access

package

v1.0.9 Latest Latest Go to latest Published: Feb 19, 2024 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/echocat/caretakerd

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Variables
type Access
- func NewAccess(conf Config, name string, ks *keyStore.KeyStore) (*Access, error)
type Config
- func (instance Config) Validate() error
type FilePermission
- func DefaultFilePermission() FilePermission
type Permission
type Type

Constants ¶

This section is empty.

Variables ¶

View Source

var AllPermissions = []Permission{
	Forbidden,
	ReadOnly,
	ReadWrite,
}

AllPermissions contains all possible variants of Permission.

View Source

var AllTypes = []Type{
	None,
	Trusted,
	GenerateToEnvironment,
	GenerateToFile,
}

AllTypes contains all possible variants of Type.

Functions ¶

This section is empty.

Types ¶

type Access ¶

type Access struct {
	// contains filtered or unexported fields
}

Access represents an initiated access management for a service node of caretakerd.

func NewAccess ¶

func NewAccess(conf Config, name string, ks *keyStore.KeyStore) (*Access, error)

NewAccess creates a new instance of Access using the given configuration.

func (Access) Cleanup ¶

func (instance Access) Cleanup()

Cleanup cleans up tasks when the given object is not longer required. This could delete action of temporary files ...

func (Access) HasReadPermission ¶

func (instance Access) HasReadPermission() bool

HasReadPermission queries whether the service/node that this access instance belongs to can execute read actions in caretakerd.

func (Access) HasWritePermission ¶

func (instance Access) HasWritePermission() bool

HasWritePermission queries whether the service/node that this access instance belongs to can execute write actions in caretakerd.

func (*Access) IsCertValid ¶

func (instance *Access) IsCertValid(cert *x509.Certificate) bool

IsCertValid queries whether the given Certificate is valid in combination with this access instance.

func (Access) Pem ¶

func (instance Access) Pem() []byte

Pem queries the contained private and public key pair. This can be empty.

func (Access) Type ¶

func (instance Access) Type() Type

Type queries the type of this access object.

type Config ¶

type Config struct {
	// @default "generateToFile" (for control/caretakerctl) "none" (for services)
	//
	// Defines how this access will be ensured.
	//
	// For details see possible values {@ref github.com/echocat/caretakerd/access.Type}.
	Type Type `json:"type" yaml:"type"`

	// @default "readWrite" (for control/caretakerctl) "forbidden" (for services)
	//
	// Defines what the control/service can do with caretakerd.
	//
	// For details see possible values {@ref github.com/echocat/caretakerd/access.Permission}.
	Permission Permission `json:"permission" yaml:"permission"`

	// @default ""
	//
	// If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#Trusted trusted},
	// the certificates specified in this file are used to trust remote connections. Not matching remote connections will be
	// rejected.
	//
	// If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#GenerateToFile generateToFile},
	// caretakerd generates this file that must be used by remote connections.
	//
	// > **Important:** If the property {@ref #Type type} = {@ref github.com/echocat/caretakerd/access.Type#GenerateToFile generateToFile},
	// > this property is required.
	PemFile values.String `json:"pemFile,omitempty" yaml:"pemFile"`

	// @default 0600
	//
	// Permission in filesystem of the generated {@ref #PemFile pem file}.
	PemFilePermission FilePermission `json:"pemFilePermission,omitempty" yaml:"pemFilePermission"`

	// @default ""
	//
	// If set, this user owns the generated {@ref #PemFile pem file}.
	// Otherwise it is owned by the user caretakerd is running with.
	PemFileUser values.String `json:"pemFileUser,omitempty" yaml:"pemFileUser"`
}

Config to access caretakerd.

func NewGenerateToEnvironmentConfig ¶

func NewGenerateToEnvironmentConfig(permission Permission) Config

NewGenerateToEnvironmentConfig creates a new Config with the given permission and will force a creation of certificates to environment variables.

func NewGenerateToFileConfig ¶

func NewGenerateToFileConfig(permission Permission, pemFile values.String) Config

NewGenerateToFileConfig creates a new Config with the given permission and will force a creation of certificates to the given pemFile.

func NewNoneConfig ¶

func NewNoneConfig() Config

NewNoneConfig creates a new Config that denies access to anything.

func NewTrustedConfig ¶

func NewTrustedConfig(permission Permission) Config

NewTrustedConfig creates a new Config with the given Permission based on Trusted rules.

func (Config) Validate ¶

func (instance Config) Validate() error

Validate validates an action on this object and returns an error object if there is any.

type FilePermission ¶

type FilePermission os.FileMode

FilePermission represents a operating system file permission. @inline

func DefaultFilePermission ¶

func DefaultFilePermission() FilePermission

DefaultFilePermission returns the default FilePermission instance.

func (FilePermission) AsFileMode ¶

func (instance FilePermission) AsFileMode() os.FileMode

AsFileMode returns this instance as os.FileMode instance.

func (FilePermission) MarshalJSON ¶

func (instance FilePermission) MarshalJSON() ([]byte, error)

MarshalJSON is used until json marshalling. Do not call this method directly.

func (FilePermission) MarshalYAML ¶

func (instance FilePermission) MarshalYAML() (interface{}, error)

MarshalYAML is used until yaml marshalling. Do not call this method directly.

func (*FilePermission) Set ¶

func (instance *FilePermission) Set(value string) error

Set sets the given string to current object from a string. Returns an error object if there are problems while transforming the string.

func (FilePermission) String ¶

func (instance FilePermission) String() string

func (FilePermission) ThisOrDefault ¶

func (instance FilePermission) ThisOrDefault() FilePermission

ThisOrDefault returns this instance if not empty. Otherwise the default FilePermission will be returned.

func (*FilePermission) UnmarshalJSON ¶

func (instance *FilePermission) UnmarshalJSON(b []byte) error

UnmarshalJSON is used until json unmarshalling. Do not call this method directly.

func (*FilePermission) UnmarshalYAML ¶

func (instance *FilePermission) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML is used until yaml unmarshalling. Do not call this method directly.

func (FilePermission) Validate ¶

func (instance FilePermission) Validate() error

Validate validates action on this object and returns an error object if errors occur.

type Permission ¶

type Permission int

Permission represents the service's/node's permissions in caretakerd.

const (
	// @id forbidden
	//
	// The remote control/service does not have any permissions in caretakerd.
	Forbidden Permission = 0
	// @id readOnly
	//
	// The remote control/service does only have read permissions in caretakerd.
	ReadOnly Permission = 1
	// @id readWrite
	//
	// The remote control/service does have read and write permissions in caretakerd.
	ReadWrite Permission = 2
)

func (Permission) CheckedString ¶

func (instance Permission) CheckedString() (string, error)

CheckedString - Same as String but also returns an optional error message if errors occur. validation errors.

func (Permission) MarshalJSON ¶

func (instance Permission) MarshalJSON() ([]byte, error)

MarshalJSON is used until json marshalling. Do not call directly.

func (Permission) MarshalYAML ¶

func (instance Permission) MarshalYAML() (interface{}, error)

MarshalYAML is used until yaml marshalling. Do not call directly.

func (*Permission) Set ¶

func (instance *Permission) Set(value string) error

Set the given string to current object from a string. Return an error object if there are some problems while transforming the string.

func (Permission) String ¶

func (instance Permission) String() string

func (*Permission) UnmarshalJSON ¶

func (instance *Permission) UnmarshalJSON(b []byte) error

UnmarshalJSON is used until json unmarshalling. Do not call directly.

func (*Permission) UnmarshalYAML ¶

func (instance *Permission) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML is used until yaml unmarshalling. Do not call directly.

func (Permission) Validate ¶

func (instance Permission) Validate() error

Validate validates actions on the given object and returns an error object if errors occur.

type Type ¶

type Type int

const (
	// @id none
	//
	// No ID given
	None Type = 0
	// @id trusted
	//
	// caretakerd trusts the remote connection based on the remote name and the configured {@ref github.com/echocat/caretakerd/keyStore.Config#CaFile}.
	// or if the {@ref github.com/echocat/caretakerd/access.Config#PemFile} is specified to expect exactly this identity.
	Trusted Type = 1
	// @id generateToEnvironment
	//
	// Generates a new certificate to the environment variable “CTD_PEM“ and trusts it.
	GenerateToEnvironment Type = 2
	// @id generateToFile
	//
	// Generates a new certificate to the configured {@ref github.com/echocat/caretakerd/access.Config#PemFile} and trusts it.
	GenerateToFile Type = 3
)

func (Type) CheckedString ¶

func (instance Type) CheckedString() (string, error)

CheckedString is like String but also returns an optional error if there are validation errors.

func (Type) IsGenerating ¶

func (instance Type) IsGenerating() bool

IsGenerating returns true if this Type indicates that it will create a key.

func (Type) IsTakingFileGroup ¶ added in v0.1.6

func (instance Type) IsTakingFileGroup() bool

IsTakingFileGroup returns true if this Type indicates that it accepts a file group.

func (Type) IsTakingFilePermission ¶

func (instance Type) IsTakingFilePermission() bool

IsTakingFilePermission returns true if this Type indicates that it accepts a file permission.

func (Type) IsTakingFileUser ¶

func (instance Type) IsTakingFileUser() bool

IsTakingFileUser returns true if this Type indicates that it accepts a file user.

func (Type) IsTakingFilename ¶

func (instance Type) IsTakingFilename() bool

IsTakingFilename returns true if this Type indicates that it accepts a file name.

func (Type) MarshalJSON ¶

func (instance Type) MarshalJSON() ([]byte, error)

MarshalJSON is used until json marshalling. Do not call this method directly.

func (Type) MarshalYAML ¶

func (instance Type) MarshalYAML() (interface{}, error)

MarshalYAML is used until yaml marshalling. Do not call this method directly.

func (*Type) Set ¶

func (instance *Type) Set(value string) error

Set sets the given string to the current object from a string. Returns an error object if there are problems while transforming the string.

func (Type) String ¶

func (instance Type) String() string

func (*Type) UnmarshalJSON ¶

func (instance *Type) UnmarshalJSON(b []byte) error

UnmarshalJSON is used until json unmarshalling. Do not call this method directly.

func (*Type) UnmarshalYAML ¶

func (instance *Type) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML is used until yaml unmarshalling. Do not call this method directly.

func (Type) Validate ¶

func (instance Type) Validate() error

Validate validates an action on this object and returns an error object if there are any.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL