iamreflect

package

v0.20.1 Latest Latest Go to latest Published: Jun 1, 2021 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/einride/iam-go

Links

Open Source Insights

Documentation ¶

Index ¶

func ResolveLongRunningOperationPermission(operationsPermissions []*iamv1.LongRunningOperationPermissions, ...) (string, bool)
func ResolveResourcePermission(resourcePermissions []*iamv1.ResourcePermission, resourceName string) (string, bool)
type IAMDescriptor
- func NewIAMDescriptor(service protoreflect.ServiceDescriptor, files *protoregistry.Files) (*IAMDescriptor, error)
- func (d *IAMDescriptor) FindMethodAuthorizationOptionsByRequest(request proto.Message) (*iamv1.MethodAuthorizationOptions, bool)
- func (d *IAMDescriptor) ResolvePermissionByRequestAndResource(request proto.Message, resource string) (string, bool)
type LongRunningOperationRequest

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ResolveLongRunningOperationPermission ¶ added in v0.18.0

func ResolveLongRunningOperationPermission(
	operationsPermissions []*iamv1.LongRunningOperationPermissions,
	operationRequest LongRunningOperationRequest,
) (string, bool)

ResolveLongRunningOperationPermission resolves a permission for a long-running operation.

func ResolveResourcePermission ¶

func ResolveResourcePermission(
	resourcePermissions []*iamv1.ResourcePermission,
	resourceName string,
) (string, bool)

ResolveResourcePermission resolves a permission for a resource name, given a set of resource permissions.

Types ¶

type IAMDescriptor ¶

type IAMDescriptor struct {
	// PredefinedRoles are the service's predefined IAM roles.
	PredefinedRoles *iamv1.Roles
	// LongRunningOperationsAuthorization is the service's configuration for authorization of long-running operations.
	LongRunningOperationsAuthorization *iamv1.LongRunningOperationsAuthorization
	// MethodAuthorizationOptions is a mapping from full method name to the method's authorization options.
	MethodAuthorizationOptions map[protoreflect.FullName]*iamv1.MethodAuthorizationOptions
	// RequestAuthorizationOptions is a mapping from full request name to the method's authorization options.
	RequestAuthorizationOptions map[protoreflect.FullName]*iamv1.MethodAuthorizationOptions
}

IAMDescriptor represents an RPC service's IAM specification.

func NewIAMDescriptor ¶

func NewIAMDescriptor(service protoreflect.ServiceDescriptor, files *protoregistry.Files) (*IAMDescriptor, error)

NewIAMDescriptor creates a new IAMDescriptor from the provided service descriptor. Uses the provided files to resolve resource name patterns.

func (*IAMDescriptor) FindMethodAuthorizationOptionsByRequest ¶

func (d *IAMDescriptor) FindMethodAuthorizationOptionsByRequest(
	request proto.Message,
) (*iamv1.MethodAuthorizationOptions, bool)

func (*IAMDescriptor) ResolvePermissionByRequestAndResource ¶

func (d *IAMDescriptor) ResolvePermissionByRequestAndResource(
	request proto.Message,
	resource string,
) (string, bool)

type LongRunningOperationRequest ¶ added in v0.18.0

type LongRunningOperationRequest interface {
	GetName() string
}

LongRunningOperationRequest is an interface for long-running operation requests.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL