Documentation
¶
Index ¶
- Constants
- func MatchGlob(appPathGlob string, app types.AppPathDomain) (bool, error)
- func ParseGlob(appPathGlob string, apps []types.AppPathDomain) ([]types.AppPathDomain, error)
- func ParseGlobFromInfo(appPathGlob string, apps []types.AppInfo) ([]types.AppInfo, error)
- func PermissionResource(perm types.RBACPermission) string
- func RequestHasRBACAuth(ctx context.Context) bool
- func ValidatePermissionName(perm types.RBACPermission) error
- type RBACAPI
- type RBACManager
- func (h *RBACManager) APIEnforced(ctx context.Context) bool
- func (h *RBACManager) Authorize(ctx context.Context, permission types.RBACPermission, isCustomPermission bool) (bool, error)
- func (h *RBACManager) AuthorizeAPI(ctx context.Context, perm types.RBACPermission, target types.AppPathDomain, ...) (bool, error)
- func (h *RBACManager) AuthorizeAny(ctx context.Context, permissions []string) (bool, error)
- func (h *RBACManager) AuthorizeGlobalAPI(ctx context.Context, perm types.RBACPermission, owner string) (bool, error)
- func (h *RBACManager) AuthorizeInt(user string, appPathDomain types.AppPathDomain, appAuthSetting string, ...) (bool, error)
- func (h *RBACManager) AuthorizeUserPerm(user string, groups []string, perm types.RBACPermission) (bool, error)
- func (h *RBACManager) GetAPIPermissions(ctx context.Context, target types.AppPathDomain, owner string) ([]string, error)
- func (h *RBACManager) GetCustomPermissions(ctx context.Context) ([]string, error)
- func (h *RBACManager) GetCustomPermissionsInt(user string, appPathDomain types.AppPathDomain, appAuthSetting string, ...) ([]string, error)
- func (h *RBACManager) IsAppRBACEnabled(ctx context.Context) bool
- func (h *RBACManager) UpdateRBACConfig(rbacConfig *types.RBACConfig) error
Constants ¶
const ( ResourceApp = "app" ResourceSync = "sync" )
Resource names used for owner permission lookup
const AdminRoleName = "admin"
AdminRoleName is the built-in role that grants every permission (including app:approve). It is always defined and cannot be redefined in the config.
const RBAC_AUTH_PREFIX = "rbac:"
const RBAC_CUSTOM_PREFIX = "custom:" // used for app level custom permissions
const RBAC_GROUP_PREFIX = "group:"
const RBAC_REGEX_PREFIX = "regex:" // used for regex matching in users list
const RBAC_ROLE_PREFIX = "role:"
Variables ¶
This section is empty.
Functions ¶
func ParseGlob ¶
func ParseGlob(appPathGlob string, apps []types.AppPathDomain) ([]types.AppPathDomain, error)
ParseGlob parses a path spec in the format of domain:path. If domain is not specified, it will match empty domain. glob patters are supported, *:** matches all apps.
func ParseGlobFromInfo ¶
ParseGlobFromInfo parses a path spec in the format of domain:path. If domain is not specified, it will match empty domain. glob patters are supported, *:** matches all apps.
func PermissionResource ¶ added in v0.18.4
func PermissionResource(perm types.RBACPermission) string
PermissionResource returns the resource part of a permission name (app, sync, ...)
func RequestHasRBACAuth ¶ added in v0.18.4
RequestHasRBACAuth reports whether the calling app's auth uses the rbac: prefix. Enforcement is two-level: the config enabled flag AND the app auth. Used for lockout checks: publishing an enabled config only affects callers whose app auth opts into rbac
func ValidatePermissionName ¶ added in v0.18.4
func ValidatePermissionName(perm types.RBACPermission) error
ValidatePermissionName checks that a permission entry is a valid resource:verb permission or permission glob. Used for local validation of draft edits
Types ¶
type RBACAPI ¶
type RBACAPI interface {
AuthorizeAny(ctx context.Context, permissions []string) (bool, error)
Authorize(ctx context.Context, permission types.RBACPermission, isAppLevelPermission bool) (bool, error)
GetCustomPermissions(ctx context.Context) ([]string, error)
IsAppRBACEnabled(ctx context.Context) bool
}
RBACAPI is the interface used by the app package for app level (custom permission) checks. The management API enforcement methods (AuthorizeAPI, AuthorizeGlobalAPI, GetAPIPermissions) are used through the concrete RBACManager by the server package and are not part of this interface
type RBACManager ¶
type RBACManager struct {
*types.Logger
RbacConfig *types.RBACConfig
// contains filtered or unexported fields
}
func NewRBACHandler ¶
func NewRBACHandler(logger *types.Logger, rbacConfig *types.RBACConfig, serverConfig *types.ServerConfig) (*RBACManager, error)
func (*RBACManager) APIEnforced ¶ added in v0.18.4
func (h *RBACManager) APIEnforced(ctx context.Context) bool
APIEnforced reports whether management API RBAC enforcement is active for this request: the RBAC config is enabled AND the calling app's auth has the rbac: prefix. The combined bool is computed once at request setup and stored in the context, so this is a single context lookup with no locking or allocation. Calls with no app context (unix socket / admin over TCP) are never enforced.
func (*RBACManager) Authorize ¶
func (h *RBACManager) Authorize(ctx context.Context, permission types.RBACPermission, isCustomPermission bool) (bool, error)
Authorize checks if the user has access to the specified permission
func (*RBACManager) AuthorizeAPI ¶ added in v0.18.4
func (h *RBACManager) AuthorizeAPI(ctx context.Context, perm types.RBACPermission, target types.AppPathDomain, owner string) (bool, error)
AuthorizeAPI checks if the user can perform the management API operation needing permission perm on the app at target. target must be resolved to the main app path for stage/preview apps. owner is the app creator ("" if not known); the owner of an app holds the configured owner permissions on it without any grant. Returns true without any evaluation when enforcement is not active (see APIEnforced)
func (*RBACManager) AuthorizeAny ¶
AuthorizeAny checks if the user has access to any of the specified custom permissions Used for app level permissions, like actions access
func (*RBACManager) AuthorizeGlobalAPI ¶ added in v0.18.4
func (h *RBACManager) AuthorizeGlobalAPI(ctx context.Context, perm types.RBACPermission, owner string) (bool, error)
AuthorizeGlobalAPI checks a global (non app path) permission like sync:create or binding:read. owner is the creator of the specific entry being operated on ("" when not applicable); the owner holds the configured owner permissions on their entries
func (*RBACManager) AuthorizeInt ¶
func (h *RBACManager) AuthorizeInt(user string, appPathDomain types.AppPathDomain, appAuthSetting string, permission types.RBACPermission, groups []string, isAppLevelPermission bool) (bool, error)
func (*RBACManager) AuthorizeUserPerm ¶ added in v0.18.4
func (h *RBACManager) AuthorizeUserPerm(user string, groups []string, perm types.RBACPermission) (bool, error)
AuthorizeUserPerm evaluates a global permission for the given user and groups directly against this manager's config, without request context. Used for lockout checks when publishing a candidate config
func (*RBACManager) GetAPIPermissions ¶ added in v0.18.4
func (h *RBACManager) GetAPIPermissions(ctx context.Context, target types.AppPathDomain, owner string) ([]string, error)
GetAPIPermissions returns the management API permissions the user holds: app permissions evaluated against target/owner plus the global permissions the user holds. When enforcement is not active, all permissions are returned
func (*RBACManager) GetCustomPermissions ¶
func (h *RBACManager) GetCustomPermissions(ctx context.Context) ([]string, error)
GetCustomPermissions returns the custom permissions for the user on the current app
func (*RBACManager) GetCustomPermissionsInt ¶
func (h *RBACManager) GetCustomPermissionsInt(user string, appPathDomain types.AppPathDomain, appAuthSetting string, groups []string) ([]string, error)
GetCustomPermissions returns the custom permissions set for the user for the given app path domain and app auth setting Values in returned list do not have the custom: prefix
func (*RBACManager) IsAppRBACEnabled ¶
func (h *RBACManager) IsAppRBACEnabled(ctx context.Context) bool
IsAppRBACEnabled checks if the RBAC is enabled for the current app
func (*RBACManager) UpdateRBACConfig ¶
func (h *RBACManager) UpdateRBACConfig(rbacConfig *types.RBACConfig) error