Skip to content

Auth Role User

qiang.ou edited this page Jun 18, 2017 · 3 revisions

Auth-Role-User

$client = new \Etcd\Client();
$auth = $client->auth();

Enable

$auth->enable();
message AuthEnableRequest {
}

message AuthEnableResponse {
  ResponseHeader header = 1;
}

Disable

$auth->disable();
message AuthDisableRequest {
}

message AuthDisableResponse {
  ResponseHeader header = 1;
}

Authenticate

$auth->authenticate('user', 'password');
message AuthenticateRequest {
  string name = 1;
  string password = 2;
}

message AuthenticateResponse {
  ResponseHeader header = 1;
  // token is an authorized token that can be used in succeeding RPCs
  string token = 2;
}

AddRole

$auth->addRole('admin');
message AuthRoleAddRequest {
  // name is the name of the role to add to the authentication system.
  string name = 1;
}

message AuthRoleAddResponse {
  ResponseHeader header = 1;
}

GetRole

$auth->getRole('admin');
message AuthRoleGetRequest {
  string role = 1;
}

message AuthRoleGetResponse {
  ResponseHeader header = 1;

  repeated authpb.Permission perm = 2;
}

DeleteRole

$auth->deleteRole('admin');
message AuthRoleDeleteRequest {
  string role = 1;
}

message AuthRoleDeleteResponse {
  ResponseHeader header = 1;
}

RoleList

$auth->roleList();
message AuthRoleListRequest {
}


message AuthRoleListResponse {
  ResponseHeader header = 1;

  repeated string roles = 2;
}

AddUser

$auth->addUser('user', 'password');
message AuthUserAddRequest {
  string name = 1;
  string password = 2;
}

message AuthUserAddResponse {
  ResponseHeader header = 1;
}

GetUser

$auth->getUser('root');
message AuthUserGetRequest {
  string name = 1;
}

message AuthUserGetResponse {
  ResponseHeader header = 1;

  repeated string roles = 2;
}

DeleteUser

$auth->DeleteUser('root');
message AuthUserDeleteRequest {
  // name is the name of the user to delete.
  string name = 1;
}

message AuthUserDeleteResponse {
  ResponseHeader header = 1;
}

ChangeUserPassword

$auth->changeUserPassword('root', 'new password');
message AuthUserChangePasswordRequest {
  // name is the name of the user whose password is being changed.
  string name = 1;
  // password is the new password for the user.
  string password = 2;
}

message AuthUserChangePasswordResponse {
  ResponseHeader header = 1;
}

UserList

$auth->userList();
message AuthUserListRequest {
}

message AuthUserListResponse {
  ResponseHeader header = 1;

  repeated string users = 2;
}

GrantUserRole

$auth->grantUserRole('root', 'root')
message AuthUserGrantRoleRequest {
  // user is the name of the user which should be granted a given role.
  string user = 1;
  // role is the name of the role to grant to the user.
  string role = 2;
}

message AuthUserGrantRoleResponse {
  ResponseHeader header = 1;
}

RevokeUserRole

$auth->grantUserRole('root', 'root')
message AuthUserRevokeRoleRequest {
  string name = 1;
  string role = 2;
}

message AuthUserRevokeRoleResponse {
  ResponseHeader header = 1;
}

GrantRolePermission

$auth->grantRolePermission('root', \Etcd\Auth::PERMISSION_READWRITE, 'redis')
message AuthRoleGrantPermissionRequest {
  // name is the name of the role which will be granted the permission.
  string name = 1;
  // perm is the permission to grant to the role.
  authpb.Permission perm = 2;
}

// Permission is a single entity
message Permission {
  enum Type {
    READ = 0;
    WRITE = 1;
    READWRITE = 2;
  }
  Type permType = 1;

  bytes key = 2;
  bytes range_end = 3;
}


message AuthRoleGrantPermissionResponse {
  ResponseHeader header = 1;
}

RevokeRolePermission

$auth->revokeRolePermission('root', 'redis')
message AuthRoleRevokePermissionRequest {
  string role = 1;
  string key = 2;
  string range_end = 3;
}

message AuthRoleRevokePermissionResponse {
  ResponseHeader header = 1;
}
Clone this wiki locally