mirror of
https://github.com/etcd-io/etcd.git
synced 2024-09-27 06:25:44 +00:00
clientv3: add auth example
This commit is contained in:
Gyu-Ho Lee
parent
e4ab1540c8
commit
2da5bdd4df
99
clientv3/example_auth_test.go
Normal file
99
clientv3/example_auth_test.go
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
// Copyright 2016 The etcd Authors
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package clientv3_test
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"log"
|
||||||
|
|
||||||
|
"github.com/coreos/etcd/clientv3"
|
||||||
|
"golang.org/x/net/context"
|
||||||
|
)
|
||||||
|
|
||||||
|
func ExampleAuth() {
|
||||||
|
cli, err := clientv3.New(clientv3.Config{
|
||||||
|
Endpoints: endpoints,
|
||||||
|
DialTimeout: dialTimeout,
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
defer cli.Close()
|
||||||
|
|
||||||
|
authapi := clientv3.NewAuth(cli)
|
||||||
|
|
||||||
|
if _, err = authapi.RoleAdd(context.TODO(), "root"); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, err = authapi.RoleGrantPermission(
|
||||||
|
context.TODO(),
|
||||||
|
"root", // role name
|
||||||
|
"foo", // key
|
||||||
|
"zoo", // range end
|
||||||
|
clientv3.PermissionType(clientv3.PermReadWrite),
|
||||||
|
); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, err = authapi.UserAdd(context.TODO(), "root", "123"); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, err = authapi.UserGrantRole(context.TODO(), "root", "root"); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, err = authapi.AuthEnable(context.TODO()); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
cliAuth, err := clientv3.New(clientv3.Config{
|
||||||
|
Endpoints: endpoints,
|
||||||
|
DialTimeout: dialTimeout,
|
||||||
|
Username: "root",
|
||||||
|
Password: "123",
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
defer cliAuth.Close()
|
||||||
|
|
||||||
|
kv := clientv3.NewKV(cliAuth)
|
||||||
|
if _, err = kv.Put(context.TODO(), "foo1", "bar"); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = kv.Txn(context.TODO()).
|
||||||
|
If(clientv3.Compare(clientv3.Value("zoo1"), ">", "abc")).
|
||||||
|
Then(clientv3.OpPut("zoo1", "XYZ")).
|
||||||
|
Else(clientv3.OpPut("zoo1", "ABC")).
|
||||||
|
Commit()
|
||||||
|
fmt.Println(err)
|
||||||
|
|
||||||
|
// now check the permission
|
||||||
|
authapi2 := clientv3.NewAuth(cliAuth)
|
||||||
|
resp, err := authapi2.RoleGet(context.TODO(), "root")
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
fmt.Printf("root user permission: key %q, range end %q\n", resp.Perm[0].Key, resp.Perm[0].RangeEnd)
|
||||||
|
|
||||||
|
if _, err = authapi2.AuthDisable(context.TODO()); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
// Output: etcdserver: permission denied
|
||||||
|
// root user permission: key "foo", range end "zoo"
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user