authorization

package
v1.35.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2026 License: BSD-3-Clause Imports: 9 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// CREATE Represents the action to create a new resource.
	CREATE = "C"
	// READ Represents the action to retrieve a resource.
	READ = "R"
	// UPDATE Represents the action to update an existing resource.
	UPDATE = "U"
	// DELETE Represents the action to delete a resource.
	DELETE = "D"

	ROLE_SCOPE_ALL   = "ALL"
	ROLE_SCOPE_MATCH = "MATCH"

	USER_AND_GROUP_ASSIGN_AND_REVOKE = "A"
)
View Source 
const (
	GroupsDomain      = "groups"
	UsersDomain       = "users"
	RolesDomain       = "roles"
	ClusterDomain     = "cluster"
	NodesDomain       = "nodes"
	BackupsDomain     = "backups"
	SchemaDomain      = "schema"
	CollectionsDomain = "collections"
	TenantsDomain     = "tenants"
	DataDomain        = "data"
	ReplicateDomain   = "replicate"
	AliasesDomain     = "aliases"
)

Variables

View Source 
var (
	All = String("*")

	AllBackups = &models.PermissionBackups{
		Collection: All,
	}
	AllData = &models.PermissionData{
		Collection: All,
		Tenant:     All,
		Object:     All,
	}
	AllTenants = &models.PermissionTenants{
		Collection: All,
		Tenant:     All,
	}
	AllNodes = &models.PermissionNodes{
		Verbosity:  String(verbosity.OutputVerbose),
		Collection: All,
	}
	AllOIDCGroups = &models.PermissionGroups{
		Group:     All,
		GroupType: models.GroupTypeOidc,
	}
	AllRoles = &models.PermissionRoles{
		Role:  All,
		Scope: String(models.PermissionRolesScopeAll),
	}
	AllUsers = &models.PermissionUsers{
		Users: All,
	}
	AllCollections = &models.PermissionCollections{
		Collection: All,
	}
	AllReplicate = &models.PermissionReplicate{
		Collection: All,
		Shard:      All,
	}
	AllAliases = &models.PermissionAliases{
		Collection: All,
		Alias:      All,
	}

	ComponentName = "RBAC"

	// Note:  if a new action added, don't forget to add it to availableWeaviateActions
	// to be added to built in roles
	// any action has to contain of `{verb}_{domain}` verb: CREATE, READ, UPDATE, DELETE domain: roles, users, cluster, collections, data
	ReadRoles   = "read_roles"
	CreateRoles = "create_roles"
	UpdateRoles = "update_roles"
	DeleteRoles = "delete_roles"

	ReadCluster = "read_cluster"
	ReadNodes   = "read_nodes"

	AssignAndRevokeGroups = "assign_and_revoke_groups"
	ReadGroups            = "read_groups"

	AssignAndRevokeUsers = "assign_and_revoke_users"
	CreateUsers          = "create_users"
	ReadUsers            = "read_users"
	UpdateUsers          = "update_users"
	DeleteUsers          = "delete_users"

	ManageBackups = "manage_backups"

	CreateCollections = "create_collections"
	ReadCollections   = "read_collections"
	UpdateCollections = "update_collections"
	DeleteCollections = "delete_collections"

	CreateData = "create_data"
	ReadData   = "read_data"
	UpdateData = "update_data"
	DeleteData = "delete_data"

	CreateTenants = "create_tenants"
	ReadTenants   = "read_tenants"
	UpdateTenants = "update_tenants"
	DeleteTenants = "delete_tenants"

	CreateReplicate = "create_replicate"
	ReadReplicate   = "read_replicate"
	UpdateReplicate = "update_replicate"
	DeleteReplicate = "delete_replicate"

	CreateAliases = "create_aliases"
	ReadAliases   = "read_aliases"
	UpdateAliases = "update_aliases"
	DeleteAliases = "delete_aliases"
)
View Source 
var (
	// build-in roles that can be assigned via API
	Viewer = "viewer"
	Admin  = "admin"
	// build-in roles that can be assigned via env vars and cannot be changed via APIS
	Root         = "root"
	ReadOnly     = "read-only"
	BuiltInRoles = []string{Viewer, Admin, Root, ReadOnly}

	// viewer : can view everything , roles, users, schema, data
	// editor : can create/read/update everything , roles, users, schema, data
	// Admin : aka basically super Admin or root
	BuiltInPermissions = map[string][]*models.Permission{
		Viewer:   viewerPermissions(),
		Admin:    adminPermissions(),
		Root:     adminPermissions(),
		ReadOnly: viewerPermissions(),
	}
	EnvVarRoles = []string{ReadOnly, Root}
)

Functions

func Aliases added in v1.32.0 

func Aliases(class string, aliases ...string) []string

func Backups added in v1.28.0 

func Backups(classes ...string) []string

Example outputs: - "backups/*" if the backend is an empty string - "backups/{backend}" for the provided backend

func Cluster added in v1.28.0 

func Cluster() string

Cluster returns a string representing the cluster authorization scope. The returned string is "cluster/*", which can be used to specify that the authorization applies to all resources within the cluster.

func Collections added in v1.28.0 

func Collections(classes ...string) []string

func CollectionsData added in v1.28.0 

func CollectionsData(classes ...string) []string

func CollectionsMetadata added in v1.28.0 

func CollectionsMetadata(classes ...string) []string

CollectionsMetadata generates a list of resource strings for the given classes. If no classes are provided, it returns a default resource string "collections/*". Each class is formatted as "collection/{class}".

Parameters: 

classes - a variadic parameter representing the class names.

Returns: 

A slice of strings representing the resource paths.

func Groups added in v1.32.5 

func Groups(groupType authentication.AuthType, groups ...string) []string

Groups generates a list of user resource strings based on the provided group names. If no group names are provided, it returns a default user resource string "groups/*".

Parameters: 

groups - A variadic parameter representing the group names.

Returns: 

A slice of strings where each string is a formatted user resource string.

func Nodes added in v1.28.0 

func Nodes(verbosity string, classes ...string) []string

func Objects added in v1.27.0 

func Objects(class, shard string, id strfmt.UUID) string

Objects generates a string representing a path to objects within a collection and shard. The path format varies based on the provided class, shard, and id parameters.

Parameters: - class: the class of the collection (string) - shard: the shard identifier (string) - id: the unique identifier of the object (strfmt.UUID)

Returns: - A string representing the path to the objects, with wildcards (*) used for any empty parameters.

Example outputs: - "collections/*/shards/*/objects/*" if all parameters are empty - "collections/*/shards/*/objects/{id}" if only id is provided - "collections/{class}/shards/{shard}/objects/{id}" if all parameters are provided

func Replications added in v1.31.0 

func Replications(class, shard string) string

Replications generates a replication resource string for a given class and shard.

Parameters:

  • class: The class name for the resource. If empty, defaults to "*".
  • shard: The shard name for the resource. If empty, defaults to "*".

Returns: 

A slice of strings representing the resource paths for the given class and shards.

func Roles added in v1.28.0 

func Roles(roles ...string) []string

Roles generates a list of role resource strings based on the provided role names. If no role names are provided, it returns a default role resource string "roles/*".

Parameters: 

roles - A variadic parameter representing the role names.

Returns: 

A slice of strings where each string is a formatted role resource string.

func ShardsData added in v1.28.0 

func ShardsData(class string, shards ...string) []string

func ShardsMetadata added in v1.28.0 

func ShardsMetadata(class string, shards ...string) []string

ShardsMetadata generates a list of shard resource strings for a given class and shards. If the class is an empty string, it defaults to "*". If no shards are provided, it returns a single resource string with a wildcard for shards. If shards are provided, it returns a list of resource strings for each shard.

Parameters:

  • class: The class name for the resource. If empty, defaults to "*".
  • shards: A variadic list of shard names. If empty, it will replace it with '#' to mark it as collection only check

Returns: 

A slice of strings representing the resource paths for the given class and shards.

func String added in v1.28.0 

func String(s string) *string

func Users added in v1.28.0 

func Users(users ...string) []string

Users generates a list of user resource strings based on the provided user names. If no user names are provided, it returns a default user resource string "users/*".

Parameters: 

users - A variadic parameter representing the user names.

Returns: 

A slice of strings where each string is a formatted user resource string.

func VerbWithScope added in v1.28.5 

func VerbWithScope(verb, scope string) string

func WildcardPath added in v1.28.5 

func WildcardPath(resource string) string

WildcardPath returns the appropriate wildcard path based on the domain and original resource path. The domain is expected to be the first part of the resource path.

Types

type Authorizer 

type Authorizer interface {
	Authorize(ctx context.Context, principal *models.Principal, verb string, resources ...string) error
	// AuthorizeSilent Silent authorization without audit logs
	AuthorizeSilent(ctx context.Context, principal *models.Principal, verb string, resources ...string) error
	// FilterAuthorizedResources authorize the passed resources with best effort approach, it will return
	// list of allowed resources, if none, it will return an empty slice
	FilterAuthorizedResources(ctx context.Context, principal *models.Principal, verb string, resources ...string) ([]string, error)
}

Authorizer always makes a yes/no decision on a specific resource. Which authorization technique is used in the background (e.g. RBAC, adminlist, ...) is hidden through this interface

type Controller added in v1.28.0 

type Controller interface {
	UpdateRolesPermissions(roles map[string][]Policy) error
	CreateRolesPermissions(roles map[string][]Policy) error
	GetRoles(names ...string) (map[string][]Policy, error)
	DeleteRoles(roles ...string) error
	AddRolesForUser(user string, roles []string) error
	GetRolesForUserOrGroup(user string, authMethod authentication.AuthType, isGroup bool) (map[string][]Policy, error)
	GetUsersOrGroupForRole(role string, authMethod authentication.AuthType, IsGroup bool) ([]string, error)
	RevokeRolesForUser(user string, roles ...string) error
	RemovePermissions(role string, permissions []*Policy) error
	HasPermission(role string, permission *Policy) (bool, error)
	GetUsersOrGroupsWithRoles(isGroup bool, authMethod authentication.AuthType) ([]string, error)
}

type DummyAuthorizer 

type DummyAuthorizer struct{}

DummyAuthorizer is a pluggable Authorizer which can be used if no specific authorizer is configured. It will allow every auth decision, i.e. it is effectively the same as "no authorization at all"

func (*DummyAuthorizer) Authorize 

func (d *DummyAuthorizer) Authorize(ctx context.Context, principal *models.Principal, verb string, resources ...string) error

Authorize on the DummyAuthorizer will allow any subject access to any resource

func (*DummyAuthorizer) AuthorizeSilent added in v1.28.5 

func (d *DummyAuthorizer) AuthorizeSilent(ctx context.Context, principal *models.Principal, verb string, resources ...string) error

func (*DummyAuthorizer) FilterAuthorizedResources added in v1.28.5 

func (d *DummyAuthorizer) FilterAuthorizedResources(ctx context.Context, principal *models.Principal, verb string, resources ...string) ([]string, error)

type MockAuthorizer added in v1.28.13 

type MockAuthorizer struct {
	mock.Mock
}

MockAuthorizer is an autogenerated mock type for the Authorizer type

func NewMockAuthorizer added in v1.28.13 

func NewMockAuthorizer(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockAuthorizer

NewMockAuthorizer creates a new instance of MockAuthorizer. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockAuthorizer) Authorize added in v1.28.13 

func (_m *MockAuthorizer) Authorize(ctx context.Context, principal *models.Principal, verb string, resources ...string) error

Authorize provides a mock function with given fields: ctx, principal, verb, resources

func (*MockAuthorizer) AuthorizeSilent added in v1.28.13 

func (_m *MockAuthorizer) AuthorizeSilent(ctx context.Context, principal *models.Principal, verb string, resources ...string) error

AuthorizeSilent provides a mock function with given fields: ctx, principal, verb, resources

func (*MockAuthorizer) EXPECT added in v1.28.13 

func (_m *MockAuthorizer) EXPECT() *MockAuthorizer_Expecter

func (*MockAuthorizer) FilterAuthorizedResources added in v1.28.13 

func (_m *MockAuthorizer) FilterAuthorizedResources(ctx context.Context, principal *models.Principal, verb string, resources ...string) ([]string, error)

FilterAuthorizedResources provides a mock function with given fields: ctx, principal, verb, resources

type MockAuthorizer_AuthorizeSilent_Call added in v1.28.13 

type MockAuthorizer_AuthorizeSilent_Call struct {
	*mock.Call
}

MockAuthorizer_AuthorizeSilent_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'AuthorizeSilent'

func (*MockAuthorizer_AuthorizeSilent_Call) Return added in v1.28.13 

func (_c *MockAuthorizer_AuthorizeSilent_Call) Return(_a0 error) *MockAuthorizer_AuthorizeSilent_Call

func (*MockAuthorizer_AuthorizeSilent_Call) Run added in v1.28.13 

func (_c *MockAuthorizer_AuthorizeSilent_Call) Run(run func(ctx context.Context, principal *models.Principal, verb string, resources ...string)) *MockAuthorizer_AuthorizeSilent_Call

func (*MockAuthorizer_AuthorizeSilent_Call) RunAndReturn added in v1.28.13 

func (_c *MockAuthorizer_AuthorizeSilent_Call) RunAndReturn(run func(context.Context, *models.Principal, string, ...string) error) *MockAuthorizer_AuthorizeSilent_Call

type MockAuthorizer_Authorize_Call added in v1.28.13 

type MockAuthorizer_Authorize_Call struct {
	*mock.Call
}

MockAuthorizer_Authorize_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Authorize'

func (*MockAuthorizer_Authorize_Call) Return added in v1.28.13 

func (_c *MockAuthorizer_Authorize_Call) Return(_a0 error) *MockAuthorizer_Authorize_Call

func (*MockAuthorizer_Authorize_Call) Run added in v1.28.13 

func (_c *MockAuthorizer_Authorize_Call) Run(run func(ctx context.Context, principal *models.Principal, verb string, resources ...string)) *MockAuthorizer_Authorize_Call

func (*MockAuthorizer_Authorize_Call) RunAndReturn added in v1.28.13 

func (_c *MockAuthorizer_Authorize_Call) RunAndReturn(run func(context.Context, *models.Principal, string, ...string) error) *MockAuthorizer_Authorize_Call

type MockAuthorizer_Expecter added in v1.28.13 

type MockAuthorizer_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockAuthorizer_Expecter) Authorize added in v1.28.13 

func (_e *MockAuthorizer_Expecter) Authorize(ctx interface{}, principal interface{}, verb interface{}, resources ...interface{}) *MockAuthorizer_Authorize_Call

Authorize is a helper method to define mock.On call

  • ctx context.Context
  • principal *models.Principal
  • verb string
  • resources ...string

func (*MockAuthorizer_Expecter) AuthorizeSilent added in v1.28.13 

func (_e *MockAuthorizer_Expecter) AuthorizeSilent(ctx interface{}, principal interface{}, verb interface{}, resources ...interface{}) *MockAuthorizer_AuthorizeSilent_Call

AuthorizeSilent is a helper method to define mock.On call

  • ctx context.Context
  • principal *models.Principal
  • verb string
  • resources ...string

func (*MockAuthorizer_Expecter) FilterAuthorizedResources added in v1.28.13 

func (_e *MockAuthorizer_Expecter) FilterAuthorizedResources(ctx interface{}, principal interface{}, verb interface{}, resources ...interface{}) *MockAuthorizer_FilterAuthorizedResources_Call

FilterAuthorizedResources is a helper method to define mock.On call

  • ctx context.Context
  • principal *models.Principal
  • verb string
  • resources ...string

type MockAuthorizer_FilterAuthorizedResources_Call added in v1.28.13 

type MockAuthorizer_FilterAuthorizedResources_Call struct {
	*mock.Call
}

MockAuthorizer_FilterAuthorizedResources_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'FilterAuthorizedResources'

func (*MockAuthorizer_FilterAuthorizedResources_Call) Return added in v1.28.13 

func (_c *MockAuthorizer_FilterAuthorizedResources_Call) Return(_a0 []string, _a1 error) *MockAuthorizer_FilterAuthorizedResources_Call

func (*MockAuthorizer_FilterAuthorizedResources_Call) Run added in v1.28.13 

func (_c *MockAuthorizer_FilterAuthorizedResources_Call) Run(run func(ctx context.Context, principal *models.Principal, verb string, resources ...string)) *MockAuthorizer_FilterAuthorizedResources_Call

func (*MockAuthorizer_FilterAuthorizedResources_Call) RunAndReturn added in v1.28.13 

func (_c *MockAuthorizer_FilterAuthorizedResources_Call) RunAndReturn(run func(context.Context, *models.Principal, string, ...string) ([]string, error)) *MockAuthorizer_FilterAuthorizedResources_Call

type MockController added in v1.28.13 

type MockController struct {
	mock.Mock
}

MockController is an autogenerated mock type for the Controller type

func NewMockController added in v1.28.13 

func NewMockController(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockController

NewMockController creates a new instance of MockController. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockController) AddRolesForUser added in v1.28.13 

func (_m *MockController) AddRolesForUser(user string, roles []string) error

AddRolesForUser provides a mock function with given fields: user, roles

func (*MockController) CreateRolesPermissions added in v1.28.13 

func (_m *MockController) CreateRolesPermissions(roles map[string][]Policy) error

CreateRolesPermissions provides a mock function with given fields: roles

func (*MockController) DeleteRoles added in v1.28.13 

func (_m *MockController) DeleteRoles(roles ...string) error

DeleteRoles provides a mock function with given fields: roles

func (*MockController) EXPECT added in v1.28.13 

func (_m *MockController) EXPECT() *MockController_Expecter

func (*MockController) GetRoles added in v1.28.13 

func (_m *MockController) GetRoles(names ...string) (map[string][]Policy, error)

GetRoles provides a mock function with given fields: names

func (*MockController) GetRolesForUserOrGroup added in v1.32.5 

func (_m *MockController) GetRolesForUserOrGroup(user string, authMethod authentication.AuthType, isGroup bool) (map[string][]Policy, error)

GetRolesForUserOrGroup provides a mock function with given fields: user, authMethod, isGroup

func (*MockController) GetUsersOrGroupForRole added in v1.32.5 

func (_m *MockController) GetUsersOrGroupForRole(role string, authMethod authentication.AuthType, IsGroup bool) ([]string, error)

GetUsersOrGroupForRole provides a mock function with given fields: role, authMethod, IsGroup

func (*MockController) GetUsersOrGroupsWithRoles added in v1.32.5 

func (_m *MockController) GetUsersOrGroupsWithRoles(isGroup bool, authMethod authentication.AuthType) ([]string, error)

GetUsersOrGroupsWithRoles provides a mock function with given fields: isGroup, authMethod

func (*MockController) HasPermission added in v1.28.13 

func (_m *MockController) HasPermission(role string, permission *Policy) (bool, error)

HasPermission provides a mock function with given fields: role, permission

func (*MockController) RemovePermissions added in v1.28.13 

func (_m *MockController) RemovePermissions(role string, permissions []*Policy) error

RemovePermissions provides a mock function with given fields: role, permissions

func (*MockController) RevokeRolesForUser added in v1.28.13 

func (_m *MockController) RevokeRolesForUser(user string, roles ...string) error

RevokeRolesForUser provides a mock function with given fields: user, roles

func (*MockController) UpdateRolesPermissions added in v1.28.13 

func (_m *MockController) UpdateRolesPermissions(roles map[string][]Policy) error

UpdateRolesPermissions provides a mock function with given fields: roles

type MockController_AddRolesForUser_Call added in v1.28.13 

type MockController_AddRolesForUser_Call struct {
	*mock.Call
}

MockController_AddRolesForUser_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'AddRolesForUser'

func (*MockController_AddRolesForUser_Call) Return added in v1.28.13 

func (_c *MockController_AddRolesForUser_Call) Return(_a0 error) *MockController_AddRolesForUser_Call

func (*MockController_AddRolesForUser_Call) Run added in v1.28.13 

func (_c *MockController_AddRolesForUser_Call) Run(run func(user string, roles []string)) *MockController_AddRolesForUser_Call

func (*MockController_AddRolesForUser_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_AddRolesForUser_Call) RunAndReturn(run func(string, []string) error) *MockController_AddRolesForUser_Call

type MockController_CreateRolesPermissions_Call added in v1.28.13 

type MockController_CreateRolesPermissions_Call struct {
	*mock.Call
}

MockController_CreateRolesPermissions_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'CreateRolesPermissions'

func (*MockController_CreateRolesPermissions_Call) Return added in v1.28.13 

func (_c *MockController_CreateRolesPermissions_Call) Return(_a0 error) *MockController_CreateRolesPermissions_Call

func (*MockController_CreateRolesPermissions_Call) Run added in v1.28.13 

func (_c *MockController_CreateRolesPermissions_Call) Run(run func(roles map[string][]Policy)) *MockController_CreateRolesPermissions_Call

func (*MockController_CreateRolesPermissions_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_CreateRolesPermissions_Call) RunAndReturn(run func(map[string][]Policy) error) *MockController_CreateRolesPermissions_Call

type MockController_DeleteRoles_Call added in v1.28.13 

type MockController_DeleteRoles_Call struct {
	*mock.Call
}

MockController_DeleteRoles_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DeleteRoles'

func (*MockController_DeleteRoles_Call) Return added in v1.28.13 

func (_c *MockController_DeleteRoles_Call) Return(_a0 error) *MockController_DeleteRoles_Call

func (*MockController_DeleteRoles_Call) Run added in v1.28.13 

func (_c *MockController_DeleteRoles_Call) Run(run func(roles ...string)) *MockController_DeleteRoles_Call

func (*MockController_DeleteRoles_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_DeleteRoles_Call) RunAndReturn(run func(...string) error) *MockController_DeleteRoles_Call

type MockController_Expecter added in v1.28.13 

type MockController_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockController_Expecter) AddRolesForUser added in v1.28.13 

func (_e *MockController_Expecter) AddRolesForUser(user interface{}, roles interface{}) *MockController_AddRolesForUser_Call

AddRolesForUser is a helper method to define mock.On call

  • user string
  • roles []string

func (*MockController_Expecter) CreateRolesPermissions added in v1.28.13 

func (_e *MockController_Expecter) CreateRolesPermissions(roles interface{}) *MockController_CreateRolesPermissions_Call

CreateRolesPermissions is a helper method to define mock.On call

  • roles map[string][]Policy

func (*MockController_Expecter) DeleteRoles added in v1.28.13 

func (_e *MockController_Expecter) DeleteRoles(roles ...interface{}) *MockController_DeleteRoles_Call

DeleteRoles is a helper method to define mock.On call

  • roles ...string

func (*MockController_Expecter) GetRoles added in v1.28.13 

func (_e *MockController_Expecter) GetRoles(names ...interface{}) *MockController_GetRoles_Call

GetRoles is a helper method to define mock.On call

  • names ...string

func (*MockController_Expecter) GetRolesForUserOrGroup added in v1.32.5 

func (_e *MockController_Expecter) GetRolesForUserOrGroup(user interface{}, authMethod interface{}, isGroup interface{}) *MockController_GetRolesForUserOrGroup_Call

GetRolesForUserOrGroup is a helper method to define mock.On call

  • user string
  • authMethod authentication.AuthType
  • isGroup bool

func (*MockController_Expecter) GetUsersOrGroupForRole added in v1.32.5 

func (_e *MockController_Expecter) GetUsersOrGroupForRole(role interface{}, authMethod interface{}, IsGroup interface{}) *MockController_GetUsersOrGroupForRole_Call

GetUsersOrGroupForRole is a helper method to define mock.On call

  • role string
  • authMethod authentication.AuthType
  • IsGroup bool

func (*MockController_Expecter) GetUsersOrGroupsWithRoles added in v1.32.5 

func (_e *MockController_Expecter) GetUsersOrGroupsWithRoles(isGroup interface{}, authMethod interface{}) *MockController_GetUsersOrGroupsWithRoles_Call

GetUsersOrGroupsWithRoles is a helper method to define mock.On call

  • isGroup bool
  • authMethod authentication.AuthType

func (*MockController_Expecter) HasPermission added in v1.28.13 

func (_e *MockController_Expecter) HasPermission(role interface{}, permission interface{}) *MockController_HasPermission_Call

HasPermission is a helper method to define mock.On call

  • role string
  • permission *Policy

func (*MockController_Expecter) RemovePermissions added in v1.28.13 

func (_e *MockController_Expecter) RemovePermissions(role interface{}, permissions interface{}) *MockController_RemovePermissions_Call

RemovePermissions is a helper method to define mock.On call

  • role string
  • permissions []*Policy

func (*MockController_Expecter) RevokeRolesForUser added in v1.28.13 

func (_e *MockController_Expecter) RevokeRolesForUser(user interface{}, roles ...interface{}) *MockController_RevokeRolesForUser_Call

RevokeRolesForUser is a helper method to define mock.On call

  • user string
  • roles ...string

func (*MockController_Expecter) UpdateRolesPermissions added in v1.28.13 

func (_e *MockController_Expecter) UpdateRolesPermissions(roles interface{}) *MockController_UpdateRolesPermissions_Call

UpdateRolesPermissions is a helper method to define mock.On call

  • roles map[string][]Policy

type MockController_GetRolesForUserOrGroup_Call added in v1.32.5 

type MockController_GetRolesForUserOrGroup_Call struct {
	*mock.Call
}

MockController_GetRolesForUserOrGroup_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetRolesForUserOrGroup'

func (*MockController_GetRolesForUserOrGroup_Call) Return added in v1.32.5 

func (_c *MockController_GetRolesForUserOrGroup_Call) Return(_a0 map[string][]Policy, _a1 error) *MockController_GetRolesForUserOrGroup_Call

func (*MockController_GetRolesForUserOrGroup_Call) Run added in v1.32.5 

func (_c *MockController_GetRolesForUserOrGroup_Call) Run(run func(user string, authMethod authentication.AuthType, isGroup bool)) *MockController_GetRolesForUserOrGroup_Call

func (*MockController_GetRolesForUserOrGroup_Call) RunAndReturn added in v1.32.5 

func (_c *MockController_GetRolesForUserOrGroup_Call) RunAndReturn(run func(string, authentication.AuthType, bool) (map[string][]Policy, error)) *MockController_GetRolesForUserOrGroup_Call

type MockController_GetRoles_Call added in v1.28.13 

type MockController_GetRoles_Call struct {
	*mock.Call
}

MockController_GetRoles_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetRoles'

func (*MockController_GetRoles_Call) Return added in v1.28.13 

func (_c *MockController_GetRoles_Call) Return(_a0 map[string][]Policy, _a1 error) *MockController_GetRoles_Call

func (*MockController_GetRoles_Call) Run added in v1.28.13 

func (_c *MockController_GetRoles_Call) Run(run func(names ...string)) *MockController_GetRoles_Call

func (*MockController_GetRoles_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_GetRoles_Call) RunAndReturn(run func(...string) (map[string][]Policy, error)) *MockController_GetRoles_Call

type MockController_GetUsersOrGroupForRole_Call added in v1.32.5 

type MockController_GetUsersOrGroupForRole_Call struct {
	*mock.Call
}

MockController_GetUsersOrGroupForRole_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetUsersOrGroupForRole'

func (*MockController_GetUsersOrGroupForRole_Call) Return added in v1.32.5 

func (_c *MockController_GetUsersOrGroupForRole_Call) Return(_a0 []string, _a1 error) *MockController_GetUsersOrGroupForRole_Call

func (*MockController_GetUsersOrGroupForRole_Call) Run added in v1.32.5 

func (_c *MockController_GetUsersOrGroupForRole_Call) Run(run func(role string, authMethod authentication.AuthType, IsGroup bool)) *MockController_GetUsersOrGroupForRole_Call

func (*MockController_GetUsersOrGroupForRole_Call) RunAndReturn added in v1.32.5 

func (_c *MockController_GetUsersOrGroupForRole_Call) RunAndReturn(run func(string, authentication.AuthType, bool) ([]string, error)) *MockController_GetUsersOrGroupForRole_Call

type MockController_GetUsersOrGroupsWithRoles_Call added in v1.32.5 

type MockController_GetUsersOrGroupsWithRoles_Call struct {
	*mock.Call
}

MockController_GetUsersOrGroupsWithRoles_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetUsersOrGroupsWithRoles'

func (*MockController_GetUsersOrGroupsWithRoles_Call) Return added in v1.32.5 

func (_c *MockController_GetUsersOrGroupsWithRoles_Call) Return(_a0 []string, _a1 error) *MockController_GetUsersOrGroupsWithRoles_Call

func (*MockController_GetUsersOrGroupsWithRoles_Call) Run added in v1.32.5 

func (_c *MockController_GetUsersOrGroupsWithRoles_Call) Run(run func(isGroup bool, authMethod authentication.AuthType)) *MockController_GetUsersOrGroupsWithRoles_Call

func (*MockController_GetUsersOrGroupsWithRoles_Call) RunAndReturn added in v1.32.5 

func (_c *MockController_GetUsersOrGroupsWithRoles_Call) RunAndReturn(run func(bool, authentication.AuthType) ([]string, error)) *MockController_GetUsersOrGroupsWithRoles_Call

type MockController_HasPermission_Call added in v1.28.13 

type MockController_HasPermission_Call struct {
	*mock.Call
}

MockController_HasPermission_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'HasPermission'

func (*MockController_HasPermission_Call) Return added in v1.28.13 

func (_c *MockController_HasPermission_Call) Return(_a0 bool, _a1 error) *MockController_HasPermission_Call

func (*MockController_HasPermission_Call) Run added in v1.28.13 

func (_c *MockController_HasPermission_Call) Run(run func(role string, permission *Policy)) *MockController_HasPermission_Call

func (*MockController_HasPermission_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_HasPermission_Call) RunAndReturn(run func(string, *Policy) (bool, error)) *MockController_HasPermission_Call

type MockController_RemovePermissions_Call added in v1.28.13 

type MockController_RemovePermissions_Call struct {
	*mock.Call
}

MockController_RemovePermissions_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'RemovePermissions'

func (*MockController_RemovePermissions_Call) Return added in v1.28.13 

func (_c *MockController_RemovePermissions_Call) Return(_a0 error) *MockController_RemovePermissions_Call

func (*MockController_RemovePermissions_Call) Run added in v1.28.13 

func (_c *MockController_RemovePermissions_Call) Run(run func(role string, permissions []*Policy)) *MockController_RemovePermissions_Call

func (*MockController_RemovePermissions_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_RemovePermissions_Call) RunAndReturn(run func(string, []*Policy) error) *MockController_RemovePermissions_Call

type MockController_RevokeRolesForUser_Call added in v1.28.13 

type MockController_RevokeRolesForUser_Call struct {
	*mock.Call
}

MockController_RevokeRolesForUser_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'RevokeRolesForUser'

func (*MockController_RevokeRolesForUser_Call) Return added in v1.28.13 

func (_c *MockController_RevokeRolesForUser_Call) Return(_a0 error) *MockController_RevokeRolesForUser_Call

func (*MockController_RevokeRolesForUser_Call) Run added in v1.28.13 

func (_c *MockController_RevokeRolesForUser_Call) Run(run func(user string, roles ...string)) *MockController_RevokeRolesForUser_Call

func (*MockController_RevokeRolesForUser_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_RevokeRolesForUser_Call) RunAndReturn(run func(string, ...string) error) *MockController_RevokeRolesForUser_Call

type MockController_UpdateRolesPermissions_Call added in v1.28.13 

type MockController_UpdateRolesPermissions_Call struct {
	*mock.Call
}

MockController_UpdateRolesPermissions_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'UpdateRolesPermissions'

func (*MockController_UpdateRolesPermissions_Call) Return added in v1.28.13 

func (_c *MockController_UpdateRolesPermissions_Call) Return(_a0 error) *MockController_UpdateRolesPermissions_Call

func (*MockController_UpdateRolesPermissions_Call) Run added in v1.28.13 

func (_c *MockController_UpdateRolesPermissions_Call) Run(run func(roles map[string][]Policy)) *MockController_UpdateRolesPermissions_Call

func (*MockController_UpdateRolesPermissions_Call) RunAndReturn added in v1.28.13 

func (_c *MockController_UpdateRolesPermissions_Call) RunAndReturn(run func(map[string][]Policy) error) *MockController_UpdateRolesPermissions_Call

type Policy added in v1.28.0 

type Policy struct {
	Resource string
	Verb     string
	Domain   string
}

Source Files

View all Source files

Directories

Path Synopsis
rbacconf

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.