README
¶
Carabiner Lamplight Client
This repository contains the client library for Carabiner's Lamplight service. Lamplight is Carabiner's permissions system. It is not open source (for now at least!), but the client is.
You are welcome to use this client to interact with the lamplight service in your own applications, but we recommend that if you develop an app that needs IAM capabilities you use the higher livel libraries of our SDK.
Documentation
¶
Overview ¶
Package ll provides a client for interacting with a Lamplight server.
Index ¶
- func DecodeID(s string) string
- func EncodeID(s string) string
- func FormatTuple(t *llv1.RelationTuple) string
- func FormatTupleDecoded(t *llv1.RelationTuple) string
- func ParseTuple(s string) (*llv1.RelationTuple, error)
- func ValidateEncodedID(s string) error
- func ValidateTuple(t *llv1.RelationTuple) error
- type Client
- type GRPCClient
- func (c *GRPCClient) Check(ctx context.Context, t *llv1.RelationTuple) (bool, error)
- func (c *GRPCClient) Close() error
- func (c *GRPCClient) Delete(ctx context.Context, filter *llv1.RelationTupleFilter) error
- func (c *GRPCClient) DeleteSchemaSet(ctx context.Context, name string) error
- func (c *GRPCClient) Expand(ctx context.Context, objectType, objectID, permission string) (*llv1.ExpandTree, error)
- func (c *GRPCClient) ListObjects(ctx context.Context, subjectType, subjectID, permission, objectType string) ([]string, error)
- func (c *GRPCClient) ListSchemaSets(ctx context.Context) ([]string, error)
- func (c *GRPCClient) Read(ctx context.Context, filter *llv1.RelationTupleFilter) ([]*llv1.RelationTuple, error)
- func (c *GRPCClient) ReadSchema(ctx context.Context) (string, error)
- func (c *GRPCClient) ReadSchemaSet(ctx context.Context, name string) (string, error)
- func (c *GRPCClient) WhoAmI(ctx context.Context) (*llv1.WhoAmIResponse, error)
- func (c *GRPCClient) Write(ctx context.Context, writes, deletes []*llv1.RelationTuple) error
- func (c *GRPCClient) WriteSchema(ctx context.Context, yamlData string) error
- type Option
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EncodeID ¶
EncodeID URL-encodes special characters in an ID that would conflict with tuple delimiters. Characters encoded: @ # : %
func FormatTuple ¶
func FormatTuple(t *llv1.RelationTuple) string
FormatTuple formats a RelationTuple as a string. IDs are stored URL-encoded, so this returns the encoded form.
func FormatTupleDecoded ¶
func FormatTupleDecoded(t *llv1.RelationTuple) string
FormatTupleDecoded formats a RelationTuple as a string with decoded IDs. This is useful for human-readable display. IDs containing special characters are wrapped in quotes.
func ParseTuple ¶
func ParseTuple(s string) (*llv1.RelationTuple, error)
ParseTuple parses a string like "document:doc1#viewer@user:alice" into a RelationTuple. Supports quoted values for IDs containing special characters:
- document:"doc@1"#viewer@user:alice
- document:doc1#viewer@user:"bob@email.com"
Quoted values are URL-encoded in the resulting tuple. Already percent-encoded values are passed through as-is.
func ValidateEncodedID ¶
ValidateEncodedID checks that an ID is properly percent-encoded. Any '%' must be followed by exactly two hex digits.
func ValidateTuple ¶
func ValidateTuple(t *llv1.RelationTuple) error
ValidateTuple checks that a tuple has valid syntax and properly encoded IDs. It does not validate against a schema (that's done server-side).
Types ¶
type Client ¶
type Client interface {
Check(ctx context.Context, tuple *llv1.RelationTuple) (bool, error)
Write(ctx context.Context, writes, deletes []*llv1.RelationTuple) error
Read(ctx context.Context, filter *llv1.RelationTupleFilter) ([]*llv1.RelationTuple, error)
Delete(ctx context.Context, filter *llv1.RelationTupleFilter) error
ListObjects(ctx context.Context, subjectType, subjectID, permission, objectType string) ([]string, error)
Expand(ctx context.Context, objectType, objectID, permission string) (*llv1.ExpandTree, error)
WriteSchema(ctx context.Context, yamlData string) error
ReadSchema(ctx context.Context) (string, error)
ReadSchemaSet(ctx context.Context, name string) (string, error)
ListSchemaSets(ctx context.Context) ([]string, error)
DeleteSchemaSet(ctx context.Context, name string) error
WhoAmI(ctx context.Context) (*llv1.WhoAmIResponse, error)
Close() error
}
Client is the interface for interacting with a Lamplight server.
type GRPCClient ¶
type GRPCClient struct {
// contains filtered or unexported fields
}
GRPCClient implements Client using gRPC.
func (*GRPCClient) Check ¶
func (c *GRPCClient) Check(ctx context.Context, t *llv1.RelationTuple) (bool, error)
func (*GRPCClient) Close ¶
func (c *GRPCClient) Close() error
func (*GRPCClient) Delete ¶
func (c *GRPCClient) Delete(ctx context.Context, filter *llv1.RelationTupleFilter) error
func (*GRPCClient) DeleteSchemaSet ¶
func (c *GRPCClient) DeleteSchemaSet(ctx context.Context, name string) error
func (*GRPCClient) Expand ¶
func (c *GRPCClient) Expand(ctx context.Context, objectType, objectID, permission string) (*llv1.ExpandTree, error)
func (*GRPCClient) ListObjects ¶
func (*GRPCClient) ListSchemaSets ¶
func (c *GRPCClient) ListSchemaSets(ctx context.Context) ([]string, error)
func (*GRPCClient) Read ¶
func (c *GRPCClient) Read(ctx context.Context, filter *llv1.RelationTupleFilter) ([]*llv1.RelationTuple, error)
func (*GRPCClient) ReadSchema ¶
func (c *GRPCClient) ReadSchema(ctx context.Context) (string, error)
func (*GRPCClient) ReadSchemaSet ¶
func (*GRPCClient) WhoAmI ¶
func (c *GRPCClient) WhoAmI(ctx context.Context) (*llv1.WhoAmIResponse, error)
func (*GRPCClient) Write ¶
func (c *GRPCClient) Write(ctx context.Context, writes, deletes []*llv1.RelationTuple) error
func (*GRPCClient) WriteSchema ¶
func (c *GRPCClient) WriteSchema(ctx context.Context, yamlData string) error
Source Files
Directories