Documentation ¶
Index ¶
- Variables
- func NewACLAuthorizer(acl ACL) (api.Authorizer, error)
- func NewACLMongoAuthorizer(c *ACLMongoConfig) (api.Authorizer, error)
- func NewACLXormAuthz(c *XormAuthzConfig) (api.Authorizer, error)
- func NewCasbinAuthorizer(enforcer *casbin.Enforcer) (api.Authorizer, error)
- func StringSetIntersection(a, b []string) []string
- func ValidateACL(acl ACL) error
- type ACL
- type ACLEntry
- type ACLMongoConfig
- type CasbinAuthzConfig
- type ExtAuthz
- type ExtAuthzConfig
- type ExtAuthzStatus
- type MatchConditions
- type MongoACL
- type MongoACLEntry
- type PluginAuthz
- type PluginAuthzConfig
- type XormACL
- type XormACLEntry
- type XormAuthzConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var (
EnableSQLite3 = false
)
Functions ¶
func NewACLAuthorizer ¶
func NewACLAuthorizer(acl ACL) (api.Authorizer, error)
NewACLAuthorizer Creates a new static authorizer with ACL that have been read from the config file
func NewACLMongoAuthorizer ¶
func NewACLMongoAuthorizer(c *ACLMongoConfig) (api.Authorizer, error)
NewACLMongoAuthorizer creates a new ACL MongoDB authorizer
func NewACLXormAuthz ¶
func NewACLXormAuthz(c *XormAuthzConfig) (api.Authorizer, error)
func NewCasbinAuthorizer ¶
func NewCasbinAuthorizer(enforcer *casbin.Enforcer) (api.Authorizer, error)
NewCasbinAuthorizer creates a new casbin authorizer.
func StringSetIntersection ¶
func ValidateACL ¶
Types ¶
type ACLEntry ¶
type ACLEntry struct { Match *MatchConditions `yaml:"match"` Actions *[]string `yaml:"actions,flow"` Comment *string `yaml:"comment,omitempty"` }
type ACLMongoConfig ¶
type ACLMongoConfig struct { MongoConfig *mgo_session.Config `yaml:"dial_info,omitempty"` Collection string `yaml:"collection,omitempty"` CacheTTL time.Duration `yaml:"cache_ttl,omitempty"` }
func (*ACLMongoConfig) Validate ¶
func (c *ACLMongoConfig) Validate(configKey string) error
Validate ensures that any custom config options in a Config are set correctly.
type CasbinAuthzConfig ¶
type ExtAuthz ¶
type ExtAuthz struct {
// contains filtered or unexported fields
}
func NewExtAuthzAuthorizer ¶
func NewExtAuthzAuthorizer(cfg *ExtAuthzConfig) *ExtAuthz
type ExtAuthzConfig ¶
func (*ExtAuthzConfig) Validate ¶
func (c *ExtAuthzConfig) Validate() error
type ExtAuthzStatus ¶
type ExtAuthzStatus int
const ( ExtAuthzAllowed ExtAuthzStatus = 0 ExtAuthzDenied ExtAuthzStatus = 1 ExtAuthzError ExtAuthzStatus = 2 )
type MatchConditions ¶
type MatchConditions struct { Account *string `yaml:"account,omitempty" json:"account,omitempty"` Type *string `yaml:"type,omitempty" json:"type,omitempty"` Name *string `yaml:"name,omitempty" json:"name,omitempty"` IP *string `yaml:"ip,omitempty" json:"ip,omitempty"` Service *string `yaml:"service,omitempty" json:"service,omitempty"` Labels map[string]string `yaml:"labels,omitempty" json:"labels,omitempty"` }
func (*MatchConditions) Matches ¶
func (mc *MatchConditions) Matches(ai *api.AuthRequestInfo) bool
type MongoACL ¶
type MongoACL []MongoACLEntry
type MongoACLEntry ¶
type PluginAuthz ¶
type PluginAuthz struct {
Authz api.Authorizer
}
func NewPluginAuthzAuthorizer ¶
func NewPluginAuthzAuthorizer(cfg *PluginAuthzConfig) (*PluginAuthz, error)
func (*PluginAuthz) Authorize ¶
func (c *PluginAuthz) Authorize(ai *api.AuthRequestInfo) ([]string, error)
func (*PluginAuthz) Name ¶
func (c *PluginAuthz) Name() string
func (*PluginAuthz) Stop ¶
func (c *PluginAuthz) Stop()
type PluginAuthzConfig ¶
type PluginAuthzConfig struct {
PluginPath string `yaml:"plugin_path"`
}
func (*PluginAuthzConfig) Validate ¶
func (c *PluginAuthzConfig) Validate() error
type XormACL ¶
type XormACL []XormACLEntry
type XormACLEntry ¶
func (XormACLEntry) TableName ¶
func (x XormACLEntry) TableName() string
type XormAuthzConfig ¶
type XormAuthzConfig struct { DatabaseType string `yaml:"database_type,omitempty"` ConnString string `yaml:"conn_string,omitempty"` CacheTTL time.Duration `yaml:"cache_ttl,omitempty"` }
func (*XormAuthzConfig) Validate ¶
func (xa *XormAuthzConfig) Validate(configKey string) error
Click to show internal directories.
Click to hide internal directories.