authdb

package

v0.0.0-...-7619cce Latest Latest Go to latest Published: Feb 9, 2025 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

chromium.googlesource.com/infra/luci/luci-go

Documentation ¶

Overview ¶

Package authdb contains methods to work with authdb.

Index ¶

type CachingPermissionsProvider
- func (cgp *CachingPermissionsProvider) GetAllPermissions(ctx context.Context) (map[string][]*rpcpb.RealmPermissions, error)
- func (cgp *CachingPermissionsProvider) RefreshPeriodically(ctx context.Context)
type PermissionsProvider
type PermissionsSnapshot
type Server
- func NewServer() *Server
type SnapshotJSON

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CachingPermissionsProvider ¶

type CachingPermissionsProvider struct {
	// contains filtered or unexported fields
}

func (*CachingPermissionsProvider) GetAllPermissions ¶

func (cgp *CachingPermissionsProvider) GetAllPermissions(ctx context.Context) (map[string][]*rpcpb.RealmPermissions, error)

GetAllPermissions gets realm and analyzes the principal permissions mapping. The result may be stale.

func (*CachingPermissionsProvider) RefreshPeriodically ¶

func (cgp *CachingPermissionsProvider) RefreshPeriodically(ctx context.Context)

RefreshPeriodically runs a loop that periodically refreshes the cached copy of Permissions snapshot.

type PermissionsProvider ¶

type PermissionsProvider interface {
	GetAllPermissions(ctx context.Context) (map[string][]*rpcpb.RealmPermissions, error)
	RefreshPeriodically(ctx context.Context)
}

PermissionsProvider is the interface to get all permissions entities.

type PermissionsSnapshot ¶

type PermissionsSnapshot struct {
	// contains filtered or unexported fields
}

type Server ¶

type Server struct {
	rpcpb.UnimplementedAuthDBServer
	// contains filtered or unexported fields
}

Server implements AuthDB server.

func NewServer ¶

func NewServer() *Server

func (*Server) CheckLegacyMembership ¶

func (srv *Server) CheckLegacyMembership(ctx *router.Context) error

CheckLegacyMembership serves the legacy REST API GET request to check whether a given identity is a member of any of the given groups.

Example query:

"identity=user:someone@example.com&groups=group-a&groups=group-b"

Example response:

{
   "is_member": true
}

func (*Server) GetPrincipalPermissions ¶

func (srv *Server) GetPrincipalPermissions(ctx context.Context, request *rpcpb.GetPrincipalPermissionsRequest) (*rpcpb.PrincipalPermissions, error)

GetPrincipalPermissions implements the corresponding RPC method.

func (*Server) GetSnapshot ¶

func (srv *Server) GetSnapshot(ctx context.Context, request *rpcpb.GetSnapshotRequest) (*rpcpb.Snapshot, error)

GetSnapshot implements the corresponding RPC method.

func (*Server) HandleLegacyAuthDBServing ¶

func (srv *Server) HandleLegacyAuthDBServing(ctx *router.Context) error

HandleLegacyAuthDBServing handles the AuthDBSnapshot serving for legacy services. Writes the AuthDBSnapshot JSON to the router.Writer.

func (*Server) RefreshPeriodically ¶

func (srv *Server) RefreshPeriodically(ctx context.Context)

RefreshPeriodically wraps the groups provider's refresh method.

func (*Server) WarmUp ¶

func (srv *Server) WarmUp(ctx context.Context)

WarmUp does the setup for the permissions server; it should be called before the main serving loop.

type SnapshotJSON ¶

type SnapshotJSON struct {
	AuthDBRev      int64  `json:"auth_db_rev"`
	AuthDBDeflated []byte `json:"deflated_body,omitempty"`
	AuthDBSha256   string `json:"sha256"`
	CreatedTS      int64  `json:"created_ts"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL