Documentation ¶
Index ¶
- Constants
- Variables
- func GetUseLambda() bool
- type APIError
- type Account
- type AccountService
- type AccountType
- type AuthedTransport
- type Client
- func (c *Client) Accounts() AccountService
- func (c *Client) Policies() PolicyService
- func (c *Client) Request(ctx context.Context) *resty.Request
- func (c *Client) SetAPIVersion(version string)
- func (c *Client) SetAccount(account string)
- func (c *Client) SetAuthToken(token string)
- func (c *Client) SetUserAgent(userAgent string)
- type Comparison
- type ComparisonType
- type Config
- type Interface
- type ListLinks
- type ListOptions
- type ListResponse
- type MultivalueComparison
- type PaginatedList
- type Policy
- type PolicyDocument
- type PolicyRules
- type PolicyService
- type RuleExpression
- type RuleMap
- type RuleMappings
- type StaticRule
- type TargetComparison
- type ValueComparison
Constants ¶
const ( AuthTokenEnvVar = "LIFEOMIC_TOKEN" HostEnvVar = "LIFEOMIC_HOST" AccountIDEnvVar = "LIFEOMIC_ACCOUNT" DebugEnvVar = "LIFEOMIC_DEBUG" )
Variables ¶
var ( GitCommit string GitRef string )
Git attributes are set at build-time (via LDFlags) so that it's accessible via the binary at runtime (see Makefile).
var (
ErrNoNextPage = errors.New("no next page to fetch")
)
pagination errors
Functions ¶
func GetUseLambda ¶
func GetUseLambda() bool
Types ¶
type AccountService ¶
type AccountService interface { // Returns a list of accounts that the user has access to. // See: https://docs.us.lifeomic.com/api/#list-all-accounts List(context.Context) ([]Account, error) }
AccountService facilitates communication with the Account-related endpoints of the PHC API. See: https://docs.us.lifeomic.com/api/#lifeomic-core-api-accounts
type AccountType ¶
type AccountType string
AccountType represents the type of an Account.
const ( AccountTypeFree AccountType = "free" AccountTypePaid AccountType = "paid" AccountTypeEnterprise AccountType = "enterprise" )
AccountType constants
type AuthedTransport ¶
type AuthedTransport struct { AuthToken string AccountID string UserID string Headers map[string]string Base http.RoundTripper }
func NewAuthedTransport ¶
func NewAuthedTransport(authToken, accountID, serviceName string, header map[string]string) *AuthedTransport
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client interfaces with the PHC API.
func (*Client) Accounts ¶
func (c *Client) Accounts() AccountService
Accounts returns an AccountService client.
func (*Client) Policies ¶
func (c *Client) Policies() PolicyService
Policies returns a PolicyService client.
func (*Client) SetAPIVersion ¶
SetAPIVersion updates the baseURL of the underlying http client to use the given API version.
func (*Client) SetAccount ¶
SetAccount updates the client to send a LifeOmic-Account header with the given name.
func (*Client) SetAuthToken ¶
SetAuthToken updates the Authorization header on the underlying http client to the given value.
func (*Client) SetUserAgent ¶
SetUserAgent sets the UserAgent header on the underlying http client.
type Comparison ¶
type Comparison interface {
GetComparisonType() ComparisonType
}
Comparison represents a generic ABAC comparison. It's a wrapper around the polymorphic JSON which can either express a comparison between an attribute and another attribute (TargetComparison), a single value (ValueComparison), or an array of values (MultivalueComparison). See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
type ComparisonType ¶
type ComparisonType string
A ComparisonType represents an ABAC comparison type. See: https://phc.docs.lifeomic.com/development/abac-syntax#supported-comparisons
const ( ComparisonEquals ComparisonType = "equals" ComparisonNotEquals ComparisonType = "notEquals" ComparisonIncludes ComparisonType = "includes" ComparisonNotIncludes ComparisonType = "notIncludes" ComparisonIn ComparisonType = "in" ComparisonNotIn ComparisonType = "notIn" ComparisonExists ComparisonType = "exists" ComparisonSuperset ComparisonType = "superset" ComparisonSubset ComparisonType = "subset" ComparisonStartsWith ComparisonType = "startsWith" ComparisonPrefixOf ComparisonType = "prefixOf" ComparisonEndsWith ComparisonType = "endsWith" ComparisonSuffixOf ComparisonType = "suffixOf" )
supported comparison constants
type Config ¶
type Config struct { APIVersion string Host string AccountID string AuthToken string Header map[string]string MaxRetries int MaxRetryWaitTime time.Duration Debug bool ServiceName string Transport http.RoundTripper }
Config configures a PHC Client.
type Interface ¶
type Interface interface { Accounts() AccountService Policies() PolicyService }
type ListOptions ¶
type ListOptions struct { NextPageToken string `qstring:"nextPageToken,omitempty"` PageSize int `qstring:"pageSize,omitempty"` }
ListOptions represent parameters for generic List requests.
type ListResponse ¶
type ListResponse struct {
Links *ListLinks `json:"links"`
}
ListResponse represents the base object for generic list responses.
func (*ListResponse) GetNextPageToken ¶
func (r *ListResponse) GetNextPageToken() string
GetNextPageToken returns a nextPageToken or an empty string.
func (*ListResponse) HasNextPage ¶
func (r *ListResponse) HasNextPage() bool
type MultivalueComparison ¶
type MultivalueComparison struct { Comparison ComparisonType `json:"comparison"` Values []string `json:"value"` }
MultivalueComparison represents an ABAC comparison between an attirbute and some values. See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
func (MultivalueComparison) GetComparisonType ¶
func (c MultivalueComparison) GetComparisonType() ComparisonType
type PaginatedList ¶
type PaginatedList[T any] interface { HasNextPage() bool GetNextPage(context.Context) (PaginatedList[T], error) GetNextPageToken() string Items() []T }
PaginatedList represents a list of a resource T which can be paginated.
type Policy ¶
type Policy struct { Name string `json:"name"` Policy PolicyDocument `json:"policy"` }
Policy represents an ABAC policy document, mapping operations to rules. See: https://phc.docs.lifeomic.com/development/abac-syntax Example Policy:
policy := client.Policy{ Name: "my-policy", Policy: client.PolicyDocument{ Rules: client.Rules{{ "readData": client.Comparison{ "user.id": { Comparison: client.ComparisonEquals, Value: "johndoe", }, }, }}, }, }
type PolicyDocument ¶
type PolicyDocument struct {
Rules PolicyRules `json:"rules"`
}
PolicyDocument represents an ABAC policy document. See: https://phc.docs.lifeomic.com/development/abac-syntax
type PolicyRules ¶
type PolicyRules map[string]RuleExpression
PolicyRules maps operations to ABAC rules. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules Example with staitc rule:
rules := PolicyRules{"readData": StaticRule(true)}
Example with comparisons:
rules := PolicyRules{"readData": RuleMappings{ {"user.id": ValueComparison{Value: "johndoe", Type: ComparisonEquals}}, }}
func (*PolicyRules) UnmarshalJSON ¶
func (r *PolicyRules) UnmarshalJSON(b []byte) error
type PolicyService ¶
type PolicyService interface { // List returns all policies. // See: https://docs.us.lifeomic.com/api/#list-policies List(context.Context, ListOptions) (PaginatedList[Policy], error) // Create creates a new policy. // See: https://docs.us.lifeomic.com/api/#create-policy Create(context.Context, *Policy) (*Policy, error) // Get gets a policy by name. // See: https://docs.us.lifeomic.com/api/#get-a-policy Get(context.Context, string) (*Policy, error) // Update updates an existing policy. // See: https://docs.us.lifeomic.com/api/#update-a-policy Update(context.Context, string, *Policy) (*Policy, error) // Delete deletes an existing policy. // See: https://docs.us.lifeomic.com/api/#delete-a-policy Delete(context.Context, string) error }
PolicyService facilitates communication with the Policy-related endpoints of the PHC API. See: https://docs.us.lifeomic.com/api/#lifeomic-core-api-policy
type RuleExpression ¶
type RuleExpression interface {
// contains filtered or unexported methods
}
RuleExpression represents a generic rule setting for an operation in ABAC. It's a wrapper around the polymorphic JSON which can either express a boolean value (StaticRule) or a list of mappings of attributes to comparisons (RuleMappings).
type RuleMap ¶
type RuleMap map[string]Comparison
RuleMap maps an attribute to an ABAC comparison. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules
func (RuleMap) GetComparison ¶
func (r RuleMap) GetComparison() (subject string, comparison Comparison, ok bool)
GetComparison attempts to get the single attribute/subject to Comparison mapping that an ABAC rule should consist of. Returns false for malformed RuleMaps.
func (*RuleMap) UnmarshalJSON ¶
type StaticRule ¶
type StaticRule bool
StaticRule represents an operation rule which is either fully permissive or disabled. Use of this is heavily discouraged. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules
type TargetComparison ¶
type TargetComparison struct { Comparison ComparisonType `json:"comparison"` Target string `json:"target"` }
TargetComparison represents an ABAC comparison against some attribute.
func (TargetComparison) GetComparisonType ¶
func (c TargetComparison) GetComparisonType() ComparisonType
type ValueComparison ¶
type ValueComparison struct { Comparison ComparisonType `json:"comparison"` Value string `json:"value"` }
ValueComparison represents an ABAC comparison between an attribute and some value. See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
func (ValueComparison) GetComparisonType ¶
func (c ValueComparison) GetComparisonType() ComparisonType