security

package
v0.2.1-0...-75ddf05 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 3, 2015 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// StorePermsPrefix is the internal prefix of the storage layer dedicated to storing user data.
	StorePermsPrefix = "/2"

	// RootRoleName is the name of the ROOT role, with privileges to manage the cluster.
	RootRoleName = "root"

	// GuestRoleName is the name of the role that defines the privileges of an unauthenticated user.
	GuestRoleName = "guest"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Error

type Error struct {
	// contains filtered or unexported fields
}

func (Error) Error

func (se Error) Error() string

type Permissions

type Permissions struct {
	KV rwPermission `json:"kv"`
}

func (Permissions) Grant

func (p Permissions) Grant(n *Permissions) (Permissions, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (Permissions) Revoke

func (p Permissions) Revoke(n *Permissions) (Permissions, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type Role

type Role struct {
	Role        string       `json:"role"`
	Permissions Permissions  `json:"permissions"`
	Grant       *Permissions `json:"grant,omitempty"`
	Revoke      *Permissions `json:"revoke,omitempty"`
}

func (Role) HasKeyAccess

func (r Role) HasKeyAccess(key string, write bool) bool

func (Role) HasRecursiveAccess

func (r Role) HasRecursiveAccess(key string, write bool) bool

func (Role) Merge

func (r Role) Merge(n Role) (Role, error)

Merge for a role works the same as User above -- atomic Role application to each of the substructures.

type Store

type Store struct {
	// contains filtered or unexported fields
}

func NewStore

func NewStore(server doer, timeout time.Duration) *Store

func (*Store) AllRoles

func (s *Store) AllRoles() ([]string, error)

func (*Store) AllUsers

func (s *Store) AllUsers() ([]string, error)

func (*Store) CreateOrUpdateRole

func (s *Store) CreateOrUpdateRole(r Role) (role Role, created bool, err error)

func (*Store) CreateOrUpdateUser

func (s *Store) CreateOrUpdateUser(user User) (out User, created bool, err error)

func (*Store) CreateRole

func (s *Store) CreateRole(role Role) error

func (*Store) CreateUser

func (s *Store) CreateUser(user User) (User, error)

func (*Store) DeleteRole

func (s *Store) DeleteRole(name string) error

func (*Store) DeleteUser

func (s *Store) DeleteUser(name string) error

func (*Store) DisableSecurity

func (s *Store) DisableSecurity() error

func (*Store) EnableSecurity

func (s *Store) EnableSecurity() error

func (*Store) GetRole

func (s *Store) GetRole(name string) (Role, error)

func (*Store) GetUser

func (s *Store) GetUser(name string) (User, error)

func (*Store) SecurityEnabled

func (s *Store) SecurityEnabled() bool

func (*Store) UpdateRole

func (s *Store) UpdateRole(role Role) (Role, error)

func (*Store) UpdateUser

func (s *Store) UpdateUser(user User) (User, error)

type User

type User struct {
	User     string   `json:"user"`
	Password string   `json:"password,omitempty"`
	Roles    []string `json:"roles"`
	Grant    []string `json:"grant,omitempty"`
	Revoke   []string `json:"revoke,omitempty"`
}

func (User) CheckPassword

func (u User) CheckPassword(password string) bool

func (User) Merge

func (u User) Merge(n User) (User, error)

Merge applies the properties of the passed-in User to the User on which it is called and returns a new User with these modifications applied. Think of all Users as immutable sets of data. Merge allows you to perform the set operations (desired grants and revokes) atomically

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL