Documentation ¶
Index ¶
- type DBManager
- func (store DBManager) AddResource(context User, resource Resource) (Resource, error)
- func (store DBManager) AddRole(context User, role Role) (Role, error)
- func (store DBManager) AddUser(context User, user User, userPassword string) (User, error)
- func (store DBManager) AddUserToResourceWithRole(context, user User, resource Resource, role Role) (UserResourceRole, error)
- func (store DBManager) AuthSystemBootstrap() (User, string, error)
- func (store DBManager) Close() error
- func (store DBManager) GetAllResources(context User) ([]Resource, error)
- func (store DBManager) GetAllRoles(context User) ([]Role, error)
- func (store DBManager) GetAllUsers(context User) ([]User, error)
- func (store DBManager) GetNewToken(user User, expiresafter time.Duration) (Token, error)
- func (store DBManager) GetScopesForToken(tokenID string) (ScopeUser, error)
- func (store DBManager) GetUserScopesWithCredentials(name, secret string) (ScopeUser, error)
- type Defaults
- type Resource
- type Role
- type ScopeResource
- type ScopeRole
- type ScopeUser
- type Token
- type User
- type UserResourceRole
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DBManager ¶
type DBManager struct {
// contains filtered or unexported fields
}
DBManager is the database manager for user/application/role storage token storage
func NewDBManager ¶
NewDBManager creates a new instance of a SystemDB
func (DBManager) AddResource ¶
AddResource adds a resource to the system
func (DBManager) AddUserToResourceWithRole ¶
func (store DBManager) AddUserToResourceWithRole(context, user User, resource Resource, role Role) (UserResourceRole, error)
AddUserToResourceWithRole adds the specified user to the resource and assigns the given role. Returns an error if the user, resource, or role don't already exist
func (DBManager) AuthSystemBootstrap ¶
AuthSystemBootstrap initializes the SystemDB and creates any default admin users / roles / resources
func (DBManager) GetAllResources ¶
GetAllResources returns an array of all resources
func (DBManager) GetAllRoles ¶
GetAllRoles returns an array of all roles
func (DBManager) GetAllUsers ¶
GetAllUsers returns an array of all users
func (DBManager) GetNewToken ¶
GetNewToken gets a token for the given user. If a token already exists it expires the existing token, generates a new token, stores it, and returns it. If a token doesn't already exist (or it has expired) it generates a new token, stores it, and returns it
func (DBManager) GetScopesForToken ¶
GetScopesForToken gets scope information for a given token
type Defaults ¶
type Defaults struct { // AdminUser is the admin user id AdminUser string // SystemResource is the system resource id SystemResource string // AdminRole is the system admin role id AdminRole string // ResourceDelegateRole is the resource delegate role id ResourceDelegateRole string }
Defaults encapsulates system defaults
var BuiltIn Defaults
BuiltIn is a catalog of system default values
type Resource ¶
type Resource struct { ID string `json:"id"` Name string `json:"name"` Description string `json:"description"` Created time.Time `json:"created"` CreatedBy string `json:"created_by"` Updated time.Time `json:"updated"` UpdatedBy string `json:"updated_by"` Deleted zero.Time `json:"deleted"` DeletedBy null.String `json:"deleted_by"` }
Resource represents an application / resource / service in the system It is associated with users (and user roles)
type Role ¶
type Role struct { ID string `json:"id"` Name string `json:"name"` Description string `json:"description"` Created time.Time `json:"created"` CreatedBy string `json:"created_by"` Updated time.Time `json:"updated"` UpdatedBy string `json:"updated_by"` Deleted zero.Time `json:"deleted"` DeletedBy null.String `json:"deleted_by"` }
Role defines a role or permission that a user is assigned within an application/role/service
type ScopeResource ¶
ScopeResource is part of the user/resource/role scope hierarchy
type ScopeUser ¶
type ScopeUser struct { ID string Name string Description string ScopeResources []ScopeResource }
ScopeUser is a hierarchy of a user and the resource and role scopes they have been assigned
type Token ¶
type Token struct { ID string `json:"token"` UserID string Created time.Time Expires time.Time `json:"expires"` Deleted zero.Time DeletedBy null.String }
Token represents an auth token
type User ¶
type User struct { ID string `json:"id"` Enabled bool `json:"enabled"` Name string `json:"name"` Description string `json:"description"` SecretHash string `json:"secrethash"` Created time.Time `json:"created"` CreatedBy string `json:"created_by"` Updated time.Time `json:"updated"` UpdatedBy string `json:"updated_by"` Deleted zero.Time `json:"deleted"` DeletedBy null.String `json:"deleted_by"` }
User represents a user in the system. Users are associated with resources and roles within those applications/resources/services. They can be created/updated/deleted. If they are deleted, eventually they will be removed from the system. The admin user can only be disabled, not deleted
type UserResourceRole ¶
type UserResourceRole struct { UserID string `json:"userid"` ResourceID string `json:"resourceid"` RoleID string `json:"roleid"` Created time.Time `json:"created"` CreatedBy string `json:"created_by"` Updated time.Time `json:"updated"` UpdatedBy string `json:"updated_by"` Deleted zero.Time `json:"deleted"` DeletedBy null.String `json:"deleted_by"` }
UserResourceRole defines a relationship between a user, a resource (application/service), and the roles that user has been assigned within the resource (application/service)