iamcel

package
v0.39.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2021 License: MIT Imports: 16 Imported by: 2

Documentation

Overview

Package iamcel provides primitives for using CEL expressions for access management.

Index

Constants

View Source 
const AncestorFunction = "ancestor"

AncestorFunction is the name of the CEL ancestor function.

View Source 
const TestAllFunction = "test_all"

TestAllFunction is the name of the function for testing that all resources have a specified permission.

View Source 
const TestAnyFunction = "test_any"

TestAnyFunction is the name of the test_any permission function.

View Source 
const TestFunction = "test"

TestFunction is the name of the test permission function.

Variables

This section is empty.

Functions

func NewAfterEnv 

func NewAfterEnv(method protoreflect.MethodDescriptor) (*cel.Env, error)

NewAfterEnv creates a new CEL environment for authorization checks that run after the request has been handled.

func NewAncestorFunctionDeclaration 

func NewAncestorFunctionDeclaration() *expr.Decl

NewAncestorFunctionDeclaration creates a new declaration for the ancestor function.

func NewAncestorFunctionImplementation 

func NewAncestorFunctionImplementation() *functions.Overload

NewAncestorFunctionImplementation creates a new implementation for the ancestor function.

func NewBeforeEnv 

func NewBeforeEnv(method protoreflect.MethodDescriptor) (*cel.Env, error)

NewBeforeEnv creates a new CEL environment for authorization checks that run before the request has been handled.

func NewTestAllFunctionDeclaration 

func NewTestAllFunctionDeclaration() *expr.Decl

NewTestAllFunctionDeclaration creates a new declaration for the test_all function.

func NewTestAllFunctionImplementation 

func NewTestAllFunctionImplementation(
	options *iamv1.MethodAuthorizationOptions,
	tester PermissionTester,
) *functions.Overload

NewTestAllFunctionImplementation creates a new implementation for the test_all function.

func NewTestAnyFunctionDeclaration 

func NewTestAnyFunctionDeclaration() *expr.Decl

NewTestAnyFunctionDeclaration creates a new declaration for the test_any function.

func NewTestAnyFunctionImplementation 

func NewTestAnyFunctionImplementation(
	options *iamv1.MethodAuthorizationOptions,
	tester PermissionTester,
) *functions.Overload

NewTestAnyFunctionImplementation creates a new implementation for the test_all function.

func NewTestFunctionDeclaration 

func NewTestFunctionDeclaration() *expr.Decl

NewTestFunctionDeclaration creates a new declaration for the test permission function.

func NewTestFunctionImplementation 

func NewTestFunctionImplementation(
	options *iamv1.MethodAuthorizationOptions,
	tester PermissionTester,
) *functions.Overload

NewTestFunctionImplementation creates a new implementation for the test permission function.

Types

type PermissionTester added in v0.33.0 

type PermissionTester interface {
	TestPermissions(
		ctx context.Context, caller *iamv1.Caller, resourcePermissions map[string]string,
	) (map[string]bool, error)
}

PermissionTester is an interface for testing IAM permissions.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.