Documentation ¶
Index ¶
- Variables
- func HandleErrors(next echo.HandlerFunc) echo.HandlerFunc
- func IdValidation(next echo.HandlerFunc) echo.HandlerFunc
- func LoggerFields(next echo.HandlerFunc) echo.HandlerFunc
- func Notifier(next echo.HandlerFunc) echo.HandlerFunc
- func Pagination(next echo.HandlerFunc) echo.HandlerFunc
- func ParseHeaders(next echo.HandlerFunc) echo.HandlerFunc
- func PermissionCheck(next echo.HandlerFunc) echo.HandlerFunc
- func RaiseEvent(next echo.HandlerFunc) echo.HandlerFunc
- func SortAndFilter(next echo.HandlerFunc) echo.HandlerFunc
- func SuperKeyDestroyApplication(next echo.HandlerFunc) echo.HandlerFunc
- func SuperKeyDestroySource(next echo.HandlerFunc) echo.HandlerFunc
- func Tenancy(next echo.HandlerFunc) echo.HandlerFunc
- func Timing(next echo.HandlerFunc) echo.HandlerFunc
- func UserCatcher(next echo.HandlerFunc) echo.HandlerFunc
- func UuidValidation(next echo.HandlerFunc) echo.HandlerFunc
- type Rbac
- type RbacClient
Constants ¶
This section is empty.
Variables ¶
var BadQueryParams = []string{"limit", "offset", "sort_by"}
Functions ¶
func HandleErrors ¶
func HandleErrors(next echo.HandlerFunc) echo.HandlerFunc
func IdValidation ¶
func IdValidation(next echo.HandlerFunc) echo.HandlerFunc
IdValidation takes all the parameters which end with "id" and checks for their validity. Returns a bad request if they're not valid.
func LoggerFields ¶
func LoggerFields(next echo.HandlerFunc) echo.HandlerFunc
func Pagination ¶
func Pagination(next echo.HandlerFunc) echo.HandlerFunc
func ParseHeaders ¶
func ParseHeaders(next echo.HandlerFunc) echo.HandlerFunc
Parse the required headers for processing this request. Currently this involves _three_ major headers:
`x-rh-identity`: contains the account number and various other information about the request. This is set by 3scale.
`x-rh-sources-psk`: a pre-shared-key (psk) which is used internally to authenticate from within the CRC cluster. This is checked against a list of known keys which are set in vault, if it matches any of them the request is authorized.
`x-rh-sources-account-number`: used with a PSK to access a certain account. Only accessible from within the CRC cluster.
func PermissionCheck ¶
func PermissionCheck(next echo.HandlerFunc) echo.HandlerFunc
Takes the information stored in the context and returns a 401 if we do not have authorization to perform "write" things such as POST/PATCH/DELETE.
Checks for PSK (if present) and if it is there and matches any of the PSKs we approve, lets it through.
Sends the x-rh-identity header off to rbac to get an ACL list, and returns whether or not it contains the correct `sources:*:*` permission.
func RaiseEvent ¶
func RaiseEvent(next echo.HandlerFunc) echo.HandlerFunc
RaiseEvent calls the "RaiseEvent" function once the previous handler has succeeded. It grabs the resource and the event type from the context.
func SortAndFilter ¶
func SortAndFilter(next echo.HandlerFunc) echo.HandlerFunc
func SuperKeyDestroyApplication ¶
func SuperKeyDestroyApplication(next echo.HandlerFunc) echo.HandlerFunc
func SuperKeyDestroySource ¶
func SuperKeyDestroySource(next echo.HandlerFunc) echo.HandlerFunc
This middleware intercepts a superkey-related source on its way through the stack and handles whether the requested resource is superkey related.
If it is then we will queue up a job that sends the request over to the worker (to delete the resources in amazon), wait 15 seconds, then destroy the actual resources.
func Tenancy ¶
func Tenancy(next echo.HandlerFunc) echo.HandlerFunc
Tenancy is a middleware which makes sure the EBS account number or OrgId are present, and therefore, the request is properly authenticated. It sets the tenant ID on the context by looking in the database using the provided EBS account number or OrgId.
func UserCatcher ¶
func UserCatcher(next echo.HandlerFunc) echo.HandlerFunc
func UuidValidation ¶
func UuidValidation(next echo.HandlerFunc) echo.HandlerFunc
UuidValidation checks if the UUID parameter is valid. Returns a bad request if it isn't.
Types ¶
type RbacClient ¶
type RbacClient struct {
// contains filtered or unexported fields
}