provider

package
v0.12.5-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 6, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AuditKeyCreate = "provider.create"
	AuditKeyUpdate = "provider.update"
	AuditKeyDelete = "provider.delete"
)

Variables

View Source
var (
	// ErrInvalidProviderType is the error value if provider is unable to find the matching provider type
	ErrInvalidProviderType = errors.New("unable to find provider based on provider type")
	// ErrEmptyIDParam is the error value if the policy id is empty
	ErrEmptyIDParam = errors.New("id can't be empty")
	// ErrRecordNotFound is the error value if the designated record id is not exists
	ErrRecordNotFound      = errors.New("record not found")
	ErrEmptyProviderType   = errors.New("provider type can't be nil")
	ErrEmptyProviderURN    = errors.New("provider urn can't be nil")
	ErrNilAppeal           = errors.New("appeal can't be nil")
	ErrNilResource         = errors.New("resource can't be nil")
	ErrInvalidResourceType = errors.New("invalid resource type")
	ErrInvalidRole         = errors.New("invalid role")

	ErrUnimplementedMethod                = errors.New("method is not yet implemented")
	ErrImportActivitiesMethodNotSupported = errors.New("import activities is not supported for this provider type")
	ErrGetActivityMethodNotSupported      = errors.New("get activity is not supported for this provider type")

	ErrAppealValidationInvalidAccountType       = errors.New("invalid account type")
	ErrAppealValidationInvalidRole              = errors.New("invalid role")
	ErrAppealValidationDurationNotSpecified     = errors.New("appeal duration is required")
	ErrAppealValidationEmptyDuration            = errors.New("permanent access is not allowed")
	ErrAppealValidationInvalidDurationValue     = errors.New("invalid duration value")
	ErrAppealValidationMissingRequiredParameter = errors.New("missing required parameter")
	ErrAppealValidationMissingRequiredQuestion  = errors.New("missing required question")
)

Functions

func GetRoles

func GetRoles(pc *domain.ProviderConfig, resourceType string) ([]*domain.Role, error)

func WithDryRun

func WithDryRun(ctx context.Context) context.Context

Types

type Client

type Client interface {
	providers.PermissionManager
	providers.Client
}

type PermissionManager

type PermissionManager struct{}

func (PermissionManager) GetPermissions

func (m PermissionManager) GetPermissions(pc *domain.ProviderConfig, resourceType, role string) ([]interface{}, error)

type Service

type Service struct {
	// contains filtered or unexported fields
}

Service handling the business logics

func NewService

func NewService(deps ServiceDeps) *Service

NewService returns service struct

func (*Service) CorrelateGrantActivities added in v0.7.5

func (s *Service) CorrelateGrantActivities(ctx context.Context, p domain.Provider, grants []*domain.Grant, activities []*domain.Activity) error

func (*Service) Create

func (s *Service) Create(ctx context.Context, p *domain.Provider) error

Create record

func (*Service) Delete

func (s *Service) Delete(ctx context.Context, id string) error

func (*Service) FetchResources

func (s *Service) FetchResources(ctx context.Context) error

FetchResources fetches all resources for all registered providers

func (*Service) Find

func (s *Service) Find(ctx context.Context) ([]*domain.Provider, error)

Find records

func (*Service) GetByID

func (s *Service) GetByID(ctx context.Context, id string) (*domain.Provider, error)

func (*Service) GetOne

func (s *Service) GetOne(ctx context.Context, pType, urn string) (*domain.Provider, error)

func (*Service) GetPermissions

func (s *Service) GetPermissions(_ context.Context, pc *domain.ProviderConfig, resourceType, role string) ([]interface{}, error)

func (*Service) GetRoles

func (s *Service) GetRoles(ctx context.Context, id string, resourceType string) ([]*domain.Role, error)

func (*Service) GetTypes

func (s *Service) GetTypes(ctx context.Context) ([]domain.ProviderType, error)

func (*Service) GrantAccess

func (s *Service) GrantAccess(ctx context.Context, a domain.Grant) error

func (*Service) ImportActivities

func (s *Service) ImportActivities(ctx context.Context, filter domain.ListActivitiesFilter) ([]*domain.Activity, error)

func (*Service) IsExclusiveRoleAssignment added in v0.9.0

func (s *Service) IsExclusiveRoleAssignment(ctx context.Context, providerType, resourceType string) bool

IsExclusiveRoleAssignment returns true if the provider only supports exclusive role assignment i.e. a user can only have one role per resource

func (*Service) ListAccess

func (s *Service) ListAccess(ctx context.Context, p domain.Provider, resources []*domain.Resource) (domain.MapResourceAccess, error)

func (*Service) ListActivities added in v0.7.5

func (s *Service) ListActivities(ctx context.Context, p domain.Provider, filter domain.ListActivitiesFilter) ([]*domain.Activity, error)

func (*Service) RevokeAccess

func (s *Service) RevokeAccess(ctx context.Context, a domain.Grant) error

func (*Service) Update

func (s *Service) Update(ctx context.Context, p *domain.Provider) error

Update updates the non-zero value(s) only

func (*Service) ValidateAppeal

func (s *Service) ValidateAppeal(ctx context.Context, a *domain.Appeal, p *domain.Provider, policy *domain.Policy) error

type ServiceDeps

type ServiceDeps struct {
	Repository      repository
	ResourceService resourceService
	Clients         []Client

	Validator   *validator.Validate
	Logger      log.Logger
	AuditLogger auditLogger
}

type UnimplementedClient

type UnimplementedClient struct{}

func (*UnimplementedClient) CreateConfig

func (c *UnimplementedClient) CreateConfig(*domain.ProviderConfig) error

func (*UnimplementedClient) GetResources

func (*UnimplementedClient) GetRoles

func (*UnimplementedClient) GrantAccess

func (*UnimplementedClient) RevokeAccess

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL