Documentation ¶
Index ¶
- func ExecuteUserIDOperation(parent dyngo.Operation, args UserIDOperationArgs) error
- func MonitorUser(ctx context.Context, userID string) error
- func NewBlockHandler(status int, template string) http.Handler
- func OnData[T any](op dyngo.Operation, f func(T))
- func OnErrorData[T error](op dyngo.Operation, f func(T))
- type Action
- type Actions
- type GRPCWrapper
- type OnUserIDOperationStart
- type UserIDOperation
- type UserIDOperationArgs
- type UserIDOperationRes
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExecuteUserIDOperation ¶
func ExecuteUserIDOperation(parent dyngo.Operation, args UserIDOperationArgs) error
ExecuteUserIDOperation starts and finishes the UserID operation by emitting a dyngo start and finish events An error is returned if the user associated to that operation must be blocked
func MonitorUser ¶
MonitorUser starts and finishes a UserID operation. A call to the WAF is made to check the user ID and an error is returned if the user should be blocked. The return value is nil otherwise.
func NewBlockHandler ¶
NewBlockHandler creates, initializes and returns a new BlockRequestAction
func OnErrorData ¶
OnErrorData is a facilitator that wraps a dyngo.Operation.OnData() call with an error type constraint
Types ¶
type Action ¶
type Action struct {
// contains filtered or unexported fields
}
Action represents a WAF action. It holds the HTTP and gRPC handlers to be used instead of the regular request handler when said action is executed.
func NewBlockRequestAction ¶
NewBlockRequestAction creates an action for the "block" action type
func NewRedirectRequestAction ¶
NewRedirectRequestAction creates an action for the "redirect" action type
func (*Action) Blocking ¶
Blocking returns true if the action object represents a request blocking action
func (*Action) GRPC ¶
func (a *Action) GRPC() GRPCWrapper
GRPC returns the gRPC handler linked to the action object
type GRPCWrapper ¶
GRPCWrapper is an opaque prototype abstraction for a gRPC handler (to avoid importing grpc) that takes metadata as input and returns a status code and an error TODO: rely on strongly typed actions (with the actual grpc types) by introducing WAF constructors
living in the contrib packages, along with their dependencies - something like `appsec.RegisterWAFConstructor(newGRPCWAF)` Such constructors would receive the full appsec config and rules, so that they would be able to build specific blocking actions.
type OnUserIDOperationStart ¶
type OnUserIDOperationStart func(operation *UserIDOperation, args UserIDOperationArgs)
OnUserIDOperationStart function type, called when a user ID operation starts.
func (OnUserIDOperationStart) Call ¶
func (f OnUserIDOperationStart) Call(op dyngo.Operation, v interface{})
Call the underlying event listener function by performing the type-assertion on v whose type is the one returned by ListenedType().
func (OnUserIDOperationStart) ListenedType ¶
func (OnUserIDOperationStart) ListenedType() reflect.Type
ListenedType returns the type a OnUserIDOperationStart event listener listens to, which is the UserIDOperationStartArgs type.
type UserIDOperation ¶
UserIDOperation type representing a call to appsec.SetUser(). It gets both created and destroyed in a single call to ExecuteUserIDOperation
type UserIDOperationArgs ¶
type UserIDOperationArgs struct {
UserID string
}
UserIDOperationArgs is the user ID operation arguments.
type UserIDOperationRes ¶
type UserIDOperationRes struct{}
UserIDOperationRes is the user ID operation results.