Documentation
¶
Index ¶
- Constants
- Variables
- type CreateAppealOption
- type Service
- func (s *Service) AddApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)
- func (s *Service) Cancel(ctx context.Context, id string) (*domain.Appeal, error)
- func (s *Service) Create(ctx context.Context, appeals []*domain.Appeal, opts ...CreateAppealOption) error
- func (s *Service) DeleteApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)
- func (s *Service) Find(ctx context.Context, filters *domain.ListAppealsFilter) ([]*domain.Appeal, error)
- func (s *Service) GetByID(ctx context.Context, id string) (*domain.Appeal, error)
- func (s *Service) GrantAccessToProvider(ctx context.Context, a *domain.Appeal, opts ...CreateAppealOption) error
- func (s *Service) Update(ctx context.Context, appeal *domain.Appeal) error
- func (s *Service) UpdateApproval(ctx context.Context, approvalAction domain.ApprovalAction) (*domain.Appeal, error)
- type ServiceDeps
Constants ¶
View Source
const ( AuditKeyBulkInsert = "appeal.bulkInsert" AuditKeyCancel = "appeal.cancel" AuditKeyApprove = "appeal.approve" AuditKeyReject = "appeal.reject" AuditKeyRevoke = "appeal.revoke" AuditKeyExtend = "appeal.extend" AuditKeyAddApprover = "appeal.addApprover" AuditKeyDeleteApprover = "appeal.deleteApprover" RevokeReasonForExtension = "Automatically revoked for grant extension" )
Variables ¶
View Source
var ( ErrAppealIDEmptyParam = errors.New("appeal id is required") ErrApprovalIDEmptyParam = errors.New("approval id/name is required") ErrAppealStatusCanceled = errors.New("appeal already canceled") ErrAppealStatusApproved = errors.New("appeal already approved") ErrAppealStatusRejected = errors.New("appeal already rejected") ErrAppealStatusBlocked = errors.New("approval is blocked") ErrAppealStatusUnrecognized = errors.New("unrecognized appeal status") ErrAppealDuplicate = errors.New("appeal with the same resource and role already exists") ErrAppealInvalidExtensionDuration = errors.New("invalid appeal extension duration") ErrAppealFoundActiveGrant = errors.New("user still have an active grant") ErrGrantNotEligibleForExtension = errors.New("existing grant is not eligible for extension") ErrCannotCreateAppealForOtherUser = errors.New("creating appeal for other individual user (account_type=\"user\") is not allowed") ErrApprovalDependencyIsBlocked = errors.New("found previous approval step that is still in blocked") ErrApprovalDependencyIsPending = errors.New("found previous approval step that is still in pending") ErrApprovalStatusApproved = errors.New("approval already approved") ErrApprovalStatusRejected = errors.New("approval already rejected") ErrApprovalStatusSkipped = errors.New("approval already skipped") ErrApprovalStatusUnrecognized = errors.New("unrecognized approval status") ErrApprovalNotFound = errors.New("approval not found") ErrUnableToAddApprover = errors.New("unable to add a new approver") ErrUnableToDeleteApprover = errors.New("unable to remove approver") ErrActionForbidden = errors.New("user is not allowed to make action on this approval step") ErrActionInvalidValue = errors.New("invalid action value") ErrProviderTypeNotFound = errors.New("provider is not registered") ErrProviderURNNotFound = errors.New("provider with specified urn is not registered") ErrResourceTypeNotFound = errors.New("unable to find matching resource config for specified resource type") ErrOptionsExpirationDateOptionNotFound = errors.New("expiration date is required, unable to find expiration date option") ErrInvalidRole = errors.New("invalid role") ErrExpirationDateIsRequired = errors.New("having permanent access to this resource is not allowed, access duration is required") ErrPolicyIDNotFound = errors.New("unable to find approval policy for specified id") ErrPolicyVersionNotFound = errors.New("unable to find approval policy for specified version") ErrResourceNotFound = errors.New("resource not found") ErrAppealNotFound = errors.New("appeal not found") ErrResourceIsDeleted = errors.New("resource is deleted") ErrOptionsDurationNotFound = errors.New("duration option not found") ErrDurationIsRequired = errors.New("having permanent access to this resource is not allowed, access duration is required") ErrApproverKeyNotRecognized = errors.New("unrecognized approvers key") ErrApproverInvalidType = errors.New("invalid approver type, expected an email string or array of email string") ErrApproverEmail = errors.New("approver is not a valid email") ErrApproverNotFound = errors.New("approver not found") ErrGrantNotFound = errors.New("grant not found") )
View Source
var TimeNow = time.Now
Functions ¶
This section is empty.
Types ¶
type CreateAppealOption ¶
type CreateAppealOption func(*createAppealOptions)
func CreateWithAdditionalAppeal ¶
func CreateWithAdditionalAppeal() CreateAppealOption
type Service ¶
Service handling the business logics
func (*Service) AddApprover ¶
func (*Service) Create ¶
func (s *Service) Create(ctx context.Context, appeals []*domain.Appeal, opts ...CreateAppealOption) error
Create record
func (*Service) DeleteApprover ¶
func (*Service) Find ¶
func (s *Service) Find(ctx context.Context, filters *domain.ListAppealsFilter) ([]*domain.Appeal, error)
Find appeals by filters
func (*Service) GrantAccessToProvider ¶
func (*Service) UpdateApproval ¶
func (s *Service) UpdateApproval(ctx context.Context, approvalAction domain.ApprovalAction) (*domain.Appeal, error)
UpdateApproval Approve an approval step
type ServiceDeps ¶
type ServiceDeps struct {
Repository repository
ApprovalService approvalService
ResourceService resourceService
ProviderService providerService
PolicyService policyService
GrantService grantService
IAMManager iamManager
Notifier notifier
Validator *validator.Validate
Logger log.Logger
AuditLogger auditLogger
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.