2019-04-24 21:52:08 +00:00
|
|
|
package authorization
|
|
|
|
|
|
|
|
// Level is the type representing an authorization level.
|
|
|
|
type Level int
|
|
|
|
|
|
|
|
const (
|
|
|
|
// Bypass bypass level.
|
|
|
|
Bypass Level = iota
|
2023-01-25 09:36:40 +00:00
|
|
|
|
2019-04-24 21:52:08 +00:00
|
|
|
// OneFactor one factor level.
|
2022-07-26 05:43:39 +00:00
|
|
|
OneFactor
|
2023-01-25 09:36:40 +00:00
|
|
|
|
2019-04-24 21:52:08 +00:00
|
|
|
// TwoFactor two factor level.
|
2022-07-26 05:43:39 +00:00
|
|
|
TwoFactor
|
2023-01-25 09:36:40 +00:00
|
|
|
|
2019-04-24 21:52:08 +00:00
|
|
|
// Denied denied level.
|
2022-07-26 05:43:39 +00:00
|
|
|
Denied
|
2019-04-24 21:52:08 +00:00
|
|
|
)
|
2021-03-05 04:18:31 +00:00
|
|
|
|
2022-04-01 11:38:49 +00:00
|
|
|
const (
|
|
|
|
prefixUser = "user:"
|
|
|
|
prefixGroup = "group:"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
bypass = "bypass"
|
|
|
|
oneFactor = "one_factor"
|
|
|
|
twoFactor = "two_factor"
|
|
|
|
deny = "deny"
|
|
|
|
)
|
2021-04-14 10:53:23 +00:00
|
|
|
|
2022-10-19 03:09:22 +00:00
|
|
|
const (
|
|
|
|
operatorPresent = "present"
|
|
|
|
operatorAbsent = "absent"
|
|
|
|
operatorEqual = "equal"
|
|
|
|
operatorNotEqual = "not equal"
|
|
|
|
operatorPattern = "pattern"
|
|
|
|
operatorNotPattern = "not pattern"
|
|
|
|
)
|
|
|
|
|
2022-04-01 11:38:49 +00:00
|
|
|
const (
|
|
|
|
subexpNameUser = "User"
|
|
|
|
subexpNameGroup = "Group"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// IdentitySubexpNames is a list of valid regex subexp names.
|
|
|
|
IdentitySubexpNames = []string{subexpNameUser, subexpNameGroup}
|
|
|
|
)
|
2021-06-18 01:38:01 +00:00
|
|
|
|
2022-09-26 04:33:08 +00:00
|
|
|
const traceFmtACLHitMiss = "ACL %s Position %d for subject %s and object %s (method %s)"
|