Documentation
¶
Index ¶
- Constants
- Variables
- type AuthAPIKey
- type Command
- type Context
- type Factory
- type Group
- type Manager
- func (s *Manager) CreateGroup(ctx Context, name, description string) (*Group, error)
- func (s *Manager) CreateMappingRule(ctx Context, name, description string, ruleType MappingType, priority int, ...) (*MappingRule, error)
- func (s *Manager) CreatePermission(ctx Context, name, description string) (*Permission, error)
- func (s *Manager) CreatePrincipal(ctx Context, name, description string) (*Principal, error)
- func (s *Manager) CreatePrincipalFromAPIKey(ctx Context, name, apiKey string) (*Principal, error)
- func (s *Manager) CreatePrincipalFromOpenID(ctx Context, token *auth.OpenIDToken) (*Principal, *OIDCAuthorization, error)
- func (s *Manager) CreatePrincipalFromRules(ctx Context, token *auth.OpenIDToken, rules []*MappingRule) (*Principal, *OIDCAuthorization, error)
- func (s *Manager) CreateRole(ctx Context, name, description string) (*Role, error)
- func (s *Manager) EnumerateGroupIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateMappingRuleIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateMappingRules(ctx Context) ([]*MappingRule, error)
- func (s *Manager) EnumeratePermissionIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumeratePrincipalIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateRoleIDs(ctx Context) ([]string, error)
- func (s *Manager) FindGroupByID(ctx Context, groupID string) (*Group, error)
- func (s *Manager) FindGroups(ctx Context, ids []string) ([]*Group, error)
- func (s *Manager) FindMappingRuleByID(ctx Context, mappingRuleID string) (*MappingRule, error)
- func (s *Manager) FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error)
- func (s *Manager) FindPermissionByID(ctx Context, permissionID string) (*Permission, error)
- func (s *Manager) FindPermissions(ctx Context, ids []string) ([]*Permission, error)
- func (s *Manager) FindPrincipalByID(ctx Context, principalID string) (*Principal, error)
- func (s *Manager) FindPrincipalByOIDC(ctx Context, issuer, subject string) (*Principal, error)
- func (m *Manager) FindPrincipals(ctx Context, ids []string) ([]*Principal, error)
- func (s *Manager) FindRoleByID(ctx Context, roleID string) (*Role, error)
- func (s *Manager) FindRoles(ctx Context, ids []string) ([]*Role, error)
- func (s *Manager) SetupPrincipalAsOwner(ctx Context, pri *Principal) (*Group, *Role, *Permission, error)
- func (s *Manager) SetupSystemMembership(ctx Context) (*Permission, error)
- type MappingRule
- type MappingRuleManager
- type MappingRuleSlice
- type MappingType
- type OIDCAuthorization
- type Permission
- type Principal
- func (p *Principal) APIKeys() []*AuthAPIKey
- func (p *Principal) AttachGroup(g *Group) error
- func (p *Principal) AttachNewGroup(name, description string) (*Group, error)
- func (p *Principal) AttachNewRole(name, description string) (*Role, error)
- func (p *Principal) AttachRole(r *Role) error
- func (p *Principal) AttachedRoles() []*Role
- func (p *Principal) CreateAPIKey(name string) (*AuthAPIKey, string, error)
- func (p *Principal) DetachGroup(g *Group) error
- func (p *Principal) DetachRole(r *Role) error
- func (p *Principal) Groups() []*Group
- func (p *Principal) HavingPermissions() []*Permission
- func (p *Principal) OIDCAuthorization() *OIDCAuthorization
- func (p *Principal) Roles() []*Role
- type Query
- type Role
Constants ¶
View Source
const ( GroupOwnerName = "_GuardmechOwnerGroup" GroupOwnerDescription = "Owner group of guardmech" GroupOwnerID = "6f43787e-1a18-42dc-86dc-78c81c681bda" )
View Source
const ( PermissionOwnerName = "_GUARDMECH_OWNER" PermissionOwnerDescription = "Owner permission of guardmech" PermissionOwnerID = "d4b6dc0b-f282-4e9c-b8d7-518f61737f21" PermissionWriteName = "_GUARDMECH_WRITE" PermissionWriteDescription = "Write permission of guardmech" PermissionWriteID = "d4b6dc0b-f282-4e9c-b8d7-518f61737f22" PermissionReadOnlyName = "_GUARDMECH_READONLY" PermissionReadOnlyDescription = "ReadOnly permission of guardmech" PermissionReadOnlyID = "d4b6dc0b-f282-4e9c-b8d7-518f61737f23" )
View Source
const ( RoleOwnerName = "_GuardmechOwnerRole" RoleOwnerDescription = "Owner principal of guardmech" RoleOwnerID = "b8cc3e1a-867e-4c2d-b163-c9feb5683388" )
Variables ¶
View Source
var ErrNoEntry = errors.New("no such entry")
Functions ¶
This section is empty.
Types ¶
type AuthAPIKey ¶
type Command ¶
type Command interface {
Error() error // see https://jxck.hatenablog.com/entry/golang-error-handling-lesson-by-rob-pike
SavePrincipal(ctx Context, pri *Principal)
SaveGroup(ctx Context, g *Group)
SaveRole(ctx Context, r *Role)
SavePermission(ctx Context, perm *Permission)
SaveAuthOIDC(ctx Context, oidc *OIDCAuthorization, pri *Principal)
SaveAuthAPIKey(ctx Context, key *AuthAPIKey, pri *Principal)
SaveMappingRule(ctx Context, rule *MappingRule)
DeletePrincipal(ctx Context, pri *Principal)
DeleteGroup(ctx Context, g *Group)
DeleteRole(ctx Context, r *Role)
DeletePermission(ctx Context, perm *Permission)
DeleteAuthOIDC(ctx Context, oidc *OIDCAuthorization)
DeleteAuthAPIKey(ctx Context, key *AuthAPIKey)
DeleteMappingRule(ctx Context, rule *MappingRule)
}
type Factory ¶
type Factory interface {
NewPrincipal(
ID uuid.UUID,
name, description string,
auth *OIDCAuthorization,
apikeys []*AuthAPIKey,
roles []*Role,
groups []*Group,
) *Principal
NewRole(
ID uuid.UUID,
name, description string,
perms []*Permission,
) *Role
NewGroup(
ID uuid.UUID,
name, description string,
roles []*Role,
) *Group
NewMappingRule(
ID uuid.UUID,
ruleType MappingType,
detail, name, description string,
priority int,
group *Group,
role *Role,
) *MappingRule
}
func NewFactory ¶
type Group ¶
type Group struct {
GroupID uuid.UUID
Name string
Description string
// contains filtered or unexported fields
}
func (*Group) AttachNewRole ¶
func (*Group) AttachRole ¶
func (*Group) DetachRole ¶
func (*Group) HavingPermissions ¶
func (g *Group) HavingPermissions() []*Permission
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
func NewManager ¶
func (*Manager) CreateGroup ¶
func (*Manager) CreateMappingRule ¶
func (s *Manager) CreateMappingRule(ctx Context, name, description string, ruleType MappingType, priority int, detail, associationType, associationID string) (*MappingRule, error)
func (*Manager) CreatePermission ¶
func (s *Manager) CreatePermission(ctx Context, name, description string) (*Permission, error)
func (*Manager) CreatePrincipal ¶
func (*Manager) CreatePrincipalFromAPIKey ¶
func (*Manager) CreatePrincipalFromOpenID ¶
func (s *Manager) CreatePrincipalFromOpenID(ctx Context, token *auth.OpenIDToken) (*Principal, *OIDCAuthorization, error)
func (*Manager) CreatePrincipalFromRules ¶
func (s *Manager) CreatePrincipalFromRules(ctx Context, token *auth.OpenIDToken, rules []*MappingRule) (*Principal, *OIDCAuthorization, error)
func (*Manager) CreateRole ¶
func (*Manager) EnumerateGroupIDs ¶
func (*Manager) EnumerateMappingRuleIDs ¶
func (*Manager) EnumerateMappingRules ¶
func (s *Manager) EnumerateMappingRules(ctx Context) ([]*MappingRule, error)
func (*Manager) EnumeratePermissionIDs ¶
func (*Manager) EnumeratePrincipalIDs ¶
func (*Manager) EnumerateRoleIDs ¶
func (*Manager) FindGroupByID ¶
func (*Manager) FindGroups ¶
func (*Manager) FindMappingRuleByID ¶
func (s *Manager) FindMappingRuleByID(ctx Context, mappingRuleID string) (*MappingRule, error)
func (*Manager) FindMappingRules ¶
func (s *Manager) FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error)
func (*Manager) FindPermissionByID ¶
func (s *Manager) FindPermissionByID(ctx Context, permissionID string) (*Permission, error)
func (*Manager) FindPermissions ¶
func (s *Manager) FindPermissions(ctx Context, ids []string) ([]*Permission, error)
func (*Manager) FindPrincipalByID ¶
func (*Manager) FindPrincipalByOIDC ¶
func (*Manager) FindPrincipals ¶
func (*Manager) FindRoleByID ¶
func (*Manager) SetupPrincipalAsOwner ¶
func (*Manager) SetupSystemMembership ¶
func (s *Manager) SetupSystemMembership(ctx Context) (*Permission, error)
type MappingRule ¶
type MappingRule struct {
MappingRuleID uuid.UUID
RuleType MappingType
Detail string
Name string
Description string
Priority int
// contains filtered or unexported fields
}
func (*MappingRule) AssociatedGroup ¶
func (m *MappingRule) AssociatedGroup() *Group
func (*MappingRule) AssociatedRole ¶
func (m *MappingRule) AssociatedRole() *Role
type MappingRuleManager ¶
type MappingRuleManager struct {
// contains filtered or unexported fields
}
func NewMappingRuleManager ¶
func NewMappingRuleManager(rules []*MappingRule, inquirer *auth.GroupInquirer) *MappingRuleManager
func (*MappingRuleManager) FindMatchedRules ¶
func (m *MappingRuleManager) FindMatchedRules(ctx context.Context, token *auth.OpenIDToken) ([]*MappingRule, error)
type MappingRuleSlice ¶
type MappingRuleSlice []*MappingRule
for sort.Interface
func (MappingRuleSlice) Len ¶
func (s MappingRuleSlice) Len() int
func (MappingRuleSlice) Less ¶
func (s MappingRuleSlice) Less(i, j int) bool
func (MappingRuleSlice) Swap ¶
func (s MappingRuleSlice) Swap(i, j int)
type MappingType ¶
type MappingType int
const ( MappingSpecificDomain MappingType = iota + 1 MappingWholeDomain MappingGroupMember MappingSpecificAddress )
type OIDCAuthorization ¶
type Principal ¶
type Principal struct {
PrincipalID uuid.UUID
Name string
Description string
// contains filtered or unexported fields
}
func (*Principal) APIKeys ¶
func (p *Principal) APIKeys() []*AuthAPIKey
func (*Principal) AttachGroup ¶
func (*Principal) AttachNewGroup ¶
func (*Principal) AttachNewRole ¶
func (*Principal) AttachRole ¶
func (*Principal) AttachedRoles ¶
func (*Principal) CreateAPIKey ¶
func (p *Principal) CreateAPIKey(name string) (*AuthAPIKey, string, error)
Add New APIKey
func (*Principal) DetachGroup ¶
func (*Principal) DetachRole ¶
func (*Principal) HavingPermissions ¶
func (p *Principal) HavingPermissions() []*Permission
func (*Principal) OIDCAuthorization ¶
func (p *Principal) OIDCAuthorization() *OIDCAuthorization
return OpenID Connect Authorization info. May be nil.
type Query ¶
type Query interface {
FindPrincipals(ctx Context, ids []string) ([]*Principal, error)
FindPrincipalIDByOIDC(ctx Context, issuer, subject string) (*Principal, error)
EnumeratePrincipalIDs(ctx Context) ([]uuid.UUID, error)
FindGroups(ctx Context, ids []string) ([]*Group, error)
EnumerateGroupIDs(ctx Context) ([]uuid.UUID, error)
FindRoles(ctx Context, ids []string) ([]*Role, error)
EnumerateRoleIDs(ctx Context) ([]uuid.UUID, error)
FindPermissions(ctx Context, ids []string) ([]*Permission, error)
EnumeratePermissionIDs(ctx Context) ([]uuid.UUID, error)
FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error)
EnumerateMappingRuleIDs(ctx Context) ([]uuid.UUID, error)
}
type Role ¶
type Role struct {
RoleID uuid.UUID
Name string
Description string
// contains filtered or unexported fields
}
func (*Role) AttachNewPermission ¶
func (r *Role) AttachNewPermission(ctx Context, name, description string) (*Permission, error)
func (*Role) AttachPermission ¶
func (r *Role) AttachPermission(p *Permission) error
func (*Role) DetachPermission ¶
func (r *Role) DetachPermission(p *Permission) error
func (*Role) Permissions ¶
func (r *Role) Permissions() []*Permission
Source Files
Click to show internal directories.
Click to hide internal directories.