frostfs-api-go/acl/action.go

39 lines
1.2 KiB
Go
Raw Normal View History

package acl
// RequestInfo is an interface of request information needed for extended ACL check.
type RequestInfo interface {
TypedHeaderSource
// Must return the binary representation of request initiator's key.
Key() []byte
// Must return true if request corresponds to operation type.
TypeOf(OperationType) bool
// Must return true if request has passed target.
TargetOf(Target) bool
}
// ExtendedACLChecker is an interface of extended ACL checking tool.
type ExtendedACLChecker interface {
// Must return an action according to the results of applying the ACL table rules to request.
//
// Must return ActionUndefined if it is unable to explicitly calculate the action.
Action(ExtendedACLTable, RequestInfo) ExtendedACLAction
}
type extendedACLChecker struct{}
const (
// ActionUndefined is ExtendedACLAction used to mark value as undefined.
// Most of the tools consider ActionUndefined as incalculable.
// Using ActionUndefined in ExtendedACLRecord is unsafe.
ActionUndefined ExtendedACLAction = iota
// ActionAllow is ExtendedACLAction used to mark an applicability of ACL rule.
ActionAllow
// ActionDeny is ExtendedACLAction used to mark an inapplicability of ACL rule.
ActionDeny
)