Documentation
¶
Index ¶
- func AuthStatusCode(ctx context.Context) int
- func CheckAccess(recordResources []string, userResources []string) bool
- func GetUserAuthz(ctx context.Context) []string
- func GetUserPrivileges(ctx context.Context) map[string]map[string]bool
- func HasAnyMethodAccess(ctx context.Context, resources []string, methods ...string) bool
- func HasAuthHeader(ctx context.Context) bool
- func HasGlobalBucketControlAccess(ctx context.Context, methods ...string) bool
- func HasMethodAccess(ctx context.Context, method string, resources []string) bool
- func HasScopedBucketAccess(ctx context.Context, scope models.BucketScope, methods ...string) bool
- func IsGen3Mode(ctx context.Context) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthStatusCode ¶
func CheckAccess ¶
CheckAccess verifies if a user has access to a record based on RBAC resources. A record is accessible if: 1. It has NO required resources (public). 2. OR the user has at least one of the resources listed on the record.
func GetUserAuthz ¶
GetUserAuthz returns the list of resources the user is authorized to access. If not found, returns empty list (no access to protected resources).
func HasAnyMethodAccess ¶
func HasAuthHeader ¶
func HasGlobalBucketControlAccess ¶
HasGlobalBucketControlAccess checks if the user has overarching control over bucket registration.
func HasMethodAccess ¶
func HasScopedBucketAccess ¶
HasScopedBucketAccess checks if a user has access to a specific bucket based on a project/org scope.
func IsGen3Mode ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.