Documentation
¶
Index ¶
- Constants
- Variables
- func ClientTuple(clientId string) string
- func GroupMemberTuple(groupId string) string
- func GroupTuple(groupId string) string
- func UserTuple(userId string) string
- type AuthorizationModelProvider
- type Authorizer
- func (a *Authorizer) AddAllowedAppToGroup(ctx context.Context, groupID, clientID string) error
- func (a *Authorizer) BatchCanAccess(ctx context.Context, userId string, clientIds []string, groups []string) (bool, error)
- func (a *Authorizer) CanAccess(ctx context.Context, userId, clientId string, groups []string) (bool, error)
- func (a *Authorizer) Check(ctx context.Context, user string, relation string, object string, ...) (bool, error)
- func (a *Authorizer) DeleteGroup(ctx context.Context, group string) error
- func (a *Authorizer) FilterObjects(ctx context.Context, user string, relation string, objectType string, ...) ([]string, error)
- func (a *Authorizer) ListObjects(ctx context.Context, user string, relation string, objectType string) ([]string, error)
- func (a *Authorizer) RemoveAllAllowedAppsFromGroup(ctx context.Context, groupId string) error
- func (a *Authorizer) RemoveAllAllowedGroupsForApp(ctx context.Context, clientID string) error
- func (a *Authorizer) RemoveAllowedAppFromGroup(ctx context.Context, groupID, clientID string) error
- func (a *Authorizer) ValidateModel(ctx context.Context) error
- type AuthorizerInterface
- type AuthzClientInterface
Constants ¶
View Source
const ( CAN_ACCESS_RELATION = "can_access" MEMBER_RELATION = "member" )
Variables ¶
View Source
var ErrInvalidAuthModel = fmt.Errorf("invalid authorization model schema")
Functions ¶
func ClientTuple ¶
func GroupMemberTuple ¶
func GroupTuple ¶
Types ¶
type AuthorizationModelProvider ¶
type AuthorizationModelProvider struct {
// contains filtered or unexported fields
}
func NewAuthorizationModelProvider ¶
func NewAuthorizationModelProvider(apiVersion string) *AuthorizationModelProvider
func (*AuthorizationModelProvider) GetModel ¶
func (a *AuthorizationModelProvider) GetModel() *openfga.AuthorizationModel
type Authorizer ¶
type Authorizer struct {
// contains filtered or unexported fields
}
func NewAuthorizer ¶
func NewAuthorizer(client AuthzClientInterface, tracer tracing.TracingInterface, monitor monitoring.MonitorInterface, logger logging.LoggerInterface) *Authorizer
func (*Authorizer) AddAllowedAppToGroup ¶
func (a *Authorizer) AddAllowedAppToGroup(ctx context.Context, groupID, clientID string) error
func (*Authorizer) BatchCanAccess ¶
func (*Authorizer) DeleteGroup ¶
func (a *Authorizer) DeleteGroup(ctx context.Context, group string) error
func (*Authorizer) FilterObjects ¶
func (*Authorizer) ListObjects ¶
func (*Authorizer) RemoveAllAllowedAppsFromGroup ¶
func (a *Authorizer) RemoveAllAllowedAppsFromGroup(ctx context.Context, groupId string) error
func (*Authorizer) RemoveAllAllowedGroupsForApp ¶
func (a *Authorizer) RemoveAllAllowedGroupsForApp(ctx context.Context, clientID string) error
func (*Authorizer) RemoveAllowedAppFromGroup ¶
func (a *Authorizer) RemoveAllowedAppFromGroup(ctx context.Context, groupID, clientID string) error
func (*Authorizer) ValidateModel ¶
func (a *Authorizer) ValidateModel(ctx context.Context) error
type AuthorizerInterface ¶
type AuthorizerInterface interface {
ListObjects(context.Context, string, string, string) ([]string, error)
Check(context.Context, string, string, string, ...openfga.Tuple) (bool, error)
FilterObjects(context.Context, string, string, string, []string) ([]string, error)
ValidateModel(context.Context) error
CanAccess(context.Context, string, string, []string) (bool, error)
BatchCanAccess(context.Context, string, []string, []string) (bool, error)
AddAllowedAppToGroup(context.Context, string, string) error
RemoveAllowedAppFromGroup(context.Context, string, string) error
RemoveAllAllowedAppsFromGroup(context.Context, string) error
RemoveAllAllowedGroupsForApp(context.Context, string) error
DeleteGroup(context.Context, string) error
}
type AuthzClientInterface ¶
type AuthzClientInterface interface {
ListObjects(context.Context, string, string, string) ([]string, error)
Check(context.Context, string, string, string, ...openfga.Tuple) (bool, error)
BatchCheck(context.Context, ...openfga.TupleWithContext) (bool, error)
ReadModel(context.Context) (*fga.AuthorizationModel, error)
CompareModel(context.Context, fga.AuthorizationModel) (bool, error)
ReadTuples(context.Context, string, string, string, string) (*client.ClientReadResponse, error)
WriteTuple(ctx context.Context, user, relation, object string) error
DeleteTuple(ctx context.Context, user, relation, object string) error
DeleteTuples(context.Context, ...openfga.Tuple) error
}
Source Files
Click to show internal directories.
Click to hide internal directories.