Documentation
¶
Index ¶
- Constants
- Variables
- func GetUseLambda() bool
- type APIError
- type Account
- type AccountService
- type AccountType
- type AuthedTransport
- type Client
- func (c *Client) Accounts() AccountService
- func (c *Client) Policies() PolicyService
- func (c *Client) Request(ctx context.Context) *resty.Request
- func (c *Client) SetAPIVersion(version string)
- func (c *Client) SetAccount(account string)
- func (c *Client) SetAuthToken(token string)
- func (c *Client) SetUserAgent(userAgent string)
- type Comparison
- type ComparisonType
- type Config
- type Interface
- type ListLinks
- type ListOptions
- type ListResponse
- type MultivalueComparison
- type PaginatedList
- type Policy
- type PolicyDocument
- type PolicyRules
- type PolicyService
- type RuleExpression
- type RuleMap
- type RuleMappings
- type StaticRule
- type TargetComparison
- type ValueComparison
Constants ¶
const ( AuthTokenEnvVar = "LIFEOMIC_TOKEN" HostEnvVar = "LIFEOMIC_HOST" AccountIDEnvVar = "LIFEOMIC_ACCOUNT" DebugEnvVar = "LIFEOMIC_DEBUG" )
Variables ¶
var ( GitCommit string GitRef string )
Git attributes are set at build-time (via LDFlags) so that it's accessible via the binary at runtime (see Makefile).
var (
ErrNoNextPage = errors.New("no next page to fetch")
)
pagination errors
Functions ¶
func GetUseLambda ¶
func GetUseLambda() bool
Types ¶
type AccountService ¶
type AccountService interface {
// Returns a list of accounts that the user has access to.
// See: https://docs.us.lifeomic.com/api/#list-all-accounts
List(context.Context) ([]Account, error)
}
AccountService facilitates communication with the Account-related endpoints of the PHC API. See: https://docs.us.lifeomic.com/api/#lifeomic-core-api-accounts
type AccountType ¶
type AccountType string
AccountType represents the type of an Account.
const ( AccountTypeFree AccountType = "free" AccountTypePaid AccountType = "paid" AccountTypeEnterprise AccountType = "enterprise" )
AccountType constants
type AuthedTransport ¶
type AuthedTransport struct {
AuthToken string
AccountID string
UserID string
Headers map[string]string
Base http.RoundTripper
}
func NewAuthedTransport ¶
func NewAuthedTransport(authToken, accountID, serviceName string, header map[string]string) *AuthedTransport
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client interfaces with the PHC API.
func (*Client) Accounts ¶
func (c *Client) Accounts() AccountService
Accounts returns an AccountService client.
func (*Client) Policies ¶
func (c *Client) Policies() PolicyService
Policies returns a PolicyService client.
func (*Client) SetAPIVersion ¶
SetAPIVersion updates the baseURL of the underlying http client to use the given API version.
func (*Client) SetAccount ¶
SetAccount updates the client to send a LifeOmic-Account header with the given name.
func (*Client) SetAuthToken ¶
SetAuthToken updates the Authorization header on the underlying http client to the given value.
func (*Client) SetUserAgent ¶
SetUserAgent sets the UserAgent header on the underlying http client.
type Comparison ¶
type Comparison interface {
GetComparisonType() ComparisonType
}
Comparison represents a generic ABAC comparison. It's a wrapper around the polymorphic JSON which can either express a comparison between an attribute and another attribute (TargetComparison), a single value (ValueComparison), or an array of values (MultivalueComparison). See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
type ComparisonType ¶
type ComparisonType string
A ComparisonType represents an ABAC comparison type. See: https://phc.docs.lifeomic.com/development/abac-syntax#supported-comparisons
const ( ComparisonEquals ComparisonType = "equals" ComparisonNotEquals ComparisonType = "notEquals" ComparisonIncludes ComparisonType = "includes" ComparisonNotIncludes ComparisonType = "notIncludes" ComparisonIn ComparisonType = "in" ComparisonNotIn ComparisonType = "notIn" ComparisonExists ComparisonType = "exists" ComparisonSuperset ComparisonType = "superset" ComparisonSubset ComparisonType = "subset" ComparisonStartsWith ComparisonType = "startsWith" ComparisonPrefixOf ComparisonType = "prefixOf" ComparisonEndsWith ComparisonType = "endsWith" ComparisonSuffixOf ComparisonType = "suffixOf" )
supported comparison constants
type Config ¶
type Config struct {
APIVersion string
Host string
AccountID string
AuthToken string
Header map[string]string
MaxRetries int
MaxRetryWaitTime time.Duration
Debug bool
ServiceName string
Transport http.RoundTripper
}
Config configures a PHC Client.
type Interface ¶
type Interface interface {
Accounts() AccountService
Policies() PolicyService
}
type ListOptions ¶
type ListOptions struct {
NextPageToken string `qstring:"nextPageToken,omitempty"`
PageSize int `qstring:"pageSize,omitempty"`
}
ListOptions represent parameters for generic List requests.
type ListResponse ¶
type ListResponse struct {
Links *ListLinks `json:"links"`
}
ListResponse represents the base object for generic list responses.
func (*ListResponse) GetNextPageToken ¶
func (r *ListResponse) GetNextPageToken() string
GetNextPageToken returns a nextPageToken or an empty string.
func (*ListResponse) HasNextPage ¶
func (r *ListResponse) HasNextPage() bool
type MultivalueComparison ¶
type MultivalueComparison struct {
Comparison ComparisonType `json:"comparison"`
Values []string `json:"value"`
}
MultivalueComparison represents an ABAC comparison between an attirbute and some values. See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
func (MultivalueComparison) GetComparisonType ¶
func (c MultivalueComparison) GetComparisonType() ComparisonType
type PaginatedList ¶
type PaginatedList[T any] interface { HasNextPage() bool GetNextPage(context.Context) (PaginatedList[T], error) GetNextPageToken() string Items() []T }
PaginatedList represents a list of a resource T which can be paginated.
type Policy ¶
type Policy struct {
Name string `json:"name"`
Policy PolicyDocument `json:"policy"`
}
Policy represents an ABAC policy document, mapping operations to rules. See: https://phc.docs.lifeomic.com/development/abac-syntax Example Policy:
policy := client.Policy{
Name: "my-policy",
Policy: client.PolicyDocument{
Rules: client.Rules{{
"readData": client.Comparison{
"user.id": {
Comparison: client.ComparisonEquals,
Value: "johndoe",
},
},
}},
},
}
type PolicyDocument ¶
type PolicyDocument struct {
Rules PolicyRules `json:"rules"`
}
PolicyDocument represents an ABAC policy document. See: https://phc.docs.lifeomic.com/development/abac-syntax
type PolicyRules ¶
type PolicyRules map[string]RuleExpression
PolicyRules maps operations to ABAC rules. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules Example with staitc rule:
rules := PolicyRules{"readData": StaticRule(true)}
Example with comparisons:
rules := PolicyRules{"readData": RuleMappings{
{"user.id": ValueComparison{Value: "johndoe", Type: ComparisonEquals}},
}}
func (*PolicyRules) UnmarshalJSON ¶
func (r *PolicyRules) UnmarshalJSON(b []byte) error
type PolicyService ¶
type PolicyService interface {
// List returns all policies.
// See: https://docs.us.lifeomic.com/api/#list-policies
List(context.Context, ListOptions) (PaginatedList[Policy], error)
// Create creates a new policy.
// See: https://docs.us.lifeomic.com/api/#create-policy
Create(context.Context, *Policy) (*Policy, error)
// Get gets a policy by name.
// See: https://docs.us.lifeomic.com/api/#get-a-policy
Get(context.Context, string) (*Policy, error)
// Update updates an existing policy.
// See: https://docs.us.lifeomic.com/api/#update-a-policy
Update(context.Context, string, *Policy) (*Policy, error)
// Delete deletes an existing policy.
// See: https://docs.us.lifeomic.com/api/#delete-a-policy
Delete(context.Context, string) error
}
PolicyService facilitates communication with the Policy-related endpoints of the PHC API. See: https://docs.us.lifeomic.com/api/#lifeomic-core-api-policy
type RuleExpression ¶
type RuleExpression interface {
// contains filtered or unexported methods
}
RuleExpression represents a generic rule setting for an operation in ABAC. It's a wrapper around the polymorphic JSON which can either express a boolean value (StaticRule) or a list of mappings of attributes to comparisons (RuleMappings).
type RuleMap ¶
type RuleMap map[string]Comparison
RuleMap maps an attribute to an ABAC comparison. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules
func (RuleMap) GetComparison ¶
func (r RuleMap) GetComparison() (subject string, comparison Comparison, ok bool)
GetComparison attempts to get the single attribute/subject to Comparison mapping that an ABAC rule should consist of. Returns false for malformed RuleMaps.
func (*RuleMap) UnmarshalJSON ¶
type StaticRule ¶
type StaticRule bool
StaticRule represents an operation rule which is either fully permissive or disabled. Use of this is heavily discouraged. See: https://phc.docs.lifeomic.com/development/abac-syntax#rules
type TargetComparison ¶
type TargetComparison struct {
Comparison ComparisonType `json:"comparison"`
Target string `json:"target"`
}
TargetComparison represents an ABAC comparison against some attribute.
func (TargetComparison) GetComparisonType ¶
func (c TargetComparison) GetComparisonType() ComparisonType
type ValueComparison ¶
type ValueComparison struct {
Comparison ComparisonType `json:"comparison"`
Value string `json:"value"`
}
ValueComparison represents an ABAC comparison between an attribute and some value. See: https://phc.docs.lifeomic.com/development/abac-syntax#comparisons
func (ValueComparison) GetComparisonType ¶
func (c ValueComparison) GetComparisonType() ComparisonType
Source Files