Documentation
¶
Overview ¶
Package privacy provides sets of types and helpers for writing privacy rules in user schemas, and deal with their evaluation at runtime.
Index ¶
- Variables
- func Allowf(format string, a ...any) error
- func DecisionContext(parent context.Context, decision error) context.Context
- func DecisionFromContext(ctx context.Context) (error, bool)
- func Denyf(format string, a ...any) error
- func NewPolicies(schemas ...interface{ Policy() fluent.Policy }) fluent.Policy
- func Skipf(format string, a ...any) error
- type MutationPolicy
- type MutationRule
- type MutationRuleFunc
- type Policies
- type Policy
- type QueryMutationRule
- type QueryPolicy
- type QueryRule
Constants ¶
This section is empty.
Variables ¶
var ( // Allow may be returned by rules to indicate that the policy // evaluation should terminate with an allow decision. Allow = errors.New("fluent/privacy: allow rule") // Deny may be returned by rules to indicate that the policy // evaluation should terminate with an deny decision. Deny = errors.New("fluent/privacy: deny rule") // Skip may be returned by rules to indicate that the policy // evaluation should continue to the next rule. Skip = errors.New("fluent/privacy: skip rule") )
List of policy decisions.
Functions ¶
func DecisionContext ¶
DecisionContext creates a new context from the given parent context with a policy decision attach to it.
func DecisionFromContext ¶
DecisionFromContext retrieves the policy decision from the context.
func NewPolicies ¶
NewPolicies creates an fluent.Policy from list of mixin.Schema and fluent.Schema that implement the fluent.Policy interface.
Note that, this is a runtime function used by the fluent generated code and should not be used in fluent/schemas as a privacy rule.
Types ¶
type MutationPolicy ¶
type MutationPolicy []MutationRule
MutationPolicy combines multiple mutation rules into a single policy.
func (MutationPolicy) EvalMutation ¶
EvalMutation evaluates a mutation against a mutation policy.
type MutationRule ¶
MutationRule defines the interface deciding whether a mutation is allowed and optionally modify it.
func DenyMutationOperationRule ¶
func DenyMutationOperationRule(op fluent.Op) MutationRule
DenyMutationOperationRule returns a rule denying specified mutation operation.
func OnMutationOperation ¶
func OnMutationOperation(rule MutationRule, op fluent.Op) MutationRule
OnMutationOperation evaluates the given rule only on a given mutation operation.
type MutationRuleFunc ¶
MutationRuleFunc type is an adapter which allows the use of ordinary functions as mutation rules.
func (MutationRuleFunc) EvalMutation ¶
EvalMutation returns f(ctx, m).
type Policies ¶
Policies combines multiple policies into a single policy.
Note that, this is a runtime type used by the fluent generated code and should not be used in fluent/schemas as a privacy rule.
func (Policies) EvalMutation ¶
EvalMutation evaluates the mutation policies. If the Allow error is returned from one of the policies, it stops the evaluation with a nil error.
type Policy ¶
type Policy struct {
Query QueryPolicy
Mutation MutationPolicy
}
Policy groups query and mutation policies.
func (Policy) EvalMutation ¶
EvalMutation forwards evaluation to mutate a policy.
type QueryMutationRule ¶
type QueryMutationRule interface {
QueryRule
MutationRule
}
QueryMutationRule is an interface which groups query and mutation rules.
func AlwaysAllowRule ¶
func AlwaysAllowRule() QueryMutationRule
AlwaysAllowRule returns a rule that returns an allow decision.
func AlwaysDenyRule ¶
func AlwaysDenyRule() QueryMutationRule
AlwaysDenyRule returns a rule that returns a deny decision.
func ContextQueryMutationRule ¶
func ContextQueryMutationRule(eval func(context.Context) error) QueryMutationRule
ContextQueryMutationRule creates a query/mutation rule from a context eval func.
type QueryPolicy ¶
type QueryPolicy []QueryRule
QueryPolicy combines multiple query rules into a single policy.
Source Files