security

package

v0.0.0-...-3567eeb Latest Latest Go to latest Published: Feb 17, 2026 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

cnb.cool/zhiqiangwang/swirl

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type Authorizer
- func NewAuthorizer() Authorizer
- func (p Authorizer) Apply(next web.HandlerFunc) web.HandlerFunc
type Identifier
- func NewIdentifier(s *misc.Setting, ub biz.UserBiz, rb biz.RoleBiz, sb biz.SessionBiz) *Identifier
- func (c *Identifier) Apply(next web.HandlerFunc) web.HandlerFunc
- func (c *Identifier) Identify(ctx context.Context, loginName, password string) (identify Identity, err error)
type Identity
type PermMap
- func NewPermMap(perms []string) PermMap
- func (p PermMap) Contains(perm string) bool
type RealmFunc
type TokenExtractor
type User
type UserInfo

Constants ¶

View Source

const ActionBits = 24

View Source

const PkgName = "security"

Variables ¶

View Source

var Actions = map[string]uint64{
	"view":       1,
	"edit":       1 << 1,
	"delete":     1 << 2,
	"disconnect": 1 << 3,
	"restart":    1 << 4,
	"rollback":   1 << 5,
	"logs":       1 << 6,
	"deploy":     1 << 7,
	"shutdown":   1 << 8,
	"execute":    1 << 9,
}

Actions holds all actions requiring authorization. Up to 24 actions are supported. WARN: DO NOT CHANGE VALUES!!!

View Source

var Perms = map[string][]string{
	"registry":  {"view", "edit", "delete"},
	"node":      {"view", "edit", "delete"},
	"network":   {"view", "edit", "delete", "disconnect"},
	"service":   {"view", "edit", "delete", "deploy", "restart", "rollback", "logs"},
	"task":      {"view", "logs"},
	"stack":     {"view", "edit", "delete", "deploy", "shutdown"},
	"config":    {"view", "edit", "delete"},
	"secret":    {"view", "edit", "delete"},
	"image":     {"view", "delete"},
	"container": {"view", "delete", "logs", "execute"},
	"volume":    {"view", "edit", "delete"},
	"user":      {"view", "edit", "delete"},
	"role":      {"view", "edit", "delete"},
	"chart":     {"view", "edit", "delete"},
	"dashboard": {"edit"},
	"event":     {"view"},
	"setting":   {"view", "edit"},
}

View Source

var Resources = map[string]uint64{
	"registry":  1,
	"node":      1 << 1,
	"network":   1 << 2,
	"service":   1 << 3,
	"task":      1 << 4,
	"stack":     1 << 5,
	"config":    1 << 6,
	"secret":    1 << 7,
	"image":     1 << 8,
	"container": 1 << 9,
	"volume":    1 << 10,
	"user":      1 << 11,
	"role":      1 << 12,
	"chart":     1 << 13,
	"dashboard": 1 << 14,
	"event":     1 << 15,
	"setting":   1 << 16,
}

Resources holds all resources requiring authorization. Up to 40 resources are supported. WARN: DO NOT CHANGE VALUES!!!

Functions ¶

This section is empty.

Types ¶

type Authorizer ¶

type Authorizer struct {
}

func NewAuthorizer ¶

func NewAuthorizer() Authorizer

func (Authorizer) Apply ¶

func (p Authorizer) Apply(next web.HandlerFunc) web.HandlerFunc

Apply implements `web.Filter` interface.

type Identifier ¶

type Identifier struct {
	// contains filtered or unexported fields
}

Identifier identifies the user.

func NewIdentifier ¶

func NewIdentifier(s *misc.Setting, ub biz.UserBiz, rb biz.RoleBiz, sb biz.SessionBiz) *Identifier

func (*Identifier) Apply ¶

func (c *Identifier) Apply(next web.HandlerFunc) web.HandlerFunc

func (*Identifier) Identify ¶

func (c *Identifier) Identify(ctx context.Context, loginName, password string) (identify Identity, err error)

type Identity ¶

type Identity interface {
	ID() string
	Name() string
	Anonymous() bool
	Token() string
	Perms() []string
}

type PermMap ¶

type PermMap uint64

func NewPermMap ¶

func NewPermMap(perms []string) PermMap

func (PermMap) Contains ¶

func (p PermMap) Contains(perm string) bool

type RealmFunc ¶

type RealmFunc func(ctx context.Context, u *biz.UserPrivacy, loginName, password string) (security.User, error)

type TokenExtractor ¶

type TokenExtractor func(ctx web.Context) string

type User ¶

type User struct {
	// contains filtered or unexported fields
}

func (*User) Anonymous ¶

func (u *User) Anonymous() bool

func (*User) ID ¶

func (u *User) ID() string

func (*User) Name ¶

func (u *User) Name() string

func (*User) Token ¶

func (u *User) Token() string

type UserInfo ¶

type UserInfo struct {
	// contains filtered or unexported fields
}

func (*UserInfo) Anonymous ¶

func (u *UserInfo) Anonymous() bool

func (*UserInfo) ID ¶

func (u *UserInfo) ID() string

func (*UserInfo) Name ¶

func (u *UserInfo) Name() string

func (*UserInfo) Perms ¶

func (u *UserInfo) Perms() []string

func (*UserInfo) Token ¶

func (u *UserInfo) Token() string

Source Files ¶

auth.go
perm.go
security.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL