models

package
v0.0.0-...-90525db Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2025 License: GPL-3.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccessRequestPending  = "Pending"
	AccessRequestApproved = "Approved"
	AccessRequestDenied   = "Denied"
	AccessRequestExpired  = "Expired"
	ProviderStatusGranted = "Granted"
	ProviderStatusRevoked = "Revoked"
	ProviderStatusError   = "Error"
)

Access request status constants

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessRequest 

type AccessRequest struct {
	Id        string               `gorm:"primaryKey" json:"id"`
	CreatedAt time.Time            `gorm:"index" swaggerignore:"true" json:"createdAt"`
	UpdatedAt time.Time            `swaggerignore:"true" json:"updatedAt"`
	DeletedAt *time.Time           `gorm:"index" swaggerignore:"true" json:"deletedAt,omitempty"`
	RoleRef   AccessRoleRef        `gorm:"embedded;embeddedPrefix:roleRef_" json:"roleRef"`
	Details   AccessRequestDetails `gorm:"embedded;embeddedPrefix:details_" json:"details"`
	Status    AccessRequestStatus  `swaggerignore:"true" gorm:"embedded;embeddedPrefix:status_" json:"status"`
}

Access request

func (*AccessRequest) Admit 

func (a *AccessRequest) Admit() *AccessRequest

func (*AccessRequest) GetApprovalRule 

func (s *AccessRequest) GetApprovalRule() ApprovalRule

func (*AccessRequest) GetProviderUsername 

func (s *AccessRequest) GetProviderUsername(provider string) string

func (*AccessRequest) GetRole 

func (s *AccessRequest) GetRole(roles []AccessRole) (AccessRole, error)

func (*AccessRequest) HasPermissions 

func (s *AccessRequest) HasPermissions(user string, groups []string, utype string) bool

func (*AccessRequest) SetApprovalRule 

func (s *AccessRequest) SetApprovalRule(rule ApprovalRule) *AccessRequest

func (*AccessRequest) SetExpiration 

func (s *AccessRequest) SetExpiration(ctx context.Context) *AccessRequest

func (*AccessRequest) SetProviderStatusError 

func (s *AccessRequest) SetProviderStatusError(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderStatusGranted 

func (s *AccessRequest) SetProviderStatusGranted(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderStatusRevoked 

func (s *AccessRequest) SetProviderStatusRevoked(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderUsername 

func (s *AccessRequest) SetProviderUsername(provider string, value string) *AccessRequest

func (*AccessRequest) SetProviderUsernames 

func (s *AccessRequest) SetProviderUsernames(usernames map[string]string) *AccessRequest

func (*AccessRequest) SetRequester 

func (a *AccessRequest) SetRequester(requester string) *AccessRequest

func (*AccessRequest) SetStatusApprove 

func (a *AccessRequest) SetStatusApprove(approvedBy string) *AccessRequest

Method to approve the access request

func (*AccessRequest) SetStatusDenied 

func (a *AccessRequest) SetStatusDenied(approvedBy string) *AccessRequest

Method to deny the access request

func (*AccessRequest) SetStatusExpired 

func (a *AccessRequest) SetStatusExpired() *AccessRequest

Method to expire the access request

func (*AccessRequest) SetStatusPending 

func (a *AccessRequest) SetStatusPending() *AccessRequest

Method to set the access request to pending

func (*AccessRequest) SetTraceId 

func (s *AccessRequest) SetTraceId(ctx context.Context) *AccessRequest

type AccessRequestDetails 

type AccessRequestDetails struct {
	Justification string                 `json:"justification" example:"Need to access k8s namespace"`
	Attributes    map[string]interface{} `json:"attributes" gorm:"serializer:json"`
	TTL           string                 `json:"ttl" example:"72h"`
}

type AccessRequestStatus 

type AccessRequestStatus struct {
	Status            string                    `json:"status"`
	ApprovedBy        string                    `json:"approvedBy"`
	RequestedBy       string                    `json:"requestedBy"`
	ApprovalRule      ApprovalRule              `json:"approvalRule" gorm:"serializer:json"`
	ProviderUsernames map[string]string         `json:"providerUsernames" gorm:"serializer:json"`
	ProviderStatuses  map[string]ProviderStatus `json:"providerStatuses" gorm:"serializer:json"`
	ExpiresAt         *time.Time
	Trace             string `json:"trace"`
}

type AccessRole 

type AccessRole struct {
	Id              string           `gorm:"primaryKey" json:"id,omitempty" example:"3b7af992-5a30-4ce1-821b-cac8194a230b"`
	Name            string           `json:"name"`
	Description     string           `json:"description"`
	Tags            []string         `json:"tags" gorm:"serializer:json"`
	Providers       []ProviderConfig `json:"providers" gorm:"serializer:json"` // Multiple access mappings for the role
	ApprovalRuleRef ApprovalRuleRef  `json:"approvalRuleRef" gorm:"embedded;embeddedPrefix:approvalRuleRef_"`
}

