Documentation ¶
Index ¶
- Constants
- Variables
- func EvaluatePolicy(ctx *roleAttributeChangeContext, policy Policy, ...)
- func FieldValuesToIds(new []boltz.FieldTypeAndValue) []string
- func ProcessEntityPolicyMatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool
- func ProcessEntityPolicyUnmatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool
- func RunMigrations(db boltz.Db, stores *Stores) error
- func UpdateRelatedRoles(ctx *roleAttributeChangeContext, entityId []byte, ...)
- type ApiSession
- type ApiSessionCertificate
- type ApiSessionCertificateStore
- type ApiSessionCertificateStoreImpl
- func (store ApiSessionCertificateStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store *ApiSessionCertificateStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*ApiSessionCertificate, error)
- func (store *ApiSessionCertificateStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*ApiSessionCertificate, error)
- func (store *ApiSessionCertificateStoreImpl) NewStoreEntity() boltz.Entity
- type ApiSessionStore
- type AuthPolicy
- type AuthPolicyCert
- type AuthPolicyExtJwt
- type AuthPolicyPrimary
- type AuthPolicySecondary
- type AuthPolicyStore
- type AuthPolicyStoreImpl
- func (store AuthPolicyStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex
- func (store *AuthPolicyStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*AuthPolicy, error)
- func (store *AuthPolicyStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*AuthPolicy, error)
- func (store *AuthPolicyStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*AuthPolicy, error)
- func (store *AuthPolicyStoreImpl) NewStoreEntity() boltz.Entity
- type AuthPolicyUpdb
- type Authenticator
- func (entity *Authenticator) GetEntityType() string
- func (entity *Authenticator) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
- func (entity *Authenticator) SetValues(ctx *boltz.PersistContext)
- func (entity *Authenticator) ToCert() *AuthenticatorCert
- func (entity *Authenticator) ToSubType() AuthenticatorSubType
- func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb
- type AuthenticatorCert
- type AuthenticatorStore
- type AuthenticatorSubType
- type AuthenticatorUpdb
- type Ca
- type CaStore
- type Config
- type ConfigStore
- type ConfigType
- type ConfigTypeStore
- type DbProvider
- type EdgeRouter
- type EdgeRouterPolicy
- func (entity *EdgeRouterPolicy) GetEntityType() string
- func (entity *EdgeRouterPolicy) GetName() string
- func (entity *EdgeRouterPolicy) GetSemantic() string
- func (entity *EdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
- func (entity *EdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)
- type EdgeRouterPolicyStore
- type EdgeRouterStore
- type EdgeService
- type EdgeServiceStore
- type Enrollment
- type EnrollmentStore
- type EnvInfo
- type EventListenerFunc
- type EventLog
- type EventLogStore
- type EventualEvent
- type EventualEventAdded
- type EventualEventProcessingBatchDone
- type EventualEventProcessingBatchStart
- type EventualEventProcessingDone
- type EventualEventProcessingListenerDone
- type EventualEventProcessingListenerStart
- type EventualEventProcessingStart
- type EventualEventRemoved
- type EventualEventStore
- type EventualEventer
- type EventualEventerBbolt
- func (a *EventualEventerBbolt) AddEventualEvent(eventType string, data []byte)
- func (a *EventualEventerBbolt) AddEventualEventWithCtx(ctx boltz.MutateContext, eventType string, data []byte)
- func (a *EventualEventerBbolt) AddEventualListener(eventType string, listener EventListenerFunc)
- func (a *EventualEventerBbolt) Start(closeNotify <-chan struct{}) error
- func (a *EventualEventerBbolt) Stop() error
- func (a *EventualEventerBbolt) Trigger() (<-chan struct{}, error)
- type ExternalIdClaim
- type ExternalJwtSigner
- type ExternalJwtSignerStore
- type GeoRegion
- type GeoRegionStore
- type Identity
- type IdentityStore
- type IdentityType
- type IdentityTypeStore
- type IdentityTypeStoreImpl
- func (store IdentityTypeStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex
- func (store *IdentityTypeStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*IdentityType, error)
- func (store *IdentityTypeStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*IdentityType, error)
- func (store *IdentityTypeStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*IdentityType, error)
- func (store *IdentityTypeStoreImpl) NewStoreEntity() boltz.Entity
- type Mfa
- type MfaStore
- type MfaStoreImpl
- type Migrations
- type NameIndexedStore
- type OperatingSystem
- type Policy
- type PolicyType
- type PostureCheck
- type PostureCheckMacAddresses
- type PostureCheckMfa
- type PostureCheckOperatingSystem
- type PostureCheckOs
- type PostureCheckProcess
- type PostureCheckProcessMulti
- type PostureCheckStore
- type PostureCheckSubType
- type PostureCheckTypeStore
- type PostureCheckWindowsDomains
- type ProcessMulti
- type SdkInfo
- type SecretStore
- type ServiceConfig
- type ServiceEdgeRouterPolicy
- func (entity *ServiceEdgeRouterPolicy) GetEntityType() string
- func (entity *ServiceEdgeRouterPolicy) GetName() string
- func (entity *ServiceEdgeRouterPolicy) GetSemantic() string
- func (entity *ServiceEdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
- func (entity *ServiceEdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)
- type ServiceEdgeRouterPolicyStore
- type ServiceEvent
- type ServiceEventHandler
- type ServiceEventType
- type ServiceEventsRegistry
- type ServicePolicy
- func (entity *ServicePolicy) GetEntityType() string
- func (entity *ServicePolicy) GetName() string
- func (entity *ServicePolicy) GetPolicyTypeName() string
- func (entity *ServicePolicy) GetSemantic() string
- func (entity *ServicePolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
- func (entity *ServicePolicy) SetValues(ctx *boltz.PersistContext)
- type ServicePolicyStore
- type Session
- type SessionCert
- type SessionStore
- type Store
- type Stores
- type TestContext
- func (ctx *TestContext) Cleanup()
- func (ctx *TestContext) CleanupAll()
- func (ctx *TestContext) GetDb() boltz.Db
- func (ctx *TestContext) GetDbProvider() DbProvider
- func (ctx *TestContext) GetNetwork() *network.Network
- func (ctx *TestContext) GetStoreForEntity(entity boltz.Entity) boltz.CrudStore
- func (ctx *TestContext) GetStores() *Stores
- func (ctx *TestContext) Init()
- func (ctx *TestContext) InitWithDbFile(path string)
- func (ctx *TestContext) RequireNewIdentity(name string, isAdmin bool) *Identity
- func (ctx *TestContext) RequireNewService(name string) *EdgeService
- type TransitRouter
- type TransitRouterStore
- type UpdateLastActivityAtChecker
Constants ¶
const ( FieldApiSessionCertificateApiSession = "apiSession" FieldApiSessionCertificateSubject = "subject" FieldApiSessionCertificateFingerprint = "fingerprint" FieldApiSessionCertificateValidAfter = "validAfter" FieldApiSessionCertificateValidBefore = "validBefore" FieldApiSessionCertificatePem = "pem" )
const ( FieldApiSessionIdentity = "identity" FieldApiSessionToken = "token" FieldApiSessionConfigTypes = "configTypes" FieldApiSessionIPAddress = "ipAddress" FieldApiSessionMfaComplete = "mfaComplete" FieldApiSessionMfaRequired = "mfaRequired" FieldApiSessionLastActivityAt = "lastActivityAt" FieldApiSessionAuthenticator = "authenticator" EventFullyAuthenticated events.EventName = "FULLY_AUTHENTICATED" EventualEventApiSessionDelete = "ApiSessionDelete" )
const ( DefaultUpdbMinPasswordLength = int64(5) DefaultUpdbMaxAttempts = int64(5) DefaultAuthPolicyId = "default" UpdbIndefiniteLockout = int64(0) UpdbUnlimitedAttemptsLimit = int64(0) FieldAuthPolicyPrimaryCertAllowed = "primary.cert.allowed" FieldAuthPolicyPrimaryCertAllowExpiredCerts = "primary.cert.allowExpiredCerts" FieldAuthPolicyPrimaryUpdbAllowed = "primary.updb.allowed" FiledAuthPolicyPrimaryUpdbMinPasswordLength = "primary.updb.minPasswordLength" FieldAuthPolicyPrimaryUpdbRequireSpecialChar = "primary.updb.requireSpecialChar" FieldAuthPolicyPrimaryUpdbRequireNumberChar = "primary.updb.requireNumberChar" FieldAuthPolicyPrimaryUpdbRequireMixedCase = "primary.updb.requireMixedCase" FieldAuthPolicyPrimaryUpdbMaxAttempts = "primary.updb.maxAttempts" FieldAuthPolicyPrimaryUpdbLockoutDurationMinutes = "primary.updb.lockoutDurationMinutes" FieldAuthPolicyPrimaryExtJwtAllowed = "primary.extJwt.allowed" FieldAuthPolicyPrimaryExtJwtAllowedSigners = "primary.extJwt.allowedSigners" FieldAuthSecondaryPolicyRequireTotp = "secondary.requireTotp" FieldAuthSecondaryPolicyRequiredExtJwtSigner = "secondary.requireExtJwtSigner" )
const ( FieldAuthenticatorMethod = "method" FieldAuthenticatorIdentity = "identity" FieldAuthenticatorCertFingerprint = "certFingerprint" FieldAuthenticatorCertPem = "certPem" FieldAuthenticatorUnverifiedCertPem = "unverifiedCertPem" FieldAuthenticatorUnverifiedCertFingerprint = "unverifiedCertFingerprint" FieldAuthenticatorUpdbUsername = "updbUsername" FieldAuthenticatorUpdbPassword = "updbPassword" FieldAuthenticatorUpdbSalt = "updbSalt" MethodAuthenticatorUpdb = "updb" MethodAuthenticatorCert = "cert" // MethodAuthenticatorCertCaExternalId represents authentication with a certificate that isn't directly // registered with an authenticator. Instead, it uses `externalId` values on identities and matches them to a // "x509 claim" (custom values stuffed into SANs or other x509 properties). This type will never actually // be stored for persistence and is defined here for as tobe near the other authenticator methods. MethodAuthenticatorCertCaExternalId = "certCaExternalId" )
const ( EntityTypeApiSessions = "apiSessions" EntityTypeApiSessionCertificates = "apiSessionCertificates" EntityTypeAuthPolicies = "authPolicies" EntityTypeEventualEvents = "eventualEvents" EntityTypeCas = "cas" EntityTypeConfigs = "configs" EntityTypeConfigTypes = "configTypes" EntityTypeEdgeRouterPolicies = "edgeRouterPolicies" EntityTypeEventLogs = "eventLogs" EntityTypeExternalJwtSigners = "externalJwtSigners" EntityTypeGeoRegions = "geoRegions" EntityTypeIdentities = "identities" EntityTypeIdentityTypes = "identityTypes" EntityTypeMfas = "mfas" EntityTypeServicePolicies = "servicePolicies" EntityTypeServiceEdgeRouterPolicies = "serviceEdgeRouterPolicies" EntityTypeSessions = "sessions" EntityTypeSessionCerts = "sessionCerts" EntityTypeEnrollments = "enrollments" EntityTypeAuthenticators = "authenticators" EntityTypePostureChecks = "postureChecks" EntityTypePostureCheckTypes = "postureCheckTypes" EdgeBucket = "edge" FieldName = "name" FieldSemantic = "semantic" FieldRoleAttributes = "roleAttributes" FieldEdgeRouterRoles = "edgeRouterRoles" FieldIdentityRoles = "identityRoles" FieldServiceRoles = "serviceRoles" FieldPostureCheckRoles = "postureCheckRoles" SemanticAllOf = "AllOf" SemanticAnyOf = "AnyOf" )
const ( FieldCaFingerprint = "fingerprint" FieldCaCertPem = "certPem" FieldCaIsVerified = "isVerified" FieldCaVerificationToken = "verificationToken" FieldCaIsAutoCaEnrollmentEnabled = "isAutoCaEnrollmentEnabled" FieldCaIsOttCaEnrollmentEnabled = "isOttCaEnrollmentEnabled" FieldCaIsAuthEnabled = "isAuthEnabled" FieldCaIdentityNameFormat = "identityNameFormat" FieldCaEnrollments = "enrollments" FieldCaExternalIdClaim = "externalIdClaim" FieldCaExternalIdClaimLocation = "externalIdClaim.location" FieldCaExternalIdClaimIndex = "externalIdClaim.index" FieldCaExternalIdClaimMatcher = "externalIdClaim.matcher" FieldCaExternalIdClaimMatcherCriteria = "externalIdClaim.matcherCriteria" FieldCaExternalIdClaimParser = "externalIdClaim.parser" FieldCaExternalIdClaimParserCriteria = "externalIdClaim.parserSeparator" )
const ( ExternalIdClaimLocCommonName = "COMMON_NAME" ExternalIdClaimLocSanUri = "SAN_URI" ExternalIdClaimLocSanEmail = "SAN_EMAIL" ExternalIdClaimMatcherAll = "ALL" ExternalIdClaimMatcherSuffix = "SUFFIX" ExternalIdClaimMatcherPrefix = "PREFIX" ExternalIdClaimMatcherScheme = "SCHEME" ExternalIdClaimParserNone = "NONE" ExternalIdClaimParserSplit = "SPLIT" )
const ( FieldConfigData = "data" FieldConfigType = "type" FieldConfigIdentityService = "identityServices" )
const ( FieldEdgeRouters = "edgeRouters" FieldEdgeRouterCertPEM = "certPem" FieldEdgeRouterUnverifiedCertPEM = "unverifiedCertPem" FieldEdgeRouterUnverifiedFingerprint = "unverifiedFingerprint" FieldEdgeRouterIsVerified = "isVerified" FieldEdgeRouterHostname = "hostname" FieldEdgeRouterProtocols = "protocols" FieldEdgeRouterEnrollments = "enrollments" FieldEdgeRouterIsTunnelerEnabled = "isTunnelerEnabled" FieldEdgeRouterAppData = "appData" )
const ( FieldEdgeServiceDialIdentities = "dialIdentities" FieldEdgeServiceBindIdentities = "bindIdentities" FieldServiceEncryptionRequired = "encryptionRequired" )
const ( FieldEnrollmentToken = "token" FieldEnrollmentMethod = "method" FieldEnrollIdentity = "identity" FieldEnrollEdgeRouter = "edgeRouter" FieldEnrollTransitRouter = "transitRouter" FieldEnrollmentExpiresAt = "expiresAt" FieldEnrollmentIssuedAt = "issuedAt" FieldEnrollmentCaId = "caId" FieldEnrollmentUsername = "username" FieldEnrollmentJwt = "jwt" MethodEnrollOtt = "ott" MethodEnrollOttCa = "ottca" MethodEnrollCa = "ca" MethodEnrollUpdb = "updb" )
const ( FieldEventLogType = "type" FieldEventLogActorType = "actorType" FieldEventLogActorId = "actorId" FieldEventLogEntityType = "entityType" FieldEventLogEntityId = "entityId" FieldEventLogFormattedMessage = "formattedMessage" FieldEventLogFormatString = "formatString" FieldEventLogFormatData = "formatData" FieldEventLogData = "data" )
const ( FieldEventualEventType = "type" FieldEventualEventData = "data" )
const ( // EventualEventAddedName is emitted when a new event is added via AddEventualEvent(). // // Event arguments: // 0 - an EventualEventAdded struct EventualEventAddedName = events.EventName("EventualEventAdded") // EventualEventRemovedName is emitted when a previously added eventual event is processed // // Event arguments: // 0 - an EventualEventRemoved struct EventualEventRemovedName = events.EventName("EventualEventRemoved") // EventualEventProcessingStartName is emitted as the first action during processing // Event arguments: // 0 - an EventualEventProcessingStart struct EventualEventProcessingStartName = events.EventName("EventualEventProcessingStart") // EventualEventProcessingBatchStartName is emitted as the first set of events are processed // after EventualEventProcessingStartName. It is possible for 0+ batches to be processed. Each // patch should contain 1+ events. // // Event arguments: // 0 - an EventualEventProcessingBatchStart struct EventualEventProcessingBatchStartName = events.EventName("EventualEventProcessingBatchStart") // EventualEventProcessingListenerStartName is emitted for each function listener invoked // on each event. // // Event arguments: // 0 - an EventualEventProcessingListenerStart struct EventualEventProcessingListenerStartName = events.EventName("EventualEventProcessingListenerStart") // EventualEventProcessingListenerDoneName is emitted for each function listener after invocation // // Event arguments: // 0 - an EventualEventProcessingListenerDone struct EventualEventProcessingListenerDoneName = events.EventName("EventualEventProcessingListenerDone") // EventualEventProcessingBatchDoneName is emitted after the last event processed in a batch. // // Event arguments: // 0 - an EventualEventProcessingBatchDone struct EventualEventProcessingBatchDoneName = events.EventName("EventualEventProcessingBatchDone") // EventualEventProcessingDoneName is emitted as the last action during processing after // all events and batches. // // Event arguments: // 0 - an EventualEventProcessingDone struct EventualEventProcessingDoneName = events.EventName("EventualEventProcessingDone") )
const ( FieldExternalJwtSignerFingerprint = "fingerprint" FieldExternalJwtSignerCertPem = "certPem" FieldExternalJwtSignerCommonName = "commonName" FieldExternalJwtSignerNotAfter = "notAfter" FieldExternalJwtSignerNotBefore = "notBefore" FieldExternalJwtSignerEnabled = "enabled" FieldExternalJwtSignerExternalAuthUrl = "externalAuthUrl" FieldExternalJwtSignerAuthPolicies = "authPolicies" FieldExternalJwtSignerClaimsProperty = "claimsProperty" FieldExternalJwtSignerUseExternalId = "useExternalId" FieldExternalJwtSignerKid = "kid" FieldExternalJwtSignerIssuer = "issuer" FieldExternalJwtSignerAudience = "audience" DefaultClaimsProperty = "sub" )
const ( FieldIdentityType = "type" FieldIdentityIsDefaultAdmin = "isDefaultAdmin" FieldIdentityIsAdmin = "isAdmin" FieldIdentityEnrollments = "enrollments" FieldIdentityAuthenticators = "authenticators" FieldIdentityServiceConfigs = "serviceConfigs" FieldIdentityEnvInfoArch = "envInfoArch" FieldIdentityEnvInfoOs = "envInfoOs" FieldIdentityEnvInfoOsRelease = "envInfoRelease" FieldIdentityEnvInfoOsVersion = "envInfoVersion" FieldIdentitySdkInfoBranch = "sdkInfoBranch" FieldIdentitySdkInfoRevision = "sdkInfoRevision" FieldIdentitySdkInfoType = "sdkInfoType" FieldIdentitySdkInfoVersion = "sdkInfoVersion" FieldIdentitySdkInfoAppId = "sdkInfoAppId" FieldIdentitySdkInfoAppVersion = "sdkInfoAppVersion" FieldIdentityBindServices = "bindServices" FieldIdentityDialServices = "dialServices" FieldIdentityDefaultHostingPrecedence = "defaultHostingPrecedence" FieldIdentityDefaultHostingCost = "defaultHostingCost" FieldIdentityServiceHostingPrecedences = "serviceHostingPrecedences" FieldIdentityServiceHostingCosts = "serviceHostingCosts" FieldIdentityAppData = "appData" FieldIdentityAuthPolicyId = "authPolicyId" FieldIdentityExternalId = "externalId" FieldIdentityDisabledAt = "disabledAt" FieldIdentityDisabledUntil = "disabledUntil" )
const ( FieldMfaIdentity = "identity" FieldMfaIsVerified = "isVerified" FieldMfaRecoveryCodes = "recoveryCodes" FieldMfaSecret = "secret" FieldMfaSalt = "salt" )
const ( CurrentDbVersion = 28 FieldVersion = "version" )
const ( FieldPostureCheckMfaTimeoutSeconds = "timeoutSeconds" FieldPostureCheckMfaPromptOnWake = "promptOnWake" FieldPostureCheckMfaPromptOnUnlock = "promptOnUnlock" FieldPostureCheckMfaIgnoreLegacyEndpoints = "ignoreLegacyEndpoints" )
const ( FieldPostureCheckOsType = "osType" FieldPostureCheckOsVersions = "osVersions" )
const ( FieldPostureCheckProcessOs = "os" FieldPostureCheckProcessPath = "path" FieldPostureCheckProcessHashes = "hashes" FieldPostureCheckProcessFingerprint = "fingerprint" )
const ( FieldPostureCheckProcessMultiOsType = "osType" FieldPostureCheckProcessMultiPath = "path" FieldPostureCheckProcessMultiHashes = "hashes" FieldPostureCheckProcessMultiSignerFingerprints = "signerFingerprints" FieldPostureCheckProcessMultiProcesses = "processes" )
const ( //Fields FieldPostureCheckTypeId = "typeId" FieldPostureCheckVersion = "version" FieldPostureCheckBindServices = "bindServices" FieldPostureCheckDialServices = "dialServices" )
const ( PostureCheckTypeOs = "OS" PostureCheckTypeDomain = "DOMAIN" PostureCheckTypeProcess = "PROCESS" PostureCheckTypeProcessMulti = "PROCESS_MULTI" PostureCheckTypeMAC = "MAC" PostureCheckTypeMFA = "MFA" )
const ( FieldServicePolicyType = "type" PolicyTypeInvalidName = "Invalid" PolicyTypeDialName = "Dial" PolicyTypeBindName = "Bind" PolicyTypeInvalid PolicyType = 0 PolicyTypeDial PolicyType = 1 PolicyTypeBind PolicyType = 2 )
const ( FieldSessionToken = "token" FieldSessionApiSession = "apiSession" FieldSessionService = "service" FieldSessionIdentity = "identity" FieldSessionType = "type" FieldSessionServicePolicies = "servicePolicies" FieldSessionCertCert = "cert" FieldSessionCertFingerprint = "fingerprint" FieldSessionCertValidFrom = "validFrom" FieldSessionCertValidTo = "validTo" SessionTypeDial = "Dial" SessionTypeBind = "Bind" )
const ( TransitRouterPath = "transitRouter" FieldTransitRouterIsVerified = "isVerified" FieldTransitRouterEnrollments = "enrollments" )
const ( RolePrefix = "#" EntityPrefix = "@" AllRole = "#all" )
const (
FieldConfigTypeSchema = "schema"
)
const (
FieldPostureCheckDomains = "domains"
)
const (
FieldPostureCheckMacAddresses = "macAddresses"
)
const (
FieldPostureCheckTypeOperatingSystems = "operatingSystems"
)
const (
RouterIdentityType = "Router"
)
Variables ¶
var IdentityTypesV1 = map[string]string{
"User": "User",
"Device": "Device",
"Service": "Service",
"Router": "Router",
}
var ServiceEvents = &ServiceEventsRegistry{ handlers: cowslice.NewCowSlice(make([]ServiceEventHandler, 0)), }
Functions ¶
func EvaluatePolicy ¶ added in v0.15.27
func EvaluatePolicy(ctx *roleAttributeChangeContext, policy Policy, roleAttributesSymbol boltz.EntitySetSymbol)
func FieldValuesToIds ¶
func FieldValuesToIds(new []boltz.FieldTypeAndValue) []string
func ProcessEntityPolicyMatched ¶ added in v0.15.27
func ProcessEntityPolicyUnmatched ¶ added in v0.15.27
func UpdateRelatedRoles ¶
func UpdateRelatedRoles(ctx *roleAttributeChangeContext, entityId []byte, newRoleAttributes []boltz.FieldTypeAndValue, semanticSymbol boltz.EntitySymbol)
Types ¶
type ApiSession ¶
type ApiSession struct { boltz.BaseExtEntity IdentityId string Token string IPAddress string ConfigTypes []string MfaComplete bool MfaRequired bool LastActivityAt time.Time AuthenticatorId string }
func NewApiSession ¶
func NewApiSession(identityId string) *ApiSession
func (*ApiSession) GetEntityType ¶
func (entity *ApiSession) GetEntityType() string
func (*ApiSession) LoadValues ¶
func (entity *ApiSession) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ApiSession) SetValues ¶
func (entity *ApiSession) SetValues(ctx *boltz.PersistContext)
type ApiSessionCertificate ¶ added in v0.17.30
type ApiSessionCertificate struct { boltz.BaseExtEntity ApiSessionId string Subject string Fingerprint string ValidAfter *time.Time ValidBefore *time.Time PEM string }
func NewApiSessionCertificate ¶ added in v0.17.30
func NewApiSessionCertificate(apiSessionId string) *ApiSessionCertificate
func (*ApiSessionCertificate) GetEntityType ¶ added in v0.17.30
func (entity *ApiSessionCertificate) GetEntityType() string
func (*ApiSessionCertificate) LoadValues ¶ added in v0.17.30
func (entity *ApiSessionCertificate) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ApiSessionCertificate) SetValues ¶ added in v0.17.30
func (entity *ApiSessionCertificate) SetValues(ctx *boltz.PersistContext)
type ApiSessionCertificateStore ¶ added in v0.17.30
type ApiSessionCertificateStoreImpl ¶ added in v0.17.30
type ApiSessionCertificateStoreImpl struct {
// contains filtered or unexported fields
}
func (*ApiSessionCertificateStoreImpl) LoadOneById ¶ added in v0.17.30
func (store *ApiSessionCertificateStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*ApiSessionCertificate, error)
func (*ApiSessionCertificateStoreImpl) LoadOneByQuery ¶ added in v0.17.30
func (store *ApiSessionCertificateStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*ApiSessionCertificate, error)
func (*ApiSessionCertificateStoreImpl) NewStoreEntity ¶ added in v0.17.30
func (store *ApiSessionCertificateStoreImpl) NewStoreEntity() boltz.Entity
type ApiSessionStore ¶
type AuthPolicy ¶ added in v0.21.153
type AuthPolicy struct { boltz.BaseExtEntity Name string Primary AuthPolicyPrimary Secondary AuthPolicySecondary }
func (*AuthPolicy) GetEntityType ¶ added in v0.21.153
func (entity *AuthPolicy) GetEntityType() string
func (*AuthPolicy) GetName ¶ added in v0.21.153
func (entity *AuthPolicy) GetName() string
func (*AuthPolicy) LoadValues ¶ added in v0.21.153
func (entity *AuthPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*AuthPolicy) SetValues ¶ added in v0.21.153
func (entity *AuthPolicy) SetValues(ctx *boltz.PersistContext)
type AuthPolicyCert ¶ added in v0.21.153
type AuthPolicyExtJwt ¶ added in v0.21.153
type AuthPolicyPrimary ¶ added in v0.21.153
type AuthPolicyPrimary struct { Cert AuthPolicyCert Updb AuthPolicyUpdb ExtJwt AuthPolicyExtJwt }
type AuthPolicySecondary ¶ added in v0.21.153
type AuthPolicyStore ¶ added in v0.21.153
type AuthPolicyStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*AuthPolicy, error) LoadOneByName(tx *bbolt.Tx, id string) (*AuthPolicy, error) }
type AuthPolicyStoreImpl ¶ added in v0.21.153
type AuthPolicyStoreImpl struct {
// contains filtered or unexported fields
}
func (*AuthPolicyStoreImpl) GetNameIndex ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex
func (*AuthPolicyStoreImpl) LoadOneById ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*AuthPolicy, error)
func (*AuthPolicyStoreImpl) LoadOneByName ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*AuthPolicy, error)
func (*AuthPolicyStoreImpl) LoadOneByQuery ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*AuthPolicy, error)
func (*AuthPolicyStoreImpl) NewStoreEntity ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) NewStoreEntity() boltz.Entity
type AuthPolicyUpdb ¶ added in v0.21.153
type Authenticator ¶
type Authenticator struct { boltz.BaseExtEntity Type string IdentityId string SubType AuthenticatorSubType }
func (*Authenticator) GetEntityType ¶
func (entity *Authenticator) GetEntityType() string
func (*Authenticator) LoadValues ¶
func (entity *Authenticator) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Authenticator) SetValues ¶
func (entity *Authenticator) SetValues(ctx *boltz.PersistContext)
func (*Authenticator) ToCert ¶
func (entity *Authenticator) ToCert() *AuthenticatorCert
func (*Authenticator) ToSubType ¶
func (entity *Authenticator) ToSubType() AuthenticatorSubType
func (*Authenticator) ToUpdb ¶
func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb
type AuthenticatorCert ¶
type AuthenticatorCert struct { Authenticator Fingerprint string Pem string UnverifiedPem string UnverifiedFingerprint string }
func (*AuthenticatorCert) Fingerprints ¶
func (entity *AuthenticatorCert) Fingerprints() []string
type AuthenticatorStore ¶
type AuthenticatorSubType ¶
type AuthenticatorSubType interface {
Fingerprints() []string
}
type AuthenticatorUpdb ¶
type AuthenticatorUpdb struct { Authenticator Username string Password string Salt string }
func (*AuthenticatorUpdb) Fingerprints ¶
func (entity *AuthenticatorUpdb) Fingerprints() []string
type Ca ¶
type Ca struct { boltz.BaseExtEntity Name string Fingerprint string CertPem string IsVerified bool VerificationToken string IsAutoCaEnrollmentEnabled bool IsOttCaEnrollmentEnabled bool IsAuthEnabled bool IdentityRoles []string IdentityNameFormat string ExternalIdClaim *ExternalIdClaim }
func (*Ca) GetEntityType ¶
func (*Ca) LoadValues ¶
func (entity *Ca) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Ca) SetValues ¶
func (entity *Ca) SetValues(ctx *boltz.PersistContext)
type Config ¶
type Config struct { boltz.BaseExtEntity Name string Type string Data map[string]interface{} }
func (*Config) GetEntityType ¶
func (*Config) LoadValues ¶
func (entity *Config) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Config) SetValues ¶
func (entity *Config) SetValues(ctx *boltz.PersistContext)
type ConfigStore ¶
type ConfigType ¶
type ConfigType struct { boltz.BaseExtEntity Name string Schema map[string]interface{} }
func (*ConfigType) GetEntityType ¶
func (entity *ConfigType) GetEntityType() string
func (*ConfigType) GetName ¶
func (entity *ConfigType) GetName() string
func (*ConfigType) LoadValues ¶
func (entity *ConfigType) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ConfigType) SetValues ¶
func (entity *ConfigType) SetValues(ctx *boltz.PersistContext)
type ConfigTypeStore ¶
type ConfigTypeStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*ConfigType, error) LoadOneByName(tx *bbolt.Tx, name string) (*ConfigType, error) GetName(tx *bbolt.Tx, id string) *string }
type DbProvider ¶
type EdgeRouter ¶
type EdgeRouter struct { db.Router IsVerified bool CertPem *string UnverifiedCertPem *string UnverifiedFingerprint *string Hostname *string EdgeRouterProtocols map[string]string RoleAttributes []string Enrollments []string IsTunnelerEnabled bool AppData map[string]interface{} }
func (*EdgeRouter) GetName ¶
func (entity *EdgeRouter) GetName() string
func (*EdgeRouter) LoadValues ¶
func (entity *EdgeRouter) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)
func (*EdgeRouter) SetValues ¶
func (entity *EdgeRouter) SetValues(ctx *boltz.PersistContext)
type EdgeRouterPolicy ¶
type EdgeRouterPolicy struct { boltz.BaseExtEntity Name string Semantic string IdentityRoles []string EdgeRouterRoles []string }
func (*EdgeRouterPolicy) GetEntityType ¶
func (entity *EdgeRouterPolicy) GetEntityType() string
func (*EdgeRouterPolicy) GetName ¶
func (entity *EdgeRouterPolicy) GetName() string
func (*EdgeRouterPolicy) GetSemantic ¶ added in v0.15.27
func (entity *EdgeRouterPolicy) GetSemantic() string
func (*EdgeRouterPolicy) LoadValues ¶
func (entity *EdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*EdgeRouterPolicy) SetValues ¶
func (entity *EdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)
type EdgeRouterPolicyStore ¶
type EdgeRouterPolicyStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error) LoadOneByName(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error) }
type EdgeRouterStore ¶
type EdgeRouterStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouter, error) LoadOneByName(tx *bbolt.Tx, id string) (*EdgeRouter, error) GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) }
type EdgeService ¶
type EdgeService struct { db.Service RoleAttributes []string Configs []string EncryptionRequired bool }
func (*EdgeService) GetName ¶
func (entity *EdgeService) GetName() string
func (*EdgeService) LoadValues ¶
func (entity *EdgeService) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)
func (*EdgeService) SetValues ¶
func (entity *EdgeService) SetValues(ctx *boltz.PersistContext)
type EdgeServiceStore ¶
type EdgeServiceStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*EdgeService, error) LoadOneByName(tx *bbolt.Tx, id string) (*EdgeService, error) IsBindableByIdentity(tx *bbolt.Tx, id string, identityId string) bool IsDialableByIdentity(tx *bbolt.Tx, id string, identityId string) bool GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) }
type Enrollment ¶
type Enrollment struct { boltz.BaseExtEntity Token string Method string IdentityId *string TransitRouterId *string EdgeRouterId *string ExpiresAt *time.Time IssuedAt *time.Time CaId *string Username *string Jwt string }
func (*Enrollment) GetEntityType ¶
func (entity *Enrollment) GetEntityType() string
func (*Enrollment) LoadValues ¶
func (entity *Enrollment) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Enrollment) SetValues ¶
func (entity *Enrollment) SetValues(ctx *boltz.PersistContext)
type EnrollmentStore ¶
type EventListenerFunc ¶ added in v0.21.45
EventListenerFunc is a function handler that will be triggered asynchronously some point in the future
type EventLog ¶
type EventLog struct { boltz.BaseExtEntity Type string ActorType string ActorId string EntityType string EntityId string FormattedMessage string FormatString string FormatData string Data map[string]interface{} }
func (*EventLog) GetEntityType ¶
func (*EventLog) LoadValues ¶
func (entity *EventLog) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*EventLog) SetValues ¶
func (entity *EventLog) SetValues(ctx *boltz.PersistContext)
type EventLogStore ¶
type EventualEvent ¶ added in v0.21.45
type EventualEvent struct { boltz.BaseExtEntity Type string Data []byte }
func (*EventualEvent) GetEntityType ¶ added in v0.21.45
func (entity *EventualEvent) GetEntityType() string
func (*EventualEvent) LoadValues ¶ added in v0.21.45
func (entity *EventualEvent) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*EventualEvent) SetValues ¶ added in v0.21.45
func (entity *EventualEvent) SetValues(ctx *boltz.PersistContext)
type EventualEventAdded ¶ added in v0.21.45
type EventualEventProcessingBatchDone ¶ added in v0.21.45
type EventualEventProcessingBatchDone struct { // Id is a unique id for the batch Id string // Id is the unique processing run this batch is a member of ProcessId string // Count is the number of events in the current batch Count int // BatchSize is the batch size for the current batch (the maximum value of Count) BatchSize int // StartTime the time the batch was started StartTime time.Time // EndTime the time the batch ended EndTime time.Time }
type EventualEventProcessingBatchStart ¶ added in v0.21.45
type EventualEventProcessingBatchStart struct { // Id is a unique id for the batch Id string // Id is the unique processing run this batch is a member of ProcessId string // Count is the number of events in the current batch Count int // BatchSize is the batch size for the current batch (the maximum value of Count) BatchSize int // StartTime the time when the batch started processing StartTime time.Time }
type EventualEventProcessingDone ¶ added in v0.21.45
type EventualEventProcessingDone struct { // Id is a unique id for processing run Id string // TotalBatches is the total number of batches executed during processing TotalBatches int64 // TotalEvent is the total number of events processed TotalEvents int64 // TotalListenersExecuted is the total number of listeners executed during processing TotalListenersExecuted int64 // StartTime is the time when the processing began StartTime time.Time // EndTime is the time when the processing ended EndTime time.Time }
type EventualEventProcessingListenerDone ¶ added in v0.21.45
type EventualEventProcessingListenerDone struct { // Id is a unique id for the triggering of a listener Id string // BatchId is the unique id of the batch being processed BatchId string // ProcessId is the unique id of the currently executing process ProcessId string // ListenerFunc is the listener that was executed ListenerFunc EventListenerFunc // BatchEventIndex is the zero based offset of the currently executing event BatchEventIndex int64 // TotalEventIndex is the total index across all batches of the currently executing event TotalEventIndex int64 // Error is nil if no error occurred during execution, otherwise an error value Error error // EventType is the typeof the event that triggered the listener EventType string // StartTime is the time when the listener started execution StartTime time.Time // EndTime is the time when the listener ended execution EndTime time.Time }
type EventualEventProcessingListenerStart ¶ added in v0.21.45
type EventualEventProcessingListenerStart struct { // Id is a unique id for the triggering of a listener Id string // BatchId is the unique id of the batch being processed BatchId string // ProcessId is the unique id of the currently executing process ProcessId string // ListenerFunc is the listener that was executed ListenerFunc EventListenerFunc // BatchEventIndex is the zero based offset of the currently executing event BatchEventIndex int64 // TotalEventIndex is the total index across all batches of the currently executing event TotalEventIndex int64 // EventType is the typeof the event that is triggering the listener EventType string // StartTime is the time when the listener was started StartTime time.Time }
type EventualEventProcessingStart ¶ added in v0.21.45
type EventualEventRemoved ¶ added in v0.21.45
type EventualEventStore ¶ added in v0.21.45
type EventualEventer ¶ added in v0.21.45
type EventualEventer interface { // EventEmmiter is used to provide processing event status on processing state, which is useful // for instrumenting an EventualEventer for metric purposes (process runtime, process batch runtime, // event counts, etc.) events.EventEmmiter // AddEventualEvent adds an eventual event with a specific name and byte array data payload. Interpretation // of the event's data payload is upto the event emitter and consumer. AddEventualEvent(eventType string, data []byte) // AddEventualListener adds a function as call back when an eventual event is processed. AddEventualListener(eventType string, handler EventListenerFunc) // Start should be called at the start of the lifetime of the EventualEventer. // A closeNotify channel must be supplied for application shutdown eventing. // // If an EventualEventer has already been started, it will return an error. // Errors may be returned for other reasons causing Start to fail. Start(closeNotify <-chan struct{}) error // Stop may be called to manually end of the lifetime of the EventualEventer outside the // closeNotify signaling provided in the Start call. If not started, an error will be returned. // Errors may be returned for other reasons causing Stop to fail. Stop() error // Trigger forces an EventualEventer to check for work to be processed. Beyond this method, // it is the implementation's responsibility to provide other mechanisms or logic to determine // when work is performed (timers, events, etc.) which may be setup/torn down during Start/Stop. // // If the EventualEventer is not currently running or can't process work and error will // be returned. If it is running a channel will be returned which will be closed after // the current or next iteration of the event processor has completed. Trigger() (<-chan struct{}, error) }
An EventualEventer provides a method for storing events in a persistent manner that will be processed at a later date. Processing may include time intensive processing such as bulk deletion of other entities. Event persistence strategy, processing order, and processing synchronization are up to the implementation to decide.
EventualEventers are also required to emit a series of events via the events.EventEmitter interface. See EventualEventAdded and subsequent events for more details.
type EventualEventerBbolt ¶ added in v0.21.45
type EventualEventerBbolt struct { events.EventEmmiter Interval time.Duration // contains filtered or unexported fields }
EventualEventerBbolt implements EventualEventer with a bbolt back storage mechanism. Work is performed on a configurable basis via the Interval property in FIFO order.
Events are stored in the following format:
id - CUID - a monotonic reference id name - string - an event name, used for log output data - []byte - a string array of arguments
func NewEventualEventerBbolt ¶ added in v0.21.45
func NewEventualEventerBbolt(dbProvider DbProvider, store EventualEventStore, interval time.Duration, batchSize int) *EventualEventerBbolt
NewEventualEventerBbolt creates a new bbolt backed asynchronous eventer that will check for new events at the given interval or when triggered. On each interval/trigger, the number of events processed is determined by batchSize.
func (*EventualEventerBbolt) AddEventualEvent ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualEvent(eventType string, data []byte)
func (*EventualEventerBbolt) AddEventualEventWithCtx ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualEventWithCtx(ctx boltz.MutateContext, eventType string, data []byte)
func (*EventualEventerBbolt) AddEventualListener ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualListener(eventType string, listener EventListenerFunc)
func (*EventualEventerBbolt) Start ¶ added in v0.21.45
func (a *EventualEventerBbolt) Start(closeNotify <-chan struct{}) error
func (*EventualEventerBbolt) Stop ¶ added in v0.21.45
func (a *EventualEventerBbolt) Stop() error
func (*EventualEventerBbolt) Trigger ¶ added in v0.21.45
func (a *EventualEventerBbolt) Trigger() (<-chan struct{}, error)
type ExternalIdClaim ¶ added in v0.21.221
type ExternalJwtSigner ¶ added in v0.21.148
type ExternalJwtSigner struct { boltz.BaseExtEntity Name string Fingerprint string Kid string CertPem string CommonName string NotAfter *time.Time NotBefore *time.Time Enabled bool ExternalAuthUrl *string ClaimsProperty *string UseExternalId bool Issuer *string Audience *string }
func (*ExternalJwtSigner) GetEntityType ¶ added in v0.21.148
func (entity *ExternalJwtSigner) GetEntityType() string
func (*ExternalJwtSigner) GetName ¶ added in v0.21.148
func (entity *ExternalJwtSigner) GetName() string
func (*ExternalJwtSigner) LoadValues ¶ added in v0.21.148
func (entity *ExternalJwtSigner) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ExternalJwtSigner) SetValues ¶ added in v0.21.148
func (entity *ExternalJwtSigner) SetValues(ctx *boltz.PersistContext)
type ExternalJwtSignerStore ¶ added in v0.21.148
type GeoRegion ¶
type GeoRegion struct { boltz.BaseExtEntity Name string }
func (*GeoRegion) GetEntityType ¶
func (*GeoRegion) LoadValues ¶
func (entity *GeoRegion) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*GeoRegion) SetValues ¶
func (entity *GeoRegion) SetValues(ctx *boltz.PersistContext)
type GeoRegionStore ¶
type Identity ¶
type Identity struct { boltz.BaseExtEntity Name string IdentityTypeId string IsDefaultAdmin bool IsAdmin bool Enrollments []string Authenticators []string RoleAttributes []string SdkInfo *SdkInfo EnvInfo *EnvInfo DefaultHostingPrecedence ziti.Precedence DefaultHostingCost uint16 ServiceHostingPrecedences map[string]ziti.Precedence ServiceHostingCosts map[string]uint16 AppData map[string]interface{} AuthPolicyId string ExternalId *string DisabledAt *time.Time DisabledUntil *time.Time Disabled bool }
func (*Identity) GetEntityType ¶
func (*Identity) LoadValues ¶
func (entity *Identity) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Identity) SetValues ¶
func (entity *Identity) SetValues(ctx *boltz.PersistContext)
type IdentityStore ¶
type IdentityStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*Identity, error) LoadOneByName(tx *bbolt.Tx, id string) (*Identity, error) GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) AssignServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error RemoveServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error GetServiceConfigs(tx *bbolt.Tx, identityId string) ([]ServiceConfig, error) LoadServiceConfigsByServiceAndType(tx *bbolt.Tx, identityId string, configTypes map[string]struct{}) map[string]map[string]map[string]interface{} }
type IdentityType ¶
type IdentityType struct { boltz.BaseExtEntity Name string }
func (*IdentityType) GetEntityType ¶
func (entity *IdentityType) GetEntityType() string
func (*IdentityType) GetName ¶
func (entity *IdentityType) GetName() string
func (*IdentityType) LoadValues ¶
func (entity *IdentityType) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*IdentityType) SetValues ¶
func (entity *IdentityType) SetValues(ctx *boltz.PersistContext)
type IdentityTypeStore ¶
type IdentityTypeStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*IdentityType, error) LoadOneByName(tx *bbolt.Tx, id string) (*IdentityType, error) }
type IdentityTypeStoreImpl ¶
type IdentityTypeStoreImpl struct {
// contains filtered or unexported fields
}
func (*IdentityTypeStoreImpl) GetNameIndex ¶
func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex
func (*IdentityTypeStoreImpl) LoadOneById ¶
func (store *IdentityTypeStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*IdentityType, error)
func (*IdentityTypeStoreImpl) LoadOneByName ¶
func (store *IdentityTypeStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*IdentityType, error)
func (*IdentityTypeStoreImpl) LoadOneByQuery ¶
func (store *IdentityTypeStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*IdentityType, error)
func (*IdentityTypeStoreImpl) NewStoreEntity ¶
func (store *IdentityTypeStoreImpl) NewStoreEntity() boltz.Entity
type Mfa ¶ added in v0.17.52
type Mfa struct { boltz.BaseExtEntity IdentityId string IsVerified bool Secret string Salt string RecoveryCodes []string }
func (*Mfa) GetEntityType ¶ added in v0.17.52
func (*Mfa) LoadValues ¶ added in v0.17.52
func (entity *Mfa) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Mfa) SetValues ¶ added in v0.17.52
func (entity *Mfa) SetValues(ctx *boltz.PersistContext)
type MfaStoreImpl ¶ added in v0.17.52
type MfaStoreImpl struct {
// contains filtered or unexported fields
}
func (*MfaStoreImpl) LoadOneById ¶ added in v0.17.52
func (*MfaStoreImpl) LoadOneByQuery ¶ added in v0.17.52
func (*MfaStoreImpl) NewStoreEntity ¶ added in v0.17.52
func (store *MfaStoreImpl) NewStoreEntity() boltz.Entity
type Migrations ¶
type Migrations struct {
// contains filtered or unexported fields
}
type NameIndexedStore ¶
type OperatingSystem ¶ added in v0.16.48
type Policy ¶ added in v0.15.27
type Policy interface { boltz.NamedExtEntity }
type PolicyType ¶ added in v0.17.36
type PolicyType int32
func (PolicyType) String ¶ added in v0.17.36
func (self PolicyType) String() string
type PostureCheck ¶ added in v0.16.46
type PostureCheck struct { boltz.BaseExtEntity Name string TypeId string Version int64 RoleAttributes []string SubType PostureCheckSubType }
func (*PostureCheck) GetEntityType ¶ added in v0.16.46
func (entity *PostureCheck) GetEntityType() string
func (*PostureCheck) GetName ¶ added in v0.16.46
func (entity *PostureCheck) GetName() string
func (*PostureCheck) LoadValues ¶ added in v0.16.46
func (entity *PostureCheck) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheck) SetValues ¶ added in v0.16.46
func (entity *PostureCheck) SetValues(ctx *boltz.PersistContext)
type PostureCheckMacAddresses ¶ added in v0.16.48
type PostureCheckMacAddresses struct {
MacAddresses []string
}
func (*PostureCheckMacAddresses) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckMacAddresses) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckMacAddresses) SetValues ¶ added in v0.16.48
func (entity *PostureCheckMacAddresses) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckMfa ¶ added in v0.17.52
type PostureCheckMfa struct { TimeoutSeconds int64 PromptOnWake bool PromptOnUnlock bool IgnoreLegacyEndpoints bool }
func (*PostureCheckMfa) LoadValues ¶ added in v0.17.52
func (entity *PostureCheckMfa) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckMfa) SetValues ¶ added in v0.17.52
func (entity *PostureCheckMfa) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckOperatingSystem ¶ added in v0.16.48
type PostureCheckOperatingSystem struct {
OperatingSystems []OperatingSystem
}
func (*PostureCheckOperatingSystem) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckOperatingSystem) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckOperatingSystem) SetValues ¶ added in v0.16.48
func (entity *PostureCheckOperatingSystem) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckOs ¶ added in v0.20.35
type PostureCheckOs struct { boltz.BaseExtEntity Name string OperatingSystems []OperatingSystem }
func (*PostureCheckOs) GetEntityType ¶ added in v0.20.35
func (entity *PostureCheckOs) GetEntityType() string
func (*PostureCheckOs) GetName ¶ added in v0.20.35
func (entity *PostureCheckOs) GetName() string
func (*PostureCheckOs) LoadValues ¶ added in v0.20.35
func (entity *PostureCheckOs) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckOs) SetValues ¶ added in v0.20.35
func (entity *PostureCheckOs) SetValues(ctx *boltz.PersistContext)
type PostureCheckProcess ¶ added in v0.16.48
type PostureCheckProcess struct { OperatingSystem string Path string Hashes []string Fingerprint string }
func (*PostureCheckProcess) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckProcess) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckProcess) SetValues ¶ added in v0.16.48
func (entity *PostureCheckProcess) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckProcessMulti ¶ added in v0.19.93
type PostureCheckProcessMulti struct { Semantic string Processes []*ProcessMulti }
func (*PostureCheckProcessMulti) LoadValues ¶ added in v0.19.93
func (entity *PostureCheckProcessMulti) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckProcessMulti) SetValues ¶ added in v0.19.93
func (entity *PostureCheckProcessMulti) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckStore ¶ added in v0.16.46
type PostureCheckStore interface { Store LoadOneById(tx *bbolt.Tx, id string) (*PostureCheck, error) LoadOneByName(tx *bbolt.Tx, id string) (*PostureCheck, error) LoadOneByQuery(tx *bbolt.Tx, query string) (*PostureCheck, error) GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(filters []string, semantic string) (ast.SetCursorProvider, error) }
type PostureCheckSubType ¶ added in v0.16.48
type PostureCheckSubType interface { LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket) }
type PostureCheckTypeStore ¶ added in v0.16.48
type PostureCheckTypeStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*PostureCheckOs, error) LoadOneByName(tx *bbolt.Tx, id string) (*PostureCheckOs, error) }
type PostureCheckWindowsDomains ¶ added in v0.16.48
type PostureCheckWindowsDomains struct {
Domains []string
}
func (*PostureCheckWindowsDomains) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckWindowsDomains) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*PostureCheckWindowsDomains) SetValues ¶ added in v0.16.48
func (entity *PostureCheckWindowsDomains) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type ProcessMulti ¶ added in v0.19.93
type SecretStore ¶ added in v0.17.52
type SecretStore interface {
GetSecret() []byte
}
type ServiceConfig ¶
type ServiceEdgeRouterPolicy ¶
type ServiceEdgeRouterPolicy struct { boltz.BaseExtEntity Name string Semantic string ServiceRoles []string EdgeRouterRoles []string }
func (*ServiceEdgeRouterPolicy) GetEntityType ¶
func (entity *ServiceEdgeRouterPolicy) GetEntityType() string
func (*ServiceEdgeRouterPolicy) GetName ¶
func (entity *ServiceEdgeRouterPolicy) GetName() string
func (*ServiceEdgeRouterPolicy) GetSemantic ¶ added in v0.15.27
func (entity *ServiceEdgeRouterPolicy) GetSemantic() string
func (*ServiceEdgeRouterPolicy) LoadValues ¶
func (entity *ServiceEdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ServiceEdgeRouterPolicy) SetValues ¶
func (entity *ServiceEdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)
type ServiceEdgeRouterPolicyStore ¶
type ServiceEdgeRouterPolicyStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*ServiceEdgeRouterPolicy, error) LoadOneByName(tx *bbolt.Tx, id string) (*ServiceEdgeRouterPolicy, error) }
type ServiceEvent ¶ added in v0.17.36
type ServiceEvent struct { Type ServiceEventType IdentityId string ServiceId string }
func (*ServiceEvent) String ¶ added in v0.17.36
func (self *ServiceEvent) String() string
type ServiceEventHandler ¶ added in v0.17.36
type ServiceEventHandler func(event *ServiceEvent)
type ServiceEventType ¶ added in v0.17.36
type ServiceEventType byte
const ( ServiceDialAccessGained ServiceEventType = 1 ServiceDialAccessLost ServiceEventType = 2 ServiceBindAccessGained ServiceEventType = 3 ServiceBindAccessLost ServiceEventType = 4 ServiceUpdated ServiceEventType = 5 )
func (ServiceEventType) String ¶ added in v0.17.36
func (self ServiceEventType) String() string
type ServiceEventsRegistry ¶ added in v0.17.36
type ServiceEventsRegistry struct {
// contains filtered or unexported fields
}
func (*ServiceEventsRegistry) AddServiceEventHandler ¶ added in v0.17.36
func (self *ServiceEventsRegistry) AddServiceEventHandler(listener ServiceEventHandler)
func (*ServiceEventsRegistry) RemoveServiceEventHandler ¶ added in v0.17.36
func (self *ServiceEventsRegistry) RemoveServiceEventHandler(listener ServiceEventHandler)
type ServicePolicy ¶
type ServicePolicy struct { boltz.BaseExtEntity PolicyType PolicyType Name string Semantic string IdentityRoles []string ServiceRoles []string PostureCheckRoles []string }
func (*ServicePolicy) GetEntityType ¶
func (entity *ServicePolicy) GetEntityType() string
func (*ServicePolicy) GetName ¶
func (entity *ServicePolicy) GetName() string
func (*ServicePolicy) GetPolicyTypeName ¶
func (entity *ServicePolicy) GetPolicyTypeName() string
func (*ServicePolicy) GetSemantic ¶ added in v0.15.27
func (entity *ServicePolicy) GetSemantic() string
func (*ServicePolicy) LoadValues ¶
func (entity *ServicePolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*ServicePolicy) SetValues ¶
func (entity *ServicePolicy) SetValues(ctx *boltz.PersistContext)
type ServicePolicyStore ¶
type ServicePolicyStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*ServicePolicy, error) LoadOneByName(tx *bbolt.Tx, id string) (*ServicePolicy, error) }
type Session ¶
type Session struct { boltz.BaseExtEntity Token string IdentityId string ApiSessionId string ServiceId string Type string Certs []*SessionCert ApiSession *ApiSession ServicePolicies []string }
func (*Session) GetEntityType ¶
func (*Session) LoadValues ¶
func (entity *Session) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*Session) SetValues ¶
func (entity *Session) SetValues(ctx *boltz.PersistContext)
type SessionCert ¶
type SessionCert struct { Id string Cert string Fingerprint string ValidFrom time.Time ValidTo time.Time }
func (*SessionCert) GetEntityType ¶
func (entity *SessionCert) GetEntityType() string
func (*SessionCert) GetId ¶
func (entity *SessionCert) GetId() string
func (*SessionCert) LoadValues ¶
func (entity *SessionCert) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)
func (*SessionCert) SetId ¶
func (entity *SessionCert) SetId(id string)
func (*SessionCert) SetValues ¶
func (entity *SessionCert) SetValues(ctx *boltz.PersistContext)
type SessionStore ¶
type Stores ¶
type Stores struct { DbProvider DbProvider EventualEventer EventualEventer // fabric stores Router db.RouterStore Service db.ServiceStore Terminator db.TerminatorStore ApiSession ApiSessionStore ApiSessionCertificate ApiSessionCertificateStore AuthPolicy AuthPolicyStore EventualEvent EventualEventStore ExternalJwtSigner ExternalJwtSignerStore Ca CaStore Config ConfigStore ConfigType ConfigTypeStore EdgeRouter EdgeRouterStore EdgeRouterPolicy EdgeRouterPolicyStore EdgeService EdgeServiceStore EventLog EventLogStore GeoRegion GeoRegionStore Identity IdentityStore IdentityType IdentityTypeStore Index boltz.ListStore Session SessionStore ServiceEdgeRouterPolicy ServiceEdgeRouterPolicyStore ServicePolicy ServicePolicyStore TransitRouter TransitRouterStore Enrollment EnrollmentStore Authenticator AuthenticatorStore PostureCheck PostureCheckStore PostureCheckType PostureCheckTypeStore Mfa MfaStore // contains filtered or unexported fields }
func NewBoltStores ¶
func NewBoltStores(dbProvider DbProvider) (*Stores, error)
func (*Stores) GetEntityCounts ¶ added in v0.21.97
func (stores *Stores) GetEntityCounts(dbProvider DbProvider) (map[string]int64, error)
type TestContext ¶
type TestContext struct { boltz.BaseTestContext // contains filtered or unexported fields }
func NewTestContext ¶
func NewTestContext(t *testing.T) *TestContext
func (*TestContext) Cleanup ¶ added in v0.21.45
func (ctx *TestContext) Cleanup()
func (*TestContext) CleanupAll ¶ added in v0.20.36
func (ctx *TestContext) CleanupAll()
func (*TestContext) GetDb ¶
func (ctx *TestContext) GetDb() boltz.Db
func (*TestContext) GetDbProvider ¶
func (ctx *TestContext) GetDbProvider() DbProvider
func (*TestContext) GetNetwork ¶ added in v0.21.235
func (ctx *TestContext) GetNetwork() *network.Network
func (*TestContext) GetStoreForEntity ¶
func (ctx *TestContext) GetStoreForEntity(entity boltz.Entity) boltz.CrudStore
func (*TestContext) GetStores ¶
func (ctx *TestContext) GetStores() *Stores
func (*TestContext) Init ¶
func (ctx *TestContext) Init()
func (*TestContext) InitWithDbFile ¶ added in v0.20.110
func (ctx *TestContext) InitWithDbFile(path string)
func (*TestContext) RequireNewIdentity ¶ added in v0.20.36
func (ctx *TestContext) RequireNewIdentity(name string, isAdmin bool) *Identity
func (*TestContext) RequireNewService ¶ added in v0.20.36
func (ctx *TestContext) RequireNewService(name string) *EdgeService
type TransitRouter ¶
type TransitRouter struct { db.Router IsVerified bool Enrollments []string IsBase bool UnverifiedCertPem *string UnverifiedFingerprint *string }
func (*TransitRouter) GetEntityType ¶
func (entity *TransitRouter) GetEntityType() string
func (*TransitRouter) GetName ¶
func (entity *TransitRouter) GetName() string
func (*TransitRouter) LoadValues ¶
func (entity *TransitRouter) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)
func (*TransitRouter) SetValues ¶
func (entity *TransitRouter) SetValues(ctx *boltz.PersistContext)
type TransitRouterStore ¶
type TransitRouterStore interface { NameIndexedStore LoadOneById(tx *bbolt.Tx, id string) (*TransitRouter, error) LoadOneByName(tx *bbolt.Tx, id string) (*TransitRouter, error) }
type UpdateLastActivityAtChecker ¶ added in v0.19.39
type UpdateLastActivityAtChecker struct{}
func (UpdateLastActivityAtChecker) IsUpdated ¶ added in v0.19.39
func (u UpdateLastActivityAtChecker) IsUpdated(field string) bool
Source Files ¶
- api_session_certificate_store.go
- api_session_store.go
- auth_policy_store.go
- authenticator_store.go
- base_entity.go
- base_store.go
- ca_store.go
- config_store.go
- config_type_store.go
- edge_router_policy_store.go
- edge_router_store.go
- edge_service_store.go
- enrollment_store.go
- event_log_store.go
- eventual_event_store.go
- eventual_eventer.go
- external_jwt_signer_store.go
- geo_region_store.go
- identity_store.go
- identity_type_store.go
- mfa_store.go
- migration_initialize.go
- migration_v14.go
- migration_v15.go
- migration_v16.go
- migration_v17.go
- migration_v18.go
- migration_v19.go
- migration_v23.go
- migration_v24.go
- migration_v25.go
- migrations.go
- policy_common.go
- posture_check_mac.go
- posture_check_mfa.go
- posture_check_os.go
- posture_check_process.go
- posture_check_process_multi.go
- posture_check_store.go
- posture_check_type_store.go
- posture_check_windows_domain.go
- service_edge_router_policy_store.go
- service_events.go
- service_policy_store.go
- session_store.go
- stores.go
- testing.go
- transit_router_store.go
- util.go