Documentation ¶
Index ¶
- Constants
- Variables
- func EvaluatePolicy(ctx *roleAttributeChangeContext, policy Policy, ...)
- func FieldValuesToIds(new []boltz.FieldTypeAndValue) []string
- func ProcessEntityPolicyMatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool
- func ProcessEntityPolicyUnmatched(ctx *roleAttributeChangeContext, entityId, policyId []byte) bool
- func RunMigrations(db boltz.Db, stores *Stores) error
- func UpdateRelatedRoles(ctx *roleAttributeChangeContext, entityId []byte, ...)
- type ApiSession
- type ApiSessionCertificate
- type ApiSessionCertificateStore
- type ApiSessionCertificateStoreImpl
- func (store *ApiSessionCertificateStoreImpl) FillEntity(entity *ApiSessionCertificate, bucket *boltz.TypedBucket)
- func (store ApiSessionCertificateStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store ApiSessionCertificateStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (E, error)
- func (store *ApiSessionCertificateStoreImpl) NewEntity() *ApiSessionCertificate
- func (store *ApiSessionCertificateStoreImpl) PersistEntity(entity *ApiSessionCertificate, ctx *boltz.PersistContext)
- type ApiSessionStore
- type AuthPolicy
- type AuthPolicyCert
- type AuthPolicyExtJwt
- type AuthPolicyPrimary
- type AuthPolicySecondary
- type AuthPolicyStore
- type AuthPolicyStoreImpl
- func (store *AuthPolicyStoreImpl) FillEntity(entity *AuthPolicy, bucket *boltz.TypedBucket)
- func (store AuthPolicyStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex
- func (store AuthPolicyStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (E, error)
- func (store *AuthPolicyStoreImpl) NewEntity() *AuthPolicy
- func (store *AuthPolicyStoreImpl) PersistEntity(entity *AuthPolicy, ctx *boltz.PersistContext)
- type AuthPolicyUpdb
- type Authenticator
- type AuthenticatorCert
- type AuthenticatorStore
- type AuthenticatorSubType
- type AuthenticatorUpdb
- type Ca
- type CaStore
- type Config
- type ConfigStore
- type ConfigType
- type ConfigTypeStore
- type DbProvider
- type EdgeRouter
- type EdgeRouterPolicy
- type EdgeRouterPolicyStore
- type EdgeRouterStore
- type EdgeService
- type EdgeServiceStore
- type Enrollment
- type EnrollmentStore
- type EnvInfo
- type EventListenerFunc
- type EventualEvent
- type EventualEventAdded
- type EventualEventProcessingBatchDone
- type EventualEventProcessingBatchStart
- type EventualEventProcessingDone
- type EventualEventProcessingListenerDone
- type EventualEventProcessingListenerStart
- type EventualEventProcessingStart
- type EventualEventRemoved
- type EventualEventStore
- type EventualEventer
- type EventualEventerBbolt
- func (a *EventualEventerBbolt) AddEventualEvent(eventType string, data []byte)
- func (a *EventualEventerBbolt) AddEventualEventWithCtx(ctx boltz.MutateContext, eventType string, data []byte)
- func (a *EventualEventerBbolt) AddEventualListener(eventType string, listener EventListenerFunc)
- func (a *EventualEventerBbolt) Start(closeNotify <-chan struct{}) error
- func (a *EventualEventerBbolt) Stop() error
- func (a *EventualEventerBbolt) Trigger() (<-chan struct{}, error)
- type ExternalIdClaim
- type ExternalJwtSigner
- type ExternalJwtSignerStore
- type Identity
- type IdentityServicesCursorProvider
- type IdentityStore
- type IdentityType
- type IdentityTypeStore
- type IdentityTypeStoreImpl
- func (store *IdentityTypeStoreImpl) FillEntity(entity *IdentityType, bucket *boltz.TypedBucket)
- func (store IdentityTypeStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex
- func (store IdentityTypeStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (E, error)
- func (store *IdentityTypeStoreImpl) NewEntity() *IdentityType
- func (store *IdentityTypeStoreImpl) PersistEntity(entity *IdentityType, ctx *boltz.PersistContext)
- type Mfa
- type MfaStore
- type MfaStoreImpl
- func (store *MfaStoreImpl) FillEntity(entity *Mfa, bucket *boltz.TypedBucket)
- func (store MfaStoreImpl) GetName(tx *bbolt.Tx, id string) *string
- func (store MfaStoreImpl) LoadOneById(tx *bbolt.Tx, id string) (E, error)
- func (store *MfaStoreImpl) NewEntity() *Mfa
- func (store *MfaStoreImpl) PersistEntity(entity *Mfa, ctx *boltz.PersistContext)
- type Migrations
- type NameIndexed
- type OperatingSystem
- type Policy
- type PolicyType
- type PostureCheck
- type PostureCheckMacAddresses
- type PostureCheckMfa
- type PostureCheckOperatingSystem
- type PostureCheckProcess
- type PostureCheckProcessMulti
- type PostureCheckStore
- type PostureCheckSubType
- type PostureCheckType
- type PostureCheckTypeStore
- type PostureCheckWindowsDomains
- type ProcessMulti
- type SdkInfo
- type SecretStore
- type ServiceConfig
- type ServiceEdgeRouterPolicy
- type ServiceEdgeRouterPolicyStore
- type ServiceEvent
- type ServiceEventHandler
- type ServiceEventType
- type ServiceEventsRegistry
- type ServicePolicy
- type ServicePolicyStore
- type Session
- type SessionStore
- type Store
- type Stores
- type TestContext
- func (ctx *TestContext) Cleanup()
- func (ctx *TestContext) CleanupAll()
- func (ctx *TestContext) GetDb() boltz.Db
- func (ctx *TestContext) GetDbProvider() DbProvider
- func (ctx *TestContext) GetNetwork() *network.Network
- func (ctx *TestContext) GetStoreForEntity(entity boltz.Entity) boltz.Store
- func (ctx *TestContext) GetStores() *Stores
- func (ctx *TestContext) Init()
- func (ctx *TestContext) RequireNewIdentity(name string, isAdmin bool) *Identity
- func (ctx *TestContext) RequireNewService(name string) *EdgeService
- type TransitRouter
- type TransitRouterStore
- type UpdateLastActivityAtChecker
Constants ¶
const ( FieldApiSessionCertificateApiSession = "apiSession" FieldApiSessionCertificateSubject = "subject" FieldApiSessionCertificateFingerprint = "fingerprint" FieldApiSessionCertificateValidAfter = "validAfter" FieldApiSessionCertificateValidBefore = "validBefore" FieldApiSessionCertificatePem = "pem" )
const ( FieldApiSessionIdentity = "identity" FieldApiSessionToken = "token" FieldApiSessionConfigTypes = "configTypes" FieldApiSessionIPAddress = "ipAddress" FieldApiSessionMfaComplete = "mfaComplete" FieldApiSessionMfaRequired = "mfaRequired" FieldApiSessionLastActivityAt = "lastActivityAt" FieldApiSessionAuthenticator = "authenticator" EventFullyAuthenticated events.EventName = "FULLY_AUTHENTICATED" EventualEventApiSessionDelete = "ApiSessionDelete" )
const ( DefaultUpdbMinPasswordLength = int64(5) DefaultUpdbMaxAttempts = int64(5) DefaultAuthPolicyId = "default" UpdbIndefiniteLockout = int64(0) UpdbUnlimitedAttemptsLimit = int64(0) FieldAuthPolicyPrimaryCertAllowed = "primary.cert.allowed" FieldAuthPolicyPrimaryCertAllowExpiredCerts = "primary.cert.allowExpiredCerts" FieldAuthPolicyPrimaryUpdbAllowed = "primary.updb.allowed" FiledAuthPolicyPrimaryUpdbMinPasswordLength = "primary.updb.minPasswordLength" FieldAuthPolicyPrimaryUpdbRequireSpecialChar = "primary.updb.requireSpecialChar" FieldAuthPolicyPrimaryUpdbRequireNumberChar = "primary.updb.requireNumberChar" FieldAuthPolicyPrimaryUpdbRequireMixedCase = "primary.updb.requireMixedCase" FieldAuthPolicyPrimaryUpdbMaxAttempts = "primary.updb.maxAttempts" FieldAuthPolicyPrimaryUpdbLockoutDurationMinutes = "primary.updb.lockoutDurationMinutes" FieldAuthPolicyPrimaryExtJwtAllowed = "primary.extJwt.allowed" FieldAuthPolicyPrimaryExtJwtAllowedSigners = "primary.extJwt.allowedSigners" FieldAuthSecondaryPolicyRequireTotp = "secondary.requireTotp" FieldAuthSecondaryPolicyRequiredExtJwtSigner = "secondary.requireExtJwtSigner" )
const ( FieldAuthenticatorMethod = "method" FieldAuthenticatorIdentity = "identity" FieldAuthenticatorCertFingerprint = "certFingerprint" FieldAuthenticatorCertPem = "certPem" FieldAuthenticatorUnverifiedCertPem = "unverifiedCertPem" FieldAuthenticatorUnverifiedCertFingerprint = "unverifiedCertFingerprint" FieldAuthenticatorUpdbUsername = "updbUsername" FieldAuthenticatorUpdbPassword = "updbPassword" FieldAuthenticatorUpdbSalt = "updbSalt" MethodAuthenticatorUpdb = "updb" MethodAuthenticatorCert = "cert" // MethodAuthenticatorCertCaExternalId represents authentication with a certificate that isn't directly // registered with an authenticator. Instead, it uses `externalId` values on identities and matches them to a // "x509 claim" (custom values stuffed into SANs or other x509 properties). This type will never actually // be stored for persistence and is defined here for as tobe near the other authenticator methods. MethodAuthenticatorCertCaExternalId = "certCaExternalId" )
const ( EntityTypeApiSessions = "apiSessions" EntityTypeApiSessionCertificates = "apiSessionCertificates" EntityTypeAuthPolicies = "authPolicies" EntityTypeEventualEvents = "eventualEvents" EntityTypeCas = "cas" EntityTypeConfigs = "configs" EntityTypeConfigTypes = "configTypes" EntityTypeEdgeRouterPolicies = "edgeRouterPolicies" EntityTypeExternalJwtSigners = "externalJwtSigners" EntityTypeIdentities = "identities" EntityTypeIdentityTypes = "identityTypes" EntityTypeMfas = "mfas" EntityTypeServicePolicies = "servicePolicies" EntityTypeServiceEdgeRouterPolicies = "serviceEdgeRouterPolicies" EntityTypeSessions = "sessions" EntityTypeSessionCerts = "sessionCerts" EntityTypeEnrollments = "enrollments" EntityTypeAuthenticators = "authenticators" EntityTypePostureChecks = "postureChecks" EntityTypePostureCheckTypes = "postureCheckTypes" EdgeBucket = "edge" FieldName = "name" FieldSemantic = "semantic" FieldRoleAttributes = "roleAttributes" FieldEdgeRouterRoles = "edgeRouterRoles" FieldIdentityRoles = "identityRoles" FieldServiceRoles = "serviceRoles" FieldPostureCheckRoles = "postureCheckRoles" SemanticAllOf = "AllOf" SemanticAnyOf = "AnyOf" )
const ( FieldCaFingerprint = "fingerprint" FieldCaCertPem = "certPem" FieldCaIsVerified = "isVerified" FieldCaVerificationToken = "verificationToken" FieldCaIsAutoCaEnrollmentEnabled = "isAutoCaEnrollmentEnabled" FieldCaIsOttCaEnrollmentEnabled = "isOttCaEnrollmentEnabled" FieldCaIsAuthEnabled = "isAuthEnabled" FieldCaIdentityNameFormat = "identityNameFormat" FieldCaEnrollments = "enrollments" FieldCaExternalIdClaim = "externalIdClaim" FieldCaExternalIdClaimLocation = "externalIdClaim.location" FieldCaExternalIdClaimIndex = "externalIdClaim.index" FieldCaExternalIdClaimMatcher = "externalIdClaim.matcher" FieldCaExternalIdClaimMatcherCriteria = "externalIdClaim.matcherCriteria" FieldCaExternalIdClaimParser = "externalIdClaim.parser" FieldCaExternalIdClaimParserCriteria = "externalIdClaim.parserSeparator" )
const ( ExternalIdClaimLocCommonName = "COMMON_NAME" ExternalIdClaimLocSanUri = "SAN_URI" ExternalIdClaimLocSanEmail = "SAN_EMAIL" ExternalIdClaimMatcherAll = "ALL" ExternalIdClaimMatcherSuffix = "SUFFIX" ExternalIdClaimMatcherPrefix = "PREFIX" ExternalIdClaimMatcherScheme = "SCHEME" ExternalIdClaimParserNone = "NONE" ExternalIdClaimParserSplit = "SPLIT" )
const ( FieldConfigData = "data" FieldConfigType = "type" FieldConfigIdentityService = "identityServices" )
const ( FieldEdgeRouters = "edgeRouters" FieldEdgeRouterCertPEM = "certPem" FieldEdgeRouterUnverifiedCertPEM = "unverifiedCertPem" FieldEdgeRouterUnverifiedFingerprint = "unverifiedFingerprint" FieldEdgeRouterIsVerified = "isVerified" FieldEdgeRouterIsTunnelerEnabled = "isTunnelerEnabled" FieldEdgeRouterAppData = "appData" )
const ( FieldEdgeServiceDialIdentities = "dialIdentities" FieldEdgeServiceBindIdentities = "bindIdentities" FieldServiceEncryptionRequired = "encryptionRequired" )
const ( FieldEnrollmentToken = "token" FieldEnrollmentMethod = "method" FieldEnrollIdentity = "identity" FieldEnrollEdgeRouter = "edgeRouter" FieldEnrollTransitRouter = "transitRouter" FieldEnrollmentExpiresAt = "expiresAt" FieldEnrollmentIssuedAt = "issuedAt" FieldEnrollmentCaId = "caId" FieldEnrollmentUsername = "username" FieldEnrollmentJwt = "jwt" MethodEnrollOtt = "ott" MethodEnrollOttCa = "ottca" MethodEnrollCa = "ca" MethodEnrollUpdb = "updb" )
const ( FieldEventualEventType = "type" FieldEventualEventData = "data" )
const ( // EventualEventAddedName is emitted when a new event is added via AddEventualEvent(). // // Event arguments: // 0 - an EventualEventAdded struct EventualEventAddedName = events.EventName("EventualEventAdded") // EventualEventRemovedName is emitted when a previously added eventual event is processed // // Event arguments: // 0 - an EventualEventRemoved struct EventualEventRemovedName = events.EventName("EventualEventRemoved") // EventualEventProcessingStartName is emitted as the first action during processing // Event arguments: // 0 - an EventualEventProcessingStart struct EventualEventProcessingStartName = events.EventName("EventualEventProcessingStart") // EventualEventProcessingBatchStartName is emitted as the first set of events are processed // after EventualEventProcessingStartName. It is possible for 0+ batches to be processed. Each // patch should contain 1+ events. // // Event arguments: // 0 - an EventualEventProcessingBatchStart struct EventualEventProcessingBatchStartName = events.EventName("EventualEventProcessingBatchStart") // EventualEventProcessingListenerStartName is emitted for each function listener invoked // on each event. // // Event arguments: // 0 - an EventualEventProcessingListenerStart struct EventualEventProcessingListenerStartName = events.EventName("EventualEventProcessingListenerStart") // EventualEventProcessingListenerDoneName is emitted for each function listener after invocation // // Event arguments: // 0 - an EventualEventProcessingListenerDone struct EventualEventProcessingListenerDoneName = events.EventName("EventualEventProcessingListenerDone") // EventualEventProcessingBatchDoneName is emitted after the last event processed in a batch. // // Event arguments: // 0 - an EventualEventProcessingBatchDone struct EventualEventProcessingBatchDoneName = events.EventName("EventualEventProcessingBatchDone") // EventualEventProcessingDoneName is emitted as the last action during processing after // all events and batches. // // Event arguments: // 0 - an EventualEventProcessingDone struct EventualEventProcessingDoneName = events.EventName("EventualEventProcessingDone") )
const ( FieldExternalJwtSignerFingerprint = "fingerprint" FieldExternalJwtSignerCertPem = "certPem" FieldExternalJwtSignerJwksEndpoint = "jwksEndpoint" FieldExternalJwtSignerCommonName = "commonName" FieldExternalJwtSignerNotAfter = "notAfter" FieldExternalJwtSignerNotBefore = "notBefore" FieldExternalJwtSignerEnabled = "enabled" FieldExternalJwtSignerExternalAuthUrl = "externalAuthUrl" FieldExternalJwtSignerAuthPolicies = "authPolicies" FieldExternalJwtSignerClaimsProperty = "claimsProperty" FieldExternalJwtSignerUseExternalId = "useExternalId" FieldExternalJwtSignerKid = "kid" FieldExternalJwtSignerIssuer = "issuer" FieldExternalJwtSignerAudience = "audience" DefaultClaimsProperty = "sub" )
const ( FieldIdentityType = "type" FieldIdentityIsDefaultAdmin = "isDefaultAdmin" FieldIdentityIsAdmin = "isAdmin" FieldIdentityEnrollments = "enrollments" FieldIdentityAuthenticators = "authenticators" FieldIdentityServiceConfigs = "serviceConfigs" FieldIdentityEnvInfoArch = "envInfoArch" FieldIdentityEnvInfoOs = "envInfoOs" FieldIdentityEnvInfoOsRelease = "envInfoRelease" FieldIdentityEnvInfoOsVersion = "envInfoVersion" FieldIdentitySdkInfoBranch = "sdkInfoBranch" FieldIdentitySdkInfoRevision = "sdkInfoRevision" FieldIdentitySdkInfoType = "sdkInfoType" FieldIdentitySdkInfoVersion = "sdkInfoVersion" FieldIdentitySdkInfoAppId = "sdkInfoAppId" FieldIdentitySdkInfoAppVersion = "sdkInfoAppVersion" FieldIdentityBindServices = "bindServices" FieldIdentityDialServices = "dialServices" FieldIdentityDefaultHostingPrecedence = "defaultHostingPrecedence" FieldIdentityDefaultHostingCost = "defaultHostingCost" FieldIdentityServiceHostingPrecedences = "serviceHostingPrecedences" FieldIdentityServiceHostingCosts = "serviceHostingCosts" FieldIdentityAppData = "appData" FieldIdentityAuthPolicyId = "authPolicyId" FieldIdentityExternalId = "externalId" FieldIdentityDisabledAt = "disabledAt" FieldIdentityDisabledUntil = "disabledUntil" )
const ( FieldMfaIdentity = "identity" FieldMfaIsVerified = "isVerified" FieldMfaRecoveryCodes = "recoveryCodes" FieldMfaSecret = "secret" FieldMfaSalt = "salt" )
const ( CurrentDbVersion = 32 FieldVersion = "version" )
const ( FieldPostureCheckMfaTimeoutSeconds = "timeoutSeconds" FieldPostureCheckMfaPromptOnWake = "promptOnWake" FieldPostureCheckMfaPromptOnUnlock = "promptOnUnlock" FieldPostureCheckMfaIgnoreLegacyEndpoints = "ignoreLegacyEndpoints" )
const ( FieldPostureCheckOsType = "osType" FieldPostureCheckOsVersions = "osVersions" )
const ( FieldPostureCheckProcessOs = "os" FieldPostureCheckProcessPath = "path" FieldPostureCheckProcessHashes = "hashes" FieldPostureCheckProcessFingerprint = "fingerprint" )
const ( FieldPostureCheckProcessMultiOsType = "osType" FieldPostureCheckProcessMultiPath = "path" FieldPostureCheckProcessMultiHashes = "hashes" FieldPostureCheckProcessMultiSignerFingerprints = "signerFingerprints" FieldPostureCheckProcessMultiProcesses = "processes" )
const ( //Fields FieldPostureCheckTypeId = "typeId" FieldPostureCheckVersion = "version" FieldPostureCheckBindServices = "bindServices" FieldPostureCheckDialServices = "dialServices" )
const ( PostureCheckTypeOs = "OS" PostureCheckTypeDomain = "DOMAIN" PostureCheckTypeProcess = "PROCESS" PostureCheckTypeProcessMulti = "PROCESS_MULTI" PostureCheckTypeMAC = "MAC" PostureCheckTypeMFA = "MFA" )
const ( FieldServicePolicyType = "type" PolicyTypeInvalidName = "Invalid" PolicyTypeDialName = "Dial" PolicyTypeBindName = "Bind" PolicyTypeInvalid PolicyType = PolicyTypeInvalidName PolicyTypeDial PolicyType = PolicyTypeDialName PolicyTypeBind PolicyType = PolicyTypeBindName )
const ( FieldSessionToken = "token" FieldSessionApiSession = "apiSession" FieldSessionService = "service" FieldSessionIdentity = "identity" FieldSessionType = "type" FieldSessionServicePolicies = "servicePolicies" SessionTypeDial = "Dial" SessionTypeBind = "Bind" )
const ( TransitRouterPath = "transitRouter" FieldTransitRouterIsVerified = "isVerified" FieldTransitRouterEnrollments = "enrollments" )
const ( RolePrefix = "#" EntityPrefix = "@" AllRole = "#all" )
const (
FieldConfigTypeSchema = "schema"
)
const (
FieldPostureCheckDomains = "domains"
)
const (
FieldPostureCheckMacAddresses = "macAddresses"
)
const (
FieldPostureCheckTypeOperatingSystems = "operatingSystems"
)
const (
RouterIdentityType = "Router"
)
Variables ¶
var IdentityTypesV1 = map[string]string{
"User": "User",
"Device": "Device",
"Service": "Service",
"Router": "Router",
}
var ServiceEvents = &ServiceEventsRegistry{ handlers: cowslice.NewCowSlice(make([]ServiceEventHandler, 0)), }
Functions ¶
func EvaluatePolicy ¶ added in v0.15.27
func EvaluatePolicy(ctx *roleAttributeChangeContext, policy Policy, roleAttributesSymbol boltz.EntitySetSymbol)
func FieldValuesToIds ¶
func FieldValuesToIds(new []boltz.FieldTypeAndValue) []string
func ProcessEntityPolicyMatched ¶ added in v0.15.27
func ProcessEntityPolicyUnmatched ¶ added in v0.15.27
func UpdateRelatedRoles ¶
func UpdateRelatedRoles(ctx *roleAttributeChangeContext, entityId []byte, newRoleAttributes []boltz.FieldTypeAndValue, semanticSymbol boltz.EntitySymbol)
Types ¶
type ApiSession ¶
type ApiSession struct { boltz.BaseExtEntity IdentityId string `json:"identityId"` Token string `json:"token"` IPAddress string `json:"ipAddress"` ConfigTypes []string `json:"configTypes"` MfaComplete bool `json:"mfaComplete"` MfaRequired bool `json:"mfaRequired"` LastActivityAt time.Time `json:"lastActivityAt"` AuthenticatorId string `json:"authenticatorId"` }
func NewApiSession ¶
func NewApiSession(identityId string) *ApiSession
func (*ApiSession) GetEntityType ¶
func (entity *ApiSession) GetEntityType() string
type ApiSessionCertificate ¶ added in v0.17.30
type ApiSessionCertificate struct { boltz.BaseExtEntity ApiSessionId string `json:"apiSessionId"` Subject string `json:"subject"` Fingerprint string `json:"fingerprint"` ValidAfter *time.Time `json:"validAfter"` ValidBefore *time.Time `json:"validBefore"` PEM string `json:"pem"` }
func (*ApiSessionCertificate) GetEntityType ¶ added in v0.17.30
func (entity *ApiSessionCertificate) GetEntityType() string
type ApiSessionCertificateStore ¶ added in v0.17.30
type ApiSessionCertificateStore interface { Store[*ApiSessionCertificate] }
type ApiSessionCertificateStoreImpl ¶ added in v0.17.30
type ApiSessionCertificateStoreImpl struct {
// contains filtered or unexported fields
}
func (*ApiSessionCertificateStoreImpl) FillEntity ¶ added in v0.24.249
func (store *ApiSessionCertificateStoreImpl) FillEntity(entity *ApiSessionCertificate, bucket *boltz.TypedBucket)
func (ApiSessionCertificateStoreImpl) LoadOneById ¶ added in v0.17.30
func (*ApiSessionCertificateStoreImpl) NewEntity ¶ added in v0.24.249
func (store *ApiSessionCertificateStoreImpl) NewEntity() *ApiSessionCertificate
func (*ApiSessionCertificateStoreImpl) PersistEntity ¶ added in v0.24.249
func (store *ApiSessionCertificateStoreImpl) PersistEntity(entity *ApiSessionCertificate, ctx *boltz.PersistContext)
type ApiSessionStore ¶
type AuthPolicy ¶ added in v0.21.153
type AuthPolicy struct { boltz.BaseExtEntity Name string `json:"name"` Primary AuthPolicyPrimary `json:"primary"` Secondary AuthPolicySecondary `json:"secondary"` }
func (*AuthPolicy) GetEntityType ¶ added in v0.21.153
func (entity *AuthPolicy) GetEntityType() string
func (*AuthPolicy) GetName ¶ added in v0.21.153
func (entity *AuthPolicy) GetName() string
type AuthPolicyCert ¶ added in v0.21.153
type AuthPolicyExtJwt ¶ added in v0.21.153
type AuthPolicyPrimary ¶ added in v0.21.153
type AuthPolicyPrimary struct { Cert AuthPolicyCert `json:"cert"` Updb AuthPolicyUpdb `json:"updb"` ExtJwt AuthPolicyExtJwt `json:"extJwt"` }
type AuthPolicySecondary ¶ added in v0.21.153
type AuthPolicyStore ¶ added in v0.21.153
type AuthPolicyStore interface { NameIndexed Store[*AuthPolicy] }
type AuthPolicyStoreImpl ¶ added in v0.21.153
type AuthPolicyStoreImpl struct {
// contains filtered or unexported fields
}
func (*AuthPolicyStoreImpl) FillEntity ¶ added in v0.24.249
func (store *AuthPolicyStoreImpl) FillEntity(entity *AuthPolicy, bucket *boltz.TypedBucket)
func (*AuthPolicyStoreImpl) GetNameIndex ¶ added in v0.21.153
func (store *AuthPolicyStoreImpl) GetNameIndex() boltz.ReadIndex
func (AuthPolicyStoreImpl) LoadOneById ¶ added in v0.21.153
func (*AuthPolicyStoreImpl) NewEntity ¶ added in v0.24.249
func (store *AuthPolicyStoreImpl) NewEntity() *AuthPolicy
func (*AuthPolicyStoreImpl) PersistEntity ¶ added in v0.24.249
func (store *AuthPolicyStoreImpl) PersistEntity(entity *AuthPolicy, ctx *boltz.PersistContext)
type AuthPolicyUpdb ¶ added in v0.21.153
type AuthPolicyUpdb struct { Allowed bool `json:"allowed"` MinPasswordLength int64 `json:"minPasswordLength"` RequireSpecialChar bool `json:"requireSpecialChar"` RequireNumberChar bool `json:"requireNumberChar"` RequireMixedCase bool `json:"requireMixedCase"` MaxAttempts int64 `json:"maxAttempts"` LockoutDurationMinutes int64 `json:"lockoutDurationMinutes"` }
type Authenticator ¶
type Authenticator struct { boltz.BaseExtEntity Type string `json:"type"` IdentityId string `json:"identityId"` SubType AuthenticatorSubType `json:"subType"` }
func (*Authenticator) GetEntityType ¶
func (entity *Authenticator) GetEntityType() string
func (*Authenticator) ToCert ¶
func (entity *Authenticator) ToCert() *AuthenticatorCert
func (*Authenticator) ToSubType ¶
func (entity *Authenticator) ToSubType() AuthenticatorSubType
func (*Authenticator) ToUpdb ¶
func (entity *Authenticator) ToUpdb() *AuthenticatorUpdb
type AuthenticatorCert ¶
type AuthenticatorCert struct { Authenticator `json:"-"` Fingerprint string `json:"fingerprint"` Pem string `json:"pem"` UnverifiedPem string `json:"unverifiedPem"` UnverifiedFingerprint string `json:"unverifiedFingerprint"` }
func (*AuthenticatorCert) Fingerprints ¶
func (entity *AuthenticatorCert) Fingerprints() []string
type AuthenticatorStore ¶
type AuthenticatorStore interface { Store[*Authenticator] }
type AuthenticatorSubType ¶
type AuthenticatorSubType interface {
Fingerprints() []string
}
type AuthenticatorUpdb ¶
type AuthenticatorUpdb struct { Authenticator `json:"-"` Username string `json:"username"` Password string `json:"password"` Salt string `json:"salt"` }
func (*AuthenticatorUpdb) Fingerprints ¶
func (entity *AuthenticatorUpdb) Fingerprints() []string
type Ca ¶
type Ca struct { boltz.BaseExtEntity Name string `json:"name"` Fingerprint string `json:"fingerprint"` CertPem string `json:"certPem"` IsVerified bool `json:"isVerified"` VerificationToken string `json:"verificationToken"` IsAutoCaEnrollmentEnabled bool `json:"isAutoCaEnrollmentEnabled"` IsOttCaEnrollmentEnabled bool `json:"isOttCaEnrollmentEnabled"` IsAuthEnabled bool `json:"isAuthEnabled"` IdentityRoles []string `json:"identityRoles"` IdentityNameFormat string `json:"identityNameFormat"` ExternalIdClaim *ExternalIdClaim `json:"externalIdClaim"` }
func (*Ca) GetEntityType ¶
type Config ¶
type Config struct { boltz.BaseExtEntity Name string `json:"name"` Type string `json:"type"` Data map[string]interface{} `json:"data"` }
func (*Config) GetEntityType ¶
type ConfigStore ¶
type ConfigStore interface { Store[*Config] NameIndexed }
type ConfigType ¶
type ConfigType struct { boltz.BaseExtEntity Name string `json:"name"` Schema map[string]interface{} `json:"schema"` }
func (*ConfigType) GetEntityType ¶
func (entity *ConfigType) GetEntityType() string
func (*ConfigType) GetName ¶
func (entity *ConfigType) GetName() string
type ConfigTypeStore ¶
type ConfigTypeStore interface { Store[*ConfigType] NameIndexed LoadOneByName(tx *bbolt.Tx, name string) (*ConfigType, error) GetName(tx *bbolt.Tx, id string) *string }
type DbProvider ¶
type EdgeRouter ¶
type EdgeRouter struct { db.Router IsVerified bool `json:"isVerified"` CertPem *string `json:"certPem"` UnverifiedCertPem *string `json:"unverifiedCertPem"` UnverifiedFingerprint *string `json:"unverifiedFingerprint"` RoleAttributes []string `json:"roleAttributes"` IsTunnelerEnabled bool `json:"isTunnelerEnabled"` AppData map[string]interface{} `json:"appData"` }
func (*EdgeRouter) GetName ¶
func (entity *EdgeRouter) GetName() string
type EdgeRouterPolicy ¶
type EdgeRouterPolicy struct { boltz.BaseExtEntity Name string `json:"name"` Semantic string `json:"semantic"` IdentityRoles []string `json:"identityRoles"` EdgeRouterRoles []string `json:"edgeRouterRoles"` }
func (*EdgeRouterPolicy) GetEntityType ¶
func (entity *EdgeRouterPolicy) GetEntityType() string
func (*EdgeRouterPolicy) GetName ¶
func (entity *EdgeRouterPolicy) GetName() string
func (*EdgeRouterPolicy) GetSemantic ¶ added in v0.15.27
func (entity *EdgeRouterPolicy) GetSemantic() string
type EdgeRouterPolicyStore ¶
type EdgeRouterPolicyStore interface { NameIndexed Store[*EdgeRouterPolicy] }
type EdgeRouterStore ¶
type EdgeRouterStore interface { NameIndexed Store[*EdgeRouter] GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) }
type EdgeService ¶
type EdgeServiceStore ¶
type EdgeServiceStore interface { NameIndexed Store[*EdgeService] IsBindableByIdentity(tx *bbolt.Tx, id string, identityId string) bool IsDialableByIdentity(tx *bbolt.Tx, id string, identityId string) bool GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) }
type Enrollment ¶
type Enrollment struct { boltz.BaseExtEntity Token string `json:"token"` Method string `json:"method"` IdentityId *string `json:"identityId"` TransitRouterId *string `json:"transitRouterId"` EdgeRouterId *string `json:"edgeRouterId"` ExpiresAt *time.Time `json:"expiresAt"` IssuedAt *time.Time `json:"issuedAt"` CaId *string `json:"caId"` Username *string `json:"username"` Jwt string `json:"jwt"` }
func (*Enrollment) GetEntityType ¶
func (entity *Enrollment) GetEntityType() string
type EnrollmentStore ¶
type EnrollmentStore interface { Store[*Enrollment] LoadOneByToken(tx *bbolt.Tx, token string) (*Enrollment, error) }
type EventListenerFunc ¶ added in v0.21.45
EventListenerFunc is a function handler that will be triggered asynchronously some point in the future
type EventualEvent ¶ added in v0.21.45
type EventualEvent struct { boltz.BaseExtEntity Type string `json:"type"` Data []byte `json:"data"` }
func (*EventualEvent) GetEntityType ¶ added in v0.21.45
func (entity *EventualEvent) GetEntityType() string
type EventualEventAdded ¶ added in v0.21.45
type EventualEventProcessingBatchDone ¶ added in v0.21.45
type EventualEventProcessingBatchDone struct { // Id is a unique id for the batch Id string // Id is the unique processing run this batch is a member of ProcessId string // Count is the number of events in the current batch Count int // BatchSize is the batch size for the current batch (the maximum value of Count) BatchSize int // StartTime the time the batch was started StartTime time.Time // EndTime the time the batch ended EndTime time.Time }
type EventualEventProcessingBatchStart ¶ added in v0.21.45
type EventualEventProcessingBatchStart struct { // Id is a unique id for the batch Id string // Id is the unique processing run this batch is a member of ProcessId string // Count is the number of events in the current batch Count int // BatchSize is the batch size for the current batch (the maximum value of Count) BatchSize int // StartTime the time when the batch started processing StartTime time.Time }
type EventualEventProcessingDone ¶ added in v0.21.45
type EventualEventProcessingDone struct { // Id is a unique id for processing run Id string // TotalBatches is the total number of batches executed during processing TotalBatches int64 // TotalEvent is the total number of events processed TotalEvents int64 // TotalListenersExecuted is the total number of listeners executed during processing TotalListenersExecuted int64 // StartTime is the time when the processing began StartTime time.Time // EndTime is the time when the processing ended EndTime time.Time }
type EventualEventProcessingListenerDone ¶ added in v0.21.45
type EventualEventProcessingListenerDone struct { // Id is a unique id for the triggering of a listener Id string // BatchId is the unique id of the batch being processed BatchId string // ProcessId is the unique id of the currently executing process ProcessId string // ListenerFunc is the listener that was executed ListenerFunc EventListenerFunc // BatchEventIndex is the zero based offset of the currently executing event BatchEventIndex int64 // TotalEventIndex is the total index across all batches of the currently executing event TotalEventIndex int64 // Error is nil if no error occurred during execution, otherwise an error value Error error // EventType is the typeof the event that triggered the listener EventType string // StartTime is the time when the listener started execution StartTime time.Time // EndTime is the time when the listener ended execution EndTime time.Time }
type EventualEventProcessingListenerStart ¶ added in v0.21.45
type EventualEventProcessingListenerStart struct { // Id is a unique id for the triggering of a listener Id string // BatchId is the unique id of the batch being processed BatchId string // ProcessId is the unique id of the currently executing process ProcessId string // ListenerFunc is the listener that was executed ListenerFunc EventListenerFunc // BatchEventIndex is the zero based offset of the currently executing event BatchEventIndex int64 // TotalEventIndex is the total index across all batches of the currently executing event TotalEventIndex int64 // EventType is the typeof the event that is triggering the listener EventType string // StartTime is the time when the listener was started StartTime time.Time }
type EventualEventProcessingStart ¶ added in v0.21.45
type EventualEventRemoved ¶ added in v0.21.45
type EventualEventStore ¶ added in v0.21.45
type EventualEventStore interface { Store[*EventualEvent] }
type EventualEventer ¶ added in v0.21.45
type EventualEventer interface { // EventEmmiter is used to provide processing event status on processing state, which is useful // for instrumenting an EventualEventer for metric purposes (process runtime, process batch runtime, // event counts, etc.) events.EventEmmiter // AddEventualEvent adds an eventual event with a specific name and byte array data payload. Interpretation // of the event's data payload is upto the event emitter and consumer. AddEventualEvent(eventType string, data []byte) // AddEventualListener adds a function as call back when an eventual event is processed. AddEventualListener(eventType string, handler EventListenerFunc) // Start should be called at the start of the lifetime of the EventualEventer. // A closeNotify channel must be supplied for application shutdown eventing. // // If an EventualEventer has already been started, it will return an error. // Errors may be returned for other reasons causing Start to fail. Start(closeNotify <-chan struct{}) error // Stop may be called to manually end of the lifetime of the EventualEventer outside the // closeNotify signaling provided in the Start call. If not started, an error will be returned. // Errors may be returned for other reasons causing Stop to fail. Stop() error // Trigger forces an EventualEventer to check for work to be processed. Beyond this method, // it is the implementation's responsibility to provide other mechanisms or logic to determine // when work is performed (timers, events, etc.) which may be setup/torn down during Start/Stop. // // If the EventualEventer is not currently running or can't process work and error will // be returned. If it is running a channel will be returned which will be closed after // the current or next iteration of the event processor has completed. Trigger() (<-chan struct{}, error) }
An EventualEventer provides a method for storing events in a persistent manner that will be processed at a later date. Processing may include time intensive processing such as bulk deletion of other entities. Event persistence strategy, processing order, and processing synchronization are up to the implementation to decide.
EventualEventers are also required to emit a series of events via the events.EventEmitter interface. See EventualEventAdded and subsequent events for more details.
type EventualEventerBbolt ¶ added in v0.21.45
type EventualEventerBbolt struct { events.EventEmmiter Interval time.Duration // contains filtered or unexported fields }
EventualEventerBbolt implements EventualEventer with a bbolt back storage mechanism. Work is performed on a configurable basis via the Interval property in FIFO order.
Events are stored in the following format:
id - CUID - a monotonic reference id name - string - an event name, used for log output data - []byte - a string array of arguments
func NewEventualEventerBbolt ¶ added in v0.21.45
func NewEventualEventerBbolt(dbProvider DbProvider, store EventualEventStore, interval time.Duration, batchSize int) *EventualEventerBbolt
NewEventualEventerBbolt creates a new bbolt backed asynchronous eventer that will check for new events at the given interval or when triggered. On each interval/trigger, the number of events processed is determined by batchSize.
func (*EventualEventerBbolt) AddEventualEvent ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualEvent(eventType string, data []byte)
func (*EventualEventerBbolt) AddEventualEventWithCtx ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualEventWithCtx(ctx boltz.MutateContext, eventType string, data []byte)
func (*EventualEventerBbolt) AddEventualListener ¶ added in v0.21.45
func (a *EventualEventerBbolt) AddEventualListener(eventType string, listener EventListenerFunc)
func (*EventualEventerBbolt) Start ¶ added in v0.21.45
func (a *EventualEventerBbolt) Start(closeNotify <-chan struct{}) error
func (*EventualEventerBbolt) Stop ¶ added in v0.21.45
func (a *EventualEventerBbolt) Stop() error
func (*EventualEventerBbolt) Trigger ¶ added in v0.21.45
func (a *EventualEventerBbolt) Trigger() (<-chan struct{}, error)
type ExternalIdClaim ¶ added in v0.21.221
type ExternalJwtSigner ¶ added in v0.21.148
type ExternalJwtSigner struct { boltz.BaseExtEntity Name string `json:"name"` Fingerprint *string `json:"fingerprint"` Kid *string `json:"kid"` CertPem *string `json:"certPem"` JwksEndpoint *string `json:"jwksEndpoint"` CommonName string `json:"commonName"` NotAfter *time.Time `json:"notAfter"` NotBefore *time.Time `json:"notBefore"` Enabled bool `json:"enabled"` ExternalAuthUrl *string `json:"externalAuthUrl"` ClaimsProperty *string `json:"claimsProperty"` UseExternalId bool `json:"useExternalId"` Issuer *string `json:"issuer"` Audience *string `json:"audience"` }
func (*ExternalJwtSigner) GetEntityType ¶ added in v0.21.148
func (entity *ExternalJwtSigner) GetEntityType() string
func (*ExternalJwtSigner) GetName ¶ added in v0.21.148
func (entity *ExternalJwtSigner) GetName() string
type ExternalJwtSignerStore ¶ added in v0.21.148
type ExternalJwtSignerStore interface { Store[*ExternalJwtSigner] }
type Identity ¶
type Identity struct { boltz.BaseExtEntity Name string `json:"name"` IdentityTypeId string `json:"identityTypeId"` IsDefaultAdmin bool `json:"isDefaultAdmin"` IsAdmin bool `json:"isAdmin"` Enrollments []string `json:"enrollments"` Authenticators []string `json:"authenticators"` RoleAttributes []string `json:"roleAttributes"` SdkInfo *SdkInfo `json:"sdkInfo"` EnvInfo *EnvInfo `json:"envInfo"` DefaultHostingPrecedence ziti.Precedence `json:"defaultHostingPrecedence"` DefaultHostingCost uint16 `json:"defaultHostingCost"` ServiceHostingPrecedences map[string]ziti.Precedence `json:"serviceHostingPrecedences"` ServiceHostingCosts map[string]uint16 `json:"serviceHostingCosts"` AppData map[string]interface{} `json:"appData"` AuthPolicyId string `json:"authPolicyId"` ExternalId *string `json:"externalId"` DisabledAt *time.Time `json:"disabledAt"` DisabledUntil *time.Time `json:"disabledUntil"` Disabled bool `json:"disabled"` }
func (*Identity) GetEntityType ¶
type IdentityServicesCursorProvider ¶ added in v0.24.228
type IdentityServicesCursorProvider struct {
// contains filtered or unexported fields
}
type IdentityStore ¶
type IdentityStore interface { NameIndexed Store[*Identity] GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(values []string, semantic string) (ast.SetCursorProvider, error) AssignServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error RemoveServiceConfigs(tx *bbolt.Tx, identityId string, serviceConfigs ...ServiceConfig) error GetServiceConfigs(tx *bbolt.Tx, identityId string) ([]ServiceConfig, error) LoadServiceConfigsByServiceAndType(tx *bbolt.Tx, identityId string, configTypes map[string]struct{}) map[string]map[string]map[string]interface{} GetIdentityServicesCursorProvider(identityId string) ast.SetCursorProvider }
type IdentityType ¶
type IdentityType struct { boltz.BaseExtEntity Name string `json:"name"` }
func (*IdentityType) GetEntityType ¶
func (entity *IdentityType) GetEntityType() string
func (*IdentityType) GetName ¶
func (entity *IdentityType) GetName() string
type IdentityTypeStore ¶
type IdentityTypeStore interface { NameIndexed Store[*IdentityType] }
type IdentityTypeStoreImpl ¶
type IdentityTypeStoreImpl struct {
// contains filtered or unexported fields
}
func (*IdentityTypeStoreImpl) FillEntity ¶ added in v0.24.249
func (store *IdentityTypeStoreImpl) FillEntity(entity *IdentityType, bucket *boltz.TypedBucket)
func (*IdentityTypeStoreImpl) GetNameIndex ¶
func (store *IdentityTypeStoreImpl) GetNameIndex() boltz.ReadIndex
func (IdentityTypeStoreImpl) LoadOneById ¶
func (*IdentityTypeStoreImpl) NewEntity ¶ added in v0.24.249
func (store *IdentityTypeStoreImpl) NewEntity() *IdentityType
func (*IdentityTypeStoreImpl) PersistEntity ¶ added in v0.24.249
func (store *IdentityTypeStoreImpl) PersistEntity(entity *IdentityType, ctx *boltz.PersistContext)
type Mfa ¶ added in v0.17.52
type Mfa struct { boltz.BaseExtEntity IdentityId string `json:"identityId"` IsVerified bool `json:"isVerified"` Secret string `json:"secret"` Salt string `json:"salt"` RecoveryCodes []string `json:"recoveryCodes"` }
func (*Mfa) GetEntityType ¶ added in v0.17.52
type MfaStoreImpl ¶ added in v0.17.52
type MfaStoreImpl struct {
// contains filtered or unexported fields
}
func (*MfaStoreImpl) FillEntity ¶ added in v0.24.249
func (store *MfaStoreImpl) FillEntity(entity *Mfa, bucket *boltz.TypedBucket)
func (MfaStoreImpl) LoadOneById ¶ added in v0.17.52
func (*MfaStoreImpl) NewEntity ¶ added in v0.24.249
func (store *MfaStoreImpl) NewEntity() *Mfa
func (*MfaStoreImpl) PersistEntity ¶ added in v0.24.249
func (store *MfaStoreImpl) PersistEntity(entity *Mfa, ctx *boltz.PersistContext)
type Migrations ¶
type Migrations struct {
// contains filtered or unexported fields
}
type NameIndexed ¶ added in v0.24.249
type OperatingSystem ¶ added in v0.16.48
type Policy ¶ added in v0.15.27
type Policy interface { boltz.NamedExtEntity }
type PolicyType ¶ added in v0.17.36
type PolicyType string
func GetPolicyTypeForId ¶ added in v0.24.250
func GetPolicyTypeForId(policyTypeId int32) PolicyType
func (PolicyType) Id ¶ added in v0.24.250
func (self PolicyType) Id() int32
func (PolicyType) String ¶ added in v0.17.36
func (self PolicyType) String() string
type PostureCheck ¶ added in v0.16.46
type PostureCheck struct { boltz.BaseExtEntity Name string `json:"name"` TypeId string `json:"typeId"` Version int64 `json:"version"` RoleAttributes []string `json:"roleAttributes"` SubType PostureCheckSubType `json:"subType"` }
func (*PostureCheck) GetEntityType ¶ added in v0.16.46
func (entity *PostureCheck) GetEntityType() string
func (*PostureCheck) GetName ¶ added in v0.16.46
func (entity *PostureCheck) GetName() string
type PostureCheckMacAddresses ¶ added in v0.16.48
type PostureCheckMacAddresses struct {
MacAddresses []string `json:"macAddresses"`
}
func (*PostureCheckMacAddresses) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckMacAddresses) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckMacAddresses) SetValues ¶ added in v0.16.48
func (entity *PostureCheckMacAddresses) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckMfa ¶ added in v0.17.52
type PostureCheckMfa struct { TimeoutSeconds int64 `json:"timeoutSeconds"` PromptOnWake bool `json:"promptOnWake"` PromptOnUnlock bool `json:"promptOnUnlock"` IgnoreLegacyEndpoints bool `json:"ignoreLegacyEndpoints"` }
func (*PostureCheckMfa) LoadValues ¶ added in v0.17.52
func (entity *PostureCheckMfa) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckMfa) SetValues ¶ added in v0.17.52
func (entity *PostureCheckMfa) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckOperatingSystem ¶ added in v0.16.48
type PostureCheckOperatingSystem struct {
OperatingSystems []OperatingSystem `json:"operatingSystems"`
}
func (*PostureCheckOperatingSystem) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckOperatingSystem) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckOperatingSystem) SetValues ¶ added in v0.16.48
func (entity *PostureCheckOperatingSystem) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckProcess ¶ added in v0.16.48
type PostureCheckProcess struct { OperatingSystem string `json:"operatingSystem"` Path string `json:"path"` Hashes []string `json:"hashes"` Fingerprint string `json:"fingerprint"` }
func (*PostureCheckProcess) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckProcess) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckProcess) SetValues ¶ added in v0.16.48
func (entity *PostureCheckProcess) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckProcessMulti ¶ added in v0.19.93
type PostureCheckProcessMulti struct { Semantic string `json:"semantic"` Processes []*ProcessMulti `json:"processes"` }
func (*PostureCheckProcessMulti) LoadValues ¶ added in v0.19.93
func (entity *PostureCheckProcessMulti) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckProcessMulti) SetValues ¶ added in v0.19.93
func (entity *PostureCheckProcessMulti) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type PostureCheckStore ¶ added in v0.16.46
type PostureCheckStore interface { Store[*PostureCheck] LoadOneById(tx *bbolt.Tx, id string) (*PostureCheck, error) GetRoleAttributesIndex() boltz.SetReadIndex GetRoleAttributesCursorProvider(filters []string, semantic string) (ast.SetCursorProvider, error) }
type PostureCheckSubType ¶ added in v0.16.48
type PostureCheckSubType interface { LoadValues(bucket *boltz.TypedBucket) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket) }
type PostureCheckType ¶ added in v0.16.48
type PostureCheckType struct { boltz.BaseExtEntity Name string `json:"name"` OperatingSystems []OperatingSystem `json:"operatingSystems"` }
func (*PostureCheckType) GetEntityType ¶ added in v0.16.48
func (entity *PostureCheckType) GetEntityType() string
func (*PostureCheckType) GetName ¶ added in v0.16.48
func (entity *PostureCheckType) GetName() string
type PostureCheckTypeStore ¶ added in v0.16.48
type PostureCheckTypeStore interface { NameIndexed Store[*PostureCheckType] }
type PostureCheckWindowsDomains ¶ added in v0.16.48
type PostureCheckWindowsDomains struct {
Domains []string `json:"domains"`
}
func (*PostureCheckWindowsDomains) LoadValues ¶ added in v0.16.48
func (entity *PostureCheckWindowsDomains) LoadValues(bucket *boltz.TypedBucket)
func (*PostureCheckWindowsDomains) SetValues ¶ added in v0.16.48
func (entity *PostureCheckWindowsDomains) SetValues(ctx *boltz.PersistContext, bucket *boltz.TypedBucket)
type ProcessMulti ¶ added in v0.19.93
type SecretStore ¶ added in v0.17.52
type SecretStore interface {
GetSecret() []byte
}
type ServiceConfig ¶
type ServiceEdgeRouterPolicy ¶
type ServiceEdgeRouterPolicy struct { boltz.BaseExtEntity Name string `json:"name"` Semantic string `json:"semantic"` ServiceRoles []string `json:"serviceRoles"` EdgeRouterRoles []string `json:"edgeRouterRoles"` }
func (*ServiceEdgeRouterPolicy) GetEntityType ¶
func (entity *ServiceEdgeRouterPolicy) GetEntityType() string
func (*ServiceEdgeRouterPolicy) GetName ¶
func (entity *ServiceEdgeRouterPolicy) GetName() string
func (*ServiceEdgeRouterPolicy) GetSemantic ¶ added in v0.15.27
func (entity *ServiceEdgeRouterPolicy) GetSemantic() string
type ServiceEdgeRouterPolicyStore ¶
type ServiceEdgeRouterPolicyStore interface { NameIndexed Store[*ServiceEdgeRouterPolicy] }
type ServiceEvent ¶ added in v0.17.36
type ServiceEvent struct { Type ServiceEventType IdentityId string ServiceId string }
func (*ServiceEvent) String ¶ added in v0.17.36
func (self *ServiceEvent) String() string
type ServiceEventHandler ¶ added in v0.17.36
type ServiceEventHandler func(event *ServiceEvent)
type ServiceEventType ¶ added in v0.17.36
type ServiceEventType byte
const ( ServiceDialAccessGained ServiceEventType = 1 ServiceDialAccessLost ServiceEventType = 2 ServiceBindAccessGained ServiceEventType = 3 ServiceBindAccessLost ServiceEventType = 4 ServiceUpdated ServiceEventType = 5 )
func (ServiceEventType) String ¶ added in v0.17.36
func (self ServiceEventType) String() string
type ServiceEventsRegistry ¶ added in v0.17.36
type ServiceEventsRegistry struct {
// contains filtered or unexported fields
}
func (*ServiceEventsRegistry) AddServiceEventHandler ¶ added in v0.17.36
func (self *ServiceEventsRegistry) AddServiceEventHandler(listener ServiceEventHandler)
func (*ServiceEventsRegistry) RemoveServiceEventHandler ¶ added in v0.17.36
func (self *ServiceEventsRegistry) RemoveServiceEventHandler(listener ServiceEventHandler)
type ServicePolicy ¶
type ServicePolicy struct { boltz.BaseExtEntity PolicyType PolicyType `json:"policyType"` Name string `json:"name"` Semantic string `json:"semantic"` IdentityRoles []string `json:"identityRoles"` ServiceRoles []string `json:"serviceRoles"` PostureCheckRoles []string `json:"postureCheckRoles"` }
func (*ServicePolicy) GetEntityType ¶
func (entity *ServicePolicy) GetEntityType() string
func (*ServicePolicy) GetName ¶
func (entity *ServicePolicy) GetName() string
func (*ServicePolicy) GetSemantic ¶ added in v0.15.27
func (entity *ServicePolicy) GetSemantic() string
type ServicePolicyStore ¶
type ServicePolicyStore interface { NameIndexed Store[*ServicePolicy] }
type Session ¶
type Session struct { boltz.BaseExtEntity Token string `json:"token"` IdentityId string `json:"identityId"` ApiSessionId string `json:"apiSessionId"` ServiceId string `json:"serviceId"` Type string `json:"type"` ApiSession *ApiSession `json:"-"` ServicePolicies []string `json:"servicePolicies"` }
func (*Session) GetEntityType ¶
type SessionStore ¶
type Stores ¶
type Stores struct { DbProvider DbProvider EventualEventer EventualEventer // fabric stores Router db.RouterStore Service db.ServiceStore Terminator db.TerminatorStore ApiSession ApiSessionStore ApiSessionCertificate ApiSessionCertificateStore AuthPolicy AuthPolicyStore EventualEvent EventualEventStore ExternalJwtSigner ExternalJwtSignerStore Ca CaStore Config ConfigStore ConfigType ConfigTypeStore EdgeRouter EdgeRouterStore EdgeRouterPolicy EdgeRouterPolicyStore EdgeService EdgeServiceStore Identity IdentityStore IdentityType IdentityTypeStore Index boltz.Store Session SessionStore ServiceEdgeRouterPolicy ServiceEdgeRouterPolicyStore ServicePolicy ServicePolicyStore TransitRouter TransitRouterStore Enrollment EnrollmentStore Authenticator AuthenticatorStore PostureCheck PostureCheckStore PostureCheckType PostureCheckTypeStore Mfa MfaStore // contains filtered or unexported fields }
func NewBoltStores ¶
func NewBoltStores(dbProvider DbProvider) (*Stores, error)
func (*Stores) GetEntityCounts ¶ added in v0.21.97
func (stores *Stores) GetEntityCounts(dbProvider DbProvider) (map[string]int64, error)
func (*Stores) GetStoreForEntity ¶
type TestContext ¶
type TestContext struct { boltztest.BaseTestContext // contains filtered or unexported fields }
func NewTestContext ¶
func NewTestContext(t *testing.T) *TestContext
func (*TestContext) Cleanup ¶ added in v0.21.45
func (ctx *TestContext) Cleanup()
func (*TestContext) CleanupAll ¶ added in v0.20.36
func (ctx *TestContext) CleanupAll()
func (*TestContext) GetDb ¶
func (ctx *TestContext) GetDb() boltz.Db
func (*TestContext) GetDbProvider ¶
func (ctx *TestContext) GetDbProvider() DbProvider
func (*TestContext) GetNetwork ¶ added in v0.21.235
func (ctx *TestContext) GetNetwork() *network.Network
func (*TestContext) GetStoreForEntity ¶
func (ctx *TestContext) GetStoreForEntity(entity boltz.Entity) boltz.Store
func (*TestContext) GetStores ¶
func (ctx *TestContext) GetStores() *Stores
func (*TestContext) Init ¶
func (ctx *TestContext) Init()
func (*TestContext) RequireNewIdentity ¶ added in v0.20.36
func (ctx *TestContext) RequireNewIdentity(name string, isAdmin bool) *Identity
func (*TestContext) RequireNewService ¶ added in v0.20.36
func (ctx *TestContext) RequireNewService(name string) *EdgeService
type TransitRouter ¶
type TransitRouter struct { db.Router IsVerified bool `json:"isVerified"` Enrollments []string `json:"enrollments"` IsBase bool `json:"-"` UnverifiedCertPem *string `json:"unverifiedCertPem"` UnverifiedFingerprint *string `json:"unverifiedFingerprint"` }
func (*TransitRouter) GetName ¶
func (entity *TransitRouter) GetName() string
type TransitRouterStore ¶
type TransitRouterStore interface { NameIndexed Store[*TransitRouter] }
type UpdateLastActivityAtChecker ¶ added in v0.19.39
type UpdateLastActivityAtChecker struct{}
func (UpdateLastActivityAtChecker) IsUpdated ¶ added in v0.19.39
func (u UpdateLastActivityAtChecker) IsUpdated(field string) bool
Source Files ¶
- api_session_certificate_store.go
- api_session_store.go
- auth_policy_store.go
- authenticator_store.go
- base_entity.go
- base_store.go
- ca_store.go
- config_store.go
- config_type_store.go
- edge_router_policy_store.go
- edge_router_store.go
- edge_service_store.go
- enrollment_store.go
- eventual_event_store.go
- eventual_eventer.go
- external_jwt_signer_store.go
- identity_store.go
- identity_type_store.go
- mfa_store.go
- migration_initialize.go
- migration_v14.go
- migration_v16.go
- migration_v17.go
- migration_v18.go
- migration_v19.go
- migration_v23.go
- migration_v24.go
- migration_v25.go
- migrations.go
- policy_common.go
- posture_check_mac.go
- posture_check_mfa.go
- posture_check_os.go
- posture_check_process.go
- posture_check_process_multi.go
- posture_check_store.go
- posture_check_type_store.go
- posture_check_windows_domain.go
- service_edge_router_policy_store.go
- service_events.go
- service_policy_store.go
- session_store.go
- stores.go
- testing.go
- transit_router_store.go
- util.go