fence

package
v0.1.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2025 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidPrincipal = errors.New("invalid principal")
)

Functions

func ContextWithClient 

func ContextWithClient(ctx context.Context, cl *Client) context.Context

func ContextWithPrincipal 

func ContextWithPrincipal(ctx context.Context, principal *fencev1.UID) context.Context

func PrincipalFromContext 

func PrincipalFromContext(ctx context.Context) (*fencev1.UID, error)

func UIDToString 

func UIDToString(u *fencev1.UID) string

Types

type AgentConfig 

type AgentConfig struct {
	Address string
	Timeout time.Duration
}

type CachedState 

type CachedState struct {
	// contains filtered or unexported fields
}

func NewCachedState 

func NewCachedState(state FenceState, refreshDuration time.Duration) (*CachedState, error)

func (*CachedState) IsAllowed 

func (cfs *CachedState) IsAllowed(ctx context.Context, principal, action, resource *fencev1.UID) error

func (*CachedState) Refresh 

func (cfs *CachedState) Refresh(ctx context.Context) error

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func ClientFromContext 

func ClientFromContext(ctx context.Context) *Client

func NewClient 

func NewClient(state FenceState) *Client

func (*Client) IsAllowed 

func (c *Client) IsAllowed(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID) error

func (*Client) IsAllowedFromContext 

func (c *Client) IsAllowedFromContext(ctx context.Context, action *fencev1.UID, resource *fencev1.UID) error

type FenceAgentState 

type FenceAgentState struct {
	// contains filtered or unexported fields
}

func NewAgentState 

func NewAgentState(cfg AgentConfig) *FenceAgentState

func (*FenceAgentState) IsAllowed 

func (a *FenceAgentState) IsAllowed(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID) error

func (*FenceAgentState) Refresh 

func (a *FenceAgentState) Refresh(_ context.Context) error

type FenceAuthzError 

type FenceAuthzError struct {
	// contains filtered or unexported fields
}

func NewAuthzError 

func NewAuthzError(principal, action, resource *fencev1.UID) FenceAuthzError

func (FenceAuthzError) Error 

func (az FenceAuthzError) Error() string

type FenceState 

type FenceState interface {
	IsAllowed(ctx context.Context, principal, action, resource *fencev1.UID) error
	Refresh(context.Context) error
	// contains filtered or unexported methods
}

type FileState 

type FileState struct {
	// contains filtered or unexported fields
}

func NewFileState 

func NewFileState(fs afero.Fs, policyPath, entityPath string) (*FileState, error)

func (*FileState) IsAllowed 

func (s *FileState) IsAllowed(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID) error

func (*FileState) Refresh 

func (s *FileState) Refresh(context.Context) error

type MockFenceState 

type MockFenceState struct {
	mock.Mock
}

MockFenceState is an autogenerated mock type for the FenceState type

func NewMockFenceState 

func NewMockFenceState(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockFenceState

NewMockFenceState creates a new instance of MockFenceState. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockFenceState) EXPECT 

func (_m *MockFenceState) EXPECT() *MockFenceState_Expecter

func (*MockFenceState) IsAllowed 

func (_mock *MockFenceState) IsAllowed(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID) error

IsAllowed provides a mock function for the type MockFenceState

func (*MockFenceState) Refresh 

func (_mock *MockFenceState) Refresh(context1 context.Context) error

Refresh provides a mock function for the type MockFenceState

type MockFenceState_Expecter 

type MockFenceState_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockFenceState_Expecter) IsAllowed 

func (_e *MockFenceState_Expecter) IsAllowed(ctx interface{}, principal interface{}, action interface{}, resource interface{}) *MockFenceState_IsAllowed_Call

IsAllowed is a helper method to define mock.On call

  • ctx context.Context
  • principal *fencev1.UID
  • action *fencev1.UID
  • resource *fencev1.UID

func (*MockFenceState_Expecter) Refresh 

func (_e *MockFenceState_Expecter) Refresh(context1 interface{}) *MockFenceState_Refresh_Call

Refresh is a helper method to define mock.On call

  • context1 context.Context

type MockFenceState_IsAllowed_Call 

type MockFenceState_IsAllowed_Call struct {
	*mock.Call
}

MockFenceState_IsAllowed_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'IsAllowed'

func (*MockFenceState_IsAllowed_Call) Return 

func (_c *MockFenceState_IsAllowed_Call) Return(err error) *MockFenceState_IsAllowed_Call

func (*MockFenceState_IsAllowed_Call) Run 

func (_c *MockFenceState_IsAllowed_Call) Run(run func(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID)) *MockFenceState_IsAllowed_Call

func (*MockFenceState_IsAllowed_Call) RunAndReturn 

func (_c *MockFenceState_IsAllowed_Call) RunAndReturn(run func(ctx context.Context, principal *fencev1.UID, action *fencev1.UID, resource *fencev1.UID) error) *MockFenceState_IsAllowed_Call

type MockFenceState_Refresh_Call 

type MockFenceState_Refresh_Call struct {
	*mock.Call
}

MockFenceState_Refresh_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Refresh'

func (*MockFenceState_Refresh_Call) Return 

func (_c *MockFenceState_Refresh_Call) Return(err error) *MockFenceState_Refresh_Call

func (*MockFenceState_Refresh_Call) Run 

func (_c *MockFenceState_Refresh_Call) Run(run func(context1 context.Context)) *MockFenceState_Refresh_Call

func (*MockFenceState_Refresh_Call) RunAndReturn 

func (_c *MockFenceState_Refresh_Call) RunAndReturn(run func(context1 context.Context) error) *MockFenceState_Refresh_Call

type MockFenceState_refresh_Call 

type MockFenceState_refresh_Call struct {
	*mock.Call
}

MockFenceState_refresh_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'refresh'

func (*MockFenceState_refresh_Call) Return 

func (_c *MockFenceState_refresh_Call) Return(err error) *MockFenceState_refresh_Call

func (*MockFenceState_refresh_Call) Run 

func (_c *MockFenceState_refresh_Call) Run(run func()) *MockFenceState_refresh_Call

func (*MockFenceState_refresh_Call) RunAndReturn 

func (_c *MockFenceState_refresh_Call) RunAndReturn(run func() error) *MockFenceState_refresh_Call

type TestingState 

type TestingState struct {
	AllowCall bool
}

func (*TestingState) IsAllowed 

func (ts *TestingState) IsAllowed(ctx context.Context, principal, action, resource *fencev1.UID) error

func (*TestingState) Refresh 

func (ts *TestingState) Refresh(context.Context) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.