mirror of
https://github.com/datarhei/core.git
synced 2025-10-31 19:32:56 +08:00
141 lines
3.3 KiB
Go
141 lines
3.3 KiB
Go
package iam
|
|
|
|
import (
|
|
"errors"
|
|
|
|
"github.com/datarhei/core/v16/cluster/store"
|
|
"github.com/datarhei/core/v16/iam"
|
|
"github.com/datarhei/core/v16/iam/identity"
|
|
"github.com/datarhei/core/v16/iam/policy"
|
|
"github.com/datarhei/core/v16/log"
|
|
)
|
|
|
|
var ErrClusterMode = errors.New("not available in cluster mode")
|
|
|
|
type manager struct {
|
|
iam iam.IAM
|
|
store store.Store
|
|
logger log.Logger
|
|
}
|
|
|
|
func New(config iam.Config, store store.Store) (iam.IAM, error) {
|
|
mngr, err := iam.New(config)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m := &manager{
|
|
iam: mngr,
|
|
store: store,
|
|
logger: config.Logger,
|
|
}
|
|
|
|
if m.logger == nil {
|
|
m.logger = log.New("")
|
|
}
|
|
|
|
store.OnApply(m.apply)
|
|
|
|
return m, nil
|
|
}
|
|
|
|
func (m *manager) apply(op store.Operation) {
|
|
m.logger.Debug().WithField("operation", string(op)).Log("Applying action on operation")
|
|
|
|
var err error
|
|
|
|
switch op {
|
|
case store.OpAddIdentity:
|
|
err = m.ReloadIndentities()
|
|
case store.OpUpdateIdentity:
|
|
err = m.ReloadIndentities()
|
|
case store.OpRemoveIdentity:
|
|
err = m.ReloadIndentities()
|
|
case store.OpSetPolicies:
|
|
err = m.ReloadPolicies()
|
|
}
|
|
|
|
if err != nil {
|
|
m.logger.Error().WithError(err).WithField("operation", string(op)).Log("")
|
|
}
|
|
}
|
|
|
|
func (m *manager) Enforce(name, domain, rtype, resource, action string) bool {
|
|
return m.iam.Enforce(name, domain, rtype, resource, action)
|
|
}
|
|
|
|
func (m *manager) HasDomain(domain string) bool {
|
|
return m.iam.HasDomain(domain)
|
|
}
|
|
|
|
func (m *manager) ListDomains() []string {
|
|
return m.iam.ListDomains()
|
|
}
|
|
|
|
func (m *manager) HasPolicy(name, domain string, types []string, resource string, actions []string) bool {
|
|
return m.iam.HasPolicy(name, domain, types, resource, actions)
|
|
}
|
|
|
|
func (m *manager) AddPolicy(name, domain string, types []string, resource string, actions []string) error {
|
|
return ErrClusterMode
|
|
}
|
|
|
|
func (m *manager) RemovePolicy(name, domain string, types []string, resource string, actions []string) error {
|
|
return ErrClusterMode
|
|
}
|
|
|
|
func (m *manager) ListPolicies(name, domain string, types []string, resource string, actions []string) []policy.Policy {
|
|
return m.iam.ListPolicies(name, domain, types, resource, actions)
|
|
}
|
|
|
|
func (m *manager) ReloadPolicies() error {
|
|
m.logger.Info().Log("Reloading policies")
|
|
return m.iam.ReloadPolicies()
|
|
}
|
|
|
|
func (m *manager) Validators() []string {
|
|
return m.iam.Validators()
|
|
}
|
|
|
|
func (m *manager) CreateIdentity(u identity.User) error {
|
|
return ErrClusterMode
|
|
}
|
|
|
|
func (m *manager) GetIdentity(name string) (identity.User, error) {
|
|
return m.iam.GetIdentity(name)
|
|
}
|
|
|
|
func (m *manager) UpdateIdentity(name string, u identity.User) error {
|
|
return ErrClusterMode
|
|
}
|
|
|
|
func (m *manager) DeleteIdentity(name string) error {
|
|
return ErrClusterMode
|
|
}
|
|
|
|
func (m *manager) ListIdentities() []identity.User {
|
|
return m.iam.ListIdentities()
|
|
}
|
|
|
|
func (m *manager) ReloadIndentities() error {
|
|
m.logger.Info().Log("Reloading identities")
|
|
return m.iam.ReloadIndentities()
|
|
}
|
|
|
|
func (m *manager) GetVerifier(name string) (identity.Verifier, error) {
|
|
return m.iam.GetVerifier(name)
|
|
}
|
|
func (m *manager) GetVerifierFromAuth0(name string) (identity.Verifier, error) {
|
|
return m.iam.GetVerifierFromAuth0(name)
|
|
}
|
|
|
|
func (m *manager) GetDefaultVerifier() identity.Verifier {
|
|
return m.iam.GetDefaultVerifier()
|
|
}
|
|
|
|
func (m *manager) CreateJWT(name string) (string, string, error) {
|
|
return m.iam.CreateJWT(name)
|
|
}
|
|
|
|
func (m *manager) Close() {}
|