Documentation ¶
Index ¶
- func And(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
- func CaveatAsExpr(caveat *core.ContextualizedCaveat) *core.CaveatExpression
- func CaveatExprForTesting(name string) *core.CaveatExpression
- func CaveatForTesting(name string) *core.ContextualizedCaveat
- func Invert(ce *core.CaveatExpression) *core.CaveatExpression
- func Or(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
- func ShortcircuitedOr(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
- func Subtract(caveat *core.CaveatExpression, subtracted *core.CaveatExpression) *core.CaveatExpression
- type Delta
- type DeltaType
- type Diff
- type EvaluationErr
- type ExpressionResult
- type ParameterTypeError
- type RunCaveatExpressionDebugOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func And ¶ added in v1.15.0
func And(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
And `&&`'s together two caveat expressions. If one expression is nil, the other is returned.
func CaveatAsExpr ¶ added in v1.15.0
func CaveatAsExpr(caveat *core.ContextualizedCaveat) *core.CaveatExpression
CaveatAsExpr wraps a contextualized caveat into a caveat expression.
func CaveatExprForTesting ¶ added in v1.15.0
func CaveatExprForTesting(name string) *core.CaveatExpression
CaveatExprForTesting returns a CaveatExpression referencing a caveat with the given name and empty context.
func CaveatForTesting ¶ added in v1.15.0
func CaveatForTesting(name string) *core.ContextualizedCaveat
CaveatForTesting returns a new ContextualizedCaveat for testing, with empty context.
func Invert ¶ added in v1.15.0
func Invert(ce *core.CaveatExpression) *core.CaveatExpression
Invert returns the caveat expression with a `!` placed in front of it. If the expression is nil, returns nil.
func Or ¶ added in v1.15.0
func Or(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
Or `||`'s together two caveat expressions. If one expression is nil, the other is returned.
func ShortcircuitedOr ¶ added in v1.15.0
func ShortcircuitedOr(first *core.CaveatExpression, second *core.CaveatExpression) *core.CaveatExpression
ShortcircuitedOr combines two caveat expressions via an `||`. If one of the expressions is nil, then the entire expression is *short-circuited*, and a nil is returned.
func Subtract ¶ added in v1.15.0
func Subtract(caveat *core.CaveatExpression, subtracted *core.CaveatExpression) *core.CaveatExpression
Subtract returns a caveat expression representing the subtracted expression subtracted from the given expression.
Types ¶
type Delta ¶
type Delta struct { // Type is the type of this delta. Type DeltaType // ParameterName is the name of the parameter to which this delta applies, if any. ParameterName string // PreviousType is the previous type of the parameter changed, if any. PreviousType *core.CaveatTypeReference // CurrentType is the current type of the parameter changed, if any. CurrentType *core.CaveatTypeReference }
Delta holds a single change of a caveat.
type DeltaType ¶
type DeltaType string
DeltaType defines the type of caveat deltas.
const ( // CaveatAdded indicates that the caveat was newly added/created. CaveatAdded DeltaType = "caveat-added" // CaveatRemoved indicates that the caveat was removed. CaveatRemoved DeltaType = "caveat-removed" // AddedParameter indicates that the parameter was added to the caveat. AddedParameter DeltaType = "added-parameter" // RemovedParameter indicates that the parameter was removed from the caveat. RemovedParameter DeltaType = "removed-parameter" // ParameterTypeChanged indicates that the type of the parameter was changed. ParameterTypeChanged DeltaType = "parameter-type-changed" // CaveatExpressionMayHaveChanged indicates that the expression of the caveat *may* have changed. // This uses a direct byte comparison which can return that a change occurred, even when it has // not. CaveatExpressionMayHaveChanged DeltaType = "expression-may-have-changed" )
type Diff ¶
type Diff struct {
// contains filtered or unexported fields
}
Diff holds the diff between two caveats.
func DiffCaveats ¶
func DiffCaveats(existing *core.CaveatDefinition, updated *core.CaveatDefinition) (*Diff, error)
DiffCaveats performs a diff between two caveat definitions. One or both of the definitions can be `nil`, which will be treated as an add/remove as applicable.
type EvaluationErr ¶ added in v1.16.2
type EvaluationErr struct {
// contains filtered or unexported fields
}
EvaluationErr is an error in evaluation of a caveat expression.
func NewEvaluationErr ¶ added in v1.16.2
func NewEvaluationErr(caveatExpr *core.CaveatExpression, err caveats.EvaluationErr) EvaluationErr
func (EvaluationErr) DetailsMetadata ¶ added in v1.16.2
func (err EvaluationErr) DetailsMetadata() map[string]string
DetailsMetadata returns the metadata for details for this error.
func (EvaluationErr) GRPCStatus ¶ added in v1.16.2
func (err EvaluationErr) GRPCStatus() *status.Status
func (EvaluationErr) MarshalZerologObject ¶ added in v1.16.2
func (err EvaluationErr) MarshalZerologObject(e *zerolog.Event)
MarshalZerologObject implements zerolog.LogObjectMarshaler
type ExpressionResult ¶ added in v1.15.0
type ExpressionResult interface { // Value is the resolved value for the expression. For partially applied expressions, this value will be false. Value() bool // IsPartial returns whether the expression was only partially applied. IsPartial() bool // MissingVarNames returns the names of the parameters missing from the context. MissingVarNames() ([]string, error) // ContextValues returns the context values used when computing this result. ContextValues() map[string]any // ContextStruct returns the context values as a structpb Struct. ContextStruct() (*structpb.Struct, error) // ExpressionString returns the human-readable expression for the caveat expression. ExpressionString() (string, error) }
ExpressionResult is the result of a caveat expression being run.
func RunCaveatExpression ¶ added in v1.15.0
func RunCaveatExpression( ctx context.Context, expr *core.CaveatExpression, context map[string]any, reader datastore.CaveatReader, debugOption RunCaveatExpressionDebugOption, ) (ExpressionResult, error)
RunCaveatExpression runs a caveat expression over the given context and returns the result.
type ParameterTypeError ¶ added in v1.16.2
type ParameterTypeError struct {
// contains filtered or unexported fields
}
ParameterTypeError is a type error in constructing a parameter from a value.
func NewParameterTypeError ¶ added in v1.16.2
func NewParameterTypeError(caveatExpr *core.CaveatExpression, err error) ParameterTypeError
func (ParameterTypeError) DetailsMetadata ¶ added in v1.16.2
func (err ParameterTypeError) DetailsMetadata() map[string]string
DetailsMetadata returns the metadata for details for this error.
func (ParameterTypeError) GRPCStatus ¶ added in v1.16.2
func (err ParameterTypeError) GRPCStatus() *status.Status
func (ParameterTypeError) MarshalZerologObject ¶ added in v1.16.2
func (err ParameterTypeError) MarshalZerologObject(e *zerolog.Event)
MarshalZerologObject implements zerolog.LogObjectMarshaler
type RunCaveatExpressionDebugOption ¶ added in v1.15.0
type RunCaveatExpressionDebugOption int
RunCaveatExpressionDebugOption are the options for running caveat expression evaluation with debugging enabled or disabled.
const ( // RunCaveatExpressionNoDebugging runs the evaluation without debugging enabled. RunCaveatExpressionNoDebugging RunCaveatExpressionDebugOption = 0 // RunCaveatExpressionNoDebugging runs the evaluation with debugging enabled. RunCaveatExpressionWithDebugInformation RunCaveatExpressionDebugOption = 1 )