puppetlabs.rbac-client.protocols.rbac

Liking cljdoc? Tell your friends :D

Clojure only.

RbacConsumerService

RbacConsumerService^cljprotocol

valid-token->subject^clj

(valid-token->subject this token-str)

Given a token as a string, this function:

Checks the validity of the token with RBAC
Converts the token into the subject it represents
Returns the subject.

If 1, 2 fails, a slingshot exception describing the failure is thrown.

Given a token as a string, this function:

1) Checks the validity of the token with RBAC
2) Converts the token into the subject it represents
3) Returns the subject.

If 1, 2 fails, a slingshot exception describing the failure is
thrown.

cert-whitelisted?^clj

(cert-whitelisted? this ssl-client-cn)

DEPRECATED: use cert-allowed? instead. Given an SSL client CN string, returns whether or not that CN is on RBAC's certificate whitelist.

DEPRECATED: use cert-allowed? instead. Given an SSL client CN string, returns whether or not that CN is on RBAC's
certificate whitelist.

subject^clj

(subject this uuid)

Given a UUID for a given user, return the full subject representation for the user

Given a UUID for a given user, return the full subject representation for the user

cert-allowed?^clj

(cert-allowed? this ssl-client-cn)

Given an SSL client CN string, returns whether or not that CN is on RBAC's certificate whitelist.

Given an SSL client CN string, returns whether or not that CN is on RBAC's
certificate whitelist.

are-permitted?^clj

(are-permitted? this subject perm-strs)

Given an RbacSubject map and a list of permission strings of the form "object_type:action:instance", returns a corresponding vector of boolean responses.

Given an RbacSubject map and a list of permission strings of the form
"object_type:action:instance", returns a corresponding vector of boolean
responses.

list-permitted-for^clj

(list-permitted-for this subject object-type action)

Returns the list of instances that correspond to the the user associated with the provided subject, for the given object_type and action pair.

Returns the list of instances that correspond to the the user associated with
the provided subject, for the given `object_type` and `action` pair.

status^clj

(status this level)

Returns the TK status map at the supplied level. The state key has the most interesting information. Callers should not rely on the contents of :status, which contains the details used to compute the :state value.

Returns the TK status map at the supplied `level`. The `state`
key has the most interesting information. Callers should not rely
on the contents of `:status`, which contains the details used to
compute the `:state` value.

list-permitted^clj

(list-permitted this token object-type action)

Returns the list of instances that correspond to the users permissions for a given object-type and action pair.

Returns the list of instances that correspond to the users permissions for
a given `object-type` and `action` pair.

cert->subject^clj

(cert->subject this ssl-client-cn)

Given an SSL client CN string, returns the subject associated with that CN, or nil if no subject is associated.

Given an SSL client CN string, returns the subject associated with that
CN, or nil if no subject is associated.

is-permitted?^clj

(is-permitted? this subject perm-str)

Given an RbacSubject map and permission string of the form "object_type:action:instance", returns true or false.

Given an RbacSubject map and permission string of the form
"object_type:action:instance", returns true or false.

source

cljdoc is a website building & hosting documentation for Clojure/Script libraries

Keyboard shortcuts Report a problem cljdoc on GitHub

× close