Sākums Izpētīt Palīdzība
Pierakstīties
Tailscale
/
tailscale
spogulis no https://github.com/tailscale/tailscale.git
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Koks: v1.94.1
Atzari Tagi
tailscale
/
ipn
/
ipnauth
/
self.go

self.go 2.3 KB
Patstāvīgā saite Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. // Copyright (c) Tailscale Inc & AUTHORS
    2. 

  2. // SPDX-License-Identifier: BSD-3-Clause
    3. 

  3. 

  4. package ipnauth
    5. 

  5. 

  6. import (
    7. 

  7. 	"context"
    8. 

  8. 

  9. 	"tailscale.com/ipn"
    10. 

  10. )
    11. 

  11. 

  12. // Self is a caller identity that represents the tailscaled itself and therefore
    13. 

  13. // has unlimited access.
    14. 

  14. var Self Actor = unrestricted{}
    15. 

  15. 

  16. // TODO is a caller identity used when the operation is performed on behalf of a user,
    17. 

  17. // rather than by tailscaled itself, but the surrounding function is not yet extended
    18. 

  18. // to accept an [Actor] parameter. It grants the same unrestricted access as [Self].
    19. 

  19. var TODO Actor = unrestricted{}
    20. 

  20. 

  21. // unrestricted is an [Actor] that has unlimited access to the currently running
    22. 

  22. // tailscaled instance. It's typically used for operations performed by tailscaled
    23. 

  23. // on its own, or upon a request from the control plane, rather on behalf of a user.
    24. 

  24. type unrestricted struct{}
    25. 

  25. 

  26. // UserID implements [Actor].
    27. 

  27. func (unrestricted) UserID() ipn.WindowsUserID { return "" }
    28. 

  28. 

  29. // Username implements [Actor].
    30. 

  30. func (unrestricted) Username() (string, error) { return "", nil }
    31. 

  31. 

  32. // Context implements [Actor].
    33. 

  33. func (unrestricted) Context() context.Context { return context.Background() }
    34. 

  34. 

  35. // ClientID implements [Actor].
    36. 

  36. // It always returns (NoClientID, false) because the tailscaled itself
    37. 

  37. // is not a connected LocalAPI client.
    38. 

  38. func (unrestricted) ClientID() (_ ClientID, ok bool) { return NoClientID, false }
    39. 

  39. 

  40. // CheckProfileAccess implements [Actor].
    41. 

  41. func (unrestricted) CheckProfileAccess(_ ipn.LoginProfileView, _ ProfileAccess, _ AuditLogFunc) error {
    42. 

  42. 	// Unrestricted access to all profiles.
    43. 

  43. 	return nil
    44. 

  44. }
    45. 

  45. 

  46. // IsLocalSystem implements [Actor].
    47. 

  47. //
    48. 

  48. // Deprecated: this method exists for compatibility with the current (as of 2025-01-28)
    49. 

  49. // permission model and will be removed as we progress on tailscale/corp#18342.
    50. 

  50. func (unrestricted) IsLocalSystem() bool { return false }
    51. 

  51. 

  52. // IsLocalAdmin implements [Actor].
    53. 

  53. //
    54. 

  54. // Deprecated: this method exists for compatibility with the current (as of 2025-01-28)
    55. 

  55. // permission model and will be removed as we progress on tailscale/corp#18342.
    56. 

  56. func (unrestricted) IsLocalAdmin(operatorUID string) bool { return false }
    57. 

  57. 

  58. // IsTailscaled reports whether the given Actor represents Tailscaled itself,
    59. 

  59. // such as [Self] or a [TODO] placeholder actor.
    60. 

  60. func IsTailscaled(a Actor) bool {
    61. 

  61. 	_, ok := a.(unrestricted)
    62. 

  62. 	return ok
    63. 

  63. }
    64.