conditions

package

v0.6.0-beta.1 Latest Latest Go to latest Published: Nov 30, 2023 License: Apache-2.0 Imports: 3 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hexa-org/policy-mapper

Documentation ¶

Index ¶

Constants
func ParseConditionRuleAst(condition ConditionInfo) (*parser.Expression, error)
func ParseExpressionAst(expression string) (*parser.Expression, error)
func SerializeExpression(ast *parser.Expression) string
type AttributeMap
- func NewNameMapper(attributeMap map[string]string) *AttributeMap
- func (n *AttributeMap) GetHexaFilterAttributePath(provName string) string
- func (n *AttributeMap) GetProviderAttributeName(hexaName string) string
type ConditionInfo
type ConditionMapper
type NameMapper

Constants ¶

View Source

const (
	AAllow string = "allow"
	ADeny  string = "deny"
	AAudit string = "audit"
)

Variables ¶

This section is empty.

Functions ¶

func ParseConditionRuleAst ¶

func ParseConditionRuleAst(condition ConditionInfo) (*parser.Expression, error)

ParseConditionRuleAst is used by mapping providers to get the IDQL condition rule AST tree

func ParseExpressionAst ¶

func ParseExpressionAst(expression string) (*parser.Expression, error)

func SerializeExpression ¶

func SerializeExpression(ast *parser.Expression) string

SerializeExpression walks the AST and emits the condition in string form. It preserves precedence over the normal idqlCondition.String() method

Types ¶

type AttributeMap ¶

type AttributeMap struct {
	// contains filtered or unexported fields
}

func NewNameMapper ¶

func NewNameMapper(attributeMap map[string]string) *AttributeMap

NewNameMapper is called by a condition mapTool provider to instantiate an attribute name translator using interface NameMapper

func (*AttributeMap) GetHexaFilterAttributePath ¶

func (n *AttributeMap) GetHexaFilterAttributePath(provName string) string

func (*AttributeMap) GetProviderAttributeName ¶

func (n *AttributeMap) GetProviderAttributeName(hexaName string) string

type ConditionInfo ¶

type ConditionInfo struct {
	Rule   string `json:"Rule,omitempty" validate:"required"` // in RFC7644 idqlCondition form
	Action string `json:"Action,omitempty"`                   // allow/deny/audit default is allow
}

type ConditionMapper ¶

type ConditionMapper interface {
	/*
		MapConditionToProvider takes an IDQL Condition expression and converts it to a string
		usable the target provider. For example from RFC7644, Section-3.4.2.2 to Google Common Expression Language
	*/
	MapConditionToProvider(condition ConditionInfo) interface{}

	/*
		MapProviderToCondition take a string expression from a platform policy and converts it to RFC7644: Section-3.4.2.2.
	*/
	MapProviderToCondition(expression string) (ConditionInfo, error)
}

type NameMapper ¶

type NameMapper interface {
	// GetProviderAttributeName returns a simple string representation of the mapped attribute name (usually in name[.sub-attribute] form).
	GetProviderAttributeName(hexaName string) string

	// GetHexaFilterAttributePath returns a filterAttributePath which is used to build a SCIM Filter AST
	GetHexaFilterAttributePath(provName string) string
}

Source Files ¶

View all Source files

conditions.go

Directories ¶

Path	Synopsis
parser

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL