authorizer

package
v2.0.0-beta.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2020 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInactiveTask = &influxdb.Error{
		Code: influxdb.EInvalid,
		Msg:  "inactive task",
	}

	ErrFailedPermission = &influxdb.Error{
		Code: influxdb.EInvalid,
		Msg:  "unauthorized",
	}
)

Functions

func IsAllowed 

func IsAllowed(ctx context.Context, p influxdb.Permission) error

IsAllowed checks to see if an action is authorized by retrieving the authorizer off of context and authorizing the action appropriately.

func IsAllowedAll 

func IsAllowedAll(ctx context.Context, permissions []influxdb.Permission) error

IsAllowedAll checks to see if an action is authorized by ALL permissions. Also see IsAllowed.

func NewTaskService 

func NewTaskService(log *zap.Logger, ts influxdb.TaskService) influxdb.TaskService

TaskService wraps ts and checks appropriate permissions before calling requested methods on ts. Authorization failures are logged to the logger.

func VerifyPermissions 

func VerifyPermissions(ctx context.Context, ps []influxdb.Permission) error

VerifyPermission ensures that an authorization is allowed all of the appropriate permissions.

Types

type AuthorizationService 

type AuthorizationService struct {
	// contains filtered or unexported fields
}

AuthorizationService wraps a influxdb.AuthorizationService and authorizes actions against it appropriately.

func NewAuthorizationService 

func NewAuthorizationService(s influxdb.AuthorizationService) *AuthorizationService

NewAuthorizationService constructs an instance of an authorizing authorization serivce.

func (*AuthorizationService) CreateAuthorization 

func (s *AuthorizationService) CreateAuthorization(ctx context.Context, a *influxdb.Authorization) error

CreateAuthorization checks to see if the authorizer on context has write access to the global authorizations resource.

func (*AuthorizationService) DeleteAuthorization 

func (s *AuthorizationService) DeleteAuthorization(ctx context.Context, id influxdb.ID) error

DeleteAuthorization checks to see if the authorizer on context has write access to the authorization provided.

func (*AuthorizationService) FindAuthorizationByID 

func (s *AuthorizationService) FindAuthorizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Authorization, error)

FindAuthorizationByID checks to see if the authorizer on context has read access to the id provided.

func (*AuthorizationService) FindAuthorizationByToken 

func (s *AuthorizationService) FindAuthorizationByToken(ctx context.Context, t string) (*influxdb.Authorization, error)

FindAuthorization retrieves the authorization and checks to see if the authorizer on context has read access to the authorization.

func (*AuthorizationService) FindAuthorizations 

func (s *AuthorizationService) FindAuthorizations(ctx context.Context, filter influxdb.AuthorizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Authorization, int, error)

FindAuthorizations retrieves all authorizations that match the provided filter and then filters the list down to only the resources that are authorized.

func (*AuthorizationService) UpdateAuthorization 

func (s *AuthorizationService) UpdateAuthorization(ctx context.Context, id influxdb.ID, upd *influxdb.AuthorizationUpdate) (*influxdb.Authorization, error)

UpdateAuthorization checks to see if the authorizer on context has write access to the authorization provided.

type BackupService 

type BackupService struct {
	// contains filtered or unexported fields
}

BackupService wraps a influxdb.BackupService and authorizes actions against it appropriately.

func NewBackupService 

func NewBackupService(s influxdb.BackupService) *BackupService

NewBackupService constructs an instance of an authorizing backup service.

func (BackupService) CreateBackup 

func (b BackupService) CreateBackup(ctx context.Context) (int, []string, error)

func (BackupService) FetchBackupFile 

func (b BackupService) FetchBackupFile(ctx context.Context, backupID int, backupFile string, w io.Writer) error

func (BackupService) InternalBackupPath 

func (b BackupService) InternalBackupPath(backupID int) string

type BucketService 

type BucketService struct {
	// contains filtered or unexported fields
}

BucketService wraps a influxdb.BucketService and authorizes actions against it appropriately.

func NewBucketService 

func NewBucketService(s influxdb.BucketService) *BucketService

NewBucketService constructs an instance of an authorizing bucket serivce.

func (*BucketService) CreateBucket 

func (s *BucketService) CreateBucket(ctx context.Context, b *influxdb.Bucket) error

CreateBucket checks to see if the authorizer on context has write access to the global buckets resource.

func (*BucketService) DeleteBucket 

func (s *BucketService) DeleteBucket(ctx context.Context, id influxdb.ID) error

DeleteBucket checks to see if the authorizer on context has write access to the bucket provided.

func (*BucketService) FindBucket 

func (s *BucketService) FindBucket(ctx context.Context, filter influxdb.BucketFilter) (*influxdb.Bucket, error)

FindBucket retrieves the bucket and checks to see if the authorizer on context has read access to the bucket.

func (*BucketService) FindBucketByID 

func (s *BucketService) FindBucketByID(ctx context.Context, id influxdb.ID) (*influxdb.Bucket, error)

FindBucketByID checks to see if the authorizer on context has read access to the id provided.

func (*BucketService) FindBucketByName 

func (s *BucketService) FindBucketByName(ctx context.Context, orgID influxdb.ID, n string) (*influxdb.Bucket, error)

FindBucketByName returns a bucket by name for a particular organization.

func (*BucketService) FindBuckets 

func (s *BucketService) FindBuckets(ctx context.Context, filter influxdb.BucketFilter, opt ...influxdb.FindOptions) ([]*influxdb.Bucket, int, error)

FindBuckets retrieves all buckets that match the provided filter and then filters the list down to only the resources that are authorized.

func (*BucketService) UpdateBucket 

func (s *BucketService) UpdateBucket(ctx context.Context, id influxdb.ID, upd influxdb.BucketUpdate) (*influxdb.Bucket, error)

UpdateBucket checks to see if the authorizer on context has write access to the bucket provided.

type CheckService 

type CheckService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	influxdb.TaskService
	// contains filtered or unexported fields
}

CheckService wraps a influxdb.CheckService and authorizes actions against it appropriately.

func NewCheckService 

func NewCheckService(s influxdb.CheckService, urm influxdb.UserResourceMappingService, org influxdb.OrganizationService) *CheckService

NewCheckService constructs an instance of an authorizing check serivce.

func (*CheckService) CreateCheck 

func (s *CheckService) CreateCheck(ctx context.Context, chk influxdb.CheckCreate, userID influxdb.ID) error

CreateCheck checks to see if the authorizer on context has write access to the global check resource.

func (*CheckService) DeleteCheck 

func (s *CheckService) DeleteCheck(ctx context.Context, id influxdb.ID) error

DeleteCheck checks to see if the authorizer on context has write access to the check provided.

func (*CheckService) FindCheck 

func (s *CheckService) FindCheck(ctx context.Context, filter influxdb.CheckFilter) (influxdb.Check, error)

FindCheck will return the check.

func (*CheckService) FindCheckByID 

func (s *CheckService) FindCheckByID(ctx context.Context, id influxdb.ID) (influxdb.Check, error)

FindCheckByID checks to see if the authorizer on context has read access to the id provided.

func (*CheckService) FindChecks 

func (s *CheckService) FindChecks(ctx context.Context, filter influxdb.CheckFilter, opt ...influxdb.FindOptions) ([]influxdb.Check, int, error)

FindChecks retrieves all checks that match the provided filter and then filters the list down to only the resources that are authorized.

func (*CheckService) PatchCheck 

func (s *CheckService) PatchCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckUpdate) (influxdb.Check, error)

PatchCheck checks to see if the authorizer on context has write access to the check provided.

func (*CheckService) UpdateCheck 

func (s *CheckService) UpdateCheck(ctx context.Context, id influxdb.ID, upd influxdb.CheckCreate) (influxdb.Check, error)

