authorizer

package
v0.0.0-...-820559f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2024 License: BSD-3-Clause Imports: 6 Imported by: 0

Documentation

Overview

Package authorizer implements access control helpers for tailsql.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ACLGrants 

func ACLGrants(logf logger.Logf) func(string, *apitype.WhoIsResponse) error

ACLGrants returns an authorization function that uses ACL grants from the tailnet to check access for query sources. If logf == nil, logs are sent to log.Printf.

func PeerCaps 

func PeerCaps(logf logger.Logf) func(string, *apitype.WhoIsResponse) error

PeerCaps is a temporary migration alias for ACLGrants. Deprecated: Use ACLGrants directly for new code.

Types

type Map 

type Map map[string][]string

A Map maps source labels to lists of usernames who are granted access to issue queries against that source.

func (Map) Authorize 

func (m Map) Authorize(logf logger.Logf) func(string, *apitype.WhoIsResponse) error

Authorize returns an authorization function suitable for tailsql.Options.

If a source label is not present in the map, all logged-in users are permitted to query the source. If a source label is present in the map, only logged-in users in the list are permitted to query the source. Tagged nodes are not permitted to query any source.

If logf == nil, logs are sent to log.Printf.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.