Documentation ¶
Index ¶
- Constants
- Variables
- type AuthAPIKey
- type Command
- type Context
- type Factory
- type Group
- type Manager
- func (s *Manager) CreateGroup(ctx Context, name, description string) (*Group, error)
- func (s *Manager) CreateMappingRule(ctx Context, name, description string, ruleType MappingType, priority int, ...) (*MappingRule, error)
- func (s *Manager) CreatePermission(ctx Context, name, description string) (*Permission, error)
- func (s *Manager) CreatePrincipal(ctx Context, name, description string) (*Principal, error)
- func (s *Manager) CreatePrincipalFromAPIKey(ctx Context, name, apiKey string) (*Principal, error)
- func (s *Manager) CreatePrincipalFromOpenID(ctx Context, token *auth.OpenIDToken) (*Principal, *OIDCAuthorization, error)
- func (s *Manager) CreatePrincipalFromRule(ctx Context, token *auth.OpenIDToken, rule *MappingRule) (*Principal, *OIDCAuthorization, error)
- func (s *Manager) CreateRole(ctx Context, name, description string) (*Role, error)
- func (s *Manager) EnumerateGroupIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateMappingRuleIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateMappingRules(ctx Context) ([]*MappingRule, error)
- func (s *Manager) EnumeratePermissionIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumeratePrincipalIDs(ctx Context) ([]string, error)
- func (s *Manager) EnumerateRoleIDs(ctx Context) ([]string, error)
- func (s *Manager) FindGroupByID(ctx Context, groupID string) (*Group, error)
- func (s *Manager) FindGroups(ctx Context, ids []string) ([]*Group, error)
- func (s *Manager) FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error)
- func (s *Manager) FindPermissionByID(ctx Context, permissionID string) (*Permission, error)
- func (s *Manager) FindPermissions(ctx Context, ids []string) ([]*Permission, error)
- func (s *Manager) FindPrincipalByID(ctx Context, principalID string) (*Principal, error)
- func (s *Manager) FindPrincipalByOIDC(ctx Context, issuer, subject string) (*Principal, error)
- func (m *Manager) FindPrincipals(ctx Context, ids []string) ([]*Principal, error)
- func (s *Manager) FindRoleByID(ctx Context, roleID string) (*Role, error)
- func (s *Manager) FindRoles(ctx Context, ids []string) ([]*Role, error)
- func (s *Manager) SetupPrincipalAsOwner(ctx Context, pri *Principal) (*Group, *Role, *Permission, error)
- type MappingRule
- type MappingRuleManager
- type MappingRuleSlice
- type MappingType
- type OIDCAuthorization
- type Permission
- type Principal
- func (p *Principal) APIKeys() []*AuthAPIKey
- func (p *Principal) AttachGroup(g *Group) error
- func (p *Principal) AttachNewGroup(name, description string) (*Group, error)
- func (p *Principal) AttachNewRole(name, description string) (*Role, error)
- func (p *Principal) AttachRole(r *Role) error
- func (p *Principal) AttachedRoles() []*Role
- func (p *Principal) CreateAPIKey(name string) (*AuthAPIKey, string, error)
- func (p *Principal) DetachGroup(g *Group) error
- func (p *Principal) DetachRole(r *Role) error
- func (p *Principal) Groups() []*Group
- func (p *Principal) HavingPermissions() []*Permission
- func (p *Principal) OIDCAuthorization() *OIDCAuthorization
- func (p *Principal) Roles() []*Role
- type Query
- type Role
Constants ¶
View Source
const ( GroupOwnerName = "_GuardmechOwnerGroup" GroupOwnerDescription = "Owner group of guardmech" GroupOwnerID = "6f43787e-1a18-42dc-86dc-78c81c681bda" )
View Source
const ( PermissionOwnerName = "_GUARDMECH_OWNER" PermissionOwnerDescription = "Owner permission of guardmech" PermissionOwnerID = "d4b6dc0b-f282-4e9c-b8d7-518f61737f21" )
View Source
const ( RoleOwnerName = "_GuardmechOwnerRole" RoleOwnerDescription = "Owner principal of guardmech" RoleOwnerID = "b8cc3e1a-867e-4c2d-b163-c9feb5683388" )
Variables ¶
View Source
var ErrNoEntry = errors.New("no such entry")
Functions ¶
This section is empty.
Types ¶
type AuthAPIKey ¶
type Command ¶
type Command interface { Error() error // see https://jxck.hatenablog.com/entry/golang-error-handling-lesson-by-rob-pike SavePrincipal(ctx Context, pri *Principal) SaveGroup(ctx Context, g *Group) SaveRole(ctx Context, r *Role) SavePermission(ctx Context, perm *Permission) SaveAuthOIDC(ctx Context, oidc *OIDCAuthorization, pri *Principal) SaveAuthAPIKey(ctx Context, key *AuthAPIKey, pri *Principal) SaveMappingRule(ctx Context, rule *MappingRule) DeletePrincipal(ctx Context, pri *Principal) DeleteGroup(ctx Context, g *Group) DeleteRole(ctx Context, r *Role) DeletePermission(ctx Context, perm *Permission) DeleteMappingRule(ctx Context, rule *MappingRule) }
type Factory ¶
type Factory interface { NewPrincipal( ID uuid.UUID, name, description string, auth *OIDCAuthorization, apikeys []*AuthAPIKey, roles []*Role, groups []*Group, ) *Principal NewRole( ID uuid.UUID, name, description string, perms []*Permission, ) *Role NewGroup( ID uuid.UUID, name, description string, roles []*Role, ) *Group NewMappingRule( ID uuid.UUID, ruleType MappingType, detail, name, description string, priority int, group *Group, role *Role, ) *MappingRule }
func NewFactory ¶
type Group ¶
type Group struct { GroupID uuid.UUID Name string Description string // contains filtered or unexported fields }
func (*Group) AttachNewRole ¶
func (*Group) AttachRole ¶
func (*Group) DetachRole ¶
func (*Group) HavingPermissions ¶
func (g *Group) HavingPermissions() []*Permission
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
func NewManager ¶
func (*Manager) CreateGroup ¶
func (*Manager) CreateMappingRule ¶
func (s *Manager) CreateMappingRule(ctx Context, name, description string, ruleType MappingType, priority int, detail, associationType, associationID string) (*MappingRule, error)
func (*Manager) CreatePermission ¶
func (s *Manager) CreatePermission(ctx Context, name, description string) (*Permission, error)
func (*Manager) CreatePrincipal ¶
func (*Manager) CreatePrincipalFromAPIKey ¶
func (*Manager) CreatePrincipalFromOpenID ¶
func (s *Manager) CreatePrincipalFromOpenID(ctx Context, token *auth.OpenIDToken) (*Principal, *OIDCAuthorization, error)
func (*Manager) CreatePrincipalFromRule ¶
func (s *Manager) CreatePrincipalFromRule(ctx Context, token *auth.OpenIDToken, rule *MappingRule) (*Principal, *OIDCAuthorization, error)
func (*Manager) CreateRole ¶
func (*Manager) EnumerateGroupIDs ¶
func (*Manager) EnumerateMappingRuleIDs ¶
func (*Manager) EnumerateMappingRules ¶
func (s *Manager) EnumerateMappingRules(ctx Context) ([]*MappingRule, error)
func (*Manager) EnumeratePermissionIDs ¶
func (*Manager) EnumeratePrincipalIDs ¶
func (*Manager) EnumerateRoleIDs ¶
func (*Manager) FindGroupByID ¶
func (*Manager) FindGroups ¶
func (*Manager) FindMappingRules ¶
func (s *Manager) FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error)
func (*Manager) FindPermissionByID ¶
func (s *Manager) FindPermissionByID(ctx Context, permissionID string) (*Permission, error)
func (*Manager) FindPermissions ¶
func (s *Manager) FindPermissions(ctx Context, ids []string) ([]*Permission, error)
func (*Manager) FindPrincipalByID ¶
func (*Manager) FindPrincipalByOIDC ¶
func (*Manager) FindPrincipals ¶
func (*Manager) FindRoleByID ¶
func (*Manager) SetupPrincipalAsOwner ¶
type MappingRule ¶
type MappingRule struct { MappingRuleID uuid.UUID RuleType MappingType Detail string Name string Description string Priority int // contains filtered or unexported fields }
func (*MappingRule) AssociatedGroup ¶
func (m *MappingRule) AssociatedGroup() *Group
func (*MappingRule) AssociatedRole ¶
func (m *MappingRule) AssociatedRole() *Role
type MappingRuleManager ¶
type MappingRuleManager struct {
// contains filtered or unexported fields
}
func NewMappingRuleManager ¶
func NewMappingRuleManager(rules []*MappingRule) *MappingRuleManager
func (*MappingRuleManager) FindMatchedRule ¶
func (m *MappingRuleManager) FindMatchedRule(token *auth.OpenIDToken) (*MappingRule, error)
type MappingRuleSlice ¶
type MappingRuleSlice []*MappingRule
for sort.Interface
func (MappingRuleSlice) Len ¶
func (s MappingRuleSlice) Len() int
func (MappingRuleSlice) Less ¶
func (s MappingRuleSlice) Less(i, j int) bool
func (MappingRuleSlice) Swap ¶
func (s MappingRuleSlice) Swap(i, j int)
type MappingType ¶
type MappingType int
const ( MappingSpecificDomain MappingType = iota + 1 MappingWholeDomain MappingGroupMember MappingSpecificAddress )
type OIDCAuthorization ¶
type Principal ¶
type Principal struct { PrincipalID uuid.UUID Name string Description string // contains filtered or unexported fields }
func (*Principal) APIKeys ¶
func (p *Principal) APIKeys() []*AuthAPIKey
func (*Principal) AttachGroup ¶
func (*Principal) AttachNewGroup ¶
func (*Principal) AttachNewRole ¶
func (*Principal) AttachRole ¶
func (*Principal) AttachedRoles ¶
func (*Principal) CreateAPIKey ¶
func (p *Principal) CreateAPIKey(name string) (*AuthAPIKey, string, error)
Add New APIKey
func (*Principal) DetachGroup ¶
func (*Principal) DetachRole ¶
func (*Principal) HavingPermissions ¶
func (p *Principal) HavingPermissions() []*Permission
func (*Principal) OIDCAuthorization ¶
func (p *Principal) OIDCAuthorization() *OIDCAuthorization
return OpenID Connect Authorization info. May be nil.
type Query ¶
type Query interface { FindPrincipals(ctx Context, ids []string) ([]*Principal, error) FindPrincipalIDByOIDC(ctx Context, issuer, subject string) (*Principal, error) EnumeratePrincipalIDs(ctx Context) ([]uuid.UUID, error) FindGroups(ctx Context, ids []string) ([]*Group, error) EnumerateGroupIDs(ctx Context) ([]uuid.UUID, error) FindRoles(ctx Context, ids []string) ([]*Role, error) EnumerateRoleIDs(ctx Context) ([]uuid.UUID, error) FindPermissions(ctx Context, ids []string) ([]*Permission, error) EnumeratePermissionIDs(ctx Context) ([]uuid.UUID, error) FindMappingRules(ctx Context, ids []string) ([]*MappingRule, error) EnumerateMappingRuleIDs(ctx Context) ([]uuid.UUID, error) }
type Role ¶
type Role struct { RoleID uuid.UUID Name string Description string // contains filtered or unexported fields }
func (*Role) AttachNewPermission ¶
func (r *Role) AttachNewPermission(ctx Context, name, description string) (*Permission, error)
func (*Role) AttachPermission ¶
func (r *Role) AttachPermission(p *Permission) error
func (*Role) DetachPermission ¶
func (r *Role) DetachPermission(p *Permission) error
func (*Role) Permissions ¶
func (r *Role) Permissions() []*Permission
Click to show internal directories.
Click to hide internal directories.