fga

package

v0.1.1 Latest Latest Go to latest Published: Jul 29, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/zeiss/knox

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func NewAuthz(config ...Config) openapi.StrictMiddlewareFunc
func NewChecker(c *client.OpenFgaClient) *fgaImpl
func NewNoop() *noopImpl
func NoopResolvers() map[string]AuthzResolverFunc
type AuthzResolverFunc
- func NoopResolver() AuthzResolverFunc
type Checker
type Config
type Object
- func (o Object) String() string
type Relation
- func (r Relation) String() string
type ResolverMap
type User
- func (u User) String() string

Constants ¶

View Source

const (
	NoopUser     User     = ""
	NoopRelation Relation = ""
	NoopObject   Object   = ""
)

Variables ¶

View Source

var DefaultConfig = Config{
	Checker:      NewNoop(),
	Resolvers:    NoopResolvers(),
	DefaultError: fiber.ErrForbidden,
}

DefaultConfig contains the default configuration.

Functions ¶

func NewAuthz ¶

func NewAuthz(config ...Config) openapi.StrictMiddlewareFunc

NewAuthz returns a new authz middleware. nolint:contextcheck

func NewChecker ¶

func NewChecker(c *client.OpenFgaClient) *fgaImpl

NewChecker returns a new FGA authz checker.

func NewNoop ¶

func NewNoop() *noopImpl

NewNoop returns a new Noop authz checker.

func NoopResolvers ¶

func NoopResolvers() map[string]AuthzResolverFunc

NoopResolvers is a map of Noop resolvers.

Types ¶

type AuthzResolverFunc ¶

type AuthzResolverFunc func(ctx *fiber.Ctx) (User, Relation, Object, error)

AuthzResolverFunc is a function to resolve the authz values.

func NoopResolver ¶

func NoopResolver() AuthzResolverFunc

NoopResolver is a resolver that always returns Noop values.

type Checker ¶

type Checker interface {
	Allowed(ctx context.Context, user User, relation Relation, object Object) (bool, error)
}

Checker is the interface for the FGA authz checker.

type Config ¶

type Config struct {
	// Next defines a function to skip the current middleware.
	Next func(c *fiber.Ctx) bool
	// Checker defines a function to check the authorization.
	Checker Checker
	// Resolvers defines the resolvers for a specific operation.
	Resolvers ResolverMap
	// DefaultError defines the default error.
	DefaultError error
}

Config ...

type Object ¶

type Object string

Object is the action.

func (Object) String ¶

func (o Object) String() string

String returns the string representation of the object.

type Relation ¶

type Relation string

Relation is the object.

func (Relation) String ¶

func (r Relation) String() string

String returns the string representation of the relation.

type ResolverMap ¶

type ResolverMap map[string]AuthzResolverFunc

ResolverMap is a map of resolvers.

type User ¶

type User string

User is the subject.

func (User) String ¶

func (u User) String() string

String returns the string representation of the user.

Source Files ¶

View all Source files

fga.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL