rule

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 14, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package rule contains policy rules

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AllowAfterApplyingPrivacyTokenFilter added in v0.2.4

func AllowAfterApplyingPrivacyTokenFilter(
	emptyToken token.PrivacyToken,
	applyFilter func(t token.PrivacyToken, filter privacy.Filter),
) privacy.QueryMutationRule

AllowAfterApplyingPrivacyTokenFilter allows the mutation to proceed if a privacy token of a specific type is found in the context. It also applies a privacy filter to the token before allowing the mutation to proceed

func AllowIfAdmin added in v0.1.1

func AllowIfAdmin() privacy.QueryMutationRule

AllowIfAdmin is used to determine whether a query or mutation should be allowed or skipped based on the user's admin status TODO: implement setting admin, this will currently always return a skip

func AllowIfContextHasPrivacyTokenOfType added in v0.2.4

func AllowIfContextHasPrivacyTokenOfType(emptyToken token.PrivacyToken) privacy.QueryMutationRule

AllowIfContextHasPrivacyTokenOfType allows a mutation to proceed if a privacy token of a specific type is found in the context. It checks if the actual type of the token in the context matches the expected type, and if so, it returns `privacy.Allow`. If the types do not match, it returns `privacy.Skipf` with a message indicating that no token was found in the context with the expected type

func AllowIfOwnedByViewer added in v0.2.4

func AllowIfOwnedByViewer() privacy.QueryMutationRule

AllowIfOwnedByViewer determines whether a query or mutation operation should be allowed based on whether the requested data is owned by the viewer

func AllowIfSelf added in v0.2.4

func AllowIfSelf() privacy.QueryMutationRule

AllowIfSelf determines whether a query or mutation operation should be allowed based on whether the requested data is for the viewer

func AllowMutationAfterApplyingOwnerFilter added in v0.2.4

func AllowMutationAfterApplyingOwnerFilter() privacy.MutationRule

AllowMutationAfterApplyingOwnerFilter defines a privacy rule for mutations in the context of an owner filter

func AllowMutationIfContextHasValidEmailSignUpToken added in v0.2.4

func AllowMutationIfContextHasValidEmailSignUpToken(getEmail MutationEmailGetter) privacy.MutationRule

AllowMutationIfContextHasValidEmailSignUpToken is used to determine whether a mutation should be allowed or skipped based on the presence and validity of an email signup token in the context

func CanCreateGroupsInOrg

func CanCreateGroupsInOrg() privacy.GroupMutationRuleFunc

CanCreateGroupsInOrg is a rule that returns allow decision if user has edit access in the organization

func ContextHasPrivacyTokenOfType added in v0.2.6

func ContextHasPrivacyTokenOfType(ctx context.Context, emptyToken token.PrivacyToken) bool

ContextHasPrivacyTokenOfType checks the context for the token type and returns true if they match

func DenyIfNoSubject

func DenyIfNoSubject() privacy.QueryMutationRule

DenyIfNoSubject is a rule that returns deny decision if the subject is missing in the context.

func DenyIfNoViewer added in v0.1.1

func DenyIfNoViewer() privacy.QueryMutationRule

DenyIfNoViewer returns deny if viewer is not present in context

func HasGroupMutationAccess

func HasGroupMutationAccess() privacy.GroupMutationRuleFunc

HasGroupMutationAccess is a rule that returns allow decision if user has edit or delete access

func HasGroupReadAccess

func HasGroupReadAccess() privacy.GroupQueryRuleFunc

HasGroupReadAccess is a rule that returns allow decision if user has view access

func HasInviteEditAccess added in v0.2.6

func HasInviteEditAccess() privacy.InviteMutationRuleFunc

HasInviteEditAccess is a rule that returns allow decision if user has edit access to invite users to an organization TODO: this should able to be more generic

func HasOrgMutationAccess

func HasOrgMutationAccess() privacy.OrganizationMutationRuleFunc

HasOrgMutationAccess is a rule that returns allow decision if user has edit or delete access

func HasOrgReadAccess

func HasOrgReadAccess() privacy.OrganizationQueryRuleFunc

HasOrgReadAccess is a rule that returns allow decision if user has view access

Types

type MutationEmailGetter added in v0.2.4

type MutationEmailGetter func(generated.Mutation) (string, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL