authorization

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 7, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package authorization is a generated GoMock package.

Package authorization is a generated GoMock package.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsResourceKindExist 

func IsResourceKindExist(kind ResourceKind) bool

func IsRoleExist 

func IsRoleExist(role Role) bool

Types

type Action 

type Action string
const (
	UserCreate  Action = "user:create"
	UserDelete  Action = "user:delete"
	UserGet     Action = "user:get"
	UserGetRole Action = "user:getRole"

	TokenCreate Action = "token:create"
	TokenDelete Action = "token:delete"
	TokenGet    Action = "token:get"
	TokenList   Action = "token:list"

	RoleGrant  Action = "role:grant"
	RoleRevoke Action = "role:revoke"

	NamespaceCreate Action = "namespace:create"
	NamespaceDelete Action = "namespace:delete"
	NamespaceGrant  Action = "namespace:grant"
	NamespaceRevoke Action = "namespace:revoke"
	NamespaceGet    Action = "namespace:get"

	EventbusCreate Action = "eventbus:create"
	EventbusUpdate Action = "eventbus:update"
	EventbusGet    Action = "eventbus:get"
	EventbusDelete Action = "eventbus:delete"
	EventbusGrant  Action = "eventbus:grant"
	EventbusRevoke Action = "eventbus:revoke"
	EventbusRead   Action = "eventbus:read"
	EventbusWrite  Action = "eventbus:write"

	SubscriptionCreate Action = "subscription:create"
	SubscriptionUpdate Action = "subscription:update"
	SubscriptionGet    Action = "subscription:get"
	SubscriptionDelete Action = "subscription:delete"
	SubscriptionGrant  Action = "subscription:grant"
	SubscriptionRevoke Action = "subscription:revoke"
)

type Attributes 

type Attributes interface {
	GetResourceKind() ResourceKind
	GetResourceID() vanus.ID
	GetAction() Action
}

func NewDefaultAttributes 

func NewDefaultAttributes(resourceKind ResourceKind, resourceID vanus.ID, action Action) Attributes

type Authorization 

type Authorization interface {
	Authorize(ctx context.Context, user string, attributes Attributes) (bool, error)
}

func NewAuthorization 

func NewAuthorization(client RoleClient, cluster cluster.Cluster) Authorization

type List 

type List []Action

func (List) Contains 

func (list List) Contains(action Action) bool

type MockAuthorization 

type MockAuthorization struct {
	// contains filtered or unexported fields
}

MockAuthorization is a mock of Authorization interface.

func NewMockAuthorization 

func NewMockAuthorization(ctrl *gomock.Controller) *MockAuthorization

NewMockAuthorization creates a new mock instance.

func (*MockAuthorization) Authorize 

func (m *MockAuthorization) Authorize(ctx context.Context, user string, attributes Attributes) (bool, error)

Authorize mocks base method.

func (*MockAuthorization) EXPECT 

func (m *MockAuthorization) EXPECT() *MockAuthorizationMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

type MockAuthorizationMockRecorder 

type MockAuthorizationMockRecorder struct {
	// contains filtered or unexported fields
}

MockAuthorizationMockRecorder is the mock recorder for MockAuthorization.

func (*MockAuthorizationMockRecorder) Authorize 

func (mr *MockAuthorizationMockRecorder) Authorize(ctx, user, attributes interface{}) *gomock.Call

Authorize indicates an expected call of Authorize.

type MockRoleClient 

type MockRoleClient struct {
	// contains filtered or unexported fields
}

MockRoleClient is a mock of RoleClient interface.

func NewMockRoleClient 

func NewMockRoleClient(ctrl *gomock.Controller) *MockRoleClient

NewMockRoleClient creates a new mock instance.

func (*MockRoleClient) EXPECT 

func (m *MockRoleClient) EXPECT() *MockRoleClientMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockRoleClient) GetUserEventbusID 

func (m *MockRoleClient) GetUserEventbusID(ctx context.Context, user string) (vanus.IDList, error)

GetUserEventbusID mocks base method.

func (*MockRoleClient) GetUserNamespaceID 

func (m *MockRoleClient) GetUserNamespaceID(ctx context.Context, user string) (vanus.IDList, error)

