Documentation
¶
Index ¶
- Constants
- Variables
- func AuditS3CredentialAccess(ctx context.Context, action string, bucket string, err error)
- func BucketToURL(bucket, key string) string
- func CanonicalSHA256(checksums []drs.Checksum) (string, bool)
- func ContentDispositionAttachment(name string) string
- func DerefString(p *string) string
- func DerefStringSlice(p *[]string) []string
- func DownloadFilename(name string) string
- func FloatVal(p *float64) float64
- func GetRequestID(ctx context.Context) string
- func Int64Val(p *int64) int64
- func IntVal(p *int) int
- func IsNotFoundError(err error) bool
- func IsUnauthorizedError(err error) bool
- func LooksLikeSHA256(v string) bool
- func MergeAdditionalChecksums(existing []drs.Checksum, additions []drs.Checksum) []drs.Checksum
- func MintObjectIDFromChecksum(checksum string, authz []string) (string, error)
- func NormalizeChecksum(cs string) string
- func NormalizeChecksumType(checksumType string) string
- func NormalizeProvider(p string, fallback string) string
- func NormalizeSHA256(values []string) []string
- func NormalizeStoragePath(rawPath, bucket string) (string, error)
- func NormalizeUploadKey(inputKey, id string) string
- func ObjectHasChecksumTypeAndValue(obj models.InternalObject, hashType string, hashValue string) bool
- func ObjectURLForCredential(cred *models.S3Credential, key string) (string, error)
- func ParseBucketProvider(raw string) (string, error)
- func ParseHashQuery(rawHash string, rawType string) (string, string)
- func ParseS3URL(raw string) (bucket string, key string, ok bool)
- func ProviderFromScheme(scheme string) string
- func ProviderToScheme(p string) string
- func Ptr[T any](v T) *T
- func SchemeFromURL(raw string) string
- func StringVal(p *string) string
- func TimeVal(p *time.Time) time.Time
- func UniqueStrings(values []string) []string
- func UniqueStringsCaseInsensitive(values []string) []string
- func Val[T any](p *T, def T) T
- func ValidateBucketName(providerName, bucketName string) error
- func ValidateBucketNameWithEndpoint(providerName, bucketName, endpoint string) error
- func WithRequestID(ctx context.Context, requestID string) context.Context
- type AuthorizationError
- type AuthzContextKey
- type PublicError
- type ResourceScope
Constants ¶
const ( S3Provider = "s3" GCSProvider = "gcs" AzureProvider = "azure" FileProvider = "file" S3Prefix = "s3://" GCSPrefix = "gs://" AzurePrefix = "azblob://" DRSPrefix = "drs://" )
const ( // BucketControlResource is the resource path for internal bucket management. BucketControlResource = "/services/internal/buckets" // MetricsIngestResource is the resource path for trusted provider metrics ingestion. MetricsIngestResource = "/services/internal/metrics" )
const ( RouteInternalDownload = "/data/download/{file_id}" RouteInternalDownloadPart = "/data/download/{file_id}/part" RouteInternalUpload = "/data/upload" RouteInternalUploadURL = "/data/upload/{file_id}" RouteInternalUploadBulk = "/data/upload/bulk" RouteInternalMultipartInit = "/data/multipart/init" RouteInternalMultipartUpload = "/data/multipart/upload" RouteInternalMultipartComplete = "/data/multipart/complete" RouteInternalBuckets = "/data/buckets" RouteInternalBucketDetail = "/data/buckets/{bucket}" RouteInternalBucketScopes = "/data/buckets/{bucket}/scopes" RouteInternalIndex = "/index" RouteInternalIndexDetail = "/index/{id}" RouteInternalIndexControlledAccessRemove = "/index/{id}/controlled-access/remove" RouteInternalBulkHashes = "/index/bulk/hashes" RouteInternalBulkDeleteHashes = "/index/bulk/delete" RouteInternalBulkSHA256 = "/index/bulk/sha256/validity" RouteInternalBulkCreate = "/index/bulk" RouteInternalBulkDocs = "/index/bulk/documents" )
const RequestIDHeader = "X-Request-Id"
Variables ¶
var ( ErrNotFound = errors.New("not found") ErrConflict = errors.New("conflict") ErrInvalidInput = errors.New("invalid input") )
var ErrNoValidSHA256 = errors.New("no valid sha256 values provided")
Functions ¶
func AuditS3CredentialAccess ¶
AuditS3CredentialAccess logs credential access events with request/mode context.
func BucketToURL ¶
BucketToURL converts a bucket and key to an s3:// URL.
func CanonicalSHA256 ¶
CanonicalSHA256 pulls the sha256 value from a list of checksums if it exists.
func ContentDispositionAttachment ¶ added in v0.2.8
ContentDispositionAttachment returns a conservative attachment disposition for a download filename, including RFC 5987 UTF-8 encoding.
func DerefStringSlice ¶
DerefStringSlice returns a copy of the slice or nil when the pointer is nil.
func DownloadFilename ¶ added in v0.2.8
DownloadFilename returns the basename to present to clients for downloads. Object names may carry storage-relative paths; download UX should not.
func GetRequestID ¶
func IsNotFoundError ¶
func IsUnauthorizedError ¶
func LooksLikeSHA256 ¶
LooksLikeSHA256 checks if a string matches the format of a SHA256 hash.
func MergeAdditionalChecksums ¶
MergeAdditionalChecksums merges new checksums into an existing set, avoiding duplicate types.
func MintObjectIDFromChecksum ¶
MintObjectIDFromChecksum returns a deterministic UUID for a checksum and a single canonical project scope. The generated UUID is stable across instances for the same sha256 and normalized project resource path.
func NormalizeChecksum ¶
NormalizeChecksum removes any "sha256:" prefixes if present.
func NormalizeChecksumType ¶
NormalizeChecksumType cleans up a checksum type string (lowercase, remove hyphens).
func NormalizeProvider ¶
func NormalizeSHA256 ¶
NormalizeSHA256 cleans and dedups a list of potential SHA256 hashes.
func NormalizeStoragePath ¶
func NormalizeUploadKey ¶
NormalizeUploadKey ensures a key is valid for upload and defaults to ID if empty.
func ObjectHasChecksumTypeAndValue ¶
func ObjectHasChecksumTypeAndValue(obj models.InternalObject, hashType string, hashValue string) bool
func ObjectURLForCredential ¶
func ObjectURLForCredential(cred *models.S3Credential, key string) (string, error)
func ParseBucketProvider ¶
ParseBucketProvider returns a canonical bucket provider name or an error for unsupported values.
func ParseHashQuery ¶
ParseHashQuery parses a checksum string that might be in "type:value" format.
func ParseS3URL ¶
ParseS3URL extracts bucket/key pairs from an s3:// URL.
func ProviderFromScheme ¶
func ProviderToScheme ¶
func SchemeFromURL ¶
SchemeFromURL extracts the scheme from a URL string.
func UniqueStrings ¶
UniqueStrings returns a deduped slice of strings, preserving order.
func UniqueStringsCaseInsensitive ¶
UniqueStringsCaseInsensitive returns a deduped slice of strings based on lowercase comparison, preserving the first-seen original string.
func Val ¶
func Val[T any](p *T, def T) T
Val returns the value of the pointer if not nil, otherwise the default value.
func ValidateBucketName ¶
ValidateBucketName validates a bucket/container name for the given provider.
The rules are intentionally provider-specific: - s3 and azure share the stricter DNS-style naming rules. - gcs permits dots and underscores but still requires a DNS-safe shape.
func ValidateBucketNameWithEndpoint ¶ added in v0.2.8
ValidateBucketNameWithEndpoint validates a bucket/container name for the given provider and endpoint. S3-compatible backends with a custom endpoint may allow bucket names that would be invalid for AWS virtual-hosted DNS names.
Types ¶
type AuthorizationError ¶ added in v0.2.8
type AuthorizationError struct {
Method string
RecordID string
Resources []string
DeniedRecords int
TotalRecords int
TruncatedResources int
}
func (*AuthorizationError) Error ¶ added in v0.2.8
func (e *AuthorizationError) Error() string
func (*AuthorizationError) PublicMessage ¶ added in v0.2.8
func (e *AuthorizationError) PublicMessage() string
func (*AuthorizationError) Unwrap ¶ added in v0.2.8
func (e *AuthorizationError) Unwrap() error
type AuthzContextKey ¶
type AuthzContextKey string
const RequestIDKey AuthzContextKey = "request_id"
type PublicError ¶ added in v0.2.8
type PublicError interface {
PublicMessage() string
}
type ResourceScope ¶
func ParseResourcePath ¶
func ParseResourcePath(path string) ResourceScope
Source Files