Documentation
¶
Index ¶
- Variables
- func HasControversialExpressions(_ context.Context, body []*ast.Expr) (ret bool)
- func NormalizeExpressions(ctx context.Context, body ast.Body) (exprs ast.Body, changed bool)
- func NormalizeQueries(ctx context.Context, queries []ast.Body) (ret []ast.Body, changed bool)
- func TranslateExpression[EXPR any](ctx context.Context, astExpr *ast.Expr, opt *TranslateOption[EXPR]) (ret EXPR, err error)
- func TranslateOperationExpr[EXPR any](ctx context.Context, astExpr *ast.Expr, opt *TranslateOption[EXPR]) (ret EXPR, err error)
- func TranslatePartialQueries[EXPR any](ctx context.Context, pq *rego.PartialQueries, opts ...TranslateOptions[EXPR]) ([]EXPR, error)
- func TranslateThreeTermsOp[EXPR any](ctx context.Context, astExpr *ast.Expr, opt *TranslateOption[EXPR]) (ret EXPR, err error)
- type NoopPartialQueryMapper
- type NoopQueryTranslator
- func (t NoopQueryTranslator) And(_ context.Context, exprs ...string) string
- func (t NoopQueryTranslator) Comparison(_ context.Context, op ast.Ref, colRef ast.Ref, val interface{}) (string, error)
- func (t NoopQueryTranslator) Negate(_ context.Context, expr string) string
- func (t NoopQueryTranslator) Or(_ context.Context, exprs ...string) string
- type QueryTranslator
- type TranslateOption
- type TranslateOptions
Constants ¶
This section is empty.
Variables ¶
View Source
var ( TermInternal = ast.VarTerm("internal") OpInternal = ast.Ref([]*ast.Term{TermInternal}) OpIn = ast.Ref([]*ast.Term{TermInternal, ast.StringTerm("in")}) OpEqual = ast.Equality.Ref() OpEq = ast.Equal.Ref() OpNeq = ast.NotEqual.Ref() OpLte = ast.LessThanEq.Ref() OpLt = ast.LessThan.Ref() OpGte = ast.GreaterThanEq.Ref() OpGt = ast.GreaterThan.Ref() )
View Source
var ( OpHashEqual = OpEqual.Hash() OpHashEq = OpEq.Hash() OpHashNeq = OpNeq.Hash() OpHashLte = OpLte.Hash() OpHashLt = OpLt.Hash() OpHashGte = OpGte.Hash() OpHashGt = OpGt.Hash() OpHashIn = OpIn.Hash() )
View Source
var (
ParsingError = opa.NewError(`generic OPA partial query parsing error`)
)
Functions ¶
func HasControversialExpressions ¶
HasControversialExpressions analyze given expression and return true if it contains controversial expressions: Examples: - "value1 = input.resource.field AND value2 = input.resource.field" - "value1 = input.resource.field AND value1 != input.resource.field"
func NormalizeExpressions ¶
NormalizeExpressions remove duplicate expressions in query
func NormalizeQueries ¶
NormalizeQueries remove duplicate queries and duplicate expressions in each query
func TranslateExpression ¶
func TranslateOperationExpr ¶
func TranslatePartialQueries ¶
func TranslatePartialQueries[EXPR any](ctx context.Context, pq *rego.PartialQueries, opts ...TranslateOptions[EXPR]) ([]EXPR, error)
TranslatePartialQueries translate OPA partial queries into other expression languages. e.g. Postgres expression Note: 1. When PartialQueries.Queries is empty, it means access is DENIED regardless any unknown values 2. When PartialQueries.Queries is not empty but contains nil body, it means access is GRANTED regardless any unknown values
func TranslateThreeTermsOp ¶
Types ¶
type NoopPartialQueryMapper ¶
type NoopPartialQueryMapper struct{}
func (NoopPartialQueryMapper) MapResults ¶
func (m NoopPartialQueryMapper) MapResults(pq *rego.PartialQueries) (interface{}, error)
func (NoopPartialQueryMapper) ResultToJSON ¶
func (m NoopPartialQueryMapper) ResultToJSON(result interface{}) (interface{}, error)
type NoopQueryTranslator ¶
type NoopQueryTranslator struct{}
func (NoopQueryTranslator) And ¶
func (t NoopQueryTranslator) And(_ context.Context, exprs ...string) string
func (NoopQueryTranslator) Comparison ¶
type QueryTranslator ¶
type TranslateOption ¶
type TranslateOption[EXPR any] struct { Translator QueryTranslator[EXPR] }
type TranslateOptions ¶
type TranslateOptions[EXPR any] func(opts *TranslateOption[EXPR])
Source Files
Click to show internal directories.
Click to hide internal directories.