Documentation
¶
Index ¶
- Constants
- func AddPolicy(userGroup, resourceGroup, method string) error
- func AddResourceToGroup(resourceName string, groupName ...string) error
- func AddUserToGroup(userName string, groupName ...string) error
- func CreateResourceGroup(groupName string) error
- func CreateUserGroup(groupName string) error
- func GetGroupsForResource(resourceName string) ([]string, error)
- func GetGroupsForUser(userName string) ([]string, error)
- func GetResourceGroup(groupName string) ([]string, error)
- func GetUserGroup(groupName string) ([]string, error)
- func InitAuth(adapter persist.Adapter) *casbin.Enforcer
- func InsertAuthenticatedUser(c *gin.Context, user string)
- func RemovePolicy(userGroup, resourceGroup, method string) error
- func RemoveResource(resourceName string) error
- func RemoveResourceFromGroup(resourceName string, groupName ...string) error
- func RemoveResourceGroup(groupName string) error
- func RemoveUser(userName string) error
- func RemoveUserFromGroup(userName string, groupName ...string) error
- func RemoveUserGroup(groupName string) error
- func ResourceGroupExists(groupName string) (bool, error)
- func RetrieveAuthenticatedUser(ctx context.Context) string
- func UserGroupExists(groupName string) (bool, error)
- type CasbinError
- type ConflictError
- type GroupType
- type NotFoundError
- type Policy
- type ResourceGroup
- type UserGroup
Constants ¶
const ( ContextKeyAuthenticatedUser = "enclave/authenticatedUser" UnauthenticatedUser = "__unauthenticated__" )
Variables ¶
This section is empty.
Functions ¶
func AddPolicy ¶
AddPolicy adds a policy to the enforcer if it does not already exist.
It checks if the user group and resource group exist before adding the policy and throws if they do not.
func AddResourceToGroup ¶
AddResourceToGroup adds a resource to one or more groups. It validates that all specified groups exist before adding the resource.
func AddUserToGroup ¶
AddUserToGroup adds a user to one or more groups. It validates that all specified groups exist before adding the user.
func CreateResourceGroup ¶
CreateResourceGroup creates a new resource group with the specified name. If the group already exists, the function returns without error.
func CreateUserGroup ¶
CreateUserGroup creates a new user group with the specified name. If the group already exists, the function returns without error.
func GetGroupsForResource ¶
GetGroupsForResource returns all groups that a specific resource belongs to.
func GetGroupsForUser ¶
GetGroupsForUser returns all groups that a specific user belongs to.
func GetResourceGroup ¶
GetResourceGroup returns all resources that belong to a specific group.
func GetUserGroup ¶
GetUserGroup returns all users that belong to a specific group.
func InitAuth ¶
InitAuth initializes the casbin enforcer with the provided adapter and sets up default policies. It creates the casbin model, loads policies, and ensures the enclaveAdmin group and policy exist.
func InsertAuthenticatedUser ¶ added in v0.4.1
func RemovePolicy ¶
RemovePolicy removes a policy from the enforcer.
It prevents the removal of the enclaveAdmin policy to ensure that enclaveAdmins always have full access.
func RemoveResource ¶
RemoveResource removes a resource from all groups it belongs to.
func RemoveResourceFromGroup ¶
RemoveResourceFromGroup removes a resource from one or more groups. It validates that all specified groups exist before removing the resource.
func RemoveResourceGroup ¶
RemoveResourceGroup removes a resource group and all associated policies. It prevents removal of the enclaveAdmin group to maintain system security.
func RemoveUser ¶
RemoveUser removes a user from all groups they belong to.
func RemoveUserFromGroup ¶
RemoveUserFromGroup removes a user from one or more groups. It validates that all specified groups exist before removing the user.
func RemoveUserGroup ¶
RemoveUserGroup removes a user group and all associated policies. It prevents removal of the enclaveAdmin group to maintain system security.
func ResourceGroupExists ¶
ResourceGroupExists checks if a resource group with the specified name exists.
func RetrieveAuthenticatedUser ¶ added in v0.4.1
func UserGroupExists ¶
UserGroupExists checks if a user group with the specified name exists.
Types ¶
type CasbinError ¶ added in v0.4.1
func (*CasbinError) Error ¶ added in v0.4.1
func (e *CasbinError) Error() string
func (*CasbinError) Unwrap ¶ added in v0.4.1
func (e *CasbinError) Unwrap() error
type ConflictError ¶ added in v0.4.1
type ConflictError struct {
Reason string
}
func (*ConflictError) Error ¶ added in v0.4.1
func (e *ConflictError) Error() string
type GroupType ¶
type GroupType string
GroupType represents the policy type for different group kinds
type NotFoundError ¶ added in v0.4.1
func (*NotFoundError) Error ¶ added in v0.4.1
func (e *NotFoundError) Error() string
type Policy ¶ added in v0.4.1
func ListPolicies ¶ added in v0.4.1
type ResourceGroup ¶
func GetResourceGroups ¶
func GetResourceGroups() ([]ResourceGroup, error)
GetResourceGroups returns all resource groups as a slice of ResourceGroup structs.
func (ResourceGroup) GetGroupName ¶
func (rg ResourceGroup) GetGroupName() string
func (ResourceGroup) GetName ¶
func (rg ResourceGroup) GetName() string
Implement group interface for ResourceGroup
type UserGroup ¶
func GetUserGroups ¶
GetUserGroups returns all user groups as a slice of UserGroup structs.
Source Files