UpdateCheck checks to see if the authorizer on context has write access to the check provided.

type DashboardService 

type DashboardService struct {
	// contains filtered or unexported fields
}

DashboardService wraps a influxdb.DashboardService and authorizes actions against it appropriately.

func NewDashboardService 

func NewDashboardService(s influxdb.DashboardService) *DashboardService

NewDashboardService constructs an instance of an authorizing dashboard serivce.

func (*DashboardService) AddDashboardCell 

func (s *DashboardService) AddDashboardCell(ctx context.Context, id influxdb.ID, c *influxdb.Cell, opts influxdb.AddDashboardCellOptions) error

func (*DashboardService) CreateDashboard 

func (s *DashboardService) CreateDashboard(ctx context.Context, b *influxdb.Dashboard) error

CreateDashboard checks to see if the authorizer on context has write access to the global dashboards resource.

func (*DashboardService) DeleteDashboard 

func (s *DashboardService) DeleteDashboard(ctx context.Context, id influxdb.ID) error

DeleteDashboard checks to see if the authorizer on context has write access to the dashboard provided.

func (*DashboardService) FindDashboardByID 

func (s *DashboardService) FindDashboardByID(ctx context.Context, id influxdb.ID) (*influxdb.Dashboard, error)

FindDashboardByID checks to see if the authorizer on context has read access to the id provided.

func (*DashboardService) FindDashboards 

func (s *DashboardService) FindDashboards(ctx context.Context, filter influxdb.DashboardFilter, opt influxdb.FindOptions) ([]*influxdb.Dashboard, int, error)

FindDashboards retrieves all dashboards that match the provided filter and then filters the list down to only the resources that are authorized.

func (*DashboardService) GetDashboardCellView 

func (s *DashboardService) GetDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) (*influxdb.View, error)

func (*DashboardService) RemoveDashboardCell 

func (s *DashboardService) RemoveDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID) error

func (*DashboardService) ReplaceDashboardCells 

func (s *DashboardService) ReplaceDashboardCells(ctx context.Context, id influxdb.ID, c []*influxdb.Cell) error

func (*DashboardService) UpdateDashboard 

func (s *DashboardService) UpdateDashboard(ctx context.Context, id influxdb.ID, upd influxdb.DashboardUpdate) (*influxdb.Dashboard, error)

UpdateDashboard checks to see if the authorizer on context has write access to the dashboard provided.

func (*DashboardService) UpdateDashboardCell 

func (s *DashboardService) UpdateDashboardCell(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.CellUpdate) (*influxdb.Cell, error)

func (*DashboardService) UpdateDashboardCellView 

func (s *DashboardService) UpdateDashboardCellView(ctx context.Context, dashboardID influxdb.ID, cellID influxdb.ID, upd influxdb.ViewUpdate) (*influxdb.View, error)

type LabelService 

type LabelService struct {
	// contains filtered or unexported fields
}

LabelService wraps a influxdb.LabelService and authorizes actions against it appropriately.

func NewLabelService 

func NewLabelService(s influxdb.LabelService) *LabelService

NewLabelService constructs an instance of an authorizing label serivce.

func (*LabelService) CreateLabel 

func (s *LabelService) CreateLabel(ctx context.Context, l *influxdb.Label) error

CreateLabel checks to see if the authorizer on context has read access to the new label's org.

func (*LabelService) CreateLabelMapping 

func (s *LabelService) CreateLabelMapping(ctx context.Context, m *influxdb.LabelMapping) error

CreateLabelMapping checks to see if the authorizer on context has write access to the label and the resource contained by the label mapping in creation.

func (*LabelService) DeleteLabel 

func (s *LabelService) DeleteLabel(ctx context.Context, id influxdb.ID) error

DeleteLabel checks to see if the authorizer on context has write access to the label provided.

func (*LabelService) DeleteLabelMapping 

func (s *LabelService) DeleteLabelMapping(ctx context.Context, m *influxdb.LabelMapping) error

DeleteLabelMapping checks to see if the authorizer on context has write access to the label and the resource of the label mapping to delete.

func (*LabelService) FindLabelByID 

func (s *LabelService) FindLabelByID(ctx context.Context, id influxdb.ID) (*influxdb.Label, error)

FindLabelByID checks to see if the authorizer on context has read access to the label id provided.

func (*LabelService) FindLabels 

func (s *LabelService) FindLabels(ctx context.Context, filter influxdb.LabelFilter, opt ...influxdb.FindOptions) ([]*influxdb.Label, error)

FindLabels retrieves all labels that match the provided filter and then filters the list down to only the resources that are authorized.

func (*LabelService) FindResourceLabels 

func (s *LabelService) FindResourceLabels(ctx context.Context, filter influxdb.LabelMappingFilter) ([]*influxdb.Label, error)

FindResourceLabels retrieves all labels belonging to the filtering resource if the authorizer on context has read access to it. Then it filters the list down to only the labels that are authorized.

func (*LabelService) UpdateLabel 

func (s *LabelService) UpdateLabel(ctx context.Context, id influxdb.ID, upd influxdb.LabelUpdate) (*influxdb.Label, error)

UpdateLabel checks to see if the authorizer on context has write access to the label provided.

type NotificationEndpointService 

type NotificationEndpointService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

NotificationEndpointService wraps a influxdb.NotificationEndpointService and authorizes actions against it appropriately.

func NewNotificationEndpointService 

func NewNotificationEndpointService(
	s influxdb.NotificationEndpointService,
	urm influxdb.UserResourceMappingService,
	org influxdb.OrganizationService,
) *NotificationEndpointService

NewNotificationEndpointService constructs an instance of an authorizing notification endpoint serivce.

func (*NotificationEndpointService) CreateNotificationEndpoint 

func (s *NotificationEndpointService) CreateNotificationEndpoint(ctx context.Context, edp influxdb.NotificationEndpoint, userID influxdb.ID) error

CreateNotificationEndpoint checks to see if the authorizer on context has write access to the global notification endpoint resource.

func (*NotificationEndpointService) DeleteNotificationEndpoint 

func (s *NotificationEndpointService) DeleteNotificationEndpoint(ctx context.Context, id influxdb.ID) ([]influxdb.SecretField, influxdb.ID, error)

DeleteNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

func (*NotificationEndpointService) FindNotificationEndpointByID 

func (s *NotificationEndpointService) FindNotificationEndpointByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationEndpoint, error)

FindNotificationEndpointByID checks to see if the authorizer on context has read access to the id provided.

func (*NotificationEndpointService) FindNotificationEndpoints 

func (s *NotificationEndpointService) FindNotificationEndpoints(ctx context.Context, filter influxdb.NotificationEndpointFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationEndpoint, int, error)

FindNotificationEndpoints retrieves all notification endpoints that match the provided filter and then filters the list down to only the resources that are authorized.

func (*NotificationEndpointService) PatchNotificationEndpoint 

func (s *NotificationEndpointService) PatchNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpointUpdate) (influxdb.NotificationEndpoint, error)

PatchNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

func (*NotificationEndpointService) UpdateNotificationEndpoint 

func (s *NotificationEndpointService) UpdateNotificationEndpoint(ctx context.Context, id influxdb.ID, upd influxdb.NotificationEndpoint, userID influxdb.ID) (influxdb.NotificationEndpoint, error)

UpdateNotificationEndpoint checks to see if the authorizer on context has write access to the notification endpoint provided.

type NotificationRuleStore 

type NotificationRuleStore struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

NotificationRuleStore wraps a influxdb.NotificationRuleStore and authorizes actions against it appropriately.

func NewNotificationRuleStore 

func NewNotificationRuleStore(s influxdb.NotificationRuleStore, urm influxdb.UserResourceMappingService, org influxdb.OrganizationService) *NotificationRuleStore

NewNotificationRuleStore constructs an instance of an authorizing notification rule serivce.

func (*NotificationRuleStore) CreateNotificationRule 

func (s *NotificationRuleStore) CreateNotificationRule(ctx context.Context, nr influxdb.NotificationRuleCreate, userID influxdb.ID) error

CreateNotificationRule checks to see if the authorizer on context has write access to the global notification rule resource.

func (*NotificationRuleStore) DeleteNotificationRule 

func (s *NotificationRuleStore) DeleteNotificationRule(ctx context.Context, id influxdb.ID) error

DeleteNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

func (*NotificationRuleStore) FindNotificationRuleByID 

func (s *NotificationRuleStore) FindNotificationRuleByID(ctx context.Context, id influxdb.ID) (influxdb.NotificationRule, error)

FindNotificationRuleByID checks to see if the authorizer on context has read access to the id provided.

func (*NotificationRuleStore) FindNotificationRules 

func (s *NotificationRuleStore) FindNotificationRules(ctx context.Context, filter influxdb.NotificationRuleFilter, opt ...influxdb.FindOptions) ([]influxdb.NotificationRule, int, error)

FindNotificationRules retrieves all notification rules that match the provided filter and then filters the list down to only the resources that are authorized.

func (*NotificationRuleStore) PatchNotificationRule 

func (s *NotificationRuleStore) PatchNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleUpdate) (influxdb.NotificationRule, error)

PatchNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

func (*NotificationRuleStore) UpdateNotificationRule 

func (s *NotificationRuleStore) UpdateNotificationRule(ctx context.Context, id influxdb.ID, upd influxdb.NotificationRuleCreate, userID influxdb.ID) (influxdb.NotificationRule, error)

UpdateNotificationRule checks to see if the authorizer on context has write access to the notification rule provided.

type OrgService 

type OrgService struct {
	// contains filtered or unexported fields
}

OrgService wraps a influxdb.OrganizationService and authorizes actions against it appropriately.

func NewOrgService 

func NewOrgService(s influxdb.OrganizationService) *OrgService

NewOrgService constructs an instance of an authorizing org serivce.

func (*OrgService) CreateOrganization 

func (s *OrgService) CreateOrganization(ctx context.Context, o *influxdb.Organization) error

CreateOrganization checks to see if the authorizer on context has write access to the global orgs resource.

func (*OrgService) DeleteOrganization 

func (s *OrgService) DeleteOrganization(ctx context.Context, id influxdb.ID) error

DeleteOrganization checks to see if the authorizer on context has write access to the organization provided.

func (*OrgService) FindOrganization 

func (s *OrgService) FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error)

FindOrganization retrieves the organization and checks to see if the authorizer on context has read access to the org.

func (*OrgService) FindOrganizationByID 

func (s *OrgService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error)

FindOrganizationByID checks to see if the authorizer on context has read access to the id provided.

func (*OrgService) FindOrganizations 

func (s *OrgService) FindOrganizations(ctx context.Context, filter influxdb.OrganizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Organization, int, error)

FindOrganizations retrieves all organizations that match the provided filter and then filters the list down to only the resources that are authorized.

func (*OrgService) UpdateOrganization 

func (s *OrgService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error)

UpdateOrganization checks to see if the authorizer on context has write access to the organization provided.

type OrganizationService 

type OrganizationService interface {
	FindResourceOrganizationID(ctx context.Context, rt influxdb.ResourceType, id influxdb.ID) (influxdb.ID, error)
}

type PasswordService 

type PasswordService struct {
	// contains filtered or unexported fields
}

PasswordService is a new authorization middleware for a password service.

func NewPasswordService 

func NewPasswordService(svc influxdb.PasswordsService) *PasswordService

NewPasswordService wraps an existing password service with auth middlware.

func (*PasswordService) CompareAndSetPassword 

func (s *PasswordService) CompareAndSetPassword(ctx context.Context, userID influxdb.ID, old string, new string) error

CompareAndSetPassword checks the password and if they match updates to the new password.

func (*PasswordService) ComparePassword 

func (s *PasswordService) ComparePassword(ctx context.Context, userID influxdb.ID, password string) error

ComparePassword checks if the password matches the password recorded. Passwords that do not match return errors.

func (*PasswordService) SetPassword 

func (s *PasswordService) SetPassword(ctx context.Context, userID influxdb.ID, password string) error

SetPassword overrides the password of a known user.

type ScraperTargetStoreService 

type ScraperTargetStoreService struct {
	influxdb.UserResourceMappingService
	influxdb.OrganizationService
	// contains filtered or unexported fields
}

ScraperTargetStoreService wraps a influxdb.ScraperTargetStoreService and authorizes actions against it appropriately.

func NewScraperTargetStoreService 

func NewScraperTargetStoreService(s influxdb.ScraperTargetStoreService,
	urm influxdb.UserResourceMappingService,
	org influxdb.OrganizationService,
) *ScraperTargetStoreService

NewScraperTargetStoreService constructs an instance of an authorizing scraper target store serivce.

func (*ScraperTargetStoreService) AddTarget 

func (s *ScraperTargetStoreService) AddTarget(ctx context.Context, st *influxdb.ScraperTarget, userID influxdb.ID) error

AddTarget checks to see if the authorizer on context has write access to the global scraper target resource.

func (*ScraperTargetStoreService) GetTargetByID 

func (s *ScraperTargetStoreService) GetTargetByID(ctx context.Context, id influxdb.ID) (*influxdb.ScraperTarget, error)

GetTargetByID checks to see if the authorizer on context has read access to the id provided.

func (*ScraperTargetStoreService) ListTargets 

func (s *ScraperTargetStoreService) ListTargets(ctx context.Context, filter influxdb.ScraperTargetFilter) ([]influxdb.ScraperTarget, error)

ListTargets retrieves all scraper targets that match the provided filter and then filters the list down to only the resources that are authorized.

func (*ScraperTargetStoreService) RemoveTarget 

func (s *ScraperTargetStoreService) RemoveTarget(ctx context.Context, id influxdb.ID) error

RemoveTarget checks to see if the authorizer on context has write access to the scraper target provided.

func (*ScraperTargetStoreService) UpdateTarget 

func (s *ScraperTargetStoreService) UpdateTarget(ctx context.Context, upd *influxdb.ScraperTarget, userID influxdb.ID) (*influxdb.ScraperTarget, error)

UpdateTarget checks to see if the authorizer on context has write access to the scraper target provided.

type SecretService 

type SecretService struct {
	// contains filtered or unexported fields
}

SecretService wraps a influxdb.SecretService and authorizes actions against it appropriately.

func NewSecretService 

func NewSecretService(s influxdb.SecretService) *SecretService

NewSecretService constructs an instance of an authorizing secret serivce.

func (*SecretService) DeleteSecret 

func (s *SecretService) DeleteSecret(ctx context.Context, orgID influxdb.ID, keys ...string) error

DeleteSecret checks to see if the authorizer on context has write access to the secret keys provided.

func (*SecretService) GetSecretKeys 

func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([]string, error)

GetSecretKeys checks to see if the authorizer on context has read access to all the secrets belonging to orgID.

func (*SecretService) LoadSecret 

func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, key string) (string, error)

LoadSecret checks to see if the authorizer on context has read access to the secret key provided.

func (*SecretService) PatchSecrets 

func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error

PatchSecrets checks to see if the authorizer on context has write access to the secret keys provided.

func (*SecretService) PutSecret 

func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, key string, val string) error

PutSecret checks to see if the authorizer on context has write access to the secret key provided.

func (*SecretService) PutSecrets 

func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error

PutSecrets checks to see if the authorizer on context has read and write access to the secret keys provided.

type SourceService 

type SourceService struct {
	// contains filtered or unexported fields
}

SourceService wraps a influxdb.SourceService and authorizes actions against it appropriately.

func NewSourceService 

func NewSourceService(s influxdb.SourceService) *SourceService

NewSourceService constructs an instance of an authorizing source service.

func (*SourceService) CreateSource 

func (s *SourceService) CreateSource(ctx context.Context, src *influxdb.Source) error

CreateSource checks to see if the authorizer on context has write access to the global source resource.

func (*SourceService) DefaultSource 

func (s *SourceService) DefaultSource(ctx context.Context) (*influxdb.Source, error)

DefaultSource checks to see if the authorizer on context has read access to the default source.

func (*SourceService) DeleteSource 

func (s *SourceService) DeleteSource(ctx context.Context, id influxdb.ID) error

DeleteSource checks to see if the authorizer on context has write access to the source provided.

func (*SourceService) FindSourceByID 

func (s *SourceService) FindSourceByID(ctx context.Context, id influxdb.ID) (*influxdb.Source, error)

FindSourceByID checks to see if the authorizer on context has read access to the id provided.

func (*SourceService) FindSources 

func (s *SourceService) FindSources(ctx context.Context, opts influxdb.FindOptions) ([]*influxdb.Source, int, error)

FindSources retrieves all sources that match the provided options and then filters the list down to only the resources that are authorized.

func (*SourceService) UpdateSource 

func (s *SourceService) UpdateSource(ctx context.Context, id influxdb.ID, upd influxdb.SourceUpdate) (*influxdb.Source, error)

UpdateSource checks to see if the authorizer on context has write access to the source provided.

type TelegrafConfigService 

type TelegrafConfigService struct {
	influxdb.UserResourceMappingService
	// contains filtered or unexported fields
}

TelegrafConfigService wraps a influxdb.TelegrafConfigStore and authorizes actions against it appropriately.

func NewTelegrafConfigService 

func NewTelegrafConfigService(s influxdb.TelegrafConfigStore, urm influxdb.UserResourceMappingService) *TelegrafConfigService

NewTelegrafConfigService constructs an instance of an authorizing telegraf serivce.

func (*TelegrafConfigService) CreateTelegrafConfig 

func (s *TelegrafConfigService) CreateTelegrafConfig(ctx context.Context, tc *influxdb.TelegrafConfig, userID influxdb.ID) error

CreateTelegrafConfig checks to see if the authorizer on context has write access to the global telegraf config resource.

func (*TelegrafConfigService) DeleteTelegrafConfig 

func (s *TelegrafConfigService) DeleteTelegrafConfig(ctx context.Context, id influxdb.ID) error

DeleteTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.

func (*TelegrafConfigService) FindTelegrafConfigByID 

func (s *TelegrafConfigService) FindTelegrafConfigByID(ctx context.Context, id influxdb.ID) (*influxdb.TelegrafConfig, error)

FindTelegrafConfigByID checks to see if the authorizer on context has read access to the id provided.

func (*TelegrafConfigService) FindTelegrafConfigs 

func (s *TelegrafConfigService) FindTelegrafConfigs(ctx context.Context, filter influxdb.TelegrafConfigFilter, opt ...influxdb.FindOptions) ([]*influxdb.TelegrafConfig, int, error)

FindTelegrafConfigs retrieves all telegraf configs that match the provided filter and then filters the list down to only the resources that are authorized.

func (*TelegrafConfigService) UpdateTelegrafConfig 

func (s *TelegrafConfigService) UpdateTelegrafConfig(ctx context.Context, id influxdb.ID, upd *influxdb.TelegrafConfig, userID influxdb.ID) (*influxdb.TelegrafConfig, error)

UpdateTelegrafConfig checks to see if the authorizer on context has write access to the telegraf config provided.

type URMService 

type URMService struct {
	// contains filtered or unexported fields
}

func NewURMService 

func NewURMService(orgSvc OrganizationService, s influxdb.UserResourceMappingService) *URMService

func (*URMService) CreateUserResourceMapping 

func (s *URMService) CreateUserResourceMapping(ctx context.Context, m *influxdb.UserResourceMapping) error

func (*URMService) DeleteUserResourceMapping 

func (s *URMService) DeleteUserResourceMapping(ctx context.Context, resourceID influxdb.ID, userID influxdb.ID) error

func (*URMService) FindUserResourceMappings 

func (s *URMService) FindUserResourceMappings(ctx context.Context, filter influxdb.UserResourceMappingFilter, opt ...influxdb.FindOptions) ([]*influxdb.UserResourceMapping, int, error)

type UserService 

type UserService struct {
	// contains filtered or unexported fields
}

UserService wraps a influxdb.UserService and authorizes actions against it appropriately.

func NewUserService 

func NewUserService(s influxdb.UserService) *UserService

NewUserService constructs an instance of an authorizing user serivce.

func (*UserService) CreateUser 

func (s *UserService) CreateUser(ctx context.Context, o *influxdb.User) error

CreateUser checks to see if the authorizer on context has write access to the global users resource.

func (*UserService) DeleteUser 

func (s *UserService) DeleteUser(ctx context.Context, id influxdb.ID) error

DeleteUser checks to see if the authorizer on context has write access to the user provided.

func (*UserService) FindUser 

func (s *UserService) FindUser(ctx context.Context, filter influxdb.UserFilter) (*influxdb.User, error)

FindUser retrieves the user and checks to see if the authorizer on context has read access to the user.

func (*UserService) FindUserByID 

func (s *UserService) FindUserByID(ctx context.Context, id influxdb.ID) (*influxdb.User, error)

FindUserByID checks to see if the authorizer on context has read access to the id provided.

func (*UserService) FindUsers 

func (s *UserService) FindUsers(ctx context.Context, filter influxdb.UserFilter, opt ...influxdb.FindOptions) ([]*influxdb.User, int, error)

FindUsers retrieves all users that match the provided filter and then filters the list down to only the resources that are authorized.

func (*UserService) UpdateUser 

func (s *UserService) UpdateUser(ctx context.Context, id influxdb.ID, upd influxdb.UserUpdate) (*influxdb.User, error)

UpdateUser checks to see if the authorizer on context has write access to the user provided.

type VariableService 

type VariableService struct {
	// contains filtered or unexported fields
}

VariableService wraps a influxdb.VariableService and authorizes actions against it appropriately.

func NewVariableService 

func NewVariableService(s influxdb.VariableService) *VariableService

NewVariableService constructs an instance of an authorizing variable service.

func (*VariableService) CreateVariable 

func (s *VariableService) CreateVariable(ctx context.Context, m *influxdb.Variable) error

CreateVariable checks to see if the authorizer on context has write access to the global variable resource.

func (*VariableService) DeleteVariable 

func (s *VariableService) DeleteVariable(ctx context.Context, id influxdb.ID) error

DeleteVariable checks to see if the authorizer on context has write access to the variable provided.

func (*VariableService) FindVariableByID 

func (s *VariableService) FindVariableByID(ctx context.Context, id influxdb.ID) (*influxdb.Variable, error)

FindVariableByID checks to see if the authorizer on context has read access to the id provided.

func (*VariableService) FindVariables 

func (s *VariableService) FindVariables(ctx context.Context, filter influxdb.VariableFilter, opt ...influxdb.FindOptions) ([]*influxdb.Variable, error)

FindVariables retrieves all variables that match the provided filter and then filters the list down to only the resources that are authorized.

func (*VariableService) ReplaceVariable 

func (s *VariableService) ReplaceVariable(ctx context.Context, m *influxdb.Variable) error

ReplaceVariable checks to see if the authorizer on context has write access to the variable provided.

func (*VariableService) UpdateVariable 

func (s *VariableService) UpdateVariable(ctx context.Context, id influxdb.ID, upd *influxdb.VariableUpdate) (*influxdb.Variable, error)

UpdateVariable checks to see if the authorizer on context has write access to the variable provided.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.