graph

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 22, 2024 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Index

Constants

View Source 
const Ellipsis = "..."

Ellipsis relation is used to signify a semantic-free relationship.

Variables

View Source 
var ErrLimitReached = fmt.Errorf("limit has been reached")

Functions

func AlwaysFailExpand 

func AlwaysFailExpand(_ context.Context, resultChan chan<- ExpandResult)

AlwaysFailExpand is a ReduceableExpandFunc which will always fail when reduced.

func NewAlwaysFailErr 

func NewAlwaysFailErr() error

NewAlwaysFailErr constructs a new always fail error.

func NewCheckFailureErr 

func NewCheckFailureErr(baseErr error) error

NewCheckFailureErr constructs a new check failed error.

func NewExpansionFailureErr 

func NewExpansionFailureErr(baseErr error) error

NewExpansionFailureErr constructs a new expansion failed error.

func NewInvalidCursorErr 

func NewInvalidCursorErr(dispatchCursorVersion uint32, cursor *dispatch.Cursor) error

NewInvalidCursorErr constructs a new unimplemented error.

func NewRelationMissingTypeInfoErr 

func NewRelationMissingTypeInfoErr(nsName string, relationName string) error

NewRelationMissingTypeInfoErr constructs a new relation not missing type information error.

func NewRelationNotFoundErr 

func NewRelationNotFoundErr(nsName string, relationName string) error

NewRelationNotFoundErr constructs a new relation not found error.

func NewSyncONRSet added in v0.0.3 

func NewSyncONRSet() *syncONRSet

func NewUnimplementedErr 

func NewUnimplementedErr(baseErr error) error

NewUnimplementedErr constructs a new unimplemented error.

func NewWildcardNotAllowedErr added in v0.0.3 

func NewWildcardNotAllowedErr(message string, fieldName string) error

NewWildcardNotAllowedErr constructs an error indicating that a wildcard was not allowed.

Types

type CheckResult 

type CheckResult struct {
	Resp *v1.DispatchCheckResponse
	Err  error
}

CheckResult is the data that is returned by a single check or sub-check.

func (CheckResult) ResultError added in v0.0.3 

func (cr CheckResult) ResultError() error

type CheckResultsMap 

type CheckResultsMap map[string]*v1.ResourceCheckResult

CheckResultsMap defines a type that is a map from resource ID to ResourceCheckResult. This must match that defined in the DispatchCheckResponse for the `results_by_resource_id` field.

type ConcurrentChecker 

type ConcurrentChecker struct {
	// contains filtered or unexported fields
}

ConcurrentChecker exposes a method to perform Check requests, and delegates subproblems to the provided dispatch.Check instance.

func NewConcurrentChecker 

func NewConcurrentChecker(d dispatch.Check, concurrencyLimit uint16, dispatchChunkSize uint16) *ConcurrentChecker

NewConcurrentChecker creates an instance of ConcurrentChecker.

func (*ConcurrentChecker) Check 

func (cc *ConcurrentChecker) Check(ctx context.Context, req ValidatedCheckRequest, relation *core.Relation) (*v1.DispatchCheckResponse, error)

Check performs a check request with the provided request and context

type ConcurrentExpander 

type ConcurrentExpander struct {
	// contains filtered or unexported fields
}

ConcurrentExpander exposes a method to perform Expand requests, and delegates subproblems to the provided dispatch.Expand instance.

func NewConcurrentExpander 

func NewConcurrentExpander(d dispatch.Expand) *ConcurrentExpander

NewConcurrentExpander creates an instance of ConcurrentExpander

func (*ConcurrentExpander) Expand 

func (ce *ConcurrentExpander) Expand(ctx context.Context, req ValidatedExpandRequest, relation *core.Relation) (*v1.DispatchExpandResponse, error)

Expand performs an expand request with the provided request and context.

type ConcurrentLookupSubjects 

type ConcurrentLookupSubjects struct {
	// contains filtered or unexported fields
}

func NewConcurrentLookupSubjects 

func NewConcurrentLookupSubjects(d dispatch.LookupSubjects, concurrencyLimit uint16, dispatchChunkSize uint16) *ConcurrentLookupSubjects

NewConcurrentLookupSubjects creates an instance of ConcurrentLookupSubjects.

func (*ConcurrentLookupSubjects) LookupSubjects 

func (cl *ConcurrentLookupSubjects) LookupSubjects(
	req ValidatedLookupSubjectsRequest,
	stream dispatch.LookupSubjectsStream,
) error

type CursoredLookupResources 

type CursoredLookupResources struct {
	// contains filtered or unexported fields
}

CursoredLookupResources exposes a method to perform LookupResources requests, and delegates subproblems to the provided dispatch.Lookup instance.

func NewCursoredLookupResources 

func NewCursoredLookupResources(c dispatch.Check, r dispatch.ReachableResources, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredLookupResources

NewCursoredLookupResources creates and instance of CursoredLookupResources.

func (*CursoredLookupResources) LookupResources 

func (cl *CursoredLookupResources) LookupResources(
	req ValidatedLookupResourcesRequest,
	parentStream dispatch.LookupResourcesStream,
) error

type CursoredLookupResources2 added in v0.0.3 

type CursoredLookupResources2 struct {
	// contains filtered or unexported fields
}

func NewCursoredLookupResources2 added in v0.0.3 

func NewCursoredLookupResources2(dl dispatch.LookupResources2, dc dispatch.Check, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredLookupResources2

func (*CursoredLookupResources2) LookupResources2 added in v0.0.3 

func (crr *CursoredLookupResources2) LookupResources2(
	req ValidatedLookupResources2Request,
	stream dispatch.LookupResources2Stream,
) error

type CursoredReachableResources 

type CursoredReachableResources struct {
	// contains filtered or unexported fields
}

CursoredReachableResources exposes a method to perform ReachableResources requests, and delegates subproblems to the provided dispatch.ReachableResources instance.

func NewCursoredReachableResources 

func NewCursoredReachableResources(d dispatch.ReachableResources, concurrencyLimit uint16, dispatchChunkSize uint16) *CursoredReachableResources

NewCursoredReachableResources creates an instance of CursoredReachableResources.

func (*CursoredReachableResources) ReachableResources 

func (crr *CursoredReachableResources) ReachableResources(
	req ValidatedReachableResourcesRequest,
	stream dispatch.ReachableResourcesStream,
) error

type ErrAlwaysFail 

type ErrAlwaysFail struct {
	// contains filtered or unexported fields
}

ErrAlwaysFail is returned when an internal error leads to an operation guaranteed to fail.

type ErrCheckFailure 

type ErrCheckFailure struct {
	// contains filtered or unexported fields
}

ErrCheckFailure occurs when check failed in some manner. Note this should not apply to namespaces and relations not being found.

func (ErrCheckFailure) Unwrap 

func (e ErrCheckFailure) Unwrap() error

type ErrExpansionFailure 

type ErrExpansionFailure struct {
	// contains filtered or unexported fields
}

ErrExpansionFailure occurs when expansion failed in some manner. Note this should not apply to namespaces and relations not being found.

func (ErrExpansionFailure) Unwrap 

func (e ErrExpansionFailure) Unwrap() error

type ErrInvalidCursor 

type ErrInvalidCursor struct {
	// contains filtered or unexported fields
}

ErrInvalidCursor is returned when a cursor is no longer valid.

func (ErrInvalidCursor) GRPCStatus 

func (err ErrInvalidCursor) GRPCStatus() *status.Status

GRPCStatus implements retrieving the gRPC status for the error.

type ErrRelationMissingTypeInfo 

type ErrRelationMissingTypeInfo struct {
	// contains filtered or unexported fields
}

ErrRelationMissingTypeInfo defines an error for when type information is missing from a relation during a lookup.

func (ErrRelationMissingTypeInfo) DetailsMetadata 

func (err ErrRelationMissingTypeInfo) DetailsMetadata() map[string]string

DetailsMetadata returns the metadata for details for this error.

func (ErrRelationMissingTypeInfo) MarshalZerologObject 

func (err ErrRelationMissingTypeInfo) MarshalZerologObject(e *zerolog.Event)

func (ErrRelationMissingTypeInfo) NamespaceName 

func (err ErrRelationMissingTypeInfo) NamespaceName() string

NamespaceName returns the name of the namespace in which the relation was found.

func (ErrRelationMissingTypeInfo) RelationName 

func (err ErrRelationMissingTypeInfo) RelationName() string

RelationName returns the name of the relation missing type information.

type ErrRelationNotFound 

type ErrRelationNotFound struct {
	// contains filtered or unexported fields
}

ErrRelationNotFound occurs when a relation was not found under a namespace.

func (ErrRelationNotFound) DetailsMetadata 

func (err ErrRelationNotFound) DetailsMetadata() map[string]string

DetailsMetadata returns the metadata for details for this error.

func (ErrRelationNotFound) MarshalZerologObject 

func (err ErrRelationNotFound) MarshalZerologObject(e *zerolog.Event)

func (ErrRelationNotFound) NamespaceName 

func (err ErrRelationNotFound) NamespaceName() string

NamespaceName returns the name of the namespace in which the relation was not found.

func (ErrRelationNotFound) NotFoundRelationName 

func (err ErrRelationNotFound) NotFoundRelationName() string

NotFoundRelationName returns the name of the relation not found.

type ErrUnimplemented 

type ErrUnimplemented struct {
	// contains filtered or unexported fields
}

ErrUnimplemented is returned when some functionality is not yet supported.

func (ErrUnimplemented) Unwrap 

func (e ErrUnimplemented) Unwrap() error

type ErrWildcardNotAllowed added in v0.0.3 

type ErrWildcardNotAllowed struct {
	// contains filtered or unexported fields
}

ErrWildcardNotAllowed occurs when a request sent has an invalid wildcard argument.

func (ErrWildcardNotAllowed) GRPCStatus added in v0.0.3 

func (err ErrWildcardNotAllowed) GRPCStatus() *status.Status

GRPCStatus implements retrieving the gRPC status for the error.

type ExpandReducer 

type ExpandReducer func(
	ctx context.Context,
	start *core.ObjectAndRelation,
	requests []ReduceableExpandFunc,
) ExpandResult

ExpandReducer is a type for the functions Any and All which combine check results.

type ExpandResult 

type ExpandResult struct {
	Resp *v1.DispatchExpandResponse
	Err  error
}

ExpandResult is the data that is returned by a single expand or sub-expand.

func (ExpandResult) ResultError added in v0.0.3 

func (er ExpandResult) ResultError() error

type MembershipSet 

type MembershipSet struct {
	// contains filtered or unexported fields
}

MembershipSet is a helper set that trackes the membership results for a dispatched Check request, including tracking of the caveats associated with found resource IDs.

func NewMembershipSet 

func NewMembershipSet() *MembershipSet

NewMembershipSet constructs a new helper set for tracking the membership found for a dispatched check request.

func (*MembershipSet) AddDirectMember 

func (ms *MembershipSet) AddDirectMember(resourceID string, caveat *core.ContextualizedCaveat)

AddDirectMember adds a resource ID that was *directly* found for the dispatched check, with optional caveat found on the relationship.

func (*MembershipSet) AddMemberViaRelationship 

func (ms *MembershipSet) AddMemberViaRelationship(
	resourceID string,
	resourceCaveatExpression *core.CaveatExpression,
	parentRelationship *core.RelationTuple,
)

AddMemberViaRelationship adds a resource ID that was found via another relationship, such as the result of an arrow operation. The `parentRelationship` is the relationship that was followed before the resource itself was resolved. This method will properly apply the caveat(s) from both the parent relationship and the resource's result itself, assuming either have a caveat associated.

func (*MembershipSet) AddMemberWithOptionalCaveats added in v0.0.3 

func (ms *MembershipSet) AddMemberWithOptionalCaveats(
	resourceID string,
	caveats []*core.CaveatExpression,
)

AddMemberWithOptionalCaveats adds the given resource ID as a member with the optional caveats combined via intersection.

func (*MembershipSet) AddMemberWithParentCaveat added in v0.0.3 

func (ms *MembershipSet) AddMemberWithParentCaveat(
	resourceID string,
	resourceCaveatExpression *core.CaveatExpression,
	parentCaveat *core.ContextualizedCaveat,
)

AddMemberWithParentCaveat adds the given resource ID as a member with the parent caveat combined via intersection with the resource's caveat. The parent caveat may be nil.

func (*MembershipSet) AsCheckResultsMap 

func (ms *MembershipSet) AsCheckResultsMap() CheckResultsMap

AsCheckResultsMap converts the membership set back into a CheckResultsMap for placement into a DispatchCheckResult.

func (*MembershipSet) GetResourceID added in v0.0.3 

func (ms *MembershipSet) GetResourceID(resourceID string) (bool, *core.CaveatExpression)

GetResourceID returns a bool indicating whether the resource is found in the set and the associated caveat expression, if any.

func (*MembershipSet) HasConcreteResourceID 

func (ms *MembershipSet) HasConcreteResourceID(resourceID string) bool

HasConcreteResourceID returns whether the resourceID was found in the set and has no caveat attached.

func (*MembershipSet) HasDeterminedMember 

func (ms *MembershipSet) HasDeterminedMember() bool

HasDeterminedMember returns whether there exists at least one non-caveated member of the set.

func (*MembershipSet) IntersectWith 

func (ms *MembershipSet) IntersectWith(resultsMap CheckResultsMap)

IntersectWith intersects the results found in the given map with the members of this set. The changes are made in-place.

func (*MembershipSet) IsEmpty 

func (ms *MembershipSet) IsEmpty() bool

IsEmpty returns true if the set is empty.

func (*MembershipSet) Size 

func (ms *MembershipSet) Size() int

Size returns the number of elements in the membership set.

func (*MembershipSet) Subtract 

func (ms *MembershipSet) Subtract(resultsMap CheckResultsMap)

Subtract subtracts the results found in the given map with the members of this set. The changes are made in-place.

func (*MembershipSet) UnionWith 

func (ms *MembershipSet) UnionWith(resultsMap CheckResultsMap)

UnionWith combines the results found in the given map with the members of this set. The changes are made in-place.

type ReduceableExpandFunc 

type ReduceableExpandFunc func(ctx context.Context, resultChan chan<- ExpandResult)

ReduceableExpandFunc is a function that can be bound to a execution context.

type ValidatedCheckRequest 

type ValidatedCheckRequest struct {
	*v1.DispatchCheckRequest
	Revision datastore.Revision

	// OriginalRelationName is the original relation/permission name that was used in the request,
	// before being changed due to aliasing.
	OriginalRelationName string
}

ValidatedCheckRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedExpandRequest 

type ValidatedExpandRequest struct {
	*v1.DispatchExpandRequest
	Revision datastore.Revision
}

ValidatedExpandRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedLookupResources2Request added in v0.0.3 

type ValidatedLookupResources2Request struct {
	*v1.DispatchLookupResources2Request
	Revision datastore.Revision
}

type ValidatedLookupResourcesRequest 

type ValidatedLookupResourcesRequest struct {
	*v1.DispatchLookupResourcesRequest
	Revision datastore.Revision
}

ValidatedLookupResourcesRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedLookupSubjectsRequest 

type ValidatedLookupSubjectsRequest struct {
	*v1.DispatchLookupSubjectsRequest
	Revision datastore.Revision
}

ValidatedLookupSubjectsRequest represents a request after it has been validated and parsed for internal consumption.

type ValidatedReachableResourcesRequest 

type ValidatedReachableResourcesRequest struct {
	*v1.DispatchReachableResourcesRequest
	Revision datastore.Revision
}

ValidatedReachableResourcesRequest represents a request after it has been validated and parsed for internal consumption.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.