package auth
import "github.com/coreos/etcd/etcdserver/auth"
Package auth implements etcd authentication.
Index ¶
- Constants
- type Error
- type PasswordStore
- type Permissions
- func (p Permissions) Grant(n *Permissions) (Permissions, error)
- func (p *Permissions) IsEmpty() bool
- func (p Permissions) Revoke(n *Permissions) (Permissions, error)
- type RWPermission
- func (rw RWPermission) Grant(n RWPermission) (RWPermission, error)
- func (rw RWPermission) HasAccess(key string, write bool) bool
- func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool
- func (rw RWPermission) Revoke(n RWPermission) (RWPermission, error)
- type Role
- func (r Role) HasKeyAccess(key string, write bool) bool
- func (r Role) HasRecursiveAccess(key string, write bool) bool
- type Store
- type User
Constants ¶
const ( // StorePermsPrefix is the internal prefix of the storage layer dedicated to storing user data. StorePermsPrefix = "/2" // RootRoleName is the name of the ROOT role, with privileges to manage the cluster. RootRoleName = "root" // GuestRoleName is the name of the role that defines the privileges of an unauthenticated user. GuestRoleName = "guest" )
Types ¶
type Error ¶
func (Error) Error ¶
func (Error) HTTPStatus ¶
type PasswordStore ¶
type PasswordStore interface {
CheckPassword(user User, password string) bool
HashPassword(password string) (string, error)
}
type Permissions ¶
type Permissions struct {
KV RWPermission `json:"kv"`
}
func (Permissions) Grant ¶
func (p Permissions) Grant(n *Permissions) (Permissions, error)
Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.
func (*Permissions) IsEmpty ¶
func (p *Permissions) IsEmpty() bool
func (Permissions) Revoke ¶
func (p Permissions) Revoke(n *Permissions) (Permissions, error)
Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.
type RWPermission ¶
func (RWPermission) Grant ¶
func (rw RWPermission) Grant(n RWPermission) (RWPermission, error)
Grant adds a set of permissions to the permission object on which it is called, returning a new permission object.
func (RWPermission) HasAccess ¶
func (rw RWPermission) HasAccess(key string, write bool) bool
func (RWPermission) HasRecursiveAccess ¶
func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool
func (RWPermission) Revoke ¶
func (rw RWPermission) Revoke(n RWPermission) (RWPermission, error)
Revoke removes a set of permissions to the permission object on which it is called, returning a new permission object.
type Role ¶
type Role struct {
Role string `json:"role"`
Permissions Permissions `json:"permissions"`
Grant *Permissions `json:"grant,omitempty"`
Revoke *Permissions `json:"revoke,omitempty"`
}
func (Role) HasKeyAccess ¶
func (Role) HasRecursiveAccess ¶
type Store ¶
type Store interface {
AllUsers() ([]string, error)
GetUser(name string) (User, error)
CreateOrUpdateUser(user User) (out User, created bool, err error)
CreateUser(user User) (User, error)
DeleteUser(name string) error
UpdateUser(user User) (User, error)
AllRoles() ([]string, error)
GetRole(name string) (Role, error)
CreateRole(role Role) error
DeleteRole(name string) error
UpdateRole(role Role) (Role, error)
AuthEnabled() bool
EnableAuth() error
DisableAuth() error
PasswordStore
}
func NewStore ¶
type User ¶
type User struct {
User string `json:"user"`
Password string `json:"password,omitempty"`
Roles []string `json:"roles"`
Grant []string `json:"grant,omitempty"`
Revoke []string `json:"revoke,omitempty"`
}
Source Files ¶
- Version
- v2.3.8+incompatible (latest)
- Published
- Feb 16, 2017
- Platform
- linux/amd64
- Imports
- 15 packages
- Last checked
- 1 week ago –
Tools for package owners.