persistence

package
v0.21.29 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 6, 2022 License: Apache-2.0 Imports: 28 Imported by: 1

Documentation

Index

Constants

View Source
const (
	FieldApiSessionCertificateApiSession  = "apiSession"
	FieldApiSessionCertificateSubject     = "subject"
	FieldApiSessionCertificateFingerprint = "fingerprint"
	FieldApiSessionCertificateValidAfter  = "validAfter"
	FieldApiSessionCertificateValidBefore = "validBefore"
	FieldApiSessionCertificatePem         = "pem"
)
View Source
const (
	FieldApiSessionIdentity       = "identity"
	FieldApiSessionToken          = "token"
	FieldApiSessionConfigTypes    = "configTypes"
	FieldApiSessionIPAddress      = "ipAddress"
	FieldApiSessionMfaComplete    = "mfaComplete"
	FieldApiSessionMfaRequired    = "mfaRequired"
	FieldApiSessionLastActivityAt = "lastActivityAt"

	EventFullyAuthenticated events.EventName = "FULLY_AUTHENTICATED"
)
View Source
const (
	FieldAuthenticatorMethod   = "method"
	FieldAuthenticatorIdentity = "identity"

	FieldAuthenticatorCertFingerprint = "certFingerprint"
	FieldAuthenticatorCertPem         = "certPem"

	FieldAuthenticatorUpdbUsername = "updbUsername"
	FieldAuthenticatorUpdbPassword = "updbPassword"
	FieldAuthenticatorUpdbSalt     = "updbSalt"

	MethodAuthenticatorUpdb = "updb"
	MethodAuthenticatorCert = "cert"
)
View Source
const (
	EntityTypeApiSessions               = "apiSessions"
	EntityTypeApiSessionCertificates    = "apiSessionCertificates"
	EntityTypeCas                       = "cas"
	EntityTypeConfigs                   = "configs"
	EntityTypeConfigTypes               = "configTypes"
	EntityTypeEdgeRouterPolicies        = "edgeRouterPolicies"
	EntityTypeEventLogs                 = "eventLogs"
	EntityTypeGeoRegions                = "geoRegions"
	EntityTypeIdentities                = "identities"
	EntityTypeIdentityTypes             = "identityTypes"
	EntityTypeMfas                      = "mfas"
	EntityTypeServicePolicies           = "servicePolicies"
	EntityTypeServiceEdgeRouterPolicies = "serviceEdgeRouterPolicies"
	EntityTypeSessions                  = "sessions"
	EntityTypeSessionCerts              = "sessionCerts"
	EntityTypeEnrollments               = "enrollments"
	EntityTypeAuthenticators            = "authenticators"
	EntityTypePostureChecks             = "postureChecks"
	EntityTypePostureCheckTypes         = "postureCheckTypes"
	EdgeBucket                          = "edge"

	FieldName           = "name"
	FieldSemantic       = "semantic"
	FieldRoleAttributes = "roleAttributes"

	FieldEdgeRouterRoles   = "edgeRouterRoles"
	FieldIdentityRoles     = "identityRoles"
	FieldServiceRoles      = "serviceRoles"
	FieldPostureCheckRoles = "postureCheckRoles"

	SemanticAllOf = "AllOf"
	SemanticAnyOf = "AnyOf"
)
View Source
const (
	//Fields
	FieldCaFingerprint               = "fingerprint"
	FieldCaCertPem                   = "certPem"
	FieldCaIsVerified                = "isVerified"
	FieldCaVerificationToken         = "verificationToken"
	FieldCaIsAutoCaEnrollmentEnabled = "isAutoCaEnrollmentEnabled"
	FieldCaIsOttCaEnrollmentEnabled  = "isOttCaEnrollmentEnabled"
	FieldCaIsAuthEnabled             = "isAuthEnabled"
	FieldCaIdentityNameFormat        = "identityNameFormat"
	FieldCaEnrollments               = "enrollments"
)
View Source
const (
	FieldConfigData            = "data"
	FieldConfigType            = "type"
	FieldConfigIdentityService = "identityServices"
)
View Source
const (
	FieldEdgeRouters                     = "edgeRouters"
	FieldEdgeRouterCertPEM               = "certPem"
	FieldEdgeRouterUnverifiedCertPEM     = "unverifiedCertPem"
	FieldEdgeRouterUnverifiedFingerprint = "unverifiedFingerprint"
	FieldEdgeRouterIsVerified            = "isVerified"
	FieldEdgeRouterHostname              = "hostname"
	FieldEdgeRouterProtocols             = "protocols"
	FieldEdgeRouterEnrollments           = "enrollments"
	FieldEdgeRouterIsTunnelerEnabled     = "isTunnelerEnabled"
	FieldEdgeRouterAppData               = "appData"
)
View Source
const (
	FieldEdgeServiceDialIdentities = "dialIdentities"
	FieldEdgeServiceBindIdentities = "bindIdentities"
	FieldServiceEncryptionRequired = "encryptionRequired"
)
View Source
const (
	FieldEnrollmentToken     = "token"
	FieldEnrollmentMethod    = "method"
	FieldEnrollIdentity      = "identity"
	FieldEnrollEdgeRouter    = "edgeRouter"
	FieldEnrollTransitRouter = "transitRouter"
	FieldEnrollmentExpiresAt = "expiresAt"
	FieldEnrollmentIssuedAt  = "issuedAt"
	FieldEnrollmentCaId      = "caId"
	FieldEnrollmentUsername  = "username"
	FieldEnrollmentJwt       = "jwt"

	MethodEnrollOtt   = "ott"
	MethodEnrollOttCa = "ottca"
	MethodEnrollCa    = "ca"
	MethodEnrollUpdb  = "updb"
)
View Source
const (
	FieldEventLogType             = "type"
	FieldEventLogActorType        = "actorType"
	FieldEventLogActorId          = "actorId"
	FieldEventLogEntityType       = "entityType"
	FieldEventLogEntityId         = "entityId"
	FieldEventLogFormattedMessage = "formattedMessage"
	FieldEventLogFormatString     = "formatString"
	FieldEventLogFormatData       = "formatData"
	FieldEventLogData             = "data"
)
View Source
const (
	FieldIdentityType           = "type"
	FieldIdentityIsDefaultAdmin = "isDefaultAdmin"
	FieldIdentityIsAdmin        = "isAdmin"
	FieldIdentityEnrollments    = "enrollments"
	FieldIdentityAuthenticators = "authenticators"
	FieldIdentityServiceConfigs = "serviceConfigs"

	FieldIdentityEnvInfoArch       = "envInfoArch"
	FieldIdentityEnvInfoOs         = "envInfoOs"
	FieldIdentityEnvInfoOsRelease  = "envInfoRelease"
	FieldIdentityEnvInfoOsVersion  = "envInfoVersion"
	FieldIdentitySdkInfoBranch     = "sdkInfoBranch"
	FieldIdentitySdkInfoRevision   = "sdkInfoRevision"
	FieldIdentitySdkInfoType       = "sdkInfoType"
	FieldIdentitySdkInfoVersion    = "sdkInfoVersion"
	FieldIdentitySdkInfoAppId      = "sdkInfoAppId"
	FieldIdentitySdkInfoAppVersion = "sdkInfoAppVersion"

	FieldIdentityBindServices              = "bindServices"
	FieldIdentityDialServices              = "dialServices"
	FieldIdentityDefaultHostingPrecedence  = "defaultHostingPrecedence"
	FieldIdentityDefaultHostingCost        = "defaultHostingCost"
	FieldIdentityServiceHostingPrecedences = "serviceHostingPrecedences"
	FieldIdentityServiceHostingCosts       = "serviceHostingCosts"
	FieldIdentityAppData                   = "appData"
)
View Source
const (
	FieldMfaIdentity      = "identity"
	FieldMfaIsVerified    = "isVerified"
	FieldMfaRecoveryCodes = "recoveryCodes"
	FieldMfaSecret        = "secret"
	FieldMfaSalt          = "salt"
)
View Source
const (
	CurrentDbVersion = 25
	FieldVersion     = "version"
)
View Source
const (
	FieldPostureCheckMfaTimeoutSeconds        = "timeoutSeconds"
	FieldPostureCheckMfaPromptOnWake          = "promptOnWake"
	FieldPostureCheckMfaPromptOnUnlock        = "promptOnUnlock"
	FieldPostureCheckMfaIgnoreLegacyEndpoints = "ignoreLegacyEndpoints"
)
View Source
const (
	FieldPostureCheckOsType     = "osType"
	FieldPostureCheckOsVersions = "osVersions"
)
View Source
const (
	FieldPostureCheckProcessOs          = "os"
	FieldPostureCheckProcessPath        = "path"
	FieldPostureCheckProcessHashes      = "hashes"
	FieldPostureCheckProcessFingerprint = "fingerprint"
)
View Source
const (
	FieldPostureCheckProcessMultiOsType             = "osType"
	FieldPostureCheckProcessMultiPath               = "path"
	FieldPostureCheckProcessMultiHashes             = "hashes"
	FieldPostureCheckProcessMultiSignerFingerprints = "signerFingerprints"
	FieldPostureCheckProcessMultiProcesses          = "processes"
)
View Source
const (
	//Fields
	FieldPostureCheckTypeId       = "typeId"
	FieldPostureCheckVersion      = "version"
	FieldPostureCheckBindServices = "bindServices"
	FieldPostureCheckDialServices = "dialServices"
)
View Source
const (
	PostureCheckTypeOs           = "OS"
	PostureCheckTypeDomain       = "DOMAIN"
	PostureCheckTypeProcess      = "PROCESS"
	PostureCheckTypeProcessMulti = "PROCESS_MULTI"
	PostureCheckTypeMAC          = "MAC"
	PostureCheckTypeMFA          = "MFA"
)
View Source
const (
	FieldServicePolicyType = "type"

	PolicyTypeInvalidName = "Invalid"
	PolicyTypeDialName    = "Dial"
	PolicyTypeBindName    = "Bind"

	PolicyTypeInvalid PolicyType = 0
	PolicyTypeDial    PolicyType = 1
	PolicyTypeBind    PolicyType = 2
)
View Source
const (
	FieldSessionToken           = "token"
	FieldSessionApiSession      = "apiSession"
	FieldSessionService         = "service"
	FieldSessionIdentity        = "identity"
	FieldSessionType            = "type"
	FieldSessionServicePolicies = "servicePolicies"

	FieldSessionCertCert        = "cert"
	FieldSessionCertFingerprint = "fingerprint"
	FieldSessionCertValidFrom   = "validFrom"
	FieldSessionCertValidTo     = "validTo"

	SessionTypeDial = "Dial"
	SessionTypeBind = "Bind"
)
View Source
const (
	TransitRouterPath             = "transitRouter"
	FieldTransitRouterIsVerified  = "isVerified"
	FieldTransitRouterEnrollments = "enrollments"
)
View Source
const (
	RolePrefix   = "#"
	EntityPrefix = "@"
	AllRole      = "#all"
)
View Source
const (
	FieldConfigTypeSchema = "schema"
)
View Source
const (
	FieldPostureCheckDomains = "domains"
)
View Source
const (
	FieldPostureCheckMacAddresses = "macAddresses"
)
View Source
const (
	FieldPostureCheckTypeOperatingSystems = "operatingSystems"
)
View Source
const (
	RouterIdentityType = "Router"
)

Variables

View Source
var IdentityTypesV1 = map[string]string{
	"User":    "User",
	"Device":  "Device",
	"Service": "Service",
	"Router":  "Router",
}

Functions

func EvaluatePolicy added in v0.15.27

func EvaluatePolicy(ctx *roleAttributeChangeContext, policy Policy, roleAttributesSymbol boltz.EntitySetSymbol)

func FieldValuesToIds

func FieldValuesToIds(new []boltz.FieldTypeAndValue) []string

func ProcessEntityPolicyMatched added in v0.15.27

func ProcessEntityPolicyMatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool

func ProcessEntityPolicyUnmatched added in v0.15.27

func ProcessEntityPolicyUnmatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool

func RunMigrations

func RunMigrations(db boltz.Db, stores *Stores) error

func UpdateRelatedRoles

func UpdateRelatedRoles(ctx *roleAttributeChangeContext, entityId []byte, newRoleAttributes []boltz.FieldTypeAndValue, semanticSymbol boltz.EntitySymbol)

Types

type ApiSession

type ApiSession struct {
	boltz.BaseExtEntity
	IdentityId     string
	Token          string
	IPAddress      string
	ConfigTypes    []string
	MfaComplete    bool
	MfaRequired    bool
	LastActivityAt time.Time
}

func NewApiSession

func NewApiSession(identityId string) *ApiSession

func (*ApiSession) GetEntityType

func (entity *ApiSession) GetEntityType() string

func (*ApiSession) LoadValues

func (entity *ApiSession) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*ApiSession) SetValues

func (entity *ApiSession) SetValues(ctx *boltz.PersistContext)

type ApiSessionCertificate added in v0.17.30

type ApiSessionCertificate struct {
	boltz.BaseExtEntity
	ApiSessionId string
	Subject      string
	Fingerprint  string
	ValidAfter   *time.Time
	ValidBefore  *time.Time
	PEM          string
}

func NewApiSessionCertificate added in v0.17.30

func NewApiSessionCertificate(apiSessionId string) *ApiSessionCertificate

func (*ApiSessionCertificate) GetEntityType added in v0.17.30

func (entity *ApiSessionCertificate) GetEntityType() string

func (*ApiSessionCertificate) LoadValues added in v0.17.30

func (entity *ApiSessionCertificate) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*ApiSessionCertificate) SetValues added in v0.17.30

func (entity *ApiSessionCertificate) SetValues(ctx *boltz.PersistContext)

type ApiSessionCertificateStore added in v0.17.30

type ApiSessionCertificateStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*ApiSessionCertificate, error)
	LoadOneByFingerprint(tx *bbolt.Tx, token string) (*ApiSessionCertificate, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*ApiSessionCertificate, error)
	GetFingerprintIndex() boltz.ReadIndex
}

type ApiSessionCertificateStoreImpl added in v0.17.30

type ApiSessionCertificateStoreImpl struct {
	// contains filtered or unexported fields
}

func (*ApiSessionCertificateStoreImpl) GetFingerprintIndex added in v0.17.30

func (store *ApiSessionCertificateStoreImpl) GetFingerprintIndex() boltz.ReadIndex

func (ApiSessionCertificateStoreImpl) GetName added in v0.17.30

func (store ApiSessionCertificateStoreImpl) GetName(tx *bbolt.Tx, id string) *string

func (*ApiSessionCertificateStoreImpl) LoadOneByFingerprint added in v0.17.30

func (store *ApiSessionCertificateStoreImpl) LoadOneByFingerprint(tx *bbolt.Tx, fingerprint string) (*ApiSessionCertificate, error)

func (*ApiSessionCertificateStoreImpl) LoadOneById added in v0.17.30

func (store *ApiSessionCertificateStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*ApiSessionCertificate, error)

func (*ApiSessionCertificateStoreImpl) LoadOneByQuery added in v0.17.30

func (store *ApiSessionCertificateStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*ApiSessionCertificate, error)

func (*ApiSessionCertificateStoreImpl) NewStoreEntity added in v0.17.30

func (store *ApiSessionCertificateStoreImpl) NewStoreEntity() boltz.Entity

type ApiSessionStore

type ApiSessionStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*ApiSession, error)
	LoadOneByToken(tx *bbolt.Tx, token string) (*ApiSession, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*ApiSession, error)
	GetTokenIndex() boltz.ReadIndex
}

type Authenticator

type Authenticator struct {
	boltz.BaseExtEntity
	Type       string
	IdentityId string
	SubType    AuthenticatorSubType
}

func (*Authenticator) GetEntityType

func (entity *Authenticator) GetEntityType() string

func (*Authenticator) LoadValues

func (entity *Authenticator) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Authenticator) SetValues

