Documentation
¶
Index ¶
- Variables
- func AllowGlobalScope(ctx context.Context, endpoint string, operation openapi.AclOperation) error
- func AllowOrganizationScope(ctx context.Context, endpoint string, operation openapi.AclOperation, ...) error
- func AllowProjectScope(ctx context.Context, endpoint string, operation openapi.AclOperation, ...) error
- func AllowRole(ctx context.Context, role *unikornv1.Role, organizationID string) error
- func FromContext(ctx context.Context) *openapi.Acl
- func NewContext(ctx context.Context, acl *openapi.Acl) context.Context
- type RBAC
Constants ¶
This section is empty.
Variables ¶
View Source
var (
ErrResourceReference = errors.New("resource reference error")
)
Functions ¶
func AllowGlobalScope ¶ added in v0.2.20
AllowGlobalScope tries to allow the requested operation at the global scope.
func AllowOrganizationScope ¶ added in v0.2.20
func AllowOrganizationScope(ctx context.Context, endpoint string, operation openapi.AclOperation, organizationID string) error
AllowOrganizationScope tries to allow the requested operation at the global scope, then the organization scope.
func AllowProjectScope ¶ added in v0.2.20
func AllowProjectScope(ctx context.Context, endpoint string, operation openapi.AclOperation, organizationID, projectID string) error
AllowProjectScope tries to allow the requested operation at the global scope, then the organization scope, and finally at the project scope.
Types ¶
type RBAC ¶
type RBAC struct {
// contains filtered or unexported fields
}
RBAC contains all the scoping rules for services across the platform.
func (*RBAC) GetACL ¶ added in v0.1.23
GetACL returns a granular set of permissions for a user based on their scope. This is used for API level access control and UX.
func (*RBAC) GetActiveSubjects ¶ added in v0.2.51
GetActiveSubjects returns all users who match the subject across all organizations.
Source Files
Click to show internal directories.
Click to hide internal directories.