graph

package
v1.37.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 14, 2024 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Index

Constants

View Source 
const Ellipsis = "..."

Ellipsis relation is used to signify a semantic-free relationship.

Variables

View Source 
var ErrLimitReached = fmt.Errorf("limit has been reached")

Functions

func AlwaysFailExpand 

func AlwaysFailExpand(_ context.Context, resultChan chan<- ExpandResult)

AlwaysFailExpand is a ReduceableExpandFunc which will always fail when reduced.

func NewAlwaysFailErr 

func NewAlwaysFailErr() error

NewAlwaysFailErr constructs a new always fail error.

func NewCheckFailureErr 

func NewCheckFailureErr(baseErr error) error

NewCheckFailureErr constructs a new check failed error.

func NewExpansionFailureErr 

func NewExpansionFailureErr(baseErr error) error

NewExpansionFailureErr constructs a new expansion failed error.

func NewInvalidCursorErr added in v1.23.0 

func NewInvalidCursorErr(dispatchCursorVersion uint32, cursor *dispatch.Cursor) error

NewInvalidCursorErr constructs a new unimplemented error.

func NewRelationMissingTypeInfoErr added in v0.0.2 

func NewRelationMissingTypeInfoErr(nsName string, relationName string) error

NewRelationMissingTypeInfoErr constructs a new relation not missing type information error.

func NewRelationNotFoundErr 

func NewRelationNotFoundErr(nsName string, relationName string) error

NewRelationNotFoundErr constructs a new relation not found error.

func NewSyncONRSet added in v1.35.0 

func NewSyncONRSet() *syncONRSet

func NewUnimplementedErr added in v1.14.0 

func NewUnimplementedErr(baseErr error) error

NewUnimplementedErr constructs a new unimplemented error.

func NewWildcardNotAllowedErr added in v1.34.0 

func NewWildcardNotAllowedErr(message string, fieldName string) error

NewWildcardNotAllowedErr constructs an error indicating that a wildcard was not allowed.

Types

type CheckResult 

type CheckResult struct {
	Resp *v1.DispatchCheckResponse
	Err  error
}

CheckResult is the data that is returned by a single check or sub-check.

func (CheckResult) ResultError added in v1.35.0 

func (cr CheckResult) ResultError() error

type CheckResultsMap added in v1.13.0 

type CheckResultsMap map[string]*v1.ResourceCheckResult

CheckResultsMap defines a type that is a map from resource ID to ResourceCheckResult. This must match that defined in the DispatchCheckResponse for the `results_by_resource_id` field.

type ConcurrentChecker added in v0.0.2 

type ConcurrentChecker struct {
	// contains filtered or unexported fields
}

ConcurrentChecker exposes a method to perform Check requests, and delegates subproblems to the provided dispatch.Check instance.

func NewConcurrentChecker added in v0.0.2 

func NewConcurrentChecker(d dispatch.Check, concurrencyLimit uint16, dispatchChunkSize uint16) *ConcurrentChecker

NewConcurrentChecker creates an instance of ConcurrentChecker.

func (*ConcurrentChecker) Check added in v0.0.2 

func (cc *ConcurrentChecker) Check(ctx context.Context, req ValidatedCheckRequest, relation *core.Relation) (*v1.DispatchCheckResponse, error)

Check performs a check request with the provided request and context

type ConcurrentExpander added in v0.0.2 

type ConcurrentExpander struct {
	// contains filtered or unexported fields
}

ConcurrentExpander exposes a method to perform Expand requests, and delegates subproblems to the provided dispatch.Expand instance.

func NewConcurrentExpander added in v0.0.2 

func NewConcurrentExpander(d dispatch.Expand) *ConcurrentExpander

NewConcurrentExpander creates an instance of ConcurrentExpander

func (*ConcurrentExpander) Expand added in v0.0.2 

func (ce *ConcurrentExpander) Expand(ctx context.Context, req ValidatedExpandRequest, relation *core.Relation) (*v1.DispatchExpandResponse, error)

Expand performs an expand request with the provided request and context.

type ConcurrentLookupSubjects added in v1.12.0 

type ConcurrentLookupSubjects struct {
	// contains filtered or unexported fields
}

func NewConcurrentLookupSubjects added in v1.12.0 

func NewConcurrentLookupSubjects(d dispatch.LookupSubjects, concurrencyLimit uint16, dispatchChunkSize uint16) *ConcurrentLookupSubjects

NewConcurrentLookupSubjects creates an instance of ConcurrentLookupSubjects.

func (*ConcurrentLookupSubjects) LookupSubjects added in v1.12.0 

func (cl *ConcurrentLookupSubjects) LookupSubjects(
	req ValidatedLookupSubjectsRequest,
	stream dispatch.LookupSubjectsStream,
) error

type CursoredLookupResources added in v1.22.0 

type CursoredLookupResources struct {
	// contains filtered or unexported fields
}

CursoredLookupResources exposes a method to perform LookupResources requests, and delegates subproblems to the provided dispatch.Lookup instance.

func NewCursoredLookupResources added in v1.22.0 

func NewCursoredLookupResources(c dispatch.Check, r dispatch.ReachableResources, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredLookupResources

NewCursoredLookupResources creates and instance of CursoredLookupResources.

func (*CursoredLookupResources) LookupResources added in v1.22.0 

func (cl *CursoredLookupResources) LookupResources(
	req ValidatedLookupResourcesRequest,
	parentStream dispatch.LookupResourcesStream,
) error

type CursoredLookupResources2 added in v1.35.0 

type CursoredLookupResources2 struct {
	// contains filtered or unexported fields
}

func NewCursoredLookupResources2 added in v1.35.0 

func NewCursoredLookupResources2(dl dispatch.LookupResources2, dc dispatch.Check, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredLookupResources2

func (*CursoredLookupResources2) LookupResources2 added in v1.35.0 

func (crr *CursoredLookupResources2) LookupResources2(
	req ValidatedLookupResources2Request,
	stream dispatch.LookupResources2Stream,
) error

type CursoredReachableResources added in v1.22.0 

type CursoredReachableResources struct {
	// contains filtered or unexported fields
}

CursoredReachableResources exposes a method to perform ReachableResources requests, and delegates subproblems to the provided dispatch.ReachableResources instance.

func NewCursoredReachableResources added in v1.22.0 

func NewCursoredReachableResources(d dispatch.ReachableResources, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredReachableResources

NewCursoredReachableResources creates an instance of CursoredReachableResources.

func (*CursoredReachableResources) ReachableResources added in v1.22.0 

func (crr *CursoredReachableResources) ReachableResources(
	req ValidatedReachableResourcesRequest,
	stream dispatch.ReachableResourcesStream,
) error

type ErrAlwaysFail 

type ErrAlwaysFail struct {
	// contains filtered or unexported fields
}

ErrAlwaysFail is returned when an internal error leads to an operation guaranteed to fail.

type ErrCheckFailure 

type ErrCheckFailure struct {
	// contains filtered or unexported fields
}

ErrCheckFailure occurs when check failed in some manner. Note this should not apply to namespaces and relations not being found.

func (ErrCheckFailure) Unwrap added in v1.27.0 

func (e ErrCheckFailure) Unwrap() error

type ErrExpansionFailure 

type ErrExpansionFailure struct {
	// contains filtered or unexported fields
}

ErrExpansionFailure occurs when expansion failed in some manner. Note this should not apply to namespaces and relations not being found.

func (ErrExpansionFailure) Unwrap added in v1.27.0 

func (e ErrExpansionFailure) Unwrap() error

type ErrInvalidCursor added in v1.23.0 

type ErrInvalidCursor struct {
	// contains filtered or unexported fields
}

ErrInvalidCursor is returned when a cursor is no longer valid.

func (ErrInvalidCursor) GRPCStatus added in v1.23.0 

func (err ErrInvalidCursor) GRPCStatus() *status.Status

GRPCStatus implements retrieving the gRPC status for the error.

type ErrRelationMissingTypeInfo added in v0.0.2 

type ErrRelationMissingTypeInfo struct {
	// contains filtered or unexported fields
}

ErrRelationMissingTypeInfo defines an error for when type information is missing from a relation during a lookup.

func (ErrRelationMissingTypeInfo) DetailsMetadata added in v1.14.0 

func (err ErrRelationMissingTypeInfo) DetailsMetadata() map[string]string

DetailsMetadata returns the metadata for details for this error.