func (entity *Authenticator) SetValues(ctx *boltz.PersistContext)

func (*Authenticator) ToCert

func (entity *Authenticator) ToCert() *AuthenticatorCert

func (*Authenticator) ToSubType

func (entity *Authenticator) ToSubType() AuthenticatorSubType

func (*Authenticator) ToUpdb

func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb

type AuthenticatorCert

type AuthenticatorCert struct {
	Authenticator
	Fingerprint string
	Pem         string
}

func (*AuthenticatorCert) Fingerprints

func (entity *AuthenticatorCert) Fingerprints() []string

type AuthenticatorStore

type AuthenticatorStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*Authenticator, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*Authenticator, error)
}

type AuthenticatorSubType

type AuthenticatorSubType interface {
	Fingerprints() []string
}

type AuthenticatorUpdb

type AuthenticatorUpdb struct {
	Authenticator
	Username string
	Password string
	Salt     string
}

func (*AuthenticatorUpdb) Fingerprints

func (entity *AuthenticatorUpdb) Fingerprints() []string

type Ca

type Ca struct {
	boltz.BaseExtEntity
	Name                      string
	Fingerprint               string
	CertPem                   string
	IsVerified                bool
	VerificationToken         string
	IsAutoCaEnrollmentEnabled bool
	IsOttCaEnrollmentEnabled  bool
	IsAuthEnabled             bool
	IdentityRoles             []string
	IdentityNameFormat        string
}

func (*Ca) GetEntityType

func (entity *Ca) GetEntityType() string

func (*Ca) GetName

func (entity *Ca) GetName() string

func (*Ca) LoadValues

func (entity *Ca) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Ca) SetValues

func (entity *Ca) SetValues(ctx *boltz.PersistContext)

type CaStore

type CaStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*Ca, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*Ca, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*Ca, error)
}

type Config

type Config struct {
	boltz.BaseExtEntity
	Name string
	Type string
	Data map[string]interface{}
}

func (*Config) GetEntityType

func (entity *Config) GetEntityType() string

func (*Config) GetName

func (entity *Config) GetName() string

func (*Config) LoadValues

func (entity *Config) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Config) SetValues

func (entity *Config) SetValues(ctx *boltz.PersistContext)

type ConfigStore

type ConfigStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*Config, error)
	LoadOneByName(tx *bbolt.Tx, name string) (*Config, error)
}

type ConfigType

type ConfigType struct {
	boltz.BaseExtEntity
	Name   string
	Schema map[string]interface{}
}

func (*ConfigType) GetEntityType

func (entity *ConfigType) GetEntityType() string

func (*ConfigType) GetName

func (entity *ConfigType) GetName() string

func (*ConfigType) LoadValues

func (entity *ConfigType) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*ConfigType) SetValues

func (entity *ConfigType) SetValues(ctx *boltz.PersistContext)

type ConfigTypeStore

type ConfigTypeStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*ConfigType, error)
	LoadOneByName(tx *bbolt.Tx, name string) (*ConfigType, error)
	GetName(tx *bbolt.Tx, id string) *string
}

type DbProvider

type DbProvider interface {
	GetDb() boltz.Db
	GetServiceCache() network.Cache
	NotifyRouterRenamed(id, name string)
	GetStores() *db.Stores
	GetControllers() *network.Controllers
}

type EdgeRouter

type EdgeRouter struct {
	db.Router
	IsVerified            bool
	CertPem               *string
	UnverifiedCertPem     *string
	UnverifiedFingerprint *string
	Hostname              *string
	EdgeRouterProtocols   map[string]string
	RoleAttributes        []string
	Enrollments           []string
	IsTunnelerEnabled     bool
	AppData               map[string]interface{}
}

func (*EdgeRouter) GetName

func (entity *EdgeRouter) GetName() string

func (*EdgeRouter) LoadValues

func (entity *EdgeRouter) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)

func (*EdgeRouter) SetValues

func (entity *EdgeRouter) SetValues(ctx *boltz.PersistContext)

type EdgeRouterPolicy

type EdgeRouterPolicy struct {
	boltz.BaseExtEntity
	Name            string
	Semantic        string
	IdentityRoles   []string
	EdgeRouterRoles []string
}

func (*EdgeRouterPolicy) GetEntityType

func (entity *EdgeRouterPolicy) GetEntityType() string

func (*EdgeRouterPolicy) GetName

func (entity *EdgeRouterPolicy) GetName() string

func (*EdgeRouterPolicy) GetSemantic added in v0.15.27

func (entity *EdgeRouterPolicy) GetSemantic() string

func (*EdgeRouterPolicy) LoadValues

func (entity *EdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*EdgeRouterPolicy) SetValues

func (entity *EdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)

type EdgeRouterPolicyStore

type EdgeRouterPolicyStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*EdgeRouterPolicy, error)
}

type EdgeRouterStore

type EdgeRouterStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*EdgeRouter, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*EdgeRouter, error)
	GetRoleAttributesIndex() boltz.SetReadIndex
	GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error)
}

type EdgeService

type EdgeService struct {
	db.Service
	RoleAttributes     []string
	Configs            []string
	EncryptionRequired bool
}

func (*EdgeService) GetName

func (entity *EdgeService) GetName() string

func (*EdgeService) LoadValues

func (entity *EdgeService) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)

func (*EdgeService) SetValues

func (entity *EdgeService) SetValues(ctx *boltz.PersistContext)

type EdgeServiceStore

type EdgeServiceStore interface {
	NameIndexedStore

	LoadOneById(tx *bbolt.Tx, id string) (*EdgeService, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*EdgeService, error)
	IsBindableByIdentity(tx *bbolt.Tx, id string, identityId string) bool
	IsDialableByIdentity(tx *bbolt.Tx, id string, identityId string) bool
	GetRoleAttributesIndex() boltz.SetReadIndex
	GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error)
}

type Enrollment

type Enrollment struct {
	boltz.BaseExtEntity
	Token           string
	Method          string
	IdentityId      *string
	TransitRouterId *string
	EdgeRouterId    *string
	ExpiresAt       *time.Time
	IssuedAt        *time.Time
	CaId            *string
	Username        *string
	Jwt             string
}

func (*Enrollment) GetEntityType

func (entity *Enrollment) GetEntityType() string

func (*Enrollment) LoadValues

func (entity *Enrollment) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Enrollment) SetValues

func (entity *Enrollment) SetValues(ctx *boltz.PersistContext)

type EnrollmentStore

type EnrollmentStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*Enrollment, error)
	LoadOneByToken(tx *bbolt.Tx, token string) (*Enrollment, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*Enrollment, error)
}

type EnvInfo

type EnvInfo struct {
	Arch      string
	Os        string
	OsRelease string
	OsVersion string
}

type EventLog

type EventLog struct {
	boltz.BaseExtEntity
	Type             string
	ActorType        string
	ActorId          string
	EntityType       string
	EntityId         string
	FormattedMessage string
	FormatString     string
	FormatData       string
	Data             map[string]interface{}
}

func (*EventLog) GetEntityType

func (entity *EventLog) GetEntityType() string

func (*EventLog) LoadValues

func (entity *EventLog) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*EventLog) SetValues

func (entity *EventLog) SetValues(ctx *boltz.PersistContext)

type EventLogStore

type EventLogStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*EventLog, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*EventLog, error)
}

type GeoRegion

type GeoRegion struct {
	boltz.BaseExtEntity
	Name string
}

func (*GeoRegion) GetEntityType

func (entity *GeoRegion) GetEntityType() string

func (*GeoRegion) GetName

func (entity *GeoRegion) GetName() string

func (*GeoRegion) LoadValues

func (entity *GeoRegion) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*GeoRegion) SetValues

func (entity *GeoRegion) SetValues(ctx *boltz.PersistContext)

type GeoRegionStore

type GeoRegionStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*GeoRegion, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*GeoRegion, error)
}

type Identity

type Identity struct {
	boltz.BaseExtEntity
	Name                      string
	IdentityTypeId            string
	IsDefaultAdmin            bool
	IsAdmin                   bool
	Enrollments               []string
	Authenticators            []string
	RoleAttributes            []string
	SdkInfo                   *SdkInfo
	EnvInfo                   *EnvInfo
	DefaultHostingPrecedence  ziti.Precedence
	DefaultHostingCost        uint16
	ServiceHostingPrecedences map[string]ziti.Precedence
	ServiceHostingCosts       map[string]uint16
	AppData                   map[string]interface{}
}

func (*Identity) GetEntityType

func (entity *Identity) GetEntityType() string

func (*Identity) GetName

func (entity *Identity) GetName() string

func (*Identity) LoadValues

func (entity *Identity) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Identity) SetValues

func (entity *Identity) SetValues(ctx *boltz.PersistContext)

type IdentityStore

type IdentityStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*Identity, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*Identity, error)

	GetRoleAttributesIndex() boltz.SetReadIndex
	GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error)

	AssignServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error
	RemoveServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error
	GetServiceConfigs(tx *bbolt.Tx, identityId string) ([]ServiceConfig, error)
	LoadServiceConfigsByServiceAndType(tx *bbolt.Tx, identityId string, configTypes map[string]struct{}) map[string]map[string]map[string]interface{}
}

type IdentityType

type IdentityType struct {
	boltz.BaseExtEntity
	Name string
}

func (*IdentityType) GetEntityType

func (entity *IdentityType) GetEntityType() string

func (*IdentityType) GetName

func (entity *IdentityType) GetName() string

func (*IdentityType) LoadValues

func (entity *IdentityType) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*IdentityType) SetValues

func (entity *IdentityType) SetValues(ctx *boltz.PersistContext)

type IdentityTypeStore

type IdentityTypeStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*IdentityType, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*IdentityType, error)
}

type IdentityTypeStoreImpl

type IdentityTypeStoreImpl struct {
	// contains filtered or unexported fields
}

func (IdentityTypeStoreImpl) GetName

func (store IdentityTypeStoreImpl) GetName(tx *bbolt.Tx, id string) *string

func (*IdentityTypeStoreImpl) GetNameIndex

func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex

func (*IdentityTypeStoreImpl) LoadOneById

func (store *IdentityTypeStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*IdentityType, error)

func (*IdentityTypeStoreImpl) LoadOneByName

func (store *IdentityTypeStoreImpl) LoadOneByName(tx *bbolt.Tx, name string) (*IdentityType, error)

func (*IdentityTypeStoreImpl) LoadOneByQuery

func (store *IdentityTypeStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*IdentityType, error)

func (*IdentityTypeStoreImpl) NewStoreEntity

func (store *IdentityTypeStoreImpl) NewStoreEntity() boltz.Entity

type Mfa added in v0.17.52

type Mfa struct {
	boltz.BaseExtEntity
	IdentityId    string
	IsVerified    bool
	Secret        string
	Salt          string
	RecoveryCodes []string
}

func NewMfa added in v0.17.52

func NewMfa(identityId string) *Mfa

func (*Mfa) GetEntityType added in v0.17.52

func (entity *Mfa) GetEntityType() string

func (*Mfa) LoadValues added in v0.17.52

func (entity *Mfa) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Mfa) SetValues added in v0.17.52

func (entity *Mfa) SetValues(ctx *boltz.PersistContext)

type MfaStore added in v0.17.52

type MfaStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*Mfa, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*Mfa, error)
}

type MfaStoreImpl added in v0.17.52

type MfaStoreImpl struct {
	// contains filtered or unexported fields
}

func (MfaStoreImpl) GetName added in v0.17.52

func (store MfaStoreImpl) GetName(tx *bbolt.Tx, id string) *string

func (*MfaStoreImpl) LoadOneById added in v0.17.52

func (store *MfaStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (*Mfa, error)

func (*MfaStoreImpl) LoadOneByQuery added in v0.17.52

func (store *MfaStoreImpl) LoadOneByQuery(tx *bbolt.Tx, query string) (*Mfa, error)

func (*MfaStoreImpl) NewStoreEntity added in v0.17.52

func (store *MfaStoreImpl) NewStoreEntity() boltz.Entity

type Migrations

type Migrations struct {
	// contains filtered or unexported fields
}

type NameIndexedStore

type NameIndexedStore interface {
	Store
	GetNameIndex() boltz.ReadIndex
}

type OperatingSystem added in v0.16.48

type OperatingSystem struct {
	OsType     string
	OsVersions []string
}

type Policy added in v0.15.27

type Policy interface {
	boltz.NamedExtEntity
}

type PolicyType added in v0.17.36

type PolicyType int32

func (PolicyType) String added in v0.17.36

func (self PolicyType) String() string

type PostureCheck added in v0.16.46

type PostureCheck struct {
	boltz.BaseExtEntity
	Name           string
	TypeId         string
	Version        int64
	RoleAttributes []string
	SubType        PostureCheckSubType
}

func (*PostureCheck) GetEntityType added in v0.16.46

func (entity *PostureCheck) GetEntityType() string

func (*PostureCheck) GetName added in v0.16.46

func (entity *PostureCheck) GetName() string

func (*PostureCheck) LoadValues added in v0.16.46

func (entity *PostureCheck) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheck) SetValues added in v0.16.46

func (entity *PostureCheck) SetValues(ctx *boltz.PersistContext)

type PostureCheckMacAddresses added in v0.16.48

type PostureCheckMacAddresses struct {
	MacAddresses []string
}

func (*PostureCheckMacAddresses) LoadValues added in v0.16.48

func (entity *PostureCheckMacAddresses) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckMacAddresses) SetValues added in v0.16.48

func (entity *PostureCheckMacAddresses) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type PostureCheckMfa added in v0.17.52

type PostureCheckMfa struct {
	TimeoutSeconds        int64
	PromptOnWake          bool
	PromptOnUnlock        bool
	IgnoreLegacyEndpoints bool
}

func (*PostureCheckMfa) LoadValues added in v0.17.52

func (entity *PostureCheckMfa) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckMfa) SetValues added in v0.17.52

func (entity *PostureCheckMfa) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type PostureCheckOperatingSystem added in v0.16.48

type PostureCheckOperatingSystem struct {
	OperatingSystems []OperatingSystem
}

func (*PostureCheckOperatingSystem) LoadValues added in v0.16.48

func (entity *PostureCheckOperatingSystem) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckOperatingSystem) SetValues added in v0.16.48

func (entity *PostureCheckOperatingSystem) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type PostureCheckOs added in v0.20.35

type PostureCheckOs struct {
	boltz.BaseExtEntity
	Name             string
	OperatingSystems []OperatingSystem
}

func (*PostureCheckOs) GetEntityType added in v0.20.35

func (entity *PostureCheckOs) GetEntityType() string

func (*PostureCheckOs) GetName added in v0.20.35

func (entity *PostureCheckOs) GetName() string

func (*PostureCheckOs) LoadValues added in v0.20.35

func (entity *PostureCheckOs) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckOs) SetValues added in v0.20.35

func (entity *PostureCheckOs) SetValues(ctx *boltz.PersistContext)

type PostureCheckProcess added in v0.16.48

type PostureCheckProcess struct {
	OperatingSystem string
	Path            string
	Hashes          []string
	Fingerprint     string
}

func (*PostureCheckProcess) LoadValues added in v0.16.48

func (entity *PostureCheckProcess) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckProcess) SetValues added in v0.16.48

func (entity *PostureCheckProcess) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type PostureCheckProcessMulti added in v0.19.93

type PostureCheckProcessMulti struct {
	Semantic  string
	Processes []*ProcessMulti
}

func (*PostureCheckProcessMulti) LoadValues added in v0.19.93

func (entity *PostureCheckProcessMulti) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckProcessMulti) SetValues added in v0.19.93

func (entity *PostureCheckProcessMulti) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type PostureCheckStore added in v0.16.46

type PostureCheckStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*PostureCheck, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*PostureCheck, error)
	LoadOneByQuery(tx *bbolt.Tx, query string) (*PostureCheck, error)
	GetRoleAttributesIndex() boltz.SetReadIndex
	GetRoleAttributesCursorProvider(filters []string, semantic string) (ast.SetCursorProvider, error)
}

type PostureCheckSubType added in v0.16.48

type PostureCheckSubType interface {
	LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)
	SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
}

type PostureCheckTypeStore added in v0.16.48

type PostureCheckTypeStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*PostureCheckOs, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*PostureCheckOs, error)
}

type PostureCheckWindowsDomains added in v0.16.48

type PostureCheckWindowsDomains struct {
	Domains []string
}

func (*PostureCheckWindowsDomains) LoadValues added in v0.16.48

func (entity *PostureCheckWindowsDomains) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*PostureCheckWindowsDomains) SetValues added in v0.16.48

func (entity *PostureCheckWindowsDomains) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)

type ProcessMulti added in v0.19.93

type ProcessMulti struct {
	OsType             string
	Path               string
	Hashes             []string
	SignerFingerprints []string
}

type SdkInfo

type SdkInfo struct {
	Branch     string
	Revision   string
	Type       string
	Version    string
	AppId      string
	AppVersion string
}

type SecretStore added in v0.17.52

type SecretStore interface {
	GetSecret() []byte
}

type ServiceConfig

type ServiceConfig struct {
	ServiceId string
	ConfigId  string
}

type ServiceEdgeRouterPolicy

type ServiceEdgeRouterPolicy struct {
	boltz.BaseExtEntity
	Name            string
	Semantic        string
	ServiceRoles    []string
	EdgeRouterRoles []string
}

func (*ServiceEdgeRouterPolicy) GetEntityType

func (entity *ServiceEdgeRouterPolicy) GetEntityType() string

func (*ServiceEdgeRouterPolicy) GetName

func (entity *ServiceEdgeRouterPolicy) GetName() string

func (*ServiceEdgeRouterPolicy) GetSemantic added in v0.15.27

func (entity *ServiceEdgeRouterPolicy) GetSemantic() string

func (*ServiceEdgeRouterPolicy) LoadValues

func (entity *ServiceEdgeRouterPolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*ServiceEdgeRouterPolicy) SetValues

func (entity *ServiceEdgeRouterPolicy) SetValues(ctx *boltz.PersistContext)

type ServiceEdgeRouterPolicyStore

type ServiceEdgeRouterPolicyStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*ServiceEdgeRouterPolicy, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*ServiceEdgeRouterPolicy, error)
}

type ServiceEvent added in v0.17.36

type ServiceEvent struct {
	Type       ServiceEventType
	IdentityId string
	ServiceId  string
}

func (*ServiceEvent) String added in v0.17.36

func (self *ServiceEvent) String() string

type ServiceEventHandler added in v0.17.36

type ServiceEventHandler func(event *ServiceEvent)

type ServiceEventType added in v0.17.36

type ServiceEventType byte
const (
	ServiceDialAccessGained ServiceEventType = 1
	ServiceDialAccessLost   ServiceEventType = 2
	ServiceBindAccessGained ServiceEventType = 3
	ServiceBindAccessLost   ServiceEventType = 4
	ServiceUpdated          ServiceEventType = 5
)

func (ServiceEventType) String added in v0.17.36

func (self ServiceEventType) String() string

type ServiceEventsRegistry added in v0.17.36

type ServiceEventsRegistry struct {
	// contains filtered or unexported fields
}

func (*ServiceEventsRegistry) AddServiceEventHandler added in v0.17.36

func (self *ServiceEventsRegistry) AddServiceEventHandler(listener ServiceEventHandler)

func (*ServiceEventsRegistry) RemoveServiceEventHandler added in v0.17.36

func (self *ServiceEventsRegistry) RemoveServiceEventHandler(listener ServiceEventHandler)

type ServicePolicy

type ServicePolicy struct {
	boltz.BaseExtEntity
	PolicyType        PolicyType
	Name              string
	Semantic          string
	IdentityRoles     []string
	ServiceRoles      []string
	PostureCheckRoles []string
}

func (*ServicePolicy) GetEntityType

func (entity *ServicePolicy) GetEntityType() string

func (*ServicePolicy) GetName

func (entity *ServicePolicy) GetName() string

func (*ServicePolicy) GetPolicyTypeName

func (entity *ServicePolicy) GetPolicyTypeName() string

func (*ServicePolicy) GetSemantic added in v0.15.27

func (entity *ServicePolicy) GetSemantic() string

func (*ServicePolicy) LoadValues

func (entity *ServicePolicy) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*ServicePolicy) SetValues

func (entity *ServicePolicy) SetValues(ctx *boltz.PersistContext)

type ServicePolicyStore

type ServicePolicyStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*ServicePolicy, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*ServicePolicy, error)
}

type Session

type Session struct {
	boltz.BaseExtEntity
	Token           string
	IdentityId      string
	ApiSessionId    string
	ServiceId       string
	Type            string
	Certs           []*SessionCert
	ApiSession      *ApiSession
	ServicePolicies []string
}

func (*Session) GetEntityType

func (entity *Session) GetEntityType() string

func (*Session) LoadValues

func (entity *Session) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*Session) SetValues

func (entity *Session) SetValues(ctx *boltz.PersistContext)

type SessionCert

type SessionCert struct {
	Id          string
	Cert        string
	Fingerprint string
	ValidFrom   time.Time
	ValidTo     time.Time
}

func (*SessionCert) GetEntityType

func (entity *SessionCert) GetEntityType() string

func (*SessionCert) GetId

func (entity *SessionCert) GetId() string

func (*SessionCert) LoadValues

func (entity *SessionCert) LoadValues(_ boltz.CrudStore, bucket *boltz.TypedBucket)

func (*SessionCert) SetId

func (entity *SessionCert) SetId(id string)

func (*SessionCert) SetValues

func (entity *SessionCert) SetValues(ctx *boltz.PersistContext)

type SessionStore

type SessionStore interface {
	Store
	LoadOneById(tx *bbolt.Tx, id string) (*Session, error)
	LoadOneByToken(tx *bbolt.Tx, token string) (*Session, error)
	LoadCerts(tx *bbolt.Tx, id string) ([]*SessionCert, error)
	GetTokenIndex() boltz.ReadIndex
}

type Store

type Store interface {
	boltz.CrudStore
	// contains filtered or unexported methods
}

type Stores

type Stores struct {
	DbProvider DbProvider

	// fabric stores
	Router     db.RouterStore
	Service    db.ServiceStore
	Terminator db.TerminatorStore

	ApiSession              ApiSessionStore
	ApiSessionCertificate   ApiSessionCertificateStore
	Ca                      CaStore
	Config                  ConfigStore
	ConfigType              ConfigTypeStore
	EdgeRouter              EdgeRouterStore
	EdgeRouterPolicy        EdgeRouterPolicyStore
	EdgeService             EdgeServiceStore
	EventLog                EventLogStore
	GeoRegion               GeoRegionStore
	Identity                IdentityStore
	IdentityType            IdentityTypeStore
	Index                   boltz.ListStore
	Session                 SessionStore
	ServiceEdgeRouterPolicy ServiceEdgeRouterPolicyStore
	ServicePolicy           ServicePolicyStore
	TransitRouter           TransitRouterStore
	Enrollment              EnrollmentStore
	Authenticator           AuthenticatorStore
	PostureCheck            PostureCheckStore
	PostureCheckType        PostureCheckTypeStore
	Mfa                     MfaStore
	// contains filtered or unexported fields
}

func NewBoltStores

func NewBoltStores(dbProvider DbProvider) (*Stores, error)

func (*Stores) CheckIntegrity added in v0.15.28

func (stores *Stores) CheckIntegrity(fix bool, errorHandler func(error, bool)) error

func (*Stores) CheckIntegrityInTx added in v0.15.28

func (stores *Stores) CheckIntegrityInTx(tx *bbolt.Tx, fix bool, errorHandler func(error, bool)) error

func (*Stores) GetStoreForEntity

func (stores *Stores) GetStoreForEntity(entity boltz.Entity) boltz.CrudStore

func (*Stores) GetStoreList added in v0.20.28

func (stores *Stores) GetStoreList() []Store

type TestContext

type TestContext struct {
	boltz.BaseTestContext
	// contains filtered or unexported fields
}

func NewTestContext

func NewTestContext(t *testing.T) *TestContext

func (*TestContext) CleanupAll added in v0.20.36

func (ctx *TestContext) CleanupAll()

func (*TestContext) GetDb

func (ctx *TestContext) GetDb() boltz.Db

func (*TestContext) GetDbProvider

func (ctx *TestContext) GetDbProvider() DbProvider

func (*TestContext) GetStoreForEntity

func (ctx *TestContext) GetStoreForEntity(entity boltz.Entity) boltz.CrudStore

func (*TestContext) GetStores

func (ctx *TestContext) GetStores() *Stores

func (*TestContext) Init

func (ctx *TestContext) Init()

func (*TestContext) InitWithDbFile added in v0.20.110

func (ctx *TestContext) InitWithDbFile(path string)

func (*TestContext) RequireNewIdentity added in v0.20.36

func (ctx *TestContext) RequireNewIdentity(name string, isAdmin bool) *Identity

func (*TestContext) RequireNewService added in v0.20.36

func (ctx *TestContext) RequireNewService(name string) *EdgeService

type TransitRouter

type TransitRouter struct {
	db.Router
	IsVerified            bool
	Enrollments           []string
	IsBase                bool
	UnverifiedCertPem     *string
	UnverifiedFingerprint *string
}

func (*TransitRouter) GetEntityType

func (entity *TransitRouter) GetEntityType() string

func (*TransitRouter) GetName

func (entity *TransitRouter) GetName() string

func (*TransitRouter) LoadValues

func (entity *TransitRouter) LoadValues(store boltz.CrudStore, bucket *boltz.TypedBucket)

func (*TransitRouter) SetValues

func (entity *TransitRouter) SetValues(ctx *boltz.PersistContext)

type TransitRouterStore

type TransitRouterStore interface {
	NameIndexedStore
	LoadOneById(tx *bbolt.Tx, id string) (*TransitRouter, error)
	LoadOneByName(tx *bbolt.Tx, id string) (*TransitRouter, error)
}

type UpdateLastActivityAtChecker added in v0.19.39

type UpdateLastActivityAtChecker struct{}

func (UpdateLastActivityAtChecker) IsUpdated added in v0.19.39

func (u UpdateLastActivityAtChecker) IsUpdated(field string) bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL