permissions

package

v0.0.0-...-d0ced46 Latest Latest Go to latest Published: Nov 22, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

chromium.googlesource.com/infra/luci/luci-go

Documentation ¶

Index ¶

func HasPermissionsInRealms(ctx context.Context, realms map[invocations.ID]string, ...) (bool, string, error)
func QuerySubRealmsNonEmpty(ctx context.Context, project string, attrs realms.Attrs, ...) ([]string, error)
func VerifyInvocation(ctx context.Context, id invocations.ID, permissions ...realms.Permission) error
func VerifyInvocationByName(ctx context.Context, invName string, permissions ...realms.Permission) error
func VerifyInvocations(ctx context.Context, ids invocations.IDSet, permissions ...realms.Permission) (err error)
func VerifyInvocationsByName(ctx context.Context, invNames []string, permissions ...realms.Permission) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func HasPermissionsInRealms ¶

func HasPermissionsInRealms(ctx context.Context, realms map[invocations.ID]string, permissions ...realms.Permission) (bool, string, error)

HasPermissionsInRealms checks multiple invocations' realms for the specified permissions. Returns:

whether the caller has all permissions in all invocations' realms
description of the first identified missing permission for an invocation (if applicable)
an error if one occurred

func QuerySubRealmsNonEmpty ¶

func QuerySubRealmsNonEmpty(ctx context.Context, project string, attrs realms.Attrs, permission realms.Permission) ([]string, error)

QuerySubRealmsNonEmpty returns subRealms that the user has the given permission in the given project. It returns an appstatus annotated error if there is no realm in which the user has the permission.

func VerifyInvocation ¶

func VerifyInvocation(ctx context.Context, id invocations.ID, permissions ...realms.Permission) error

VerifyInvocation checks if the caller has the specified permissions on the realm that the invocation with the specified id belongs to. There must must be a valid Spanner transaction in the given context, which may be a span.Single().

func VerifyInvocationByName ¶

func VerifyInvocationByName(ctx context.Context, invName string, permissions ...realms.Permission) error

VerifyInvocationByName does the same as VerifyInvocation but accepts an invocation name instead of an invocations.ID. There must must be a valid Spanner transaction in the given context, which may be a span.Single().

func VerifyInvocations ¶

func VerifyInvocations(ctx context.Context, ids invocations.IDSet, permissions ...realms.Permission) (err error)

VerifyInvocations checks multiple invocations' realms for the specified permissions. There must must be a valid Spanner transaction in the given context, which may be a span.Single().

func VerifyInvocationsByName ¶

func VerifyInvocationsByName(ctx context.Context, invNames []string, permissions ...realms.Permission) error

VerifyInvocationsByName does the same as VerifyInvocations but accepts invocation names instead of an invocations.IDSet. There must must be a valid Spanner transaction in the given context, which may be a span.Single().

Types ¶

This section is empty.

Source Files ¶

View all Source files

permissions.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL