services

package

v0.0.2 Latest Latest Go to latest Published: Jun 1, 2021 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

git.skogstorpet.nu/staffan/soid

Documentation ¶

Index ¶

Variables
func AddRole(ctx context.Context, namespace, name string, rules []domain.Rule) (*domain.Role, error)
func AddUser(ctx context.Context, namespace, name, password string, ...) (*domain.User, error)
func AssertSoidNamespace(ctx context.Context) error
func AssertSystemNamespace(ctx context.Context) error
func Check(ctx context.Context, identityId int32, ...) (int, error)
func CheckAccess(ctx context.Context, identityID uint, ...) error
func CreateAdminUser(ctx context.Context, namespace, username, password string) (*domain.User, error)
func CreateDefaultSoidRoles(ctx context.Context, namespace string) error
func CreateGuestUser(ctx context.Context, namespace string) (*domain.User, error)
func CreateIdentity(ctx context.Context, namespace string, ...) (*domain.Identity, error)
func CreateRole(ctx context.Context, namespace string, ...) (*domain.Role, error)
func CreateRule(ctx context.Context, namespace string, ...) (*domain.Rule, error)
func CreateRuleFromTemplate(ctx context.Context, namespace, name string, other *domain.Rule) (*domain.Rule, error)
func CreateUser(ctx context.Context, namespace string, ...) (*domain.User, error)
func DefaultSoidAdminRules(ctx context.Context, namespace string) []domain.Rule
func DefaultSoidGuestRules(ctx context.Context, namespace string) []domain.Rule
func GetUserFromSession(ctx context.Context, sessionID uint) (*domain.User, error)
func IdentifyByPassword(ctx context.Context, namespace, username, password string) (*domain.Identity, error)
func InitializeNamespace(ctx context.Context, namespace, adminuser, adminpass string) error
func Login(ctx context.Context, namespace, username, password string) (*domain.Session, error)
func Logout(ctx context.Context, sessionID uint) error
func RecreateRoot(ctx context.Context, rootUsername, rootPassword string) error
func RegisterAccess(ctx context.Context, sessionID uint, ipAddress string) error
func Validate(ctx context.Context, sessionID uint) error
func ValidateRole(ctx context.Context, namespace, name string, hasRules []domain.Rule) (*domain.Role, error)
func ValidateRule(ctx context.Context, ruleNamespace, ruleName string, other *domain.Rule) (*domain.Rule, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrRoleExists     = errors.New("role exists already")
	ErrUserExists     = errors.New("user exists already")
	ErrIdentityExists = errors.New("identity exists already")
)

Functions ¶

func AddRole ¶

func AddRole(ctx context.Context, namespace, name string, rules []domain.Rule) (*domain.Role, error)

Add a Role to the namespace with a name. Attach the rules provided

func AddUser ¶

func AddUser(ctx context.Context, namespace, name, password string, certificates []domain.Certificate, roles []domain.Role) (*domain.User, error)

AddGuest adds a user and identity that has namespace:name and attaches the provided set of roles to the identity Username will be set to same as name Password can be empty, in which case no password is needed to log in Any certificates provided are added to the identity A name can be generated using factory.NewUsername

func AssertSoidNamespace ¶

func AssertSoidNamespace(ctx context.Context) error

AssertSoidNamespace is called when we need to assert that the basic data in the SOID namespace are there for SOID to work properly. It is typically called upon startup of the application

func AssertSystemNamespace ¶

func AssertSystemNamespace(ctx context.Context) error

AssertSystemNamespace is called when we need to assert that the basic data in the system namespace are there for SOID to work properly. It is typically called upon startup of the application

func Check ¶

func Check(ctx context.Context, identityId int32, objectType, namespace, operation, entityId string) (int, error)

Check the permissions for a certain combination of namespace/entity and identity

func CheckAccess ¶

func CheckAccess(ctx context.Context, identityID uint, namespace, name, operation, objectType string, instances []domain.Metadata) error

CheckAccess returns nil if the operation is allowed, otherwis an error is returned

func CreateAdminUser ¶

func CreateAdminUser(ctx context.Context, namespace, username, password string) (*domain.User, error)

func CreateDefaultSoidRoles ¶

func CreateDefaultSoidRoles(ctx context.Context, namespace string) error

func CreateGuestUser ¶

func CreateGuestUser(ctx context.Context, namespace string) (*domain.User, error)

func CreateIdentity ¶

func CreateIdentity(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Identity) error) (*domain.Identity, error)

func CreateRole ¶

func CreateRole(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Role) error) (*domain.Role, error)

func CreateRule ¶

func CreateRule(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Rule) error) (*domain.Rule, error)

func CreateRuleFromTemplate ¶

func CreateRuleFromTemplate(ctx context.Context, namespace, name string, other *domain.Rule) (*domain.Rule, error)

func CreateUser ¶

func CreateUser(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.User) error) (*domain.User, error)

func DefaultSoidAdminRules ¶

func DefaultSoidAdminRules(ctx context.Context, namespace string) []domain.Rule

func DefaultSoidGuestRules ¶

func DefaultSoidGuestRules(ctx context.Context, namespace string) []domain.Rule

func GetUserFromSession ¶

func GetUserFromSession(ctx context.Context, sessionID uint) (*domain.User, error)

func IdentifyByPassword ¶

func IdentifyByPassword(ctx context.Context, namespace, username, password string) (*domain.Identity, error)

func InitializeNamespace ¶

func InitializeNamespace(ctx context.Context, namespace, adminuser, adminpass string) error

func Login(ctx context.Context, namespace, username, password string) (*domain.Session, error)

func Logout ¶

func Logout(ctx context.Context, sessionID uint) error

func RecreateRoot ¶

func RecreateRoot(ctx context.Context, rootUsername, rootPassword string) error

RecreateRoot removes the old rootID and recreates it with a new username/password and at the same time ensures the AllowAll rule and the Root Role exists

func RegisterAccess ¶

func RegisterAccess(ctx context.Context, sessionID uint, ipAddress string) error

func Validate ¶

func Validate(ctx context.Context, sessionID uint) error

Validate if the session is still valid.

func ValidateRole ¶

func ValidateRole(ctx context.Context, namespace, name string, hasRules []domain.Rule) (*domain.Role, error)

Validate that a role with the namespace/name has roles that are attached to the rules that are as permissive as the provided rules. The role/rules will be recreated if they don't apply

func ValidateRule ¶

func ValidateRule(ctx context.Context, ruleNamespace, ruleName string, other *domain.Rule) (*domain.Rule, error)

ValidateRule makes sure there exists a rule in ruleNamespace:ruleName that is as permissive as the other rule

Types ¶