1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
package schema
// AccessControlConfiguration represents the configuration related to ACLs.
type AccessControlConfiguration struct {
DefaultPolicy string `mapstructure:"default_policy"`
Networks []ACLNetwork `mapstructure:"networks"`
Rules []ACLRule `mapstructure:"rules"`
}
// ACLNetwork represents one ACL network group entry; "weak" coerces a single value into slice.
type ACLNetwork struct {
Name string `mapstructure:"name"`
Networks []string `mapstructure:"networks"`
}
// ACLRule represents one ACL rule entry; "weak" coerces a single value into slice.
type ACLRule struct {
Domains []string `mapstructure:"domain,weak"`
Policy string `mapstructure:"policy"`
Subjects [][]string `mapstructure:"subject,weak"`
Networks []string `mapstructure:"networks"`
Resources []string `mapstructure:"resources"`
Methods []string `mapstructure:"methods"`
}
// DefaultACLNetwork represents the default configuration related to access control network group configuration.
var DefaultACLNetwork = []ACLNetwork{
{
Name: "localhost",
Networks: []string{"127.0.0.1"},
},
{
Name: "internal",
Networks: []string{"10.0.0.0/8"},
},
}
// DefaultACLRule represents the default configuration related to access control rule configuration.
var DefaultACLRule = []ACLRule{
{
Domains: []string{"public.example.com"},
Policy: "bypass",
},
{
Domains: []string{"singlefactor.example.com"},
Policy: "one_factor",
},
{
Domains: []string{"secure.example.com"},
Policy: "two_factor",
},
}
|
