Documentation
¶
Index ¶
- Constants
- func AuthProcess(ctx context.Context, auth *Authorizer, checkType int, req interface{}) error
- func Authenticate() middleware.Middleware
- func Authorize(c *conf.Server, checkType int) middleware.Middleware
- func FromAuthContext(ctx context.Context) string
- func GetSecretData(ctx context.Context, req interface{}) (user, resource, action string, err error)
- func GetUsername(req *http.Request) (string, error)
- func NewAuthContext(ctx context.Context, user string) context.Context
- type AuthUser
- type Authorizer
- type Transport
Constants ¶
View Source
const ( BASIC int = iota GRANT )
Variables ¶
This section is empty.
Functions ¶
func AuthProcess ¶
func AuthProcess(ctx context.Context, auth *Authorizer, checkType int, req interface{}) error
func Authenticate ¶
func Authenticate() middleware.Middleware
func Authorize ¶
func Authorize(c *conf.Server, checkType int) middleware.Middleware
func FromAuthContext ¶
func GetSecretData ¶
Types ¶
type Authorizer ¶
func NewAuthorizer ¶
func NewAuthorizer(c *conf.Server_Authorization, nautesCFG *conf.Nautes) (*Authorizer, error)
func (*Authorizer) CheckGrantPermission ¶
func (a *Authorizer) CheckGrantPermission(_ context.Context, user, resource string, dstUser *v1.GrantTarget) error
Grant check flow 1. Request are not in black list (blacklist is a regex list, current use to block runtime grant the role in tenant cluster) 2. User has grant permission in resource acl 3. User can grant resource to user
func (*Authorizer) CheckSecretPermission ¶
func (a *Authorizer) CheckSecretPermission(_ context.Context, user, resource, action string) error
Source Files
Click to show internal directories.
Click to hide internal directories.