Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrNotFound = fmt.Errorf("role: %w", commonerrors.ErrNotFound) ErrAlreadyExists = fmt.Errorf("role: %w", commonerrors.ErrAlreadyExists) ErrHasDependents = fmt.Errorf("role: %w", commonerrors.ErrHasDependents) ErrInvalidGatewayID = fmt.Errorf("role: invalid gateway_id: %w", commonerrors.ErrValidation) ErrInvalidName = fmt.Errorf("role: invalid name: %w", commonerrors.ErrValidation) ErrInvalidRoleID = fmt.Errorf("role: invalid role_id: %w", commonerrors.ErrValidation) ErrInvalidModelPolicy = fmt.Errorf("role: invalid model policy: %w", commonerrors.ErrValidation) ErrInvalidJSON = fmt.Errorf("role: invalid json: %w", commonerrors.ErrValidation) )
Functions ¶
func ValidateOIDCMapping ¶
func ValidateOIDCMapping(raw json.RawMessage) error
Types ¶
type CreateParams ¶
type CreateParams struct {
GatewayID ids.GatewayID
Name string
ModelPolicies ModelPolicies
MCPPolicies *MCPPolicies
OIDCMapping json.RawMessage
RegistryIDs []ids.RegistryID
}
type ListFilter ¶
type MCPPolicies ¶
type MCPPolicies = consumerdomain.MCPPolicy
MCPPolicies mirrors the inline consumer MCP policy ({toolkit, fail_mode}) so the wire format is identical whether the policy lives on the consumer (routing_mode=inline) or on a role (routing_mode=role_based).
type ModelPolicies ¶
type ModelPolicies map[ids.RegistryID]ModelPolicy
func (*ModelPolicies) Scan ¶
func (m *ModelPolicies) Scan(value interface{}) error
func (ModelPolicies) Validate ¶
func (m ModelPolicies) Validate(validRegistryIDs map[ids.RegistryID]struct{}) error
type ModelPolicy ¶
type OIDCClaimOp ¶
type OIDCClaimOp string
const ( OIDCClaimEquals OIDCClaimOp = "equals" OIDCClaimContainsAny OIDCClaimOp = "contains_any" OIDCClaimContainsAll OIDCClaimOp = "contains_all" )
type OIDCClaimRule ¶
type OIDCClaimRule struct {
Path string `json:"path"`
Op OIDCClaimOp `json:"op"`
Values []string `json:"values"`
}
type OIDCMapping ¶
type OIDCMapping struct {
Match OIDCMatchMode `json:"match"`
Claims []OIDCClaimRule `json:"claims"`
}
func ParseOIDCMapping ¶
func ParseOIDCMapping(raw json.RawMessage) (*OIDCMapping, error)
func (OIDCMapping) Validate ¶
func (m OIDCMapping) Validate() error
type OIDCMatchMode ¶
type OIDCMatchMode string
const ( OIDCMatchAny OIDCMatchMode = "any" OIDCMatchAll OIDCMatchMode = "all" )
type Repository ¶
type Repository interface {
Save(ctx context.Context, r *Role) error
Update(ctx context.Context, r *Role) error
Delete(ctx context.Context, gatewayID ids.GatewayID, id ids.RoleID) error
FindByID(ctx context.Context, id ids.RoleID) (*Role, error)
FindByIDs(ctx context.Context, gatewayID ids.GatewayID, roleIDs []ids.RoleID) ([]*Role, error)
List(ctx context.Context, filter ListFilter) (items []*Role, total int, err error)
ListByGateway(ctx context.Context, gatewayID ids.GatewayID) ([]*Role, error)
AttachRegistry(ctx context.Context, roleID ids.RoleID, registryID ids.RegistryID) error
DetachRegistry(ctx context.Context, roleID ids.RoleID, registryID ids.RegistryID) error
DetachRegistryIfUnreferenced(ctx context.Context, gatewayID ids.GatewayID, roleID ids.RoleID, registryID ids.RegistryID) (*Role, error)
}
type Role ¶
type Role struct {
ID ids.RoleID `json:"id"`
GatewayID ids.GatewayID `json:"gateway_id"`
Name string `json:"name"`
ModelPolicies ModelPolicies `json:"model_policies,omitempty"`
MCPPolicies *MCPPolicies `json:"mcp_policies,omitempty"`
OIDCMapping json.RawMessage `json:"oidc_mapping,omitempty"`
RegistryIDs []ids.RegistryID `json:"registry_ids,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func New ¶
func New(params CreateParams) (*Role, error)
func Rehydrate ¶
func Rehydrate( id ids.RoleID, gatewayID ids.GatewayID, name string, modelPolicies ModelPolicies, mcpPolicies *MCPPolicies, idpMapping json.RawMessage, registryIDs []ids.RegistryID, createdAt, updatedAt time.Time, ) *Role
func (*Role) BoundRegistrySet ¶
func (r *Role) BoundRegistrySet() map[ids.RegistryID]struct{}
Click to show internal directories.
Click to hide internal directories.