Documentation ¶
Index ¶
- Constants
- Variables
- type CreateAppealOption
- type InvalidError
- type Service
- func (s *Service) AddApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)
- func (s *Service) Cancel(ctx context.Context, id string) (*domain.Appeal, error)
- func (s *Service) Create(ctx context.Context, appeals []*domain.Appeal, opts ...CreateAppealOption) error
- func (s *Service) CreateComment(ctx context.Context, c *domain.Comment) error
- func (s *Service) DeleteApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)
- func (s *Service) Find(ctx context.Context, filters *domain.ListAppealsFilter) ([]*domain.Appeal, error)
- func (s *Service) GetAppealsTotalCount(ctx context.Context, filters *domain.ListAppealsFilter) (int64, error)
- func (s *Service) GetByID(ctx context.Context, id string) (*domain.Appeal, error)
- func (s *Service) GrantAccessToProvider(ctx context.Context, a *domain.Appeal, opts ...CreateAppealOption) error
- func (s *Service) ListComments(ctx context.Context, filter domain.ListCommentsFilter) ([]*domain.Comment, error)
- func (s *Service) Update(ctx context.Context, appeal *domain.Appeal) error
- func (s *Service) UpdateApproval(ctx context.Context, approvalAction domain.ApprovalAction) (*domain.Appeal, error)
- type ServiceDeps
Constants ¶
View Source
const ( AuditKeyBulkInsert = "appeal.bulkInsert" AuditKeyCancel = "appeal.cancel" AuditKeyApprove = "appeal.approve" AuditKeyReject = "appeal.reject" AuditKeyRevoke = "appeal.revoke" AuditKeyExtend = "appeal.extend" AuditKeyAddApprover = "appeal.addApprover" AuditKeyDeleteApprover = "appeal.deleteApprover" RevokeReasonForExtension = "Automatically revoked for grant extension" RevokeReasonForOverride = "Automatically revoked for grant override" PolicyMetadataKey = "__policy_metadata" )
View Source
const CommentParentTypeAppeal = "appeal"
Variables ¶
View Source
var ( ErrAppealIDEmptyParam = errors.New("appeal id is required") ErrApprovalIDEmptyParam = errors.New("approval id/name is required") ErrAppealStatusCanceled = errors.New("appeal already canceled") ErrAppealStatusApproved = errors.New("appeal already approved") ErrAppealStatusRejected = errors.New("appeal already rejected") ErrAppealStatusUnrecognized = errors.New("unrecognized appeal status") ErrAppealDuplicate = errors.New("appeal with identical account_id, resource, and role already exists") ErrAppealInvalidExtensionDuration = errors.New("invalid configured appeal extension duration") ErrAppealFoundActiveGrant = errors.New("user still have an active grant") ErrGrantNotEligibleForExtension = errors.New("grant not eligible for extension") ErrCannotCreateAppealForOtherUser = errors.New("creating appeal for other individual user (account_type=\"user\") is not allowed") ErrApprovalStatusUnrecognized = errors.New("unrecognized approval status") ErrApprovalNotFound = errors.New("approval not found") ErrUnableToAddApprover = errors.New("unable to add a new approver") ErrUnableToDeleteApprover = errors.New("unable to remove approver") ErrActionForbidden = errors.New("user is not allowed to make action on this approval step") ErrActionInvalidValue = errors.New("invalid action value") ErrProviderNotFound = errors.New("provider not found") ErrInvalidResourceType = errors.New("invalid resource type") ErrOptionsExpirationDateOptionNotFound = errors.New("expiration date is required, unable to find expiration date option") ErrInvalidRole = errors.New("invalid role") ErrExpirationDateIsRequired = errors.New("having permanent access to this resource is not allowed, access duration is required") ErrPolicyNotFound = errors.New("policy not found") ErrResourceNotFound = errors.New("resource not found") ErrResourceDeleted = errors.New("resource has been deleted") ErrAppealNotFound = errors.New("appeal not found") ErrDurationNotAllowed = errors.New("duration value not allowed") ErrDurationIsRequired = errors.New("having permanent access to this resource is not allowed, access duration is required") ErrApproverKeyNotRecognized = errors.New("unrecognized approvers key") ErrApproverInvalidType = errors.New("invalid approver type, expected an email string or array of email string") ErrApproverEmail = errors.New("approver is not a valid email") ErrApproverNotFound = errors.New("approver not found") ErrGrantNotFound = errors.New("grant not found") ErrInvalidUpdateApprovalParameter = errors.New("invalid parameter") ErrAppealNotEligibleForApproval = errors.New("appeal status not eligible for approval") ErrApprovalNotEligibleForAction = errors.New("approval not eligible for action") )
View Source
var TimeNow = time.Now
Functions ¶
This section is empty.
Types ¶
type CreateAppealOption ¶
type CreateAppealOption func(*createAppealOptions)
func CreateWithAdditionalAppeal ¶
func CreateWithAdditionalAppeal() CreateAppealOption
type InvalidError ¶ added in v0.7.3
type InvalidError struct {
AppealID string
}
func (InvalidError) Error ¶ added in v0.7.3
func (ie InvalidError) Error() string
type Service ¶
Service handling the business logics
func (*Service) AddApprover ¶
func (*Service) Create ¶
func (s *Service) Create(ctx context.Context, appeals []*domain.Appeal, opts ...CreateAppealOption) error
Create record
func (*Service) CreateComment ¶ added in v0.10.0
func (*Service) DeleteApprover ¶
func (*Service) Find ¶
func (s *Service) Find(ctx context.Context, filters *domain.ListAppealsFilter) ([]*domain.Appeal, error)
Find appeals by filters
func (*Service) GetAppealsTotalCount ¶ added in v0.7.5
func (*Service) GrantAccessToProvider ¶
func (*Service) ListComments ¶ added in v0.10.0
func (*Service) UpdateApproval ¶
func (s *Service) UpdateApproval(ctx context.Context, approvalAction domain.ApprovalAction) (*domain.Appeal, error)
UpdateApproval Approve an approval step
type ServiceDeps ¶
type ServiceDeps struct { Repository repository ApprovalService approvalService ResourceService resourceService ProviderService providerService PolicyService policyService GrantService grantService CommentService *comment.Service IAMManager iamManager Notifier notifier Validator *validator.Validate Logger log.Logger AuditLogger auditLogger }
Click to show internal directories.
Click to hide internal directories.