Documentation
¶
Index ¶
- func GetCurrentSessionIDFromContext(ctx context.Context) (string, bool)
- func GetCurrentUserFromContext(ctx context.Context) (*models.User, bool)
- func GetRemoteAddrFromContext(ctx context.Context) string
- func GetUserIDFromContext(ctx context.Context) (string, bool)
- func NewAuthBridge(api huma.API, authService *services.AuthService, ...) func(ctx huma.Context, next func(huma.Context))
- func PermissionsFromContext(ctx context.Context) (*authz.PermissionSet, bool)
- func RequireGlobalAdmin(api huma.API) huma.Middlewares
- func RequirePermission(api huma.API, perm string) huma.Middlewares
- type ContextKey
- type PermissionResolver
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetCurrentSessionIDFromContext ¶
GetCurrentSessionIDFromContext retrieves the current session ID from the context.
func GetCurrentUserFromContext ¶
GetCurrentUserFromContext retrieves the current user from the context.
func GetRemoteAddrFromContext ¶
GetRemoteAddrFromContext retrieves the request remote address from context.
func GetUserIDFromContext ¶
GetUserIDFromContext retrieves the user ID from the context.
func NewAuthBridge ¶
func NewAuthBridge(api huma.API, authService *services.AuthService, apiKeyService *services.ApiKeyService, permResolver PermissionResolver, envTokenResolver environmentAccessTokenResolver, cfg *config.Config) func(ctx huma.Context, next func(huma.Context))
NewAuthBridge creates a Huma middleware that validates credentials and enforces security requirements defined on operations. It also resolves the caller's effective PermissionSet via permResolver and stashes it on the request context for downstream RequirePermission checks.
func PermissionsFromContext ¶
func PermissionsFromContext(ctx context.Context) (*authz.PermissionSet, bool)
PermissionsFromContext retrieves the caller's resolved PermissionSet. Returns nil, false on unauthenticated paths.
func RequireGlobalAdmin ¶
func RequireGlobalAdmin(api huma.API) huma.Middlewares
RequireGlobalAdmin returns a per-operation Huma middleware that rejects any caller who is not a global admin (or sudo). Used for operations that are intentionally not exposed as delegated permissions — role creation/edits, user role assignment, and OIDC mapping management. Keeping these admin-only avoids the meta-escalation surface where a holder of `roles:assign` could promote themselves via a custom role.
func RequirePermission ¶
func RequirePermission(api huma.API, perm string) huma.Middlewares
RequirePermission returns a per-operation Huma middleware that rejects callers lacking `perm`. For env-scoped permissions, the env ID is extracted from the request path (/environments/{id}/...). For org-level permissions, the env ID segment, if any, is ignored.
Attach via Operation.Middlewares:
huma.Register(api, huma.Operation{..., Middlewares: middleware.RequirePermission(api, authz.PermContainersStart)}, h.Handler)
Types ¶
type ContextKey ¶
type ContextKey string
ContextKey is a type for context keys used by Huma handlers.
const ( // ContextKeyUserID is the context key for the authenticated user's ID. ContextKeyUserID ContextKey = "userID" // ContextKeyCurrentUser is the context key for the authenticated user model. ContextKeyCurrentUser ContextKey = "currentUser" // ContextKeyCurrentSessionID is the context key for the authenticated session ID. ContextKeyCurrentSessionID ContextKey = "currentSessionID" // ContextKeyUserPermissions is the context key for the caller's resolved // PermissionSet, attached by the auth bridge. ContextKeyUserPermissions ContextKey = "userPermissions" // ContextKeyRemoteAddr is the context key for the request remote address. ContextKeyRemoteAddr ContextKey = "remoteAddr" )
type PermissionResolver ¶
type PermissionResolver interface {
ResolvePermissions(ctx context.Context, user *models.User) (*authz.PermissionSet, error)
ResolveApiKeyPermissions(ctx context.Context, apiKeyID string) (*authz.PermissionSet, error)
}
PermissionResolver resolves a caller's effective permission set. Implemented by services.RoleService; kept as an interface so tests can stub it.
Source Files