appeal

package
v0.8.2-alpha.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 28, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AuditKeyBulkInsert     = "appeal.bulkInsert"
	AuditKeyCancel         = "appeal.cancel"
	AuditKeyApprove        = "appeal.approve"
	AuditKeyReject         = "appeal.reject"
	AuditKeyRevoke         = "appeal.revoke"
	AuditKeyExtend         = "appeal.extend"
	AuditKeyAddApprover    = "appeal.addApprover"
	AuditKeyDeleteApprover = "appeal.deleteApprover"

	RevokeReasonForExtension = "Automatically revoked for grant extension"
	RevokeReasonForOverride  = "Automatically revoked for grant override"
)

Variables

View Source
var (
	ErrAppealIDEmptyParam   = errors.New("appeal id is required")
	ErrApprovalIDEmptyParam = errors.New("approval id/name is required")

	ErrAppealStatusCanceled           = errors.New("appeal already canceled")
	ErrAppealStatusApproved           = errors.New("appeal already approved")
	ErrAppealStatusRejected           = errors.New("appeal already rejected")
	ErrAppealStatusUnrecognized       = errors.New("unrecognized appeal status")
	ErrAppealDuplicate                = errors.New("appeal with identical account_id, resource, and role already exists")
	ErrAppealInvalidExtensionDuration = errors.New("invalid configured appeal extension duration")
	ErrAppealFoundActiveGrant         = errors.New("user still have an active grant")
	ErrGrantNotEligibleForExtension   = errors.New("grant not eligible for extension")
	ErrCannotCreateAppealForOtherUser = errors.New("creating appeal for other individual user (account_type=\"user\") is not allowed")

	ErrApprovalStatusUnrecognized = errors.New("unrecognized approval status")
	ErrApprovalNotFound           = errors.New("approval not found")
	ErrUnableToAddApprover        = errors.New("unable to add a new approver")
	ErrUnableToDeleteApprover     = errors.New("unable to remove approver")

	ErrActionForbidden    = errors.New("user is not allowed to make action on this approval step")
	ErrActionInvalidValue = errors.New("invalid action value")

	ErrProviderNotFound                    = errors.New("provider not found")
	ErrInvalidResourceType                 = errors.New("invalid resource type")
	ErrOptionsExpirationDateOptionNotFound = errors.New("expiration date is required, unable to find expiration date option")
	ErrInvalidRole                         = errors.New("invalid role")
	ErrExpirationDateIsRequired            = errors.New("having permanent access to this resource is not allowed, access duration is required")
	ErrPolicyNotFound                      = errors.New("policy not found")
	ErrResourceNotFound                    = errors.New("resource not found")
	ErrResourceDeleted                     = errors.New("resource has been deleted")
	ErrAppealNotFound                      = errors.New("appeal not found")
	ErrDurationNotAllowed                  = errors.New("duration value not allowed")
	ErrDurationIsRequired                  = errors.New("having permanent access to this resource is not allowed, access duration is required")

	ErrApproverKeyNotRecognized       = errors.New("unrecognized approvers key")
	ErrApproverInvalidType            = errors.New("invalid approver type, expected an email string or array of email string")
	ErrApproverEmail                  = errors.New("approver is not a valid email")
	ErrApproverNotFound               = errors.New("approver not found")
	ErrGrantNotFound                  = errors.New("grant not found")
	ErrInvalidUpdateApprovalParameter = errors.New("invalid parameter")

	ErrAppealNotEligibleForApproval = errors.New("appeal status not eligible for approval")
	ErrApprovalNotEligibleForAction = errors.New("approval not eligible for action")
)
View Source
var TimeNow = time.Now

Functions

This section is empty.

Types

type CreateAppealOption

type CreateAppealOption func(*createAppealOptions)

func CreateWithAdditionalAppeal

func CreateWithAdditionalAppeal() CreateAppealOption

type InvalidError added in v0.7.3

type InvalidError struct {
	AppealID string
}

func (InvalidError) Error added in v0.7.3

func (ie InvalidError) Error() string

type Service

type Service struct {
	TimeNow func() time.Time
	// contains filtered or unexported fields
}

Service handling the business logics

func NewService

func NewService(deps ServiceDeps) *Service

NewService returns service struct

func (*Service) AddApprover

func (s *Service) AddApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)

func (*Service) Cancel

func (s *Service) Cancel(ctx context.Context, id string) (*domain.Appeal, error)

func (*Service) Create

func (s *Service) Create(ctx context.Context, appeals []*domain.Appeal, opts ...CreateAppealOption) error

Create record

func (*Service) DeleteApprover

func (s *Service) DeleteApprover(ctx context.Context, appealID, approvalID, email string) (*domain.Appeal, error)

func (*Service) Find

func (s *Service) Find(ctx context.Context, filters *domain.ListAppealsFilter) ([]*domain.Appeal, error)

Find appeals by filters

func (*Service) GetAppealsTotalCount added in v0.7.5

func (s *Service) GetAppealsTotalCount(ctx context.Context, filters *domain.ListAppealsFilter) (int64, error)

func (*Service) GetByID

func (s *Service) GetByID(ctx context.Context, id string) (*domain.Appeal, error)

GetByID returns one record by id

func (*Service) GrantAccessToProvider

func (s *Service) GrantAccessToProvider(ctx context.Context, a *domain.Appeal, opts ...CreateAppealOption) error

func (*Service) Update

func (s *Service) Update(ctx context.Context, appeal *domain.Appeal) error

func (*Service) UpdateApproval

func (s *Service) UpdateApproval(ctx context.Context, approvalAction domain.ApprovalAction) (*domain.Appeal, error)

UpdateApproval Approve an approval step

type ServiceDeps

type ServiceDeps struct {
	Repository      repository
	ApprovalService approvalService
	ResourceService resourceService
	ProviderService providerService
	PolicyService   policyService
	GrantService    grantService
	IAMManager      iamManager

	Notifier    notifier
	Validator   *validator.Validate
	Logger      log.Logger
	AuditLogger auditLogger
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL