permission

package
v0.0.0-...-0fffe9f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Credential is a value stored against request.Maker key in the context.
	// It basically acts as an identifier that tells whether the request uses
	// permission credential.
	Credential = contextKey("permission_credential")
)

Variables

This section is empty.

Functions

func NewContext 

func NewContext(ctx context.Context, p *Permission) context.Context

NewContext returns a new context with the given permission.

Types

type Limits 

type Limits struct {
	IPLimit               int64 `json:"ip_limit"`
	DocsLimit             int64 `json:"docs_limit"`
	SearchLimit           int64 `json:"search_limit"`
	IndicesLimit          int64 `json:"indices_limit"`
	CatLimit              int64 `json:"cat_limit"`
	ClustersLimit         int64 `json:"clusters_limit"`
	MiscLimit             int64 `json:"misc_limit"`
	UserLimit             int64 `json:"user_limit"`
	PermissionLimit       int64 `json:"permission_limit"`
	AnalyticsLimit        int64 `json:"analytics_limit"`
	RulesLimit            int64 `json:"rules_limit"`
	SuggestionsLimit      int64 `json:"suggestions_limit"`
	StreamsLimit          int64 `json:"streams_limit"`
	AuthLimit             int64 `json:"auth_limit"`
	ReactiveSearchLimit   int64 `json:"reactivesearch_limit"`
	SearchRelevancyLimit  int64 `json:"searchrelevancy_limit"`
	SearchGraderLimit     int64 `json:"searchgrader_limit"`
	EcommIntegrationLimit int64 `json:"ecommintegration_limit"`
	LogsLimit             int64 `json:"logs_limit"`
	SynonymsLimit         int64 `json:"synonyms_limit"`
	CacheLimit            int64 `json:"cache_limit"`
	StoredQueryLimit      int64 `json:"storedquery_limit"`
	PipelinesLimit        int64 `json:"pipelines_limit"`
	SyncLimit             int64 `json:"sync_limit"`
}

Limits defines the rate limits for each category.

type Options 

type Options func(p *Permission) error

Options is a function type used to define a permission's properties.

func SetACLs 

func SetACLs(acls []acl.ACL) Options

SetACLs sets the acls a permission can have access to.

func SetCategories 

func SetCategories(categories []category.Category) Options

SetCategories sets the categories a permission can have access to.

func SetDescription 

func SetDescription(description string) Options

SetDescription sets the permission description.

func SetExcludes 

func SetExcludes(excludes []string) Options

SetExcludes sets the excludes fields

func SetIncludes 

func SetIncludes(includes []string) Options

SetIncludes sets the includes fields

func SetIndices 

func SetIndices(indices []string) Options

SetIndices sets the indices or index patterns a permission can have access to.

func SetLimits 

func SetLimits(limits *Limits, isAdmin bool) Options

SetLimits sets the rate limits for each category in a permission.

func SetOps 

func SetOps(ops []op.Operation) Options

SetOps sets the operations a permission can perform.

func SetOwner 

func SetOwner(owner string) Options

SetOwner sets the owner of a permission.

func SetReactivesearchConfig 

func SetReactivesearchConfig(config ReactiveSearchConfig) Options

SetDescription sets the permission reactivesearchConfig.

func SetReferers 

func SetReferers(referers []string) Options

SetReferers sets the referers from which the permission can make request from.

func SetRole 

func SetRole(role string) Options

func SetSources 

func SetSources(sources []string) Options

SetSources sets the sources from which the permission can make request from. Sources are accepted and parsed in CIDR notation.

func SetSourcesXffValue 

func SetSourcesXffValue(value *int) Options

SetIncludes sets the sources_xff_value fields

func SetTTL 

func SetTTL(duration time.Duration) Options

SetTTL sets the permission's time-to-live.

type Permission 

type Permission struct {
	Username             string                `json:"username"`
	Password             string                `json:"password"`
	Owner                string                `json:"owner"`
	Creator              string                `json:"creator"`
	Role                 string                `json:"role"`
	Categories           []category.Category   `json:"categories"`
	ACLs                 []acl.ACL             `json:"acls"`
	Ops                  []op.Operation        `json:"ops"`
	Indices              []string              `json:"indices"`
	Sources              []string              `json:"sources"`
	SourcesXffValue      *int                  `json:"sources_xff_value"`
	Referers             []string              `json:"referers"`
	CreatedAt            string                `json:"created_at"`
	TTL                  time.Duration         `json:"ttl"`
	Limits               *Limits               `json:"limits"`
	Description          string                `json:"description"`
	Includes             []string              `json:"include_fields"`
	Excludes             []string              `json:"exclude_fields"`
	Expired              bool                  `json:"expired"`
	ReactiveSearchConfig *ReactiveSearchConfig `json:"reactivesearchConfig,omitempty"`
	UpdatedAt            string                `json:"updated_at"`
}

Permission defines a permission type.

func FromContext 

func FromContext(ctx context.Context) (*Permission, error)

FromContext retrieves the permission stored against permission.CtxKey from the context.

func New 

func New(creator string, opts ...Options) (*Permission, error)

New creates a new permission by running the Options on it. It returns a default permission in case no Options are provided. The default owner of the permission is the creator itself.

func NewAdmin 

func NewAdmin(creator string, opts ...Options) (*Permission, error)

NewAdmin creates a new admin permission by running the Options on it. It returns a permission with admin defaults in case no Options are provided. The default owner of the permission is the creator itself.

func (*Permission) CanAccessCluster 

func (p *Permission) CanAccessCluster() (bool, error)

CanAccessCluster checks whether the user can access cluster level routes.

func (*Permission) CanAccessIndex 

func (p *Permission) CanAccessIndex(name string) (bool, error)

CanAccessIndex checks whether the permission has access to given index or index pattern.

func (*Permission) CanAccessIndices 

func (p *Permission) CanAccessIndices(indices ...string) (bool, error)

CanAccessIndices checks whether the user has access to the given indices.

func (*Permission) CanDo 

func (p *Permission) CanDo(op op.Operation) bool

CanDo checks whether the permission can perform a given operation.

func (*Permission) GetIPLimit 

func (p *Permission) GetIPLimit() int64

GetIPLimit returns the IPLimit i.e. the number of requests allowed per IP address per hour.

func (*Permission) GetLimitFor 

func (p *Permission) GetLimitFor(c category.Category) (int64, error)

GetLimitFor returns the rate limit for the given category in the permission.

func (*Permission) GetPatch 

func (p *Permission) GetPatch(rolePatched bool) (map[string]interface{}, error)

GetPatch generates a patch doc from the non-zero values in the permission.

func (*Permission) HasACL 

func (p *Permission) HasACL(acl acl.ACL) bool

HasACL checks whether the permission has access to the given acl.

func (*Permission) HasCategory 

func (p *Permission) HasCategory(category category.Category) bool

HasCategory checks whether the permission has access to the given category.

func (*Permission) Id 

func (p *Permission) Id() string

func (*Permission) IsExpired 

func (p *Permission) IsExpired() (bool, error)

IsExpired checks whether the permission is expired or not.

func (*Permission) ValidateACLs 

func (p *Permission) ValidateACLs(acls ...acl.ACL) error

ValidateACLs checks if the permission can possess the given set of categories.

type ReactiveSearchConfig 

type ReactiveSearchConfig struct {
	MaxSize            *int  `json:"maxSize,omitempty"`
	MaxAggregationSize *int  `json:"maxAggregationSize,omitempty"`
	DisbaleQueryDSL    *bool `json:"disableQueryDSL,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.