perms

package
v0.0.0-...-01cd1ea Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package perms defines permissions used to control access to Tree Status resources, and related methods.

Package perms defines permissions used to control access to Tree Status resources, and related methods.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// PermGetStatusLimited allows users to get status, but does not allow seeing PII (username).
	PermGetStatusLimited = realms.RegisterPermission("treestatus.status.getLimited")

	// PermListStatusLimited allows users to list status, but does not allow seeing PII (username).
	PermListStatusLimited = realms.RegisterPermission("treestatus.status.listLimited")

	// PermGetStatus allows users to get status, including PII.
	// Note that the user also needs to be a Googler, in addition to having the permission.
	PermGetStatus = realms.RegisterPermission("treestatus.status.get")

	// PermListStatus allows users to list status, including PII.
	// Note that the user also needs to be a Googler, in addition to having the permission.
	PermListStatus = realms.RegisterPermission("treestatus.status.list")

	// PermCreateStatus allows users to create status.
	PermCreateStatus = realms.RegisterPermission("treestatus.status.create")

	// PermListTree allows users to list trees.
	PermListTree = realms.RegisterPermission("treestatus.trees.list")

	// PermGetTree allows users to get a tree.
	PermGetTree = realms.RegisterPermission("treestatus.trees.get")
)

All permissions in this file are checked against "<luciproject>:<subrealm>" realm, where the <luciproject> refers to the primary project of the tree. If subrealm is not specified, default to be "@project".

Functions

func HasCreateStatusPermission 

func HasCreateStatusPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasCreateStatusPermission returns if the user can create a status in a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasGetStatusLimitedPermission 

func HasGetStatusLimitedPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasGetStatusLimitedPermission returns if the user can get the status (without PII) of a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasGetStatusPermission 

func HasGetStatusPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasGetStatusPermission returns if the user can get the status (with PII) of a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasGetTreePermission 

func HasGetTreePermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasGetTreePermission returns if the user can get a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasListStatusLimitedPermission 

func HasListStatusLimitedPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasListStatusLimitedPermission returns if the user can list the statuses (without PII) of a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasListStatusPermission 

func HasListStatusPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasListStatusPermission returns if the user can list the statuses (without PII) of a tree. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

func HasProjectPermission 

func HasProjectPermission(ctx context.Context, project string, subrealm string, permission realms.Permission) (bool, error)

HasProjectPermission returns if the caller has the given permission in the subrealm of the given project. This method only returns an error if there is some AuthDB issue.

func HasQueryTreesPermission 

func HasQueryTreesPermission(ctx context.Context, treeName string) (allowed bool, message string, err error)

HasQueryTreesPermission returns if the user can query trees. If the user has no permission, an error message will also be returned. err will be returned if there is some error during the ACL check.

Types

type FakeAuthBuilder 

type FakeAuthBuilder struct {
	// contains filtered or unexported fields
}

FakeAuthBuilder creates some fake identity, only used for testing.

func FakeAuth 

func FakeAuth() *FakeAuthBuilder

func (*FakeAuthBuilder) Anonymous 

func (a *FakeAuthBuilder) Anonymous() *FakeAuthBuilder

func (*FakeAuthBuilder) SetInContext 

func (a *FakeAuthBuilder) SetInContext(ctx context.Context) context.Context

func (*FakeAuthBuilder) WithAuditAccess 

func (a *FakeAuthBuilder) WithAuditAccess() *FakeAuthBuilder

func (*FakeAuthBuilder) WithPermissionInRealm 

func (a *FakeAuthBuilder) WithPermissionInRealm(permission realms.Permission, realm string) *FakeAuthBuilder

func (*FakeAuthBuilder) WithReadAccess 

func (a *FakeAuthBuilder) WithReadAccess() *FakeAuthBuilder

func (*FakeAuthBuilder) WithWriteAccess 

func (a *FakeAuthBuilder) WithWriteAccess() *FakeAuthBuilder

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.