authorization

package

v1.1.3 Latest Latest Go to latest Published: Feb 27, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/canonical/hook-service

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AuthorizationDatabaseInterface
type AuthorizerInterface
type Group
type GrpcServer
- func NewGrpcServer(svc ServiceInterface, tracer tracing.TracingInterface, ...) *GrpcServer
type Service
- func NewService(db AuthorizationDatabaseInterface, authz AuthorizerInterface, ...) *Service
type ServiceInterface
type Storage
- func NewStorage() *Storage

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrGroupNotFound           = errors.New("group not found")
	ErrAppAlreadyExistsInGroup = errors.New("app already exists in group")
	ErrAppDoesNotExistInGroup  = errors.New("app does not exist in group")
	ErrAppDoesNotExist         = errors.New("app does not exist")
	ErrInternalServerError     = errors.New("internal server error")
	ErrInvalidGroupID          = errors.New("invalid group id")
)

Functions ¶

This section is empty.

Types ¶

type AuthorizationDatabaseInterface ¶

type AuthorizationDatabaseInterface interface {
	GetAllowedApps(context.Context, string) ([]string, error)
	AddAllowedApp(context.Context, string, string) error
	AddAllowedApps(context.Context, string, []string) error
	RemoveAllowedApp(context.Context, string, string) error
	RemoveAllowedApps(context.Context, string) ([]string, error)

	AddAllowedGroupsForApp(context.Context, string, []string) error
	GetAllowedGroupsForApp(context.Context, string) ([]string, error)
	RemoveAllAllowedGroupsForApp(context.Context, string) ([]string, error)
}

type AuthorizerInterface ¶

type AuthorizerInterface interface {
	AddAllowedAppToGroup(context.Context, string, string) error
	RemoveAllowedAppFromGroup(context.Context, string, string) error
	RemoveAllAllowedAppsFromGroup(context.Context, string) error

	RemoveAllAllowedGroupsForApp(context.Context, string) error
}

type Group ¶

type Group struct {
	ID   string
	Apps map[string]bool
}

type GrpcServer ¶

type GrpcServer struct {
	v0_authz.UnimplementedAppAuthorizationServiceServer
	// contains filtered or unexported fields
}

GrpcServer is the gRPC server for the authorization service.

func NewGrpcServer ¶

func NewGrpcServer(svc ServiceInterface, tracer tracing.TracingInterface, monitor monitoring.MonitorInterface, logger logging.LoggerInterface) *GrpcServer

NewGrpcServer creates a new gRPC server.

func (*GrpcServer) AddAllowedAppToGroup ¶

func (g *GrpcServer) AddAllowedAppToGroup(ctx context.Context, req *v0_authz.AddAllowedAppToGroupReq) (*v0_authz.AddAllowedAppToGroupResp, error)

AddAllowedAppToGroup handles the gRPC request to add an allowed app to a group.

func (*GrpcServer) GetAllowedAppsInGroup ¶

func (g *GrpcServer) GetAllowedAppsInGroup(ctx context.Context, req *v0_authz.GetAllowedAppsInGroupReq) (*v0_authz.GetAllowedAppsInGroupResp, error)

GetAllowedAppsInGroup handles the gRPC request to get allowed apps in a group.

func (*GrpcServer) GetAllowedGroupsForApp ¶

func (g *GrpcServer) GetAllowedGroupsForApp(ctx context.Context, req *v0_authz.GetAllowedGroupsForAppReq) (*v0_authz.GetAllowedGroupsForAppResp, error)

GetAllowedGroupsForApp handles the gRPC request to get allowed groups for an app.

func (*GrpcServer) RemoveAllowedAppFromGroup ¶

func (g *GrpcServer) RemoveAllowedAppFromGroup(ctx context.Context, req *v0_authz.RemoveAllowedAppFromGroupReq) (*v0_authz.RemoveAllowedAppFromGroupResp, error)

RemoveAllowedAppFromGroup handles the gRPC request to remove an allowed app from a group.

func (*GrpcServer) RemoveAllowedAppsFromGroup ¶

func (g *GrpcServer) RemoveAllowedAppsFromGroup(ctx context.Context, req *v0_authz.RemoveAllowedAppsFromGroupReq) (*v0_authz.RemoveAllowedAppsFromGroupResp, error)

RemoveAllowedAppsFromGroup handles the gRPC request to remove all allowed apps from a group.

func (*GrpcServer) RemoveAllowedGroupsForApp ¶

func (g *GrpcServer) RemoveAllowedGroupsForApp(ctx context.Context, req *v0_authz.RemoveAllowedGroupsForAppReq) (*v0_authz.RemoveAllowedGroupsForAppResp, error)

RemoveAllowedGroupsForApp handles the gRPC request to remove all allowed groups for an app.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

func NewService ¶

func NewService(
	db AuthorizationDatabaseInterface,
	authz AuthorizerInterface,
	tracer tracing.TracingInterface,
	monitor monitoring.MonitorInterface,
	logger logging.LoggerInterface,
) *Service

func (*Service) AddAllowedAppToGroup ¶

func (s *Service) AddAllowedAppToGroup(ctx context.Context, groupID string, app string) error

func (*Service) GetAllowedAppsInGroup ¶

func (s *Service) GetAllowedAppsInGroup(ctx context.Context, groupID string) ([]string, error)

func (*Service) GetAllowedGroupsForApp ¶

func (s *Service) GetAllowedGroupsForApp(ctx context.Context, app string) ([]string, error)

func (*Service) RemoveAllAllowedAppsFromGroup ¶

func (s *Service) RemoveAllAllowedAppsFromGroup(ctx context.Context, groupID string) error

func (*Service) RemoveAllAllowedGroupsForApp ¶

func (s *Service) RemoveAllAllowedGroupsForApp(ctx context.Context, app string) error

func (*Service) RemoveAllowedAppFromGroup ¶

func (s *Service) RemoveAllowedAppFromGroup(ctx context.Context, groupID string, app string) error

type ServiceInterface ¶

type ServiceInterface interface {
	GetAllowedAppsInGroup(context.Context, string) ([]string, error)
	AddAllowedAppToGroup(context.Context, string, string) error
	RemoveAllAllowedAppsFromGroup(context.Context, string) error
	RemoveAllowedAppFromGroup(context.Context, string, string) error

	GetAllowedGroupsForApp(context.Context, string) ([]string, error)
	RemoveAllAllowedGroupsForApp(context.Context, string) error
}

type Storage ¶

type Storage struct {
	Groups      map[string]*Group
	AppToGroups map[string]map[string]bool
}

func NewStorage ¶

func NewStorage() *Storage

func (*Storage) AddAllowedApp ¶

func (s *Storage) AddAllowedApp(ctx context.Context, groupID string, app string) error

func (*Storage) AddAllowedApps ¶

func (s *Storage) AddAllowedApps(ctx context.Context, groupID string, apps []string) error

func (*Storage) AddAllowedGroupsForApp ¶

func (s *Storage) AddAllowedGroupsForApp(ctx context.Context, app string, groups []string) error

func (*Storage) GetAllowedApps ¶

func (s *Storage) GetAllowedApps(ctx context.Context, groupID string) ([]string, error)

func (*Storage) GetAllowedGroupsForApp ¶

func (s *Storage) GetAllowedGroupsForApp(ctx context.Context, app string) ([]string, error)

func (*Storage) RemoveAllAllowedGroupsForApp ¶

func (s *Storage) RemoveAllAllowedGroupsForApp(ctx context.Context, app string) ([]string, error)

func (*Storage) RemoveAllowedApp ¶

func (s *Storage) RemoveAllowedApp(ctx context.Context, groupID string, app string) error

func (*Storage) RemoveAllowedApps ¶

func (s *Storage) RemoveAllowedApps(ctx context.Context, groupID string) ([]string, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL