gql

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	HasuraClientName  = "Hasura-Client-Name"
	DefaultClientName = "lux-hasura-api"

	XHasuraRole        = "x-hasura-role"
	XHasuraUserID      = "x-hasura-user-id"
	XHasuraUserEmail   = "x-hasura-user-email"
	XHasuraAdminSecret = "X-Hasura-Admin-Secret"
)
View Source 
const (
	RoleAdmin  = "admin"
	RoleUser   = "user"
	RolePublic = "public"
)

Variables

This section is empty.

Functions

func GetHeadersFromContext 

func GetHeadersFromContext(ctx context.Context) map[string]string

func HeadersFor 

func HeadersFor(actor *Actor, adminSecret, clientName string) map[string]string

func WithHeader 

func WithHeader(ctx context.Context, key, value string) context.Context

func WithHeaders 

func WithHeaders(ctx context.Context, hs map[string]string) context.Context

Types

type Access 

type Access struct {
	*Actor
	AllowedProjectIDs        []uuid.UUID
	MetricsAllowedProjectIDs []uuid.UUID
	AdminProjectIDs          []uuid.UUID
}

Access holds information about what a given actor can access. code using Access values will determine whether a user can access a given resource based on the actor's role, identity or allowed lists

func NewAccess 

func NewAccess(actor *Actor) *Access

func NewAccessFromSessionVariables 

func NewAccessFromSessionVariables(sessionVariables util.StringMap) *Access

NewAccessFromSessionVariables parses de headers in the given StringMap And builds an Access object based on them

type Actor 

type Actor struct {
	Role     string
	UserID   *uuid.UUID
	Email    string
	UsesSAML bool
}

Actor denotes who is making a request to our APIs

func NewAdminActor 

func NewAdminActor() *Actor

func NewUserActor 

func NewUserActor(userID *uuid.UUID, email string) *Actor

func (*Actor) AsAdmin 

func (a *Actor) AsAdmin() *Actor

func (*Actor) HasRole 

func (a *Actor) HasRole(role string) bool

func (*Actor) IsAdmin 

func (a *Actor) IsAdmin() bool

type ActorAwareClient 

type ActorAwareClient struct {
	Client
	Actor *Actor
	// contains filtered or unexported fields
}

ActorAwareClient is a graphql client which requests are made on behalf of an Actor

func NewAdminClient 

func NewAdminClient(endpoint, adminSecret, clientName string, options ...Option) *ActorAwareClient

NewAdminClient creates a new client to access the given graphql endpoint using the given admin secret.

options is a set of functional options used, among other things, to override the default timeout for the client.

func NewAdminClientFromHost 

func NewAdminClientFromHost(host string, adminSecret string, clientName string, options ...Option) *ActorAwareClient

NewAdminClientFromHost is a helper constructor, that will append to the host, the default endpoint path to build a new admin client.

func NewClient 

func NewClient(endpoint string, adminSecret string, actor *Actor, clientName string, options ...Option) *ActorAwareClient

NewClient creates a new client to access the given graphql endpoint as a user, setting the given http headers in the underlying httpClient.

func NewPromotableClient 

func NewPromotableClient(endpoint string, adminSecret string, actor *Actor, clientName string, options ...Option) *ActorAwareClient

NewPromotableClient creates a new client to access the given graphql endpoint as the given actor, but that has the option to act as an admin, by calling ForceAdmin() over it. This is useful when a certain action needs to request superpowers, think of it as a sudoer in Linux.

adminSecret is used for client authentication not authorization. Authorization is done when HGE checks the role and user headers. Think of adminSecret as an API key to access the endpoint, that's why promoting a client to an admin, only means changing the role to admin.

func (*ActorAwareClient) AsAdmin 

func (c *ActorAwareClient) AsAdmin() (*ActorAwareClient, error)

AsAdmin allows the client to act on behalf of an admin, this function returns an error in case the client is not promotable

func (*ActorAwareClient) ForceAdmin 

func (c *ActorAwareClient) ForceAdmin() *ActorAwareClient

ForceAdmin allows the client to act on behalf of an admin, this function panics if the client cannot be promoted to an Admin client. Prefer AsAdmin instead.

type Client 

type Client interface {
	Query(ctx context.Context, q interface{}, variables map[string]interface{}, options ...graphql.Option) error
	NamedQuery(ctx context.Context, name string, q interface{}, variables map[string]interface{}, options ...graphql.Option) error
	NamedQueryRaw(ctx context.Context, name string, q interface{}, variables map[string]interface{}, options ...graphql.Option) ([]byte, error)
	Mutate(ctx context.Context, m interface{}, variables map[string]interface{}, options ...graphql.Option) error
	NamedMutate(ctx context.Context, name string, m interface{}, variables map[string]interface{}, options ...graphql.Option) error
	NamedMutateRaw(ctx context.Context, name string, m interface{}, variables map[string]interface{}, options ...graphql.Option) ([]byte, error)
}

Client abstracts the interface provided by hasura/go-graphql-client so their implementation can be replaced by something else

type Option 

type Option func(*options)

func WithTimeout 

func WithTimeout(timeout time.Duration) Option

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.