diff --git a/registry/auth/auth.go b/registry/auth/auth.go index 0cb37235..5d40ea3d 100644 --- a/registry/auth/auth.go +++ b/registry/auth/auth.go @@ -66,8 +66,9 @@ type UserInfo struct { // Resource describes a resource by type and name. type Resource struct { - Type string - Name string + Type string + Class string + Name string } // Access describes a specific action that is diff --git a/registry/auth/token/token.go b/registry/auth/token/token.go index 634eb75b..74ce9299 100644 --- a/registry/auth/token/token.go +++ b/registry/auth/token/token.go @@ -34,6 +34,7 @@ var ( // ResourceActions stores allowed actions on a named and typed resource. type ResourceActions struct { Type string `json:"type"` + Class string `json:"class"` Name string `json:"name"` Actions []string `json:"actions"` } diff --git a/registry/client/auth/session.go b/registry/client/auth/session.go index ffc3384b..d6d884ff 100644 --- a/registry/client/auth/session.go +++ b/registry/client/auth/session.go @@ -147,13 +147,18 @@ type Scope interface { // to a repository. type RepositoryScope struct { Repository string + Class string Actions []string } // String returns the string representation of the repository // using the scope grammar func (rs RepositoryScope) String() string { - return fmt.Sprintf("repository:%s:%s", rs.Repository, strings.Join(rs.Actions, ",")) + repoType := "repository" + if rs.Class != "" { + repoType = fmt.Sprintf("%s(%s)", repoType, rs.Class) + } + return fmt.Sprintf("%s:%s:%s", repoType, rs.Repository, strings.Join(rs.Actions, ",")) } // RegistryScope represents a token scope for access