const StorePermsPrefix … const RootRoleName … const GuestRoleName … var rootRole … var guestRole … type doer … type Store … type PasswordStore … type store … type User … type Role … type Permissions … func (p *Permissions) IsEmpty() bool { … } type RWPermission … type Error … func (ae Error) Error() string { … } func (ae Error) HTTPStatus() int { … } func authErr(hs int, s string, v ...interface{ … } func NewStore(lg *zap.Logger, server doer, timeout time.Duration) Store { … } type passwordStore … func (passwordStore) CheckPassword(user User, password string) bool { … } func (passwordStore) HashPassword(password string) (string, error) { … } func (s *store) AllUsers() ([]string, error) { … } func (s *store) GetUser(name string) (User, error) { … } // CreateOrUpdateUser should be only used for creating the new user or when you are not // sure if it is a create or update. (When only password is passed in, we are not sure // if it is a update or create) func (s *store) CreateOrUpdateUser(user User) (out User, created bool, err error) { … } func (s *store) CreateUser(user User) (User, error) { … } func (s *store) createUserInternal(user User) (User, error) { … } func (s *store) DeleteUser(name string) error { … } func (s *store) UpdateUser(user User) (User, error) { … } func (s *store) AllRoles() ([]string, error) { … } func (s *store) GetRole(name string) (Role, error) { … } func (s *store) CreateRole(role Role) error { … } func (s *store) DeleteRole(name string) error { … } func (s *store) UpdateRole(role Role) (Role, error) { … } func (s *store) AuthEnabled() bool { … } func (s *store) EnableAuth() error { … } func (s *store) DisableAuth() error { … } // merge applies the properties of the passed-in User to the User on which it // is called and returns a new User with these modifications applied. Think of // all Users as immutable sets of data. Merge allows you to perform the set // operations (desired grants and revokes) atomically func (ou User) merge(lg *zap.Logger, nu User, s PasswordStore) (User, error) { … } // merge for a role works the same as User above -- atomic Role application to // each of the substructures. func (r Role) merge(lg *zap.Logger, n Role) (Role, error) { … } func (r Role) HasKeyAccess(key string, write bool) bool { … } func (r Role) HasRecursiveAccess(key string, write bool) bool { … } // Grant adds a set of permissions to the permission object on which it is called, // returning a new permission object. func (p Permissions) Grant(n *Permissions) (Permissions, error) { … } // Revoke removes a set of permissions to the permission object on which it is called, // returning a new permission object. func (p Permissions) Revoke(lg *zap.Logger, n *Permissions) (Permissions, error) { … } // Grant adds a set of permissions to the permission object on which it is called, // returning a new permission object. func (rw RWPermission) Grant(n RWPermission) (RWPermission, error) { … } // Revoke removes a set of permissions to the permission object on which it is called, // returning a new permission object. func (rw RWPermission) Revoke(lg *zap.Logger, n RWPermission) (RWPermission, error) { … } func (rw RWPermission) HasAccess(key string, write bool) bool { … } func (rw RWPermission) HasRecursiveAccess(key string, write bool) bool { … } func simpleMatch(pattern string, key string) (match bool, err error) { … } func prefixMatch(pattern string, key string) (match bool, err error) { … } func attachRootRole(u User) User { … } func (s *store) getUser(name string, quorum bool) (User, error) { … } func (s *store) getRole(name string, quorum bool) (Role, error) { … }
Codebase Browser
kubernetes