func (ErrRelationMissingTypeInfo) MarshalZerologObject added in v0.0.2 

func (err ErrRelationMissingTypeInfo) MarshalZerologObject(e *zerolog.Event)

func (ErrRelationMissingTypeInfo) NamespaceName added in v0.0.2 

func (err ErrRelationMissingTypeInfo) NamespaceName() string

NamespaceName returns the name of the namespace in which the relation was found.

func (ErrRelationMissingTypeInfo) RelationName added in v0.0.2 

func (err ErrRelationMissingTypeInfo) RelationName() string

RelationName returns the name of the relation missing type information.

type ErrRelationNotFound 

type ErrRelationNotFound struct {
	// contains filtered or unexported fields
}

ErrRelationNotFound occurs when a relation was not found under a namespace.

func (ErrRelationNotFound) DetailsMetadata added in v1.14.0 

func (err ErrRelationNotFound) DetailsMetadata() map[string]string

DetailsMetadata returns the metadata for details for this error.

func (ErrRelationNotFound) MarshalZerologObject 

func (err ErrRelationNotFound) MarshalZerologObject(e *zerolog.Event)

func (ErrRelationNotFound) NamespaceName 

func (err ErrRelationNotFound) NamespaceName() string

NamespaceName returns the name of the namespace in which the relation was not found.

func (ErrRelationNotFound) NotFoundRelationName 

func (err ErrRelationNotFound) NotFoundRelationName() string

NotFoundRelationName returns the name of the relation not found.

type ErrUnimplemented added in v1.14.0 

type ErrUnimplemented struct {
	// contains filtered or unexported fields
}

ErrUnimplemented is returned when some functionality is not yet supported.

func (ErrUnimplemented) Unwrap added in v1.27.0 

func (e ErrUnimplemented) Unwrap() error

type ErrWildcardNotAllowed added in v1.34.0 

type ErrWildcardNotAllowed struct {
	// contains filtered or unexported fields
}

ErrWildcardNotAllowed occurs when a request sent has an invalid wildcard argument.

func (ErrWildcardNotAllowed) GRPCStatus added in v1.34.0 

func (err ErrWildcardNotAllowed) GRPCStatus() *status.Status

GRPCStatus implements retrieving the gRPC status for the error.

type ExpandReducer 

type ExpandReducer func(
	ctx context.Context,
	start *core.ObjectAndRelation,
	requests []ReduceableExpandFunc,
) ExpandResult

ExpandReducer is a type for the functions Any and All which combine check results.

type ExpandResult 

type ExpandResult struct {
	Resp *v1.DispatchExpandResponse
	Err  error
}

ExpandResult is the data that is returned by a single expand or sub-expand.

func (ExpandResult) ResultError added in v1.35.0 

func (er ExpandResult) ResultError() error

type MembershipSet added in v1.13.0 

type MembershipSet struct {
	// contains filtered or unexported fields
}

MembershipSet is a helper set that trackes the membership results for a dispatched Check request, including tracking of the caveats associated with found resource IDs.

func NewMembershipSet added in v1.13.0 

func NewMembershipSet() *MembershipSet

NewMembershipSet constructs a new helper set for tracking the membership found for a dispatched check request.

func (*MembershipSet) AddDirectMember added in v1.13.0 

func (ms *MembershipSet) AddDirectMember(resourceID string, caveat *core.ContextualizedCaveat)

AddDirectMember adds a resource ID that was *directly* found for the dispatched check, with optional caveat found on the relationship.

func (*MembershipSet) AddMemberViaRelationship added in v1.13.0 

func (ms *MembershipSet) AddMemberViaRelationship(
	resourceID string,
	resourceCaveatExpression *core.CaveatExpression,
	parentRelationship *core.RelationTuple,
)

AddMemberViaRelationship adds a resource ID that was found via another relationship, such as the result of an arrow operation. The `parentRelationship` is the relationship that was followed before the resource itself was resolved. This method will properly apply the caveat(s) from both the parent relationship and the resource's result itself, assuming either have a caveat associated.

func (*MembershipSet) AddMemberWithOptionalCaveats added in v1.35.0 

func (ms *MembershipSet) AddMemberWithOptionalCaveats(
	resourceID string,
	caveats []*core.CaveatExpression,
)

AddMemberWithOptionalCaveats adds the given resource ID as a member with the optional caveats combined via intersection.

func (*MembershipSet) AddMemberWithParentCaveat added in v1.36.0 

func (ms *MembershipSet) AddMemberWithParentCaveat(
	resourceID string,
	resourceCaveatExpression *core.CaveatExpression,
	parentCaveat *core.ContextualizedCaveat,
)

AddMemberWithParentCaveat adds the given resource ID as a member with the parent caveat combined via intersection with the resource's caveat. The parent caveat may be nil.

func (*MembershipSet) AsCheckResultsMap added in v1.13.0 

func (ms *MembershipSet) AsCheckResultsMap() CheckResultsMap

AsCheckResultsMap converts the membership set back into a CheckResultsMap for placement into a DispatchCheckResult.

func (*MembershipSet) GetResourceID added in v1.35.0 

func (ms *MembershipSet) GetResourceID(resourceID string) (bool, *core.CaveatExpression)

GetResourceID returns a bool indicating whether the resource is found in the set and the associated caveat expression, if any.

func (*MembershipSet) HasConcreteResourceID added in v1.16.0 

func (ms *MembershipSet) HasConcreteResourceID(resourceID string) bool

HasConcreteResourceID returns whether the resourceID was found in the set and has no caveat attached.

func (*MembershipSet) HasDeterminedMember added in v1.13.0 

func (ms *MembershipSet) HasDeterminedMember() bool

HasDeterminedMember returns whether there exists at least one non-caveated member of the set.

func (*MembershipSet) IntersectWith added in v1.13.0 

func (ms *MembershipSet) IntersectWith(resultsMap CheckResultsMap)

IntersectWith intersects the results found in the given map with the members of this set. The changes are made in-place.

func (*MembershipSet) IsEmpty added in v1.13.0 

func (ms *MembershipSet) IsEmpty() bool

IsEmpty returns true if the set is empty.

func (*MembershipSet) Size added in v1.16.0 

func (ms *MembershipSet) Size() int

Size returns the number of elements in the membership set.

func (*MembershipSet) Subtract added in v1.13.0 

func (ms *MembershipSet) Subtract(resultsMap CheckResultsMap)

Subtract subtracts the results found in the given map with the members of this set. The changes are made in-place.

func (*MembershipSet) UnionWith added in v1.13.0 

func (ms *MembershipSet) UnionWith(resultsMap CheckResultsMap)

UnionWith combines the results found in the given map with the members of this set. The changes are made in-place.

type ReduceableExpandFunc 

type ReduceableExpandFunc func(ctx context.Context, resultChan chan<- ExpandResult)

ReduceableExpandFunc is a function that can be bound to a execution context.

type ValidatedCheckRequest added in v1.3.0 

type ValidatedCheckRequest struct {
	*v1.DispatchCheckRequest
	Revision datastore.Revision

	// OriginalRelationName is the original relation/permission name that was used in the request,
	// before being changed due to aliasing.
	OriginalRelationName string
}

ValidatedCheckRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedExpandRequest added in v1.3.0 

type ValidatedExpandRequest struct {
	*v1.DispatchExpandRequest
	Revision datastore.Revision
}

ValidatedExpandRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedLookupResources2Request added in v1.35.0 

type ValidatedLookupResources2Request struct {
	*v1.DispatchLookupResources2Request
	Revision datastore.Revision
}

type ValidatedLookupResourcesRequest added in v1.22.0 

type ValidatedLookupResourcesRequest struct {
	*v1.DispatchLookupResourcesRequest
	Revision datastore.Revision
}

ValidatedLookupResourcesRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedLookupSubjectsRequest added in v1.12.0 

type ValidatedLookupSubjectsRequest struct {
	*v1.DispatchLookupSubjectsRequest
	Revision datastore.Revision
}

ValidatedLookupSubjectsRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedReachableResourcesRequest added in v1.8.0 

type ValidatedReachableResourcesRequest struct {
	*v1.DispatchReachableResourcesRequest
	Revision datastore.Revision
}

ValidatedReachableResourcesRequest represents a request after it has been validated and parsed for internal consumption.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.