions []Action

func MakeActions ¶

func MakeActions(actions ...Action) Actions

type AuthClaims ¶

type AuthClaims struct {
	Subjects *Subjects
	Pairs    *Pairs
	Projects *Projects

	Subject  *Subject
	Action   *Action
	Resource *Resource
	Project  *Project
}

func AuthClaimsFromContext ¶

func AuthClaimsFromContext(ctx context.Context) (*AuthClaims, bool)

AuthClaimsFromContext extracts the AuthClaims from the provided ctx (if any).

type AuthErrorCode ¶

type AuthErrorCode int32

const (
	AuthErrorCodeMissingAuthClaims AuthErrorCode = 2001
	AuthErrorCodeInvalidClaims     AuthErrorCode = 2002
)

type Authorizer ¶

type Authorizer interface {
	ProjectsAuthorized(context.Context, Subjects, Action, Resource, Projects) (Projects, error)

	FilterAuthorizedPairs(context.Context, Subjects, Pairs) (Pairs, error)

	FilterAuthorizedProjects(context.Context, Subjects) (Projects, error)

	IsAuthorized(context.Context, Subject, Action, Resource, Project) (bool, error)
}

type Engine ¶

type Engine interface {
	Authorizer
	Writer
}

type Pair ¶

type Pair struct {
	Resource Resource `json:"resource"`
	Action   Action   `json:"action"`
}

func MakePair ¶

func MakePair(res, act string) Pair

type Pairs ¶

type Pairs []Pair

func MakePairs ¶

func MakePairs(pairs ...Pair) Pairs

type PolicyMap ¶

type PolicyMap map[string]interface{}

type Project ¶

type Project string

type Projects ¶

type Projects []Project

func MakeProjects ¶

func MakeProjects(projects ...Project) Projects

type Resource ¶

type Resource string

type Resources ¶

type Resources []Resource

func MakeResources ¶

func MakeResources(resources ...Resource) Resources

type RoleMap ¶

type RoleMap map[string]interface{}

type Subject ¶

type Subject string

type Subjects ¶

type Subjects []Subject

func MakeSubjects ¶

func MakeSubjects(subs ...Subject) Subjects

type Type ¶

type Type int

const (
	CasbinEngine Type = 1
	OpaEngine    Type = 2
)

type Writer ¶

type Writer interface {
	SetPolicies(context.Context, PolicyMap, RoleMap) error
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
casbin module
noop
opa module
zanzibar module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL