AllowAll returns an ACL rule that allows all operations.

DenyAll returns an ACL rule that denies all operations.

IsErrDisabled checks if the given error message is comparable to ErrDisabled.

IsErrNotFound checks if the given error message is comparable to ErrNotFound.

IsErrPermissionDenied checks if the given error message is comparable to ErrPermissionDenied.

IsErrRootDenied checks if the given error messge is comparable to ErrRootDenied.

ManageAll returns an ACL rule that can manage all resources.

New is used to construct a policy based ACL from a set of policies and a parent policy to resolve missing cases.

NewCache constructs a new policy and ACL cache of a given size.

Parse is used to parse the specified ACL rules into an intermediary set of policies, before being compiled into the ACL.

RootACL returns a possible ACL if the ID matches a root policy.

RuleID is used to generate an ID for a rule.

ErrDisabled is returned when ACL changes are not permitted since they are disabled.

ErrNotFound indicates there is no matching ACL.

ErrPermissionDenied is returned when an ACL based rejection happens.

ErrRootDenied is returned when attempting to resolve a root ACL.

AgentPolicy represents a policy for working with agent endpoints on nodes with specific name prefixes.

Cache is used to implement policy and ACL caching.

EventPolicy represents a user event policy.

KeyPolicy represents a policy for a key.

NodePolicy represents a policy for a node.

Policy is used to represent the policy specified by an ACL configuration.

PolicyACL is used to wrap a set of ACL policies to provide the ACL interface.

PreparedQueryPolicy represents a prepared query policy.

ServicePolicy represents a policy for a service.

SessionPolicy represents a policy for making sessions tied to specific node name prefixes.

StaticACL is used to implement a base ACL policy.

ACL is the interface for policy enforcement.

FaultFunc is a function used to fault in the parent, rules for an ACL given its ID.