README
¶
github.com/superfly/macaroon/flyio
This package contains fly.io-specific caveats.
Documentation
¶
Index ¶
- Constants
- Variables
- func AppScope(cs *macaroon.CaveatSet) []uint64
- func AppsAllowing(cs *macaroon.CaveatSet, action resset.Action) (uint64, []uint64, error)
- func ClusterScope(cs *macaroon.CaveatSet) []string
- func DangerousUserID(cs *macaroon.CaveatSet) (uint64, error)
- func DischargeClient(opts ...tp.ClientOption) *tp.Client
- func OrganizationScope(cs *macaroon.CaveatSet) (uint64, error)
- func ParsePermissionAndDischargeTokens(header string) ([]byte, [][]byte, error)
- type Access
- func (a *Access) GetAction() resset.Action
- func (a *Access) GetAppID() *uint64
- func (a *Access) GetCluster() *string
- func (a *Access) GetCommand() []string
- func (a *Access) GetFeature() *string
- func (a *Access) GetMachine() *string
- func (a *Access) GetMachineFeature() *string
- func (a *Access) GetMutation() *string
- func (a *Access) GetOrgID() *uint64
- func (a *Access) GetSourceMachine() *string
- func (a *Access) GetVolume() *string
- func (a *Access) Now() time.Time
- func (f *Access) Validate() error
- type AppIDGetter
- type Apps
- type ClusterGetter
- type Clusters
- type Command
- type CommandGetter
- type Commands
- type FeatureGetter
- type FeatureSet
- type FromMachine
- type IsUser
- type MachineFeatureGetter
- type MachineFeatureSet
- type MachineGetter
- type Machines
- type MutationGetter
- type Mutations
- type NoAdminFeatures
- type OrgIDGetter
- type Organization
- type SourceMachineGetter
- type VolumeGetter
- type Volumes
Constants ¶
const ( CavOrganization = macaroon.CavFlyioOrganization CavVolumes = macaroon.CavFlyioVolumes CavApps = macaroon.CavFlyioApps CavFeatureSet = macaroon.CavFlyioFeatureSet CavMutations = macaroon.CavFlyioMutations CavMachines = macaroon.CavFlyioMachines CavIsUser = macaroon.CavFlyioIsUser CavMachineFeatureSet = macaroon.CavFlyioMachineFeatureSet CavFromMachineSource = macaroon.CavFlyioFromMachineSource CavClusters = macaroon.CavFlyioClusters CavNoAdminFeatures = macaroon.CavNoAdminFeatures CavCommands = macaroon.CavFlyioCommands )
const ( FeatureWireGuard = "wg" FeatureDomains = "domain" FeatureSites = "site" FeatureRemoteBuilders = "builder" FeatureAddOns = "addon" FeatureChecks = "checks" FeatureLFSC = "litefs-cloud" FeatureMembership = "membership" FeatureBilling = "billing" FeatureDeletion = "deletion" FeatureDocumentSigning = "document_signing" FeatureAuthentication = "authentication" )
const ( // well-known locations LocationPermission = "https://api.fly.io/v1" LocationAuthentication = "https://api.fly.io/aaa/v1" LocationSecrets = "https://api.fly.io/secrets/v1" )
Variables ¶
var ( MemberFeatures = map[string]resset.Action{ FeatureWireGuard: resset.ActionAll, FeatureDomains: resset.ActionAll, FeatureSites: resset.ActionAll, FeatureRemoteBuilders: resset.ActionAll, FeatureAddOns: resset.ActionAll, FeatureChecks: resset.ActionAll, FeatureLFSC: resset.ActionAll, FeatureMembership: resset.ActionRead, FeatureBilling: resset.ActionRead, FeatureAuthentication: resset.ActionRead, FeatureDeletion: resset.ActionNone, FeatureDocumentSigning: resset.ActionNone, } )
Functions ¶
func AppScope ¶ added in v0.2.6
AppScope finds the IDs of the apps that application queries should be scoped to. This doesn't imply any specific access to the apps, since it disregards caveats requiring specific child/sibling resources and doesn't check for any level of access.
func AppsAllowing ¶ added in v0.2.6
WARNING: it is the caller's responsibility to ensure that apps actually belong to the organization before completing an operation for the user!
AppsAllowing gets the set of apps that allow the specified action. An organization ID and a slice of app IDs are returned. A nil slice means that the action is allowed on any org-owned app, which an empty slice (which won't be returned without an accompanying error) means that the action isn't allowed on any apps.
func ClusterScope ¶ added in v0.2.6
ClusterScope finds the IDs of the clusters that clusters queries should be scoped to. This doesn't imply any specific access to the clusters , since it disregards caveats requiring specific child/sibling resources and doesn't check for any level of access.
func DangerousUserID ¶ added in v0.2.8
DangerousUserID iterates over the caveats to determine the associated user ID. This identity should only be used for logging and auditing. It should not be used for making authorization decisions.
func DischargeClient ¶ added in v0.2.0
func DischargeClient(opts ...tp.ClientOption) *tp.Client
DischargeClient returns a *tp.Client suitable for discharging third party caveats in fly.io permission tokens.
func OrganizationScope ¶ added in v0.2.6
OrganizationScope finds the ID of the organization that application queries should be scoped to. This doesn't imply any specific access to the organization, since it disregards caveats requiring specific child resources and doesn't check for any level of access.
Types ¶
type Access ¶
type Access struct {
Action resset.Action `json:"action,omitempty"`
OrgID *uint64 `json:"orgid,omitempty"`
AppID *uint64 `json:"appid,omitempty"`
Feature *string `json:"feature,omitempty"`
Volume *string `json:"volume,omitempty"`
Machine *string `json:"machine,omitempty"`
MachineFeature *string `json:"machine_feature,omitempty"`
Mutation *string `json:"mutation,omitempty"`
SourceMachine *string `json:"sourceMachine,omitempty"`
Cluster *string `json:"cluster,omitempty"`
Command []string `json:"command,omitempty"`
}
func (*Access) GetCluster ¶ added in v0.2.11
GetCluster implements ClusterGetter.
func (*Access) GetCommand ¶ added in v0.2.13
GetCommand implements CommandGetter.
func (*Access) GetFeature ¶ added in v0.2.11
GetFeature implements FeatureGetter.
func (*Access) GetMachine ¶ added in v0.2.11
GetMachine implements MachineGetter.
func (*Access) GetMachineFeature ¶ added in v0.2.11
GetMachineFeature implements MachineFeatureGetter.
func (*Access) GetMutation ¶ added in v0.2.11
GetMutation implements MutationGetter.
func (*Access) GetSourceMachine ¶ added in v0.2.11
GetSourceMachine implements SourceMachineGetter.
func (*Access) Validate ¶
validate checks that the Access has sensible values set. This consists of ensuring that parent-resources are specified when child-resources are present (e.g. machine requires app requires org) and ensuring that multiple child resources aren't specified for a single parent resource (e.g. machine and volume are mutually exclusive).
This ensure that a Access represents a single action taken on a single object.
type AppIDGetter ¶ added in v0.2.11
AppIDGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Apps ¶
type Apps struct {
Apps resset.ResourceSet[uint64] `json:"apps"`
}
Apps is a set of App caveats, with their RWX access levels. A token with this set can be used only with the listed apps, regardless of what the token says. Additional Apps can be added, but they can only narrow, not expand, which apps (or access levels) can be reached from the token.
func (*Apps) CaveatType ¶
func (c *Apps) CaveatType() macaroon.CaveatType
type ClusterGetter ¶ added in v0.2.11
ClusterGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Clusters ¶
type Clusters struct {
Clusters resset.ResourceSet[string] `json:"clusters"`
}
Clusters is a set of Cluster caveats, with their RWX access levels. Clusters belong to the "litefs-cloud" org-feature.
func (*Clusters) CaveatType ¶
func (c *Clusters) CaveatType() macaroon.CaveatType
type Command ¶ added in v0.2.13
Command is a single command to allow. The zero value allows any command. If exact is true, the args must match exactly. Otherwise the args must match the prefix of the command being executed.
type CommandGetter ¶ added in v0.2.13
CommandGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Commands ¶ added in v0.2.13
type Commands []Command
Commands is a list of commands allowed by this token. The zero value rejects any command.
func (*Commands) CaveatType ¶ added in v0.2.13
func (c *Commands) CaveatType() macaroon.CaveatType
type FeatureGetter ¶ added in v0.2.11
FeatureGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type FeatureSet ¶
type FeatureSet struct {
Features resset.ResourceSet[string] `json:"features"`
}
FeatureSet is a collection of organization-level "features" that are managed as single units. For example, the ability to manage wireguard networks is gated by the "wg" feature, though you could conceptually gate access to them individually with a Networks caveat. The feature name is free-form and more should be addded as it makes sense.
func (*FeatureSet) CaveatType ¶
func (c *FeatureSet) CaveatType() macaroon.CaveatType
func (*FeatureSet) Name ¶ added in v0.0.5
func (c *FeatureSet) Name() string
type FromMachine ¶
type FromMachine struct {
ID string `json:"id"`
}
func (*FromMachine) CaveatType ¶
func (c *FromMachine) CaveatType() macaroon.CaveatType
func (*FromMachine) Name ¶ added in v0.0.5
func (c *FromMachine) Name() string
type IsUser ¶
type IsUser struct {
ID uint64 `json:"uint64"`
}
deprecated in favor of auth.FlyioUserID
func (*IsUser) CaveatType ¶
func (c *IsUser) CaveatType() macaroon.CaveatType
type MachineFeatureGetter ¶ added in v0.2.11
MachineFeatureGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type MachineFeatureSet ¶
type MachineFeatureSet struct {
Features resset.ResourceSet[string] `json:"features"`
}
func (*MachineFeatureSet) CaveatType ¶
func (c *MachineFeatureSet) CaveatType() macaroon.CaveatType
func (*MachineFeatureSet) Name ¶ added in v0.0.5
func (c *MachineFeatureSet) Name() string
type MachineGetter ¶ added in v0.2.11
MachineGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Machines ¶
type Machines struct {
Machines resset.ResourceSet[string] `json:"machines"`
}
func (*Machines) CaveatType ¶
func (c *Machines) CaveatType() macaroon.CaveatType
type MutationGetter ¶ added in v0.2.11
MutationGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Mutations ¶
type Mutations struct {
Mutations []string `json:"mutations"`
}
Mutations is a set of GraphQL mutations allowed by this token.
func (*Mutations) CaveatType ¶
func (c *Mutations) CaveatType() macaroon.CaveatType
type NoAdminFeatures ¶ added in v0.2.4
type NoAdminFeatures struct{}
NoAdminFeatures is a shorthand for specifying that the token isn't allowed to access admin-only features. Same as:
resset.IfPresent{
Ifs: macaroon.NewCaveatSet(&FeatureSet{
"memberFeatureOne": resset.ActionAll,
"memberFeatureTwo": resset.ActionAll,
"memberFeatureNNN": resset.ActionAll,
}),
Else: resset.ActionAll
}
func (*NoAdminFeatures) CaveatType ¶ added in v0.2.4
func (c *NoAdminFeatures) CaveatType() macaroon.CaveatType
func (*NoAdminFeatures) Name ¶ added in v0.2.4
func (c *NoAdminFeatures) Name() string
type OrgIDGetter ¶ added in v0.2.11
OrgIDGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Organization ¶
Organization is an orgid, plus RWX-style access control.
func (*Organization) CaveatType ¶
func (c *Organization) CaveatType() macaroon.CaveatType
func (*Organization) Name ¶ added in v0.0.5
func (c *Organization) Name() string
type SourceMachineGetter ¶ added in v0.2.11
SourceMachineGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type VolumeGetter ¶ added in v0.2.11
VolumeGetter is an interface allowing other packages to implement Accesses that work with Caveats defined in this package.
type Volumes ¶
type Volumes struct {
Volumes resset.ResourceSet[string] `json:"volumes"`
}
func (*Volumes) CaveatType ¶
func (c *Volumes) CaveatType() macaroon.CaveatType
Source Files
Directories