db

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 30, 2024 License: BSD-3-Clause-Clear Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source
const (
	StateInactive    = "INACTIVE"
	StateActive      = "ACTIVE"
	StateAny         = "ANY"
	StateUnspecified = "UNSPECIFIED"
)

Variables

View Source
var (
	TableAttributes                    = "attribute_definitions"
	TableAttributeValues               = "attribute_values"
	TableValueMembers                  = "attribute_value_members"
	TableNamespaces                    = "attribute_namespaces"
	TableAttrFqn                       = "attribute_fqns"
	TableAttributeKeyAccessGrants      = "attribute_definition_key_access_grants"
	TableAttributeValueKeyAccessGrants = "attribute_value_key_access_grants"
	TableResourceMappings              = "resource_mappings"
	TableSubjectMappings               = "subject_mappings"
	TableSubjectConditionSet           = "subject_condition_set"
	TableKeyAccessServerRegistry       = "key_access_servers"
)
View Source
var AttributeRuleTypeEnumPrefix = "ATTRIBUTE_RULE_TYPE_ENUM_"
View Source
var Tables struct {
	Attributes                    db.Table
	AttributeValues               db.Table
	ValueMembers                  db.Table
	Namespaces                    db.Table
	AttrFqn                       db.Table
	AttributeKeyAccessGrants      db.Table
	AttributeValueKeyAccessGrants db.Table
	ResourceMappings              db.Table
	SubjectMappings               db.Table
	SubjectConditionSet           db.Table
	KeyAccessServerRegistry       db.Table
}

Functions

func GetDBStateTypeTransformedEnum

func GetDBStateTypeTransformedEnum(state common.ActiveStateEnum) string

Types

type PolicyDBClient

type PolicyDBClient struct {
	*db.Client
}

func NewClient

func NewClient(c *db.Client) PolicyDBClient

func (PolicyDBClient) AssignKeyAccessServerToValue

func (*PolicyDBClient) AttrFqnReindex

func (c *PolicyDBClient) AttrFqnReindex() (res struct {
	Namespaces []struct {
		Id  string
		Fqn string
	}
	Attributes []struct {
		Id  string
		Fqn string
	}
	Values []struct {
		Id  string
		Fqn string
	}
},
)

AttrFqnReindex will reindex all namespace, attribute, and attribute_value FQNs

func (PolicyDBClient) CreateAttribute

func (PolicyDBClient) CreateAttributeValue

func (c PolicyDBClient) CreateAttributeValue(ctx context.Context, attributeID string, v *attributes.CreateAttributeValueRequest) (*policy.Value, error)

func (PolicyDBClient) CreateKeyAccessServer added in v0.2.0

func (PolicyDBClient) CreateNamespace

func (PolicyDBClient) CreateSubjectConditionSet

Creates a new subject condition set and returns the id of the created

func (PolicyDBClient) CreateSubjectMapping

Creates a new subject mapping and returns the id of the created. If an existing subject condition set id is provided, it will be used. If a new subject condition set is provided, it will be created. The existing subject condition set id takes precedence.

func (PolicyDBClient) DeactivateAttribute

func (c PolicyDBClient) DeactivateAttribute(ctx context.Context, id string) (*policy.Attribute, error)

func (PolicyDBClient) DeactivateAttributeValue

func (c PolicyDBClient) DeactivateAttributeValue(ctx context.Context, id string) (*policy.Value, error)

func (PolicyDBClient) DeactivateNamespace

func (c PolicyDBClient) DeactivateNamespace(ctx context.Context, id string) (*policy.Namespace, error)

func (PolicyDBClient) DeleteAttribute

func (c PolicyDBClient) DeleteAttribute(ctx context.Context, id string) (*policy.Attribute, error)

func (PolicyDBClient) DeleteAttributeValue

func (c PolicyDBClient) DeleteAttributeValue(ctx context.Context, id string) (*policy.Value, error)

func (PolicyDBClient) DeleteKeyAccessServer added in v0.2.0

func (c PolicyDBClient) DeleteKeyAccessServer(ctx context.Context, id string) (*policy.KeyAccessServer, error)

func (PolicyDBClient) DeleteNamespace

func (c PolicyDBClient) DeleteNamespace(ctx context.Context, id string) (*policy.Namespace, error)

func (PolicyDBClient) DeleteResourceMapping

func (c PolicyDBClient) DeleteResourceMapping(ctx context.Context, id string) (*policy.ResourceMapping, error)

func (PolicyDBClient) DeleteSubjectConditionSet

func (c PolicyDBClient) DeleteSubjectConditionSet(ctx context.Context, id string) (*policy.SubjectConditionSet, error)

Deletes specified subject condition set and returns the id of the deleted

func (PolicyDBClient) DeleteSubjectMapping

func (c PolicyDBClient) DeleteSubjectMapping(ctx context.Context, id string) (*policy.SubjectMapping, error)

Deletes specified subject mapping and returns the id of the deleted

func (PolicyDBClient) GetAttribute

func (c PolicyDBClient) GetAttribute(ctx context.Context, id string) (*policy.Attribute, error)

func (PolicyDBClient) GetAttributeByFqn

func (c PolicyDBClient) GetAttributeByFqn(ctx context.Context, fqn string) (*policy.Attribute, error)

func (PolicyDBClient) GetAttributeValue

func (c PolicyDBClient) GetAttributeValue(ctx context.Context, id string) (*policy.Value, error)

func (PolicyDBClient) GetAttributesByNamespace

func (c PolicyDBClient) GetAttributesByNamespace(ctx context.Context, namespaceID string) ([]*policy.Attribute, error)

func (PolicyDBClient) GetKeyAccessServer added in v0.2.0

func (c PolicyDBClient) GetKeyAccessServer(ctx context.Context, id string) (*policy.KeyAccessServer, error)

func (PolicyDBClient) GetMatchedSubjectMappings

func (c PolicyDBClient) GetMatchedSubjectMappings(ctx context.Context, properties []*policy.SubjectProperty) ([]*policy.SubjectMapping, error)

GetMatchedSubjectMappings liberally returns a list of SubjectMappings based on the provided SubjectProperties. The SubjectMappings are returned if there is any single condition found among the structures that matches: 1. The external field, external value, and an IN operator 2. The external field, _no_ external value, and a NOT_IN operator

Without this filtering, if a field was something like '.emailAddress' or '.username', every Subject is probably going to relate to that mapping in some way or another, potentially matching every single attribute in the DB if a policy admin has relied heavily on that field. There is no logic applied beyond a single condition within the query to avoid business logic interpreting the supplied conditions beyond the bare minimum initial filter.

NOTE: This relationship is sometimes called Entitlements or Subject Entitlements. NOTE: if you have any issues, set the log level to 'debug' for more comprehensive context.

func (PolicyDBClient) GetNamespace

func (c PolicyDBClient) GetNamespace(ctx context.Context, id string) (*policy.Namespace, error)

func (PolicyDBClient) GetResourceMapping

func (c PolicyDBClient) GetResourceMapping(ctx context.Context, id string) (*policy.ResourceMapping, error)

func (PolicyDBClient) GetSubjectConditionSet

func (c PolicyDBClient) GetSubjectConditionSet(ctx context.Context, id string) (*policy.SubjectConditionSet, error)

func (PolicyDBClient) GetSubjectMapping

func (c PolicyDBClient) GetSubjectMapping(ctx context.Context, id string) (*policy.SubjectMapping, error)

func (PolicyDBClient) ListAllAttributeValues

func (c PolicyDBClient) ListAllAttributeValues(ctx context.Context, state string) ([]*policy.Value, error)

func (PolicyDBClient) ListAllAttributes

func (c PolicyDBClient) ListAllAttributes(ctx context.Context, state string, namespace string) ([]*policy.Attribute, error)

func (PolicyDBClient) ListAllAttributesWithout

func (c PolicyDBClient) ListAllAttributesWithout(ctx context.Context, state string) ([]*policy.Attribute, error)

func (PolicyDBClient) ListAttributeValues

func (c PolicyDBClient) ListAttributeValues(ctx context.Context, attributeID string, state string) ([]*policy.Value, error)

func (PolicyDBClient) ListKeyAccessServers added in v0.2.0

func (c PolicyDBClient) ListKeyAccessServers(ctx context.Context) ([]*policy.KeyAccessServer, error)

func (PolicyDBClient) ListNamespaces

func (c PolicyDBClient) ListNamespaces(ctx context.Context, state string) ([]*policy.Namespace, error)

func (PolicyDBClient) ListResourceMappings

func (c PolicyDBClient) ListResourceMappings(ctx context.Context) ([]*policy.ResourceMapping, error)

func (PolicyDBClient) ListSubjectConditionSets

func (c PolicyDBClient) ListSubjectConditionSets(ctx context.Context) ([]*policy.SubjectConditionSet, error)

func (PolicyDBClient) ListSubjectMappings

func (c PolicyDBClient) ListSubjectMappings(ctx context.Context) ([]*policy.SubjectMapping, error)

func (PolicyDBClient) RemoveKeyAccessServerFromValue

func (c PolicyDBClient) RemoveKeyAccessServerFromValue(ctx context.Context, k *attributes.ValueKeyAccessServer) (*attributes.ValueKeyAccessServer, error)

func (PolicyDBClient) UpdateAttribute

func (PolicyDBClient) UpdateAttributeValue

func (PolicyDBClient) UpdateKeyAccessServer added in v0.2.0

func (PolicyDBClient) UpdateNamespace

func (PolicyDBClient) UpdateSubjectConditionSet

Mutates provided fields and returns id of the updated subject condition set

func (PolicyDBClient) UpdateSubjectMapping

Mutates provided fields and returns id of the updated subject mapping

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL