nibbler_user_group

package
v0.23.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2023 License: MIT Imports: 9 Imported by: 1

Documentation

Index

Constants

View Source 
const CreateGroupAction = "create-group"
View Source 
const CreateGroupMembershipAction = "add-member-to-group"

some (hopefully) reusable or useful privileges

View Source 
const CreateGroupPrivilegeAction = "create-group-privilege"
View Source 
const CreatePrivilegeAction = "create-privilege"
View Source 
const DeleteGroupAction = "delete-group"
View Source 
const DeleteGroupPrivilegeAction = "delete-group-privilege"
View Source 
const DeletePrivilegeAction = "delete-privilege"
View Source 
const ListGroupsAction = "list-groups"
View Source 
const RemoveMemberFromGroupAction = "remove-member-from-group"

Variables

This section is empty.

Functions

func GetModels 

func GetModels() []interface{}

GetModels provides all relevant models for stuff like SQLExtension initialization

func GetParamValueFromRequest added in v0.21.0 

func GetParamValueFromRequest(paramName string) func(r *http.Request) (s string, err error)

GetParamValueFromRequest is a convenience function to extract the value of a named param for a request

Types

type Extension 

type Extension struct {
	nibbler.NoOpExtension
	PersistenceExtension PersistenceExtension
	SessionExtension     *session.Extension
	UserExtension        *user.Extension
	DisableDefaultRoutes bool
}

func (*Extension) AddPrivilegeToGroups 

func (s *Extension) AddPrivilegeToGroups(
	groupIdList []string,
	targetGroupId string,
	action string,
) error

AddPrivilegeToGroups adds a specific privilege definition to save to multiple groups. It allows all groups in the groupIdList to perform the provided action on the targetGroupId. If targetGroupId is blank, it means "all resources/groups"

func (*Extension) CreateGroup 

func (s *Extension) CreateGroup(name string) (nibbler.Group, error)

func (*Extension) CreateGroupMembershipRequestHandler added in v0.21.0 

func (s *Extension) CreateGroupMembershipRequestHandler(w http.ResponseWriter, r *http.Request)

CreateGroupMembershipRequestHandler will handle an http request with path param "groupId", and a membership request body

func (*Extension) CreateGroupPrivilegeRequestHandler added in v0.21.0 

func (s *Extension) CreateGroupPrivilegeRequestHandler(w http.ResponseWriter, r *http.Request)

CreateGroupPrivilegeRequestHandler handles an http request with a path param of groupId and body that is a Privilege

func (*Extension) CreateGroupRequestHandler 

func (s *Extension) CreateGroupRequestHandler(w http.ResponseWriter, r *http.Request)

func (*Extension) DeleteGroupPrivilegeRequestHandler added in v0.21.0 

func (s *Extension) DeleteGroupPrivilegeRequestHandler(w http.ResponseWriter, r *http.Request)

DeleteGroupPrivilegeRequestHandler handles an http request with a privilege in its body and "groupId" in the path params

func (*Extension) DeleteGroupRequestHandler added in v0.21.0 

func (s *Extension) DeleteGroupRequestHandler(w http.ResponseWriter, r *http.Request)

func (*Extension) EnforceHasPrivilege 

func (s *Extension) EnforceHasPrivilege(action string, routerFunc func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request)

EnforceHasPrivilege will use HasPrivilege to produce a result for the caller - it will return a 500 if something went wrong, a 401 if no user is authenticated, a 404 if there is no access. It will pass through to the routerFunc if the caller has access

func (*Extension) EnforceHasPrivilegeOnResource 

func (s *Extension) EnforceHasPrivilegeOnResource(action string, getResourceIdFn func(r *http.Request) (string, error), routerFunc func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request)

EnforceHasPrivilegeOnResource will use HasPrivilegeOnResource to produce a result for the caller - it will return a 500 if something went wrong, a 401 if no user is authenticated, a 404 if there is no access. It will pass through to the routerFunc if the caller has access

func (*Extension) GetGroupMembershipsForUser 

func (s *Extension) GetGroupMembershipsForUser(userId string) ([]nibbler.GroupMembership, error)

GetGroupMembershipsForUser lists the groups to which the user (with the provided ID) belongs

func (*Extension) GetGroups 

func (s *Extension) GetGroups(groupIds []string, includePrivileges bool) ([]nibbler.Group, error)

func (*Extension) GetName 

func (s *Extension) GetName() string

func (*Extension) GetUserComposite added in v0.21.0 

func (s *Extension) GetUserComposite(userId string) (*UserComposite, error)

GetUserComposite returns the composite for the user with the given id

func (*Extension) GetUserCompositeRequestHandler added in v0.21.0 

func (s *Extension) GetUserCompositeRequestHandler(w http.ResponseWriter, r *http.Request)

GetUserCompositeRequestHandler gets the composite for the given user - you can either allow them to specify the ID as a path param, or just always make it return the composite for the caller. If you allow the ID to be specified, protect this route with a check to see if the caller can ask for that user's composite info.

func (*Extension) HasPrivilege added in v0.21.0 

func (s *Extension) HasPrivilege(userId, action string) (bool, error)

HasPrivilege returns whether the caller has a privilege for a resource-agnostic action. This is suitable for something like "create-admin" or any other "global"-type privilege

func (*Extension) HasPrivilegeOnResource added in v0.21.0 

func (s *Extension) HasPrivilegeOnResource(userId, resourceId, action string) (bool, error)

HasPrivilegeOnResource will state whether the caller can perform an action on a specific resource. If there is no resource-specific privilege, it will check to see if the caller has the global privilege for that action. For example, some users may have "create-user" privileges for a specific group, but an admin may have a resource-agnostic "create-user" privilege. This function will check both.

func (*Extension) PostInit 

func (s *Extension) PostInit(app *nibbler.Application) error

PostInit adds the default roues, if DisableDefaultRoutes is false

func (*Extension) QueryGroupsRequestHandler added in v0.21.0 

func (s *Extension) QueryGroupsRequestHandler(w http.ResponseWriter, r *http.Request)

QueryGroupsRequestHandler lists groups - it does not yet support queries

func (*Extension) SetGroupMembership 

func (s *Extension) SetGroupMembership(groupId, userId string, role string) (nibbler.GroupMembership, error)

SetGroupMembership upserts the group membership record for a given user and group

type PersistenceExtension 

type PersistenceExtension interface {
	StartTransaction() (PersistenceExtension, error)
	RollbackTransaction() error
	CommitTransaction() error
	GetGroupMembershipsForUser(id string) ([]nibbler.GroupMembership, error)
	SetGroupMembership(groupId string, userId string, role string) (nibbler.GroupMembership, error)
	CreateGroup(group nibbler.Group) error
	DeleteGroup(groupId string, hardDelete bool) error
	SearchGroups(query nibbler.SearchParameters, includePrivileges bool) (*nibbler.SearchResults, error)
	GetGroupsById(ids []string, includePrivileges bool) ([]nibbler.Group, error)
	AddPrivilegeToGroups(groupIdList []string, resourceId string, action string) error
	GetPrivilegesForAction(groupId string, resourceId *string, action string) ([]nibbler.GroupPrivilege, error)
	DeletePrivilege(id string, hardDelete bool) error
}

type UserComposite 

type UserComposite struct {
	CurrentGroup       *nibbler.Group  `json:"currentGroup"`
	Groups             []nibbler.Group `json:"groups"`
	RoleInCurrentGroup string          `json:"roleInCurrentGroup"`
}

UserComposite is a summary of group memberships and the state of the "current" group and role for the user

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.