GetUserNamespaceID mocks base method.

func (*MockRoleClient) GetUserRole 

func (m *MockRoleClient) GetUserRole(ctx context.Context, user string) ([]*UserRole, error)

GetUserRole mocks base method.

func (*MockRoleClient) GetUserSubscriptionID 

func (m *MockRoleClient) GetUserSubscriptionID(ctx context.Context, user string) (vanus.IDList, error)

GetUserSubscriptionID mocks base method.

func (*MockRoleClient) IsClusterAdmin 

func (m *MockRoleClient) IsClusterAdmin(ctx context.Context, user string) (bool, error)

IsClusterAdmin mocks base method.

type MockRoleClientMockRecorder 

type MockRoleClientMockRecorder struct {
	// contains filtered or unexported fields
}

MockRoleClientMockRecorder is the mock recorder for MockRoleClient.

func (*MockRoleClientMockRecorder) GetUserEventbusID 

func (mr *MockRoleClientMockRecorder) GetUserEventbusID(ctx, user interface{}) *gomock.Call

GetUserEventbusID indicates an expected call of GetUserEventbusID.

func (*MockRoleClientMockRecorder) GetUserNamespaceID 

func (mr *MockRoleClientMockRecorder) GetUserNamespaceID(ctx, user interface{}) *gomock.Call

GetUserNamespaceID indicates an expected call of GetUserNamespaceID.

func (*MockRoleClientMockRecorder) GetUserRole 

func (mr *MockRoleClientMockRecorder) GetUserRole(ctx, user interface{}) *gomock.Call

GetUserRole indicates an expected call of GetUserRole.

func (*MockRoleClientMockRecorder) GetUserSubscriptionID 

func (mr *MockRoleClientMockRecorder) GetUserSubscriptionID(ctx, user interface{}) *gomock.Call

GetUserSubscriptionID indicates an expected call of GetUserSubscriptionID.

func (*MockRoleClientMockRecorder) IsClusterAdmin 

func (mr *MockRoleClientMockRecorder) IsClusterAdmin(ctx, user interface{}) *gomock.Call

IsClusterAdmin indicates an expected call of IsClusterAdmin.

type ResourceKind 

type ResourceKind string
const (
	ResourceUnknown      ResourceKind = "unknown" // no need authorization
	ResourceCluster      ResourceKind = "cluster"
	ResourceNamespace    ResourceKind = "namespace"
	ResourceEventbus     ResourceKind = "eventbus"
	ResourceSubscription ResourceKind = "subscription"
)

type Role 

type Role string
const (
	RoleClusterAdmin Role = "clusterAdmin"
	RoleAdmin        Role = "admin"
	RoleEdit         Role = "edit"
	RoleView         Role = "view"
	RoleRead         Role = "read"
	RoleWrite        Role = "write"
)

type RoleClient 

type RoleClient interface {
	// IsClusterAdmin check the use is cluster admin.
	IsClusterAdmin(ctx context.Context, user string) (bool, error)
	// GetUserNamespaceID get grant user namespaceID.
	GetUserNamespaceID(ctx context.Context, user string) (vanus.IDList, error)
	// GetUserEventbusID get grant user eventbusID, not contains the eventbus grant namespace.
	GetUserEventbusID(ctx context.Context, user string) (vanus.IDList, error)
	// GetUserSubscriptionID get grant user SubscriptionID, not contains the subscription grant namespace.
	GetUserSubscriptionID(ctx context.Context, user string) (vanus.IDList, error)
	// GetUserRole get user role
	GetUserRole(ctx context.Context, user string) ([]*UserRole, error)
}

func NewBuiltInClient 

func NewBuiltInClient(cluster cluster.Cluster) RoleClient

type UserRole 

type UserRole struct {
	UserIdentifier string
	ResourceID     vanus.ID
	ResourceKind   ResourceKind
	Role           Role
	RoleID         string
	BuiltIn        bool
}

func FromPbUserRole 

func FromPbUserRole(from *metapb.UserRole) *UserRole

func (*UserRole) IsClusterAdmin 

func (ur *UserRole) IsClusterAdmin() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.