Documentation ¶
Overview ¶
Package mounttable defines interfaces for managing associations between names and servers.
A mount table is a tree of names. Each name may have something mounted on it, either a terminal server or another mount table server. If multiple servers are mounted onto the same name, they are considered equivalent, i.e., it is semantically irrelevant which is chosen to pass an RPC to.
Access is determined by AccessLists at each node in the tree. When resolving a name like a/b/c/d, one must check the client blessings against the AccessLists of each node traversed ("", a, a/b, a/b/c, and a/b/c/d).
Index ¶
Constants ¶
const Admin = Tag("Admin")
Admin allow the client to SetPermissions or Delete the receiver. It also subsumes all the other tags.
const Create = Tag("Create")
Create allows the client to create nodes below the receiver.
const Mount = Tag("Mount")
Mount allows the client to Mount or Unmount at the named receiver. For example, to Mount onto a/b/c requires Mount or Admin access to a/b/c (and Read, Admin, or Resolve to a and a/b).
const Read = Tag("Read")
Read allows the client to Glob any children of the node. Thus to perform a Glob of a/* one must have Read access to a AND any other access to each child of a. It also allows Resolution through the node.
const Resolve = Tag("Resolve")
Resolve allows one to resolve through the receiver. Thus to Resolve a/b/c, one needs Admin, Resolve, or Read permission on a, a/b, and a/b/c.
Variables ¶
var MountTableDesc rpc.InterfaceDesc = descMountTable
MountTableDesc describes the MountTable interface.
Functions ¶
This section is empty.
Types ¶
type MountTableClientMethods ¶
type MountTableClientMethods interface { // Object provides access control for Vanadium objects. // // Vanadium services implementing dynamic access control would typically embed // this interface and tag additional methods defined by the service with one of // Admin, Read, Write, Resolve etc. For example, the VDL definition of the // object would be: // // package mypackage // // import "v.io/v23/security/access" // import "v.io/v23/services/permissions" // // type MyObject interface { // permissions.Object // MyRead() (string, error) {access.Read} // MyWrite(string) error {access.Write} // } // // If the set of pre-defined tags is insufficient, services may define their // own tag type and annotate all methods with this new type. // // Instead of embedding this Object interface, define SetPermissions and // GetPermissions in their own interface. Authorization policies will typically // respect annotations of a single type. For example, the VDL definition of an // object would be: // // package mypackage // // import "v.io/v23/security/access" // // type MyTag string // // const ( // Blue = MyTag("Blue") // Red = MyTag("Red") // ) // // type MyObject interface { // MyMethod() (string, error) {Blue} // // // Allow clients to change access via the access.Object interface: // SetPermissions(perms access.Permissions, version string) error {Red} // GetPermissions() (perms access.Permissions, version string, err error) {Blue} // } permissions.ObjectClientMethods // Mount Server (a global name) onto the receiver. // // Subsequent mounts add to the servers mounted there. The multiple // servers are considered equivalent and are meant solely for // availability, i.e., no load balancing is guaranteed. // // The ttl is the number of seconds the mount is to last unless refreshed by // another mount of the same server. A ttl of 0 represents an infinite // duration. A server with an expired ttl should never appear in the results // nor affect the operation of any MountTable method, and should act as if it // was never present as far as the interface is concerned. // // The flags represent a bit mask of options. Mount(_ *context.T, server string, ttl uint32, flags naming.MountFlag, _ ...rpc.CallOpt) error // Unmount removes server from the receiver. If server is empty, remove all // servers mounted there. Returns a non-nil error iff server remains mounted // at the mount point. Unmount(_ *context.T, server string, _ ...rpc.CallOpt) error // Delete removes the receiver. If the receiver has children, it will not // be removed unless deleteSubtree is true in which case the whole subtree is // removed. Delete(_ *context.T, deleteSubtree bool, _ ...rpc.CallOpt) error // ResolveStep takes the next step in resolving a name. Returns the next // servers to query and the suffix at those servers. ResolveStep(*context.T, ...rpc.CallOpt) (naming.MountEntry, error) }
MountTableClientMethods is the client interface containing MountTable methods.
MountTable defines the interface to talk to a mounttable.
In all methods of MountTable, the receiver is the name bound to.
type MountTableClientStub ¶
type MountTableClientStub interface { MountTableClientMethods }
MountTableClientStub embeds MountTableClientMethods and is a placeholder for additional management operations.
func MountTableClient ¶
func MountTableClient(name string) MountTableClientStub
MountTableClient returns a client stub for MountTable.
type MountTableServerMethods ¶
type MountTableServerMethods interface { // Object provides access control for Vanadium objects. // // Vanadium services implementing dynamic access control would typically embed // this interface and tag additional methods defined by the service with one of // Admin, Read, Write, Resolve etc. For example, the VDL definition of the // object would be: // // package mypackage // // import "v.io/v23/security/access" // import "v.io/v23/services/permissions" // // type MyObject interface { // permissions.Object // MyRead() (string, error) {access.Read} // MyWrite(string) error {access.Write} // } // // If the set of pre-defined tags is insufficient, services may define their // own tag type and annotate all methods with this new type. // // Instead of embedding this Object interface, define SetPermissions and // GetPermissions in their own interface. Authorization policies will typically // respect annotations of a single type. For example, the VDL definition of an // object would be: // // package mypackage // // import "v.io/v23/security/access" // // type MyTag string // // const ( // Blue = MyTag("Blue") // Red = MyTag("Red") // ) // // type MyObject interface { // MyMethod() (string, error) {Blue} // // // Allow clients to change access via the access.Object interface: // SetPermissions(perms access.Permissions, version string) error {Red} // GetPermissions() (perms access.Permissions, version string, err error) {Blue} // } permissions.ObjectServerMethods // Mount Server (a global name) onto the receiver. // // Subsequent mounts add to the servers mounted there. The multiple // servers are considered equivalent and are meant solely for // availability, i.e., no load balancing is guaranteed. // // The ttl is the number of seconds the mount is to last unless refreshed by // another mount of the same server. A ttl of 0 represents an infinite // duration. A server with an expired ttl should never appear in the results // nor affect the operation of any MountTable method, and should act as if it // was never present as far as the interface is concerned. // // The flags represent a bit mask of options. Mount(_ *context.T, _ rpc.ServerCall, server string, ttl uint32, flags naming.MountFlag) error // Unmount removes server from the receiver. If server is empty, remove all // servers mounted there. Returns a non-nil error iff server remains mounted // at the mount point. Unmount(_ *context.T, _ rpc.ServerCall, server string) error // Delete removes the receiver. If the receiver has children, it will not // be removed unless deleteSubtree is true in which case the whole subtree is // removed. Delete(_ *context.T, _ rpc.ServerCall, deleteSubtree bool) error // ResolveStep takes the next step in resolving a name. Returns the next // servers to query and the suffix at those servers. ResolveStep(*context.T, rpc.ServerCall) (naming.MountEntry, error) }
MountTableServerMethods is the interface a server writer implements for MountTable.
MountTable defines the interface to talk to a mounttable.
In all methods of MountTable, the receiver is the name bound to.
type MountTableServerStub ¶
type MountTableServerStub interface { MountTableServerStubMethods // DescribeInterfaces the MountTable interfaces. Describe__() []rpc.InterfaceDesc }
MountTableServerStub adds universal methods to MountTableServerStubMethods.
func MountTableServer ¶
func MountTableServer(impl MountTableServerMethods) MountTableServerStub
MountTableServer returns a server stub for MountTable. It converts an implementation of MountTableServerMethods into an object that may be used by rpc.Server.
type MountTableServerStubMethods ¶
type MountTableServerStubMethods MountTableServerMethods
MountTableServerStubMethods is the server interface containing MountTable methods, as expected by rpc.Server. There is no difference between this interface and MountTableServerMethods since there are no streaming methods.