Documentation ¶
Index ¶
- Variables
- type SQLManager
- func (s *SQLManager) Create(policy Policy) (err error)
- func (s *SQLManager) CreateSchemas(schema, table string) (int, error)
- func (s *SQLManager) Delete(id string) error
- func (s *SQLManager) FindPoliciesForResource(resource string) (Policies, error)
- func (s *SQLManager) FindPoliciesForSubject(subject string) (Policies, error)
- func (s *SQLManager) FindRequestCandidates(r *Request) (Policies, error)
- func (s *SQLManager) Get(id string) (Policy, error)
- func (s *SQLManager) GetAll(limit, offset int64) (Policies, error)
- func (s *SQLManager) MigrateMigrationTable(tableName string) error
- func (s *SQLManager) Update(policy Policy) error
- type SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7
- type Statements
Constants ¶
This section is empty.
Variables ¶
View Source
var Migrations = map[string]Statements{ "postgres": { Migrations: &migrate.MemoryMigrationSource{ Migrations: []*migrate.Migration{ sharedMigrations[0], sharedMigrations[1], { Id: "3", Up: []string{ "CREATE INDEX ladon_subject_compiled_idx ON ladon_subject (compiled text_pattern_ops)", "CREATE INDEX ladon_permission_compiled_idx ON ladon_action (compiled text_pattern_ops)", "CREATE INDEX ladon_resource_compiled_idx ON ladon_resource (compiled text_pattern_ops)", }, Down: []string{ "DROP INDEX ladon_subject_compiled_idx", "DROP INDEX ladon_permission_compiled_idx", "DROP INDEX ladon_resource_compiled_idx", }, }, { Id: "4", Up: []string{ "alter table ladon_policy_permission add id int auto_increment primary key", "alter table ladon_policy_resource add id int auto_increment primary key", "alter table ladon_policy_subject add id int auto_increment primary key", }, Down: []string{ "alter table ladon_policy_permission drop column id", "alter table ladon_policy_resource drop column id", "alter table ladon_policy_subject drop column id", }, }, }, }, QueryInsertPolicy: `INSERT INTO ladon_policy(id, description, effect, conditions) SELECT $1::varchar, $2, $3, $4 WHERE NOT EXISTS (SELECT 1 FROM ladon_policy WHERE id = $1)`, QueryInsertPolicyActions: `INSERT INTO ladon_action (id, template, compiled, has_regex) SELECT $1::varchar, $2, $3, $4 WHERE NOT EXISTS (SELECT 1 FROM ladon_action WHERE id = $1)`, QueryInsertPolicyActionsRel: `INSERT INTO ladon_policy_action_rel (policy, action) SELECT $1::varchar, $2::varchar WHERE NOT EXISTS (SELECT 1 FROM ladon_policy_action_rel WHERE policy = $1 AND action = $2)`, QueryInsertPolicyResources: `INSERT INTO ladon_resource (id, template, compiled, has_regex) SELECT $1::varchar, $2, $3, $4 WHERE NOT EXISTS (SELECT 1 FROM ladon_resource WHERE id = $1)`, QueryInsertPolicyResourcesRel: `INSERT INTO ladon_policy_resource_rel (policy, resource) SELECT $1::varchar, $2::varchar WHERE NOT EXISTS (SELECT 1 FROM ladon_policy_resource_rel WHERE policy = $1 AND resource = $2)`, QueryInsertPolicySubjects: `INSERT INTO ladon_subject (id, template, compiled, has_regex) SELECT $1::varchar, $2, $3, $4 WHERE NOT EXISTS (SELECT 1 FROM ladon_subject WHERE id = $1)`, QueryInsertPolicySubjectsRel: `INSERT INTO ladon_policy_subject_rel (policy, subject) SELECT $1::varchar, $2::varchar WHERE NOT EXISTS (SELECT 1 FROM ladon_policy_subject_rel WHERE policy = $1 AND subject = $2)`, QueryRequestCandidates: ` SELECT p.id, p.effect, p.conditions, p.description, subject.template AS subject, resource.template AS resource, action.template AS action FROM ladon_policy AS p INNER JOIN ladon_policy_subject_rel AS rs ON rs.policy = p.id LEFT JOIN ladon_policy_action_rel AS ra ON ra.policy = p.id LEFT JOIN ladon_policy_resource_rel AS rr ON rr.policy = p.id INNER JOIN ladon_subject AS subject ON rs.subject = subject.id LEFT JOIN ladon_action AS action ON ra.action = action.id LEFT JOIN ladon_resource AS resource ON rr.resource = resource.id WHERE (subject.has_regex IS NOT TRUE AND subject.template = $1) OR (subject.has_regex IS TRUE AND $2 ~ subject.compiled)`, }, "mysql": { Migrations: &migrate.MemoryMigrationSource{ Migrations: []*migrate.Migration{ sharedMigrations[0], sharedMigrations[1], { Id: "3", Up: []string{ "CREATE FULLTEXT INDEX ladon_subject_compiled_idx ON ladon_subject (compiled)", "CREATE FULLTEXT INDEX ladon_action_compiled_idx ON ladon_action (compiled)", "CREATE FULLTEXT INDEX ladon_resource_compiled_idx ON ladon_resource (compiled)", }, Down: []string{ "DROP INDEX ladon_subject_compiled_idx", "DROP INDEX ladon_permission_compiled_idx", "DROP INDEX ladon_resource_compiled_idx", }, }, { Id: "4", Up: []string{ "alter table ladon_policy_permission add id int auto_increment primary key", "alter table ladon_policy_resource add id int auto_increment primary key", "alter table ladon_policy_subject add id int auto_increment primary key", }, Down: []string{ "alter table ladon_policy_permission drop column id", "alter table ladon_policy_resource drop column id", "alter table ladon_policy_subject drop column id", }, }, }, }, QueryInsertPolicy: `INSERT IGNORE INTO ladon_policy (id, description, effect, conditions) VALUES(?,?,?,?)