usergroup

package
v0.38.0-rc7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 4, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AuthZProvider authz.AuthZProviderType[UserGroupAuthZ]

AuthZProvider is the authz registry for `user` package.

Functions

func AddGroupTx 

func AddGroupTx(ctx context.Context, idb bun.IDB, group model.Group) (model.Group, error)

AddGroupTx adds a group to the database. Returns ErrDuplicateRow if a group already exists with the same name or ID. Will use db.Bun() if passed nil for idb.

func AddGroupWithMembers 

func AddGroupWithMembers(ctx context.Context, group model.Group, uids ...model.UserID) (model.Group,
	[]model.User, error,
)

AddGroupWithMembers creates a group and adds members to it all in one transaction. If an empty user set is passed in, no transaction is used for performance reasons.

func AddUsersToGroupsTx 

func AddUsersToGroupsTx(ctx context.Context, idb bun.IDB, groups []int, ignoreDuplicates bool,
	uids ...model.UserID,
) error

AddUsersToGroupsTx adds users to groups by creating GroupMembership rows. Returns ErrNotFound if the group isn't found or ErrDuplicateRow if one of the users is already in the group (unless ignoreDuplicates). Will use db.Bun() if passed nil for idb.

func CanViewGroup 

func CanViewGroup(ctx context.Context, userBelongsTo model.UserID, gid int) (err error)

CanViewGroup checks if a user has the ability to view the group by checking whether user has the assign roles permission or belongs to the group.

func DeleteGroup 

func DeleteGroup(ctx context.Context, gid int) error

DeleteGroup deletes a group from the database. Returns ErrNotFound if the group doesn't exist.

func GroupByIDTx 

func GroupByIDTx(ctx context.Context, idb bun.IDB, gid int) (model.Group, error)

GroupByIDTx looks for a group by id. Returns ErrNotFound if the group isn't found.

func ModifiableGroupsTx 

func ModifiableGroupsTx(ctx context.Context, idb bun.IDB, groups []int) error

ModifiableGroupsTx verifies that groups are in the DB and non-personal. Returns error if any group isn't found. Based on singular GroupByIDTx.

func RemoveUsersFromGroupsTx 

func RemoveUsersFromGroupsTx(ctx context.Context, idb bun.IDB, groups []int,
	uids ...model.UserID,
) error

RemoveUsersFromGroupsTx removes users from a group. Removes nothing and returns ErrNotFound if the group or all of the membership rows aren't found.

func SearchGroups 

func SearchGroups(
	ctx context.Context, name string, userBelongsTo model.UserID, offset, limit int,
) (groups []model.Group, memberCounts []int32, tableRows int, err error)

SearchGroups searches the database for groups. userBelongsTo is "optional" in that if a value < 1 is passed in, the parameter is ignored. SearchGroups does not return an error if no groups are found, as that is considered a successful search. SearchGroups includes personal groups which should not be exposed to an end user.

func SearchGroupsPaginated 

func SearchGroupsPaginated(ctx context.Context,
	query *bun.SelectQuery, offset, limit int,
) (groups []model.Group, memberCounts []int32, tableRows int, err error)

SearchGroupsPaginated adds pagination arguments to a group search query and executes it. SearchGroupsPaginated does not return an error if no groups are found (that is a successful search).

func SearchGroupsQuery 

func SearchGroupsQuery(name string, userBelongsTo model.UserID,
	includePersonal bool,
) *bun.SelectQuery

SearchGroupsQuery builds a query and returns it to the caller. userBelongsTo is "optional in that if a value < 1 is passed in, the parameter is ignored.

func SearchGroupsWithoutPersonalGroupsTx 

func SearchGroupsWithoutPersonalGroupsTx(
	ctx context.Context, idb bun.IDB, name string, userBelongsTo model.UserID,
) ([]model.Group, error)

SearchGroupsWithoutPersonalGroupsTx searches the database for groups. userBelongsTo is "optional" in that if a value < 1 is passed in, the parameter is ignored. SearchGroups does not return an error if no groups are found, as that is considered a successful search.

func UpdateGroupAndMembers 

func UpdateGroupAndMembers(
	ctx context.Context,
	gid int, name string,
	addUsers,
	removeUsers []model.UserID,
) ([]model.User, string, error)

UpdateGroupAndMembers updates a group and adds or removes members all in one transaction.

func UpdateGroupTx 

func UpdateGroupTx(ctx context.Context, idb bun.IDB, group model.Group) error

UpdateGroupTx updates a group in the database. Returns ErrNotFound if the group isn't found.

func UpdateGroupsForMultipleUsers 

func UpdateGroupsForMultipleUsers(
	ctx context.Context,
	modUsers []model.UserID,
	addGroups []int,
	removeGroups []int,
) error

UpdateGroupsForMultipleUsers adds and removes group associations for multiple members.

func UpdateUserGroupMembershipTx 

func UpdateUserGroupMembershipTx(ctx context.Context, tx bun.IDB, u *model.User, groups []string) error

UpdateUserGroupMembershipTx takes in slice of groups, and updates a user's membership in those groups.

func UpdateUsersTimestampTx 

func UpdateUsersTimestampTx(ctx context.Context, idb bun.IDB,
	uids []model.UserID,
) error

UpdateUsersTimestampTx updates the user modified_at field to the present time.

func UsersInGroupTx 

func UsersInGroupTx(ctx context.Context, idb bun.IDB, gid int) ([]model.User, error)

UsersInGroupTx searches for users that belong to a group and returns them. Does not return ErrNotFound if none are found, as that is considered a successful search. Will use db.Bun() if passed nil for idb.

Types

type UserGroupAPIServer 

type UserGroupAPIServer struct{}

UserGroupAPIServer is an embedded api server struct.

func (*UserGroupAPIServer) AssignMultipleGroups 

func (a *UserGroupAPIServer) AssignMultipleGroups(ctx context.Context, req *apiv1.AssignMultipleGroupsRequest,
) (resp *apiv1.AssignMultipleGroupsResponse, err error)

AssignMultipleGroups will assign or un-assign groups from any included users.

func (*UserGroupAPIServer) CreateGroup 

func (a *UserGroupAPIServer) CreateGroup(ctx context.Context, req *apiv1.CreateGroupRequest,
) (resp *apiv1.CreateGroupResponse, err error)

CreateGroup creates a group and adds members to it, if any.

func (*UserGroupAPIServer) DeleteGroup 

func (a *UserGroupAPIServer) DeleteGroup(ctx context.Context, req *apiv1.DeleteGroupRequest,
) (resp *apiv1.DeleteGroupResponse, err error)

DeleteGroup deletes the database entry for the group.

func (*UserGroupAPIServer) GetGroup 

func (a *UserGroupAPIServer) GetGroup(ctx context.Context, req *apiv1.GetGroupRequest,
) (resp *apiv1.GetGroupResponse, err error)

GetGroup finds and returns details of the group specified.

func (*UserGroupAPIServer) GetGroups 

func (a *UserGroupAPIServer) GetGroups(ctx context.Context, req *apiv1.GetGroupsRequest,
) (resp *apiv1.GetGroupsResponse, err error)

GetGroups searches for groups that fulfills the criteria given by the user.

func (*UserGroupAPIServer) UpdateGroup 

func (a *UserGroupAPIServer) UpdateGroup(ctx context.Context, req *apiv1.UpdateGroupRequest,
) (resp *apiv1.UpdateGroupResponse, err error)

UpdateGroup updates the group and returns the newly updated group details.

type UserGroupAuthZ 

type UserGroupAuthZ interface {
	// CanGetGroup checks whether a user can get a group.
	// GET /api/v1/groups/{group_id}
	CanGetGroup(ctx context.Context, curUser model.User, gid int) error

	// FilterGroupsList checks what groups a user can get.
	// POST /api/v1/groups/search
	FilterGroupsList(ctx context.Context, curUser model.User, query *bun.SelectQuery) (
		*bun.SelectQuery, error)

	// CanUpdateGroups checks if a user can create, delete, or update a group.
	// POST /api/v1/groups
	// PUT /api/v1/groups/{group_id}
	// DELETE /api/v1/groups/{group_id}
	CanUpdateGroups(ctx context.Context, curUser model.User) error
}

UserGroupAuthZ describes authz methods for `user` package.

type UserGroupAuthZBasic 

type UserGroupAuthZBasic struct{}

UserGroupAuthZBasic is basic OSS controls.

func (*UserGroupAuthZBasic) CanGetGroup 

func (a *UserGroupAuthZBasic) CanGetGroup(ctx context.Context, curUser model.User, gid int) error

CanGetGroup always returns nil.

func (*UserGroupAuthZBasic) CanUpdateGroups 

func (a *UserGroupAuthZBasic) CanUpdateGroups(ctx context.Context, curUser model.User) error

CanUpdateGroups always returns nil.

func (*UserGroupAuthZBasic) FilterGroupsList 

func (a *UserGroupAuthZBasic) FilterGroupsList(ctx context.Context, curUser model.User,
	query *bun.SelectQuery,
) (*bun.SelectQuery, error)

FilterGroupsList returns the list it was given and a nil error.

type UserGroupAuthZPermissive 

type UserGroupAuthZPermissive struct{}

UserGroupAuthZPermissive is the permission implementation.

func (*UserGroupAuthZPermissive) CanGetGroup 

func (p *UserGroupAuthZPermissive) CanGetGroup(
	ctx context.Context, curUser model.User, gid int,
) error

CanGetGroup calls RBAC authz but enforces basic authz.

func (*UserGroupAuthZPermissive) CanUpdateGroups 

func (p *UserGroupAuthZPermissive) CanUpdateGroups(
	ctx context.Context, curUser model.User,
) error

CanUpdateGroups calls RBAC authz but enforces basic authz.

func (*UserGroupAuthZPermissive) FilterGroupsList 

func (p *UserGroupAuthZPermissive) FilterGroupsList(
	ctx context.Context, curUser model.User, query *bun.SelectQuery,
) (*bun.SelectQuery, error)

FilterGroupsList calls RBAC authz but enforces basic authz.

type UserGroupAuthZRBAC 

type UserGroupAuthZRBAC struct{}

UserGroupAuthZRBAC is the RBAC implementation.

func (*UserGroupAuthZRBAC) CanGetGroup 

func (a *UserGroupAuthZRBAC) CanGetGroup(ctx context.Context, curUser model.User, gid int) error

CanGetGroup checks if a user can view a given group.

func (*UserGroupAuthZRBAC) CanUpdateGroups 

func (a *UserGroupAuthZRBAC) CanUpdateGroups(ctx context.Context, curUser model.User) (err error)

CanUpdateGroups checks if a user can create, delete, or update groups.

func (*UserGroupAuthZRBAC) FilterGroupsList 

func (a *UserGroupAuthZRBAC) FilterGroupsList(ctx context.Context, curUser model.User,
	query *bun.SelectQuery,
) (selectQuery *bun.SelectQuery, err error)

FilterGroupsList returns the list it was given and a nil error.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.