admin

package
v0.1.23 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 26, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ActionUserDisabled          = "user.disabled"
	ActionUserEnabled           = "user.enabled"
	ActionUserAdminGranted      = "user.admin_granted"
	ActionUserAdminRevoked      = "user.admin_revoked"
	ActionUserSessionRevoked    = "user.session_revoked"
	ActionUserSessionsRevoked   = "user.sessions_revoked"
	ActionAllowlistEmailAdded   = "allowlist.email_added"
	ActionAllowlistEmailRemoved = "allowlist.email_removed"
)
View Source 
const (
	ReasonSelfDisable        = "You cannot disable your own account."
	ReasonSelfRevokeAdmin    = "You cannot remove your own admin role."
	ReasonSelfRevokeSessions = "You cannot revoke all sessions for your own account from here."
	ReasonLastAdmin          = "You cannot remove the last admin."
)

Variables

View Source 
var (
	ErrSelfDisable              = errors.New("admin cannot disable themselves")
	ErrSelfRevokeAdmin          = errors.New("admin cannot remove their own admin role")
	ErrSelfRevokeSessions       = errors.New("admin cannot revoke all sessions for themselves")
	ErrLastAdmin                = errors.New("operation would leave no active admins")
	ErrAllowlistDisabled        = errors.New("allowlist feature disabled")
	ErrAllowedEmailAlreadyAdded = errors.New("allowed email already exists")
	ErrInvalidEmail             = errors.New("invalid email")
)

Functions

This section is empty.

Types

type ActionAvailability 

type ActionAvailability struct {
	Allowed bool
	Reason  string
}

type Actor 

type Actor struct {
	UserID uuid.UUID
	Email  string
	Roles  roles.Roles
}

type AllowedEmailPage 

type AllowedEmailPage struct {
	Emails  []domain.AllowedEmail
	Query   string
	Page    int
	Size    int
	Total   int
	Message string
}

func (AllowedEmailPage) HasNext 

func (p AllowedEmailPage) HasNext() bool

func (AllowedEmailPage) HasPrevious 

func (p AllowedEmailPage) HasPrevious() bool

type AuditEventPage 

type AuditEventPage struct {
	Events []domain.AdminAuditEvent
	Page   int
	Size   int
}

type AuthProviderSummary 

type AuthProviderSummary struct {
	ID          uuid.UUID
	Provider    string
	CreatedAt   time.Time
	HasPassword bool
	HasOAuthID  bool
}

type Config 

type Config struct {
	Store            *store.Store
	Tx               *tx.Manager
	Now              func() time.Time
	AllowlistEnabled bool
	AuditRetention   time.Duration
}

type DashboardStats 

type DashboardStats struct {
	TotalUsers         int
	SignupsLast24Hours int
	DisabledUsers      int
	ActiveSessions     int
}

type Page 

type Page struct {
	Page int
	Size int
}

type PasskeySummary 

type PasskeySummary struct {
	ID             uuid.UUID
	Name           string
	CreatedAt      time.Time
	LastUsedAt     *time.Time
	CloneWarning   bool
	BackupEligible bool
	BackupState    bool
	DeviceLabel    string
	Transport      []string
}

type RecentFailures 

type RecentFailures struct {
	EmailJobs  []domain.EmailJob
	Challenges []domain.Challenge
	Page       int
	Size       int
}

type RequestMeta 

type RequestMeta struct {
	IP        string
	UserAgent string
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func New 

func New(cfg Config) *Service

func (*Service) AddAllowedEmail 

func (s *Service) AddAllowedEmail(ctx context.Context, actor Actor, email string, meta RequestMeta) error

func (*Service) CanRevokeAllSessions 

func (s *Service) CanRevokeAllSessions(actorID uuid.UUID, targetID uuid.UUID) ActionAvailability

func (*Service) CleanupExpiredAuditEvents 

func (s *Service) CleanupExpiredAuditEvents(ctx context.Context, now time.Time) (int64, error)

func (*Service) DashboardStats 

func (s *Service) DashboardStats(ctx context.Context) (DashboardStats, error)

func (*Service) DisableUser 

func (s *Service) DisableUser(ctx context.Context, actor Actor, userID uuid.UUID, meta RequestMeta) error

func (*Service) EnableUser 

func (s *Service) EnableUser(ctx context.Context, actor Actor, userID uuid.UUID, meta RequestMeta) error

func (*Service) GetUserDetail 

func (s *Service) GetUserDetail(ctx context.Context, actor Actor, userID uuid.UUID) (UserDetail, error)

func (*Service) GrantAdmin 

func (s *Service) GrantAdmin(ctx context.Context, actor Actor, userID uuid.UUID, meta RequestMeta) error

func (*Service) ListAllowedEmails 

func (s *Service) ListAllowedEmails(ctx context.Context, query string, page Page) (AllowedEmailPage, error)

func (*Service) ListAuditEvents 

func (s *Service) ListAuditEvents(ctx context.Context, page Page) (AuditEventPage, error)

func (*Service) RecentFailures 

func (s *Service) RecentFailures(ctx context.Context, page Page) (RecentFailures, error)

func (*Service) RemoveAllowedEmail 

func (s *Service) RemoveAllowedEmail(ctx context.Context, actor Actor, allowedEmailID uuid.UUID, meta RequestMeta) error

func (*Service) RevokeAdmin 

func (s *Service) RevokeAdmin(ctx context.Context, actor Actor, userID uuid.UUID, meta RequestMeta) error

func (*Service) RevokeAllUserSessions 

func (s *Service) RevokeAllUserSessions(ctx context.Context, actor Actor, userID uuid.UUID, meta RequestMeta) error

func (*Service) RevokeUserSession 

func (s *Service) RevokeUserSession(ctx context.Context, actor Actor, userID, sessionID uuid.UUID, meta RequestMeta) error

func (*Service) SearchUser 

func (s *Service) SearchUser(ctx context.Context, query string) (UserSummary, error)

func (*Service) StartAuditCleanupWorker 

func (s *Service) StartAuditCleanupWorker(ctx context.Context, logger *slog.Logger, interval time.Duration)

type SessionSummary 

type SessionSummary struct {
	ID               uuid.UUID
	CreatedAt        time.Time
	ExpiresAt        time.Time
	RevokedAt        *time.Time
	UserAgent        string
	UserAgentSummary string
	Status           string
}

type UserDetail 

type UserDetail struct {
	User          UserSummary
	AuthProviders []AuthProviderSummary
	Passkeys      []PasskeySummary
	Sessions      []SessionSummary
	Actions       UserDetailActions
}

type UserDetailActions 

type UserDetailActions struct {
	Disable           ActionAvailability
	Enable            ActionAvailability
	GrantAdmin        ActionAvailability
	RevokeAdmin       ActionAvailability
	RevokeAllSessions ActionAvailability
}

type UserSummary 

type UserSummary struct {
	ID                 uuid.UUID
	CreatedAt          time.Time
	UpdatedAt          time.Time
	DisabledAt         *time.Time
	Username           string
	Email              string
	Roles              []string
	AuthProviderCount  int
	ActiveSessionCount int
}

func (UserSummary) Disabled 

func (u UserSummary) Disabled() bool

func (UserSummary) HasRole 

func (u UserSummary) HasRole(roleName string) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.