Documentation
¶
Index ¶
Constants ¶
const DataAccessSyncerName = "dataAccessSyncer"
DataAccessSyncerName constant should not be used directly when implementing plugins. It's the registration name for the data access syncer plugin, used by the CLI and the cli-plugin-base library (RegisterPlugins function) to register the plugins.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DataAccess ¶
type DataAccess struct {
Id string
DataObject *DataObject `yaml:"dataObject"`
Permissions []string
Users []string
Rule *Rule
}
DataAccess is the structure for one data access element. It has:
- Id: the UUID of the data access element. Typically, this is not needed.
- DataObject: the data object (e.g. schema, table, column) this data access is applicable to.
- Permissions: the list of (Raito) permissions that are granted to the users on the data object.
- Users: the list of users the permissions are granted to.
- Rule (optional): the Raito policy rule this data access is generated from. Can be nil if not generated by a policy rule.
func (*DataAccess) CalculateHash ¶
func (d *DataAccess) CalculateHash() string
CalculateHash calculates a hash for this data access element. It's used in the CLI code to flatten a list of data access elements for a data source.
func (*DataAccess) Merge ¶
func (d *DataAccess) Merge(input []*DataAccess) *DataAccess
Merge merges multiple data access elements together in one. It's used in the CLI code to flatten a list of data access elements for a data source.
type DataAccessResult ¶
type DataAccessResult struct {
LastCalculated int64 `yaml:"lastCalculated"`
AccessRights []*DataAccess `yaml:"accessRights"`
}
DataAccessResult is the main structure containing the information coming from Raito describing the data access rules for this data source.
type DataAccessSyncConfig ¶
type DataAccessSyncConfig struct {
config.ConfigMap
DataAccess *DataAccessResult
Prefix string
}
DataAccessSyncConfig represents the configuration that is passed from the CLI to the DataAccessSyncer plugin interface. It contains all the necessary configuration parameters for the plugin to function.
type DataAccessSyncResult ¶ added in v0.22.0
type DataAccessSyncResult struct {
Error *api.ErrorResult
}
DataAccessSyncResult represents the result from the data access sync process. A potential error is also modeled in here so specific errors remain intact when passed over RPC.
type DataAccessSyncer ¶
type DataAccessSyncer interface {
SyncDataAccess(config *DataAccessSyncConfig) DataAccessSyncResult
}
DataAccessSyncer interface needs to be implemented by any plugin that wants to push data access rules from Raito to its underlying data source.
type DataAccessSyncerPlugin ¶
type DataAccessSyncerPlugin struct {
Impl DataAccessSyncer
}
DataAccessSyncerPlugin is used on the server (CLI) and client (plugin) side to integrate with the plugin system. A plugin should not be using this directly, but instead depend on the cli-plugin-base library to register the plugins.
func (DataAccessSyncerPlugin) Client ¶
func (DataAccessSyncerPlugin) Client(b *plugin.MuxBroker, c *rpc.Client) (interface{}, error)
func (*DataAccessSyncerPlugin) Server ¶
func (p *DataAccessSyncerPlugin) Server(*plugin.MuxBroker) (interface{}, error)
type DataObject ¶
type DataObject struct {
Type string
Name string
Parent *DataObject
Path string `yaml:"-"`
}
DataObject represents the information about a data object. It will refer to a parent data object. Parent will be nil if this is a top-level data-object.
func (*DataObject) BuildPath ¶
func (d *DataObject) BuildPath(sep string) string
BuildPath builds the full path of a data object, using the given separator. For example: table 'Employees' in schema 'CompanyX' in database 'Internal' will result in 'Internal.CompanyX.Employees' when using a dot (.) as separator.
Source Files