groupsync

package
v1.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 22, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const ErrTargetUserIDNotFound = Error("target user ID not found")

ErrTargetUserIDNotFound denotes when the user ID for the target system cannot be found.

Variables

This section is empty.

Functions

func ConcurrentSync 

func ConcurrentSync(ctx context.Context, syncer v1alpha3.GroupSyncer, sourceGroupIDs []string) error

ConcurrentSync syncs the given source groups concurrently using the given syncer. The level of concurrency is based of the value of runtime.NumCPU.

Types

type Error 

type Error string

func (Error) Error 

func (e Error) Error() string

type Group 

type Group struct {
	// ID is the group's ID in the group system.
	ID string `json:"id,omitempty"`
	// Attributes represent arbitrary attributes about the group
	// in the given group system. This field is typically set by
	// the corresponding GroupReader when retrieving the group.
	Attributes any `json:"attributes,omitempty"`
}

Group represents a group in a group system.

type GroupMember 

type GroupMember struct {
	Grp *Group
}

GroupMember represents a group membership of a group.

func (*GroupMember) Group 

func (g *GroupMember) Group() (*Group, error)

Group returns the underlying group of this Member.

func (*GroupMember) ID 

func (g *GroupMember) ID() string

ID is the group's ID in the group system.

func (*GroupMember) IsGroup 

func (g *GroupMember) IsGroup() bool

IsGroup returns whether this Member is a Group. Always returns true.

func (*GroupMember) IsUser 

func (g *GroupMember) IsUser() bool

IsUser returns whether this Member is a User. Always returns false.

func (*GroupMember) User 

func (g *GroupMember) User() (*User, error)

User returns an error.

type GroupReadWriter 

type GroupReadWriter interface {
	GroupReader
	GroupWriter
}

GroupReadWriter provides both read and write operations for a group system.

type GroupReader 

type GroupReader interface {
	// Descendants retrieve all users (children, recursively) of a group.
	Descendants(ctx context.Context, groupID string) ([]*User, error)

	// GetGroup retrieves the Group with the given ID.
	GetGroup(ctx context.Context, groupID string) (*Group, error)

	// GetMembers retrieves the direct members (children) of the group with given ID.
	GetMembers(ctx context.Context, groupID string) ([]Member, error)

	// GetUser retrieves the User with the given ID.
	GetUser(ctx context.Context, userID string) (*User, error)
}

GroupReader provides read operations for a group system.

type GroupWriter 

type GroupWriter interface {
	// SetMembers replaces the members of the group with the given ID with the given members.
	SetMembers(ctx context.Context, groupID string, members []Member) error
}

GroupWriter provides write operations for a group system.

type ManyToManySyncer 

type ManyToManySyncer struct {
	// contains filtered or unexported fields
}

ManyToManySyncer adheres to the v1alpha3.GroupSyncer interface. This syncer allows for syncing many source groups to many target groups. It adheres to the following policy when syncing a source group ID:

  1. Find all the target groups that the given source group maps to.
  2. For each of those target groups, it finds all source groups that map to it and forms the union of all descendants from amongst those groups.
  3. This set of source users is then mapped to their corresponding target users forming the target member set.
  4. The target member set is then synced to the target group.

func NewManyToManySyncer 

func NewManyToManySyncer(
	name, sourceSystem, targetSystem string,
	sourceGroupClient GroupReader,
	targetGroupClient GroupWriter,
	sourceGroupMapper OneToManyGroupMapper,
	targetGroupMapper OneToManyGroupMapper,
	userMapper UserMapper,
) *ManyToManySyncer

NewManyToManySyncer creates a new ManyToManySyncer.

func (*ManyToManySyncer) Name added in v1.0.0 

func (f *ManyToManySyncer) Name() string

Name returns the syncer name.

func (*ManyToManySyncer) SourceSystem 

func (f *ManyToManySyncer) SourceSystem() string

SourceSystem returns the name of the source group system.

func (*ManyToManySyncer) Sync 

func (f *ManyToManySyncer) Sync(ctx context.Context, sourceGroupID string) error

Sync syncs the source group with the given ID to the target group system.

func (*ManyToManySyncer) SyncAll 

func (f *ManyToManySyncer) SyncAll(ctx context.Context) error

SyncAll syncs all source groups that this GroupSyncer is aware of to the target system.

func (*ManyToManySyncer) TargetSystem 

func (f *ManyToManySyncer) TargetSystem() string

TargetSystem returns the name of the target group system.

type ManyToOneSyncer added in v1.0.0 

type ManyToOneSyncer struct {
	// contains filtered or unexported fields
}

ManyToOneSyncer adheres to the v1alpha3.GroupSyncer interface. This syncer allows for syncing many source groups from different source systems to one target group in a single target system. It adheres to the following policy when syncing a source group ID:

  1. Find the target group that the given source group maps to.
  2. Find all source groups that map to the target group and forms the union of all descendants from amongst those groups.
  3. This set of source users is then mapped to their corresponding target users forming the target member set.
  4. The target member set is then synced to the target group.

func NewManyToOneSyncer added in v1.0.0 

func NewManyToOneSyncer(
	name string,
	targetSystem string,
	sourceGroupClients map[string]GroupReader,
	targetGroupClient GroupWriter,
	sourceGroupMapper OneToOneGroupMapper,
	targetGroupMapper OneToManyGroupMapper,
	userMappers map[string]UserMapper,
) *ManyToOneSyncer

NewManyToOneSyncer creates a new ManyToOneSyncer.

func (*ManyToOneSyncer) Name added in v1.0.0 

func (f *ManyToOneSyncer) Name() string

Name returns the syncer name.

func (*ManyToOneSyncer) SourceSystem added in v1.0.0 

func (f *ManyToOneSyncer) SourceSystem() string

SourceSystem returns the name of the source group system.

func (*ManyToOneSyncer) Sync added in v1.0.0 

func (f *ManyToOneSyncer) Sync(ctx context.Context, sourceGroupID string) error

Sync syncs the source group with the given ID to the target group system.

func (*ManyToOneSyncer) SyncAll added in v1.0.0 

func (f *ManyToOneSyncer) SyncAll(ctx context.Context) error

SyncAll syncs all source groups that this GroupSyncer is aware of to the target system.

func (*ManyToOneSyncer) TargetSystem added in v1.0.0 

func (f *ManyToOneSyncer) TargetSystem() string

TargetSystem returns the name of the target group system.

type Mapping added in v0.0.4 

type Mapping struct {
	GroupID string `json:"group_id,omitempty"`
	// The system where the Group comes from.
	System   string          `json:"system,omitempty"`
	Metadata MappingMetadata `json:"metadata,omitempty"`
}

Mapping is a group ID with the group system and other combinable metadata.

type MappingMetadata added in v0.0.4 

type MappingMetadata interface {
	Combine(other MappingMetadata) MappingMetadata
}

MappingMetadata is arbitrary data that is combinable with other metadata, allowing user-specific data to be calculated based on metadata from multiple source groups mapping a user to a single target group.

type Member 

type Member interface {
	// ID is the member's ID int the group system.
	ID() string

	// IsGroup returns whether this Member is a Group.
	IsGroup() bool

	// IsUser returns whether this Member is a User.
	IsUser() bool

	// Group returns the underlying group if this Member is a group and never an error.
	// Otherwise, if this member is a user, then it always returns an error and never a group.
	// A common pattern is to use IsGroup as a guard before using this method:
	//
	//   if member.IsGroup() {
	//      group, _ := member.Group()
	//   }
	Group() (*Group, error)

	// User returns the underlying user if this Member is a user and never an error.
	// Otherwise, if this member is a group, then it always returns an error and never a user.
	// A common pattern is to use IsUser as a guard before using this method:
	//
	//   if member.IsUser() {
	//      user, _ := member.User()
	//   }
	User() (*User, error)
}

Member represents a member of a group. A member may either be a User or another Group. An instance of Member will always be either a User or a Group but not both.

type OneToManyGroupMapper 

type OneToManyGroupMapper interface {
	// AllGroupIDs returns the set of groupIDs being mapped (the key set).
	AllGroupIDs(ctx context.Context) ([]string, error)

	// ContainsGroupID returns whether this mapper contains a mapping for the given group ID.
	ContainsGroupID(ctx context.Context, groupID string) (bool, error)

	// MappedGroupIDs returns the list of group IDs mapped to the given group ID.
	MappedGroupIDs(ctx context.Context, groupID string) ([]string, error)

	// Mappings returns the list of Mappings (group ID and arbitrary metadata) mapped to the given group ID.
	Mappings(ctx context.Context, groupID string) ([]Mapping, error)
}

OneToManyGroupMapper maps group IDs to lists of group IDs.

type OneToOneGroupMapper added in v1.0.0 

type OneToOneGroupMapper interface {
	// AllGroupIDs returns the set of groupIDs being mapped (the key set).
	AllGroupIDs(ctx context.Context) ([]string, error)

	// ContainsGroupID returns whether this mapper contains a mapping for the given group ID.
	ContainsGroupID(ctx context.Context, groupID string) (bool, error)

	// MappedGroupID returns the group ID mapped to the given group ID.
	MappedGroupID(ctx context.Context, groupID string) (string, error)

	// Mapping returns the Mapping (group ID and arbitrary metadata) mapped to the given group ID.
	Mapping(ctx context.Context, groupID string) (Mapping, error)
}

OneToOneGroupMapper maps one group ID to another group ID.

type OneToOneSyncer added in v1.1.0 

type OneToOneSyncer struct {
	// contains filtered or unexported fields
}

OneToOneSyncer adheres to the v1alpha3.GroupSyncer interface. This syncer allows for syncing one source group one target group. It adheres to the following policy when syncing a source group ID:

  1. Find the mapped target group of the source group.
  2. Find all descendants of the source group.
  3. This set of source descendants is then mapped to their corresponding target users forming the target member set.
  4. The target member set is then synced to the target group.

func NewOneToOneSyncer added in v1.1.0 

func NewOneToOneSyncer(params *OneToOneSyncerParams) *OneToOneSyncer

NewOneToOneSyncer creates a new OneToOneSyncer.

func (*OneToOneSyncer) Name added in v1.1.0 

func (f *OneToOneSyncer) Name() string

Name returns the syncer name.

func (*OneToOneSyncer) SourceSystem added in v1.1.0 

func (f *OneToOneSyncer) SourceSystem() string

SourceSystem returns the name of the source group system.

func (*OneToOneSyncer) Sync added in v1.1.0 

func (f *OneToOneSyncer) Sync(ctx context.Context, sourceGroupID string) error

Sync syncs the source group with the given ID to the target group system.

func (*OneToOneSyncer) SyncAll added in v1.1.0 

func (f *OneToOneSyncer) SyncAll(ctx context.Context) error

SyncAll syncs all source groups that this GroupSyncer is aware of to the target system.

func (*OneToOneSyncer) TargetSystem added in v1.1.0 

func (f *OneToOneSyncer) TargetSystem() string

TargetSystem returns the name of the target group system.

type OneToOneSyncerParams added in v1.1.0 

type OneToOneSyncerParams struct {
	Name              string
	SourceSystem      string
	TargetSystem      string
	SourceGroupReader GroupReader
	TargetGroupWriter GroupWriter
	SourceGroupMapper OneToOneGroupMapper
	UserMapper        UserMapper
}

type User 

type User struct {
	// ID is the user's ID in the group system.
	ID string `json:"id,omitempty"`
	// System is where the user comes from.
	System string `json:"system,omitempty"`
	// Attributes represent arbitrary attributes about the user
	// in the given group system. This field is typically set by
	// the corresponding GroupReader when retrieving the user.
	Attributes any `json:"attributes,omitempty"`
	// Metadata for a user is calculated by combining metadata
	// from multiple source groups mapping this user to a target group.
	Metadata MappingMetadata `json:"metadata,omitempty"`
}

User represents a user in a group system.

func Descendants 

func Descendants(ctx context.Context, groupID string, memberFunc func(context.Context, string) ([]Member, error)) ([]*User, error)

Descendants retrieve all users (children, recursively) of the given group ID using the given memberFunc. This function serves mostly as a utility function when implementing ReadGroupClients for when there is no special logic for fetching descendants.

type UserMapper 

type UserMapper interface {
	// MappedUserID returns the user ID mapped to the given user ID.
	MappedUserID(ctx context.Context, userID string) (string, error)
	// MappedUser returns the user mapped to the given user.
	MappedUser(ctx context.Context, user *User) (*User, error)
}

UserMapper maps a user ID to another user ID.

func NewNoopUserMapper added in v1.0.2 

func NewNoopUserMapper() UserMapper

NewNoopUserMapper creates and returns a new instance of noopUserMapper.

type UserMember 

type UserMember struct {
	Usr *User
}

UserMember represents a user membership of a group.

func (*UserMember) Group 

func (u *UserMember) Group() (*Group, error)

Group returns an error.

func (*UserMember) ID 

func (u *UserMember) ID() string

ID is the user's ID in the group system.

func (*UserMember) IsGroup 

func (u *UserMember) IsGroup() bool

IsGroup returns whether this Member is a Group. Always returns false.

func (*UserMember) IsUser 

func (u *UserMember) IsUser() bool

IsUser returns whether this Member is a User. Always returns true.

func (*UserMember) User 

func (u *UserMember) User() (*User, error)

User returns the underlying user if this Member.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.