model

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 21, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AccessLevelBasic       = 0
	AccessLevelNoAnonymous = 1
	AccessLevelAccount     = 2
	AccessLevelSystem      = 3
)

Variables

View Source
var Anonymous = User{ID: 0}

Anonymous user object

Functions

This section is empty.

Types

type Account

type Account struct {
	ID      uint64        `json:"id" gorm:"primaryKey"`
	Approve ApproveStatus `json:"approved" db:"approve_status" gorm:"column:approve_status" `

	Title       string `json:"title"`
	Description string `json:"description"`

	// LogoURI is an URL string that references a logo for the client.
	LogoURI string `json:"logo_uri" gorm:"column:logo_uri"`

	// PolicyURI is a URL string that points to a human-readable privacy policy document
	// that describes how the deployment organization collects, uses,
	// retains, and discloses personal data.
	PolicyURI string `json:"policy_uri" gorm:"column:policy_uri"`

	// TermsOfServiceURI is a URL string that points to a human-readable terms of service
	// document for the client that describes a contractual relationship
	// between the end-user and the client that the end-user accepts when
	// authorizing the client.
	TermsOfServiceURI string `json:"tos_uri" gorm:"column:tos_uri"`

	// ClientURI is an URL string of a web page providing information about the client.
	// If present, the server SHOULD display this URL to the end-user in
	// a clickable fashion.
	ClientURI string `json:"client_uri" gorm:"column:client_uri"`

	// Contacts is a array of strings representing ways to contact people responsible
	// for this client, typically email addresses.
	Contacts gosql.NullableStringArray `json:"contacts" gorm:"column:contacts;type:text[]"`

	Permissions permissionChecker `json:"-" gorm:"-"`
	Admins      []uint64          `json:"-" gorm:"-"`

	CreatedAt time.Time      `json:"created_at"`
	UpdatedAt time.Time      `json:"updated_at"`
	DeletedAt gorm.DeletedAt `json:"deleted_at"`
}

Account provides the information about the account

func PermissionCheckAccountFromContext

func PermissionCheckAccountFromContext(ctx context.Context) *Account

PermissionCheckAccountFromContext returns the original account for check

func (*Account) CheckPermissions

func (acc *Account) CheckPermissions(ctx context.Context, resource any, patterns ...string) bool

CheckPermissions for some specific resource

func (*Account) CheckedPermissions

func (acc *Account) CheckedPermissions(ctx context.Context, resource any, patterns ...string) rbac.Permission

CheckedPermissions for some specific resource

func (*Account) ExtendAdminUsers

func (acc *Account) ExtendAdminUsers(ids ...uint64)

ExtendAdminUsers to the account

func (*Account) ExtendPermissions

func (acc *Account) ExtendPermissions(perm permissionChecker)

ExtendPermissions of the account for the user

func (*Account) HasPermission

func (acc *Account) HasPermission(patterns ...string) bool

HasPermission for the account

func (*Account) IsAdminUser

func (acc *Account) IsAdminUser(userID uint64) bool

IsApproved account

func (*Account) IsAnonymous

func (acc *Account) IsAnonymous() bool

IsAnonymous account

func (*Account) IsOwnerUser

func (acc *Account) IsOwnerUser(userID uint64) bool

IsOwnerUser of the account

func (*Account) ListPermissions

func (acc *Account) ListPermissions(patterns ...string) []rbac.Permission

ListPermissions for the account

func (*Account) OwnerAccountID

func (acc *Account) OwnerAccountID() uint64

OwnerAccountID returns the account ID which belongs the object

func (*Account) RBACResourceName

func (acc *Account) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Account) TableName

func (acc *Account) TableName() string

TableName of the model in the database

type AccountMember

type AccountMember struct {
	ID      uint64        `db:"id" gorm:"primaryKey"`
	Approve ApproveStatus `db:"approve_status" gorm:"column:approve_status"`

	AccountID uint64   `db:"account_id"`
	Account   *Account `db:"-" gorm:"foreignKey:AccountID;references:ID"`
	UserID    uint64   `db:"user_id"`
	User      *User    `db:"-" gorm:"foreignKey:UserID;references:ID"`

	// Superuser permissions for the current account
	// Despite of that optinion that better to use roles as the only way of permission issue
	//   the Owner flag in most of cases is very useful approach which prevent many problems related to
	//   permission updates.
	// Admin permission restricted by some limits which available only to superusers and managers.
	IsAdmin bool `db:"is_admin"`

	// Roles of the member
	Roles []*Role `gorm:"many2many:m2m_account_member_role;foreignKey:ID;joinForeignKey:MemberID;references:ID;joinReferences:RoleID"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AccountMember contains reference from user to account as memeber

func (*AccountMember) OwnerAccountID

func (member *AccountMember) OwnerAccountID() uint64

func (*AccountMember) RBACResourceName

func (member *AccountMember) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AccountMember) TableName

func (member *AccountMember) TableName() string

TableName of the model in the database

type AccountSocial

type AccountSocial struct {
	ID     uint64 `db:"id" gorm:"primaryKey"`
	UserID uint64 `db:"user_id"`
	User   *User  `db:"-" gorm:"foreignKey:UserID"`

	SocialID  string `db:"social_id"` // social network user id
	Provider  string `db:"provider"`  // facebook, google, twitter, github, etc
	Email     string `db:"email"`
	FirstName string `db:"first_name"`
	LastName  string `db:"last_name"`
	Username  string `db:"username"`
	Avatar    string `db:"avatar"`
	Link      string `db:"link"`

	// Data is a JSON object with additional data
	Data gosql.NullableJSON[map[string]any] `db:"data" gorm:"type:jsonb"`

	// Sessions list linked to the account
	Sessions []*AccountSocialSession `db:"-" gorm:"foreignKey:AccountSocialID;references:ID"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AccountSocial object represents a social network account

func (*AccountSocial) CreatorUserID

func (m *AccountSocial) CreatorUserID() uint64

CreatorUserID returns the ID of the owner of the resource

func (*AccountSocial) RBACResourceName

func (m *AccountSocial) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AccountSocial) TableName

func (m *AccountSocial) TableName() string

TableName in database

type AccountSocialSession

type AccountSocialSession struct {
	// Unique name of the session to destinguish between different sessions with different scopes
	Name            string `db:"name" gorm:"primaryKey"`
	AccountSocialID uint64 `db:"account_social_id" gorm:"primaryKey;autoIncrement:false"`

	TokenType    string                    `db:"token_type" json:"token_type,omitempty"`
	AccessToken  string                    `db:"access_token" json:"access_token"`
	RefreshToken string                    `db:"refresh_token" json:"refresh_token"`
	Scopes       gosql.NullableStringArray `db:"scopes" json:"scopes,omitempty" gorm:"type:text[]"`

	CreatedAt time.Time      `db:"created_at" json:"created_at"`
	UpdatedAt time.Time      `db:"updated_at" json:"updated_at"`
	ExpiresAt null.Time      `db:"expires_at" json:"expires_at,omitempty"`
	DeletedAt gorm.DeletedAt `db:"deleted_at" json:"deleted_at,omitempty"`
}

func (*AccountSocialSession) TableName

func (m *AccountSocialSession) TableName() string

TableName in database

type ApproveStatus

type ApproveStatus int

ApproveStatus of the model

const (
	UndefinedApproveStatus   ApproveStatus = 0
	PendingApproveStatus     ApproveStatus = 0
	ApprovedApproveStatus    ApproveStatus = 1
	DisapprovedApproveStatus ApproveStatus = 2
	BannedApproveStatus      ApproveStatus = 3
)

ApproveStatus option constants...

func (ApproveStatus) IsApproved

func (s ApproveStatus) IsApproved() bool

func (ApproveStatus) IsRejected

func (s ApproveStatus) IsRejected() bool

func (ApproveStatus) IsUndefined

func (s ApproveStatus) IsUndefined() bool

func (ApproveStatus) String

func (s ApproveStatus) String() string

type AuthClient

type AuthClient struct {
	// ClientID is the client ID which represents unique connection indentificator
	ID string `db:"id"`

	// Owner and creator of the auth client
	AccountID uint64 `db:"account_id"`
	UserID    uint64 `db:"user_id"`

	// Title of the AuthClient as himan readable name
	Title string `db:"title"`

	// Secret is the client's secret. The secret will be included in the create request as cleartext, and then
	// never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users
	// that they need to write the secret down as it will not be made available again.
	Secret string `db:"secret"`

	// RedirectURIs is an array of allowed redirect urls for the client, for example http://mydomain/oauth/callback .
	RedirectURIs gosql.NullableStringArray `db:"redirect_uris" gorm:"type:text[]"`

	// GrantTypes is an array of grant types the client is allowed to use.
	//
	// Pattern: client_credentials|authorization_code|implicit|refresh_token
	GrantTypes gosql.NullableStringArray `db:"grant_types" gorm:"type:text[]"`

	// ResponseTypes is an array of the OAuth 2.0 response type strings that the client can
	// use at the authorization endpoint.
	//
	// Pattern: id_token|code|token
	ResponseTypes gosql.NullableStringArray `db:"response_types" gorm:"type:text[]"`

	// Scope is a string containing a space-separated list of scope values (as
	// described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client
	// can use when requesting access tokens.
	//
	// Pattern: ([a-zA-Z0-9\.\*]+\s?)+
	Scope string `db:"scope"`

	// Audience is a whitelist defining the audiences this client is allowed to request tokens for. An audience limits
	// the applicability of an OAuth 2.0 Access Token to, for example, certain API endpoints. The value is a list
	// of URLs. URLs MUST NOT contain whitespaces.
	Audience gosql.NullableStringArray `json:"audience" gorm:"type:text[]"`

	// SubjectType requested for responses to this Client. The subject_types_supported Discovery parameter contains a
	// list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.
	SubjectType string `db:"subject_type"`

	// AllowedCORSOrigins are one or more URLs (scheme://host[:port]) which are allowed to make CORS requests
	// to the /oauth/token endpoint. If this array is empty, the sever's CORS origin configuration (`CORS_ALLOWED_ORIGINS`)
	// will be used instead. If this array is set, the allowed origins are appended to the server's CORS origin configuration.
	// Be aware that environment variable `CORS_ENABLED` MUST be set to `true` for this to work.
	AllowedCORSOrigins gosql.NullableStringArray `db:"allowed_cors_origins" gorm:"type:text[]"`

	// Public flag tells that the client is public
	Public bool `db:"public"`

	// ExpiresAt contins the time of expiration of the client
	ExpiresAt time.Time `db:"expires_at"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AuthClient object represents an OAuth 2.0 client

func (*AuthClient) OwnerAccountID

func (m *AuthClient) OwnerAccountID() uint64

OwnerAccountID returns the account ID which belongs the object

func (*AuthClient) RBACResourceName

func (m *AuthClient) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AuthClient) TableName

func (m *AuthClient) TableName() string

TableName in database

type AuthSession

type AuthSession struct {
	ID     uint64 `db:"id"`
	Active bool   `db:"active"`

	ClientID string `db:"client_id"` // Internal AuthClient id
	Username string `db:"username"`
	Subject  string `db:"subject"`

	RequestID string `db:"request_id"`

	// AccessToken is the main access token for the session
	AccessToken           string      `db:"access_token"`
	AccessTokenExpiresAt  time.Time   `db:"access_token_expires_at"`
	RefreshToken          null.String `db:"refresh_token" gorm:"type:text"`
	RefreshTokenExpiresAt time.Time   `db:"refresh_token_expires_at"`

	Form              string                    `db:"form"`
	RequestedScope    gosql.NullableStringArray `db:"requested_scope" gorm:"type:text[]"`
	GrantedScope      gosql.NullableStringArray `db:"granted_scope" gorm:"type:text[]"`
	RequestedAudience gosql.NullableStringArray `db:"requested_audience" gorm:"type:text[]"`
	GrantedAudience   gosql.NullableStringArray `db:"granted_audience" gorm:"type:text[]"`

	CreatedAt time.Time      `db:"created_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AuthSession describes session object of the external applications which are authenticated by the oauth2 protocol with the current service

func (*AuthSession) RBACResourceName

func (m *AuthSession) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AuthSession) TableName

func (m *AuthSession) TableName() string

TableName in database

type AvailableStatus

type AvailableStatus int

AvailableStatus type

const (
	UndefinedAvailableStatus   AvailableStatus = 0
	AvailableAvailableStatus   AvailableStatus = 1
	UnavailableAvailableStatus AvailableStatus = 2
)

AvailableStatus option constants...

type DirectAccessToken

type DirectAccessToken struct {
	ID          uint64           `json:"id"`
	Token       string           `json:"token"`
	Description string           `json:"description"`
	UserID      sql.Null[uint64] `json:"user_id"`
	AccountID   uint64           `json:"account_id"`

	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

func (*DirectAccessToken) RBACResourceName

func (m *DirectAccessToken) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*DirectAccessToken) TableName

func (m *DirectAccessToken) TableName() string

type HistoryAction

type HistoryAction struct {
	ID        uuid.UUID `gorm:"type:uuid;primaryKey;"`
	RequestID string    `gorm:"type:varchar(255);not null;index:idx_history_actions_request_id;"`

	UserID    uint64 `json:"user_id" gorm:"index:idx_history_actions_user_id;not null;"`
	AccountID uint64 `json:"account_id" gorm:"index:idx_history_actions_account_id;not null;"`

	Name    string `gorm:"type:varchar(255);not null;index:idx_history_actions_name;"`
	Message string `gorm:"type:text;not null;"`

	ObjectType string                             `gorm:"type:varchar(255);not null;index:idx_history_actions_object_type;"`
	ObjectID   uint64                             `gorm:"type:bigint;not null;index:idx_history_actions_object_id;"`
	ObjectIDs  string                             `gorm:"type:varchar(255);not null;index:idx_history_actions_object_ids;"`
	Data       gosql.NullableJSON[map[string]any] `gorm:"type:jsonb;not null;"`

	ActionAt time.Time `gorm:"type:timestamp;not null;index:idx_history_actions_at;"`
}

HistoryAction model used for store history of actions.

func (*HistoryAction) CreatorUserID

func (act *HistoryAction) CreatorUserID() uint64

func (*HistoryAction) DataMap

func (act *HistoryAction) DataMap() map[string]any

DataMap returns data as map.

func (*HistoryAction) DataTo

func (act *HistoryAction) DataTo(dest any) error

DataTo unmarshal data to dest.

func (*HistoryAction) OwnerAccountID

func (act *HistoryAction) OwnerAccountID() uint64

func (*HistoryAction) RBACResourceName

func (*HistoryAction) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*HistoryAction) TableName

func (*HistoryAction) TableName() string

TableName returns name of table.

type M2MAccountMemberRole

type M2MAccountMemberRole struct {
	MemberID  uint64    `db:"member_id" gorm:"primaryKey"`
	RoleID    uint64    `db:"role_id" gorm:"primaryKey"`
	CreatedAt time.Time `db:"created_at"`
}

M2MAccountMemberRole m2m link between members and roles|permissions

func (*M2MAccountMemberRole) TableName

func (member *M2MAccountMemberRole) TableName() string

TableName of the model in the database

type M2MRole

type M2MRole struct {
	ParentRoleID uint64    `db:"parent_role_id" gorm:"primaryKey"`
	ChildRoleID  uint64    `db:"child_role_id" gorm:"primaryKey"`
	CreatedAt    time.Time `db:"created_at"`
}

M2MRole link parent and child role

func (*M2MRole) TableName

func (m2m *M2MRole) TableName() string

TableName of the model in the database

type Option

type Option struct {
	Type     OptionType              `json:"type"`
	TargetID uint64                  `json:"target_id"`
	Name     string                  `json:"name"`
	Value    gosql.NullableJSON[any] `json:"value" gorm:"type:jsonb"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

func (*Option) CreatorUserID

func (o *Option) CreatorUserID() uint64

func (*Option) OwnerAccountID

func (o *Option) OwnerAccountID() uint64

func (*Option) RBACResourceName

func (o *Option) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Option) TableName

func (o *Option) TableName() string

type OptionType

type OptionType string
const (
	UndefinedOptionType OptionType = "undefined"
	UserOptionType      OptionType = "user"
	AccountOptionType   OptionType = "account"
	SystemOptionType    OptionType = "system"
)

type Order

type Order int8
const (
	OrderUndefined Order = 0
	OrderAsc       Order = 1
	OrderDesc      Order = -1
)

func OrderFromStr

func OrderFromStr(s string) Order

PrepareQuery returns the query with applied order

func (*Order) IsAsc added in v0.1.1

func (ord *Order) IsAsc() bool

IsAsc returns true if the order is ascending

func (*Order) IsDefined added in v0.1.1

func (ord *Order) IsDefined() bool

IsDefined returns true if the order is defined

func (*Order) IsDesc added in v0.1.1

func (ord *Order) IsDesc() bool

IsDesc returns true if the order is descending

func (*Order) PrepareQuery

func (ord *Order) PrepareQuery(q *gorm.DB, column string) *gorm.DB

PrepareQuery returns the query with applied order

func (*Order) Set

func (ord *Order) Set(s string) *Order

Set sets the order value from string

type Role

type Role struct {
	ID    uint64 `db:"id"`
	Name  string `db:"name"`
	Title string `db:"title"`

	Description string `db:"description"`

	// Contains additional data for the role
	Context gosql.NullableJSON[map[string]any] `db:"context"`

	ChildRoles         []*Role                   `db:"-" gorm:"many2many:m2m_rbac_role;ForeignKey:ID;joinForeignKey:parent_role_id;joinReferences:child_role_id;References:ID"`
	PermissionPatterns gosql.NullableStringArray `db:"permissions" gorm:"column:permissions;type:text[]"`

	AccessLevel int `db:"access_level"` // 0 - any, 1 - no anonymous, 2 - account, >=3 - system

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

Role base model

func (*Role) ContextItem

func (role *Role) ContextItem(name string) any

ContextItem returns one value by name from context

func (*Role) ContextItemString

func (role *Role) ContextItemString(name string) string

ContextItemString returns one string value by name from context

func (*Role) ContextMap

func (role *Role) ContextMap() map[string]any

ContextMap returns the map from the context

func (*Role) GetTitle

func (role *Role) GetTitle() string

GetTitle from role object nolint:unused // exported

func (*Role) RBACResourceName

func (role *Role) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Role) TableName

func (role *Role) TableName() string

TableName of the model in the database

type User

type User struct {
	ID       uint64 `json:"id" gorm:"primaryKey"`
	Email    string `json:"email"`
	Password string `json:"password"`

	Approve ApproveStatus `gorm:"column:approve_status" db:"approve_status" json:"approve_status"`

	CreatedAt time.Time      `json:"created_at"`
	UpdatedAt time.Time      `json:"updated_at"`
	DeletedAt gorm.DeletedAt `json:"deleted_at"`
}

User direct defenition

func (*User) CreatorUserID

func (u *User) CreatorUserID() uint64

CreatorUserID returns the user id

func (*User) GetID

func (u *User) GetID() uint64

GetID returns user id

func (*User) IsAnonymous

func (u *User) IsAnonymous() bool

IsAnonymous user object nolint:unused // temporary

func (*User) RBACResourceName

func (u *User) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*User) TableName

func (u *User) TableName() string

TableName returns the name in database

type UserPasswordReset

type UserPasswordReset struct {
	UserID uint64 `json:"user_id" gorm:"primaryKey"`
	Token  string `json:"token" gorm:"index:,unique" limit:"128"`

	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

UserPasswordReset direct defenition

func (*UserPasswordReset) TableName

func (u *UserPasswordReset) TableName() string

TableName returns the name in database

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL