Documentation
¶
Overview ¶
Package dbauthz provides an authorization layer on top of the database. This package exposes an interface that is currently a 1:1 mapping with database.Store.
The same cultural rules apply to this package as they do to database.Store. Meaning that each method implemented should keep the number of database queries as close to 1 as possible. Each method should do 1 thing, with no unexpected side effects (eg: updating multiple tables in a single method).
Do not implement business logic in this package. Only authorization related logic should be implemented here. In most cases, this should only be a call to the rbac authorizer.
When a new database method is added to database.Store, it should be added to this package as well. The unit test "Accounting" will ensure all methods are tested. See other unit tests for examples on how to write these.
Index ¶
- Variables
- func ActorFromContext(ctx context.Context) (rbac.Subject, bool)
- func As(ctx context.Context, actor rbac.Subject) context.Context
- func AsAutostart(ctx context.Context) context.Context
- func AsHangDetector(ctx context.Context) context.Context
- func AsKeyReader(ctx context.Context) context.Context
- func AsKeyRotator(ctx context.Context) context.Context
- func AsNotifier(ctx context.Context) context.Context
- func AsProvisionerd(ctx context.Context) context.Context
- func AsResourceMonitor(ctx context.Context) context.Context
- func AsSystemReadProvisionerDaemons(ctx context.Context) context.Context
- func AsSystemRestricted(ctx context.Context) context.Context
- func IsNotAuthorizedError(err error) bool
- func New(db database.Store, authorizer rbac.Authorizer, logger slog.Logger, ...) database.Store
- type AGPLTemplateAccessControlStore
- type AccessControlStore
- type NotAuthorizedError
- type TemplateAccessControl
Constants ¶
This section is empty.
Variables ¶
var AsRemoveActor = rbac.Subject{
ID: "remove-actor",
}
var ErrNoActor = xerrors.Errorf("no authorization actor in context")
ErrNoActor is returned if no actor is present in the context.
Functions ¶
func ActorFromContext ¶
ActorFromContext returns the authorization subject from the context. All authentication flows should set the authorization subject in the context. If no actor is present, the function returns false.
func As ¶
As returns a context with the given actor stored in the context. This is used for cases where the actor touching the database is not the actor stored in the context. When you use this function, be sure to add a //nolint comment explaining why it is necessary.
func AsAutostart ¶
AsAutostart returns a context with an actor that has permissions required for autostart to function.
func AsHangDetector ¶
AsHangDetector returns a context with an actor that has permissions required for unhanger.Detector to function.
func AsKeyReader ¶ added in v2.17.0
AsKeyReader returns a context with an actor that has permissions required for reading crypto keys.
func AsKeyRotator ¶ added in v2.17.0
AsKeyRotator returns a context with an actor that has permissions required for rotating crypto keys.
func AsNotifier ¶ added in v2.18.0
AsNotifier returns a context with an actor that has permissions required for creating/reading/updating/deleting notifications.
func AsProvisionerd ¶
AsProvisionerd returns a context with an actor that has permissions required for provisionerd to function.
func AsResourceMonitor ¶ added in v2.20.0
AsResourceMonitor returns a context with an actor that has permissions required for updating resource monitors.
func AsSystemReadProvisionerDaemons ¶ added in v2.18.1
AsSystemReadProvisionerDaemons returns a context with an actor that has permissions to read provisioner daemons.
func AsSystemRestricted ¶
AsSystemRestricted returns a context with an actor that has permissions required for various system operations (login, logout, metrics cache).
func IsNotAuthorizedError ¶
Types ¶
type AGPLTemplateAccessControlStore ¶ added in v2.3.2
type AGPLTemplateAccessControlStore struct{}
AGPLTemplateAccessControlStore always returns the defaults for access control settings.
func (AGPLTemplateAccessControlStore) GetTemplateAccessControl ¶ added in v2.3.2
func (AGPLTemplateAccessControlStore) GetTemplateAccessControl(t database.Template) TemplateAccessControl
func (AGPLTemplateAccessControlStore) SetTemplateAccessControl ¶ added in v2.3.2
func (AGPLTemplateAccessControlStore) SetTemplateAccessControl(ctx context.Context, store database.Store, id uuid.UUID, opts TemplateAccessControl) error
type AccessControlStore ¶ added in v2.3.2
type AccessControlStore interface {
GetTemplateAccessControl(t database.Template) TemplateAccessControl
SetTemplateAccessControl(ctx context.Context, store database.Store, id uuid.UUID, opts TemplateAccessControl) error
}
AccessControlStore fetches access control-related configuration that is used when determining whether an actor is authorized to interact with an RBAC object.
type NotAuthorizedError ¶
type NotAuthorizedError struct {
Err error
}
NotAuthorizedError is a sentinel error that unwraps to sql.ErrNoRows. This allows the internal error to be read by the caller if needed. Otherwise it will be handled as a 404.
func (NotAuthorizedError) Error ¶
func (e NotAuthorizedError) Error() string
func (NotAuthorizedError) IsUnauthorized ¶ added in v2.1.5
func (NotAuthorizedError) IsUnauthorized() bool
IsUnauthorized implements the IsUnauthorized interface.
func (NotAuthorizedError) Unwrap ¶
func (e NotAuthorizedError) Unwrap() error
Unwrap will always unwrap to a sql.ErrNoRows so the API returns a 404. So 'errors.Is(err, sql.ErrNoRows)' will always be true.
type TemplateAccessControl ¶ added in v2.3.2
func (TemplateAccessControl) IsDeprecated ¶ added in v2.5.0
func (t TemplateAccessControl) IsDeprecated() bool
Source Files