Documentation
¶
Overview ¶
Package authz handles all things authorization, policing who (subjects) can do what (actions) on what (resources).
Index ¶
- Variables
- func AddSkipAuthz(ctx context.Context) context.Context
- func AddSubjectToContext(ctx context.Context, subj Subject) context.Context
- func NewAllowAllAuthorizer() *allowAllAuthorizer
- func SkipAuthz(ctx context.Context) bool
- type Authorizer
- func (a *Authorizer) Authorize(ctx context.Context, action resource.Action, kind resource.Kind, ...) (Subject, error)
- func (a *Authorizer) CanAccess(ctx context.Context, action resource.Action, kind resource.Kind, ...) bool
- func (a *Authorizer) RegisterParentResolver(kind resource.Kind, resolver ParentResolver)
- type CanAccessOption
- type Interface
- type ParentResolver
- type Request
- type Role
- type Subject
- type Superuser
- type WorkspacePolicy
- type WorkspacePolicyGetter
Constants ¶
This section is empty.
Variables ¶
var ( // OrganizationMinPermissions are permissions granted to all team // members within an organization. OrganizationMinPermissions = Role{ // contains filtered or unexported fields } // WorkspaceReadRole is scoped to a workspace and permits read-only actions // on the workspace. WorkspaceReadRole = Role{ // contains filtered or unexported fields } // WorkspacePlanRole is scoped to a workspace and permits creating plans on // the workspace. WorkspacePlanRole = Role{ // contains filtered or unexported fields } // WorkspaceWriteRole is scoped to a workspace and permits write actions on // the workspace. WorkspaceWriteRole = Role{ // contains filtered or unexported fields } // WorkspaceAdminRole is scoped to a workspace and permits management of the // workspace. WorkspaceAdminRole = Role{ // contains filtered or unexported fields } // WorkspaceManagerRole is scoped to an organization and permits management // of workspaces. WorkspaceManagerRole = Role{ // contains filtered or unexported fields } // VCSManagerRole is scoped to an organization and permits management of VCS // providers. VCSManagerRole = Role{ // contains filtered or unexported fields } // RegistryManagerRole is scoped to an organization and permits management // of registry of modules and providers RegistryManagerRole = Role{ // contains filtered or unexported fields } )
Functions ¶
func AddSkipAuthz ¶
AddSkipAuthz adds to the context an instruction to skip authorization. Authorizers should obey this instruction using SkipAuthz
func AddSubjectToContext ¶
AddSubjectToContext adds a subject to a context
func NewAllowAllAuthorizer ¶
func NewAllowAllAuthorizer() *allowAllAuthorizer
Types ¶
type Authorizer ¶
type Authorizer struct {
logr.Logger
WorkspacePolicyGetter
// contains filtered or unexported fields
}
Authorizer intermediates authorization between subjects (entities requesting access) and resources (the entities to which access is being requested).
func NewAuthorizer ¶
func NewAuthorizer(logger logr.Logger) *Authorizer
func (*Authorizer) Authorize ¶
func (a *Authorizer) Authorize(ctx context.Context, action resource.Action, kind resource.Kind, resourceID resource.ID, opts ...CanAccessOption) (Subject, error)
Authorize determines whether the subject can carry out an action on a resource. The subject is expected to be contained within the context. If the access request is nil then it's assumed the request is for access to the entire site (the highest level).
func (*Authorizer) CanAccess ¶
func (a *Authorizer) CanAccess(ctx context.Context, action resource.Action, kind resource.Kind, id resource.ID) bool
CanAccess is a helper to boil down an access request to a true/false decision, with any error encountered interpreted as false.
func (*Authorizer) RegisterParentResolver ¶ added in v0.3.17
func (a *Authorizer) RegisterParentResolver(kind resource.Kind, resolver ParentResolver)
RegisterParentResolver registers with the authorizer a means of resolving the parent of a resource.
type CanAccessOption ¶
type CanAccessOption func(*canAccessConfig)
func WithoutErrorLogging ¶
func WithoutErrorLogging() CanAccessOption
WithoutErrorLogging disables logging an unauthorized error. This can be useful if just checking if a user can do something.
type Interface ¶
type Interface interface {
Authorize(ctx context.Context, action resource.Action, kind resource.Kind, id resource.ID, opts ...CanAccessOption) (Subject, error)
CanAccess(ctx context.Context, action resource.Action, kind resource.Kind, id resource.ID) bool
}
Interface provides an interface for services to use to permit swapping out the authorizer for tests.
type ParentResolver ¶ added in v0.3.17
type Request ¶ added in v0.3.17
type Request struct {
// ID of resource to which access is being requested.
resource.ID
// WorkspacePolicy provides a means of checking workspace-specific
// permissions for the resource specified by the ID above. If this is nil
// then the resource is not a workspace or does not belong to a workspace.
WorkspacePolicy WorkspacePolicy
// contains filtered or unexported fields
}
Request for authorization.
func (Request) Organization ¶ added in v0.3.17
Organization identifies the organization that the requested resource belongs to, or the organization itself if access to an organization is being requested.
type Role ¶
type Role struct {
// contains filtered or unexported fields
}
Role is a set of permitted actions
func WorkspaceRoleFromString ¶
type Subject ¶
type Subject interface {
CanAccess(action resource.Action, kind resource.Kind, req Request) bool
String() string
}
Subject is an entity that carries out actions on resources.
type Superuser ¶
type Superuser struct {
Username string
}
Superuser is a subject with unlimited privileges.
type WorkspacePolicy ¶
type WorkspacePolicy interface {
Check(subject resource.ID, action resource.Action, kind resource.Kind) bool
}
WorkspacePolicy checks whether a subject is permitted to carry out an action on a workspace.
type WorkspacePolicyGetter ¶
type WorkspacePolicyGetter func(ctx context.Context, workspaceID resource.ID) (WorkspacePolicy, error)
WorkspacePolicyGetter retrieves a workspace's policy.
Source Files