Documentation
¶
Index ¶
- func CheckModel(fgaClient *client.OpenFgaClient, storeId string) (string, error)
- func CheckStore(fgaClient *client.OpenFgaClient, storeName string) (string, error)
- type AccessibleResource
- type Authorization
- type Authz
- func (a *Authz) AddRelation(r RelationInput) error
- func (a *Authz) CheckPermission(p PermissionInput) (bool, error)
- func (a *Authz) CheckTuple(r RelationInput) (bool, error)
- func (a *Authz) ListAccessibleResources(p PermissionInput) ([]AccessibleResource, error)
- func (a *Authz) RemoveRelation(r RelationInput) error
- type NoAuthz
- type ObjectId
- type ObjectType
- type PermissionInput
- type RelationInput
- type RelationType
- type UserId
- type UserType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckModel ¶
func CheckModel(fgaClient *client.OpenFgaClient, storeId string) (string, error)
CheckModel checks if an authorization model exists in OpenFGA for the given store.
func CheckStore ¶
func CheckStore(fgaClient *client.OpenFgaClient, storeName string) (string, error)
CheckStore checks if a store with the given name exists in OpenFGA.
Types ¶
type AccessibleResource ¶
type AccessibleResource struct {
ObjectType ObjectType
ObjectId ObjectId
}
type Authorization ¶
type Authorization interface {
// check if userId has permission on resourceId
CheckPermission(p PermissionInput) (bool, error)
// add relationship between userId and resourceId
AddRelation(r RelationInput) error
// remove relationship between userId and resourceId
RemoveRelation(r RelationInput) error
// ListAccessibleResources returns a list of resource Ids that the user can access.
ListAccessibleResources(p PermissionInput) ([]AccessibleResource, error)
}
func NewAuthorizationHandler ¶
func NewAuthorizationHandler(cfg *util.Config, enablelog bool) Authorization
func NewAuthz ¶
func NewAuthz(l *logrus.Logger, cfg *util.Config) Authorization
Creates new Authorization implement using OpenFGA
func NewNoAuthz ¶
func NewNoAuthz(cfg *util.Config) Authorization
type Authz ¶
type Authz struct {
// contains filtered or unexported fields
}
func (*Authz) AddRelation ¶
func (a *Authz) AddRelation(r RelationInput) error
AddRelation adds a relationship between userId and resourceId.
func (*Authz) CheckPermission ¶
func (a *Authz) CheckPermission(p PermissionInput) (bool, error)
CheckPermission checks if userId has permission on resourceId.
func (*Authz) CheckTuple ¶
func (a *Authz) CheckTuple(r RelationInput) (bool, error)
CheckTuple checks if a specific tuple exists in OpenFGA.
func (*Authz) ListAccessibleResources ¶
func (a *Authz) ListAccessibleResources(p PermissionInput) ([]AccessibleResource, error)
ListAccessibleResources returns a list of resource Ids that the user can access.
func (*Authz) RemoveRelation ¶
func (a *Authz) RemoveRelation(r RelationInput) error
RemoveRelation removes a relationship between userId and resourceId.
type NoAuthz ¶
type NoAuthz struct {
// contains filtered or unexported fields
}
func (*NoAuthz) AddRelation ¶
func (a *NoAuthz) AddRelation(r RelationInput) error
AddRelation adds a relationship between userId and resourceId.
func (*NoAuthz) CheckPermission ¶
func (a *NoAuthz) CheckPermission(p PermissionInput) (bool, error)
CheckPermission checks if userId has permission on resourceId.
func (*NoAuthz) ListAccessibleResources ¶
func (a *NoAuthz) ListAccessibleResources(p PermissionInput) ([]AccessibleResource, error)
ListAccessibleResources returns a list of resource Ids that the user can access.
func (*NoAuthz) RemoveRelation ¶
func (a *NoAuthz) RemoveRelation(r RelationInput) error
RemoveRelation removes a relationship between userId and resourceId.
type ObjectType ¶
type ObjectType string
type PermissionInput ¶
type PermissionInput struct {
UserType UserType
UserId UserId
Relation RelationType
ObjectType ObjectType
ObjectId string
}
type RelationInput ¶
type RelationInput struct {
UserType UserType
UserId UserId
Relation RelationType
ObjectType ObjectType
ObjectId string
}
type RelationType ¶
type RelationType string
Source Files