permissions

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 23, 2023 License: MPL-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package permissions contains the permission sets and other related functionalities that dictate the level of access a subject has to a Tharsis resource.

Index

Constants

This section is empty.

Variables

View Source
var (
	ViewGPGKeyPermission                    = Permission{ResourceType: GPGKeyResourceType, Action: ViewAction}
	CreateGPGKeyPermission                  = Permission{ResourceType: GPGKeyResourceType, Action: CreateAction}
	DeleteGPGKeyPermission                  = Permission{ResourceType: GPGKeyResourceType, Action: DeleteAction}
	ViewGroupPermission                     = Permission{ResourceType: GroupResourceType, Action: ViewAction}
	CreateGroupPermission                   = Permission{ResourceType: GroupResourceType, Action: CreateAction}
	UpdateGroupPermission                   = Permission{ResourceType: GroupResourceType, Action: UpdateAction}
	DeleteGroupPermission                   = Permission{ResourceType: GroupResourceType, Action: DeleteAction}
	ViewNamespaceMembershipPermission       = Permission{ResourceType: NamespaceMembershipResourceType, Action: ViewAction}
	CreateNamespaceMembershipPermission     = Permission{ResourceType: NamespaceMembershipResourceType, Action: CreateAction}
	UpdateNamespaceMembershipPermission     = Permission{ResourceType: NamespaceMembershipResourceType, Action: UpdateAction}
	DeleteNamespaceMembershipPermission     = Permission{ResourceType: NamespaceMembershipResourceType, Action: DeleteAction}
	ViewWorkspacePermission                 = Permission{ResourceType: WorkspaceResourceType, Action: ViewAction}
	CreateWorkspacePermission               = Permission{ResourceType: WorkspaceResourceType, Action: CreateAction}
	UpdateWorkspacePermission               = Permission{ResourceType: WorkspaceResourceType, Action: UpdateAction}
	DeleteWorkspacePermission               = Permission{ResourceType: WorkspaceResourceType, Action: DeleteAction}
	CreateTeamPermission                    = Permission{ResourceType: TeamResourceType, Action: CreateAction}
	UpdateTeamPermission                    = Permission{ResourceType: TeamResourceType, Action: UpdateAction}
	DeleteTeamPermission                    = Permission{ResourceType: TeamResourceType, Action: DeleteAction}
	ViewRunPermission                       = Permission{ResourceType: RunResourceType, Action: ViewAction}
	CreateRunPermission                     = Permission{ResourceType: RunResourceType, Action: CreateAction}
	ViewJobPermission                       = Permission{ResourceType: JobResourceType, Action: ViewAction}
	ClaimJobPermission                      = Permission{ResourceType: JobResourceType, Action: ClaimAction}    // Specifically for claiming jobs.
	UpdateJobPermission                     = Permission{ResourceType: JobResourceType, Action: UpdateAction}   // Write job perm.
	UpdatePlanPermission                    = Permission{ResourceType: PlanResourceType, Action: UpdateAction}  // Write plan perm.
	UpdateApplyPermission                   = Permission{ResourceType: ApplyResourceType, Action: UpdateAction} // Write apply perm.
	ViewRunnerPermission                    = Permission{ResourceType: RunnerResourceType, Action: ViewAction}
	CreateRunnerPermission                  = Permission{ResourceType: RunnerResourceType, Action: CreateAction}
	UpdateRunnerPermission                  = Permission{ResourceType: RunnerResourceType, Action: UpdateAction}
	DeleteRunnerPermission                  = Permission{ResourceType: RunnerResourceType, Action: DeleteAction}
	CreateUserPermission                    = Permission{ResourceType: UserResourceType, Action: CreateAction}
	UpdateUserPermission                    = Permission{ResourceType: UserResourceType, Action: UpdateAction}
	DeleteUserPermission                    = Permission{ResourceType: UserResourceType, Action: DeleteAction}
	ViewVariableValuePermission             = Permission{ResourceType: VariableResourceType, Action: ViewValueAction} // Viewing variable values.
	ViewVariablePermission                  = Permission{ResourceType: VariableResourceType, Action: ViewAction}
	CreateVariablePermission                = Permission{ResourceType: VariableResourceType, Action: CreateAction}
	UpdateVariablePermission                = Permission{ResourceType: VariableResourceType, Action: UpdateAction}
	DeleteVariablePermission                = Permission{ResourceType: VariableResourceType, Action: DeleteAction}
	ViewTerraformProviderPermission         = Permission{ResourceType: TerraformProviderResourceType, Action: ViewAction}
	CreateTerraformProviderPermission       = Permission{ResourceType: TerraformProviderResourceType, Action: CreateAction}
	UpdateTerraformProviderPermission       = Permission{ResourceType: TerraformProviderResourceType, Action: UpdateAction}
	DeleteTerraformProviderPermission       = Permission{ResourceType: TerraformProviderResourceType, Action: DeleteAction}
	ViewTerraformModulePermission           = Permission{ResourceType: TerraformModuleResourceType, Action: ViewAction}
	CreateTerraformModulePermission         = Permission{ResourceType: TerraformModuleResourceType, Action: CreateAction}
	UpdateTerraformModulePermission         = Permission{ResourceType: TerraformModuleResourceType, Action: UpdateAction}
	DeleteTerraformModulePermission         = Permission{ResourceType: TerraformModuleResourceType, Action: DeleteAction}
	ViewStateVersionPermission              = Permission{ResourceType: StateVersionResourceType, Action: ViewAction}
	CreateStateVersionPermission            = Permission{ResourceType: StateVersionResourceType, Action: CreateAction}
	ViewConfigurationVersionPermission      = Permission{ResourceType: ConfigurationVersionResourceType, Action: ViewAction}
	CreateConfigurationVersionPermission    = Permission{ResourceType: ConfigurationVersionResourceType, Action: CreateAction}
	UpdateConfigurationVersionPermission    = Permission{ResourceType: ConfigurationVersionResourceType, Action: UpdateAction}
	ViewServiceAccountPermission            = Permission{ResourceType: ServiceAccountResourceType, Action: ViewAction}
	CreateServiceAccountPermission          = Permission{ResourceType: ServiceAccountResourceType, Action: CreateAction}
	UpdateServiceAccountPermission          = Permission{ResourceType: ServiceAccountResourceType, Action: UpdateAction}
	DeleteServiceAccountPermission          = Permission{ResourceType: ServiceAccountResourceType, Action: DeleteAction}
	ViewManagedIdentityPermission           = Permission{ResourceType: ManagedIdentityResourceType, Action: ViewAction}
	CreateManagedIdentityPermission         = Permission{ResourceType: ManagedIdentityResourceType, Action: CreateAction}
	UpdateManagedIdentityPermission         = Permission{ResourceType: ManagedIdentityResourceType, Action: UpdateAction}
	DeleteManagedIdentityPermission         = Permission{ResourceType: ManagedIdentityResourceType, Action: DeleteAction}
	ViewVCSProviderPermission               = Permission{ResourceType: VCSProviderResourceType, Action: ViewAction}
	CreateVCSProviderPermission             = Permission{ResourceType: VCSProviderResourceType, Action: CreateAction}
	UpdateVCSProviderPermission             = Permission{ResourceType: VCSProviderResourceType, Action: UpdateAction}
	DeleteVCSProviderPermission             = Permission{ResourceType: VCSProviderResourceType, Action: DeleteAction}
	ViewTerraformProviderMirrorPermission   = Permission{ResourceType: TerraformProviderMirrorResourceType, Action: ViewAction}
	CreateTerraformProviderMirrorPermission = Permission{ResourceType: TerraformProviderMirrorResourceType, Action: CreateAction}
	DeleteTerraformProviderMirrorPermission = Permission{ResourceType: TerraformProviderMirrorResourceType, Action: DeleteAction}
)

All possible Permissions.

Functions

func GetAssignablePermissions

func GetAssignablePermissions() []string

GetAssignablePermissions returns a list of assignable permissions.

Types

type Action

type Action string

Action is an enum representing a CRUD action.

const (
	ViewAction      Action = "view"
	ViewValueAction Action = "view_value"
	CreateAction    Action = "create"
	UpdateAction    Action = "update"
	DeleteAction    Action = "delete"
	ClaimAction     Action = "claim"
)

Action constants.

func (Action) HasViewerAccess

func (p Action) HasViewerAccess() bool

HasViewerAccess returns true if Action is viewer access or greater.

type Permission

type Permission struct {
	ResourceType ResourceType `json:"resourceType"`
	Action       Action       `json:"action"`
}

Permission represents a level of access a subject has to a Tharsis resource.

func ParsePermissions

func ParsePermissions(perms []string) ([]Permission, error)

ParsePermissions parses and normalizes a slice of permission strings and extracts a Permission that adheres to the format resource_type:action.

func (*Permission) GTE

func (p *Permission) GTE(want *Permission) bool

GTE returns true if permission available is >= wanted permission.

func (*Permission) IsAssignable

func (p *Permission) IsAssignable() bool

IsAssignable returns true if permission is assignable to a role.

func (*Permission) String

func (p *Permission) String() string

String returns the Permission as <resource_type:action> string.

type ResourceType

type ResourceType string

ResourceType is an enum representing a Tharsis resource type.

const (
	GPGKeyResourceType                  ResourceType = "gpg_key"
	GroupResourceType                   ResourceType = "group"
	WorkspaceResourceType               ResourceType = "workspace"
	NamespaceMembershipResourceType     ResourceType = "namespace_membership"
	TeamResourceType                    ResourceType = "team"
	RunResourceType                     ResourceType = "run"
	JobResourceType                     ResourceType = "job"
	PlanResourceType                    ResourceType = "plan"
	ApplyResourceType                   ResourceType = "apply"
	RunnerResourceType                  ResourceType = "runner"
	UserResourceType                    ResourceType = "user"
	VariableResourceType                ResourceType = "variable"
	TerraformProviderResourceType       ResourceType = "terraform_provider"
	TerraformModuleResourceType         ResourceType = "terraform_module"
	StateVersionResourceType            ResourceType = "state_version"
	ConfigurationVersionResourceType    ResourceType = "configuration_version"
	ServiceAccountResourceType          ResourceType = "service_account"
	ManagedIdentityResourceType         ResourceType = "managed_identity"
	VCSProviderResourceType             ResourceType = "vcs_provider"
	TerraformProviderMirrorResourceType ResourceType = "terraform_provider_mirror"
)

ResourceType constants.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL