permissions

package
v0.1.19 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 24, 2023 License: Apache-2.0 Imports: 20 Imported by: 4

Documentation

Overview

Package permissions implements an echo middleware to simplify checking permission checks in downstream handlers by adding a checking function to the context which may later be called to check permissions.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNoAuthToken is the error returned when there is no auth token provided for the API request
	ErrNoAuthToken = errors.New("no auth token provided for client")

	// ErrInvalidAuthToken is the error returned when the auth token is not the expected value
	ErrInvalidAuthToken = errors.New("invalid auth token")

	// ErrPermissionDenied is the error returned when permission is denied to a call
	ErrPermissionDenied = errors.New("subject doesn't have access")

	// ErrBadResponse is the error returned when we receive a bad response from the server
	ErrBadResponse = errors.New("bad response from server")

	// ErrCheckerNotFound is the error returned when CheckAccess does not find the appropriate checker context
	ErrCheckerNotFound = errors.New("no checker found in context")
)

Functions

func CheckAccess 

func CheckAccess(ctx context.Context, resource gidx.PrefixedID, action string) error

CheckAccess runs the checker function to check if the provided resource and action are supported.

func MustViperFlags 

func MustViperFlags(v *viper.Viper, flags *pflag.FlagSet)

MustViperFlags adds permissions config flags and viper bindings

Types

type Checker 

type Checker func(ctx context.Context, resource gidx.PrefixedID, action string) error

Checker defines the checker function definition 

var (
	// CheckerCtxKey is the context key used to set the checker handling function
	CheckerCtxKey = checkerCtxKey{}

	// DefaultAllowChecker defaults to allow when checker is disabled or skipped
	DefaultAllowChecker Checker = func(_ context.Context, _ gidx.PrefixedID, _ string) error {
		return nil
	}

	// DefaultDenyChecker defaults to denied when checker is disabled or skipped
	DefaultDenyChecker Checker = func(_ context.Context, _ gidx.PrefixedID, _ string) error {
		return ErrPermissionDenied
	}
)

type Config 

type Config struct {
	// URL is the URL checks should be executed against
	URL string
}

Config defines the permissions configuration structure

type Option 

type Option func(p *Permissions) error

Option defines an option configurator

func WithDefaultChecker 

func WithDefaultChecker(checker Checker) Option

WithDefaultChecker sets the default checker if the middleware is skipped

func WithHTTPClient 

func WithHTTPClient(client *http.Client) Option

WithHTTPClient sets the underlying http client the auth handler uses

func WithLogger 

func WithLogger(logger *zap.SugaredLogger) Option

WithLogger sets the logger for the auth handler

func WithSkipper 

func WithSkipper(skipper middleware.Skipper) Option

WithSkipper sets the echo middleware skipper function

type Permissions 

type Permissions struct {
	// contains filtered or unexported fields
}

Permissions handles supporting authorization checks

func New 

func New(config Config, options ...Option) (*Permissions, error)

New creates a new Permissions instance

func (*Permissions) Middleware 

func (p *Permissions) Middleware() echo.MiddlewareFunc

Middleware produces echo middleware to handle authorization checks

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.