var enableFlagKey …
var authEnabled …
var authDisabled …
var revisionKey …
var ErrRootUserNotExist …
var ErrRootRoleNotExist …
var ErrUserAlreadyExist …
var ErrUserEmpty …
var ErrUserNotFound …
var ErrRoleAlreadyExist …
var ErrRoleNotFound …
var ErrRoleEmpty …
var ErrPermissionNotGiven …
var ErrAuthFailed …
var ErrNoPasswordUser …
var ErrPermissionDenied …
var ErrRoleNotGranted …
var ErrPermissionNotGranted …
var ErrAuthNotEnabled …
var ErrAuthOldRevision …
var ErrInvalidAuthToken …
var ErrInvalidAuthOpts …
var ErrInvalidAuthMgmt …
var ErrInvalidAuthMethod …
var ErrMissingKey …
var ErrKeyMismatch …
var ErrVerifyOnly …
const rootUser …
const rootRole …
const tokenTypeSimple …
const tokenTypeJWT …
const revBytesLen …
type AuthInfo …
type AuthenticateParamIndex …
type AuthenticateParamSimpleTokenPrefix …
type AuthStore …
type TokenProvider …
type authStore …
func (as *authStore) AuthEnable() error { … }
func (as *authStore) AuthDisable() { … }
func (as *authStore) Close() error { … }
func (as *authStore) Authenticate(ctx context.Context, username, password string) (*pb.AuthenticateResponse, error) { … }
func (as *authStore) CheckPassword(username, password string) (uint64, error) { … }
func (as *authStore) Recover(be backend.Backend) { … }
func (as *authStore) selectPassword(password string, hashedPassword string) ([]byte, error) { … }
func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) { … }
func (as *authStore) UserDelete(r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error) { … }
func (as *authStore) UserChangePassword(r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error) { … }
func (as *authStore) UserGrantRole(r *pb.AuthUserGrantRoleRequest) (*pb.AuthUserGrantRoleResponse, error) { … }
func (as *authStore) UserGet(r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error) { … }
func (as *authStore) UserList(r *pb.AuthUserListRequest) (*pb.AuthUserListResponse, error) { … }
func (as *authStore) UserRevokeRole(r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error) { … }
func (as *authStore) RoleGet(r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error) { … }
func (as *authStore) RoleList(r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error) { … }
func (as *authStore) RoleRevokePermission(r *pb.AuthRoleRevokePermissionRequest) (*pb.AuthRoleRevokePermissionResponse, error) { … }
func (as *authStore) RoleDelete(r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error) { … }
func (as *authStore) RoleAdd(r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error) { … }
func (as *authStore) authInfoFromToken(ctx context.Context, token string) (*AuthInfo, bool) { … }
type permSlice …
func (perms permSlice) Len() int { … }
func (perms permSlice) Less(i, j int) bool { … }
func (perms permSlice) Swap(i, j int) { … }
func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) (*pb.AuthRoleGrantPermissionResponse, error) { … }
func (as *authStore) isOpPermitted(userName string, revision uint64, key, rangeEnd []byte, permTyp authpb.Permission_Type) error { … }
func (as *authStore) IsPutPermitted(authInfo *AuthInfo, key []byte) error { … }
func (as *authStore) IsRangePermitted(authInfo *AuthInfo, key, rangeEnd []byte) error { … }
func (as *authStore) IsDeleteRangePermitted(authInfo *AuthInfo, key, rangeEnd []byte) error { … }
func (as *authStore) IsAdminPermitted(authInfo *AuthInfo) error { … }
func getUser(lg *zap.Logger, tx backend.ReadTx, username string) *authpb.User { … }
func getAllUsers(lg *zap.Logger, tx backend.ReadTx) []*authpb.User { … }
func putUser(lg *zap.Logger, tx backend.BatchTx, user *authpb.User) { … }
func delUser(tx backend.BatchTx, username string) { … }
func getRole(lg *zap.Logger, tx backend.ReadTx, rolename string) *authpb.Role { … }
func getAllRoles(lg *zap.Logger, tx backend.ReadTx) []*authpb.Role { … }
func putRole(lg *zap.Logger, tx backend.BatchTx, role *authpb.Role) { … }
func delRole(tx backend.BatchTx, rolename string) { … }
func (as *authStore) IsAuthEnabled() bool { … }
func NewAuthStore(lg *zap.Logger, be backend.Backend, tp TokenProvider, bcryptCost int) *authStore { … }
func hasRootRole(u *authpb.User) bool { … }
func (as *authStore) commitRevision(tx backend.BatchTx) { … }
func getRevision(tx backend.ReadTx) uint64 { … }
func (as *authStore) setRevision(rev uint64) { … }
func (as *authStore) Revision() uint64 { … }
func (as *authStore) AuthInfoFromTLS(ctx context.Context) (ai *AuthInfo) { … }
func (as *authStore) AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error) { … }
func (as *authStore) GenTokenPrefix() (string, error) { … }
func decomposeOpts(lg *zap.Logger, optstr string) (string, map[string]string, error) { … }
func NewTokenProvider(
lg *zap.Logger,
tokenOpts string,
indexWaiter func(uint64) <-chan struct{ … }
func (as *authStore) WithRoot(ctx context.Context) context.Context { … }
func (as *authStore) HasRole(user, role string) bool { … }
func (as *authStore) BcryptCost() int { … }
func (as *authStore) setupMetricsReporter() { … }