rule

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 15, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package rule contains policy rules

Index

Constants

View Source
const (
	// ProgramParent is the parent type for program
	ProgramParent = "program"
	// ControlParent is the parent type for control
	ControlParent = "control"
)

Variables

This section is empty.

Functions

func AllowAfterApplyingPrivacyTokenFilter

func AllowAfterApplyingPrivacyTokenFilter[T PrivacyToken](emptyToken PrivacyToken) privacy.QueryMutationRule

AllowAfterApplyingPrivacyTokenFilter allows the mutation to proceed if a privacy token of a specific type is found in the context. It also applies a privacy filter to the token before allowing the mutation to proceed

func AllowIfContextHasPrivacyTokenOfType

func AllowIfContextHasPrivacyTokenOfType(emptyToken token.PrivacyToken) privacy.QueryMutationRule

AllowIfContextHasPrivacyTokenOfType allows a mutation to proceed if a privacy token of a specific type is found in the context. It checks if the actual type of the token in the context matches the expected type, and if so, it returns `privacy.Allow`. If the types do not match, it returns `privacy.Skipf` with a message indicating that no token was found in the context with the expected type

func AllowIfSelf

func AllowIfSelf() privacy.QueryMutationRule

AllowIfSelf determines whether a query or mutation operation should be allowed based on whether the requested data is for the viewer

func AllowMutationAfterApplyingOwnerFilter

func AllowMutationAfterApplyingOwnerFilter() privacy.MutationRule

AllowMutationAfterApplyingOwnerFilter defines a privacy rule for mutations in the context of an owner filter

func AllowMutationIfContextHasValidEmailSignUpToken

func AllowMutationIfContextHasValidEmailSignUpToken(getEmail MutationEmailGetter) privacy.MutationRule

AllowMutationIfContextHasValidEmailSignUpToken is used to determine whether a mutation should be allowed or skipped based on the presence and validity of an email signup token in the context

func CanCreateObjectsUnderParent added in v0.5.0

func CanCreateObjectsUnderParent[T generated.Mutation](parentType string) privacy.MutationRuleFunc

CanCreateObjectsUnderParent is a rule that returns allow decision if user has edit access in the parent(s) which allows them to create objects associated with the parent

func CanInviteUsers

func CanInviteUsers() privacy.InviteMutationRuleFunc

CanInviteUsers is a rule that returns allow decision if user has access to invite members or admins to the organization

func CheckGroupBasedObjectCreationAccess added in v0.5.0

func CheckGroupBasedObjectCreationAccess() privacy.MutationRuleFunc

CheckGroupBasedObjectCreationAccess is a rule that returns allow decision if user has access to create the given object in the organization

func CheckOrgAccess added in v0.4.1

func CheckOrgAccess(ctx context.Context, relation string) error

CheckOrgAccess checks if the authenticated user has access to the organization based on the relation provided This rule assumes that the organization id and user id are set in the context and only checks for access to the single organization

func ContextHasPrivacyTokenOfType

func ContextHasPrivacyTokenOfType(ctx context.Context, emptyToken token.PrivacyToken) bool

ContextHasPrivacyTokenOfType checks the context for the token type and returns true if they match

func HasOrgMutationAccess

func HasOrgMutationAccess() privacy.OrganizationMutationRuleFunc

HasOrgMutationAccess is a rule that returns allow decision if user has edit or delete access

Types

type ControlParentMutation added in v0.5.0

type ControlParentMutation interface {
	ControlsIDs() []string
}

ControlParentMutation is an interface that defines the method to get the control ids from the mutation

type MutationEmailGetter

type MutationEmailGetter func(generated.Mutation) (string, error)

type PrivacyToken added in v0.5.0

type PrivacyToken interface {
	GetContextKey() interface{}
	GetToken() string
}

type ProgramParentMutation added in v0.5.0

type ProgramParentMutation interface {
	ProgramsIDs() []string
}

ProgramParentMutation is an interface that defines the method to get the program ids from the mutation

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL