Documentation
¶
Index ¶
- Constants
- func Cleanup(ctx context.Context, t *testing.T, am *AuthzManager, checkCount bool)
- func DoTestRoles(ctx context.Context, t *testing.T, am *AuthzManager, testRoleNames []string, ...)
- func InitRoles(ctx context.Context, t *testing.T, am *AuthzManager) int
- func VerifyResourcePermissions(ctx context.Context, t *testing.T, am *AuthzManager, ...)
- type AuthzManager
- func (am *AuthzManager) AddPermission(ctx context.Context, ref types.ManagedObjectReference, resourceType int8, ...) (*ResourcePermission, error)
- func (am *AuthzManager) CreateRoles(ctx context.Context) (int, error)
- func (am *AuthzManager) DeleteRoles(ctx context.Context) (int, error)
- func (am *AuthzManager) GetPermissions(ctx context.Context, ref types.ManagedObjectReference) ([]types.Permission, error)
- func (am *AuthzManager) InitConfig(principal string, rolePrefix string, config *Config)
- func (am *AuthzManager) IsPrincipalAnAdministrator(ctx context.Context) (bool, error)
- func (am *AuthzManager) PrincipalBelongsToGroup(ctx context.Context, group string) (bool, error)
- func (am *AuthzManager) PrincipalHasRole(ctx context.Context, roleName string) (bool, error)
- func (am *AuthzManager) ReadPermsOnDC(ctx context.Context, dcRef types.ManagedObjectReference) (bool, error)
- func (am *AuthzManager) RoleList(ctx context.Context) (object.AuthorizationRoleList, error)
- type Config
- type NameToRef
- type Resource
- type ResourcePermission
Constants ¶
View Source
const ( VCenter = iota DatacenterReadOnly Datacenter Cluster DatastoreFolder Datastore VSANDatastore Network Endpoint )
Variables ¶
This section is empty.
Functions ¶
func DoTestRoles ¶
func VerifyResourcePermissions ¶
func VerifyResourcePermissions(ctx context.Context, t *testing.T, am *AuthzManager, retPerms []ResourcePermission)
Types ¶
type AuthzManager ¶
type AuthzManager struct {
TargetRoles []types.AuthorizationRole
RolePrefix string
Principal string
Config *Config
// contains filtered or unexported fields
}
func NewAuthzManager ¶
func NewAuthzManager(ctx context.Context, client *vim25.Client) *AuthzManager
func (*AuthzManager) AddPermission ¶
func (am *AuthzManager) AddPermission(ctx context.Context, ref types.ManagedObjectReference, resourceType int8, isGroup bool) (*ResourcePermission, error)
func (*AuthzManager) CreateRoles ¶
func (am *AuthzManager) CreateRoles(ctx context.Context) (int, error)
func (*AuthzManager) DeleteRoles ¶
func (am *AuthzManager) DeleteRoles(ctx context.Context) (int, error)
func (*AuthzManager) GetPermissions ¶
func (am *AuthzManager) GetPermissions(ctx context.Context, ref types.ManagedObjectReference) ([]types.Permission, error)
func (*AuthzManager) InitConfig ¶
func (am *AuthzManager) InitConfig(principal string, rolePrefix string, config *Config)
func (*AuthzManager) IsPrincipalAnAdministrator ¶
func (am *AuthzManager) IsPrincipalAnAdministrator(ctx context.Context) (bool, error)
func (*AuthzManager) PrincipalBelongsToGroup ¶
func (*AuthzManager) PrincipalHasRole ¶
func (*AuthzManager) ReadPermsOnDC ¶
func (am *AuthzManager) ReadPermsOnDC(ctx context.Context, dcRef types.ManagedObjectReference) (bool, error)
ReadPermsOnDC returns true if the user (principal) in the AuthzManager has at least read permissions on the input datacenter ref, false otherwise.
func (*AuthzManager) RoleList ¶
func (am *AuthzManager) RoleList(ctx context.Context) (object.AuthorizationRoleList, error)
type NameToRef ¶
type NameToRef map[string]types.ManagedObjectReference
type Resource ¶
type Resource struct {
Type int8
Propagate bool
Role types.AuthorizationRole
}
type ResourcePermission ¶
type ResourcePermission struct {
RType int8
Reference types.ManagedObjectReference
Permission types.Permission
}
Source Files
¶
- rbac.go
- rbac_test_util.go
Click to show internal directories.
Click to hide internal directories.