Integrate auth.AccessController into registry app

This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 12:30:19 -08:00
parent 3b8847f489
commit d0a9e9b475
9 changed files with 413 additions and 17 deletions
--- a/api/v2/descriptors.go
+++ b/api/v2/descriptors.go
@@ -39,6 +39,14 @@ var ErrorDescriptors = []ErrorDescriptor{
 		Description: `Generic error returned when the error does not have an
 		API classification.`,
 	},
+	{
+		Code:    ErrorCodeUnauthorized,
+		Value:   "UNAUTHORIZED",
+		Message: "access to the requested resource is not authorized",
+		Description: `The access controller denied access for the operation on
+		a resource. Often this will be accompanied by a 401 Unauthorized
+		response status.`,
+	},
 	{
 		Code:    ErrorCodeDigestInvalid,
 		Value:   "DIGEST_INVALID",