model

package
v0.38.0-rc0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 28, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

AuthZProvider is the authz registry for models.

Functions

This section is empty.

Types

type ModelAuthZ

type ModelAuthZ interface {
	// GET /api/v1/models
	CanGetModels(ctx context.Context, curUser model.User, workspaceIDs []int32,
	) (workspaceIDsWithPermsFilter []int32, serverError error)
	// GET /api/v1/checkpoints/{checkpoint_uuid}
	// GET /api/v1/models/{model_name}
	// GET /api/v1/models/{model_name}/versions/{model_version_num}
	// GET /api/v1/models/{model_name}/versions
	CanGetModel(ctx context.Context, curUser model.User,
		m *modelv1.Model, workspaceID int32,
	) error
	// PATCH /api/v1/models/{model_name}
	// PATCH /api/v1/models/{model_name}/versions/{model_version_num}
	// POST /api/v1/models/{model_name}/versions
	// POST /api/v1/models/{model_name}/archive
	// POST /api/v1/models/{model_name}/unarchive
	CanEditModel(ctx context.Context, curUser model.User,
		m *modelv1.Model, workspaceID int32,
	) error
	// POST /api/v1/models
	CanCreateModel(ctx context.Context,
		curUser model.User, workspaceID int32,
	) error
	// DELETE /api/v1/models/{modelName}
	CanDeleteModel(ctx context.Context, curUser model.User,
		m *modelv1.Model, workspaceID int32,
	) error
	// DELETE /api/v1/models/{modelName}/versions/{modelVersionNum}
	CanDeleteModelVersion(ctx context.Context, curUser model.User,
		modelVersion *modelv1.ModelVersion, workspaceID int32) error
	// POST /api/v1/models/{model_name}/move
	CanMoveModel(ctx context.Context, curUser model.User, model *modelv1.Model,
		fromWorkspaceID int32, toWorkspaceID int32) error

	// GET /api/v1/models with filter to allow reading
	FilterReadableModelsQuery(
		ctx context.Context, curUser model.User, query *bun.SelectQuery,
	) (*bun.SelectQuery, error)
}

ModelAuthZ describes authz methods for experiments.

type ModelAuthZBasic

type ModelAuthZBasic struct{}

ModelAuthZBasic is basic OSS controls.

func (*ModelAuthZBasic) CanCreateModel

func (a *ModelAuthZBasic) CanCreateModel(ctx context.Context,
	curUser model.User, workspaceID int32,
) error

CanCreateModel always returns true and a nil error.

func (*ModelAuthZBasic) CanDeleteModel

func (a *ModelAuthZBasic) CanDeleteModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanDeleteModel returns an error if the model is not owned by the current user and the current user is not an admin.

func (*ModelAuthZBasic) CanDeleteModelVersion

func (a *ModelAuthZBasic) CanDeleteModelVersion(ctx context.Context, curUser model.User,
	modelVersion *modelv1.ModelVersion, workspaceID int32,
) error

CanDeleteModelVersion returns an error if the model/model version is not owned by the current user and the current user is not an admin.

func (*ModelAuthZBasic) CanEditModel

func (a *ModelAuthZBasic) CanEditModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanEditModel always returns true and a nil error.

func (*ModelAuthZBasic) CanGetModel

func (a *ModelAuthZBasic) CanGetModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanGetModel always returns true and a nil error.

func (*ModelAuthZBasic) CanGetModels

func (a *ModelAuthZBasic) CanGetModels(ctx context.Context,
	curUser model.User, workspaceIDs []int32,
) (workspaceIDsWithPermsFilter []int32, serverError error)

CanGetModels always returns true and a nil error.

func (*ModelAuthZBasic) CanMoveModel

func (a *ModelAuthZBasic) CanMoveModel(
	ctx context.Context,
	curUser model.User,
	modelRegister *modelv1.Model,
	fromWorkspaceID int32,
	toWorkspaceID int32,
) error

CanMoveModel always returns true and a nil error.

func (*ModelAuthZBasic) FilterReadableModelsQuery

func (a *ModelAuthZBasic) FilterReadableModelsQuery(
	ctx context.Context, curUser model.User, query *bun.SelectQuery,
) (*bun.SelectQuery, error)

FilterReadableModelsQuery returns the query unmodified and a nil error.

type ModelAuthZPermissive

type ModelAuthZPermissive struct{}

ModelAuthZPermissive is the permission implementation.

func (*ModelAuthZPermissive) CanCreateModel

func (a *ModelAuthZPermissive) CanCreateModel(ctx context.Context,
	curUser model.User, workspaceID int32,
) error

CanCreateModel calls RBAC authz but enforces basic authz..

func (*ModelAuthZPermissive) CanDeleteModel

func (a *ModelAuthZPermissive) CanDeleteModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanDeleteModel calls RBAC authz but enforces basic authz.

func (*ModelAuthZPermissive) CanDeleteModelVersion

func (a *ModelAuthZPermissive) CanDeleteModelVersion(ctx context.Context, curUser model.User,
	modelVersion *modelv1.ModelVersion, workspaceID int32,
) error

CanDeleteModelVersion calls RBAC authz but enforces basic authz.

func (*ModelAuthZPermissive) CanEditModel

func (a *ModelAuthZPermissive) CanEditModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanEditModel calls RBAC authz but enforces basic authz..

func (*ModelAuthZPermissive) CanGetModel

func (a *ModelAuthZPermissive) CanGetModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) error

CanGetModel calls RBAC authz but enforces basic authz..

func (*ModelAuthZPermissive) CanGetModels

func (a *ModelAuthZPermissive) CanGetModels(ctx context.Context,
	curUser model.User, workspaceIDs []int32,
) (workspaceIDsWithPermsFilter []int32, serverError error)

CanGetModels calls RBAC authz but enforces basic authz..

func (*ModelAuthZPermissive) CanMoveModel

func (a *ModelAuthZPermissive) CanMoveModel(ctx context.Context,
	curUser model.User, m *modelv1.Model, origin int32, destination int32,
) error

CanMoveModel always returns true.

func (*ModelAuthZPermissive) FilterReadableModelsQuery

func (a *ModelAuthZPermissive) FilterReadableModelsQuery(
	ctx context.Context, curUser model.User, query *bun.SelectQuery,
) (*bun.SelectQuery, error)

FilterReadableModelsQuery returns query and a nil error.

type ModelAuthZRBAC

type ModelAuthZRBAC struct{}

ModelAuthZRBAC RBAC enabled controls.

func (*ModelAuthZRBAC) CanCreateModel

func (a *ModelAuthZRBAC) CanCreateModel(ctx context.Context,
	curUser model.User, workspaceID int32,
) (err error)

CanCreateModel checks is user has permissions to create models.

func (*ModelAuthZRBAC) CanDeleteModel

func (a *ModelAuthZRBAC) CanDeleteModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) (err error)

CanDeleteModel checks if user has permission to delete model.

func (*ModelAuthZRBAC) CanDeleteModelVersion

func (a *ModelAuthZRBAC) CanDeleteModelVersion(ctx context.Context, curUser model.User,
	modelVersion *modelv1.ModelVersion, workspaceID int32,
) (err error)

CanDeleteModelVersion checks if user has permission to delete model version.

func (*ModelAuthZRBAC) CanEditModel

func (a *ModelAuthZRBAC) CanEditModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) (err error)

CanEditModel checks is user has permissions to edit models.

func (*ModelAuthZRBAC) CanGetModel

func (a *ModelAuthZRBAC) CanGetModel(ctx context.Context, curUser model.User,
	m *modelv1.Model, workspaceID int32,
) (err error)

CanGetModel checks if a user has permissions to view model.

func (*ModelAuthZRBAC) CanGetModels

func (a *ModelAuthZRBAC) CanGetModels(ctx context.Context, curUser model.User, workspaceIDs []int32,
) (workspaceIDsWithPermsFilter []int32, serverError error)

CanGetModels checks if a user has permissions to view models.

func (*ModelAuthZRBAC) CanMoveModel

func (a *ModelAuthZRBAC) CanMoveModel(ctx context.Context,
	curUser model.User, _ *modelv1.Model, origin int32, destination int32,
) (err error)

CanMoveModel checks for edit permission in origin and create permission in destination.

func (*ModelAuthZRBAC) FilterReadableModelsQuery

func (a *ModelAuthZRBAC) FilterReadableModelsQuery(
	ctx context.Context, curUser model.User, query *bun.SelectQuery,
) (*bun.SelectQuery, error)

FilterReadableModelsQuery returns query in relevant workspaces and a nil error.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL