The highest tagged major version is
Documentation
¶
Overview ¶
Package dbauthz provides an authorization layer on top of the database. This package exposes an interface that is currently a 1:1 mapping with database.Store.
The same cultural rules apply to this package as they do to database.Store. Meaning that each method implemented should keep the number of database queries as close to 1 as possible. Each method should do 1 thing, with no unexpected side effects (eg: updating multiple tables in a single method).
Do not implement business logic in this package. Only authorization related logic should be implemented here. In most cases, this should only be a call to the rbac authorizer.
When a new database method is added to database.Store, it should be added to this package as well. The unit test "Accounting" will ensure all methods are tested. See other unit tests for examples on how to write these.
Index ¶
- Variables
- func ActorFromContext(ctx context.Context) (rbac.Subject, bool)
- func As(ctx context.Context, actor rbac.Subject) context.Context
- func AsSystem(ctx context.Context) context.Context
- func New(db database.Store, authorizer rbac.Authorizer, logger slog.Logger) database.Store
- type NotAuthorizedError
Constants ¶
This section is empty.
Variables ¶
var AsRemoveActor = rbac.Subject{
ID: "remove-actor",
}
var ( // NoActorError wraps ErrNoRows for the api to return a 404. This is the correct // response when the user is not authorized. NoActorError = xerrors.Errorf("no authorization actor in context: %w", sql.ErrNoRows) )
Functions ¶
func ActorFromContext ¶
ActorFromContext returns the authorization subject from the context. All authentication flows should set the authorization subject in the context. If no actor is present, the function returns false.
func As ¶
As returns a context with the given actor stored in the context. This is used for cases where the actor touching the database is not the actor stored in the context. When you use this function, be sure to add a //nolint comment explaining why it is necessary.
func AsSystem ¶
AsSystem returns a context with a system actor. This is used for internal system operations that are not tied to any particular actor. When you use this function, be sure to add a //nolint comment explaining why it is necessary.
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility.
Types ¶
type NotAuthorizedError ¶
type NotAuthorizedError struct {
Err error
}
NotAuthorizedError is a sentinel error that unwraps to sql.ErrNoRows. This allows the internal error to be read by the caller if needed. Otherwise it will be handled as a 404.
func (NotAuthorizedError) Error ¶
func (e NotAuthorizedError) Error() string
func (NotAuthorizedError) Unwrap ¶
func (NotAuthorizedError) Unwrap() error
Unwrap will always unwrap to a sql.ErrNoRows so the API returns a 404. So 'errors.Is(err, sql.ErrNoRows)' will always be true.
Source Files