models

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 18, 2025 License: GPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccessRequestPending  = "Pending"
	AccessRequestApproved = "Approved"
	AccessRequestDenied   = "Denied"
	AccessRequestExpired  = "Expired"
	ProviderStatusGranted = "Granted"
	ProviderStatusRevoked = "Revoked"
	ProviderStatusError   = "Error"
)

Access request status constants

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessRequest 

type AccessRequest struct {
	Id        string               `gorm:"primaryKey" json:"id"`
	CreatedAt time.Time            `gorm:"index" swaggerignore:"true" json:"createdAt"`
	UpdatedAt time.Time            `swaggerignore:"true" json:"updatedAt"`
	DeletedAt *time.Time           `gorm:"index" swaggerignore:"true" json:"deletedAt,omitempty"`
	RoleRef   AccessRoleRef        `gorm:"embedded;embeddedPrefix:roleRef_" json:"roleRef"`
	Details   AccessRequestDetails `gorm:"embedded;embeddedPrefix:details_" json:"details"`
	Status    AccessRequestStatus  `swaggerignore:"true" gorm:"embedded;embeddedPrefix:status_" json:"status"`
}

Access request

func (*AccessRequest) Admit 

func (a *AccessRequest) Admit() *AccessRequest

func (*AccessRequest) GetApprovalRule 

func (s *AccessRequest) GetApprovalRule() ApprovalRule

func (*AccessRequest) GetProviderUsername 

func (s *AccessRequest) GetProviderUsername(provider string) string

func (*AccessRequest) GetRole 

func (s *AccessRequest) GetRole(roles []AccessRole) (AccessRole, error)

func (*AccessRequest) HasPermissions 

func (s *AccessRequest) HasPermissions(user string, groups []string, utype string) bool

func (*AccessRequest) SetApprovalRule 

func (s *AccessRequest) SetApprovalRule(rule ApprovalRule) *AccessRequest

func (*AccessRequest) SetExpiration 

func (s *AccessRequest) SetExpiration(ctx context.Context) *AccessRequest

func (*AccessRequest) SetProviderStatusError 

func (s *AccessRequest) SetProviderStatusError(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderStatusGranted 

func (s *AccessRequest) SetProviderStatusGranted(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderStatusRevoked 

func (s *AccessRequest) SetProviderStatusRevoked(provider string, details string, err string) *AccessRequest

func (*AccessRequest) SetProviderUsername 

func (s *AccessRequest) SetProviderUsername(provider string, value string) *AccessRequest

func (*AccessRequest) SetProviderUsernames 

func (s *AccessRequest) SetProviderUsernames(usernames map[string]string) *AccessRequest

func (*AccessRequest) SetRequester 

func (a *AccessRequest) SetRequester(requester string) *AccessRequest

func (*AccessRequest) SetStatusApprove 

func (a *AccessRequest) SetStatusApprove(approvedBy string) *AccessRequest

Method to approve the access request

func (*AccessRequest) SetStatusDenied 

func (a *AccessRequest) SetStatusDenied(approvedBy string) *AccessRequest

Method to deny the access request

func (*AccessRequest) SetStatusExpired 

func (a *AccessRequest) SetStatusExpired() *AccessRequest

Method to expire the access request

func (*AccessRequest) SetStatusPending 

func (a *AccessRequest) SetStatusPending() *AccessRequest

Method to set the access request to pending

func (*AccessRequest) SetTraceId 

func (s *AccessRequest) SetTraceId(ctx context.Context) *AccessRequest

type AccessRequestDetails 

type AccessRequestDetails struct {
	Justification string                 `json:"justification" example:"Need to access k8s namespace"`
	Attributes    map[string]interface{} `json:"attributes" gorm:"serializer:json"`
	TTL           string                 `json:"ttl" example:"72h"`
}

type AccessRequestStatus 

type AccessRequestStatus struct {
	Status            string                    `json:"status"`
	ApprovedBy        string                    `json:"approvedBy"`
	RequestedBy       string                    `json:"requestedBy"`
	ApprovalRule      ApprovalRule              `json:"approvalRule" gorm:"serializer:json"`
	ProviderUsernames map[string]string         `json:"providerUsernames" gorm:"serializer:json"`
	ProviderStatuses  map[string]ProviderStatus `json:"providerStatuses" gorm:"serializer:json"`
	ExpiresAt         *time.Time
	Trace             string `json:"trace"`
}

type AccessRole 

type AccessRole struct {
	Id              string            `gorm:"primaryKey" json:"id,omitempty" example:"3b7af992-5a30-4ce1-821b-cac8194a230b"`
	Name            string            `json:"name"`
	Description     string            `json:"description"`
	Tags            []string          `json:"tags" gorm:"serializer:json"`
	Annotations     map[string]string `json:"annotations" gorm:"serializer:json"`
	Providers       []ProviderConfig  `json:"providers" gorm:"serializer:json"` // Multiple access mappings for the role
	ApprovalRuleRef ApprovalRuleRef   `json:"approvalRuleRef" gorm:"embedded;embeddedPrefix:approvalRuleRef_"`
}

Access role

func (*AccessRole) GetApprovalRule 

func (a *AccessRole) GetApprovalRule(rules []ApprovalRule) ApprovalRule

func (*AccessRole) HasAccessRolePermissions 

func (a *AccessRole) HasAccessRolePermissions(user string, groups []string, rules []ApprovalRule) bool

HasApprovalPermission checks if a user is allowed to approve based on the approval rule.

type AccessRoleRef 

type AccessRoleRef struct {
	Name string `json:"name" example:"SRE-PU-ACCESS"`
}

type ActivityLog added in v0.3.0 

type ActivityLog struct {
	ID         string    `gorm:"primaryKey" json:"id" example:"0d2dab7cdcb4cf1d"`
	Date       time.Time `gorm:"index" json:"date"`
	Severity   string    `json:"severity"`
	RaisedBy   string    `json:"raisedBy"`
	ApprovedBy string    `json:"approvedBy"`
	Type       string    `json:"type"`
	Role       string    `json:"role"`
	Message    string    `json:"message"`
	RequestID  string    `json:"requestId"`
	EventID    string    `json:"eventId"`
}

func NewActivityLogFromEvent added in v0.3.0 

func NewActivityLogFromEvent(e Event) (*ActivityLog, error)

type ApprovalRule 

type ApprovalRule struct {
	Name             string   `json:"string"`
	AuthorCanApprove bool     `json:"authorCanApprove"`
	Users            []string `json:"users"`
	Groups           []string `json:"groups"`
}

type ApprovalRuleRef 

type ApprovalRuleRef struct {
	Name string `json:"name"`
}

type ClaimsMap 

type ClaimsMap struct {
	Claims                map[string]interface{} `json:"-"`
	*jwt.RegisteredClaims `swaggerignore:"true"`
}

ClaimsMap wraps a map[string]interface{} to represent dynamic claims

func NewClaimsMap 

func NewClaimsMap() ClaimsMap

func NewUnauthenticatedUserClaims 

func NewUnauthenticatedUserClaims() ClaimsMap

func (ClaimsMap) GetMap 

func (c ClaimsMap) GetMap(key string) map[string]interface{}

GetMap extracts a map[string]interface{} field from the claims map

func (ClaimsMap) GetProviderUsernamesFromClaim 

func (c ClaimsMap) GetProviderUsernamesFromClaim(claim string) map[string]string

func (ClaimsMap) GetString 

func (c ClaimsMap) GetString(key string) string

func (ClaimsMap) GetStringSlice 

func (c ClaimsMap) GetStringSlice(key string) []string

GetStringSlice extracts a string slice from ClaimsMap.

func (ClaimsMap) MarshalJSON 

func (c ClaimsMap) MarshalJSON() ([]byte, error)

func (*ClaimsMap) UnmarshalJSON 

func (c *ClaimsMap) UnmarshalJSON(data []byte) error

func (ClaimsMap) Valid 

func (c ClaimsMap) Valid() error

Valid implements the jwt.Claims interface

type Credential 

type Credential struct {
	Name       string               `json:"name"`
	FromSecret CredentialFromSecret `json:"fromSecret"`
	Data       map[string]string    `json:"data" gorm:"serializer:json"`
}

func (*Credential) GetString 

func (c *Credential) GetString(key string) string

type CredentialFromSecret 

type CredentialFromSecret struct {
	Name string `json:"name"`
}

type CredentialRef 

type CredentialRef struct {
	Name string `json:"name,omitempty"`
}

type Event added in v0.3.0 

type Event struct {
	ID            string            `gorm:"primaryKey" json:"id" example:"0d2dab7cdcb4cf1d"` // Pod ID
	CreatedAt     time.Time         `swaggerignore:"true" json:"createdAt,omitempty"`
	UpdatedAt     time.Time         `swaggerignore:"true" json:"updatedAt,omitempty"`
	TransactionID string            `gorm:"index" json:"transactionId" example:"0d2dab7cdcb4cf1d"`
	ParentID      string            `gorm:"index" swaggerignore:"true" json:"parentId"`
	ParentType    EventParentType   `gorm:"index" swaggerignore:"true" json:"parentType"`
	Tenant        string            `gorm:"index" swaggerignore:"true" json:"tenant"`
	Attributes    EventAttributes   `gorm:"embedded;embeddedPrefix:attributes_" json:"attributes"`
	Message       string            `json:"message"`
	Data          datatypes.JSONMap `swaggerignore:"true" json:"data"`
}

type EventAttributes added in v0.3.0 

type EventAttributes struct {
	Source string    `gorm:"index" example:"sview-hook" json:"source"`
	Type   string    `gorm:"index" example:"gitlab-mr" json:"type"`
	Date   time.Time `gorm:"index" example:"2022-02-28 18:03:49.750647+00" json:"date"`
	Author string    `gorm:"index" example:"john.doe" json:"author"`
}

func (*EventAttributes) UnmarshalJSON added in v0.3.0 

func (a *EventAttributes) UnmarshalJSON(data []byte) error

type EventParentType added in v0.3.0 

type EventParentType string
const (
	EventParentApplication EventParentType = "application"
	EventParentParameter   EventParentType = "parameter"
	EventParentSystem      EventParentType = "system"
	EventParentSecurity    EventParentType = "security"
)

type Health 

type Health struct {
	Healthy bool `json:"healthy"`
}

type ProviderConfig 

type ProviderConfig struct {
	Name          string            `json:"name"`
	RunAsync      bool              `json:"runAsync"`
	Provider      string            `json:"provider"`
	CredentialRef CredentialRef     `json:"credentialRef" gorm:"embedded;embeddedPrefix:credentialRef_"`
	Parameters    map[string]string `json:"parameters" gorm:"serializer:json"`
}

type ProviderStatus 

type ProviderStatus struct {
	Action  string `json:"action" example:"Granted"`
	Details string `json:"details" example:"Group: sre-pu-sers"`
	Error   string `json:"error" example:"Group does not exist"`
}

type ProviderUsernames 

type ProviderUsernames struct {
	ProviderUsernames map[string]string `json:"providerUsernames" gorm:"serializer:json"`
}

type User added in v0.2.0 

type User struct {
	Id       string   `gorm:"primaryKey" json:"id"`
	Username string   `json:"username"`
	Roles    []string `json:"roles,omitempty"`
}

type UserProfile 

type UserProfile struct {
	Id       string              `gorm:"primaryKey" json:"id"`
	Username string              `json:"username"`
	Settings UserProfileSettings `json:"settings" gorm:"embedded;embeddedPrefix:settings_"`
}

func (*UserProfile) GetUser added in v0.2.0 

func (p *UserProfile) GetUser() User

func (*UserProfile) Validate 

func (p *UserProfile) Validate() error

type UserProfileSettings 

type UserProfileSettings struct {
	ProviderUsernames
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.