appcfg

package
v0.0.0-...-ec844c3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 25, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	FeatureButterflyAnalysis            = "butterfly_analysis"
	FeatureEnableSAMLSSO                = "enable_saml_sso"
	FeatureScopeCollectionByOU          = "scope_collection_by_ou"
	FeatureAzureSupport                 = "azure_support"
	FeatureEntityPanelCaching           = "entity_panel_cache"
	FeatureAdcs                         = "adcs"
	FeatureClearGraphData               = "clear_graph_data"
	FeatureRiskExposureNewCalculation   = "risk_exposure_new_calculation"
	FeatureFedRAMPEULA                  = "fedramp_eula"
	FeatureDarkMode                     = "dark_mode"
	FeatureAutoTagT0ParentObjects       = "auto_tag_t0_parent_objects"
	FeatureOIDCSupport                  = "oidc_support"
	FeatureNTLMPostProcessing           = "ntlm_post_processing"
	FeatureTierManagement               = "tier_management_engine"
	FeatureChangelog                    = "changelog"
	FeatureETAC                         = "environment_targeted_access_control"
	FeatureOpenGraphSearch              = "opengraph_search"
	FeatureOpenGraphFindings            = "opengraph_findings"
	FeatureClientBearerAuth             = "client_bearer_auth"
	FeatureOpenGraphExtensionManagement = "opengraph_extension_management"
)

AvailableFlags has been removed and the db feature_flags table is the source of truth. Feature flag defaults should be added via migration *.sql files.

View Source 
const (
	DefaultPasswordExpirationWindow = time.Hour * 24 * 90

	DefaultSessionTTLHours = 8

	DefaultPruneBaseTTL           = time.Hour * 24 * 7
	DefaultPruneHasSessionEdgeTTL = time.Hour * 24 * 3

	MaxDawgsWorkerLimit         = 6 // This is the maximum analysis parallel workers during tagging
	DefaultDawgsWorkerLimit     = 2 // This is the parallel workers during tagging
	DefaultExpansionWorkerLimit = 3 // This is the size of the expansion worker pool during tagging
	DefaultSelectorWorkerLimit  = 7 // This is the size of the selector worker pool during tagging
)

Variables

This section is empty.

Functions

func GetAPITokensParameter 

func GetAPITokensParameter(ctx context.Context, service ParameterService) bool

func GetCitrixRDPSupport 

func GetCitrixRDPSupport(ctx context.Context, service ParameterService) bool

func GetFedRAMPCustomEULA 

func GetFedRAMPCustomEULA(ctx context.Context, service ParameterService) string

GetFedRAMPCustomEULA Note this is not gated by the FedEULA FF and that should be checked alongside this

func GetPasswordExpiration 

func GetPasswordExpiration(ctx context.Context, service ParameterService) time.Duration

func GetReconciliationParameter 

func GetReconciliationParameter(ctx context.Context, service ParameterService) bool

func GetSessionTTLHours 

func GetSessionTTLHours(ctx context.Context, service ParameterService) time.Duration

func GetStaleClientUpdatedLogic 

func GetStaleClientUpdatedLogic(ctx context.Context, service ParameterService) bool

func GetTieringEnabled 

func GetTieringEnabled(ctx context.Context, service GetFlagByKeyer) bool

TODO Cleanup after Tiering GA

func GetTimeoutLimitParameter 

func GetTimeoutLimitParameter(ctx context.Context, service ParameterService) bool

func GetTrustedProxiesParameters 

func GetTrustedProxiesParameters(ctx context.Context, service ParameterService) int

func ShouldRetainIngestedFiles 

func ShouldRetainIngestedFiles(ctx context.Context, service ParameterService) bool

Types

type AGTParameters 

type AGTParameters struct {
	DAWGsWorkerLimit     int `json:"dawgs_worker_limit,omitempty"`
	ExpansionWorkerLimit int `json:"expansion_worker_limit,omitempty"`
	SelectorWorkerLimit  int `json:"selector_worker_limit,omitempty"`
}

func GetAGTParameters 

func GetAGTParameters(ctx context.Context, service ParameterService) AGTParameters

type APITokensParameter 

type APITokensParameter struct {
	Enabled bool `json:"enabled"`
}

type AppConfigUpdateRequest 

type AppConfigUpdateRequest struct {
	Key   string         `json:"key"`
	Value map[string]any `json:"value"`
}

type CitrixRDPSupport 

type CitrixRDPSupport struct {
	Enabled bool `json:"enabled,omitempty"`
}

type EnvironmentTargetedAccessControlParameters 

type EnvironmentTargetedAccessControlParameters struct {
	Enabled bool `json:"enabled,omitempty"`
}

func GetEnvironmentTargetedAccessControlParameters 

func GetEnvironmentTargetedAccessControlParameters(ctx context.Context, service ParameterService) EnvironmentTargetedAccessControlParameters

type FeatureFlag 

type FeatureFlag struct {
	model.Serial

	// Key is the unique identifier for this feature flag that is also used as its storage-key. This is intended only
	// for internal referencing to and from the API when scoping operations to just this feature flag.
	Key string `json:"key" gorm:"unique"`

	// Name is a display friendly name for this particular flag.
	Name string `json:"name"`

	// Description is a display friendly paragraph describing the intent and utilization of the feature flag.
	Description string `json:"description"`

	// Enabled determines if the feature flag is active or not.
	Enabled bool `json:"enabled"`

	// UserUpdatable determines whether a user with the correct permissions can change the enablement of this feature flag.
	// Note that this does not prevent the system, in-code, from modifying the feature flag's state. The scope of this
	// value only applies to user interaction flows.
	UserUpdatable bool `json:"user_updatable"`
}

FeatureFlag defines the most basic details of what a feature flag must contain to be actionable. Feature flags should be self-descriptive as many use-cases will involve iterating over all available flags to display them back to the end-user.

func (FeatureFlag) AuditData 

func (s FeatureFlag) AuditData() model.AuditData

type FeatureFlagService 

type FeatureFlagService interface {
	GetFlagByKeyer

	// GetAllFlags gets all available runtime feature flags as a FeatureFlagSet for the application.
	GetAllFlags(ctx context.Context) ([]FeatureFlag, error)

	// GetFlag attempts to fetch a FeatureFlag by its ID.
	GetFlag(ctx context.Context, id int32) (FeatureFlag, error)

	// SetFlag attempts to store or update the given FeatureFlag by its feature Key.
	SetFlag(ctx context.Context, value FeatureFlag) error
}

FeatureFlagService defines a contract for fetching and setting feature flags.

type FeatureFlagSet 

type FeatureFlagSet map[string]FeatureFlag

FeatureFlagSet is a collection of flags indexed by their flag Key.

type FedEULACustomTextParameter 

type FedEULACustomTextParameter struct {
	CustomText string `json:"custom_text,omitempty"`
}

type GetFlagByKeyer 

type GetFlagByKeyer interface {
	// GetFlagByKey attempts to fetch a FeatureFlag by its key.
	GetFlagByKey(context.Context, string) (FeatureFlag, error)
}

type Neo4jParameters 

type Neo4jParameters struct {
	WriteFlushSize int `json:"write_flush_size,omitempty"`
	BatchWriteSize int `json:"batch_write_size,omitempty"`
}

func GetNeo4jParameters 

func GetNeo4jParameters(ctx context.Context, service ParameterService) Neo4jParameters

type Parameter 

type Parameter struct {
	Key         ParameterKey      `json:"key" gorm:"unique"`
	Name        string            `json:"name"`
	Description string            `json:"description"`
	Value       types.JSONBObject `json:"value"`

	model.Serial
}

Parameter is a runtime configuration parameter that can be fetched from the appcfg.ParameterService interface. The Value member is a DB-safe JSON type wrapper that can store arbitrary JSON objects and map them to golang struct definitions.

func ConvertAppConfigUpdateRequestToParameter 

func ConvertAppConfigUpdateRequestToParameter(appConfigUpdateRequest AppConfigUpdateRequest) (Parameter, error)

func (*Parameter) AuditData 

func (s *Parameter) AuditData() model.AuditData

func (*Parameter) IsProtectedKey 

func (s *Parameter) IsProtectedKey(parameterKey ParameterKey) bool

IsProtectedKey These keys should not be updatable by users

func (*Parameter) IsValidKey 

func (s *Parameter) IsValidKey(parameterKey ParameterKey) bool

func (*Parameter) Map 

func (s *Parameter) Map(value any) error

Map is a convenience function for mapping the data stored in the Value Parameter struct member onto a richer type provided by the given value.

func (*Parameter) Validate 

func (s *Parameter) Validate() utils.Errors

Validate WARNING - This will not protect the protected keys, use IsValidKey for that, this validates the json payload matches the intended parameter values

type ParameterKey 

type ParameterKey string
const (
	PasswordExpirationWindow ParameterKey = "auth.password_expiration_window"
	SessionTTLHours          ParameterKey = "auth.session_ttl_hours"
	Neo4jConfigs             ParameterKey = "neo4j.configuration"
	CitrixRDPSupportKey      ParameterKey = "analysis.citrix_rdp_support"
	PruneTTL                 ParameterKey = "prune.ttl"
	ReconciliationKey        ParameterKey = "analysis.reconciliation"
	ScheduledAnalysis        ParameterKey = "analysis.scheduled"

	// The below keys are not intended to be user updatable, so should not be added to IsValidKey
	TrustedProxiesConfig                ParameterKey = "http.trusted_proxies"
	FedEULACustomTextKey                ParameterKey = "eula.custom_text"
	TierManagementParameterKey          ParameterKey = "analysis.tiering"
	AGTParameterKey                     ParameterKey = "analysis.tagging"
	StaleClientUpdatedLogicKey          ParameterKey = "pipeline.updated_stale_client"
	RetainIngestedFilesKey              ParameterKey = "analysis.retain_ingest_files"
	APITokens                           ParameterKey = "auth.api_tokens"
	TimeoutLimit                        ParameterKey = "api.timeout_limit"
	EnvironmentTargetedAccessControlKey ParameterKey = "auth.environment_targeted_access_control"
)

type ParameterService 

type ParameterService interface {
	// GetAllConfigurationParameters gets all available runtime Parameters for the application.
	GetAllConfigurationParameters(ctx context.Context) (Parameters, error)

	// GetConfigurationParameter attempts to fetch a Parameter struct by its parameter name.
	GetConfigurationParameter(ctx context.Context, parameterKey ParameterKey) (Parameter, error)

	// SetConfigurationParameter attempts to store or update the given Parameter.
	SetConfigurationParameter(ctx context.Context, configurationParameter Parameter) error
}

ParameterService is a contract which defines expected functionality for fetching and setting Parameter from an abstract backend storage.

type Parameters 

type Parameters []Parameter

Parameters is a collection of Parameter structs.

type PasswordExpiration 

type PasswordExpiration struct {
	Duration time.Duration `json:"duration"`
}

func (*PasswordExpiration) UnmarshalJSON 

func (s *PasswordExpiration) UnmarshalJSON(data []byte) error

Because PasswordExpiration are stored as ISO strings, but we want to use them as durations, we override UnmarshalJSON to handle the conversion

type PruneTTLParameters 

type PruneTTLParameters struct {
	BaseTTL           time.Duration `json:"base_ttl,omitempty" validate:"duration,min=P4D,max=P30D"`
	HasSessionEdgeTTL time.Duration `json:"has_session_edge_ttl,omitempty" validate:"duration,min=P2D,max=P7D"`
}

func GetPruneTTLParameters 

func GetPruneTTLParameters(ctx context.Context, service ParameterService) PruneTTLParameters

func (*PruneTTLParameters) UnmarshalJSON 

func (s *PruneTTLParameters) UnmarshalJSON(data []byte) error

Because PruneTTLs are stored as ISO strings, but we want to use them as durations, we override UnmarshalJSON to handle the conversion

type ReconciliationParameter 

type ReconciliationParameter struct {
	Enabled bool `json:"enabled,omitempty"`
}

type RetainIngestedFilesParameter 

type RetainIngestedFilesParameter struct {
	Enabled bool `json:"enabled,omitempty"`
}

RetainIngestedFiles

type ScheduledAnalysisParameter 

type ScheduledAnalysisParameter struct {
	Enabled bool   `json:"enabled,omitempty"`
	RRule   string `json:"rrule,omitempty" validate:"rrule"`
}

func GetScheduledAnalysisParameter 

func GetScheduledAnalysisParameter(ctx context.Context, service ParameterService) (ScheduledAnalysisParameter, error)

type SessionTTLHoursParameter 

type SessionTTLHoursParameter struct {
	Hours int `json:"hours,omitempty"`
}

type StaleClientUpdatedLogic 

type StaleClientUpdatedLogic struct {
	Enabled bool `json:"enabled,omitempty"`
}

type TieringParameters 

type TieringParameters struct {
	TierLimit                int  `json:"tier_limit,omitempty"`
	LabelLimit               int  `json:"label_limit,omitempty"`
	MultiTierAnalysisEnabled bool `json:"multi_tier_analysis_enabled,omitempty"`
}

type TimeoutLimitParameter 

type TimeoutLimitParameter struct {
	Enabled bool `json:"enabled,omitempty"`
}

type TrustedProxiesParameters 

type TrustedProxiesParameters struct {
	TrustedProxies int `json:"trusted_proxies,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.