dbauthz

package
v2.10.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: AGPL-3.0 Imports: 18 Imported by: 0

Documentation

Overview

Package dbauthz provides an authorization layer on top of the database. This package exposes an interface that is currently a 1:1 mapping with database.Store.

The same cultural rules apply to this package as they do to database.Store. Meaning that each method implemented should keep the number of database queries as close to 1 as possible. Each method should do 1 thing, with no unexpected side effects (eg: updating multiple tables in a single method).

Do not implement business logic in this package. Only authorization related logic should be implemented here. In most cases, this should only be a call to the rbac authorizer.

When a new database method is added to database.Store, it should be added to this package as well. The unit test "Accounting" will ensure all methods are tested. See other unit tests for examples on how to write these.

Index

Constants

This section is empty.

Variables

View Source 
var AsRemoveActor = rbac.Subject{
	ID: "remove-actor",
}
View Source 
var NoActorError = xerrors.Errorf("no authorization actor in context: %w", sql.ErrNoRows)

NoActorError wraps ErrNoRows for the api to return a 404. This is the correct response when the user is not authorized.

Functions

func ActorFromContext 

func ActorFromContext(ctx context.Context) (rbac.Subject, bool)

ActorFromContext returns the authorization subject from the context. All authentication flows should set the authorization subject in the context. If no actor is present, the function returns false.

func As 

func As(ctx context.Context, actor rbac.Subject) context.Context

As returns a context with the given actor stored in the context. This is used for cases where the actor touching the database is not the actor stored in the context. When you use this function, be sure to add a //nolint comment explaining why it is necessary.

func AsAutostart 

func AsAutostart(ctx context.Context) context.Context

AsAutostart returns a context with an actor that has permissions required for autostart to function.

func AsHangDetector 

func AsHangDetector(ctx context.Context) context.Context

AsHangDetector returns a context with an actor that has permissions required for unhanger.Detector to function.

func AsProvisionerd 

func AsProvisionerd(ctx context.Context) context.Context

AsProvisionerd returns a context with an actor that has permissions required for provisionerd to function.

func AsSystemRestricted 

func AsSystemRestricted(ctx context.Context) context.Context

AsSystemRestricted returns a context with an actor that has permissions required for various system operations (login, logout, metrics cache).

func IsNotAuthorizedError 

func IsNotAuthorizedError(err error) bool

func New 

func New(db database.Store, authorizer rbac.Authorizer, logger slog.Logger, acs *atomic.Pointer[AccessControlStore]) database.Store

Types

type AGPLTemplateAccessControlStore added in v2.3.2 

type AGPLTemplateAccessControlStore struct{}

AGPLTemplateAccessControlStore always returns the defaults for access control settings.

func (AGPLTemplateAccessControlStore) GetTemplateAccessControl added in v2.3.2 

func (AGPLTemplateAccessControlStore) GetTemplateAccessControl(t database.Template) TemplateAccessControl

func (AGPLTemplateAccessControlStore) SetTemplateAccessControl added in v2.3.2 

func (AGPLTemplateAccessControlStore) SetTemplateAccessControl(ctx context.Context, store database.Store, id uuid.UUID, opts TemplateAccessControl) error

type AccessControlStore added in v2.3.2 

type AccessControlStore interface {
	GetTemplateAccessControl(t database.Template) TemplateAccessControl
	SetTemplateAccessControl(ctx context.Context, store database.Store, id uuid.UUID, opts TemplateAccessControl) error
}

AccessControlStore fetches access control-related configuration that is used when determining whether an actor is authorized to interact with an RBAC object.

type NotAuthorizedError 

type NotAuthorizedError struct {
	Err error
}

NotAuthorizedError is a sentinel error that unwraps to sql.ErrNoRows. This allows the internal error to be read by the caller if needed. Otherwise it will be handled as a 404.

func (NotAuthorizedError) Error 

func (e NotAuthorizedError) Error() string

func (NotAuthorizedError) IsUnauthorized added in v2.1.5 

func (NotAuthorizedError) IsUnauthorized() bool

IsUnauthorized implements the IsUnauthorized interface.

func (NotAuthorizedError) Unwrap 

func (e NotAuthorizedError) Unwrap() error

Unwrap will always unwrap to a sql.ErrNoRows so the API returns a 404. So 'errors.Is(err, sql.ErrNoRows)' will always be true.

type TemplateAccessControl added in v2.3.2 

type TemplateAccessControl struct {
	RequireActiveVersion bool
	Deprecated           string
}

func (TemplateAccessControl) IsDeprecated added in v2.5.0 

func (t TemplateAccessControl) IsDeprecated() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.