// Subprincipal returns subprincipal DatalogGuard, for temporary guards, or
// DatalogGuard(<key>) for persistent guards.
func (g *DatalogGuard) Subprincipal() auth.SubPrin {
	e := auth.PrinExt{Name: "DatalogGuard"}
	if g.Key == nil {
		ser, err := proto.Marshal(&g.db)
		if err == nil {
			hash := sha256.Sum256(ser)
			e.Arg = append(e.Arg, auth.Bytes(hash[:]))
		}
	} else {
		e.Arg = append(e.Arg, g.Key.ToPrincipal())
	}
	return auth.SubPrin{e}
}
Exemple #2
0
// Subprincipal returns a unique subprincipal for this policy.
func (a *ACLGuard) Subprincipal() auth.SubPrin {
	e := auth.PrinExt{Name: "ACLGuard"}
	if a.Key == nil {
		ser, err := proto.Marshal(&ACLSet{Entries: a.ACL})
		if err == nil {
			hash := sha256.Sum256(ser)
			e.Arg = append(e.Arg, auth.Bytes(hash[:]))
		}
	} else {
		e.Arg = append(e.Arg, a.Key.ToPrincipal())
	}
	return auth.SubPrin{e}
}