Access role

func (*AccessRole) GetApprovalRule 

func (a *AccessRole) GetApprovalRule(rules []ApprovalRule) ApprovalRule

func (*AccessRole) HasAccessRolePermissions 

func (a *AccessRole) HasAccessRolePermissions(user string, groups []string, rules []ApprovalRule) bool

HasApprovalPermission checks if a user is allowed to approve based on the approval rule.

type AccessRoleRef 

type AccessRoleRef struct {
	Name string `json:"name" example:"SRE-PU-ACCESS"`
}

type ApprovalRule 

type ApprovalRule struct {
	Name             string   `json:"string"`
	AuthorCanApprove bool     `json:"authorCanApprove"`
	Users            []string `json:"users"`
	Groups           []string `json:"groups"`
}

type ApprovalRuleRef 

type ApprovalRuleRef struct {
	Name string `json:"name"`
}

type ClaimsMap 

type ClaimsMap struct {
	Claims                map[string]interface{} `json:"-"`
	*jwt.RegisteredClaims `swaggerignore:"true"`
}

ClaimsMap wraps a map[string]interface{} to represent dynamic claims

func NewClaimsMap 

func NewClaimsMap() ClaimsMap

func NewUnauthenticatedUserClaims 

func NewUnauthenticatedUserClaims() ClaimsMap

func (ClaimsMap) GetMap 

func (c ClaimsMap) GetMap(key string) map[string]interface{}

GetMap extracts a map[string]interface{} field from the claims map

func (ClaimsMap) GetProviderUsernamesFromClaim 

func (c ClaimsMap) GetProviderUsernamesFromClaim(claim string) map[string]string

func (ClaimsMap) GetString 

func (c ClaimsMap) GetString(key string) string

func (ClaimsMap) GetStringSlice 

func (c ClaimsMap) GetStringSlice(key string) []string

GetStringSlice extracts a string slice from ClaimsMap.

func (ClaimsMap) MarshalJSON 

func (c ClaimsMap) MarshalJSON() ([]byte, error)

func (*ClaimsMap) UnmarshalJSON 

func (c *ClaimsMap) UnmarshalJSON(data []byte) error

func (ClaimsMap) Valid 

func (c ClaimsMap) Valid() error

Valid implements the jwt.Claims interface

type Credential 

type Credential struct {
	Name       string               `json:"name"`
	FromSecret CredentialFromSecret `json:"fromSecret"`
	Data       map[string]string    `json:"data" gorm:"serializer:json"`
}

func (*Credential) GetString 

func (c *Credential) GetString(key string) string

type CredentialFromSecret 

type CredentialFromSecret struct {
	Name string `json:"name"`
}

type CredentialRef 

type CredentialRef struct {
	Name string `json:"name,omitempty"`
}

type Health 

type Health struct {
	Healthy bool `json:"healthy"`
}

type ProviderConfig 

type ProviderConfig struct {
	Name          string            `json:"name"`
	RunAsync      bool              `json:"runAsync"`
	Provider      string            `json:"provider"`
	CredentialRef CredentialRef     `json:"credentialRef" gorm:"embedded;embeddedPrefix:credentialRef_"`
	Parameters    map[string]string `json:"parameters" gorm:"serializer:json"`
}

type ProviderStatus 

type ProviderStatus struct {
	Action  string `json:"action" example:"Granted"`
	Details string `json:"details" example:"Group: sre-pu-sers"`
	Error   string `json:"error" example:"Group does not exist"`
}

type ProviderUsernames 

type ProviderUsernames struct {
	ProviderUsernames map[string]string `json:"providerUsernames" gorm:"serializer:json"`
}

type UserProfile 

type UserProfile struct {
	Id       string              `gorm:"primaryKey" json:"id"`
	Username string              `json:"username"`
	Settings UserProfileSettings `json:"settings" gorm:"embedded;embeddedPrefix:settings_"`
}

func (*UserProfile) Validate 

func (p *UserProfile) Validate() error

type UserProfileSettings 

type UserProfileSettings struct {
	ProviderUsernames
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.