Documentation
¶
Index ¶
- Variables
- func Check(token Token, scheme *PermissionScheme, contexts ...permTypes.PermissionContext) bool
- func CheckFromPermList(perms []Permission, scheme *PermissionScheme, ...) bool
- func Context(t permTypes.ContextType, v string) permTypes.PermissionContext
- func Contexts(t permTypes.ContextType, values []string) []permTypes.PermissionContext
- func ContextsForPermission(token Token, scheme *PermissionScheme, ctxTypes ...permTypes.ContextType) []permTypes.PermissionContext
- func ContextsFromListForPermission(perms []Permission, scheme *PermissionScheme, ...) []permTypes.PermissionContext
- func DestroyRole(name string) error
- func ListContextValues(t Token, scheme *PermissionScheme, failIfEmpty bool) ([]string, error)
- func ListRolesWithPermissionWithContextMap(contextValue permTypes.ContextType) (map[string]Role, error)
- func ParseContext(ctx string) (permTypes.ContextType, error)
- func TeamForPermission(t Token, scheme *PermissionScheme) (string, error)
- type Permission
- type PermissionScheme
- type PermissionSchemeList
- type Role
- func (r *Role) Add() error
- func (r *Role) AddEvent(eventName string) error
- func (r *Role) AddPermissions(permNames ...string) error
- func (r *Role) PermissionsFor(contextValue string) []Permission
- func (r *Role) RemoveEvent(eventName string) error
- func (r *Role) RemovePermissions(permNames ...string) error
- func (r *Role) Update() error
- type Token
Constants ¶
This section is empty.
Variables ¶
View Source
var ( PermAll = PermissionRegistry.get("") // [global] PermApikey = PermissionRegistry.get("apikey") // [global user] PermApikeyRead = PermissionRegistry.get("apikey.read") // [global user] PermApikeyUpdate = PermissionRegistry.get("apikey.update") // [global user] PermApp = PermissionRegistry.get("app") // [global app team pool] PermAppAdmin = PermissionRegistry.get("app.admin") // [global app team pool] PermAppAdminQuota = PermissionRegistry.get("app.admin.quota") // [global app team pool] PermAppAdminRoutes = PermissionRegistry.get("app.admin.routes") // [global app team pool] PermAppBuild = PermissionRegistry.get("app.build") // [global app team pool] PermAppCreate = PermissionRegistry.get("app.create") // [global team] PermAppDelete = PermissionRegistry.get("app.delete") // [global app team pool] PermAppDeploy = PermissionRegistry.get("app.deploy") // [global app team pool] PermAppDeployArchiveUrl = PermissionRegistry.get("app.deploy.archive-url") // [global app team pool] PermAppDeployBuild = PermissionRegistry.get("app.deploy.build") // [global app team pool] PermAppDeployDockerfile = PermissionRegistry.get("app.deploy.dockerfile") // [global app team pool] PermAppDeployGit = PermissionRegistry.get("app.deploy.git") // [global app team pool] PermAppDeployImage = PermissionRegistry.get("app.deploy.image") // [global app team pool] PermAppDeployRollback = PermissionRegistry.get("app.deploy.rollback") // [global app team pool] PermAppDeployUpload = PermissionRegistry.get("app.deploy.upload") // [global app team pool] PermAppRead = PermissionRegistry.get("app.read") // [global app team pool] PermAppReadCertificate = PermissionRegistry.get("app.read.certificate") // [global app team pool] PermAppReadDeploy = PermissionRegistry.get("app.read.deploy") // [global app team pool] PermAppReadEnv = PermissionRegistry.get("app.read.env") // [global app team pool] PermAppReadEvents = PermissionRegistry.get("app.read.events") // [global app team pool] PermAppReadInfo = PermissionRegistry.get("app.read.info") // [global app team pool] PermAppReadLog = PermissionRegistry.get("app.read.log") // [global app team pool] PermAppReadRouter = PermissionRegistry.get("app.read.router") // [global app team pool] PermAppRun = PermissionRegistry.get("app.run") // [global app team pool] PermAppRunShell = PermissionRegistry.get("app.run.shell") // [global app team pool] PermAppUpdate = PermissionRegistry.get("app.update") // [global app team pool] PermAppUpdateBind = PermissionRegistry.get("app.update.bind") // [global app team pool] PermAppUpdateBindVolume = PermissionRegistry.get("app.update.bind-volume") // [global app team pool] PermAppUpdateCertificate = PermissionRegistry.get("app.update.certificate") // [global app team pool] PermAppUpdateCertificateSet = PermissionRegistry.get("app.update.certificate.set") // [global app team pool] PermAppUpdateCertificateUnset = PermissionRegistry.get("app.update.certificate.unset") // [global app team pool] PermAppUpdateCname = PermissionRegistry.get("app.update.cname") // [global app team pool] PermAppUpdateCnameAdd = PermissionRegistry.get("app.update.cname.add") // [global app team pool] PermAppUpdateCnameRemove = PermissionRegistry.get("app.update.cname.remove") // [global app team pool] PermAppUpdateDeploy = PermissionRegistry.get("app.update.deploy") // [global app team pool] PermAppUpdateDeployRollback = PermissionRegistry.get("app.update.deploy.rollback") // [global app team pool] PermAppUpdateDescription = PermissionRegistry.get("app.update.description") // [global app team pool] PermAppUpdateEnv = PermissionRegistry.get("app.update.env") // [global app team pool] PermAppUpdateEnvSet = PermissionRegistry.get("app.update.env.set") // [global app team pool] PermAppUpdateEnvUnset = PermissionRegistry.get("app.update.env.unset") // [global app team pool] PermAppUpdateEvents = PermissionRegistry.get("app.update.events") // [global app team pool] PermAppUpdateGrant = PermissionRegistry.get("app.update.grant") // [global app team pool] PermAppUpdateImageReset = PermissionRegistry.get("app.update.image-reset") // [global app team pool] PermAppUpdateLog = PermissionRegistry.get("app.update.log") // [global app team pool] PermAppUpdateMetadata = PermissionRegistry.get("app.update.metadata") // [global app team pool] PermAppUpdatePlan = PermissionRegistry.get("app.update.plan") // [global app team pool] PermAppUpdatePlanoverride = PermissionRegistry.get("app.update.planoverride") // [global app team pool] PermAppUpdatePlatform = PermissionRegistry.get("app.update.platform") // [global app team pool] PermAppUpdatePool = PermissionRegistry.get("app.update.pool") // [global app team pool] PermAppUpdateProcesses = PermissionRegistry.get("app.update.processes") // [global app team pool] PermAppUpdateRestart = PermissionRegistry.get("app.update.restart") // [global app team pool] PermAppUpdateRevoke = PermissionRegistry.get("app.update.revoke") // [global app team pool] PermAppUpdateRoutable = PermissionRegistry.get("app.update.routable") // [global app team pool] PermAppUpdateRouter = PermissionRegistry.get("app.update.router") // [global app team pool] PermAppUpdateRouterAdd = PermissionRegistry.get("app.update.router.add") // [global app team pool] PermAppUpdateRouterRemove = PermissionRegistry.get("app.update.router.remove") // [global app team pool] PermAppUpdateRouterUpdate = PermissionRegistry.get("app.update.router.update") // [global app team pool] PermAppUpdateStart = PermissionRegistry.get("app.update.start") // [global app team pool] PermAppUpdateStop = PermissionRegistry.get("app.update.stop") // [global app team pool] PermAppUpdateTags = PermissionRegistry.get("app.update.tags") // [global app team pool] PermAppUpdateTeamowner = PermissionRegistry.get("app.update.teamowner") // [global app team pool] PermAppUpdateUnbind = PermissionRegistry.get("app.update.unbind") // [global app team pool] PermAppUpdateUnbindVolume = PermissionRegistry.get("app.update.unbind-volume") // [global app team pool] PermAppUpdateUnit = PermissionRegistry.get("app.update.unit") // [global app team pool] PermAppUpdateUnitAdd = PermissionRegistry.get("app.update.unit.add") // [global app team pool] PermAppUpdateUnitAutoscale = PermissionRegistry.get("app.update.unit.autoscale") // [global app team pool] PermAppUpdateUnitAutoscaleAdd = PermissionRegistry.get("app.update.unit.autoscale.add") // [global app team pool] PermAppUpdateUnitAutoscaleRemove = PermissionRegistry.get("app.update.unit.autoscale.remove") // [global app team pool] PermAppUpdateUnitKill = PermissionRegistry.get("app.update.unit.kill") // [global app team pool] PermAppUpdateUnitRemove = PermissionRegistry.get("app.update.unit.remove") // [global app team pool] PermCluster = PermissionRegistry.get("cluster") // [global] PermClusterAdmin = PermissionRegistry.get("cluster.admin") // [global] PermClusterCreate = PermissionRegistry.get("cluster.create") // [global] PermClusterDelete = PermissionRegistry.get("cluster.delete") // [global] PermClusterRead = PermissionRegistry.get("cluster.read") // [global] PermClusterReadEvents = PermissionRegistry.get("cluster.read.events") // [global] PermClusterUpdate = PermissionRegistry.get("cluster.update") // [global] PermDebug = PermissionRegistry.get("debug") // [global] PermEventBlock = PermissionRegistry.get("event-block") // [global] PermEventBlockAdd = PermissionRegistry.get("event-block.add") // [global] PermEventBlockRead = PermissionRegistry.get("event-block.read") // [global] PermEventBlockReadEvents = PermissionRegistry.get("event-block.read.events") // [global] PermEventBlockRemove = PermissionRegistry.get("event-block.remove") // [global] PermJob = PermissionRegistry.get("job") // [global team pool job] PermJobCreate = PermissionRegistry.get("job.create") // [global team] PermJobDelete = PermissionRegistry.get("job.delete") // [global team pool job] PermJobRead = PermissionRegistry.get("job.read") // [global team pool job] PermJobReadEvents = PermissionRegistry.get("job.read.events") // [global team pool job] PermJobReadLogs = PermissionRegistry.get("job.read.logs") // [global team pool job] PermJobRun = PermissionRegistry.get("job.run") // [global team pool job] PermJobTrigger = PermissionRegistry.get("job.trigger") // [global team pool job] PermJobUnit = PermissionRegistry.get("job.unit") // [global team pool job] PermJobUnitKill = PermissionRegistry.get("job.unit.kill") // [global team pool job] PermJobUpdate = PermissionRegistry.get("job.update") // [global team pool job] PermJobUpdateEvents = PermissionRegistry.get("job.update.events") // [global team pool job] PermPlan = PermissionRegistry.get("plan") // [global] PermPlanCreate = PermissionRegistry.get("plan.create") // [global] PermPlanDelete = PermissionRegistry.get("plan.delete") // [global] PermPlanRead = PermissionRegistry.get("plan.read") // [global] PermPlanReadEvents = PermissionRegistry.get("plan.read.events") // [global] PermPlatform = PermissionRegistry.get("platform") // [global] PermPlatformCreate = PermissionRegistry.get("platform.create") // [global] PermPlatformDelete = PermissionRegistry.get("platform.delete") // [global] PermPlatformRead = PermissionRegistry.get("platform.read") // [global] PermPlatformReadEvents = PermissionRegistry.get("platform.read.events") // [global] PermPlatformUpdate = PermissionRegistry.get("platform.update") // [global] PermPlatformUpdateEvents = PermissionRegistry.get("platform.update.events") // [global] PermPool = PermissionRegistry.get("pool") // [global pool] PermPoolCreate = PermissionRegistry.get("pool.create") // [global] PermPoolDelete = PermissionRegistry.get("pool.delete") // [global pool] PermPoolRead = PermissionRegistry.get("pool.read") // [global pool] PermPoolReadConstraints = PermissionRegistry.get("pool.read.constraints") // [global pool] PermPoolReadEvents = PermissionRegistry.get("pool.read.events") // [global pool] PermPoolUpdate = PermissionRegistry.get("pool.update") // [global pool] PermPoolUpdateConstraints = PermissionRegistry.get("pool.update.constraints") // [global pool] PermPoolUpdateConstraintsSet = PermissionRegistry.get("pool.update.constraints.set") // [global pool] PermPoolUpdateTeam = PermissionRegistry.get("pool.update.team") // [global pool] PermPoolUpdateTeamAdd = PermissionRegistry.get("pool.update.team.add") // [global pool] PermPoolUpdateTeamRemove = PermissionRegistry.get("pool.update.team.remove") // [global pool] PermRole = PermissionRegistry.get("role") // [global] PermRoleCreate = PermissionRegistry.get("role.create") // [global] PermRoleDefault = PermissionRegistry.get("role.default") // [global] PermRoleDefaultCreate = PermissionRegistry.get("role.default.create") // [global] PermRoleDefaultDelete = PermissionRegistry.get("role.default.delete") // [global] PermRoleDelete = PermissionRegistry.get("role.delete") // [global] PermRoleRead = PermissionRegistry.get("role.read") // [global] PermRoleReadEvents = PermissionRegistry.get("role.read.events") // [global] PermRoleUpdate = PermissionRegistry.get("role.update") // [global] PermRoleUpdateAssign = PermissionRegistry.get("role.update.assign") // [global] PermRoleUpdateContext = PermissionRegistry.get("role.update.context") // [global] PermRoleUpdateContextType = PermissionRegistry.get("role.update.context.type") // [global] PermRoleUpdateDescription = PermissionRegistry.get("role.update.description") // [global] PermRoleUpdateDissociate = PermissionRegistry.get("role.update.dissociate") // [global] PermRoleUpdateName = PermissionRegistry.get("role.update.name") // [global] PermRoleUpdatePermission = PermissionRegistry.get("role.update.permission") // [global] PermRoleUpdatePermissionAdd = PermissionRegistry.get("role.update.permission.add") // [global] PermRoleUpdatePermissionRemove = PermissionRegistry.get("role.update.permission.remove") // [global] PermRouter = PermissionRegistry.get("router") // [global router] PermRouterCreate = PermissionRegistry.get("router.create") // [global] PermRouterDelete = PermissionRegistry.get("router.delete") // [global router] PermRouterRead = PermissionRegistry.get("router.read") // [global router] PermRouterReadEvents = PermissionRegistry.get("router.read.events") // [global router] PermRouterUpdate = PermissionRegistry.get("router.update") // [global router] PermService = PermissionRegistry.get("service") // [global service team] PermServiceBroker = PermissionRegistry.get("service-broker") // [global] PermServiceBrokerCreate = PermissionRegistry.get("service-broker.create") // [global] PermServiceBrokerDelete = PermissionRegistry.get("service-broker.delete") // [global] PermServiceBrokerRead = PermissionRegistry.get("service-broker.read") // [global] PermServiceBrokerReadEvents = PermissionRegistry.get("service-broker.read.events") // [global] PermServiceBrokerUpdate = PermissionRegistry.get("service-broker.update") // [global] PermServiceInstance = PermissionRegistry.get("service-instance") // [global service-instance team] PermServiceInstanceCreate = PermissionRegistry.get("service-instance.create") // [global team] PermServiceInstanceDelete = PermissionRegistry.get("service-instance.delete") // [global service-instance team] PermServiceInstanceRead = PermissionRegistry.get("service-instance.read") // [global service-instance team] PermServiceInstanceReadEvents = PermissionRegistry.get("service-instance.read.events") // [global service-instance team] PermServiceInstanceReadStatus = PermissionRegistry.get("service-instance.read.status") // [global service-instance team] PermServiceInstanceUpdate = PermissionRegistry.get("service-instance.update") // [global service-instance team] PermServiceInstanceUpdateBind = PermissionRegistry.get("service-instance.update.bind") // [global service-instance team] PermServiceInstanceUpdateDescription = PermissionRegistry.get("service-instance.update.description") // [global service-instance team] PermServiceInstanceUpdateGrant = PermissionRegistry.get("service-instance.update.grant") // [global service-instance team] PermServiceInstanceUpdateParameters = PermissionRegistry.get("service-instance.update.parameters") // [global service-instance team] PermServiceInstanceUpdatePlan = PermissionRegistry.get("service-instance.update.plan") // [global service-instance team] PermServiceInstanceUpdateProxy = PermissionRegistry.get("service-instance.update.proxy") // [global service-instance team] PermServiceInstanceUpdateRevoke = PermissionRegistry.get("service-instance.update.revoke") // [global service-instance team] PermServiceInstanceUpdateTags = PermissionRegistry.get("service-instance.update.tags") // [global service-instance team] PermServiceInstanceUpdateTeamowner = PermissionRegistry.get("service-instance.update.teamowner") // [global service-instance team] PermServiceInstanceUpdateUnbind = PermissionRegistry.get("service-instance.update.unbind") // [global service-instance team] PermServiceCreate = PermissionRegistry.get("service.create") // [global team] PermServiceDelete = PermissionRegistry.get("service.delete") // [global service team] PermServiceRead = PermissionRegistry.get("service.read") // [global service team] PermServiceReadDoc = PermissionRegistry.get("service.read.doc") // [global service team] PermServiceReadEvents = PermissionRegistry.get("service.read.events") // [global service team] PermServiceReadPlans = PermissionRegistry.get("service.read.plans") // [global service team] PermServiceUpdate = PermissionRegistry.get("service.update") // [global service team] PermServiceUpdateDoc = PermissionRegistry.get("service.update.doc") // [global service team] PermServiceUpdateGrantAccess = PermissionRegistry.get("service.update.grant-access") // [global service team] PermServiceUpdateProxy = PermissionRegistry.get("service.update.proxy") // [global service team] PermServiceUpdateRevokeAccess = PermissionRegistry.get("service.update.revoke-access") // [global service team] PermTeam = PermissionRegistry.get("team") // [global team] PermTeamCreate = PermissionRegistry.get("team.create") // [global] PermTeamDelete = PermissionRegistry.get("team.delete") // [global team] PermTeamRead = PermissionRegistry.get("team.read") // [global team] PermTeamReadEvents = PermissionRegistry.get("team.read.events") // [global team] PermTeamReadQuota = PermissionRegistry.get("team.read.quota") // [global team] PermTeamToken = PermissionRegistry.get("team.token") // [global team] PermTeamTokenCreate = PermissionRegistry.get("team.token.create") // [global team] PermTeamTokenDelete = PermissionRegistry.get("team.token.delete") // [global team] PermTeamTokenRead = PermissionRegistry.get("team.token.read") // [global team] PermTeamTokenUpdate = PermissionRegistry.get("team.token.update") // [global team] PermTeamUpdate = PermissionRegistry.get("team.update") // [global team] PermTeamUpdateQuota = PermissionRegistry.get("team.update.quota") // [global team] PermUser = PermissionRegistry.get("user") // [global user] PermUserCreate = PermissionRegistry.get("user.create") // [global] PermUserDelete = PermissionRegistry.get("user.delete") // [global user] PermUserRead = PermissionRegistry.get("user.read") // [global user] PermUserReadEvents = PermissionRegistry.get("user.read.events") // [global user] PermUserReadQuota = PermissionRegistry.get("user.read.quota") // [global user] PermUserUpdate = PermissionRegistry.get("user.update") // [global user] PermUserUpdatePassword = PermissionRegistry.get("user.update.password") // [global user] PermUserUpdateQuota = PermissionRegistry.get("user.update.quota") // [global user] PermUserUpdateReset = PermissionRegistry.get("user.update.reset") // [global user] PermVolume = PermissionRegistry.get("volume") // [global volume team pool] PermVolumeCreate = PermissionRegistry.get("volume.create") // [global team pool] PermVolumeDelete = PermissionRegistry.get("volume.delete") // [global volume team pool] PermVolumeRead = PermissionRegistry.get("volume.read") // [global volume team pool] PermVolumeReadEvents = PermissionRegistry.get("volume.read.events") // [global volume team pool] PermVolumeUpdate = PermissionRegistry.get("volume.update") // [global volume team pool] PermVolumeUpdateBind = PermissionRegistry.get("volume.update.bind") // [global volume team pool] PermVolumeUpdateUnbind = PermissionRegistry.get("volume.update.unbind") // [global volume team pool] PermWebhook = PermissionRegistry.get("webhook") // [global team] PermWebhookCreate = PermissionRegistry.get("webhook.create") // [global team] PermWebhookDelete = PermissionRegistry.get("webhook.delete") // [global team] PermWebhookRead = PermissionRegistry.get("webhook.read") // [global team] PermWebhookReadEvents = PermissionRegistry.get("webhook.read.events") // [global team] PermWebhookUpdate = PermissionRegistry.get("webhook.update") // [global team] )
View Source
var ErrTooManyTeams = &tsuruErrors.HTTP{Code: http.StatusBadRequest, Message: "You must provide a team to execute this action."}
View Source
var PermissionRegistry = (®istry{}).addWithCtx( "app", []permTypes.ContextType{permTypes.CtxApp, permTypes.CtxTeam, permTypes.CtxPool}, ).addWithCtx( "app.create", []permTypes.ContextType{permTypes.CtxTeam}, ).add( "app.update.description", "app.update.tags", "app.update.log", "app.update.pool", "app.update.unit.add", "app.update.unit.remove", "app.update.unit.kill", "app.update.unit.autoscale.add", "app.update.unit.autoscale.remove", "app.update.env.set", "app.update.env.unset", "app.update.restart", "app.update.start", "app.update.stop", "app.update.grant", "app.update.revoke", "app.update.teamowner", "app.update.cname.add", "app.update.cname.remove", "app.update.plan", "app.update.planoverride", "app.update.platform", "app.update.bind", "app.update.bind-volume", "app.update.image-reset", "app.update.events", "app.update.processes", "app.update.unbind", "app.update.unbind-volume", "app.update.certificate.set", "app.update.certificate.unset", "app.update.deploy.rollback", "app.update.router.add", "app.update.router.update", "app.update.router.remove", "app.update.routable", "app.update.metadata", "app.deploy", "app.deploy.archive-url", "app.deploy.build", "app.deploy.git", "app.deploy.image", "app.deploy.rollback", "app.deploy.upload", "app.deploy.dockerfile", "app.read", "app.read.deploy", "app.read.router", "app.read.env", "app.read.events", "app.read.log", "app.read.certificate", "app.read.info", "app.delete", "app.run", "app.run.shell", "app.admin.routes", "app.admin.quota", "app.build", ).addWithCtx( "team", []permTypes.ContextType{permTypes.CtxTeam}, ).addWithCtx( "team.create", []permTypes.ContextType{}, ).add( "team.read.events", "team.delete", "team.update", "team.token.read", "team.token.create", "team.token.delete", "team.token.update", "team.read.quota", "team.update.quota", ).addWithCtx( "user", []permTypes.ContextType{permTypes.CtxUser}, ).addWithCtx( "user.create", []permTypes.ContextType{}, ).add( "user.delete", "user.read.events", "user.read.quota", "user.update.quota", "user.update.password", "user.update.reset", ).addWithCtx( "apikey", []permTypes.ContextType{permTypes.CtxUser}, ).add( "apikey.read", "apikey.update", ).addWithCtx( "service", []permTypes.ContextType{permTypes.CtxService, permTypes.CtxTeam}, ).addWithCtx( "service.create", []permTypes.ContextType{permTypes.CtxTeam}, ).add( "service.read.doc", "service.read.plans", "service.read.events", "service.update.proxy", "service.update.revoke-access", "service.update.grant-access", "service.update.doc", "service.delete", "service-broker.read", "service-broker.read.events", "service-broker.create", "service-broker.delete", "service-broker.update", ).addWithCtx( "service-instance", []permTypes.ContextType{permTypes.CtxServiceInstance, permTypes.CtxTeam}, ).addWithCtx( "service-instance.create", []permTypes.ContextType{permTypes.CtxTeam}, ).add( "service-instance.read.events", "service-instance.read.status", "service-instance.delete", "service-instance.update.proxy", "service-instance.update.bind", "service-instance.update.unbind", "service-instance.update.grant", "service-instance.update.revoke", "service-instance.update.description", "service-instance.update.tags", "service-instance.update.teamowner", "service-instance.update.plan", "service-instance.update.parameters", ).add( "role.create", "role.delete", "role.read.events", "role.update.name", "role.update.assign", "role.update.dissociate", "role.update.description", "role.update.context.type", "role.update.permission.add", "role.update.permission.remove", "role.default.create", "role.default.delete", ).add( "platform.create", "platform.delete", "platform.update.events", "platform.read.events", ).add( "plan.create", "plan.delete", "plan.read.events", ).addWithCtx( "pool", []permTypes.ContextType{permTypes.CtxPool}, ).addWithCtx( "pool.create", []permTypes.ContextType{}, ).add( "pool.read.events", "pool.update.team.add", "pool.update.team.remove", "pool.update.constraints.set", "pool.read.constraints", "pool.delete", ).add( "debug", ).add( "event-block.read", "event-block.read.events", "event-block.add", "event-block.remove", ).add( "cluster.admin", "cluster.read.events", "cluster.create", "cluster.update", "cluster.delete", ).addWithCtx( "volume", []permTypes.ContextType{permTypes.CtxVolume, permTypes.CtxTeam, permTypes.CtxPool}, ).addWithCtx( "volume.create", []permTypes.ContextType{permTypes.CtxTeam, permTypes.CtxPool}, ).add( "volume.read.events", "volume.update.bind", "volume.update.unbind", "volume.delete", ).addWithCtx( "webhook", []permTypes.ContextType{permTypes.CtxTeam}, ).add( "webhook.read", "webhook.read.events", "webhook.create", "webhook.update", "webhook.delete", ).addWithCtx( "router", []permTypes.ContextType{permTypes.CtxRouter}, ).addWithCtx( "router.create", []permTypes.ContextType{}, ).add( "router.read.events", "router.update", "router.delete", ).addWithCtx( "job", []permTypes.ContextType{permTypes.CtxTeam, permTypes.CtxPool, permTypes.CtxJob}, ).addWithCtx( "job.create", []permTypes.ContextType{permTypes.CtxTeam}, ).add( "job.update", ).add( "job.run", ).add( "job.read", ).add( "job.delete", ).add( "job.read.events", "job.update.events", ).add( "job.read.logs", ).add( "job.trigger", ).add( "job.unit.kill", )
Functions ¶
func Check ¶
func Check(token Token, scheme *PermissionScheme, contexts ...permTypes.PermissionContext) bool
func CheckFromPermList ¶
func CheckFromPermList(perms []Permission, scheme *PermissionScheme, contexts ...permTypes.PermissionContext) bool
func Context ¶
func Context(t permTypes.ContextType, v string) permTypes.PermissionContext
func Contexts ¶
func Contexts(t permTypes.ContextType, values []string) []permTypes.PermissionContext
func ContextsForPermission ¶
func ContextsForPermission(token Token, scheme *PermissionScheme, ctxTypes ...permTypes.ContextType) []permTypes.PermissionContext
func ContextsFromListForPermission ¶
func ContextsFromListForPermission(perms []Permission, scheme *PermissionScheme, ctxTypes ...permTypes.ContextType) []permTypes.PermissionContext
func DestroyRole ¶
func ListContextValues ¶
func ListContextValues(t Token, scheme *PermissionScheme, failIfEmpty bool) ([]string, error)
func ListRolesWithPermissionWithContextMap ¶
func ListRolesWithPermissionWithContextMap(contextValue permTypes.ContextType) (map[string]Role, error)
ListRolesWithPermissionWithContextMap returns a map with all roles valid for a specific Context or having any scheme permission which is valid for the specific Context.
func ParseContext ¶
func ParseContext(ctx string) (permTypes.ContextType, error)
func TeamForPermission ¶
func TeamForPermission(t Token, scheme *PermissionScheme) (string, error)
Types ¶
type Permission ¶
type Permission struct {
Scheme *PermissionScheme
Context permTypes.PermissionContext
}
func (*Permission) String ¶
func (p *Permission) String() string
type PermissionScheme ¶
type PermissionScheme struct {
// contains filtered or unexported fields
}
func SafeGet ¶
func SafeGet(name string) (*PermissionScheme, error)
func (*PermissionScheme) AllowedContexts ¶
func (s *PermissionScheme) AllowedContexts() []permTypes.ContextType
func (*PermissionScheme) FullName ¶
func (s *PermissionScheme) FullName() string
func (*PermissionScheme) Identifier ¶
func (s *PermissionScheme) Identifier() string
func (*PermissionScheme) IsParent ¶
func (s *PermissionScheme) IsParent(other *PermissionScheme) bool
type PermissionSchemeList ¶
type PermissionSchemeList []*PermissionScheme
func (PermissionSchemeList) Len ¶
func (l PermissionSchemeList) Len() int
func (PermissionSchemeList) Less ¶
func (l PermissionSchemeList) Less(i, j int) bool
func (PermissionSchemeList) Swap ¶
func (l PermissionSchemeList) Swap(i, j int)
type Role ¶
type Role struct {
Name string `bson:"_id" json:"name"`
ContextType permTypes.ContextType `json:"context"`
Description string
SchemeNames []string `json:"scheme_names,omitempty"`
Events []string `json:"events,omitempty"`
}
func ListRolesWithEvents ¶
func (*Role) AddPermissions ¶
func (*Role) PermissionsFor ¶
func (r *Role) PermissionsFor(contextValue string) []Permission
func (*Role) RemoveEvent ¶
func (*Role) RemovePermissions ¶
type Token ¶
type Token interface {
Permissions() ([]Permission, error)
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.