rbac

package
v0.18.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ResourceApp  = "app"
	ResourceSync = "sync"
)

Resource names used for owner permission lookup

View Source
const AdminRoleName = "admin"

AdminRoleName is the built-in role that grants every permission (including app:approve). It is always defined and cannot be redefined in the config.

View Source
const RBAC_AUTH_PREFIX = "rbac:"
View Source
const RBAC_CUSTOM_PREFIX = "custom:" // used for app level custom permissions
View Source
const RBAC_GROUP_PREFIX = "group:"
View Source
const RBAC_REGEX_PREFIX = "regex:" // used for regex matching in users list
View Source
const RBAC_ROLE_PREFIX = "role:"

Variables

This section is empty.

Functions

func MatchGlob

func MatchGlob(appPathGlob string, app types.AppPathDomain) (bool, error)

func ParseGlob

func ParseGlob(appPathGlob string, apps []types.AppPathDomain) ([]types.AppPathDomain, error)

ParseGlob parses a path spec in the format of domain:path. If domain is not specified, it will match empty domain. glob patters are supported, *:** matches all apps.

func ParseGlobFromInfo

func ParseGlobFromInfo(appPathGlob string, apps []types.AppInfo) ([]types.AppInfo, error)

ParseGlobFromInfo parses a path spec in the format of domain:path. If domain is not specified, it will match empty domain. glob patters are supported, *:** matches all apps.

func PermissionResource added in v0.18.4

func PermissionResource(perm types.RBACPermission) string

PermissionResource returns the resource part of a permission name (app, sync, ...)

func RequestHasRBACAuth added in v0.18.4

func RequestHasRBACAuth(ctx context.Context) bool

RequestHasRBACAuth reports whether the calling app's auth uses the rbac: prefix. Enforcement is two-level: the config enabled flag AND the app auth. Used for lockout checks: publishing an enabled config only affects callers whose app auth opts into rbac

func ValidatePermissionName added in v0.18.4

func ValidatePermissionName(perm types.RBACPermission) error

ValidatePermissionName checks that a permission entry is a valid resource:verb permission or permission glob. Used for local validation of draft edits

Types

type RBACAPI

type RBACAPI interface {
	AuthorizeAny(ctx context.Context, permissions []string) (bool, error)
	Authorize(ctx context.Context, permission types.RBACPermission, isAppLevelPermission bool) (bool, error)
	GetCustomPermissions(ctx context.Context) ([]string, error)
	IsAppRBACEnabled(ctx context.Context) bool
}

RBACAPI is the interface used by the app package for app level (custom permission) checks. The management API enforcement methods (AuthorizeAPI, AuthorizeGlobalAPI, GetAPIPermissions) are used through the concrete RBACManager by the server package and are not part of this interface

type RBACManager

type RBACManager struct {
	*types.Logger
	RbacConfig *types.RBACConfig
	// contains filtered or unexported fields
}

func NewRBACHandler

func NewRBACHandler(logger *types.Logger, rbacConfig *types.RBACConfig, serverConfig *types.ServerConfig) (*RBACManager, error)

func (*RBACManager) APIEnforced added in v0.18.4

func (h *RBACManager) APIEnforced(ctx context.Context) bool

APIEnforced reports whether management API RBAC enforcement is active for this request: the RBAC config is enabled AND the calling app's auth has the rbac: prefix. The combined bool is computed once at request setup and stored in the context, so this is a single context lookup with no locking or allocation. Calls with no app context (unix socket / admin over TCP) are never enforced.

func (*RBACManager) Authorize

func (h *RBACManager) Authorize(ctx context.Context, permission types.RBACPermission, isCustomPermission bool) (bool, error)

Authorize checks if the user has access to the specified permission

func (*RBACManager) AuthorizeAPI added in v0.18.4

func (h *RBACManager) AuthorizeAPI(ctx context.Context, perm types.RBACPermission,
	target types.AppPathDomain, owner string) (bool, error)

AuthorizeAPI checks if the user can perform the management API operation needing permission perm on the app at target. target must be resolved to the main app path for stage/preview apps. owner is the app creator ("" if not known); the owner of an app holds the configured owner permissions on it without any grant. Returns true without any evaluation when enforcement is not active (see APIEnforced)

func (*RBACManager) AuthorizeAny

func (h *RBACManager) AuthorizeAny(ctx context.Context, permissions []string) (bool, error)

AuthorizeAny checks if the user has access to any of the specified custom permissions Used for app level permissions, like actions access

func (*RBACManager) AuthorizeGlobalAPI added in v0.18.4

func (h *RBACManager) AuthorizeGlobalAPI(ctx context.Context, perm types.RBACPermission, owner string) (bool, error)

AuthorizeGlobalAPI checks a global (non app path) permission like sync:create or binding:read. owner is the creator of the specific entry being operated on ("" when not applicable); the owner holds the configured owner permissions on their entries

func (*RBACManager) AuthorizeInt

func (h *RBACManager) AuthorizeInt(user string, appPathDomain types.AppPathDomain,
	appAuthSetting string, permission types.RBACPermission, groups []string, isAppLevelPermission bool) (bool, error)

func (*RBACManager) AuthorizeUserPerm added in v0.18.4

func (h *RBACManager) AuthorizeUserPerm(user string, groups []string, perm types.RBACPermission) (bool, error)

AuthorizeUserPerm evaluates a global permission for the given user and groups directly against this manager's config, without request context. Used for lockout checks when publishing a candidate config

func (*RBACManager) GetAPIPermissions added in v0.18.4

func (h *RBACManager) GetAPIPermissions(ctx context.Context, target types.AppPathDomain, owner string) ([]string, error)

GetAPIPermissions returns the management API permissions the user holds: app permissions evaluated against target/owner plus the global permissions the user holds. When enforcement is not active, all permissions are returned

func (*RBACManager) GetCustomPermissions

func (h *RBACManager) GetCustomPermissions(ctx context.Context) ([]string, error)

GetCustomPermissions returns the custom permissions for the user on the current app

func (*RBACManager) GetCustomPermissionsInt

func (h *RBACManager) GetCustomPermissionsInt(user string, appPathDomain types.AppPathDomain, appAuthSetting string,
	groups []string) ([]string, error)

GetCustomPermissions returns the custom permissions set for the user for the given app path domain and app auth setting Values in returned list do not have the custom: prefix

func (*RBACManager) IsAppRBACEnabled

func (h *RBACManager) IsAppRBACEnabled(ctx context.Context) bool

IsAppRBACEnabled checks if the RBAC is enabled for the current app

func (*RBACManager) UpdateRBACConfig

func (h *RBACManager) UpdateRBACConfig(rbacConfig *types.RBACConfig) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL