authz

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authorizer 

type Authorizer interface {
	CheckPermission(ctx context.Context, details *RequestDetails, object Object, entitlement Entitlement) error
}

Authorizer is the primary external API for this package.

type Entitlement 

type Entitlement string

Entitlement is a type representation of a permission as it applies to a particular ObjectType. 

const (
	// Entitlements that apply to all resources.
	EntitlementCanCreate Entitlement = "can_create"
	EntitlementCanDelete Entitlement = "can_delete"
	EntitlementCanEdit   Entitlement = "can_edit"
	EntitlementCanView   Entitlement = "can_view"
)

func (Entitlement) String 

func (e Entitlement) String() string

String implements fmt.Stringer for Entitlement.

type Object 

type Object string

Object is a string alias that represents an authorization object. These are formatted strings that uniquely identify an API resource, and can be constructed/deconstructed reliably. An Object is always of the form <ObjectType>:<identifier> where the identifier is a "/" delimited path containing elements that uniquely identify a resource. If the resource is defined at the project level, the first element of this path is always the project. Some example objects would be:

  • `instance:default/c1`: Instance object in project "default" and name "c1".
  • `storage_pool:local`: Storage pool object with name "local".
  • `storage_volume:default/local/custom/vol1`: Storage volume object in project "default", storage pool "local", type "custom", and name "vol1".

func NewObject 

func NewObject(objectType ObjectType, identifierElements ...string) (Object, error)

NewObject returns an Object of the given type. The passed in arguments must be in the correct order (as found in the URL for the resource). This function will error if an invalid object type is given, or if the correct number of arguments is not passed in.

func ObjectFromRequest 

func ObjectFromRequest(r *http.Request, objectType ObjectType, muxVars ...string) (Object, error)

ObjectFromRequest returns an object created from the request.

func ObjectServer 

func ObjectServer() Object

ObjectServer represents a server.

func ObjectUser 

func ObjectUser(userName string) Object

ObjectUser represents a user.

func (Object) Elements 

func (o Object) Elements() []string

Elements returns the elements that uniquely identify the authorization Object.

func (Object) String 

func (o Object) String() string

String implements fmt.Stringer for Object.

func (Object) Type 

func (o Object) Type() ObjectType

Type returns the ObjectType of the Object.

type ObjectType 

type ObjectType string

ObjectType is a type of resource within the operations center. 

const (
	// ObjectTypeUser represents a user.
	ObjectTypeUser ObjectType = "user"

	// ObjectTypeServer represents a server.
	ObjectTypeServer ObjectType = "server"
)

func (ObjectType) String 

func (o ObjectType) String() string

String implements fmt.Stringer for ObjectType.

type RequestDetails 

type RequestDetails struct {
	Username string
	Protocol string
	URL      *url.URL
	Method   string
}

RequestDetails is a type representing an authorization request.

func ExtractRequestDetails 

func ExtractRequestDetails(r *http.Request) (*RequestDetails, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.