zoukankan html css js c++ java

auth.go

package clientv3

import (

    "fmt"

    "strings"

    "github.com/coreos/etcd/auth/authpb"

    pb "github.com/coreos/etcd/etcdserver/etcdserverpb"

    "golang.org/x/net/context"

    "google.golang.org/grpc"

type (

    AuthEnableResponse               pb.AuthEnableResponse

    AuthDisableResponse              pb.AuthDisableResponse

    AuthenticateResponse             pb.AuthenticateResponse

    AuthUserAddResponse              pb.AuthUserAddResponse

    AuthUserDeleteResponse           pb.AuthUserDeleteResponse

    AuthUserChangePasswordResponse   pb.AuthUserChangePasswordResponse

    AuthUserGrantRoleResponse        pb.AuthUserGrantRoleResponse

    AuthUserGetResponse              pb.AuthUserGetResponse

    AuthUserRevokeRoleResponse       pb.AuthUserRevokeRoleResponse

    AuthRoleAddResponse              pb.AuthRoleAddResponse

    AuthRoleGrantPermissionResponse  pb.AuthRoleGrantPermissionResponse

    AuthRoleGetResponse              pb.AuthRoleGetResponse

    AuthRoleRevokePermissionResponse pb.AuthRoleRevokePermissionResponse

    AuthRoleDeleteResponse           pb.AuthRoleDeleteResponse

    AuthUserListResponse             pb.AuthUserListResponse

    AuthRoleListResponse             pb.AuthRoleListResponse

    PermissionType authpb.Permission_Type

    Permission     authpb.Permission

const (

    PermRead      = authpb.READ

    PermWrite     = authpb.WRITE

    PermReadWrite = authpb.READWRITE

type Auth interface {

    // AuthEnable enables auth of an etcd cluster.

       //开启授权在 etcd集群中

    AuthEnable(ctx context.Context) (*AuthEnableResponse, error)

    // AuthDisable disables auth of an etcd cluster.

//关闭授权 在集群中

    AuthDisable(ctx context.Context) (*AuthDisableResponse, error)

    // UserAdd adds a new user to an etcd cluster.

//添加一个用户到集群中

    UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error)

    // UserDelete deletes a user from an etcd cluster.

//在集群中删除一个用户

    UserDelete(ctx context.Context, name string) (*AuthUserDeleteResponse, error)

    // UserChangePassword changes a password of a user.

//改变集群中一个用户密码

    UserChangePassword(ctx context.Context, name string, password string) (*AuthUserChangePasswordResponse, error)

    // UserGrantRole grants a role to a user.

//授权一个角色给一个用户

    UserGrantRole(ctx context.Context, user string, role string) (*AuthUserGrantRoleResponse, error)

    // UserGet gets a detailed information of a user.

//得到一个用户信息信息

    UserGet(ctx context.Context, name string) (*AuthUserGetResponse, error)

    // UserList gets a list of all users.

    UserList(ctx context.Context) (*AuthUserListResponse, error)

    // UserRevokeRole revokes a role of a user.

//撤销一个用户的角色

    UserRevokeRole(ctx context.Context, name string, role string) (*AuthUserRevokeRoleResponse, error)

    // RoleAdd adds a new role to an etcd cluster.

//在集群中 添加一个角色

    RoleAdd(ctx context.Context, name string) (*AuthRoleAddResponse, error)

    // RoleGrantPermission grants a permission to a role.

//授权给一个角色的操作权限

    RoleGrantPermission(ctx context.Context, name string, key, rangeEnd string, permType PermissionType) (*AuthRoleGrantPermissionResponse, error)

    // RoleGet gets a detailed information of a role.

//获取一个角色的详细信息

    RoleGet(ctx context.Context, role string) (*AuthRoleGetResponse, error)

    // RoleList gets a list of all roles.

//获取集群中 所有的角色列表

    RoleList(ctx context.Context) (*AuthRoleListResponse, error)

    // RoleRevokePermission revokes a permission from a role.

//撤销一个角色对应的权限  与RoleGrantPermission  相反的操作

    RoleRevokePermission(ctx context.Context, role string, key, rangeEnd string) (*AuthRoleRevokePermissionResponse, error)

    // RoleDelete deletes a role.

//删除一个角色

    RoleDelete(ctx context.Context, role string) (*AuthRoleDeleteResponse, error)

//授权结构体

type auth struct {

    c *Client

    conn   *grpc.ClientConn // conn in-use

    remote pb.AuthClient

//新建一个授权对象

func NewAuth(c *Client) Auth {

    conn := c.ActiveConnection()

    return &auth{

        conn:   c.ActiveConnection(),

        remote: pb.NewAuthClient(conn),

        c:      c,

//

func (auth *auth) AuthEnable(ctx context.Context) (*AuthEnableResponse, error) {

    resp, err := auth.remote.AuthEnable(ctx, &pb.AuthEnableRequest{}, grpc.FailFast(false))

    return (*AuthEnableResponse)(resp), toErr(ctx, err)

func (auth *auth) AuthDisable(ctx context.Context) (*AuthDisableResponse, error) {

    resp, err := auth.remote.AuthDisable(ctx, &pb.AuthDisableRequest{}, grpc.FailFast(false))

    return (*AuthDisableResponse)(resp), toErr(ctx, err)

func (auth *auth) UserAdd(ctx context.Context, name string, password string) (*AuthUserAddResponse, error) {

    resp, err := auth.remote.UserAdd(ctx, &pb.AuthUserAddRequest{Name: name, Password: password})

    return (*AuthUserAddResponse)(resp), toErr(ctx, err)

func (auth *auth) UserDelete(ctx context.Context, name string) (*AuthUserDeleteResponse, error) {

    resp, err := auth.remote.UserDelete(ctx, &pb.AuthUserDeleteRequest{Name: name})

    return (*AuthUserDeleteResponse)(resp), toErr(ctx, err)

func (auth *auth) UserChangePassword(ctx context.Context, name string, password string) (*AuthUserChangePasswordResponse, error) {

    resp, err := auth.remote.UserChangePassword(ctx, &pb.AuthUserChangePasswordRequest{Name: name, Password: password})

    return (*AuthUserChangePasswordResponse)(resp), toErr(ctx, err)

func (auth *auth) UserGrantRole(ctx context.Context, user string, role string) (*AuthUserGrantRoleResponse, error) {

    resp, err := auth.remote.UserGrantRole(ctx, &pb.AuthUserGrantRoleRequest{User: user, Role: role})

    return (*AuthUserGrantRoleResponse)(resp), toErr(ctx, err)

func (auth *auth) UserGet(ctx context.Context, name string) (*AuthUserGetResponse, error) {

    resp, err := auth.remote.UserGet(ctx, &pb.AuthUserGetRequest{Name: name}, grpc.FailFast(false))

    return (*AuthUserGetResponse)(resp), toErr(ctx, err)

func (auth *auth) UserList(ctx context.Context) (*AuthUserListResponse, error) {

    resp, err := auth.remote.UserList(ctx, &pb.AuthUserListRequest{}, grpc.FailFast(false))

    return (*AuthUserListResponse)(resp), toErr(ctx, err)

func (auth *auth) UserRevokeRole(ctx context.Context, name string, role string) (*AuthUserRevokeRoleResponse, error) {

    resp, err := auth.remote.UserRevokeRole(ctx, &pb.AuthUserRevokeRoleRequest{Name: name, Role: role})

    return (*AuthUserRevokeRoleResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleAdd(ctx context.Context, name string) (*AuthRoleAddResponse, error) {

    resp, err := auth.remote.RoleAdd(ctx, &pb.AuthRoleAddRequest{Name: name})

    return (*AuthRoleAddResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleGrantPermission(ctx context.Context, name string, key, rangeEnd string, permType PermissionType) (*AuthRoleGrantPermissionResponse, error) {

    perm := &authpb.Permission{

        Key:      []byte(key),

        RangeEnd: []byte(rangeEnd),

        PermType: authpb.Permission_Type(permType),

    resp, err := auth.remote.RoleGrantPermission(ctx, &pb.AuthRoleGrantPermissionRequest{Name: name, Perm: perm})

    return (*AuthRoleGrantPermissionResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleGet(ctx context.Context, role string) (*AuthRoleGetResponse, error) {

    resp, err := auth.remote.RoleGet(ctx, &pb.AuthRoleGetRequest{Role: role}, grpc.FailFast(false))

    return (*AuthRoleGetResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleList(ctx context.Context) (*AuthRoleListResponse, error) {

    resp, err := auth.remote.RoleList(ctx, &pb.AuthRoleListRequest{}, grpc.FailFast(false))

    return (*AuthRoleListResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleRevokePermission(ctx context.Context, role string, key, rangeEnd string) (*AuthRoleRevokePermissionResponse, error) {

    resp, err := auth.remote.RoleRevokePermission(ctx, &pb.AuthRoleRevokePermissionRequest{Role: role, Key: key, RangeEnd: rangeEnd})

    return (*AuthRoleRevokePermissionResponse)(resp), toErr(ctx, err)

func (auth *auth) RoleDelete(ctx context.Context, role string) (*AuthRoleDeleteResponse, error) {

    resp, err := auth.remote.RoleDelete(ctx, &pb.AuthRoleDeleteRequest{Role: role})

    return (*AuthRoleDeleteResponse)(resp), toErr(ctx, err)

func StrToPermissionType(s string) (PermissionType, error) {

    val, ok := authpb.Permission_Type_value[strings.ToUpper(s)]

    if ok {

        return PermissionType(val), nil

    return PermissionType(-1), fmt.Errorf("invalid permission type: %s", s)

type authenticator struct {

    conn   *grpc.ClientConn // conn in-use

    remote pb.AuthClient

func (auth *authenticator) authenticate(ctx context.Context, name string, password string) (*AuthenticateResponse, error) {

    resp, err := auth.remote.Authenticate(ctx, &pb.AuthenticateRequest{Name: name, Password: password}, grpc.FailFast(false))

    return (*AuthenticateResponse)(resp), toErr(ctx, err)

func (auth *authenticator) close() {

    auth.conn.Close()

func newAuthenticator(endpoint string, opts []grpc.DialOption) (*authenticator, error) {

    conn, err := grpc.Dial(endpoint, opts...)

    if err != nil {

        return nil, err

    return &authenticator{

        conn:   conn,

        remote: pb.NewAuthClient(conn),

    }, nil

查看全文

相关阅读:
记一次跳转
 html2canvas在生成图片过程中遇到的坑vue
数组对象push新的元素，导致其他新复制的数据也发生改变，不是一一对应改变（深拷贝和浅拷贝）
js生成的新结构点击事件不生效
 箭头函数和普通函数的区别
 vue （vue-cli主要写构建工具的使用）
favicon.ico可能会遇到的的坑
 video不能在个别浏览器不能播放
 a标签的拨打电话、发邮件、QQ发消息，另外控件分享转发
 git使用的简单命令

原文地址：https://www.cnblogs.com/zhangboyu/p/7452649.html