Documentation
¶
Overview ¶
Package privctx propagates the visibility tier of the caller through a Go context. The ent privacy policy (see ent/schema/poc.go) reads the tier via TierFrom and admits Users-visibility rows when the tier is TierUsers.
Tier is set by the HTTP middleware (internal/middleware.PrivacyTier) at the edge of every HTTP request, and — starting v1.15 — by the OAuth callback. The sync worker does NOT use this package; it bypasses the policy via privacy.DecisionContext at worker entry (D-07, D-08).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Tier ¶
type Tier int
Tier identifies the visibility scope of the caller. TierPublic is the zero value so any un-stamped context defaults to the most restrictive (safest) tier — fail-safe-closed per CONTEXT.md D-04.
const ( // TierPublic is the zero-value tier. Anonymous callers see rows whose // upstream visibility is "Public" only. TierPublic Tier = iota // TierUsers is the signed-in / env-elevated tier. The ent privacy // policy admits every row (Public + Users) when the request context // carries this tier. TierUsers )
Source Files
Click to show internal directories.
Click to hide internal directories.