`, QueryInsertPolicyActions: `INSERT IGNORE INTO ladon_action (id, template, compiled, has_regex) VALUES(?,?,?,?)`, QueryInsertPolicyActionsRel: `INSERT IGNORE INTO ladon_policy_action_rel (policy, action) VALUES(?,?)`, QueryInsertPolicyResources: `INSERT IGNORE INTO ladon_resource (id, template, compiled, has_regex) VALUES(?,?,?,?)`, QueryInsertPolicyResourcesRel: `INSERT IGNORE INTO ladon_policy_resource_rel (policy, resource) VALUES(?,?)`, QueryInsertPolicySubjects: `INSERT IGNORE INTO ladon_subject (id, template, compiled, has_regex) VALUES(?,?,?,?)`, QueryInsertPolicySubjectsRel: `INSERT IGNORE INTO ladon_policy_subject_rel (policy, subject) VALUES(?,?)`, QueryRequestCandidates: ` SELECT p.id, p.effect, p.conditions, p.description, subject.template AS subject, resource.template AS resource, action.template AS action FROM ladon_policy AS p INNER JOIN ladon_policy_subject_rel AS rs ON rs.policy = p.id LEFT JOIN ladon_policy_action_rel AS ra ON ra.policy = p.id LEFT JOIN ladon_policy_resource_rel AS rr ON rr.policy = p.id INNER JOIN ladon_subject AS subject ON rs.subject = subject.id LEFT JOIN ladon_action AS action ON ra.action = action.id LEFT JOIN ladon_resource AS resource ON rr.resource = resource.id WHERE (subject.has_regex = 0 AND subject.template = ?) OR (subject.has_regex = 1 AND CAST(? AS BINARY) REGEXP BINARY subject.compiled)`, }, }
Functions ¶
This section is empty.
Types ¶
type SQLManager ¶
type SQLManager struct {
// contains filtered or unexported fields
}
SQLManager is a postgres implementation for Manager to store policies persistently.
func NewSQLManager ¶
func NewSQLManager(db *sqlx.DB, schema []string) *SQLManager
NewSQLManager initializes a new SQLManager for given db instance.
func (*SQLManager) Create ¶
func (s *SQLManager) Create(policy Policy) (err error)
Create inserts a new policy
func (*SQLManager) CreateSchemas ¶
func (s *SQLManager) CreateSchemas(schema, table string) (int, error)
CreateSchemas creates ladon_policy tables
func (*SQLManager) FindPoliciesForResource ¶
func (s *SQLManager) FindPoliciesForResource(resource string) (Policies, error)
func (*SQLManager) FindPoliciesForSubject ¶
func (s *SQLManager) FindPoliciesForSubject(subject string) (Policies, error)
func (*SQLManager) FindRequestCandidates ¶
func (s *SQLManager) FindRequestCandidates(r *Request) (Policies, error)
func (*SQLManager) Get ¶
func (s *SQLManager) Get(id string) (Policy, error)
Get retrieves a policy.
func (*SQLManager) GetAll ¶
func (s *SQLManager) GetAll(limit, offset int64) (Policies, error)
GetAll returns all policies
func (*SQLManager) MigrateMigrationTable ¶ added in v4.0.1
func (s *SQLManager) MigrateMigrationTable(tableName string) error
MigrateMigrationTable checks if migration table exists. If not, we are upgrading from v3 and we need mimick the new one
func (*SQLManager) Update ¶
func (s *SQLManager) Update(policy Policy) error
Update updates an existing policy.
type SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7 ¶
type SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7 struct { DB *sqlx.DB SQLManager *SQLManager }
func (*SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) Create ¶
func (s *SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) Create(policy Policy) (err error)
Create inserts a new policy
func (*SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) GetManager ¶
func (s *SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) GetManager() Manager
func (*SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) Migrate ¶
func (s *SQLManagerMigrateFromMajor0Minor6ToMajor0Minor7) Migrate() error
Migrate retrieves a policy.
type Statements ¶
type Statements struct { Migrations *migrate.MemoryMigrationSource QueryInsertPolicy string QueryInsertPolicyActions string QueryInsertPolicyActionsRel string QueryInsertPolicyResources string QueryInsertPolicyResourcesRel string QueryInsertPolicySubjects string QueryInsertPolicySubjectsRel string QueryRequestCandidates string }
Click to show internal directories.
Click to hide internal directories.