go-vitess.v1: gopkg.in/src-d/go-vitess.v1/acl Index | Files

package acl

import "gopkg.in/src-d/go-vitess.v1/acl"

Package acl contains functions to enforce access control lists. It allows you to register multiple security policies for enforcing ACLs for users or HTTP requests. The specific policy to use must be specified from a command line argument and cannot be changed on-the-fly.

Index

Package Files

acl.go fallback_policy.go

Constants

const (
    ADMIN      = "admin"
    DEBUGGING  = "debugging"
    MONITORING = "monitoring"
)

This is a list of predefined roles. Applications are free to invent more roles, as long as the acl policies they use can understand what they mean.

func CheckAccessActor Uses

func CheckAccessActor(actor, role string) error

CheckAccessActor uses the current security policy to verify if an actor has access to the role.

func CheckAccessHTTP Uses

func CheckAccessHTTP(req *http.Request, role string) error

CheckAccessHTTP uses the current security policy to verify if an actor in an http request has access to the role.

func RegisterPolicy Uses

func RegisterPolicy(name string, policy Policy)

RegisterPolicy registers a security policy. This function must be called before the first call to CheckAccess happens, preferably through an init. This will ensure that the requested policy can be found by other acl functions when needed.

func SendError Uses

func SendError(w http.ResponseWriter, err error)

SendError is a convenience function that sends an ACL error as an HTTP response.

type FallbackPolicy Uses

type FallbackPolicy struct{}

FallbackPolicy is the policy that's used if the requested policy cannot be found. It rejects all access.

func (FallbackPolicy) CheckAccessActor Uses

func (fp FallbackPolicy) CheckAccessActor(actor, role string) error

CheckAccessActor disallows all actor access.

func (FallbackPolicy) CheckAccessHTTP Uses

func (fp FallbackPolicy) CheckAccessHTTP(req *http.Request, role string) error

CheckAccessHTTP disallows all HTTP access.

type Policy Uses

type Policy interface {
    // CheckAccessActor can be called to verify if an actor
    // has access to the role.
    CheckAccessActor(actor, role string) error
    // CheckAccessHTTP can be called to verify if an actor in
    // the http request has access to the role.
    CheckAccessHTTP(req *http.Request, role string) error
}

Policy defines the interface that needs to be satisfied by ACL policy implementors.

Package acl imports 6 packages (graph) and is imported by 15 packages. Updated 2019-07-20. Refresh now. Tools for package owners.