iamspanner

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2021 License: MIT Imports: 22 Imported by: 0

Documentation

Overview

Package iamspanner provides a Spanner-based storage implementation of the iam.IAMPolicyService API.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SQLSchema added in v0.4.0 

func SQLSchema() string

SQLSchema returns the example Spanner SQL schema.

Types

type ReadTransaction 

type ReadTransaction interface {
	Read(context.Context, string, spanner.KeySet, []string) *spanner.RowIterator
	ReadWithOptions(context.Context, string, spanner.KeySet, []string, *spanner.ReadOptions) *spanner.RowIterator
}

ReadTransaction is an interface for Spanner read transactions.

type Server 

type Server struct {
	iam.UnimplementedIAMPolicyServer
	admin.UnimplementedIAMServer
	// contains filtered or unexported fields
}

Server is a Spanner implementation of the iam.IAMPolicyServer interface.

func NewServer 

func NewServer(
	client *spanner.Client,
	roles *iamregistry.Roles,
	memberResolver iammember.Resolver,
	config ServerConfig,
) (*Server, error)

NewServer creates a new Spanner IAM policy server.

func (*Server) GetIamPolicy 

func (s *Server) GetIamPolicy(
	ctx context.Context,
	request *iam.GetIamPolicyRequest,
) (*iam.Policy, error)

GetIamPolicy implements iam.IAMPolicyServer.

func (*Server) GetRole 

func (s *Server) GetRole(
	ctx context.Context,
	request *admin.GetRoleRequest,
) (*admin.Role, error)

GetRole implements admin.IAMServer.

func (*Server) ListRoles 

func (s *Server) ListRoles(
	ctx context.Context,
	request *admin.ListRolesRequest,
) (*admin.ListRolesResponse, error)

ListRoles implements admin.IAMServer.

func (*Server) QueryIamPolicyInTransaction 

func (s *Server) QueryIamPolicyInTransaction(
	ctx context.Context,
	tx ReadTransaction,
	resource string,
) (*iam.Policy, error)

QueryIamPolicyInTransaction queries the IAM policy for a resource within the provided transaction.

func (*Server) QueryResourcesBoundToMemberAndPermission 

func (s *Server) QueryResourcesBoundToMemberAndPermission(
	ctx context.Context,
	member string,
	permission string,
) ([]string, error)

QueryResourcesBoundToMemberAndPermission reads all resources bound to the member and permission.

func (*Server) QueryResourcesBoundToMemberAndPermissionInTransaction 

func (s *Server) QueryResourcesBoundToMemberAndPermissionInTransaction(
	ctx context.Context,
	tx ReadTransaction,
	member string,
	permission string,
) ([]string, error)

QueryResourcesBoundToMemberAndPermissionInTransaction reads all resources bound to the member and permission, within the provided Spanner transaction.

func (*Server) ReadRolesBoundToMembersAndResources added in v0.3.0 

func (s *Server) ReadRolesBoundToMembersAndResources(
	ctx context.Context,
	members []string,
	resources []string,
	fn func(ctx context.Context, member, resource string, role *admin.Role) error,
) error

ReadRolesBoundToMembersAndResources reads all roles bound to the provided members and resources.

func (*Server) ReadRolesBoundToMembersAndResourcesInTransaction added in v0.3.0 

func (s *Server) ReadRolesBoundToMembersAndResourcesInTransaction(
	ctx context.Context,
	tx ReadTransaction,
	members []string,
	resources []string,
	fn func(ctx context.Context, member, resource string, role *admin.Role) error,
) error

ReadRolesBoundToMembersAndResourcesInTransaction reads all roles bound to members and resources within the provided Spanner transaction. Also considers roles bound to parent resources.

func (*Server) SetIamPolicy 

func (s *Server) SetIamPolicy(
	ctx context.Context,
	request *iam.SetIamPolicyRequest,
) (*iam.Policy, error)

SetIamPolicy implements iam.IAMPolicyServer.

func (*Server) TestIamPermissions 

func (s *Server) TestIamPermissions(
	ctx context.Context,
	request *iam.TestIamPermissionsRequest,
) (*iam.TestIamPermissionsResponse, error)

TestIamPermissions implements iam.IAMPolicyServer.

func (*Server) TestPermissionOnResource 

func (s *Server) TestPermissionOnResource(
	ctx context.Context,
	permission string,
	resource string,
) (bool, error)

TestPermissionOnResource tests if the caller has the specified permission on the specified resource.

func (*Server) TestPermissionOnResources 

func (s *Server) TestPermissionOnResources(
	ctx context.Context,
	permission string,
	resources []string,
) (map[string]bool, error)

TestPermissionOnResources tests if the caller has the specified permission on the specified resources.

func (*Server) ValidateIamPolicyFreshnessInTransaction 

func (s *Server) ValidateIamPolicyFreshnessInTransaction(
	ctx context.Context,
	tx ReadTransaction,
	resource string,
	etag []byte,
) (bool, error)

ValidateIamPolicyFreshnessInTransaction validates the freshness of an IAM policy for a resource within the provided transaction.

type ServerConfig 

type ServerConfig struct {
	ErrorHook func(context.Context, error)
}

ServerConfig configures a Spanner IAM policy server.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.