iampermission

package

v0.39.0 Latest Latest Go to latest Published: Jun 28, 2021 License: MIT Imports: 7 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/einride/iam-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package iampermission provides primitives for working with IAM permissions. See: https://cloud.google.com/iam/docs/overview#permissions

Index ¶

func HasWildcard(permission string) bool
func Match(lhs, rhs string) bool
func ResolveLongRunningOperationPermission(operationsPermissions []*iamv1.LongRunningOperationPermissions, ...) (string, bool)
func ResolveMethodPermission(options *iamv1.MethodAuthorizationOptions, resourceName string) (string, bool)
func ResolveResourcePermission(resourcePermissions []*iamv1.ResourcePermission, resourceName string) (string, bool)
func Valid(permission string) bool
func Validate(permission string) error
type LongRunningOperationRequest
type Scanner

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func HasWildcard ¶

func HasWildcard(permission string) bool

HasWildcard reports whether an IAM permission contains a wildcard '*' segment.

func Match ¶

func Match(lhs, rhs string) bool

Match reports whether the lhs permission name matches the rhs permission. The lhs permission may contain a wildcard. The result will always be false when any of lhs or rhs are invalid, or if rhs contains a wildcard.

func ResolveLongRunningOperationPermission ¶ added in v0.32.0

func ResolveLongRunningOperationPermission(
	operationsPermissions []*iamv1.LongRunningOperationPermissions,
	operationRequest LongRunningOperationRequest,
) (string, bool)

ResolveLongRunningOperationPermission resolves a permission for a long-running operation.

func ResolveMethodPermission ¶ added in v0.32.0

func ResolveMethodPermission(
	options *iamv1.MethodAuthorizationOptions,
	resourceName string,
) (string, bool)

ResolveMethodPermission resolves a permission for a method, given the requested resource.

func ResolveResourcePermission ¶ added in v0.32.0

func ResolveResourcePermission(
	resourcePermissions []*iamv1.ResourcePermission,
	resourceName string,
) (string, bool)

ResolveResourcePermission resolves a permission for a resource name, given a set of resource permissions.

func Valid ¶

func Valid(permission string) bool

Valid checks whether the provided permission is valid. See Validate for what constitutes a valid permission.

func Validate ¶

func Validate(permission string) error

Validate a permission.

A permission is valid on the format `<service>.<resource>.<verb>`.

- It contains at most 3 segments. - When no segment is a wildcard, it contains exactly 3 segments. - All segments are non-empty. - All segments are lower-case. - The first (service) segment is not a wildcard. - A wildcard only occurs in the last segment.

Types ¶

type LongRunningOperationRequest ¶ added in v0.32.0

type LongRunningOperationRequest interface {
	GetName() string
}

LongRunningOperationRequest is an interface for long-running operation requests.

type Scanner ¶

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner scans an IAM permission.

func (*Scanner) Init ¶

func (s *Scanner) Init(permission string)

Init initializes the scanner.

func (*Scanner) Scan ¶

func (s *Scanner) Scan() bool

Scan to the next segment.

func (*Scanner) Segment ¶

func (s *Scanner) Segment() string

Segment returns the current segment.

func (*Scanner) Wildcard ¶

func (s *Scanner) Wildcard() bool

Wildcard reports whether the current segment is a wildcard.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL