Documentation
¶
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FlattenExpand ¶
func FlattenExpand(resp *v0.ExpandResponse) ([]*v0.User, error)
FlattenExpand reduces an ExpandResponse into the slice of Users present in the expansion.
Notably, this removes the context of which relations caused users to be included in the expansion, but often you only need to know which users are present.
func SystemCerts ¶
func SystemCerts(v CertVerification) grpc.DialOption
SystemCerts is the client option that is used for establish a secure connection to Authzed.
func Token ¶
func Token(token string) grpc.DialOption
Token is the client option that is used for authenticating to Authzed.
Types ¶
type CertVerification ¶
type CertVerification bool
CertVerification is an enumeration of how secure TLS should be configured.
const ( // VerifyCA will verify the certificate authority has been verified. VerifyCA CertVerification = false // SkipVerifyCA will not verify the certificate authority when using TLS. SkipVerifyCA CertVerification = true )
type Checkable ¶
type Checkable interface {
AsObjectAndRelation(relation string) *v0.ObjectAndRelation
}
Checkable represents any object that can be represented as an ObjectAndRelation.
type CheckableAtRevision ¶
CheckableAtRevision represents any object that can be represented at a specific revision.
type Client ¶
type Client struct {
v0.ACLServiceClient
v0.NamespaceServiceClient
}
Client represents an open connection to Authzed.
Clients are backed by a gRPC client and as such are thread-safe.
func NewClient ¶
func NewClient(endpoint string, opts ...grpc.DialOption) (*Client, error)
NewClient initializes a brand new client for interacting with Authzed.
Example ¶
client, err := authzed.NewClient(
"grpc.authzed.com:443",
authzed.Token("my_token_deadbeefdeadbeefdeadbeef"),
authzed.SystemCerts(authzed.VerifyCA),
)
if err != nil {
log.Fatal(err)
}
_, err = client.Check(context.Background(), &v0.CheckRequest{
TestUserset: &v0.ObjectAndRelation{
Namespace: "mytenant/document",
ObjectId: "readme",
Relation: "viewer",
},
User: &v0.User{UserOneof: &v0.User_Userset{
Userset: &v0.ObjectAndRelation{
Namespace: "mytenant/user",
ObjectId: "jimmy",
Relation: "...",
},
}},
})
if err != nil {
log.Fatal(err)
}
func (*Client) NewFilterIter ¶
func (c *Client) NewFilterIter(slice interface{}, user *v0.User, relation string, optionalRevision *v0.Zookie) FilterIter
NewFilterIter returns a `FilterIter` that outputs only items from the provided slice that are accessible: - by the provided user - via the provided relation - at the optional revision
The provided slice value must be `[]T` where `T` implements `Checkable` or `CheckableAtRevision`. If `CheckableAtRevision` is implemented, the revision returned by `Revision()` is used instead of the optional one provided as an arugment to this function.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
x
|
|
|
nsbuilder
Package nsbuilder implements a builder-pattern for defining Authzed Namespaces.
|
Package nsbuilder implements a builder-pattern for defining Authzed Namespaces. |
|
parallel
Package parallel implements experimental utilities for performing parallel client interactions with the Authzed API.
|
Package parallel implements experimental utilities for performing parallel client interactions with the Authzed API. |