policy

package
v0.7.15 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 17, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrNotExist      = errors.New("policies doesn't exist")
	ErrInvalidUUID   = errors.New("invalid syntax of uuid")
	ErrInvalidID     = errors.New("policy id is invalid")
	ErrConflict      = errors.New("policy already exist")
	ErrInvalidDetail = errors.New("invalid policy detail")
)

Functions

This section is empty.

Types

type Filter

type Filter struct {
	PrincipalType string
	PrincipalID   string
	OrgID         string
	ProjectID     string
	GroupID       string
	RoleID        string
}

type Filters

type Filters struct {
	UserID  string
	GroupID string
}

type Policy

type Policy struct {
	ID            string
	RoleID        string
	ResourceID    string `json:"resource_id"`
	ResourceType  string `json:"resource_type"`
	PrincipalID   string `json:"principal_id"`
	PrincipalType string `json:"principal_type"`
	Metadata      metadata.Metadata

	CreatedAt time.Time
	UpdatedAt time.Time
}

type RelationService

type RelationService interface {
	Create(ctx context.Context, rel relation.Relation) (relation.Relation, error)
	Delete(ctx context.Context, rel relation.Relation) error
}

type Repository

type Repository interface {
	Get(ctx context.Context, id string) (Policy, error)
	List(ctx context.Context, f Filter) ([]Policy, error)
	Upsert(ctx context.Context, pol Policy) (Policy, error)
	Delete(ctx context.Context, id string) error
}

type RoleService

type RoleService interface {
	Get(ctx context.Context, id string) (role.Role, error)
}

type Service

type Service struct {
	// contains filtered or unexported fields
}

func NewService

func NewService(repository Repository, relationService RelationService, roleService RoleService) *Service

func (Service) AssignRole

func (s Service) AssignRole(ctx context.Context, pol Policy) error

AssignRole Note: ideally this should be in a single transaction read more about how user defined roles work in spicedb https://authzed.com/blog/user-defined-roles

func (Service) Create

func (s Service) Create(ctx context.Context, policy Policy) (Policy, error)

func (Service) Delete

func (s Service) Delete(ctx context.Context, id string) error

func (Service) Get

func (s Service) Get(ctx context.Context, id string) (Policy, error)

func (Service) List

func (s Service) List(ctx context.Context, f Filter) ([]Policy, error)

func (Service) ListForUser added in v0.7.5

func (s Service) ListForUser(ctx context.Context, userID, objectNamespace, objectID string) ([]role.Role, error)

ListForUser lists roles assigned via policies to a user

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL