auth

package
v1.7.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 3, 2018 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package auth is a generated protocol buffer package.

It is generated from these files:

client/auth/auth.proto

It has these top-level messages:

ActivateRequest
ActivateResponse
DeactivateRequest
DeactivateResponse
GetAdminsRequest
GetAdminsResponse
ModifyAdminsRequest
ModifyAdminsResponse
TokenInfo
AuthenticateRequest
AuthenticateResponse
WhoAmIRequest
WhoAmIResponse
ACL
Users
Groups
AuthorizeRequest
AuthorizeResponse
GetScopeRequest
GetScopeResponse
SetScopeRequest
SetScopeResponse
GetACLRequest
ACLEntry
GetACLResponse
SetACLRequest
SetACLResponse
GetAuthTokenRequest
GetAuthTokenResponse
ExtendAuthTokenRequest
ExtendAuthTokenResponse
RevokeAuthTokenRequest
RevokeAuthTokenResponse
SetGroupsForUserRequest
SetGroupsForUserResponse
ModifyMembersRequest
ModifyMembersResponse
GetGroupsRequest
GetGroupsResponse
GetUsersRequest
GetUsersResponse

Index

Constants

View Source
const (
	// ContextTokenKey is the key of the auth token in an
	// authenticated context
	ContextTokenKey = "authn-token"

	// GitHubPrefix indicates that this Subject is a GitHub user (because users
	// can authenticate via GitHub, and Pachyderm doesn't have a users table,
	// every GitHub user is also a logical Pachyderm user (but most won't be on
	// any ACLs)
	GitHubPrefix = "github:"

	// RobotPrefix indicates that this Subject is a Pachyderm robot user. Any
	// string (with this prefix) is a logical Pachyderm robot user.
	RobotPrefix = "robot:"

	// PipelinePrefix indicates that this Subject is a PPS pipeline. Any string
	// (with this prefix) is a logical PPS pipeline (even though the pipeline may
	// not exist).
	PipelinePrefix = "pipeline:"
)

Variables

View Source
var (
	// ErrNotActivated is returned by an Auth API if the Auth service
	// has not been activated.
	//
	// Note: This error message string is matched in the UI. If edited,
	// it also needs to be updated in the UI code
	ErrNotActivated = status.Error(codes.Unimplemented, "the auth service is not activated")

	// ErrPartiallyActivated is returned by the auth API to indicated that it's
	// in an intermediate state (in this state, users can retry Activate() or
	// revert with Deactivate(), but not much else)
	ErrPartiallyActivated = status.Error(codes.Unavailable, "the auth service is only partially activated")

	// ErrNotSignedIn indicates that the caller isn't signed in
	//
	// Note: This error message string is matched in the UI. If edited,
	// it also needs to be updated in the UI code
	ErrNotSignedIn = status.Error(codes.Unauthenticated, "no authentication token (try logging in)")

	// ErrNoMetadata is returned by the Auth API if the caller sent a request
	// containing no auth token.
	ErrNoMetadata = status.Error(codes.Internal, "no authentication metadata (try logging in)")

	// ErrBadToken is returned by the Auth API if the caller's token is corruped
	// or has expired.
	ErrBadToken = status.Error(codes.Unauthenticated, "provided auth token is corrupted or has expired (try logging in again)")
)
View Source
var (
	ErrInvalidLengthAuth = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowAuth   = fmt.Errorf("proto: integer overflow")
)
View Source
var Scope_name = map[int32]string{
	0: "NONE",
	1: "READER",
	2: "WRITER",
	3: "OWNER",
}
View Source
var Scope_value = map[string]int32{
	"NONE":   0,
	"READER": 1,
	"WRITER": 2,
	"OWNER":  3,
}
View Source
var TokenInfo_TokenSource_name = map[int32]string{
	0: "INVALID",
	1: "AUTHENTICATE",
	2: "GET_TOKEN",
}
View Source
var TokenInfo_TokenSource_value = map[string]int32{
	"INVALID":      0,
	"AUTHENTICATE": 1,
	"GET_TOKEN":    2,
}

Functions

func IsErrBadToken added in v1.7.0

func IsErrBadToken(err error) bool

IsErrBadToken returns true if 'err' is a ErrBadToken

func IsErrInvalidPrincipal added in v1.7.0

func IsErrInvalidPrincipal(err error) bool

IsErrInvalidPrincipal returns true if 'err' is an ErrInvalidPrincipal

func IsErrNoMetadata added in v1.7.2

func IsErrNoMetadata(err error) bool

IsErrNoMetadata returns true if 'err' is an ErrNoMetadata (uses string comparison to work across RPC boundaries)

func IsErrNotActivated added in v1.7.0

func IsErrNotActivated(err error) bool

IsErrNotActivated checks if an error is a ErrNotActivated

func IsErrNotAuthorized added in v1.7.0

func IsErrNotAuthorized(err error) bool

IsErrNotAuthorized checks if an error is a ErrNotAuthorized

func IsErrNotSignedIn added in v1.7.0

func IsErrNotSignedIn(err error) bool

IsErrNotSignedIn returns true if 'err' is a ErrNotSignedIn

func IsErrPartiallyActivated added in v1.7.1

func IsErrPartiallyActivated(err error) bool

IsErrPartiallyActivated checks if an error is a ErrPartiallyActivated

func IsErrTooShortTTL added in v1.7.0

func IsErrTooShortTTL(err error) bool

IsErrTooShortTTL returns true if 'err' is a ErrTooShortTTL

func RegisterAPIServer

func RegisterAPIServer(s *grpc.Server, srv APIServer)

Types

type ACL

type ACL struct {
	// principal -> scope. All principals are the default principal of a Pachyderm
	// subject (i.e. all keys in this map are strings prefixed with either
	// "github:" or "robot:", followed by the name of a GitHub user, all of whom
	// are Pachyderm subjects, or a Pachyderm robot user)
	Entries map[string]Scope `` /* 165-byte string literal not displayed */
}

func (*ACL) Descriptor

func (*ACL) Descriptor() ([]byte, []int)

func (*ACL) GetEntries

func (m *ACL) GetEntries() map[string]Scope

func (*ACL) Marshal

func (m *ACL) Marshal() (dAtA []byte, err error)

func (*ACL) MarshalTo

func (m *ACL) MarshalTo(dAtA []byte) (int, error)

func (*ACL) ProtoMessage

func (*ACL) ProtoMessage()

func (*ACL) Reset

func (m *ACL) Reset()

func (*ACL) Size

func (m *ACL) Size() (n int)

func (*ACL) String

func (m *ACL) String() string

func (*ACL) Unmarshal

func (m *ACL) Unmarshal(dAtA []byte) error

type ACLEntry

type ACLEntry struct {
	// username is the principal posessing this level of access to this ACL's
	// repo (despite the name, this principal may be for a human github user or a
	// pachyderm robot)
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// scope is the level of access that the owner of 'principal' has to this
	// ACL's repo (actually a role in typical security terminology)
	Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*ACLEntry) Descriptor

func (*ACLEntry) Descriptor() ([]byte, []int)

func (*ACLEntry) GetScope

func (m *ACLEntry) GetScope() Scope

func (*ACLEntry) GetUsername

func (m *ACLEntry) GetUsername() string

func (*ACLEntry) Marshal

func (m *ACLEntry) Marshal() (dAtA []byte, err error)

func (*ACLEntry) MarshalTo

func (m *ACLEntry) MarshalTo(dAtA []byte) (int, error)

func (*ACLEntry) ProtoMessage

func (*ACLEntry) ProtoMessage()

func (*ACLEntry) Reset

func (m *ACLEntry) Reset()

func (*ACLEntry) Size

func (m *ACLEntry) Size() (n int)

func (*ACLEntry) String

func (m *ACLEntry) String() string

func (*ACLEntry) Unmarshal

func (m *ACLEntry) Unmarshal(dAtA []byte) error

type APIClient

type APIClient interface {
	// Activate/Deactivate the auth API. 'Activate' sets an initial set of admins
	// for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and
	// admins from the Pachyderm cluster, making all data publicly accessable
	Activate(ctx context.Context, in *ActivateRequest, opts ...grpc.CallOption) (*ActivateResponse, error)
	Deactivate(ctx context.Context, in *DeactivateRequest, opts ...grpc.CallOption) (*DeactivateResponse, error)
	// GetAdmins returns the current list of cluster admins
	GetAdmins(ctx context.Context, in *GetAdminsRequest, opts ...grpc.CallOption) (*GetAdminsResponse, error)
	// ModifyAdmins adds or removes admins from the cluster
	ModifyAdmins(ctx context.Context, in *ModifyAdminsRequest, opts ...grpc.CallOption) (*ModifyAdminsResponse, error)
	Authenticate(ctx context.Context, in *AuthenticateRequest, opts ...grpc.CallOption) (*AuthenticateResponse, error)
	Authorize(ctx context.Context, in *AuthorizeRequest, opts ...grpc.CallOption) (*AuthorizeResponse, error)
	WhoAmI(ctx context.Context, in *WhoAmIRequest, opts ...grpc.CallOption) (*WhoAmIResponse, error)
	GetScope(ctx context.Context, in *GetScopeRequest, opts ...grpc.CallOption) (*GetScopeResponse, error)
	SetScope(ctx context.Context, in *SetScopeRequest, opts ...grpc.CallOption) (*SetScopeResponse, error)
	GetACL(ctx context.Context, in *GetACLRequest, opts ...grpc.CallOption) (*GetACLResponse, error)
	SetACL(ctx context.Context, in *SetACLRequest, opts ...grpc.CallOption) (*SetACLResponse, error)
	GetAuthToken(ctx context.Context, in *GetAuthTokenRequest, opts ...grpc.CallOption) (*GetAuthTokenResponse, error)
	ExtendAuthToken(ctx context.Context, in *ExtendAuthTokenRequest, opts ...grpc.CallOption) (*ExtendAuthTokenResponse, error)
	RevokeAuthToken(ctx context.Context, in *RevokeAuthTokenRequest, opts ...grpc.CallOption) (*RevokeAuthTokenResponse, error)
	SetGroupsForUser(ctx context.Context, in *SetGroupsForUserRequest, opts ...grpc.CallOption) (*SetGroupsForUserResponse, error)
	ModifyMembers(ctx context.Context, in *ModifyMembersRequest, opts ...grpc.CallOption) (*ModifyMembersResponse, error)
	GetGroups(ctx context.Context, in *GetGroupsRequest, opts ...grpc.CallOption) (*GetGroupsResponse, error)
	GetUsers(ctx context.Context, in *GetUsersRequest, opts ...grpc.CallOption) (*GetUsersResponse, error)
}

func NewAPIClient

func NewAPIClient(cc *grpc.ClientConn) APIClient

type APIServer

type APIServer interface {
	// Activate/Deactivate the auth API. 'Activate' sets an initial set of admins
	// for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and
	// admins from the Pachyderm cluster, making all data publicly accessable
	Activate(context.Context, *ActivateRequest) (*ActivateResponse, error)
	Deactivate(context.Context, *DeactivateRequest) (*DeactivateResponse, error)
	// GetAdmins returns the current list of cluster admins
	GetAdmins(context.Context, *GetAdminsRequest) (*GetAdminsResponse, error)
	// ModifyAdmins adds or removes admins from the cluster
	ModifyAdmins(context.Context, *ModifyAdminsRequest) (*ModifyAdminsResponse, error)
	Authenticate(context.Context, *AuthenticateRequest) (*AuthenticateResponse, error)
	Authorize(context.Context, *AuthorizeRequest) (*AuthorizeResponse, error)
	WhoAmI(context.Context, *WhoAmIRequest) (*WhoAmIResponse, error)
	GetScope(context.Context, *GetScopeRequest) (*GetScopeResponse, error)
	SetScope(context.Context, *SetScopeRequest) (*SetScopeResponse, error)
	GetACL(context.Context, *GetACLRequest) (*GetACLResponse, error)
	SetACL(context.Context, *SetACLRequest) (*SetACLResponse, error)
	GetAuthToken(context.Context, *GetAuthTokenRequest) (*GetAuthTokenResponse, error)
	ExtendAuthToken(context.Context, *ExtendAuthTokenRequest) (*ExtendAuthTokenResponse, error)
	RevokeAuthToken(context.Context, *RevokeAuthTokenRequest) (*RevokeAuthTokenResponse, error)
	SetGroupsForUser(context.Context, *SetGroupsForUserRequest) (*SetGroupsForUserResponse, error)
	ModifyMembers(context.Context, *ModifyMembersRequest) (*ModifyMembersResponse, error)
	GetGroups(context.Context, *GetGroupsRequest) (*GetGroupsResponse, error)
	GetUsers(context.Context, *GetUsersRequest) (*GetUsersResponse, error)
}

type ActivateRequest

type ActivateRequest struct {
	// If set, Pachyderm will authenticate the caller as this user.
	// - If set to a github user (i.e. it has a 'github:' prefix or no prefix)
	//   then Pachyderm will confirm that it matches the user associated with
	//   'github_token'
	// - If set to a robot user (i.e. it has a 'robot:' prefix), then Pachyderm
	//   will generate a new token for the robot user; this token will be the only
	//   way to administer this cluster until more admins are added.
	Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"`
	// This is the token returned by GitHub and used to authenticate the caller.
	// When Pachyderm is deployed locally, setting this value to a given string
	// will automatically authenticate the caller as a GitHub user whose username
	// is that string (unless this "looks like" a GitHub access code, in which
	// case Pachyderm does retrieve the corresponding GitHub username)
	GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"`
}

ActivateRequest mirrors AuthenticateRequest. The caller is authenticated via GitHub OAuth, and then promoted to the cluster's first Admin. Afterwards, the caller can promote other users to Admin and remove themselves

func (*ActivateRequest) Descriptor

func (*ActivateRequest) Descriptor() ([]byte, []int)

func (*ActivateRequest) GetGitHubToken added in v1.7.0

func (m *ActivateRequest) GetGitHubToken() string

func (*ActivateRequest) GetSubject added in v1.7.1

func (m *ActivateRequest) GetSubject() string

func (*ActivateRequest) Marshal

func (m *ActivateRequest) Marshal() (dAtA []byte, err error)

func (*ActivateRequest) MarshalTo

func (m *ActivateRequest) MarshalTo(dAtA []byte) (int, error)

func (*ActivateRequest) ProtoMessage

func (*ActivateRequest) ProtoMessage()

func (*ActivateRequest) Reset

func (m *ActivateRequest) Reset()

func (*ActivateRequest) Size

func (m *ActivateRequest) Size() (n int)

func (*ActivateRequest) String

func (m *ActivateRequest) String() string

func (*ActivateRequest) Unmarshal

func (m *ActivateRequest) Unmarshal(dAtA []byte) error

type ActivateResponse

type ActivateResponse struct {
	// pach_token authenticates the caller with Pachyderm (if you want to perform
	// Pachyderm operations after auth has been activated as themselves, you must
	// present this token along with your regular request)
	PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"`
}

func (*ActivateResponse) Descriptor

func (*ActivateResponse) Descriptor() ([]byte, []int)

func (*ActivateResponse) GetPachToken added in v1.6.0

func (m *ActivateResponse) GetPachToken() string

func (*ActivateResponse) Marshal

func (m *ActivateResponse) Marshal() (dAtA []byte, err error)

func (*ActivateResponse) MarshalTo

func (m *ActivateResponse) MarshalTo(dAtA []byte) (int, error)

func (*ActivateResponse) ProtoMessage

func (*ActivateResponse) ProtoMessage()

func (*ActivateResponse) Reset

func (m *ActivateResponse) Reset()

func (*ActivateResponse) Size

func (m *ActivateResponse) Size() (n int)

func (*ActivateResponse) String

func (m *ActivateResponse) String() string

func (*ActivateResponse) Unmarshal

func (m *ActivateResponse) Unmarshal(dAtA []byte) error

type AuthenticateRequest

type AuthenticateRequest struct {
	// This is the token returned by GitHub and used to authenticate the caller.
	// When Pachyderm is deployed locally, setting this value to a given string
	// will automatically authenticate the caller as a GitHub user whose username
	// is that string (unless this "looks like" a GitHub access code, in which
	// case Pachyderm does retrieve the corresponding GitHub username)
	GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"`
}

func (*AuthenticateRequest) Descriptor

func (*AuthenticateRequest) Descriptor() ([]byte, []int)

func (*AuthenticateRequest) GetGitHubToken added in v1.7.0

func (m *AuthenticateRequest) GetGitHubToken() string

func (*AuthenticateRequest) Marshal

func (m *AuthenticateRequest) Marshal() (dAtA []byte, err error)

func (*AuthenticateRequest) MarshalTo

func (m *AuthenticateRequest) MarshalTo(dAtA []byte) (int, error)

func (*AuthenticateRequest) ProtoMessage

func (*AuthenticateRequest) ProtoMessage()

func (*AuthenticateRequest) Reset

func (m *AuthenticateRequest) Reset()

func (*AuthenticateRequest) Size

func (m *AuthenticateRequest) Size() (n int)

func (*AuthenticateRequest) String

func (m *AuthenticateRequest) String() string

func (*AuthenticateRequest) Unmarshal

func (m *AuthenticateRequest) Unmarshal(dAtA []byte) error

type AuthenticateResponse

type AuthenticateResponse struct {
	// pach_token authenticates the caller with Pachyderm (if you want to perform
	// Pachyderm operations after auth has been activated as themselves, you must
	// present this token along with your regular request)
	PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"`
}

func (*AuthenticateResponse) Descriptor

func (*AuthenticateResponse) Descriptor() ([]byte, []int)

func (*AuthenticateResponse) GetPachToken

func (m *AuthenticateResponse) GetPachToken() string

func (*AuthenticateResponse) Marshal

func (m *AuthenticateResponse) Marshal() (dAtA []byte, err error)

func (*AuthenticateResponse) MarshalTo

func (m *AuthenticateResponse) MarshalTo(dAtA []byte) (int, error)

func (*AuthenticateResponse) ProtoMessage

func (*AuthenticateResponse) ProtoMessage()

func (*AuthenticateResponse) Reset

func (m *AuthenticateResponse) Reset()

func (*AuthenticateResponse) Size

func (m *AuthenticateResponse) Size() (n int)

func (*AuthenticateResponse) String

func (m *AuthenticateResponse) String() string

func (*AuthenticateResponse) Unmarshal

func (m *AuthenticateResponse) Unmarshal(dAtA []byte) error

type AuthorizeRequest

type AuthorizeRequest struct {
	// repo is the object that the caller wants to access
	Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
	// scope is the access level that the caller needs to perform an action
	Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*AuthorizeRequest) Descriptor

func (*AuthorizeRequest) Descriptor() ([]byte, []int)

func (*AuthorizeRequest) GetRepo

func (m *AuthorizeRequest) GetRepo() string

func (*AuthorizeRequest) GetScope

func (m *AuthorizeRequest) GetScope() Scope

func (*AuthorizeRequest) Marshal

func (m *AuthorizeRequest) Marshal() (dAtA []byte, err error)

func (*AuthorizeRequest) MarshalTo

func (m *AuthorizeRequest) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizeRequest) ProtoMessage

func (*AuthorizeRequest) ProtoMessage()

func (*AuthorizeRequest) Reset

func (m *AuthorizeRequest) Reset()

func (*AuthorizeRequest) Size

func (m *AuthorizeRequest) Size() (n int)

func (*AuthorizeRequest) String

func (m *AuthorizeRequest) String() string

func (*AuthorizeRequest) Unmarshal

func (m *AuthorizeRequest) Unmarshal(dAtA []byte) error

type AuthorizeResponse

type AuthorizeResponse struct {
	// authorized is true if the caller has at least
	// 'AuthorizeRequest.scope'-level access to 'AuthorizeRequest.repo', and false
	// otherwise
	Authorized bool `protobuf:"varint,1,opt,name=authorized,proto3" json:"authorized,omitempty"`
}

func (*AuthorizeResponse) Descriptor

func (*AuthorizeResponse) Descriptor() ([]byte, []int)

func (*AuthorizeResponse) GetAuthorized

func (m *AuthorizeResponse) GetAuthorized() bool

func (*AuthorizeResponse) Marshal

func (m *AuthorizeResponse) Marshal() (dAtA []byte, err error)

func (*AuthorizeResponse) MarshalTo

func (m *AuthorizeResponse) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizeResponse) ProtoMessage

func (*AuthorizeResponse) ProtoMessage()

func (*AuthorizeResponse) Reset

func (m *AuthorizeResponse) Reset()

func (*AuthorizeResponse) Size

func (m *AuthorizeResponse) Size() (n int)

func (*AuthorizeResponse) String

func (m *AuthorizeResponse) String() string

func (*AuthorizeResponse) Unmarshal

func (m *AuthorizeResponse) Unmarshal(dAtA []byte) error

type DeactivateRequest added in v1.6.0

type DeactivateRequest struct {
}

func (*DeactivateRequest) Descriptor added in v1.6.0

func (*DeactivateRequest) Descriptor() ([]byte, []int)

func (*DeactivateRequest) Marshal added in v1.6.0

func (m *DeactivateRequest) Marshal() (dAtA []byte, err error)

func (*DeactivateRequest) MarshalTo added in v1.6.0

func (m *DeactivateRequest) MarshalTo(dAtA []byte) (int, error)

func (*DeactivateRequest) ProtoMessage added in v1.6.0

func (*DeactivateRequest) ProtoMessage()

func (*DeactivateRequest) Reset added in v1.6.0

func (m *DeactivateRequest) Reset()

func (*DeactivateRequest) Size added in v1.6.0

func (m *DeactivateRequest) Size() (n int)

func (*DeactivateRequest) String added in v1.6.0

func (m *DeactivateRequest) String() string

func (*DeactivateRequest) Unmarshal added in v1.6.0

func (m *DeactivateRequest) Unmarshal(dAtA []byte) error

type DeactivateResponse added in v1.6.0

type DeactivateResponse struct {
}

func (*DeactivateResponse) Descriptor added in v1.6.0

func (*DeactivateResponse) Descriptor() ([]byte, []int)

func (*DeactivateResponse) Marshal added in v1.6.0

func (m *DeactivateResponse) Marshal() (dAtA []byte, err error)

func (*DeactivateResponse) MarshalTo added in v1.6.0

func (m *DeactivateResponse) MarshalTo(dAtA []byte) (int, error)

func (*DeactivateResponse) ProtoMessage added in v1.6.0

func (*DeactivateResponse) ProtoMessage()

func (*DeactivateResponse) Reset added in v1.6.0

func (m *DeactivateResponse) Reset()

func (*DeactivateResponse) Size added in v1.6.0

func (m *DeactivateResponse) Size() (n int)

func (*DeactivateResponse) String added in v1.6.0

func (m *DeactivateResponse) String() string

func (*DeactivateResponse) Unmarshal added in v1.6.0

func (m *DeactivateResponse) Unmarshal(dAtA []byte) error

type ErrInvalidPrincipal added in v1.7.0

type ErrInvalidPrincipal struct {
	Principal string
}

ErrInvalidPrincipal indicates that a an argument to e.g. GetScope, SetScope, or SetACL is invalid

func (*ErrInvalidPrincipal) Error added in v1.7.0

func (e *ErrInvalidPrincipal) Error() string

type ErrNotAuthorized added in v1.7.0

type ErrNotAuthorized struct {
	Subject string // subject trying to perform blocked operation -- always set

	Repo     string // Repo that the user is attempting to access
	Required Scope  // Caller needs 'Required'-level access to 'Repo'

	// Group 2:
	// AdminOp indicates an operation that the caller couldn't perform because
	// they're not an admin
	AdminOp string
}

ErrNotAuthorized is returned if the user is not authorized to perform a certain operation. Either

  1. the operation is a user operation, in which case 'Repo' and/or 'Required' should be set (indicating that the user needs 'Required'-level access to 'Repo').
  2. the operation is an admin-only operation (e.g. DeleteAll), in which case AdminOp should be set

func (*ErrNotAuthorized) Error added in v1.7.0

func (e *ErrNotAuthorized) Error() string

type ErrTooShortTTL added in v1.7.0

type ErrTooShortTTL struct {
	RequestTTL, ExistingTTL int64
}

ErrTooShortTTL is returned by the ExtendAuthToken if request.Token already has a TTL longer than request.TTL.

func (ErrTooShortTTL) Error added in v1.7.0

func (e ErrTooShortTTL) Error() string

type ExtendAuthTokenRequest added in v1.7.0

type ExtendAuthTokenRequest struct {
	// token indicates the Pachyderm token whose TTL is being extended
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
	// ttl indicates the new TTL of 'token' (if it's longer than the existing TTL)
	TTL int64 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
}

func (*ExtendAuthTokenRequest) Descriptor added in v1.7.0

func (*ExtendAuthTokenRequest) Descriptor() ([]byte, []int)

func (*ExtendAuthTokenRequest) GetTTL added in v1.7.0

func (m *ExtendAuthTokenRequest) GetTTL() int64

func (*ExtendAuthTokenRequest) GetToken added in v1.7.0

func (m *ExtendAuthTokenRequest) GetToken() string

func (*ExtendAuthTokenRequest) Marshal added in v1.7.0

func (m *ExtendAuthTokenRequest) Marshal() (dAtA []byte, err error)

func (*ExtendAuthTokenRequest) MarshalTo added in v1.7.0

func (m *ExtendAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*ExtendAuthTokenRequest) ProtoMessage added in v1.7.0

func (*ExtendAuthTokenRequest) ProtoMessage()

func (*ExtendAuthTokenRequest) Reset added in v1.7.0

func (m *ExtendAuthTokenRequest) Reset()

func (*ExtendAuthTokenRequest) Size added in v1.7.0

func (m *ExtendAuthTokenRequest) Size() (n int)

func (*ExtendAuthTokenRequest) String added in v1.7.0

func (m *ExtendAuthTokenRequest) String() string

func (*ExtendAuthTokenRequest) Unmarshal added in v1.7.0

func (m *ExtendAuthTokenRequest) Unmarshal(dAtA []byte) error

type ExtendAuthTokenResponse added in v1.7.0

type ExtendAuthTokenResponse struct {
}

func (*ExtendAuthTokenResponse) Descriptor added in v1.7.0

func (*ExtendAuthTokenResponse) Descriptor() ([]byte, []int)

func (*ExtendAuthTokenResponse) Marshal added in v1.7.0

func (m *ExtendAuthTokenResponse) Marshal() (dAtA []byte, err error)

func (*ExtendAuthTokenResponse) MarshalTo added in v1.7.0

func (m *ExtendAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)

func (*ExtendAuthTokenResponse) ProtoMessage added in v1.7.0

func (*ExtendAuthTokenResponse) ProtoMessage()

func (*ExtendAuthTokenResponse) Reset added in v1.7.0

func (m *ExtendAuthTokenResponse) Reset()

func (*ExtendAuthTokenResponse) Size added in v1.7.0

func (m *ExtendAuthTokenResponse) Size() (n int)

func (*ExtendAuthTokenResponse) String added in v1.7.0

func (m *ExtendAuthTokenResponse) String() string

func (*ExtendAuthTokenResponse) Unmarshal added in v1.7.0

func (m *ExtendAuthTokenResponse) Unmarshal(dAtA []byte) error

type GetACLRequest

type GetACLRequest struct {
	Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
}

func (*GetACLRequest) Descriptor

func (*GetACLRequest) Descriptor() ([]byte, []int)

func (*GetACLRequest) GetRepo

func (m *GetACLRequest) GetRepo() string

func (*GetACLRequest) Marshal

func (m *GetACLRequest) Marshal() (dAtA []byte, err error)

func (*GetACLRequest) MarshalTo

func (m *GetACLRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetACLRequest) ProtoMessage

func (*GetACLRequest) ProtoMessage()

func (*GetACLRequest) Reset

func (m *GetACLRequest) Reset()

func (*GetACLRequest) Size

func (m *GetACLRequest) Size() (n int)

func (*GetACLRequest) String

func (m *GetACLRequest) String() string

func (*GetACLRequest) Unmarshal

func (m *GetACLRequest) Unmarshal(dAtA []byte) error

type GetACLResponse

type GetACLResponse struct {
	// entries contains all [user principal] -> [role] mappings. This is separate
	// from robot_entries to avoid migration pain the Pachyderm dashboard
	Entries []*ACLEntry `protobuf:"bytes,1,rep,name=entries" json:"entries,omitempty"`
	// robot_entries contains all [robot principal] -> [role] mappings. This is
	// separate from entries to be unambiguous (all keys are robot principals, but
	// have no prefixes) while avoiding migration pain in the Pachyderm dashboard.
	RobotEntries []*ACLEntry `protobuf:"bytes,2,rep,name=robot_entries,json=robotEntries" json:"robot_entries,omitempty"`
}

GetACLReponse contains the list of entries on a Pachyderm ACL.

To avoid migration pain with the Pachyderm dash the list of user principal entries and robot principal entries are separate. This way, no prefix or other disambiguating device is needed in 'entries' to separate user principals from robot principals (which would confuse the dash). Instead, the dash can simply ignore robot principals.

func (*GetACLResponse) Descriptor

func (*GetACLResponse) Descriptor() ([]byte, []int)

func (*GetACLResponse) GetEntries added in v1.6.0

func (m *GetACLResponse) GetEntries() []*ACLEntry

func (*GetACLResponse) GetRobotEntries added in v1.7.0

func (m *GetACLResponse) GetRobotEntries() []*ACLEntry

func (*GetACLResponse) Marshal

func (m *GetACLResponse) Marshal() (dAtA []byte, err error)

func (*GetACLResponse) MarshalTo

func (m *GetACLResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetACLResponse) ProtoMessage

func (*GetACLResponse) ProtoMessage()

func (*GetACLResponse) Reset

func (m *GetACLResponse) Reset()

func (*GetACLResponse) Size

func (m *GetACLResponse) Size() (n int)

func (*GetACLResponse) String

func (m *GetACLResponse) String() string

func (*GetACLResponse) Unmarshal

func (m *GetACLResponse) Unmarshal(dAtA []byte) error

type GetAdminsRequest added in v1.6.0

type GetAdminsRequest struct {
}

Get the current list of cluster admins

func (*GetAdminsRequest) Descriptor added in v1.6.0

func (*GetAdminsRequest) Descriptor() ([]byte, []int)

func (*GetAdminsRequest) Marshal added in v1.6.0

func (m *GetAdminsRequest) Marshal() (dAtA []byte, err error)

func (*GetAdminsRequest) MarshalTo added in v1.6.0

func (m *GetAdminsRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetAdminsRequest) ProtoMessage added in v1.6.0

func (*GetAdminsRequest) ProtoMessage()

func (*GetAdminsRequest) Reset added in v1.6.0

func (m *GetAdminsRequest) Reset()

func (*GetAdminsRequest) Size added in v1.6.0

func (m *GetAdminsRequest) Size() (n int)

func (*GetAdminsRequest) String added in v1.6.0

func (m *GetAdminsRequest) String() string

func (*GetAdminsRequest) Unmarshal added in v1.6.0

func (m *GetAdminsRequest) Unmarshal(dAtA []byte) error

type GetAdminsResponse added in v1.6.0

type GetAdminsResponse struct {
	// admins contains the list of cluster admins
	Admins []string `protobuf:"bytes,1,rep,name=admins" json:"admins,omitempty"`
}

func (*GetAdminsResponse) Descriptor added in v1.6.0

func (*GetAdminsResponse) Descriptor() ([]byte, []int)

func (*GetAdminsResponse) GetAdmins added in v1.6.0

func (m *GetAdminsResponse) GetAdmins() []string

func (*GetAdminsResponse) Marshal added in v1.6.0

func (m *GetAdminsResponse) Marshal() (dAtA []byte, err error)

func (*GetAdminsResponse) MarshalTo added in v1.6.0

func (m *GetAdminsResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetAdminsResponse) ProtoMessage added in v1.6.0

func (*GetAdminsResponse) ProtoMessage()

func (*GetAdminsResponse) Reset added in v1.6.0

func (m *GetAdminsResponse) Reset()

func (*GetAdminsResponse) Size added in v1.6.0

func (m *GetAdminsResponse) Size() (n int)

func (*GetAdminsResponse) String added in v1.6.0

func (m *GetAdminsResponse) String() string

func (*GetAdminsResponse) Unmarshal added in v1.6.0

func (m *GetAdminsResponse) Unmarshal(dAtA []byte) error

type GetAuthTokenRequest added in v1.7.0

type GetAuthTokenRequest struct {
	// The returned token will allow the caller to access resources as this
	// subject
	Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// ttl indicates the approximate remaining lifetime of this token, in seconds
	TTL int64 `protobuf:"varint,2,opt,name=ttl,proto3" json:"ttl,omitempty"`
}

func (*GetAuthTokenRequest) Descriptor added in v1.7.0

func (*GetAuthTokenRequest) Descriptor() ([]byte, []int)

func (*GetAuthTokenRequest) GetSubject added in v1.7.0

func (m *GetAuthTokenRequest) GetSubject() string

func (*GetAuthTokenRequest) GetTTL added in v1.7.0

func (m *GetAuthTokenRequest) GetTTL() int64

func (*GetAuthTokenRequest) Marshal added in v1.7.0

func (m *GetAuthTokenRequest) Marshal() (dAtA []byte, err error)

func (*GetAuthTokenRequest) MarshalTo added in v1.7.0

func (m *GetAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetAuthTokenRequest) ProtoMessage added in v1.7.0

func (*GetAuthTokenRequest) ProtoMessage()

func (*GetAuthTokenRequest) Reset added in v1.7.0

func (m *GetAuthTokenRequest) Reset()

func (*GetAuthTokenRequest) Size added in v1.7.0

func (m *GetAuthTokenRequest) Size() (n int)

func (*GetAuthTokenRequest) String added in v1.7.0

func (m *GetAuthTokenRequest) String() string

func (*GetAuthTokenRequest) Unmarshal added in v1.7.0

func (m *GetAuthTokenRequest) Unmarshal(dAtA []byte) error

type GetAuthTokenResponse added in v1.7.0

type GetAuthTokenResponse struct {
	// A canonicalized version of the subject in the request
	Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"`
	// A new auth token for the user in 'GetAuthTokenRequest.Subject' token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
}

func (*GetAuthTokenResponse) Descriptor added in v1.7.0

func (*GetAuthTokenResponse) Descriptor() ([]byte, []int)

func (*GetAuthTokenResponse) GetSubject added in v1.7.1

func (m *GetAuthTokenResponse) GetSubject() string

func (*GetAuthTokenResponse) GetToken added in v1.7.0

func (m *GetAuthTokenResponse) GetToken() string

func (*GetAuthTokenResponse) Marshal added in v1.7.0

func (m *GetAuthTokenResponse) Marshal() (dAtA []byte, err error)

func (*GetAuthTokenResponse) MarshalTo added in v1.7.0

func (m *GetAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetAuthTokenResponse) ProtoMessage added in v1.7.0

func (*GetAuthTokenResponse) ProtoMessage()

func (*GetAuthTokenResponse) Reset added in v1.7.0

func (m *GetAuthTokenResponse) Reset()

func (*GetAuthTokenResponse) Size added in v1.7.0

func (m *GetAuthTokenResponse) Size() (n int)

func (*GetAuthTokenResponse) String added in v1.7.0

func (m *GetAuthTokenResponse) String() string

func (*GetAuthTokenResponse) Unmarshal added in v1.7.0

func (m *GetAuthTokenResponse) Unmarshal(dAtA []byte) error

type GetGroupsRequest added in v1.7.2

type GetGroupsRequest struct {
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
}

func (*GetGroupsRequest) Descriptor added in v1.7.2

func (*GetGroupsRequest) Descriptor() ([]byte, []int)

func (*GetGroupsRequest) GetUsername added in v1.7.2

func (m *GetGroupsRequest) GetUsername() string

func (*GetGroupsRequest) Marshal added in v1.7.2

func (m *GetGroupsRequest) Marshal() (dAtA []byte, err error)

func (*GetGroupsRequest) MarshalTo added in v1.7.2

func (m *GetGroupsRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetGroupsRequest) ProtoMessage added in v1.7.2

func (*GetGroupsRequest) ProtoMessage()

func (*GetGroupsRequest) Reset added in v1.7.2

func (m *GetGroupsRequest) Reset()

func (*GetGroupsRequest) Size added in v1.7.2

func (m *GetGroupsRequest) Size() (n int)

func (*GetGroupsRequest) String added in v1.7.2

func (m *GetGroupsRequest) String() string

func (*GetGroupsRequest) Unmarshal added in v1.7.2

func (m *GetGroupsRequest) Unmarshal(dAtA []byte) error

type GetGroupsResponse added in v1.7.2

type GetGroupsResponse struct {
	Groups []string `protobuf:"bytes,1,rep,name=groups" json:"groups,omitempty"`
}

func (*GetGroupsResponse) Descriptor added in v1.7.2

func (*GetGroupsResponse) Descriptor() ([]byte, []int)

func (*GetGroupsResponse) GetGroups added in v1.7.2

func (m *GetGroupsResponse) GetGroups() []string

func (*GetGroupsResponse) Marshal added in v1.7.2

func (m *GetGroupsResponse) Marshal() (dAtA []byte, err error)

func (*GetGroupsResponse) MarshalTo added in v1.7.2

func (m *GetGroupsResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetGroupsResponse) ProtoMessage added in v1.7.2

func (*GetGroupsResponse) ProtoMessage()

func (*GetGroupsResponse) Reset added in v1.7.2

func (m *GetGroupsResponse) Reset()

func (*GetGroupsResponse) Size added in v1.7.2

func (m *GetGroupsResponse) Size() (n int)

func (*GetGroupsResponse) String added in v1.7.2

func (m *GetGroupsResponse) String() string

func (*GetGroupsResponse) Unmarshal added in v1.7.2

func (m *GetGroupsResponse) Unmarshal(dAtA []byte) error

type GetScopeRequest

type GetScopeRequest struct {
	// username is the principal (some of which belong to robots rather than
	// users, but the name is preserved for now to provide compatibility with the
	// pachyderm dash) whose access level is queried. To query the access level
	// of a robot user, the caller must prefix username with "robot:". If
	// 'username' has no prefix (i.e. no ":"), then it's assumed to be a github
	// user's principal.
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// repos are the objects to which 'username's access level is being queried
	Repos []string `protobuf:"bytes,2,rep,name=repos" json:"repos,omitempty"`
}

func (*GetScopeRequest) Descriptor

func (*GetScopeRequest) Descriptor() ([]byte, []int)

func (*GetScopeRequest) GetRepos added in v1.5.3

func (m *GetScopeRequest) GetRepos() []string

func (*GetScopeRequest) GetUsername

func (m *GetScopeRequest) GetUsername() string

func (*GetScopeRequest) Marshal

func (m *GetScopeRequest) Marshal() (dAtA []byte, err error)

func (*GetScopeRequest) MarshalTo

func (m *GetScopeRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetScopeRequest) ProtoMessage

func (*GetScopeRequest) ProtoMessage()

func (*GetScopeRequest) Reset

func (m *GetScopeRequest) Reset()

func (*GetScopeRequest) Size

func (m *GetScopeRequest) Size() (n int)

func (*GetScopeRequest) String

func (m *GetScopeRequest) String() string

func (*GetScopeRequest) Unmarshal

func (m *GetScopeRequest) Unmarshal(dAtA []byte) error

type GetScopeResponse

type GetScopeResponse struct {
	// scopes (actually a "role"--see "Scope") are the access level that
	// 'GetScopeRequest.username' has to each repo in 'GetScopeRequest.repos', in
	// the same order that repos appeared in 'repos'.
	Scopes []Scope `protobuf:"varint,1,rep,packed,name=scopes,enum=auth.Scope" json:"scopes,omitempty"`
}

func (*GetScopeResponse) Descriptor

func (*GetScopeResponse) Descriptor() ([]byte, []int)

func (*GetScopeResponse) GetScopes added in v1.5.3

func (m *GetScopeResponse) GetScopes() []Scope

func (*GetScopeResponse) Marshal

func (m *GetScopeResponse) Marshal() (dAtA []byte, err error)

func (*GetScopeResponse) MarshalTo

func (m *GetScopeResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetScopeResponse) ProtoMessage

func (*GetScopeResponse) ProtoMessage()

func (*GetScopeResponse) Reset

func (m *GetScopeResponse) Reset()

func (*GetScopeResponse) Size

func (m *GetScopeResponse) Size() (n int)

func (*GetScopeResponse) String

func (m *GetScopeResponse) String() string

func (*GetScopeResponse) Unmarshal

func (m *GetScopeResponse) Unmarshal(dAtA []byte) error

type GetUsersRequest added in v1.7.2

type GetUsersRequest struct {
	Group string `protobuf:"bytes,1,opt,name=group,proto3" json:"group,omitempty"`
}

func (*GetUsersRequest) Descriptor added in v1.7.2

func (*GetUsersRequest) Descriptor() ([]byte, []int)

func (*GetUsersRequest) GetGroup added in v1.7.2

func (m *GetUsersRequest) GetGroup() string

func (*GetUsersRequest) Marshal added in v1.7.2

func (m *GetUsersRequest) Marshal() (dAtA []byte, err error)

func (*GetUsersRequest) MarshalTo added in v1.7.2

func (m *GetUsersRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetUsersRequest) ProtoMessage added in v1.7.2

func (*GetUsersRequest) ProtoMessage()

func (*GetUsersRequest) Reset added in v1.7.2

func (m *GetUsersRequest) Reset()

func (*GetUsersRequest) Size added in v1.7.2

func (m *GetUsersRequest) Size() (n int)

func (*GetUsersRequest) String added in v1.7.2

func (m *GetUsersRequest) String() string

func (*GetUsersRequest) Unmarshal added in v1.7.2

func (m *GetUsersRequest) Unmarshal(dAtA []byte) error

type GetUsersResponse added in v1.7.2

type GetUsersResponse struct {
	Usernames []string `protobuf:"bytes,1,rep,name=usernames" json:"usernames,omitempty"`
}

func (*GetUsersResponse) Descriptor added in v1.7.2

func (*GetUsersResponse) Descriptor() ([]byte, []int)

func (*GetUsersResponse) GetUsernames added in v1.7.2

func (m *GetUsersResponse) GetUsernames() []string

func (*GetUsersResponse) Marshal added in v1.7.2

func (m *GetUsersResponse) Marshal() (dAtA []byte, err error)

func (*GetUsersResponse) MarshalTo added in v1.7.2

func (m *GetUsersResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetUsersResponse) ProtoMessage added in v1.7.2

func (*GetUsersResponse) ProtoMessage()

func (*GetUsersResponse) Reset added in v1.7.2

func (m *GetUsersResponse) Reset()

func (*GetUsersResponse) Size added in v1.7.2

func (m *GetUsersResponse) Size() (n int)

func (*GetUsersResponse) String added in v1.7.2

func (m *GetUsersResponse) String() string

func (*GetUsersResponse) Unmarshal added in v1.7.2

func (m *GetUsersResponse) Unmarshal(dAtA []byte) error

type Groups added in v1.7.2

type Groups struct {
	Groups map[string]bool `` /* 147-byte string literal not displayed */
}

func (*Groups) Descriptor added in v1.7.2

func (*Groups) Descriptor() ([]byte, []int)

func (*Groups) GetGroups added in v1.7.2

func (m *Groups) GetGroups() map[string]bool

func (*Groups) Marshal added in v1.7.2

func (m *Groups) Marshal() (dAtA []byte, err error)

func (*Groups) MarshalTo added in v1.7.2

func (m *Groups) MarshalTo(dAtA []byte) (int, error)

func (*Groups) ProtoMessage added in v1.7.2

func (*Groups) ProtoMessage()

func (*Groups) Reset added in v1.7.2

func (m *Groups) Reset()

func (*Groups) Size added in v1.7.2

func (m *Groups) Size() (n int)

func (*Groups) String added in v1.7.2

func (m *Groups) String() string

func (*Groups) Unmarshal added in v1.7.2

func (m *Groups) Unmarshal(dAtA []byte) error

type ModifyAdminsRequest added in v1.6.0

type ModifyAdminsRequest struct {
	Add    []string `protobuf:"bytes,1,rep,name=add" json:"add,omitempty"`
	Remove []string `protobuf:"bytes,2,rep,name=remove" json:"remove,omitempty"`
}

Add or remove cluster admins

func (*ModifyAdminsRequest) Descriptor added in v1.6.0

func (*ModifyAdminsRequest) Descriptor() ([]byte, []int)

func (*ModifyAdminsRequest) GetAdd added in v1.6.0

func (m *ModifyAdminsRequest) GetAdd() []string

func (*ModifyAdminsRequest) GetRemove added in v1.6.0

func (m *ModifyAdminsRequest) GetRemove() []string

func (*ModifyAdminsRequest) Marshal added in v1.6.0

func (m *ModifyAdminsRequest) Marshal() (dAtA []byte, err error)

func (*ModifyAdminsRequest) MarshalTo added in v1.6.0

func (m *ModifyAdminsRequest) MarshalTo(dAtA []byte) (int, error)

func (*ModifyAdminsRequest) ProtoMessage added in v1.6.0

func (*ModifyAdminsRequest) ProtoMessage()

func (*ModifyAdminsRequest) Reset added in v1.6.0

func (m *ModifyAdminsRequest) Reset()

func (*ModifyAdminsRequest) Size added in v1.6.0

func (m *ModifyAdminsRequest) Size() (n int)

func (*ModifyAdminsRequest) String added in v1.6.0

func (m *ModifyAdminsRequest) String() string

func (*ModifyAdminsRequest) Unmarshal added in v1.6.0

func (m *ModifyAdminsRequest) Unmarshal(dAtA []byte) error

type ModifyAdminsResponse added in v1.6.0

type ModifyAdminsResponse struct {
}

func (*ModifyAdminsResponse) Descriptor added in v1.6.0

func (*ModifyAdminsResponse) Descriptor() ([]byte, []int)

func (*ModifyAdminsResponse) Marshal added in v1.6.0

func (m *ModifyAdminsResponse) Marshal() (dAtA []byte, err error)

func (*ModifyAdminsResponse) MarshalTo added in v1.6.0

func (m *ModifyAdminsResponse) MarshalTo(dAtA []byte) (int, error)

func (*ModifyAdminsResponse) ProtoMessage added in v1.6.0

func (*ModifyAdminsResponse) ProtoMessage()

func (*ModifyAdminsResponse) Reset added in v1.6.0

func (m *ModifyAdminsResponse) Reset()

func (*ModifyAdminsResponse) Size added in v1.6.0

func (m *ModifyAdminsResponse) Size() (n int)

func (*ModifyAdminsResponse) String added in v1.6.0

func (m *ModifyAdminsResponse) String() string

func (*ModifyAdminsResponse) Unmarshal added in v1.6.0

func (m *ModifyAdminsResponse) Unmarshal(dAtA []byte) error

type ModifyMembersRequest added in v1.7.2

type ModifyMembersRequest struct {
	Group  string   `protobuf:"bytes,1,opt,name=group,proto3" json:"group,omitempty"`
	Add    []string `protobuf:"bytes,2,rep,name=add" json:"add,omitempty"`
	Remove []string `protobuf:"bytes,3,rep,name=remove" json:"remove,omitempty"`
}

func (*ModifyMembersRequest) Descriptor added in v1.7.2

func (*ModifyMembersRequest) Descriptor() ([]byte, []int)

func (*ModifyMembersRequest) GetAdd added in v1.7.2

func (m *ModifyMembersRequest) GetAdd() []string

func (*ModifyMembersRequest) GetGroup added in v1.7.2

func (m *ModifyMembersRequest) GetGroup() string

func (*ModifyMembersRequest) GetRemove added in v1.7.2

func (m *ModifyMembersRequest) GetRemove() []string

func (*ModifyMembersRequest) Marshal added in v1.7.2

func (m *ModifyMembersRequest) Marshal() (dAtA []byte, err error)

func (*ModifyMembersRequest) MarshalTo added in v1.7.2

func (m *ModifyMembersRequest) MarshalTo(dAtA []byte) (int, error)

func (*ModifyMembersRequest) ProtoMessage added in v1.7.2

func (*ModifyMembersRequest) ProtoMessage()

func (*ModifyMembersRequest) Reset added in v1.7.2

func (m *ModifyMembersRequest) Reset()

func (*ModifyMembersRequest) Size added in v1.7.2

func (m *ModifyMembersRequest) Size() (n int)

func (*ModifyMembersRequest) String added in v1.7.2

func (m *ModifyMembersRequest) String() string

func (*ModifyMembersRequest) Unmarshal added in v1.7.2

func (m *ModifyMembersRequest) Unmarshal(dAtA []byte) error

type ModifyMembersResponse added in v1.7.2

type ModifyMembersResponse struct {
}

func (*ModifyMembersResponse) Descriptor added in v1.7.2

func (*ModifyMembersResponse) Descriptor() ([]byte, []int)

func (*ModifyMembersResponse) Marshal added in v1.7.2

func (m *ModifyMembersResponse) Marshal() (dAtA []byte, err error)

func (*ModifyMembersResponse) MarshalTo added in v1.7.2

func (m *ModifyMembersResponse) MarshalTo(dAtA []byte) (int, error)

func (*ModifyMembersResponse) ProtoMessage added in v1.7.2

func (*ModifyMembersResponse) ProtoMessage()

func (*ModifyMembersResponse) Reset added in v1.7.2

func (m *ModifyMembersResponse) Reset()

func (*ModifyMembersResponse) Size added in v1.7.2

func (m *ModifyMembersResponse) Size() (n int)

func (*ModifyMembersResponse) String added in v1.7.2

func (m *ModifyMembersResponse) String() string

func (*ModifyMembersResponse) Unmarshal added in v1.7.2

func (m *ModifyMembersResponse) Unmarshal(dAtA []byte) error

type RevokeAuthTokenRequest

type RevokeAuthTokenRequest struct {
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
}

func (*RevokeAuthTokenRequest) Descriptor

func (*RevokeAuthTokenRequest) Descriptor() ([]byte, []int)

func (*RevokeAuthTokenRequest) GetToken

func (m *RevokeAuthTokenRequest) GetToken() string

func (*RevokeAuthTokenRequest) Marshal

func (m *RevokeAuthTokenRequest) Marshal() (dAtA []byte, err error)

func (*RevokeAuthTokenRequest) MarshalTo

func (m *RevokeAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*RevokeAuthTokenRequest) ProtoMessage

func (*RevokeAuthTokenRequest) ProtoMessage()

func (*RevokeAuthTokenRequest) Reset

func (m *RevokeAuthTokenRequest) Reset()

func (*RevokeAuthTokenRequest) Size

func (m *RevokeAuthTokenRequest) Size() (n int)

func (*RevokeAuthTokenRequest) String

func (m *RevokeAuthTokenRequest) String() string

func (*RevokeAuthTokenRequest) Unmarshal

func (m *RevokeAuthTokenRequest) Unmarshal(dAtA []byte) error

type RevokeAuthTokenResponse

type RevokeAuthTokenResponse struct {
}

func (*RevokeAuthTokenResponse) Descriptor

func (*RevokeAuthTokenResponse) Descriptor() ([]byte, []int)

func (*RevokeAuthTokenResponse) Marshal

func (m *RevokeAuthTokenResponse) Marshal() (dAtA []byte, err error)

func (*RevokeAuthTokenResponse) MarshalTo

func (m *RevokeAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)

func (*RevokeAuthTokenResponse) ProtoMessage

func (*RevokeAuthTokenResponse) ProtoMessage()

func (*RevokeAuthTokenResponse) Reset

func (m *RevokeAuthTokenResponse) Reset()

func (*RevokeAuthTokenResponse) Size

func (m *RevokeAuthTokenResponse) Size() (n int)

func (*RevokeAuthTokenResponse) String

func (m *RevokeAuthTokenResponse) String() string

func (*RevokeAuthTokenResponse) Unmarshal

func (m *RevokeAuthTokenResponse) Unmarshal(dAtA []byte) error

type Scope

type Scope int32

Scope (actually a "role" in canonical security nomenclature) represents a rough level of access that a principal has to a repo

const (
	// To remove a user's scope from a repo, set their scope to NONE
	Scope_NONE   Scope = 0
	Scope_READER Scope = 1
	Scope_WRITER Scope = 2
	Scope_OWNER  Scope = 3
)

func ParseScope

func ParseScope(s string) (Scope, error)

ParseScope parses the string 's' to a scope (for example, parsing a command- line argument.

func (Scope) EnumDescriptor

func (Scope) EnumDescriptor() ([]byte, []int)

func (Scope) String

func (x Scope) String() string

type SetACLRequest added in v1.5.3

type SetACLRequest struct {
	Repo    string      `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
	Entries []*ACLEntry `protobuf:"bytes,2,rep,name=entries" json:"entries,omitempty"`
}

func (*SetACLRequest) Descriptor added in v1.5.3

func (*SetACLRequest) Descriptor() ([]byte, []int)

func (*SetACLRequest) GetEntries added in v1.6.0

func (m *SetACLRequest) GetEntries() []*ACLEntry

func (*SetACLRequest) GetRepo added in v1.5.3

func (m *SetACLRequest) GetRepo() string

func (*SetACLRequest) Marshal added in v1.5.3

func (m *SetACLRequest) Marshal() (dAtA []byte, err error)

func (*SetACLRequest) MarshalTo added in v1.5.3

func (m *SetACLRequest) MarshalTo(dAtA []byte) (int, error)

func (*SetACLRequest) ProtoMessage added in v1.5.3

func (*SetACLRequest) ProtoMessage()

func (*SetACLRequest) Reset added in v1.5.3

func (m *SetACLRequest) Reset()

func (*SetACLRequest) Size added in v1.5.3

func (m *SetACLRequest) Size() (n int)

func (*SetACLRequest) String added in v1.5.3

func (m *SetACLRequest) String() string

func (*SetACLRequest) Unmarshal added in v1.5.3

func (m *SetACLRequest) Unmarshal(dAtA []byte) error

type SetACLResponse added in v1.5.3

type SetACLResponse struct {
}

func (*SetACLResponse) Descriptor added in v1.5.3

func (*SetACLResponse) Descriptor() ([]byte, []int)

func (*SetACLResponse) Marshal added in v1.5.3

func (m *SetACLResponse) Marshal() (dAtA []byte, err error)

func (*SetACLResponse) MarshalTo added in v1.5.3

func (m *SetACLResponse) MarshalTo(dAtA []byte) (int, error)

func (*SetACLResponse) ProtoMessage added in v1.5.3

func (*SetACLResponse) ProtoMessage()

func (*SetACLResponse) Reset added in v1.5.3

func (m *SetACLResponse) Reset()

func (*SetACLResponse) Size added in v1.5.3

func (m *SetACLResponse) Size() (n int)

func (*SetACLResponse) String added in v1.5.3

func (m *SetACLResponse) String() string

func (*SetACLResponse) Unmarshal added in v1.5.3

func (m *SetACLResponse) Unmarshal(dAtA []byte) error

type SetGroupsForUserRequest added in v1.7.2

type SetGroupsForUserRequest struct {
	Username string   `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	Groups   []string `protobuf:"bytes,2,rep,name=groups" json:"groups,omitempty"`
}

func (*SetGroupsForUserRequest) Descriptor added in v1.7.2

func (*SetGroupsForUserRequest) Descriptor() ([]byte, []int)

func (*SetGroupsForUserRequest) GetGroups added in v1.7.2

func (m *SetGroupsForUserRequest) GetGroups() []string

func (*SetGroupsForUserRequest) GetUsername added in v1.7.2

func (m *SetGroupsForUserRequest) GetUsername() string

func (*SetGroupsForUserRequest) Marshal added in v1.7.2

func (m *SetGroupsForUserRequest) Marshal() (dAtA []byte, err error)

func (*SetGroupsForUserRequest) MarshalTo added in v1.7.2

func (m *SetGroupsForUserRequest) MarshalTo(dAtA []byte) (int, error)

func (*SetGroupsForUserRequest) ProtoMessage added in v1.7.2

func (*SetGroupsForUserRequest) ProtoMessage()

func (*SetGroupsForUserRequest) Reset added in v1.7.2

func (m *SetGroupsForUserRequest) Reset()

func (*SetGroupsForUserRequest) Size added in v1.7.2

func (m *SetGroupsForUserRequest) Size() (n int)

func (*SetGroupsForUserRequest) String added in v1.7.2

func (m *SetGroupsForUserRequest) String() string

func (*SetGroupsForUserRequest) Unmarshal added in v1.7.2

func (m *SetGroupsForUserRequest) Unmarshal(dAtA []byte) error

type SetGroupsForUserResponse added in v1.7.2

type SetGroupsForUserResponse struct {
}

func (*SetGroupsForUserResponse) Descriptor added in v1.7.2

func (*SetGroupsForUserResponse) Descriptor() ([]byte, []int)

func (*SetGroupsForUserResponse) Marshal added in v1.7.2

func (m *SetGroupsForUserResponse) Marshal() (dAtA []byte, err error)

func (*SetGroupsForUserResponse) MarshalTo added in v1.7.2

func (m *SetGroupsForUserResponse) MarshalTo(dAtA []byte) (int, error)

func (*SetGroupsForUserResponse) ProtoMessage added in v1.7.2

func (*SetGroupsForUserResponse) ProtoMessage()

func (*SetGroupsForUserResponse) Reset added in v1.7.2

func (m *SetGroupsForUserResponse) Reset()

func (*SetGroupsForUserResponse) Size added in v1.7.2

func (m *SetGroupsForUserResponse) Size() (n int)

func (*SetGroupsForUserResponse) String added in v1.7.2

func (m *SetGroupsForUserResponse) String() string

func (*SetGroupsForUserResponse) Unmarshal added in v1.7.2

func (m *SetGroupsForUserResponse) Unmarshal(dAtA []byte) error

type SetScopeRequest

type SetScopeRequest struct {
	// username is the principal (some of which belong to robots rather than
	// users, but the name is preserved for now to provide compatibility with the
	// pachyderm dash) whose access is being granted/revoked. As with
	// GetScopeRequest, to set the access level of a robot user, the caller must
	// prefix username with "robot:". If 'username' has no prefix (i.e. no ":"),
	// then it's assumed to be a github user's principal.
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// repo is the object to which access is being granted/revoked
	Repo string `protobuf:"bytes,2,opt,name=repo,proto3" json:"repo,omitempty"`
	// scope (actually a "role"--see "Scope") is the access level that the owner
	// of 'principal' will now have
	Scope Scope `protobuf:"varint,3,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*SetScopeRequest) Descriptor

func (*SetScopeRequest) Descriptor() ([]byte, []int)

func (*SetScopeRequest) GetRepo

func (m *SetScopeRequest) GetRepo() string

func (*SetScopeRequest) GetScope

func (m *SetScopeRequest) GetScope() Scope

func (*SetScopeRequest) GetUsername

func (m *SetScopeRequest) GetUsername() string

func (*SetScopeRequest) Marshal

func (m *SetScopeRequest) Marshal() (dAtA []byte, err error)

func (*SetScopeRequest) MarshalTo

func (m *SetScopeRequest) MarshalTo(dAtA []byte) (int, error)

func (*SetScopeRequest) ProtoMessage

func (*SetScopeRequest) ProtoMessage()

func (*SetScopeRequest) Reset

func (m *SetScopeRequest) Reset()

func (*SetScopeRequest) Size

func (m *SetScopeRequest) Size() (n int)

func (*SetScopeRequest) String

func (m *SetScopeRequest) String() string

func (*SetScopeRequest) Unmarshal

func (m *SetScopeRequest) Unmarshal(dAtA []byte) error

type SetScopeResponse

type SetScopeResponse struct {
}

func (*SetScopeResponse) Descriptor

func (*SetScopeResponse) Descriptor() ([]byte, []int)

func (*SetScopeResponse) Marshal

func (m *SetScopeResponse) Marshal() (dAtA []byte, err error)

func (*SetScopeResponse) MarshalTo

func (m *SetScopeResponse) MarshalTo(dAtA []byte) (int, error)

func (*SetScopeResponse) ProtoMessage

func (*SetScopeResponse) ProtoMessage()

func (*SetScopeResponse) Reset

func (m *SetScopeResponse) Reset()

func (*SetScopeResponse) Size

func (m *SetScopeResponse) Size() (n int)

func (*SetScopeResponse) String

func (m *SetScopeResponse) String() string

func (*SetScopeResponse) Unmarshal

func (m *SetScopeResponse) Unmarshal(dAtA []byte) error

type TokenInfo added in v1.7.0

type TokenInfo struct {
	// Subject (i.e. Pachyderm account) that a given token authorizes. Prefixed
	// with "github:" or "robot:" to distinguish the two classes of
	// Subject in Pachyderm
	Subject string                `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	Source  TokenInfo_TokenSource `protobuf:"varint,2,opt,name=source,proto3,enum=auth.TokenInfo_TokenSource" json:"source,omitempty"`
}

TokenInfo is the 'value' of an auth token 'key' in the 'tokens' collection

func (*TokenInfo) Descriptor added in v1.7.0

func (*TokenInfo) Descriptor() ([]byte, []int)

func (*TokenInfo) GetSource added in v1.7.0

func (m *TokenInfo) GetSource() TokenInfo_TokenSource

func (*TokenInfo) GetSubject added in v1.7.0

func (m *TokenInfo) GetSubject() string

func (*TokenInfo) Marshal added in v1.7.0

func (m *TokenInfo) Marshal() (dAtA []byte, err error)

func (*TokenInfo) MarshalTo added in v1.7.0

func (m *TokenInfo) MarshalTo(dAtA []byte) (int, error)

func (*TokenInfo) ProtoMessage added in v1.7.0

func (*TokenInfo) ProtoMessage()

func (*TokenInfo) Reset added in v1.7.0

func (m *TokenInfo) Reset()

func (*TokenInfo) Size added in v1.7.0

func (m *TokenInfo) Size() (n int)

func (*TokenInfo) String added in v1.7.0

func (m *TokenInfo) String() string

func (*TokenInfo) Unmarshal added in v1.7.0

func (m *TokenInfo) Unmarshal(dAtA []byte) error

type TokenInfo_TokenSource added in v1.7.0

type TokenInfo_TokenSource int32
const (
	TokenInfo_INVALID      TokenInfo_TokenSource = 0
	TokenInfo_AUTHENTICATE TokenInfo_TokenSource = 1
	TokenInfo_GET_TOKEN    TokenInfo_TokenSource = 2
)

func (TokenInfo_TokenSource) EnumDescriptor added in v1.7.0

func (TokenInfo_TokenSource) EnumDescriptor() ([]byte, []int)

func (TokenInfo_TokenSource) String added in v1.7.0

func (x TokenInfo_TokenSource) String() string

type Users added in v1.7.2

type Users struct {
	Usernames map[string]bool `` /* 153-byte string literal not displayed */
}

func (*Users) Descriptor added in v1.7.2

func (*Users) Descriptor() ([]byte, []int)

func (*Users) GetUsernames added in v1.7.2

func (m *Users) GetUsernames() map[string]bool

func (*Users) Marshal added in v1.7.2

func (m *Users) Marshal() (dAtA []byte, err error)

func (*Users) MarshalTo added in v1.7.2

func (m *Users) MarshalTo(dAtA []byte) (int, error)

func (*Users) ProtoMessage added in v1.7.2

func (*Users) ProtoMessage()

func (*Users) Reset added in v1.7.2

func (m *Users) Reset()

func (*Users) Size added in v1.7.2

func (m *Users) Size() (n int)

func (*Users) String added in v1.7.2

func (m *Users) String() string

func (*Users) Unmarshal added in v1.7.2

func (m *Users) Unmarshal(dAtA []byte) error

type WhoAmIRequest

type WhoAmIRequest struct {
}

func (*WhoAmIRequest) Descriptor

func (*WhoAmIRequest) Descriptor() ([]byte, []int)

func (*WhoAmIRequest) Marshal

func (m *WhoAmIRequest) Marshal() (dAtA []byte, err error)

func (*WhoAmIRequest) MarshalTo

func (m *WhoAmIRequest) MarshalTo(dAtA []byte) (int, error)

func (*WhoAmIRequest) ProtoMessage

func (*WhoAmIRequest) ProtoMessage()

func (*WhoAmIRequest) Reset

func (m *WhoAmIRequest) Reset()

func (*WhoAmIRequest) Size

func (m *WhoAmIRequest) Size() (n int)

func (*WhoAmIRequest) String

func (m *WhoAmIRequest) String() string

func (*WhoAmIRequest) Unmarshal

func (m *WhoAmIRequest) Unmarshal(dAtA []byte) error

type WhoAmIResponse

type WhoAmIResponse struct {
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	IsAdmin  bool   `protobuf:"varint,2,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"`
	TTL      int64  `protobuf:"varint,3,opt,name=ttl,proto3" json:"ttl,omitempty"`
}

func (*WhoAmIResponse) Descriptor

func (*WhoAmIResponse) Descriptor() ([]byte, []int)

func (*WhoAmIResponse) GetIsAdmin added in v1.6.0

func (m *WhoAmIResponse) GetIsAdmin() bool

func (*WhoAmIResponse) GetTTL added in v1.7.5

func (m *WhoAmIResponse) GetTTL() int64

func (*WhoAmIResponse) GetUsername

func (m *WhoAmIResponse) GetUsername() string

func (*WhoAmIResponse) Marshal

func (m *WhoAmIResponse) Marshal() (dAtA []byte, err error)

func (*WhoAmIResponse) MarshalTo

func (m *WhoAmIResponse) MarshalTo(dAtA []byte) (int, error)

func (*WhoAmIResponse) ProtoMessage

func (*WhoAmIResponse) ProtoMessage()

func (*WhoAmIResponse) Reset

func (m *WhoAmIResponse) Reset()

func (*WhoAmIResponse) Size

func (m *WhoAmIResponse) Size() (n int)

func (*WhoAmIResponse) String

func (m *WhoAmIResponse) String() string

func (*WhoAmIResponse) Unmarshal

func (m *WhoAmIResponse) Unmarshal(dAtA []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL