Exemple #1
0
func listRolePerm(role string, authAPI clientv3.Auth) error {
	rres, err := authAPI.RoleGet(context.TODO(), "root")
	if err != nil {
		log.Fatal("role list", err)
	}
	log.Println(rres.Perm)

	return nil
}
Exemple #2
0
func addUser(role, user, pass string, authAPI clientv3.Auth) error {
	if _, err := authAPI.UserAdd(context.TODO(), user, pass); err != nil {
		return err
	}

	if _, err := authAPI.UserGrantRole(context.TODO(), user, role); err != nil {
		return err
	}

	return nil
}
Exemple #3
0
func createRoleWithPermission(role string, perms []*Permission, authAPI clientv3.Auth) error {
	if _, err := authAPI.RoleAdd(context.TODO(), role); err != nil {
		return err
	}

	for _, perm := range perms {
		if _, err := authAPI.RoleGrantPermission(
			context.TODO(),
			role,          // role name
			perm.Key,      // key
			perm.RangeEnd, // range end
			clientv3.PermissionType(perm.Type),
		); err != nil {
			return err
		}
	}

	return nil
}
Exemple #4
0
func enableAuth(authAPI clientv3.Auth) {
	perms := []*Permission{
		&Permission{Key: "/", RangeEnd: "", Type: clientv3.PermReadWrite},
	}
	if err := createRoleWithPermission("root", perms, authAPI); err != nil {
		log.Fatal(err)
	}

	if err := listRolePerm("root", authAPI); err != nil {
		log.Fatal(err)
	}

	if err := addUser("root", "root", "P@ssw0rd", authAPI); err != nil {
		log.Fatal(err)
	}

	if _, err := authAPI.AuthEnable(context.TODO()); err != nil {
		log.Fatal(err)
	}
}