model

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 22, 2024 License: Apache-2.0 Imports: 14 Imported by: 6

Documentation

Index

Constants

View Source 
const (
	ObjectNameSeparator       = "^"
	SubjectRelationSeparator  = "#"
	GeneratedPermissionPrefix = "$"
)
View Source 
const ModelVersion int = 3

Variables

View Source 
var ErrInvalidIdentifier = errors.New("invalid identifier")

Functions

func IsValidIdentifier added in v0.0.5 

func IsValidIdentifier(in string) bool

func NormalizeIdentifier added in v0.0.5 

func NormalizeIdentifier(in string) (string, error)

Types

type ArrowPermission 

type ArrowPermission struct {
	Relation   string `json:"relation,omitempty"`
	Permission string `json:"permission,omitempty"`
}

type ExclusionPermission 

type ExclusionPermission struct {
	Include *PermissionTerm `json:"include,omitempty"`
	Exclude *PermissionTerm `json:"exclude,omitempty"`
}

type Identifier added in v0.0.5 

type Identifier string

Identifier is the string representation of an object, relation and permission type name.

Identifiers are bounded by the underlying defined regex definition (reIdentifier).

An identifier MUST be: - all lowercase characters - have a minimum length of 3 characters - have a maximum length of 64 characters - start with a character (a-z) - end with a character of a digit (a-z0-9) - can contain dots, underscores and dashes, between the first and last position.

func (Identifier) Valid added in v0.0.5 

func (i Identifier) Valid() bool

type Metadata added in v0.0.4 

type Metadata struct {
	UpdatedAt time.Time `json:"updated_at"`
	ETag      string    `json:"etag"`
}

type Model 

type Model struct {
	Version  int                    `json:"version"`
	Objects  map[ObjectName]*Object `json:"types"`
	Metadata *Metadata              `json:"metadata"`
}

func New added in v0.0.3 

func New(r io.Reader) (*Model, error)

func (*Model) Invert added in v0.1.4 

func (m *Model) Invert() *Model

func (*Model) Reader added in v0.0.3 

func (m *Model) Reader() (io.Reader, error)

func (*Model) StepRelation added in v0.1.1 

func (m *Model) StepRelation(r *Relation, subjs ...ObjectName) []*RelationRef

func (*Model) Validate added in v0.1.0 

func (m *Model) Validate() error

Validate enforces the model's internal consistency.

It enforces the following rules:

  • Within an object, a permission cannot share the same name as a relation.
  • Direct relations must reference existing objects .
  • Wildcard relations must reference existing objects.
  • Subject relations must reference existing object#relation pairs.
  • Arrow permissions (relation->rel_or_perm) must reference existing relations/permissions.

func (*Model) ValidateRelation added in v0.1.0 

func (m *Model) ValidateRelation(on ObjectName, oid ObjectID, rn RelationName, sn ObjectName, sid ObjectID, srn RelationName) error

func (*Model) Write added in v0.0.4 

func (m *Model) Write(w io.Writer) error

type Object 

type Object struct {
	Relations   map[RelationName]*Relation   `json:"relations,omitempty"`
	Permissions map[RelationName]*Permission `json:"permissions,omitempty"`
}

func NewObject added in v0.1.4 

func NewObject() *Object

func (*Object) HasPermission added in v0.1.0 

func (o *Object) HasPermission(name RelationName) bool

func (*Object) HasRelOrPerm added in v0.1.0 

func (o *Object) HasRelOrPerm(name RelationName) bool

func (*Object) HasRelation added in v0.1.0 

func (o *Object) HasRelation(name RelationName) bool

func (*Object) SubjectTypes added in v0.1.4 

func (o *Object) SubjectTypes(name RelationName) []ObjectName

SubjectTypes returns the list of possible subject types for the given relation or permission.

type ObjectID added in v0.1.0 

type ObjectID string

func (ObjectID) IsWildcard added in v0.1.0 

func (id ObjectID) IsWildcard() bool

func (ObjectID) String added in v0.1.0 

func (id ObjectID) String() string

type ObjectName 

type ObjectName Identifier

func (ObjectName) String added in v0.0.14 

func (on ObjectName) String() string

type Permission 

type Permission struct {
	Union        PermissionTerms      `json:"union,omitempty"`
	Intersection PermissionTerms      `json:"intersection,omitempty"`
	Exclusion    *ExclusionPermission `json:"exclusion,omitempty"`

	SubjectTypes []ObjectName `json:"subject_types,omitempty"`
}

func (*Permission) AddTerm added in v0.1.4 

func (p *Permission) AddTerm(pt *PermissionTerm)

func (*Permission) IsExclusion added in v0.1.0 

func (p *Permission) IsExclusion() bool

func (*Permission) IsIntersection added in v0.1.0 

func (p *Permission) IsIntersection() bool

func (*Permission) IsUnion added in v0.1.0 

func (p *Permission) IsUnion() bool

func (*Permission) Terms added in v0.1.0 

func (p *Permission) Terms() []*PermissionTerm

type PermissionTerm added in v0.1.0 

type PermissionTerm struct {
	Base      RelationName `json:"base,omitempty"`
	RelOrPerm RelationName `json:"rel_or_perm"`

	SubjectTypes []ObjectName `json:"subject_types,omitempty"`
}

func (*PermissionTerm) IsArrow added in v0.1.0 

func (pr *PermissionTerm) IsArrow() bool

func (*PermissionTerm) String added in v0.1.4 

func (pr *PermissionTerm) String() string

type PermissionTerms added in v0.1.4 

type PermissionTerms []*PermissionTerm

func (PermissionTerms) Contains added in v0.1.4 

func (pts PermissionTerms) Contains(pt *PermissionTerm) bool

type Relation 

type Relation struct {
	Union             []*RelationRef `json:"union,omitempty"`
	SubjectTypes      []ObjectName   `json:"subject_types,omitempty"`
	IntermediateTypes []ObjectName   `json:"intermediate_types,omitempty"`
}

func (*Relation) AddRef added in v0.1.4 

func (r *Relation) AddRef(rr *RelationRef)

func (*Relation) AllTypes added in v0.1.4 

func (r *Relation) AllTypes() []ObjectName

type RelationAssignment added in v0.1.0 

type RelationAssignment int
const (
	RelationAssignmentUnknown RelationAssignment = iota
	RelationAssignmentDirect
	RelationAssignmentSubject
	RelationAssignmentWildcard
)

type RelationName 

type RelationName Identifier

func InverseRelation added in v0.1.4 

func InverseRelation(on ObjectName, rn RelationName, srn ...RelationName) RelationName

func (RelationName) String added in v0.0.14 

func (rn RelationName) String() string

type RelationRef added in v0.1.0 

type RelationRef struct {
	Object   ObjectName   `json:"object,omitempty"`
	Relation RelationName `json:"relation,omitempty"`
}

func NewRelationRef added in v0.1.0 

func NewRelationRef(on ObjectName, rn RelationName) *RelationRef

func (*RelationRef) Assignment added in v0.1.0 

func (rr *RelationRef) Assignment() RelationAssignment

func (*RelationRef) IsDirect added in v0.1.0 

func (rr *RelationRef) IsDirect() bool

func (*RelationRef) IsSubject added in v0.1.0 

func (rr *RelationRef) IsSubject() bool

func (*RelationRef) IsWildcard added in v0.1.0 

func (rr *RelationRef) IsWildcard() bool

func (*RelationRef) String added in v0.1.0 

func (rr *RelationRef) String() string

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.