model

package
v0.1.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 28, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccessLevelBasic       = 0
	AccessLevelNoAnonymous = 1
	AccessLevelAccount     = 2
	AccessLevelSystem      = 3
)

Variables

View Source 
var Anonymous = User{ID: 0}

Anonymous user object

Functions

This section is empty.

Types

type Account 

type Account struct {
	ID      uint64        `json:"id" gorm:"primaryKey"`
	Approve ApproveStatus `json:"approved" db:"approve_status" gorm:"column:approve_status" `

	Title       string `json:"title"`
	Description string `json:"description"`

	// LogoURI is an URL string that references a logo for the client.
	LogoURI string `json:"logo_uri" gorm:"column:logo_uri"`

	// PolicyURI is a URL string that points to a human-readable privacy policy document
	// that describes how the deployment organization collects, uses,
	// retains, and discloses personal data.
	PolicyURI string `json:"policy_uri" gorm:"column:policy_uri"`

	// TermsOfServiceURI is a URL string that points to a human-readable terms of service
	// document for the client that describes a contractual relationship
	// between the end-user and the client that the end-user accepts when
	// authorizing the client.
	TermsOfServiceURI string `json:"tos_uri" gorm:"column:tos_uri"`

	// ClientURI is an URL string of a web page providing information about the client.
	// If present, the server SHOULD display this URL to the end-user in
	// a clickable fashion.
	ClientURI string `json:"client_uri" gorm:"column:client_uri"`

	// Contacts is a array of strings representing ways to contact people responsible
	// for this client, typically email addresses.
	Contacts gosql.NullableStringArray `json:"contacts" gorm:"column:contacts;type:text[]"`

	Permissions permissionChecker `json:"-" gorm:"-"`
	Admins      []uint64          `json:"-" gorm:"-"`

	CreatedAt time.Time      `json:"created_at"`
	UpdatedAt time.Time      `json:"updated_at"`
	DeletedAt gorm.DeletedAt `json:"deleted_at"`
}

Account provides the information about the account

func PermissionCheckAccountFromContext 

func PermissionCheckAccountFromContext(ctx context.Context) *Account

PermissionCheckAccountFromContext returns the original account for check

func (*Account) CheckPermissions 

func (acc *Account) CheckPermissions(ctx context.Context, resource any, patterns ...string) bool

CheckPermissions for some specific resource

func (*Account) CheckedPermissions 

func (acc *Account) CheckedPermissions(ctx context.Context, resource any, patterns ...string) rbac.Permission

CheckedPermissions for some specific resource

func (*Account) ExtendAdminUsers 

func (acc *Account) ExtendAdminUsers(ids ...uint64)

ExtendAdminUsers to the account

func (*Account) ExtendPermissions 

func (acc *Account) ExtendPermissions(perm permissionChecker)

ExtendPermissions of the account for the user

func (*Account) HasPermission 

func (acc *Account) HasPermission(patterns ...string) bool

HasPermission for the account

func (*Account) IsAdminUser 

func (acc *Account) IsAdminUser(userID uint64) bool

IsApproved account

func (*Account) IsAnonymous 

func (acc *Account) IsAnonymous() bool

IsAnonymous account

func (*Account) IsOwnerUser 

func (acc *Account) IsOwnerUser(userID uint64) bool

IsOwnerUser of the account

func (*Account) ListPermissions 

func (acc *Account) ListPermissions(patterns ...string) []rbac.Permission

ListPermissions for the account

func (*Account) OwnerAccountID 

func (acc *Account) OwnerAccountID() uint64

OwnerAccountID returns the account ID which belongs the object

func (*Account) RBACResourceName 

func (acc *Account) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Account) TableName 

func (acc *Account) TableName() string

TableName of the model in the database

type AccountMember 

type AccountMember struct {
	ID      uint64        `db:"id" gorm:"primaryKey"`
	Approve ApproveStatus `db:"approve_status" gorm:"column:approve_status"`

	AccountID uint64   `db:"account_id"`
	Account   *Account `db:"-" gorm:"foreignKey:AccountID;references:ID"`
	UserID    uint64   `db:"user_id"`
	User      *User    `db:"-" gorm:"foreignKey:UserID;references:ID"`

	// Superuser permissions for the current account
	// Despite of that optinion that better to use roles as the only way of permission issue
	//   the Owner flag in most of cases is very useful approach which prevent many problems related to
	//   permission updates.
	// Admin permission restricted by some limits which available only to superusers and managers.
	IsAdmin bool `db:"is_admin"`

	// Roles of the member
	Roles []*Role `gorm:"many2many:m2m_account_member_role;foreignKey:ID;joinForeignKey:MemberID;references:ID;joinReferences:RoleID"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AccountMember contains reference from user to account as memeber

func (*AccountMember) OwnerAccountID 

func (member *AccountMember) OwnerAccountID() uint64

func (*AccountMember) RBACResourceName 

func (member *AccountMember) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AccountMember) TableName 

func (member *AccountMember) TableName() string

TableName of the model in the database

type AccountSocial 

type AccountSocial struct {
	ID     uint64 `db:"id" gorm:"primaryKey"`
	UserID uint64 `db:"user_id"`
	User   *User  `db:"-" gorm:"foreignKey:UserID"`

	SocialID  string `db:"social_id"` // social network user id
	Provider  string `db:"provider"`  // facebook, google, twitter, github, etc
	Email     string `db:"email"`
	FirstName string `db:"first_name"`
	LastName  string `db:"last_name"`
	Username  string `db:"username"`
	Avatar    string `db:"avatar"`
	Link      string `db:"link"`

	// Data is a JSON object with additional data
	Data gosql.NullableJSON[map[string]any] `db:"data" gorm:"type:jsonb"`

	// Sessions list linked to the account
	Sessions []*AccountSocialSession `db:"-" gorm:"foreignKey:AccountSocialID;references:ID"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AccountSocial object represents a social network account

func (*AccountSocial) CreatorUserID 

func (m *AccountSocial) CreatorUserID() uint64

CreatorUserID returns the ID of the owner of the resource

func (*AccountSocial) RBACResourceName 

func (m *AccountSocial) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AccountSocial) TableName 

func (m *AccountSocial) TableName() string

TableName in database

type AccountSocialSession 

type AccountSocialSession struct {
	// Unique name of the session to destinguish between different sessions with different scopes
	Name            string `db:"name" gorm:"primaryKey"`
	AccountSocialID uint64 `db:"account_social_id" gorm:"primaryKey;autoIncrement:false"`

	TokenType    string                    `db:"token_type" json:"token_type,omitempty"`
	AccessToken  string                    `db:"access_token" json:"access_token"`
	RefreshToken string                    `db:"refresh_token" json:"refresh_token"`
	Scopes       gosql.NullableStringArray `db:"scopes" json:"scopes,omitempty" gorm:"type:text[]"`

	CreatedAt time.Time      `db:"created_at" json:"created_at"`
	UpdatedAt time.Time      `db:"updated_at" json:"updated_at"`
	ExpiresAt null.Time      `db:"expires_at" json:"expires_at,omitempty"`
	DeletedAt gorm.DeletedAt `db:"deleted_at" json:"deleted_at,omitempty"`
}

func (*AccountSocialSession) TableName 

func (m *AccountSocialSession) TableName() string

TableName in database

type ApproveStatus 

type ApproveStatus int

ApproveStatus of the model 

const (
	UndefinedApproveStatus   ApproveStatus = 0
	PendingApproveStatus     ApproveStatus = 0
	ApprovedApproveStatus    ApproveStatus = 1
	DisapprovedApproveStatus ApproveStatus = 2
	BannedApproveStatus      ApproveStatus = 3
)

ApproveStatus option constants...

func (ApproveStatus) IsApproved 

func (s ApproveStatus) IsApproved() bool

func (ApproveStatus) IsRejected 

func (s ApproveStatus) IsRejected() bool

func (ApproveStatus) IsUndefined 

func (s ApproveStatus) IsUndefined() bool

func (ApproveStatus) String 

func (s ApproveStatus) String() string

type AuthClient 

type AuthClient struct {
	// ClientID is the client ID which represents unique connection indentificator
	ID string `db:"id"`

	// Owner and creator of the auth client
	AccountID uint64 `db:"account_id"`
	UserID    uint64 `db:"user_id"`

	// Title of the AuthClient as himan readable name
	Title string `db:"title"`

	// Secret is the client's secret. The secret will be included in the create request as cleartext, and then
	// never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users
	// that they need to write the secret down as it will not be made available again.
	Secret string `db:"secret"`

	// RedirectURIs is an array of allowed redirect urls for the client, for example http://mydomain/oauth/callback .
	RedirectURIs gosql.NullableStringArray `db:"redirect_uris" gorm:"type:text[]"`

	// GrantTypes is an array of grant types the client is allowed to use.
	//
	// Pattern: client_credentials|authorization_code|implicit|refresh_token
	GrantTypes gosql.NullableStringArray `db:"grant_types" gorm:"type:text[]"`

	// ResponseTypes is an array of the OAuth 2.0 response type strings that the client can
	// use at the authorization endpoint.
	//
	// Pattern: id_token|code|token
	ResponseTypes gosql.NullableStringArray `db:"response_types" gorm:"type:text[]"`

	// Scope is a string containing a space-separated list of scope values (as
	// described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client
	// can use when requesting access tokens.
	//
	// Pattern: ([a-zA-Z0-9\.\*]+\s?)+
	Scope string `db:"scope"`

	// Audience is a whitelist defining the audiences this client is allowed to request tokens for. An audience limits
	// the applicability of an OAuth 2.0 Access Token to, for example, certain API endpoints. The value is a list
	// of URLs. URLs MUST NOT contain whitespaces.
	Audience gosql.NullableStringArray `json:"audience" gorm:"type:text[]"`

	// SubjectType requested for responses to this Client. The subject_types_supported Discovery parameter contains a
	// list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.
	SubjectType string `db:"subject_type"`

	// AllowedCORSOrigins are one or more URLs (scheme://host[:port]) which are allowed to make CORS requests
	// to the /oauth/token endpoint. If this array is empty, the sever's CORS origin configuration (`CORS_ALLOWED_ORIGINS`)
	// will be used instead. If this array is set, the allowed origins are appended to the server's CORS origin configuration.
	// Be aware that environment variable `CORS_ENABLED` MUST be set to `true` for this to work.
	AllowedCORSOrigins gosql.NullableStringArray `db:"allowed_cors_origins" gorm:"type:text[]"`

	// Public flag tells that the client is public
	Public bool `db:"public"`

	// ExpiresAt contins the time of expiration of the client
	ExpiresAt time.Time `db:"expires_at"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AuthClient object represents an OAuth 2.0 client

func (*AuthClient) OwnerAccountID 

func (m *AuthClient) OwnerAccountID() uint64

OwnerAccountID returns the account ID which belongs the object

func (*AuthClient) RBACResourceName 

func (m *AuthClient) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AuthClient) TableName 

func (m *AuthClient) TableName() string

TableName in database

type AuthSession 

type AuthSession struct {
	ID     uint64 `db:"id"`
	Active bool   `db:"active"`

	ClientID string `db:"client_id"` // Internal AuthClient id
	Username string `db:"username"`
	Subject  string `db:"subject"`

	RequestID string `db:"request_id"`

	// AccessToken is the main access token for the session
	AccessToken           string      `db:"access_token"`
	AccessTokenExpiresAt  time.Time   `db:"access_token_expires_at"`
	RefreshToken          null.String `db:"refresh_token" gorm:"type:text"`
	RefreshTokenExpiresAt time.Time   `db:"refresh_token_expires_at"`

	Form              string                    `db:"form"`
	RequestedScope    gosql.NullableStringArray `db:"requested_scope" gorm:"type:text[]"`
	GrantedScope      gosql.NullableStringArray `db:"granted_scope" gorm:"type:text[]"`
	RequestedAudience gosql.NullableStringArray `db:"requested_audience" gorm:"type:text[]"`
	GrantedAudience   gosql.NullableStringArray `db:"granted_audience" gorm:"type:text[]"`

	CreatedAt time.Time      `db:"created_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

AuthSession describes session object of the external applications which are authenticated by the oauth2 protocol with the current service

func (*AuthSession) RBACResourceName 

func (m *AuthSession) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*AuthSession) TableName 

func (m *AuthSession) TableName() string

TableName in database

type AvailableStatus 

type AvailableStatus int

AvailableStatus type 

const (
	UndefinedAvailableStatus   AvailableStatus = 0
	AvailableAvailableStatus   AvailableStatus = 1
	UnavailableAvailableStatus AvailableStatus = 2
)

AvailableStatus option constants...

type DirectAccessToken 

type DirectAccessToken struct {
	ID          uint64           `json:"id"`
	Token       string           `json:"token"`
	Description string           `json:"description"`
	UserID      sql.Null[uint64] `json:"user_id"`
	AccountID   uint64           `json:"account_id"`

	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

func (*DirectAccessToken) RBACResourceName 

func (m *DirectAccessToken) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*DirectAccessToken) TableName 

func (m *DirectAccessToken) TableName() string

type HistoryAction 

type HistoryAction struct {
	ID        uuid.UUID `gorm:"type:uuid;primaryKey;"`
	RequestID string    `gorm:"type:varchar(255);not null;index:idx_history_actions_request_id;"`

	UserID    uint64 `json:"user_id" gorm:"index:idx_history_actions_user_id;not null;"`
	AccountID uint64 `json:"account_id" gorm:"index:idx_history_actions_account_id;not null;"`

	Name    string `gorm:"type:varchar(255);not null;index:idx_history_actions_name;"`
	Message string `gorm:"type:text;not null;"`

	ObjectType string                             `gorm:"type:varchar(255);not null;index:idx_history_actions_object_type;"`
	ObjectID   uint64                             `gorm:"type:bigint;not null;index:idx_history_actions_object_id;"`
	ObjectIDs  string                             `gorm:"type:varchar(255);not null;index:idx_history_actions_object_ids;"`
	Data       gosql.NullableJSON[map[string]any] `gorm:"type:jsonb;not null;"`

	ActionAt time.Time `gorm:"type:timestamp;not null;index:idx_history_actions_at;"`
}

HistoryAction model used for store history of actions.

func (*HistoryAction) CreatorUserID 

func (act *HistoryAction) CreatorUserID() uint64

func (*HistoryAction) DataMap 

func (act *HistoryAction) DataMap() map[string]any

DataMap returns data as map.

func (*HistoryAction) DataTo 

func (act *HistoryAction) DataTo(dest any) error

DataTo unmarshal data to dest.

func (*HistoryAction) OwnerAccountID 

func (act *HistoryAction) OwnerAccountID() uint64

func (*HistoryAction) RBACResourceName 

func (*HistoryAction) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*HistoryAction) TableName 

func (*HistoryAction) TableName() string

TableName returns name of table.

type M2MAccountMemberRole 

type M2MAccountMemberRole struct {
	MemberID  uint64    `db:"member_id" gorm:"primaryKey"`
	RoleID    uint64    `db:"role_id" gorm:"primaryKey"`
	CreatedAt time.Time `db:"created_at"`
}

M2MAccountMemberRole m2m link between members and roles|permissions

func (*M2MAccountMemberRole) TableName 

func (member *M2MAccountMemberRole) TableName() string

TableName of the model in the database

type M2MRole 

type M2MRole struct {
	ParentRoleID uint64    `db:"parent_role_id" gorm:"primaryKey"`
	ChildRoleID  uint64    `db:"child_role_id" gorm:"primaryKey"`
	CreatedAt    time.Time `db:"created_at"`
}

M2MRole link parent and child role

func (*M2MRole) TableName 

func (m2m *M2MRole) TableName() string

TableName of the model in the database

type Option 

type Option struct {
	Type     OptionType              `json:"type"`
	TargetID uint64                  `json:"target_id"`
	Name     string                  `json:"name"`
	Value    gosql.NullableJSON[any] `json:"value" gorm:"type:jsonb"`

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

func (*Option) CreatorUserID 

func (o *Option) CreatorUserID() uint64

func (*Option) OwnerAccountID 

func (o *Option) OwnerAccountID() uint64

func (*Option) RBACResourceName 

func (o *Option) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Option) TableName 

func (o *Option) TableName() string

type OptionType 

type OptionType string
const (
	UndefinedOptionType OptionType = "undefined"
	UserOptionType      OptionType = "user"
	AccountOptionType   OptionType = "account"
	SystemOptionType    OptionType = "system"
)

type Order 

type Order int8
const (
	OrderUndefined Order = 0
	OrderAsc       Order = 1
	OrderDesc      Order = -1
)

func OrderFromStr 

func OrderFromStr(s string) Order

PrepareQuery returns the query with applied order

func (*Order) IsAsc added in v0.1.1 

func (ord *Order) IsAsc() bool

IsAsc returns true if the order is ascending

func (*Order) IsDefined added in v0.1.1 

func (ord *Order) IsDefined() bool

IsDefined returns true if the order is defined

func (*Order) IsDesc added in v0.1.1 

func (ord *Order) IsDesc() bool

IsDesc returns true if the order is descending

func (*Order) PrepareQuery 

func (ord *Order) PrepareQuery(q *gorm.DB, column string) *gorm.DB

PrepareQuery returns the query with applied order

func (*Order) Set 

func (ord *Order) Set(s string) *Order

Set sets the order value from string

type Role 

type Role struct {
	ID    uint64 `db:"id"`
	Name  string `db:"name"`
	Title string `db:"title"`

	Description string `db:"description"`

	// Contains additional data for the role
	Context gosql.NullableJSON[map[string]any] `db:"context"`

	ChildRoles         []*Role                   `db:"-" gorm:"many2many:m2m_rbac_role;ForeignKey:ID;joinForeignKey:parent_role_id;joinReferences:child_role_id;References:ID"`
	PermissionPatterns gosql.NullableStringArray `db:"permissions" gorm:"column:permissions;type:text[]"`

	AccessLevel int `db:"access_level"` // 0 - any, 1 - no anonymous, 2 - account, >=3 - system

	CreatedAt time.Time      `db:"created_at"`
	UpdatedAt time.Time      `db:"updated_at"`
	DeletedAt gorm.DeletedAt `db:"deleted_at"`
}

Role base model

func (*Role) ContextItem 

func (role *Role) ContextItem(name string) any

ContextItem returns one value by name from context

func (*Role) ContextItemString 

func (role *Role) ContextItemString(name string) string

ContextItemString returns one string value by name from context

func (*Role) ContextMap 

func (role *Role) ContextMap() map[string]any

ContextMap returns the map from the context

func (*Role) GetTitle 

func (role *Role) GetTitle() string

GetTitle from role object nolint:unused // exported

func (*Role) RBACResourceName 

func (role *Role) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*Role) TableName 

func (role *Role) TableName() string

TableName of the model in the database

type User 

type User struct {
	ID       uint64 `json:"id" gorm:"primaryKey"`
	Email    string `json:"email"`
	Password string `json:"password"`

	Approve ApproveStatus `gorm:"column:approve_status" db:"approve_status" json:"approve_status"`

	CreatedAt time.Time      `json:"created_at"`
	UpdatedAt time.Time      `json:"updated_at"`
	DeletedAt gorm.DeletedAt `json:"deleted_at"`
}

User direct defenition

func (*User) CreatorUserID 

func (u *User) CreatorUserID() uint64

CreatorUserID returns the user id

func (*User) GetID 

func (u *User) GetID() uint64

GetID returns user id

func (*User) IsAnonymous 

func (u *User) IsAnonymous() bool

IsAnonymous user object nolint:unused // temporary

func (*User) RBACResourceName 

func (u *User) RBACResourceName() string

RBACResourceName returns the name of the resource for the RBAC

func (*User) TableName 

func (u *User) TableName() string

TableName returns the name in database

type UserPasswordReset 

type UserPasswordReset struct {
	UserID uint64 `json:"user_id" gorm:"primaryKey"`
	Token  string `json:"token" gorm:"index:,unique" limit:"128"`

	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

UserPasswordReset direct defenition

func (*UserPasswordReset) TableName 

func (u *UserPasswordReset) TableName() string

TableName returns the name in database

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.