etcd: go.etcd.io/etcd/etcdserver/api/v2auth Index | Files

package v2auth

import "go.etcd.io/etcd/etcdserver/api/v2auth"

Package v2auth implements etcd authentication.

Index

Package Files

auth.go auth_requests.go

Constants

const (
    // StorePermsPrefix is the internal prefix of the storage layer dedicated to storing user data.
    StorePermsPrefix = "/2"

    // RootRoleName is the name of the ROOT role, with privileges to manage the cluster.
    RootRoleName = "root"

    // GuestRoleName is the name of the role that defines the privileges of an unauthenticated user.
    GuestRoleName = "guest"
)

type Error Uses

type Error struct {
    Status int
    Errmsg string
}

func (Error) Error Uses

func (ae Error) Error() string

func (Error) HTTPStatus Uses

func (ae Error) HTTPStatus() int

type PasswordStore Uses

type PasswordStore interface {
    CheckPassword(user User, password string) bool
    HashPassword(password string) (string, error)
}

type Permissions Uses

type Permissions struct {
    KV RWPermission `json:"kv"`
}

func (Permissions) Grant Uses

func (p Permissions) Grant(n *Permissions) (Permissions, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (*Permissions) IsEmpty Uses

func (p *Permissions) IsEmpty() bool

func (Permissions) Revoke Uses

func (p Permissions) Revoke(lg *zap.Logger, n *Permissions) (Permissions, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type RWPermission Uses

type RWPermission struct {
    Read  []string `json:"read"`
    Write []string `json:"write"`
}

func (RWPermission) Grant Uses

func (rw RWPermission) Grant(n RWPermission) (RWPermission, error)

Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.

func (RWPermission) HasAccess Uses

func (rw RWPermission) HasAccess(key string, write bool) bool

func (RWPermission) HasRecursiveAccess Uses

func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool

func (RWPermission) Revoke Uses

func (rw RWPermission) Revoke(lg *zap.Logger, n RWPermission) (RWPermission, error)

Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.

type Role Uses

type Role struct {
    Role        string       `json:"role"`
    Permissions Permissions  `json:"permissions"`
    Grant       *Permissions `json:"grant,omitempty"`
    Revoke      *Permissions `json:"revoke,omitempty"`
}

func (Role) HasKeyAccess Uses

func (r Role) HasKeyAccess(key string, write bool) bool

func (Role) HasRecursiveAccess Uses

func (r Role) HasRecursiveAccess(key string, write bool) bool

type Store Uses

type Store interface {
    AllUsers() ([]string, error)
    GetUser(name string) (User, error)
    CreateOrUpdateUser(user User) (out User, created bool, err error)
    CreateUser(user User) (User, error)
    DeleteUser(name string) error
    UpdateUser(user User) (User, error)
    AllRoles() ([]string, error)
    GetRole(name string) (Role, error)
    CreateRole(role Role) error
    DeleteRole(name string) error
    UpdateRole(role Role) (Role, error)
    AuthEnabled() bool
    EnableAuth() error
    DisableAuth() error
    PasswordStore
}

func NewStore Uses

func NewStore(lg *zap.Logger, server doer, timeout time.Duration) Store

type User Uses

type User struct {
    User     string   `json:"user"`
    Password string   `json:"password,omitempty"`
    Roles    []string `json:"roles"`
    Grant    []string `json:"grant,omitempty"`
    Revoke   []string `json:"revoke,omitempty"`
}

Package v2auth imports 16 packages (graph) and is imported by 8 packages. Updated 2019-02-22. Refresh now. Tools for package owners.