securityflag

Documentation

Overview

Package securityflag implements utilities for creating security objects based on flags.

Index

• func NewAuthorizer(ctx *context.T, name string) (security.Authorizer, error)
• func NewAuthorizerOrDie(ctx *context.T) security.Authorizer
• func PermissionsFromSpec(spec access.PermissionsSpec, name string) (access.Permissions, error)

Functions

func NewAuthorizer

func NewAuthorizer(ctx *context.T, name string) (security.Authorizer, error)

NewAuthorizer constructs an Authorizer based on the PermissionsSpec stored in the context for the specified 'name' (which defaults to "runtime" for an empty string value). It will preferentially use literal permissions over file stored ones.

func NewAuthorizerOrDie

func NewAuthorizerOrDie(ctx *context.T) security.Authorizer

NewAuthorizerOrDie returns an authorizer configured in the same way as that for 'runtime', preferring a literal (ie. on the command line) vs a file based specification, and assuming the typical set of access tags. It will panic if it fails to create an authorizer.

func PermissionsFromSpec

func PermissionsFromSpec(spec access.PermissionsSpec, name string) (access.Permissions, error)

PermissionsFromSpec returns the permissions specified by the supplied PermissionsSpec for 'runtime' (ie. as derived) from command line flags specified by flags.PermissionsFlags originally. It is intended for callers that need more control of how Permissions are managed. TODO(rjkroege): Refactor these two functions into one by making an Authorizer use a Permissions accessor interface.