gqlshield

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 13, 2019 License: MIT Imports: 12 Imported by: 18

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientRole

type ClientRole struct {
	ID   int    `json:"id"`
	Name string `json:"name"`
}

ClientRole represents a client role

type Config

type Config struct {
	// WhitelistOption enables query whitelisting when true
	WhitelistOption WhitelistOption

	// PersistencyManager is used for configuration state persistency.
	// Persistency is disabled if PersistencyManager is nil
	PersistencyManager PersistencyManager
}

Config defines the GraphQL shield configuration

func (*Config) SetDefaults

func (conf *Config) SetDefaults()

SetDefaults sets the default configuration options

type Entry

type Entry struct {
	Query          string
	Name           string
	Parameters     map[string]Parameter
	WhitelistedFor []int
}

Entry represents a whitelist entry prototype

type Error

type Error struct {
	Code    ErrorCode
	Message string
}

Error represents a typed GraphQL shield error

func (Error) Error

func (err Error) Error() string

type ErrorCode

type ErrorCode string

ErrorCode represents an error code

const (
	// ErrUnauthorized is returned when Check denies access
	ErrUnauthorized ErrorCode = "Unauthorized"

	// ErrWrongInput is returned when Check fails due to a client error
	ErrWrongInput ErrorCode = "WrongInput"
)

func ErrCode

func ErrCode(err error) ErrorCode

ErrCode returns the code of the GraphQLShield error (if it is one)

type GraphQLShield

type GraphQLShield interface {
	// WhitelistQueries adds the given queries to the whitelist
	// returning an error if one of the queries doesn't meet the requirements.
	WhitelistQueries(newEntry ...Entry) ([]Query, error)

	// RemoveQuery removes a query from the whitelist and returns true
	// if any query was removed as well as the actual removed query.
	RemoveQuery(query Query) error

	// Check returns an error if the given query isn't allowed for the given
	// client role to be executed or if the provided arguments are unacceptable.
	//
	// WARNING: query will be mutated during normalization! Manually copy the
	// query byte-slice if you don't want your inputs to be mutated.
	Check(
		clientRole int,
		query []byte,
		arguments map[string]*string,
	) ([]byte, error)

	// ListQueries returns all whitelisted queries.
	ListQueries() (map[string]Query, error)
}

GraphQLShield represents a GraphQL shield instance

func NewGraphQLShield

func NewGraphQLShield(
	config Config,
	clientRoles ...ClientRole,
) (GraphQLShield, error)

NewGraphQLShield creates a new GraphQL shield instance

type ID

type ID string

ID represents a universally unique identifier

func (ID) Validate

func (id ID) Validate() error

Validate returns an error if the ID has an invalid value

type Parameter

type Parameter struct {
	MaxValueLength uint32 `json:"max-value-length"`
}

Parameter represents a query parameter

type PersistencyManager

type PersistencyManager interface {
	// Load loads the GraphQL shield configuration
	Load() (*State, error)

	// Save persists the GraphQL shield configuration
	Save(*State) error
}

PersistencyManager represents a persistency manager

func NewPepersistencyManagerFileJSON

func NewPepersistencyManagerFileJSON(
	path string,
	syncWrite bool,
) (PersistencyManager, error)

NewPepersistencyManagerFileJSON creates a new JSON file based persistency manager

type Query

type Query interface {
	// Query returns a copy of the query string
	Query() []byte

	// ID returns the unique identifier of the query
	ID() ID

	// Creation returns the time of creation
	Creation() time.Time

	// Name returns the query name
	Name() string

	// Parameters returns a copy of the list of query parameters
	Parameters() map[string]Parameter

	// WhitelistedFor returns the copy of role IDs the query is whitelisted for
	WhitelistedFor() []int
}

Query represents a query object

type QueryModel

type QueryModel struct {
	Query          string               `json:"query"`
	Creation       time.Time            `json:"creation"`
	Name           string               `json:"name"`
	Parameters     map[string]Parameter `json:"parameters"`
	WhitelistedFor []int                `json:"whitelisted-for"`
}

QueryModel represents the model of a query entry for serialization

type State

type State struct {
	Roles              []ClientRole          `json:"roles"`
	WhitelistedQueries map[string]QueryModel `json:"whitelisted-queries"`
}

State represents the state of the GraphQL shield

type WhitelistOption

type WhitelistOption byte

WhitelistOption represents the query whitelist option

const (

	// WhitelistDisabled disables query whitelisting
	WhitelistDisabled WhitelistOption

	// WhitelistEnabled enables query whitelisting
	WhitelistEnabled
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL