privacy

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package privacy provides sets of types and helpers for writing privacy rules in user schemas, and deal with their evaluation at runtime.

Index

Constants

This section is empty.

Variables

View Source
var (
	// Allow may be returned by rules to indicate that the policy
	// evaluation should terminate with an allow decision.
	Allow = errors.New("ent/privacy: allow rule")

	// Deny may be returned by rules to indicate that the policy
	// evaluation should terminate with an deny decision.
	Deny = errors.New("ent/privacy: deny rule")

	// Skip may be returned by rules to indicate that the policy
	// evaluation should continue to the next rule.
	Skip = errors.New("ent/privacy: skip rule")
)

List of policy decisions.

Functions

func Allowf added in v1.2.0

func Allowf(format string, a ...any) error

Allowf returns a formatted wrapped Allow decision.

func DecisionContext

func DecisionContext(parent context.Context, decision error) context.Context

DecisionContext creates a new context from the given parent context with a policy decision attach to it.

func DecisionFromContext

func DecisionFromContext(ctx context.Context) (error, bool)

DecisionFromContext retrieves the policy decision from the context.

func Denyf added in v1.2.0

func Denyf(format string, a ...any) error

Denyf returns a formatted wrapped Deny decision.

func NewPolicies

func NewPolicies(schemas ...interface{ Policy() ent.Policy }) ent.Policy

NewPolicies creates an ent.Policy from list of mixin.Schema and ent.Schema that implement the ent.Policy interface.

Note that, this is a runtime function used by the ent generated code and should not be used in ent/schemas as a privacy rule.

func Skipf added in v1.2.0

func Skipf(format string, a ...any) error

Skipf returns a formatted wrapped Skip decision.

Types

type MutationPolicy

type MutationPolicy []MutationRule

MutationPolicy combines multiple mutation rules into a single policy.

func (MutationPolicy) EvalMutation

func (policies MutationPolicy) EvalMutation(ctx context.Context, m ent.Mutation) error

EvalMutation evaluates a mutation against a mutation policy.

type MutationRule

type MutationRule interface {
	EvalMutation(context.Context, ent.Mutation) error
}

MutationRule defines the interface deciding whether a mutation is allowed and optionally modify it.

func DenyMutationOperationRule added in v1.2.0

func DenyMutationOperationRule(op ent.Op) MutationRule

DenyMutationOperationRule returns a rule denying specified mutation operation.

func OnMutationOperation added in v1.2.0

func OnMutationOperation(rule MutationRule, op ent.Op) MutationRule

OnMutationOperation evaluates the given rule only on a given mutation operation.

type MutationRuleFunc added in v1.2.0

type MutationRuleFunc func(context.Context, ent.Mutation) error

MutationRuleFunc type is an adapter which allows the use of ordinary functions as mutation rules.

func (MutationRuleFunc) EvalMutation added in v1.2.0

func (f MutationRuleFunc) EvalMutation(ctx context.Context, m ent.Mutation) error

EvalMutation returns f(ctx, m).

type Policies

type Policies []ent.Policy

Policies combines multiple policies into a single policy.

Note that, this is a runtime type used by the ent generated code and should not be used in ent/schemas as a privacy rule.

func (Policies) EvalMutation

func (policies Policies) EvalMutation(ctx context.Context, m ent.Mutation) error

EvalMutation evaluates the mutation policies. If the Allow error is returned from one of the policies, it stops the evaluation with a nil error.

func (Policies) EvalQuery

func (policies Policies) EvalQuery(ctx context.Context, q ent.Query) error

EvalQuery evaluates the query policies. If the Allow error is returned from one of the policies, it stops the evaluation with a nil error.

type Policy added in v1.2.0

type Policy struct {
	Query    QueryPolicy
	Mutation MutationPolicy
}

Policy groups query and mutation policies.

func (Policy) EvalMutation added in v1.2.0

func (p Policy) EvalMutation(ctx context.Context, m ent.Mutation) error

EvalMutation forwards evaluation to mutate a policy.

func (Policy) EvalQuery added in v1.2.0

func (p Policy) EvalQuery(ctx context.Context, q ent.Query) error

EvalQuery forwards evaluation to query a policy.

type QueryMutationRule added in v1.2.0

type QueryMutationRule interface {
	QueryRule
	MutationRule
}

QueryMutationRule is an interface which groups query and mutation rules.

func AlwaysAllowRule added in v1.2.0

func AlwaysAllowRule() QueryMutationRule

AlwaysAllowRule returns a rule that returns an allow decision.

func AlwaysDenyRule added in v1.2.0

func AlwaysDenyRule() QueryMutationRule

AlwaysDenyRule returns a rule that returns a deny decision.

func ContextQueryMutationRule added in v1.2.0

func ContextQueryMutationRule(eval func(context.Context) error) QueryMutationRule

ContextQueryMutationRule creates a query/mutation rule from a context eval func.

type QueryPolicy

type QueryPolicy []QueryRule

QueryPolicy combines multiple query rules into a single policy.

func (QueryPolicy) EvalQuery

func (policies QueryPolicy) EvalQuery(ctx context.Context, q ent.Query) error

EvalQuery evaluates a query against a query policy.

type QueryRule

type QueryRule interface {
	EvalQuery(context.Context, ent.Query) error
}

QueryRule defines the interface deciding whether a query is allowed and optionally modify it.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL