openfga

package
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(cfg *Config) *Client

func (*Client) APIClient 

func (c *Client) APIClient() OpenFGACoreClientInterface

func (*Client) BatchCheck 

func (c *Client) BatchCheck(ctx context.Context, tuples ...TupleWithContext) (bool, error)

func (*Client) Check 

func (c *Client) Check(ctx context.Context, user, relation, object string, tuples ...Tuple) (bool, error)

########################## Check Operations #######################################

func (*Client) CompareModel 

func (c *Client) CompareModel(ctx context.Context, model openfga.AuthorizationModel) (bool, error)

func (*Client) CreateStore 

func (c *Client) CreateStore(ctx context.Context, name string) (string, error)

########################## Store Operations #######################################

func (*Client) DeleteTuple 

func (c *Client) DeleteTuple(ctx context.Context, user, relation, object string) error

func (*Client) DeleteTuples 

func (c *Client) DeleteTuples(ctx context.Context, tuples ...Tuple) error

func (*Client) ListObjects 

func (c *Client) ListObjects(ctx context.Context, user, relation, objectType string) ([]string, error)

func (*Client) ListUsers 

func (c *Client) ListUsers(ctx context.Context, userFilter, relation, object string) ([]string, error)

func (*Client) ReadModel 

func (c *Client) ReadModel(ctx context.Context) (*openfga.AuthorizationModel, error)

########################## Store Operations ####################################### ########################## Model Operations #######################################

func (*Client) ReadTuples 

func (c *Client) ReadTuples(ctx context.Context, user, relation, object, continuationToken string) (*client.ClientReadResponse, error)

########################## Read Operations #######################################

func (*Client) SetAuthorizationModelID 

func (c *Client) SetAuthorizationModelID(ctx context.Context, modelID string) error

func (*Client) SetStoreID 

func (c *Client) SetStoreID(ctx context.Context, storeID string) error

func (*Client) WriteModel 

func (c *Client) WriteModel(ctx context.Context, authModel *client.ClientWriteAuthorizationModelRequest) (string, error)

func (*Client) WriteTuple 

func (c *Client) WriteTuple(ctx context.Context, user, relation, object string) error

########################## Write Operations #######################################

func (*Client) WriteTuples 

func (c *Client) WriteTuples(ctx context.Context, tuples ...Tuple) error

type Config 

type Config struct {
	ApiScheme   string `validate:"required"`
	ApiHost     string `validate:"required"`
	StoreID     string `validate:"required"`
	ApiToken    string `validate:"required"`
	AuthModelID string `validate:"required"`
	Debug       bool

	Tracer  tracing.TracingInterface
	Monitor monitoring.MonitorInterface
	Logger  logging.LoggerInterface
}

func NewConfig 

func NewConfig(apiScheme, apiHost, storeID, apiToken, authModelID string, debug bool, tracer tracing.TracingInterface, monitor monitoring.MonitorInterface, logger logging.LoggerInterface) *Config

type ListPermissionsFiltersInterface 

type ListPermissionsFiltersInterface interface {
	WithFilter() any
}

type NoopClient 

type NoopClient struct {
	// contains filtered or unexported fields
}

func NewNoopClient 

func NewNoopClient(tracer tracing.TracingInterface, monitor monitoring.MonitorInterface, logger logging.LoggerInterface) *NoopClient

func (*NoopClient) BatchCheck 

func (c *NoopClient) BatchCheck(ctx context.Context, tuples ...TupleWithContext) (bool, error)

func (*NoopClient) Check 

func (c *NoopClient) Check(ctx context.Context, user, relation, object string, tuples ...Tuple) (bool, error)

func (*NoopClient) CompareModel 

func (c *NoopClient) CompareModel(ctx context.Context, model openfga.AuthorizationModel) (bool, error)

func (*NoopClient) DeleteTuple 

func (c *NoopClient) DeleteTuple(ctx context.Context, user, relation, object string) error

func (*NoopClient) DeleteTuples 

func (c *NoopClient) DeleteTuples(ctx context.Context, tuples ...Tuple) error

func (*NoopClient) ListObjects 

func (c *NoopClient) ListObjects(ctx context.Context, user, relation, objectType string) ([]string, error)

func (*NoopClient) ListUsers 

func (c *NoopClient) ListUsers(ctx context.Context, userFilter, relation, object string) ([]string, error)

func (*NoopClient) ReadModel 

func (c *NoopClient) ReadModel(ctx context.Context) (*openfga.AuthorizationModel, error)

func (*NoopClient) ReadTuples 

func (c *NoopClient) ReadTuples(ctx context.Context, user, relation, object, continuationToken string) (*client.ClientReadResponse, error)

func (*NoopClient) WriteModel 

func (c *NoopClient) WriteModel(ctx context.Context, model []byte) (string, error)

func (*NoopClient) WriteTuple 

func (c *NoopClient) WriteTuple(ctx context.Context, user, relation, object string) error

func (*NoopClient) WriteTuples 

func (c *NoopClient) WriteTuples(ctx context.Context, tuples ...Tuple) error

type OpenFGAClientInterface 

type OpenFGAClientInterface interface {
	ReadModel(context.Context) (*openfga.AuthorizationModel, error)
	CompareModel(context.Context, openfga.AuthorizationModel) (bool, error)
	ListObjects(context.Context, string, string, string) ([]string, error)
	ListUsers(context.Context, string, string, string) ([]string, error)
	ReadTuples(context.Context, string, string, string, string) (*client.ClientReadResponse, error)
	WriteTuple(ctx context.Context, user, relation, object string) error
	WriteTuples(context.Context, ...Tuple) error
	DeleteTuple(ctx context.Context, user, relation, object string) error
	DeleteTuples(context.Context, ...Tuple) error
	Check(context.Context, string, string, string, ...Tuple) (bool, error)
	BatchCheck(context.Context, ...Tuple) (bool, error)
}

OpenFGAClientInterface is the interface used to decouple the OpenFGA store implementation

type OpenFGACoreClientInterface 

type OpenFGACoreClientInterface interface {
	GetAuthorizationModelId() (string, error)
	CreateStore(context.Context) client.SdkClientCreateStoreRequestInterface
	CreateStoreExecute(client.SdkClientCreateStoreRequestInterface) (*client.ClientCreateStoreResponse, error)
	ReadAuthorizationModel(context.Context) client.SdkClientReadAuthorizationModelRequestInterface
	ReadAuthorizationModelExecute(client.SdkClientReadAuthorizationModelRequestInterface) (*client.ClientReadAuthorizationModelResponse, error)
	ReadAuthorizationModels(context.Context) client.SdkClientReadAuthorizationModelsRequestInterface
	ReadAuthorizationModelsExecute(client.SdkClientReadAuthorizationModelsRequestInterface) (*client.ClientReadAuthorizationModelsResponse, error)
	WriteAuthorizationModel(context.Context) client.SdkClientWriteAuthorizationModelRequestInterface
	WriteAuthorizationModelExecute(client.SdkClientWriteAuthorizationModelRequestInterface) (*client.ClientWriteAuthorizationModelResponse, error)
	Read(context.Context) client.SdkClientReadRequestInterface
	ReadExecute(client.SdkClientReadRequestInterface) (*client.ClientReadResponse, error)
	Check(context.Context) client.SdkClientCheckRequestInterface
	CheckExecute(client.SdkClientCheckRequestInterface) (*client.ClientCheckResponse, error)
	BatchCheck(context.Context) client.SdkClientBatchCheckRequestInterface
	BatchCheckExecute(client.SdkClientBatchCheckRequestInterface) (*openfga.BatchCheckResponse, error)
	Write(context.Context) client.SdkClientWriteRequestInterface
	WriteExecute(client.SdkClientWriteRequestInterface) (*client.ClientWriteResponse, error)
	ListObjects(context.Context) client.SdkClientListObjectsRequestInterface
	ListObjectsExecute(client.SdkClientListObjectsRequestInterface) (*client.ClientListObjectsResponse, error)
	ListUsers(context.Context) client.SdkClientListUsersRequestInterface
	ListUsersExecute(client.SdkClientListUsersRequestInterface) (*client.ClientListUsersResponse, error)
}

type Permission 

type Permission struct {
	Relation string `json:"relation" validate:"required"`
	Object   string `json:"object" validate:"required"`
}

type RelationFilter 

type RelationFilter struct {
	// contains filtered or unexported fields
}

func NewRelationFilter 

func NewRelationFilter(relation string) *RelationFilter

func (*RelationFilter) WithFilter 

func (f *RelationFilter) WithFilter() any

type TokenMapFilter 

type TokenMapFilter struct {
	// contains filtered or unexported fields
}

func NewTokenMapFilter 

func NewTokenMapFilter(tokens map[string]string) *TokenMapFilter

func (*TokenMapFilter) WithFilter 

func (f *TokenMapFilter) WithFilter() any

type Tuple 

type Tuple struct {
	User     string
	Relation string
	Object   string
}

Tuple is simply a wrapper around openfga TupleKey reason to have it is to hide underlying library complexity in case we want to swap it

func NewTuple 

func NewTuple(user, relation, object string) *Tuple

func (*Tuple) Values 

func (t *Tuple) Values() (string, string, string)

type TupleWithContext 

type TupleWithContext struct {
	User             string
	Relation         string
	Object           string
	ContextualTuples []Tuple
}

func NewTupleWithContext 

func NewTupleWithContext(user, relation, object string, ContextualTuples []Tuple) *TupleWithContext

type TypesFilter 

type TypesFilter struct {
	// contains filtered or unexported fields
}

func NewTypesFilter 

func NewTypesFilter(resourceTypes ...string) *TypesFilter

func (*TypesFilter) WithFilter 

func (f *TypesFilter) WithFilter() any

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.