iamreflect

package

v0.32.0 Latest Latest Go to latest Published: Jun 14, 2021 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/einride/iam-go

Links

Open Source Insights

Documentation ¶

Index ¶

func ValidateLongRunningOperationsAuthorization(authorization *iamv1.LongRunningOperationsAuthorization) error
func ValidateMethodAuthorizationOptions(methodAuthorization *iamv1.MethodAuthorizationOptions, ...) error
func ValidatePredefinedRoles(roles *iamv1.PredefinedRoles) error
type IAMDescriptor
- func NewIAMDescriptor(service protoreflect.ServiceDescriptor, files *protoregistry.Files) (*IAMDescriptor, error)
- func (d *IAMDescriptor) FindMethodAuthorizationOptionsByRequest(request proto.Message) (*iamv1.MethodAuthorizationOptions, bool)
- func (d *IAMDescriptor) ResolvePermissionByRequestAndResource(request proto.Message, resource string) (string, bool)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ValidateLongRunningOperationsAuthorization ¶ added in v0.32.0

func ValidateLongRunningOperationsAuthorization(authorization *iamv1.LongRunningOperationsAuthorization) error

ValidateLongRunningOperationsAuthorization checks that a long-running operations authorization annotation is valid.

func ValidateMethodAuthorizationOptions ¶ added in v0.32.0

func ValidateMethodAuthorizationOptions(
	methodAuthorization *iamv1.MethodAuthorizationOptions,
	method protoreflect.MethodDescriptor,
	files *protoregistry.Files,
) error

func ValidatePredefinedRoles ¶ added in v0.30.0

func ValidatePredefinedRoles(roles *iamv1.PredefinedRoles) error

ValidatePredefinedRoles validates a set of predefined roles.

Types ¶

type IAMDescriptor ¶

type IAMDescriptor struct {
	// PredefinedRoles are the service's predefined IAM roles.
	PredefinedRoles *iamv1.PredefinedRoles
	// LongRunningOperationsAuthorization is the service's configuration for authorization of long-running operations.
	LongRunningOperationsAuthorization *iamv1.LongRunningOperationsAuthorization
	// MethodAuthorizationOptions is a mapping from full method name to the method's authorization options.
	MethodAuthorizationOptions map[protoreflect.FullName]*iamv1.MethodAuthorizationOptions
	// RequestAuthorizationOptions is a mapping from full request name to the method's authorization options.
	RequestAuthorizationOptions map[protoreflect.FullName]*iamv1.MethodAuthorizationOptions
}

IAMDescriptor represents an RPC service's IAM specification.

func NewIAMDescriptor ¶

func NewIAMDescriptor(service protoreflect.ServiceDescriptor, files *protoregistry.Files) (*IAMDescriptor, error)

NewIAMDescriptor creates a new IAMDescriptor from the provided service descriptor. Uses the provided files to resolve resource name patterns.

func (*IAMDescriptor) FindMethodAuthorizationOptionsByRequest ¶

func (d *IAMDescriptor) FindMethodAuthorizationOptionsByRequest(
	request proto.Message,
) (*iamv1.MethodAuthorizationOptions, bool)

func (*IAMDescriptor) ResolvePermissionByRequestAndResource ¶

func (d *IAMDescriptor) ResolvePermissionByRequestAndResource(
	request proto.Message,
	resource string,
) (string, bool)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL