explorer

package

v0.9.7 Latest Latest Go to latest Published: May 13, 2026 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/conductorone/baton-sdk

Links

Open Source Insights

Documentation ¶

Index ¶

type AccessCounts
type BatonService
type Controller
- func NewController(ctx context.Context, store *dotc1z.C1File, syncID, resourceType string, ...) Controller
type EmbededFS
- func (efs EmbededFS) Exists(prefix string, path string) bool
type GrantsWithPrincipalResourceType
type GrantsWithPrincipalResourceTypeListOutput
type ResourceAccessListOutput
type ResourceAccessOutput
type ResourceDetailOutput
type ResourceListOutputWithCount
type ResourceOutputWithCount

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AccessCounts ¶

type AccessCounts struct {
	TotalPrincipals int            `json:"total_principals"`
	CountsByType    map[string]int `json:"counts_by_type"`
}

AccessCounts holds aggregated principal counts by resource type for a given resource.

type BatonService ¶

type BatonService struct {
	// contains filtered or unexported fields
}

func (*BatonService) GetAccess ¶

func (b *BatonService) GetAccess(ctx context.Context, resourceType, resourceID string) (*v1.ResourceAccessListOutput, error)

GetAccess returns grants for a principal (user). Since users typically have <100 grants, this exhausts pagination.

func (*BatonService) GetAccessForResource ¶

func (b *BatonService) GetAccessForResource(
	ctx context.Context, resourceType, resourceID string, pageSize int, pageToken string, computeCounts bool,
) (*ResourceAccessListOutput, string, *AccessCounts, error)

GetAccessForResource returns grants for a resource (group/role), paginated by distinct principals. When computeCounts is true (first page), it performs a full scan to collect both paginated results and total counts by type in a single pass, avoiding a separate full scan for counts.

func (*BatonService) GetEntitlements ¶

func (b *BatonService) GetEntitlements(ctx context.Context, pageToken string) (*v1.EntitlementListOutput, string, error)

func (*BatonService) GetPrincipals ¶

func (b *BatonService) GetPrincipals(
	ctx context.Context, resourceType, resourceID string, pageToken string,
) (*v1.ResourceListOutput, string, error)

GetPrincipals returns one page of user-trait principals for a resource.

func (*BatonService) GetResourceById ¶

func (b *BatonService) GetResourceById(ctx context.Context, resourceType, resourceID string) (*ResourceDetailOutput, error)

func (*BatonService) GetResourceTypes ¶

func (b *BatonService) GetResourceTypes(ctx context.Context, pageToken string) (*v1.ResourceTypeListOutput, string, error)

func (*BatonService) GetResources ¶

func (b *BatonService) GetResources(ctx context.Context, resourceTypeID string, pageToken string) (*v1.ResourceListOutput, string, error)

func (*BatonService) GetResourcesWithPrincipalCount ¶

func (b *BatonService) GetResourcesWithPrincipalCount(
	ctx context.Context, resourceType string,
) (*ResourceListOutputWithCount, error)

GetResourcesWithPrincipalCount returns resources of a type with user principal counts. Results are cached.

func (*BatonService) SearchGrants ¶

func (b *BatonService) SearchGrants(
	ctx context.Context, expression string, resourceType, resourceID string, pageSize int, pageToken string,
) ([]*ResourceAccessOutput, string, error)

SearchGrants searches grants for a specific resource using a CEL expression.

func (*BatonService) SearchGrantsForPrincipal ¶

func (b *BatonService) SearchGrantsForPrincipal(
	ctx context.Context, expression string, resourceType, resourceID string, pageSize int, pageToken string,
) ([]*v1.ResourceAccessOutput, string, error)

SearchGrantsForPrincipal searches grants where this resource is a principal using a CEL expression.

func (*BatonService) SearchResources ¶

func (b *BatonService) SearchResources(
	ctx context.Context, expression string, resourceTypeID string, pageSize int, pageToken string,
) ([]*v1.ResourceOutput, string, error)

SearchResources searches resources using a CEL expression. Iterates through all resources of the given type.

type Controller ¶

type Controller struct {
	// contains filtered or unexported fields
}

func NewController ¶

func NewController(ctx context.Context, store *dotc1z.C1File, syncID, resourceType string, devMode bool) Controller

func (*Controller) GetAccessHandler ¶

func (ctrl *Controller) GetAccessHandler(c *gin.Context)

func (*Controller) GetEntitlementsHandler ¶

func (ctrl *Controller) GetEntitlementsHandler(c *gin.Context)

func (*Controller) GetGrantsForResourceHandler ¶

func (ctrl *Controller) GetGrantsForResourceHandler(c *gin.Context)

func (*Controller) GetResourceHandler ¶

func (ctrl *Controller) GetResourceHandler(c *gin.Context)

func (*Controller) GetResourceTypesHandler ¶

func (ctrl *Controller) GetResourceTypesHandler(c *gin.Context)

func (*Controller) GetResourcesHandler ¶

func (ctrl *Controller) GetResourcesHandler(c *gin.Context)

func (*Controller) GetResourcesWithPrincipalCountHandler ¶

func (ctrl *Controller) GetResourcesWithPrincipalCountHandler(c *gin.Context)

func (*Controller) Run ¶

func (ctrl *Controller) Run(addr string) error

func (*Controller) SearchHandler ¶

func (ctrl *Controller) SearchHandler(c *gin.Context)

type EmbededFS ¶

type EmbededFS struct {
	http.FileSystem
}

func (EmbededFS) Exists ¶

func (efs EmbededFS) Exists(prefix string, path string) bool

type GrantsWithPrincipalResourceType ¶

type GrantsWithPrincipalResourceType struct {
	*v1.GrantOutput
	PrincipalResourceType *v2.ResourceType `json:"principal_resource_type,omitempty"`
}

type GrantsWithPrincipalResourceTypeListOutput ¶

type GrantsWithPrincipalResourceTypeListOutput struct {
	Grants []*GrantsWithPrincipalResourceType `json:"grants,omitempty"`
}

type ResourceAccessListOutput ¶

type ResourceAccessListOutput struct {
	Resource        *v2.Resource            `json:"resource,omitempty"`
	ResourceType    *v2.ResourceType        `json:"resource_type,omitempty"`
	PrincipalAccess []*ResourceAccessOutput `json:"access,omitempty"`
}

type ResourceAccessOutput ¶

type ResourceAccessOutput struct {
	ResourceType *v2.ResourceType  `json:"resource_type,omitempty"`
	Resource     *v2.Resource      `json:"resource,omitempty"`
	Grants       []*v2.Grant       `json:"grants,omitempty"`
	Entitlements []*v2.Entitlement `json:"entitlements,omitempty"`
	Profile      map[string]string `json:"profile,omitempty"`
}

type ResourceDetailOutput ¶

type ResourceDetailOutput struct {
	Resource     *v2.Resource      `json:"resource,omitempty"`
	ResourceType *v2.ResourceType  `json:"resource_type,omitempty"`
	Parent       *v2.Resource      `json:"parent,omitempty"`
	Profile      map[string]string `json:"profile,omitempty"`
}

ResourceDetailOutput wraps a resource with its extracted profile fields for JSON serialization.

type ResourceListOutputWithCount ¶

type ResourceListOutputWithCount struct {
	Resources []*ResourceOutputWithCount `json:"resources,omitempty"`
}

type ResourceOutputWithCount ¶

type ResourceOutputWithCount struct {
	Resource     *v2.Resource     `json:"resource,omitempty"`
	ResourceType *v2.ResourceType `json:"resource_type,omitempty"`
	Parent       *v2.Resource     `json:"parent,omitempty"`
	UserCount    int              `json:"userCount"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL