Documentation
¶
Overview ¶
Package graph contains groups graph definitions and operations.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNoSuchGroup is returned when a group is not found in the groups graph. ErrNoSuchGroup = errors.New("no such group") // ErrInvalidPrincipalKind is returned when a principal has an invalid kind. ErrInvalidPrincipalKind = errors.New("invalid principal kind") // ErrInvalidPrincipalValue is returned when a principal has an invalid value. ErrInvalidPrincipalValue = errors.New("invalid principal value") )
Functions ¶
This section is empty.
Types ¶
type Graph ¶
type Graph struct {
// contains filtered or unexported fields
}
Graph represents a traversable group graph.
func NewGraph ¶
func NewGraph(groups []model.GraphableGroup) *Graph
NewGraph creates all groupNode(s) that are available in the graph.
func (*Graph) GetExpandedGroup ¶
func (g *Graph) GetExpandedGroup(ctx context.Context, name string, skipFilter bool) (*rpcpb.AuthGroup, error)
GetExpandedGroup returns the explicit membership rules for the group.
Note: a privacy filter for members was added in Auth Service v2. To support legacy endpoints and maintain the existing behavior of Auth Service v1, the privacy filter can be disabled with `skipFilter` set to `true`.
If the group exists in the Graph, the returned AuthGroup shall have the following fields:
- Name, the name of the group;
- Members, containing all unique members from both direct and indirect inclusions;
- Globs, containing all unique globs from both direct and indirect inclusions; and
- Nested, containing all unique nested groups from both direct and indirect inclusions.
- NumRedacted, the number of members redacted.
type GroupNode ¶
type GroupNode struct {
// contains filtered or unexported fields
}
GroupNode contains information related to an individual group.
type NodeKey ¶
type NodeKey struct {
// Type of Node, (identity, group, glob).
Kind NodeKind
// Name of node, group-name usually.
Value string
}
NodeKey represents a key to identify Nodes.
func ConvertPrincipal ¶
ConvertPrincipal handles the conversion of rpcpb.Principal -> graph.NodeKey.
func (*NodeKey) ToPermissionKey ¶
ToPermissionKey returns the key that would be associated with this node in a realms config.
type Subgraph ¶
type Subgraph struct {
// All nodes in Subgraph.
Nodes []*SubgraphNode
// contains filtered or unexported fields
}
Subgraph is directed multigraph with labeled edges and a designated root node. Nodes are assigned integer IDs and edges are stored as a map {node_from_id => label => node_to_id}.
type SubgraphNode ¶
type SubgraphNode struct {
NodeKey
// IncludedBy represents nodes that include this node.
IncludedBy []int32
}
SubgraphNode represents individual Nodes inside the Subgraph
func (*SubgraphNode) ToProto ¶
func (sn *SubgraphNode) ToProto() *rpcpb.Node
ToProto converts the SubgraphNode to the protobuffer equivalent Node for rpc.
Source Files