api

package
v0.0.0-...-06614a5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 1, 2026 License: Apache-2.0 Imports: 54 Imported by: 0

Documentation

Overview

Package api provides primitives to interact with the openapi HTTP API.

Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.4.1 DO NOT EDIT.

Index

Constants

View Source 
const (
	DefaultMaxActiveInvocations  = 1
	DefaultMaxInvocationsPerHour = 10
)

Default quota values

View Source 
const (
	InvocationStatusPending    = "pending"
	InvocationStatusInProgress = "in_progress"
	InvocationStatusCompleted  = "completed"
	InvocationStatusFailed     = "failed"
)

Invocation status constants

View Source 
const (
	// EveryonePseudoGroup is a special group that matches all authenticated users
	// regardless of their identity provider or actual group memberships
	EveryonePseudoGroup = "everyone"

	// EveryonePseudoGroupUUID is the flag UUID used to represent the "everyone" pseudo-group
	// in the database. This allows storing "everyone" in a UUID column (subject_internal_uuid).
	// The zero UUID (all zeros) is used as it will never conflict with real user UUIDs.
	EveryonePseudoGroupUUID = "00000000-0000-0000-0000-000000000000"
)

Pseudo-group constants

View Source 
const (
	ThreatModelCacheTTL = 10 * time.Minute // 10-15 minutes for threat models
	DiagramCacheTTL     = 2 * time.Minute  // 2-3 minutes for diagrams
	SubResourceCacheTTL = 5 * time.Minute  // 5-10 minutes for sub-resources
	AuthCacheTTL        = 15 * time.Minute // 15 minutes for authorization data
	MetadataCacheTTL    = 7 * time.Minute  // 5-10 minutes for metadata
	ListCacheTTL        = 5 * time.Minute  // 5 minutes for paginated lists
)

Cache TTL configurations based on the implementation plan

View Source 
const (
	// Threat Model Events
	EventThreatModelCreated = "threat_model.created"
	EventThreatModelUpdated = "threat_model.updated"
	EventThreatModelDeleted = "threat_model.deleted"

	// Diagram Events
	EventDiagramCreated = "diagram.created"
	EventDiagramUpdated = "diagram.updated"
	EventDiagramDeleted = "diagram.deleted"

	// Document Events
	EventDocumentCreated = "document.created"
	EventDocumentUpdated = "document.updated"
	EventDocumentDeleted = "document.deleted"

	// Note Events
	EventNoteCreated = "note.created"
	EventNoteUpdated = "note.updated"
	EventNoteDeleted = "note.deleted"

	// Repository Events
	EventRepositoryCreated = "repository.created"
	EventRepositoryUpdated = "repository.updated"
	EventRepositoryDeleted = "repository.deleted"

	// Asset Events
	EventAssetCreated = "asset.created"
	EventAssetUpdated = "asset.updated"
	EventAssetDeleted = "asset.deleted"

	// Threat Events
	EventThreatCreated = "threat.created"
	EventThreatUpdated = "threat.updated"
	EventThreatDeleted = "threat.deleted"

	// Metadata Events
	EventMetadataCreated = "metadata.created"
	EventMetadataUpdated = "metadata.updated"
	EventMetadataDeleted = "metadata.deleted"

	// Addon Events
	EventAddonInvoked = "addon.invoked"
)

Event type constants for webhook emissions

View Source 
const (
	// User API Quota limits
	MaxRequestsPerMinute = 10000  // Maximum API requests per minute per user
	MaxRequestsPerHour   = 600000 // Maximum API requests per hour per user

	// Webhook Quota limits
	MaxSubscriptions                 = 100   // Maximum webhook subscriptions per user
	MaxEventsPerMinute               = 1000  // Maximum webhook events per minute
	MaxSubscriptionRequestsPerMinute = 100   // Maximum subscription requests per minute
	MaxSubscriptionRequestsPerDay    = 10000 // Maximum subscription requests per day

	// Addon Invocation Quota limits
	MaxActiveInvocations  = 10   // Maximum concurrent active addon invocations
	MaxInvocationsPerHour = 1000 // Maximum addon invocations per hour
)

Quota ceiling constants define maximum allowed values for various quota types These limits prevent integer overflow and ensure system stability

View Source 
const (
	DefaultMaxRequestsPerMinute = 1000  // Increased from 100 for fuzz testing
	DefaultMaxRequestsPerHour   = 60000 // Increased from 6000 for fuzz testing
)

Default user API quota values Note: These are set high for development and fuzz testing. In production, consider lowering these values and implementing tiered quotas per user role.

View Source 
const (
	DefaultMaxSubscriptions                 = 10
	DefaultMaxEventsPerMinute               = 12
	DefaultMaxSubscriptionRequestsPerMinute = 10
	DefaultMaxSubscriptionRequestsPerDay    = 20
)

Default quota values

View Source 
const AddonInvocationTTL = 7 * 24 * time.Hour

AddonInvocationTTL is the Redis TTL for invocations (7 days)

View Source 
const AddonInvocationTimeout = 15 * time.Minute

AddonInvocationTimeout is the inactivity timeout for invocations (15 minutes)

View Source 
const (
	AuthTypeTMI10 = "tmi-1.0"
)

Authorization type constants

View Source 
const (
	BearerAuthScopes = "bearerAuth.Scopes"
)
View Source 
const (
	DefaultClientCredentialQuota = 10
)

Default quota value

View Source 
const (
	// MaxIconLength is the maximum allowed length for icon strings
	MaxIconLength = 60
)
View Source 
const (
	ProtectedGroupEveryone = "everyone"
)

Protected group names that cannot be deleted

Variables

View Source 
var (
	// Major version number
	VersionMajor = "0"
	// Minor version number
	VersionMinor = "243"
	// Patch version number
	VersionPatch = "53"
	// GitCommit is the git commit hash from build
	GitCommit = "development"
	// BuildDate is the build timestamp
	BuildDate = "unknown"
	// APIVersion is the API version string
	APIVersion = "v1"
)

These values are set during build time

View Source 
var CommonValidators = NewValidatorRegistry()

Global validator registry instance

View Source 
var ErrAccessDenied = errors.New("access denied")

ErrAccessDenied indicates an authorization failure

View Source 
var TMIObjectTypes = []string{
	"threat_model",
	"diagram",
	"asset",
	"threat",
	"document",
	"note",
	"repository",
	"metadata",
}

TMI object types taxonomy (valid values for objects field)

View Source 
var TestFixtures struct {
	// Test users for authorization
	OwnerUser  string
	WriterUser string
	ReaderUser string

	// Owner field values
	Owner string

	// Test threat models
	ThreatModel   ThreatModel
	ThreatModelID string

	// Test diagrams
	Diagram     DfdDiagram
	DiagramID   string
	DiagramAuth []Authorization // Store authorization separately since it's not in the Diagram struct

	// Test flags
	Initialized bool
}
View Source 
var ValidationConfigs = map[string]ValidationConfig{

	"threat_model_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at", "created_by", "owner",
			"diagrams", "documents", "threats", "sourceCode",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"authorization", "email_format", "no_html_injection", "string_length",
		}),
		Operation: "POST",
	},

	"threat_model_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at", "created_by",
			"diagrams", "documents", "threats", "sourceCode",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"authorization", "email_format", "no_html_injection", "string_length",
		}),
		AllowOwnerField: true,
		Operation:       "PUT",
	},

	"diagram_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"diagram_type", "no_html_injection", "string_length",
		}),
		Operation: "POST",
	},

	"diagram_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"diagram_type", "no_html_injection", "string_length",
		}),
		Operation: "PUT",
	},

	"document_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "url_format", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			doc, ok := data.(*Document)
			if !ok {
				return InvalidInputError("Invalid data type for document validation")
			}
			if doc.Name == "" {
				return InvalidInputError("Document name is required")
			}
			if doc.Uri == "" {
				return InvalidInputError("Document URI is required")
			}
			return nil
		}),
		Operation: "POST",
	},

	"document_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "url_format", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			doc, ok := data.(*Document)
			if !ok {
				return InvalidInputError("Invalid data type for document validation")
			}
			if doc.Name == "" {
				return InvalidInputError("Document name is required")
			}
			if doc.Uri == "" {
				return InvalidInputError("Document URI is required")
			}
			return nil
		}),
		Operation: "PUT",
	},

	"note_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "note_markdown", "string_length",
		}), func(data interface{}) error {

			note, ok := data.(*Note)
			if !ok {
				return InvalidInputError("Invalid data type for note validation")
			}
			if note.Name == "" {
				return InvalidInputError("Note name is required")
			}
			if note.Content == "" {
				return InvalidInputError("Note content is required")
			}
			return nil
		}),
		Operation: "POST",
	},

	"note_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "note_markdown", "string_length",
		}), func(data interface{}) error {

			note, ok := data.(*Note)
			if !ok {
				return InvalidInputError("Invalid data type for note validation")
			}
			if note.Name == "" {
				return InvalidInputError("Note name is required")
			}
			if note.Content == "" {
				return InvalidInputError("Note content is required")
			}
			return nil
		}),
		Operation: "PUT",
	},

	"repository_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "url_format", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			repository, ok := data.(*Repository)
			if !ok {
				return InvalidInputError("Invalid data type for repository validation")
			}
			if repository.Uri == "" {
				return InvalidInputError("Repository URI is required")
			}
			return nil
		}),
		Operation: "POST",
	},

	"repository_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "url_format", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			repository, ok := data.(*Repository)
			if !ok {
				return InvalidInputError("Invalid data type for repository validation")
			}
			if repository.Uri == "" {
				return InvalidInputError("Repository URI is required")
			}
			return nil
		}),
		Operation: "PUT",
	},

	"threat_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "threat_severity", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			threat, ok := data.(*Threat)
			if !ok {
				return InvalidInputError("Invalid data type for threat validation")
			}
			if threat.Name == "" {
				return InvalidInputError("Threat name is required")
			}
			return nil
		}),
		Operation: "POST",
	},

	"threat_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "threat_severity", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			threat, ok := data.(*Threat)
			if !ok {
				return InvalidInputError("Invalid data type for threat validation")
			}
			if threat.Name == "" {
				return InvalidInputError("Threat name is required")
			}
			return nil
		}),
		Operation: "PUT",
	},

	"metadata_create": {
		ProhibitedFields: []string{},
		CustomValidators: CommonValidators.GetValidators([]string{
			"metadata_key", "no_html_injection", "string_length",
		}),
		Operation: "POST",
	},

	"metadata_update": {
		ProhibitedFields: []string{},
		CustomValidators: CommonValidators.GetValidators([]string{
			"metadata_key", "no_html_injection", "string_length",
		}),
		Operation: "PUT",
	},

	"cell_create": {
		ProhibitedFields: []string{
			"id",
		},
		CustomValidators: []ValidatorFunc{ValidateUUIDFieldsFromStruct},
		Operation:        "POST",
	},

	"cell_update": {
		ProhibitedFields: []string{
			"id",
		},
		CustomValidators: []ValidatorFunc{ValidateUUIDFieldsFromStruct},
		Operation:        "PUT",
	},

	"asset_create": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			asset, ok := data.(*Asset)
			if !ok {
				return InvalidInputError("Invalid data type for asset validation")
			}
			if asset.Name == "" {
				return InvalidInputError("Asset name is required")
			}
			if asset.Type == "" {
				return InvalidInputError("Asset type is required")
			}

			validTypes := map[AssetType]bool{
				"data": true, "hardware": true, "software": true,
				"infrastructure": true, "service": true, "personnel": true,
			}
			if !validTypes[asset.Type] {
				return InvalidInputError("Invalid asset type, must be one of: data, hardware, software, infrastructure, service, personnel")
			}

			if asset.Classification != nil && len(*asset.Classification) > 50 {
				return InvalidInputError("Asset classification array exceeds maximum of 50 items")
			}

			if asset.Sensitivity != nil && len(*asset.Sensitivity) > 128 {
				return InvalidInputError("Asset sensitivity exceeds maximum of 128 characters")
			}
			return nil
		}),
		Operation: "POST",
	},

	"asset_update": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: append(CommonValidators.GetValidators([]string{
			"uuid_fields", "no_html_injection", "string_length",
		}), func(data interface{}) error {

			asset, ok := data.(*Asset)
			if !ok {
				return InvalidInputError("Invalid data type for asset validation")
			}
			if asset.Name == "" {
				return InvalidInputError("Asset name is required")
			}
			if asset.Type == "" {
				return InvalidInputError("Asset type is required")
			}

			validTypes := map[AssetType]bool{
				"data": true, "hardware": true, "software": true,
				"infrastructure": true, "service": true, "personnel": true,
			}
			if !validTypes[asset.Type] {
				return InvalidInputError("Invalid asset type, must be one of: data, hardware, software, infrastructure, service, personnel")
			}

			if asset.Classification != nil && len(*asset.Classification) > 50 {
				return InvalidInputError("Asset classification array exceeds maximum of 50 items")
			}

			if asset.Sensitivity != nil && len(*asset.Sensitivity) > 128 {
				return InvalidInputError("Asset sensitivity exceeds maximum of 128 characters")
			}
			return nil
		}),
		Operation: "PUT",
	},

	"batch_patch": {
		ProhibitedFields: []string{},
		CustomValidators: []ValidatorFunc{},
		Operation:        "PATCH",
	},

	"batch_delete": {
		ProhibitedFields: []string{},
		CustomValidators: []ValidatorFunc{},
		Operation:        "DELETE",
	},

	"asset_patch": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"no_html_injection", "string_length",
		}),
		Operation: "PATCH",
	},

	"document_patch": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"no_html_injection", "string_length",
		}),
		Operation: "PATCH",
	},

	"note_patch": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"no_html_injection", "string_length",
		}),
		Operation: "PATCH",
	},

	"repository_patch": {
		ProhibitedFields: []string{
			"id", "created_at", "modified_at",
		},
		CustomValidators: CommonValidators.GetValidators([]string{
			"no_html_injection", "string_length",
		}),
		Operation: "PATCH",
	},
}

ValidationConfigs defines validation rules for each endpoint

Functions

func AcceptHeaderValidation 

func AcceptHeaderValidation() gin.HandlerFunc

AcceptHeaderValidation middleware validates that the Accept header is application/json Returns 406 Not Acceptable for unsupported media types

func AcceptLanguageMiddleware 

func AcceptLanguageMiddleware() gin.HandlerFunc

AcceptLanguageMiddleware handles Accept-Language headers gracefully

func AccessCheck 

func AccessCheck(principal string, requiredRole Role, authData AuthorizationData) bool

AccessCheck performs core authorization logic Returns true if the principal has the required role for the given authorization data

func AccessCheckWithGroups 

func AccessCheckWithGroups(principal string, principalProviderID string, principalInternalUUID string, principalIdP string, principalGroups []string, requiredRole Role, authData AuthorizationData) bool

AccessCheckWithGroups performs authorization check with group support and flexible user matching Returns true if the principal or one of their groups has the required role Uses flexible matching: email, provider_user_id, or internal_uuid

func AccessCheckWithGroupsAndIdPLookup 

func AccessCheckWithGroupsAndIdPLookup(principal string, principalProviderID string, principalInternalUUID string, principalIdP string, principalGroups []string, requiredRole Role, authData AuthorizationData) bool

AccessCheckWithGroupsAndIdPLookup performs authorization check with group support and flexible user matching Returns true if the principal or one of their groups has the required role Uses flexible matching algorithm: 1. Try direct match (internal_uuid, provider_user_id, or email)

func AdministratorMiddleware 

func AdministratorMiddleware() gin.HandlerFunc

AdministratorMiddleware creates a middleware that requires the user to be an administrator

func ApplyPatchOperations 

func ApplyPatchOperations[T any](original T, operations []PatchOperation) (T, error)

ApplyPatchOperations applies JSON Patch operations to an entity and returns the modified entity

func AssertAuthDataEqual 

func AssertAuthDataEqual(t *testing.T, expected, actual *AuthorizationData)

AssertAuthDataEqual compares two AuthorizationData structs for equality

func AssertDocumentEqual 

func AssertDocumentEqual(d1, d2 Document) bool

AssertDocumentEqual compares two documents for testing equality

func AssertMetadataEqual 

func AssertMetadataEqual(m1, m2 Metadata) bool

AssertMetadataEqual compares two metadata items for testing equality

func AssertRepositoryEqual 

func AssertRepositoryEqual(r1, r2 Repository) bool

AssertRepositoryEqual compares two repositories for testing equality

func AssertThreatEqual 

func AssertThreatEqual(t1, t2 Threat) bool

AssertThreatEqual compares two threats for testing equality

func AuthFlowRateLimitMiddleware 

func AuthFlowRateLimitMiddleware(server *Server) gin.HandlerFunc

AuthFlowRateLimitMiddleware creates middleware for multi-scope auth flow rate limiting (Tier 2)

func BoundaryValueValidationMiddleware 

func BoundaryValueValidationMiddleware() gin.HandlerFunc

BoundaryValueValidationMiddleware enhances validation of boundary values in JSON

func BroadcastCollaborationStarted 

func BroadcastCollaborationStarted(userID, diagramID, diagramName, threatModelID, threatModelName, sessionID string)

BroadcastCollaborationStarted notifies about a new collaboration session

func BroadcastSystemAnnouncement 

func BroadcastSystemAnnouncement(message string, severity string, actionRequired bool, actionURL string)

BroadcastSystemAnnouncement sends a system-wide announcement

func BroadcastThreatModelCreated 

func BroadcastThreatModelCreated(userID, threatModelID, threatModelName string)

BroadcastThreatModelCreated notifies all connected clients about a new threat model

func BroadcastThreatModelDeleted 

func BroadcastThreatModelDeleted(userID, threatModelID, threatModelName string)

BroadcastThreatModelDeleted notifies all connected clients about a deleted threat model

func BroadcastThreatModelUpdated 

func BroadcastThreatModelUpdated(userID, threatModelID, threatModelName string)

BroadcastThreatModelUpdated notifies all connected clients about an updated threat model

func CORS 

func CORS() gin.HandlerFunc

CORS middleware to handle Cross-Origin Resource Sharing

func CheckDiagramAccess 

func CheckDiagramAccess(userEmail string, userProviderID string, userInternalUUID string, userIdP string, userGroups []string, diagram DfdDiagram, requiredRole Role) error

CheckDiagramAccess checks if a user has required access to a diagram This now supports both user and group authorization with IdP scoping and flexible user matching

func CheckOwnershipChanges 

func CheckOwnershipChanges(operations []PatchOperation) (ownerChanging, authChanging bool)

CheckOwnershipChanges analyzes patch operations to determine if owner or authorization fields are being modified

func CheckResourceAccess 

func CheckResourceAccess(subject string, resource interface{}, requiredRole Role) (bool, error)

CheckResourceAccess is a utility function that checks if a subject has required access to a resource This function uses the basic AccessCheck and does NOT support group-based authorization. For group support (including "everyone" pseudo-group), use CheckResourceAccessWithGroups instead. Note: subject can be a user email or user ID, but group matching is not supported by this function.

func CheckResourceAccessFromContext 

func CheckResourceAccessFromContext(c *gin.Context, subject string, resource interface{}, requiredRole Role) (bool, error)

CheckResourceAccessFromContext checks resource access using subject info from Gin context This is a convenience function that extracts subject (user email/ID), IdP, and groups from the context and calls CheckResourceAccessWithGroups for group-aware authorization including "everyone" pseudo-group.

func CheckResourceAccessWithGroups 

func CheckResourceAccessWithGroups(subject string, subjectProviderID string, subjectInternalUUID string, subjectIdP string, subjectGroups []string, resource interface{}, requiredRole Role) (bool, error)

CheckResourceAccessWithGroups checks if a subject has required access to a resource with group support This function supports group-based authorization including the "everyone" pseudo-group. The subject can be a user email or user ID. The function also checks group memberships.

func CheckSubResourceAccess 

func CheckSubResourceAccess(ctx context.Context, db *sql.DB, cache *CacheService, principal, principalProviderID, principalInternalUUID, principalIdP string, principalGroups []string, threatModelID string, requiredRole Role) (bool, error)

CheckSubResourceAccess validates if a user has the required access to a sub-resource This function implements authorization inheritance with Redis caching for performance Now supports group-based authorization with IdP scoping and flexible user matching

func CheckSubResourceAccessWithoutCache 

func CheckSubResourceAccessWithoutCache(ctx context.Context, db *sql.DB, principal, principalProviderID, principalInternalUUID, principalIdP string, principalGroups []string, threatModelID string, requiredRole Role) (bool, error)

CheckSubResourceAccessWithoutCache validates sub-resource access without caching This is useful for testing or when caching is not available Now supports group-based authorization with IdP scoping and flexible user matching

func CheckThreatModelAccess 

func CheckThreatModelAccess(userEmail string, userProviderID string, userInternalUUID string, userIdP string, userGroups []string, threatModel ThreatModel, requiredRole Role) error

CheckThreatModelAccess checks if a user has required access to a threat model This now supports both user and group authorization with IdP scoping

func CleanupTestFixtures 

func CleanupTestFixtures(ctx context.Context) error

CleanupTestFixtures removes all test data from stores

func ContentTypeValidationMiddleware 

func ContentTypeValidationMiddleware() gin.HandlerFunc

ContentTypeValidationMiddleware validates Content-Type header and rejects unsupported types

func ContextTimeout 

func ContextTimeout(timeout time.Duration) gin.HandlerFunc

ContextTimeout adds a timeout to the request context

func CreateAddon 

func CreateAddon(c *gin.Context)

CreateAddon creates a new add-on (admin only)

func CurrentTime 

func CurrentTime() time.Time

CurrentTime returns current time in UTC

func CustomRecoveryMiddleware 

func CustomRecoveryMiddleware() gin.HandlerFunc

CustomRecoveryMiddleware returns a Gin middleware that recovers from panics and returns appropriate error responses without exposing sensitive information

func DeleteAddon 

func DeleteAddon(c *gin.Context)

DeleteAddon deletes an add-on (admin only)

func DetailedRequestLoggingMiddleware 

func DetailedRequestLoggingMiddleware() gin.HandlerFunc

DetailedRequestLoggingMiddleware logs request details at each stage

func DiagramMiddleware 

func DiagramMiddleware() gin.HandlerFunc

DiagramMiddleware creates middleware for diagram authorization

func DuplicateHeaderValidationMiddleware 

func DuplicateHeaderValidationMiddleware() gin.HandlerFunc

DuplicateHeaderValidationMiddleware rejects requests with duplicate critical security headers Per RFC 7230 Section 3.2.2, duplicate headers are only allowed if the header is defined as a comma-separated list or is a known exception (like Set-Cookie). Duplicate security-critical headers can enable various attacks including request smuggling, authentication bypass, and cache poisoning.

func EnrichAuthorizationEntry 

func EnrichAuthorizationEntry(ctx context.Context, db *sql.DB, auth *Authorization) error

EnrichAuthorizationEntry enriches a single Authorization entry by looking up missing fields from the users table. The caller must provide:

  • provider: REQUIRED - the identity provider name
  • EXACTLY ONE OF: provider_id (email/OAuth sub) OR email

The function will lookup the user in the database and fill in missing fields. For new users (not yet in database), it performs a sparse insert that will be completed when the user logs in via OAuth.

Group principals are skipped (no enrichment needed).

func EnrichAuthorizationList 

func EnrichAuthorizationList(ctx context.Context, db *sql.DB, authList []Authorization) error

EnrichAuthorizationList enriches all authorization entries in a list

func ExtractOptionalUUID 

func ExtractOptionalUUID(c *gin.Context, paramName string) (uuid.UUID, error)

ExtractOptionalUUID extracts and validates an optional UUID from a path parameter Returns the parsed UUID (or uuid.Nil if not present), and an error if parsing fails

func ExtractRequiredUUIDs 

func ExtractRequiredUUIDs(c *gin.Context, paramNames ...string) (map[string]uuid.UUID, error)

ExtractRequiredUUIDs extracts and validates multiple required UUID parameters Returns a map of parameter names to UUIDs, or an error with HTTP response already sent

func ExtractUUID 

func ExtractUUID(c *gin.Context, paramName string) (uuid.UUID, error)

ExtractUUID extracts and validates a UUID from a path parameter Returns the parsed UUID or an error with HTTP response already sent

func FilterStackTraceFromBody 

func FilterStackTraceFromBody(body string) string

FilterStackTraceFromBody filters out stack trace information from response bodies This is used by the request logger to prevent stack traces from being logged

func GetAddon 

func GetAddon(c *gin.Context)

GetAddon retrieves a single add-on by ID

func GetFieldErrorMessage 

func GetFieldErrorMessage(field, operation string) string

GetFieldErrorMessage is the global function to get error messages

func GetInvocation 

func GetInvocation(c *gin.Context)

GetInvocation retrieves a single invocation by ID

func GetOwnerInternalUUID 

func GetOwnerInternalUUID(ctx context.Context, provider, providerID string) string

GetOwnerInternalUUID looks up the owner's internal UUID from provider and provider_id Returns the provider_id if lookup fails (fallback for tests/in-memory mode)

func GetPseudoGroupIdP 

func GetPseudoGroupIdP(groupName string) *string

GetPseudoGroupIdP returns the appropriate IdP value for a pseudo-group Pseudo-groups are cross-IdP by design, so this returns nil

func GetSwagger 

func GetSwagger() (swagger *openapi3.T, err error)

GetSwagger returns the Swagger specification corresponding to the generated code in this file. The external references of Swagger specification are resolved. The logic of resolving external references is tightly connected to "import-mapping" feature. Externally referenced files must be embedded in the corresponding golang packages. Urls can be supported but this task was out of the scope.

func GetTestUserRole 

func GetTestUserRole(user string) string

GetTestUserRole returns the role for a given test user

func GetTestUsers 

func GetTestUsers() map[string]string

GetTestUsers returns a map of test users with their roles

func GetUserDisplayName 

func GetUserDisplayName(c *gin.Context) string

GetUserDisplayName retrieves the user's display name from the context Returns the display name from JWT claims Returns empty string if not available (not an error)

func GetUserEmail 

func GetUserEmail(c *gin.Context) (string, error)

GetUserEmail retrieves the user's email from the context This is set by the JWT middleware from the email claim Returns error if user is not authenticated or email is not available

func GetUserFromContext 

func GetUserFromContext(c *gin.Context) (*auth.User, error)

GetUserFromContext retrieves the full user object from the Gin context The user object is set by the JWT middleware after authentication Returns RequestError if user is not found or not authenticated

func GetUserGroups 

func GetUserGroups(c *gin.Context) []string

GetUserGroups retrieves the user's groups from the context Returns the groups array from the identity provider Returns empty array if no groups are present (not an error)

func GetUserIdentityForLogging 

func GetUserIdentityForLogging(c *gin.Context) string

GetUserIdentityForLogging returns a formatted user identity string for logging that distinguishes between regular users and service accounts.

For regular users: returns "user={email}" For service accounts: returns "service_account=[Service Account] {name} (credential_id={id}, owner={email})"

func GetUserInternalUUID 

func GetUserInternalUUID(c *gin.Context) (string, error)

GetUserInternalUUID retrieves the user's internal UUID from the context This is the system-generated UUID for internal tracking (never exposed in JWT) Returns error if user is not authenticated or UUID is not available

func GetUserProvider 

func GetUserProvider(c *gin.Context) (string, error)

GetUserProvider retrieves the user's OAuth provider from the context Returns the provider name (e.g., "test", "google", "github", "microsoft", "azure") Returns error if user is not authenticated or provider is not available

func GetUserProviderID 

func GetUserProviderID(c *gin.Context) (string, error)

GetUserProviderID retrieves the user's provider user ID from the context This is the OAuth provider's user ID (from JWT sub claim) Returns error if user is not authenticated or provider user ID is not available

func GetVersionString 

func GetVersionString() string

GetVersionString returns the version as a formatted string

func GinServerErrorHandler 

func GinServerErrorHandler(c *gin.Context, err error, statusCode int)

GinServerErrorHandler converts parameter binding errors to TMI's error format This is used by the oapi-codegen generated server wrapper to handle parameter binding errors

func HSTSMiddleware 

func HSTSMiddleware(tlsEnabled bool) gin.HandlerFunc

HSTSMiddleware adds Strict-Transport-Security header when TLS is enabled

func HandleRequestError 

func HandleRequestError(c *gin.Context, err error)

HandleRequestError sends an appropriate HTTP error response

func IPRateLimitMiddleware 

func IPRateLimitMiddleware(server *Server) gin.HandlerFunc

IPRateLimitMiddleware creates middleware for IP-based rate limiting (Tier 1 - public discovery)

func InitNotificationHub 

func InitNotificationHub()

InitNotificationHub initializes the global notification hub

func InitSubResourceTestFixtures 

func InitSubResourceTestFixtures()

InitSubResourceTestFixtures initializes comprehensive test fixtures for sub-resource testing

func InitTestFixtures 

func InitTestFixtures()

InitTestFixtures initializes test data in stores

func InitializeDatabaseStores 

func InitializeDatabaseStores(db *sql.DB, authService interface{})

InitializeDatabaseStores initializes stores with database implementations

func InitializeEventEmitter 

func InitializeEventEmitter(redisClient *redis.Client, streamKey string)

InitializeEventEmitter initializes the global event emitter

func InitializeMockStores 

func InitializeMockStores()

InitializeMockStores creates simple mock stores for unit tests

func InitializePerformanceMonitoring 

func InitializePerformanceMonitoring()

InitializePerformanceMonitoring initializes the global performance monitor

func InitializeQuotaCache 

func InitializeQuotaCache(ttl time.Duration)

InitializeQuotaCache initializes the global quota cache

func InsertDiagramForTest 

func InsertDiagramForTest(id string, diagram DfdDiagram)

InsertDiagramForTest inserts a diagram with a specific ID directly into the store This is only for testing purposes

func InvokeAddon 

func InvokeAddon(c *gin.Context)

InvokeAddon invokes an add-on (authenticated users)

func IsIPv4 

func IsIPv4(hostname string) bool

IsIPv4 checks if a string is an IPv4 address

func IsIPv6 

func IsIPv6(hostname string) bool

IsIPv6 checks if a string is an IPv6 address

func IsPseudoGroup 

func IsPseudoGroup(groupName string) bool

IsPseudoGroup checks if a group name is a recognized pseudo-group Pseudo-groups are special groups with predefined behavior that don't come from IdPs

func IsServiceAccountRequest 

func IsServiceAccountRequest(c *gin.Context) bool

IsServiceAccountRequest returns true if the current request is from a service account

func IsUserAdministrator 

func IsUserAdministrator(c *gin.Context) (bool, error)

IsUserAdministrator checks if the authenticated user is an administrator Returns (isAdmin bool, error). Returns false if there's any error or if administrator check is not available.

func JSONErrorHandler 

func JSONErrorHandler() gin.HandlerFunc

JSONErrorHandler middleware converts plain text error responses to JSON format This catches Gin framework errors that bypass application error handling

func ListAddons 

func ListAddons(c *gin.Context)

ListAddons retrieves add-ons with pagination

func ListInvocations 

func ListInvocations(c *gin.Context)

ListInvocations lists invocations with pagination and filtering

func LogRequest 

func LogRequest(c *gin.Context, prefix string)

LogRequest logs debug information about the request

func MarshalAsyncMessage 

func MarshalAsyncMessage(msg AsyncMessage) ([]byte, error)

Helper function to marshal AsyncMessage to JSON

func MethodNotAllowedHandler 

func MethodNotAllowedHandler() gin.HandlerFunc

MethodNotAllowedHandler returns 405 for unsupported HTTP methods

func NewReadCloser 

func NewReadCloser(b []byte) *readCloser

func NormalizeDiagramCells 

func NormalizeDiagramCells(cells []DfdDiagram_Cells_Item)

NormalizeDiagramCells normalizes all cells in a diagram This should be called for both REST API and WebSocket operations

func OpenAPIErrorHandler 

func OpenAPIErrorHandler(c *gin.Context, message string, statusCode int)

OpenAPIErrorHandler converts OpenAPI validation errors to TMI's error format

func ParseRequestBody 

func ParseRequestBody[T any](c *gin.Context) (T, error)

ParseRequestBody parses JSON request body into the specified type

func ParseUUIDOrNil 

func ParseUUIDOrNil(s string) uuid.UUID

ParseUUIDOrNil parses a UUID string, returning a nil UUID on error

func PathParameterValidationMiddleware 

func PathParameterValidationMiddleware() gin.HandlerFunc

PathParameterValidationMiddleware validates all path parameters for common issues

func PathToRawSpec 

func PathToRawSpec(pathToFile string) map[string]func() ([]byte, error)

Constructs a synthetic filesystem for resolving external references when loading openapi specifications.

func PreserveCriticalFields 

func PreserveCriticalFields[T any](modified, original T, preserveFields func(T, T) T) T

PreserveCriticalFields preserves critical fields that shouldn't change during patching

func RateLimitMiddleware 

func RateLimitMiddleware(server *Server) gin.HandlerFunc

RateLimitMiddleware creates a middleware that enforces API rate limiting

func RegisterDebugRoutes 

func RegisterDebugRoutes(r *gin.Engine, requireAuth gin.HandlerFunc)

RegisterDebugRoutes registers debug routes with the gin router Note: These should only be enabled in development or with proper authentication

func RegisterHandlers 

func RegisterHandlers(router gin.IRouter, si ServerInterface)

RegisterHandlers creates http.Handler with routing matching OpenAPI spec.

func RegisterHandlersWithOptions 

func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options GinServerOptions)

RegisterHandlersWithOptions creates http.Handler with additional options

func RequestTracingMiddleware 

func RequestTracingMiddleware() gin.HandlerFunc

RequestTracingMiddleware provides comprehensive request tracing

func ResetSubResourceStores 

func ResetSubResourceStores()

ResetSubResourceStores clears all sub-resource stores for testing

func RouteMatchingMiddleware 

func RouteMatchingMiddleware() gin.HandlerFunc

RouteMatchingMiddleware logs which routes are being matched

func SAMLProviderOnlyMiddleware 

func SAMLProviderOnlyMiddleware() gin.HandlerFunc

SAMLProviderOnlyMiddleware ensures the provider is a SAML provider (not OAuth)

func SafeParseInt 

func SafeParseInt(s string, fallback int) int

SafeParseInt safely parses an integer string with a fallback value Does not return errors - uses fallback for any parsing failure

func SameProviderMiddleware 

func SameProviderMiddleware() gin.HandlerFunc

SameProviderMiddleware ensures the authenticated user is from the same provider as specified in the path

func SecurityHeaders 

func SecurityHeaders() gin.HandlerFunc

SecurityHeaders middleware adds security headers to all responses

func SetGlobalAuthServiceForEvents 

func SetGlobalAuthServiceForEvents(authService AuthService)

SetGlobalAuthServiceForEvents sets the global auth service for event owner lookups

func SetupOpenAPIValidation 

func SetupOpenAPIValidation() (gin.HandlerFunc, error)

SetupOpenAPIValidation creates and returns OpenAPI validation middleware

func SetupStoresWithFixtures 

func SetupStoresWithFixtures(ctx context.Context) error

SetupStoresWithFixtures initializes stores with test fixtures

func StrFromPtr 

func StrFromPtr(s *string) string

func StrPtr 

func StrPtr(s string) *string

func StrPtrOrEmpty 

func StrPtrOrEmpty(s string) *string

func ThreatModelMiddleware 

func ThreatModelMiddleware() gin.HandlerFunc

ThreatModelMiddleware creates middleware for threat model authorization

func TimeFromPtr 

func TimeFromPtr(t *time.Time) *time.Time

func TimePtr 

func TimePtr(t *time.Time) *time.Time

func TransferEncodingValidationMiddleware 

func TransferEncodingValidationMiddleware() gin.HandlerFunc

TransferEncodingValidationMiddleware rejects requests with Transfer-Encoding header Transfer-Encoding (especially chunked) is not supported by this API Returns 400 Bad Request instead of 501 Not Implemented for better HTTP semantics

func UUIDValidationMiddleware 

func UUIDValidationMiddleware() gin.HandlerFunc

UUIDValidationMiddleware validates UUID path parameters

func UnicodeNormalizationMiddleware 

func UnicodeNormalizationMiddleware() gin.HandlerFunc

UnicodeNormalizationMiddleware normalizes Unicode in request bodies and rejects problematic characters

func UpdateInvocationStatus 

func UpdateInvocationStatus(c *gin.Context)

UpdateInvocationStatus updates the status of an invocation (HMAC authenticated)

func UpdateTimestamps 

func UpdateTimestamps[T WithTimestamps](entity T, isNew bool) T

UpdateTimestamps updates the timestamps on an entity

func ValidateAddonDescription 

func ValidateAddonDescription(description string) error

ValidateAddonDescription validates the add-on description for XSS

func ValidateAddonName 

func ValidateAddonName(name string) error

ValidateAddonName validates the add-on name for XSS and length

func ValidateAndParseRequest 

func ValidateAndParseRequest[T any](c *gin.Context, config ValidationConfig) (*T, error)

ValidateAndParseRequest provides unified request validation and parsing

func ValidateAuthorizationEntries 

func ValidateAuthorizationEntries(authList []Authorization) error

ValidateAuthorizationEntries validates individual authorization entries Note: This function is intended for ENRICHED entries where ProviderId has been populated For sparse/pre-enrichment validation, use ValidateSparseAuthorizationEntries

func ValidateAuthorizationEntriesFromStruct 

func ValidateAuthorizationEntriesFromStruct(data interface{}) error

ValidateAuthorizationEntriesFromStruct is the public wrapper for the validator

func ValidateAuthorizationEntriesWithFormat 

func ValidateAuthorizationEntriesWithFormat(authList []Authorization) error

ValidateAuthorizationEntriesWithFormat validates authorization entries with format checking Note: This function is intended for ENRICHED entries where ProviderId has been populated

func ValidateAuthorizationWithPseudoGroups 

func ValidateAuthorizationWithPseudoGroups(authList []Authorization) error

ValidateAuthorizationWithPseudoGroups validates authorization entries and applies pseudo-group specific rules

func ValidateDiagramType 

func ValidateDiagramType(data interface{}) error

ValidateDiagramType validates diagram type field

func ValidateDuplicateSubjects 

func ValidateDuplicateSubjects(authList []Authorization) error

ValidateDuplicateSubjects checks for duplicate subjects in authorization list. Should be called BEFORE enrichment to catch obvious client mistakes.

This validation is intentionally lenient - it only catches cases where the API caller specified the exact same user with the exact same identifiers multiple times. It does NOT catch cases where the same user is specified with different identifiers (e.g., once by email, once by provider_id) because those are resolved later during enrichment and database save, where ON CONFLICT gracefully handles them.

Duplicate Detection Logic: A user subject A is a duplicate of user subject B if:

Case 1: Both have provider_id values

  • (A.provider == B.provider) AND (A.provider_id == B.provider_id)
  • This identifies the same OAuth/SAML user identity

Case 2: Both lack provider_id values

  • (A.provider == B.provider) AND (A.provider_id is empty) AND (B.provider_id is empty) AND (A.email == B.email)
  • This identifies the same user by email when OAuth sub is not yet known

For group principals, always use (provider, provider_id) as the unique key.

Note: internal_uuid is never present in API requests/responses, so we cannot use it for duplicate detection. The database ON CONFLICT clauses handle internal_uuid resolution gracefully, allowing the same user to be specified multiple ways without error.

func ValidateEmailFields 

func ValidateEmailFields(data interface{}) error

ValidateEmailFields validates email format in struct fields

func ValidateIcon 

func ValidateIcon(icon string) error

ValidateIcon validates an icon string against Material Symbols or FontAwesome formats

func ValidateMetadataKey 

func ValidateMetadataKey(data interface{}) error

ValidateMetadataKey validates metadata key format (no spaces, special chars)

func ValidateNoDuplicateEntries 

func ValidateNoDuplicateEntries(data interface{}) error

ValidateNoDuplicateEntries validates that slice fields don't contain duplicates

func ValidateNoHTMLInjection 

func ValidateNoHTMLInjection(data interface{}) error

ValidateNoHTMLInjection prevents HTML/script injection in text fields

func ValidateNoteMarkdown 

func ValidateNoteMarkdown(data interface{}) error

ValidateNoteMarkdown validates Note.Content field for dangerous HTML This validator is specifically designed for Note objects that contain Markdown content. It strips Markdown code blocks first, then checks remaining content for HTML tags. This prevents false positives from code examples while still blocking actual HTML.

func ValidateNumericRange 

func ValidateNumericRange(value interface{}, min, max int64, fieldName string) error

ValidateNumericRange validates that a numeric value is within the specified range Handles int, int32, int64, float32, float64

func ValidateObjects 

func ValidateObjects(objects []string) error

ValidateObjects validates that all object types are in the TMI taxonomy

func ValidatePatchAuthorization 

func ValidatePatchAuthorization(operations []PatchOperation, userRole Role) error

ValidatePatchAuthorization validates that the user has permission to perform the patch operations

func ValidatePatchedEntity 

func ValidatePatchedEntity[T any](original, patched T, userName string, validator func(T, T, string) error) error

ValidatePatchedEntity validates that the patched entity meets business rules

func ValidateQuotaValue 

func ValidateQuotaValue(value int, min int, max int, fieldName string) error

ValidateQuotaValue validates that a quota value is within acceptable bounds

func ValidateResourceAccess 

func ValidateResourceAccess(requiredRole Role) gin.HandlerFunc

ValidateResourceAccess is a Gin middleware-compatible function for authorization checks

func ValidateRoleFields 

func ValidateRoleFields(data interface{}) error

ValidateRoleFields validates role format in struct fields

func ValidateSparseAuthorizationEntries 

func ValidateSparseAuthorizationEntries(authList []Authorization) error

ValidateSparseAuthorizationEntries validates authorization entries BEFORE enrichment Requires: provider + (provider_id OR email) Does NOT require: display_name (response-only field) Note: Call StripResponseOnlyAuthFields() before this function if the authorization data came from a client that may have included response-only fields

func ValidateStringLengths 

func ValidateStringLengths(data interface{}) error

ValidateStringLengths validates string field lengths based on struct tags

func ValidateSubResourceAccess 

func ValidateSubResourceAccess(db *sql.DB, cache *CacheService, requiredRole Role) gin.HandlerFunc

ValidateSubResourceAccess creates middleware for sub-resource authorization with caching This middleware validates access to sub-resources (threats, documents, sources) by inheriting permissions from their parent threat model

func ValidateSubResourceAccessOwner 

func ValidateSubResourceAccessOwner(db *sql.DB, cache *CacheService) gin.HandlerFunc

ValidateSubResourceAccessOwner creates middleware for owner-only sub-resource access

func ValidateSubResourceAccessReader 

func ValidateSubResourceAccessReader(db *sql.DB, cache *CacheService) gin.HandlerFunc

ValidateSubResourceAccessReader creates middleware for read-only sub-resource access

func ValidateSubResourceAccessWriter 

func ValidateSubResourceAccessWriter(db *sql.DB, cache *CacheService) gin.HandlerFunc

ValidateSubResourceAccessWriter creates middleware for write sub-resource access

func ValidateThreatSeverity 

func ValidateThreatSeverity(data interface{}) error

ValidateThreatSeverity is a no-op validator that accepts any severity value Severity is now a free-form string field per the OpenAPI schema

func ValidateURLFields 

func ValidateURLFields(data interface{}) error

ValidateURLFields validates URL format in struct fields

func ValidateUUID 

func ValidateUUID(s string, fieldName string) (uuid.UUID, error)

ValidateUUID validates that a string is a valid UUID format

func ValidateUUIDFieldsFromStruct 

func ValidateUUIDFieldsFromStruct(data interface{}) error

Enhanced UUID validation with better error messages

func ValidateUnicodeContent 

func ValidateUnicodeContent(value, fieldName string) error

ValidateUnicodeContent checks for problematic Unicode that might slip through middleware

func ValidateUserAuthentication 

func ValidateUserAuthentication(c *gin.Context) (email, internalUUID, provider, providerUserID string, err error)

ValidateUserAuthentication is a comprehensive validation that checks all user context values are properly set Returns user email, internal UUID, provider, and provider user ID This is useful for handlers that need all user identification fields

func ValidateUserIdentity 

func ValidateUserIdentity(u User) error

ValidateUserIdentity validates that a User struct contains at least one valid identifier

func VerifySignature 

func VerifySignature(payload []byte, signature string, secret string) bool

VerifySignature verifies the HMAC signature of a request

Types

type APIRateLimiter 

type APIRateLimiter struct {
	// contains filtered or unexported fields
}

APIRateLimiter implements rate limiting for general API operations using Redis

func NewAPIRateLimiter 

func NewAPIRateLimiter(redisClient *redis.Client, quotaStore UserAPIQuotaStoreInterface) *APIRateLimiter

NewAPIRateLimiter creates a new API rate limiter

func (*APIRateLimiter) CheckRateLimit 

func (r *APIRateLimiter) CheckRateLimit(ctx context.Context, userID string) (bool, int, error)

CheckRateLimit checks if a user has exceeded their rate limit Returns allowed (bool), retryAfter (seconds), and error

func (*APIRateLimiter) GetRateLimitInfo 

func (r *APIRateLimiter) GetRateLimitInfo(ctx context.Context, userID string) (limit int, remaining int, resetAt int64, err error)

GetRateLimitInfo returns current rate limit status for a user

type AddGroupMemberJSONRequestBody 

type AddGroupMemberJSONRequestBody = AddGroupMemberRequest

AddGroupMemberJSONRequestBody defines body for AddGroupMember for application/json ContentType.

type AddGroupMemberRequest 

type AddGroupMemberRequest struct {
	// Notes Optional notes about this membership
	Notes *string `json:"notes,omitempty"`

	// UserInternalUuid Internal UUID of the user to add to the group
	UserInternalUuid openapi_types.UUID `json:"user_internal_uuid"`
}

AddGroupMemberRequest defines model for AddGroupMemberRequest.

type Addon 

type Addon struct {
	ID            uuid.UUID  `json:"id"`
	CreatedAt     time.Time  `json:"created_at"`
	Name          string     `json:"name"`
	WebhookID     uuid.UUID  `json:"webhook_id"`
	Description   string     `json:"description,omitempty"`
	Icon          string     `json:"icon,omitempty"`
	Objects       []string   `json:"objects,omitempty"`
	ThreatModelID *uuid.UUID `json:"threat_model_id,omitempty"`
}

Addon represents an add-on in the system

type AddonDatabaseStore 

type AddonDatabaseStore struct {
	// contains filtered or unexported fields
}

AddonDatabaseStore implements AddonStore using PostgreSQL

func NewAddonDatabaseStore 

func NewAddonDatabaseStore(db *sql.DB) *AddonDatabaseStore

NewAddonDatabaseStore creates a new database-backed add-on store

func (*AddonDatabaseStore) CountActiveInvocations 

func (s *AddonDatabaseStore) CountActiveInvocations(ctx context.Context, addonID uuid.UUID) (int, error)

CountActiveInvocations counts pending/in_progress invocations for an add-on

func (*AddonDatabaseStore) Create 

func (s *AddonDatabaseStore) Create(ctx context.Context, addon *Addon) error

Create creates a new add-on

func (*AddonDatabaseStore) Delete 

func (s *AddonDatabaseStore) Delete(ctx context.Context, id uuid.UUID) error

Delete removes an add-on by ID

func (*AddonDatabaseStore) Get 

func (s *AddonDatabaseStore) Get(ctx context.Context, id uuid.UUID) (*Addon, error)

Get retrieves an add-on by ID

func (*AddonDatabaseStore) GetByWebhookID 

func (s *AddonDatabaseStore) GetByWebhookID(ctx context.Context, webhookID uuid.UUID) ([]Addon, error)

GetByWebhookID retrieves all add-ons associated with a webhook

func (*AddonDatabaseStore) List 

func (s *AddonDatabaseStore) List(ctx context.Context, limit, offset int, threatModelID *uuid.UUID) ([]Addon, int, error)

List retrieves add-ons with pagination, optionally filtered by threat model

type AddonIdQueryParam 

type AddonIdQueryParam = openapi_types.UUID

AddonIdQueryParam defines model for AddonIdQueryParam.

type AddonInvocation 

type AddonInvocation struct {
	ID              uuid.UUID  `json:"id"`
	AddonID         uuid.UUID  `json:"addon_id"`
	ThreatModelID   uuid.UUID  `json:"threat_model_id"`
	ObjectType      string     `json:"object_type,omitempty"`
	ObjectID        *uuid.UUID `json:"object_id,omitempty"`
	InvokedByUUID   uuid.UUID  `json:"-"`                // Internal user UUID (for rate limiting, quotas) - NEVER exposed
	InvokedByID     string     `json:"invoked_by_id"`    // Provider-assigned user ID (for API responses)
	InvokedByEmail  string     `json:"invoked_by_email"` // User email
	InvokedByName   string     `json:"invoked_by_name"`  // User display name
	Payload         string     `json:"payload"`          // JSON string
	Status          string     `json:"status"`           // pending, in_progress, completed, failed
	StatusPercent   int        `json:"status_percent"`   // 0-100
	StatusMessage   string     `json:"status_message,omitempty"`
	CreatedAt       time.Time  `json:"created_at"`
	StatusUpdatedAt time.Time  `json:"status_updated_at"`
	LastActivityAt  time.Time  `json:"last_activity_at"` // Track last activity for timeout detection
}

AddonInvocation represents an add-on invocation stored in Redis

type AddonInvocationCleanupWorker 

type AddonInvocationCleanupWorker struct {
	// contains filtered or unexported fields
}

AddonInvocationCleanupWorker handles cleanup of stale addon invocations 

var GlobalAddonInvocationCleanupWorker *AddonInvocationCleanupWorker

GlobalAddonInvocationCleanupWorker is the global singleton for the cleanup worker

func NewAddonInvocationCleanupWorker 

func NewAddonInvocationCleanupWorker() *AddonInvocationCleanupWorker

NewAddonInvocationCleanupWorker creates a new cleanup worker

func (*AddonInvocationCleanupWorker) Start 

func (w *AddonInvocationCleanupWorker) Start(ctx context.Context) error

Start begins cleanup operations

func (*AddonInvocationCleanupWorker) Stop 

func (w *AddonInvocationCleanupWorker) Stop()

Stop gracefully stops the worker

type AddonInvocationPayload 

type AddonInvocationPayload struct {
	EventType     string          `json:"event_type"`
	InvocationID  uuid.UUID       `json:"invocation_id"`
	AddonID       uuid.UUID       `json:"addon_id"`
	ThreatModelID uuid.UUID       `json:"threat_model_id"`
	ObjectType    string          `json:"object_type,omitempty"`
	ObjectID      *uuid.UUID      `json:"object_id,omitempty"`
	Timestamp     time.Time       `json:"timestamp"`
	Payload       json.RawMessage `json:"payload"`
	CallbackURL   string          `json:"callback_url"`
}

AddonInvocationPayload represents the payload sent to webhook endpoints

type AddonInvocationQuota 

type AddonInvocationQuota struct {
	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// MaxActiveInvocations Maximum concurrent active addon invocations
	MaxActiveInvocations int `json:"max_active_invocations"`

	// MaxInvocationsPerHour Maximum addon invocations per hour
	MaxInvocationsPerHour int `json:"max_invocations_per_hour"`

	// ModifiedAt Last modification timestamp
	ModifiedAt time.Time `json:"modified_at"`

	// OwnerId User ID
	OwnerId openapi_types.UUID `json:"owner_id"`
}

AddonInvocationQuota Addon invocation quota for a user

type AddonInvocationQuotaDatabaseStore 

type AddonInvocationQuotaDatabaseStore struct {
	// contains filtered or unexported fields
}

AddonInvocationQuotaDatabaseStore implements AddonInvocationQuotaStore using PostgreSQL

func NewAddonInvocationQuotaDatabaseStore 

func NewAddonInvocationQuotaDatabaseStore(db *sql.DB) *AddonInvocationQuotaDatabaseStore

NewAddonInvocationQuotaDatabaseStore creates a new database-backed quota store

func (*AddonInvocationQuotaDatabaseStore) Delete 

func (s *AddonInvocationQuotaDatabaseStore) Delete(ctx context.Context, ownerID uuid.UUID) error

Delete removes quota for a user (reverts to defaults)

func (*AddonInvocationQuotaDatabaseStore) Get 

func (s *AddonInvocationQuotaDatabaseStore) Get(ctx context.Context, ownerID uuid.UUID) (*AddonInvocationQuota, error)

Get retrieves quota for a user, returns error if not found

func (*AddonInvocationQuotaDatabaseStore) GetOrDefault 

func (s *AddonInvocationQuotaDatabaseStore) GetOrDefault(ctx context.Context, ownerID uuid.UUID) (*AddonInvocationQuota, error)

GetOrDefault retrieves quota for a user, or returns defaults if not set

func (*AddonInvocationQuotaDatabaseStore) List 

func (s *AddonInvocationQuotaDatabaseStore) List(ctx context.Context, offset, limit int) ([]*AddonInvocationQuota, error)

List retrieves all addon invocation quotas with pagination

func (*AddonInvocationQuotaDatabaseStore) Set 

func (s *AddonInvocationQuotaDatabaseStore) Set(ctx context.Context, quota *AddonInvocationQuota) error

Set creates or updates quota for a user

type AddonInvocationQuotaStore 

type AddonInvocationQuotaStore interface {
	// Get retrieves quota for a user, returns error if not found
	Get(ctx context.Context, ownerID uuid.UUID) (*AddonInvocationQuota, error)

	// GetOrDefault retrieves quota for a user, or returns defaults if not set
	GetOrDefault(ctx context.Context, ownerID uuid.UUID) (*AddonInvocationQuota, error)

	// List retrieves all custom quotas (non-default) with pagination
	List(ctx context.Context, offset, limit int) ([]*AddonInvocationQuota, error)

	// Set creates or updates quota for a user
	Set(ctx context.Context, quota *AddonInvocationQuota) error

	// Delete removes quota for a user (reverts to defaults)
	Delete(ctx context.Context, ownerID uuid.UUID) error
}

AddonInvocationQuotaStore defines the interface for quota storage operations 

var GlobalAddonInvocationQuotaStore AddonInvocationQuotaStore

GlobalAddonInvocationQuotaStore is the global singleton for quota storage

type AddonInvocationRedisStore 

type AddonInvocationRedisStore struct {
	// contains filtered or unexported fields
}

AddonInvocationRedisStore implements AddonInvocationStore using Redis

func NewAddonInvocationRedisStore 

func NewAddonInvocationRedisStore(redis *db.RedisDB) *AddonInvocationRedisStore

NewAddonInvocationRedisStore creates a new Redis-backed invocation store

func (*AddonInvocationRedisStore) CountActive 

func (s *AddonInvocationRedisStore) CountActive(ctx context.Context, addonID uuid.UUID) (int, error)

CountActive counts pending/in_progress invocations for an add-on

func (*AddonInvocationRedisStore) Create 

func (s *AddonInvocationRedisStore) Create(ctx context.Context, invocation *AddonInvocation) error

Create creates a new invocation

func (*AddonInvocationRedisStore) Delete 

func (s *AddonInvocationRedisStore) Delete(ctx context.Context, id uuid.UUID) error

Delete removes an invocation

func (*AddonInvocationRedisStore) Get 

func (s *AddonInvocationRedisStore) Get(ctx context.Context, id uuid.UUID) (*AddonInvocation, error)

Get retrieves an invocation by ID

func (*AddonInvocationRedisStore) GetActiveForUser 

func (s *AddonInvocationRedisStore) GetActiveForUser(ctx context.Context, userID uuid.UUID) (*AddonInvocation, error)

GetActiveForUser retrieves the active invocation for a user

func (*AddonInvocationRedisStore) List 

func (s *AddonInvocationRedisStore) List(ctx context.Context, userID *uuid.UUID, status string, limit, offset int) ([]AddonInvocation, int, error)

List retrieves invocations with pagination and optional filtering

func (*AddonInvocationRedisStore) ListStale 

func (s *AddonInvocationRedisStore) ListStale(ctx context.Context, timeout time.Duration) ([]AddonInvocation, error)

ListStale retrieves invocations that have timed out (no activity for the specified timeout)

func (*AddonInvocationRedisStore) Update 

func (s *AddonInvocationRedisStore) Update(ctx context.Context, invocation *AddonInvocation) error

Update updates an existing invocation

type AddonInvocationStore 

type AddonInvocationStore interface {
	// Create creates a new invocation
	Create(ctx context.Context, invocation *AddonInvocation) error

	// Get retrieves an invocation by ID
	Get(ctx context.Context, id uuid.UUID) (*AddonInvocation, error)

	// Update updates an existing invocation
	Update(ctx context.Context, invocation *AddonInvocation) error

	// List retrieves invocations for a user with pagination
	// If userID is nil, returns all invocations (admin view)
	// Can filter by status if provided
	List(ctx context.Context, userID *uuid.UUID, status string, limit, offset int) ([]AddonInvocation, int, error)

	// CountActive counts pending/in_progress invocations for an add-on
	CountActive(ctx context.Context, addonID uuid.UUID) (int, error)

	// GetActiveForUser retrieves the active invocation for a user (for quota enforcement)
	GetActiveForUser(ctx context.Context, userID uuid.UUID) (*AddonInvocation, error)

	// Delete removes an invocation (for cleanup)
	Delete(ctx context.Context, id uuid.UUID) error

	// ListStale retrieves invocations that have timed out (no activity for AddonInvocationTimeout)
	ListStale(ctx context.Context, timeout time.Duration) ([]AddonInvocation, error)
}

AddonInvocationStore defines the interface for invocation storage operations 

var GlobalAddonInvocationStore AddonInvocationStore

GlobalAddonInvocationStore is the global singleton for invocation storage

type AddonInvocationWorker 

type AddonInvocationWorker struct {
	// contains filtered or unexported fields
}

AddonInvocationWorker handles delivery of add-on invocations to webhooks 

var GlobalAddonInvocationWorker *AddonInvocationWorker

GlobalAddonInvocationWorker is the global singleton for the invocation worker

func NewAddonInvocationWorker 

func NewAddonInvocationWorker() *AddonInvocationWorker

NewAddonInvocationWorker creates a new invocation worker

func (*AddonInvocationWorker) QueueInvocation 

func (w *AddonInvocationWorker) QueueInvocation(invocationID uuid.UUID)

QueueInvocation queues an invocation for processing

func (*AddonInvocationWorker) Start 

func (w *AddonInvocationWorker) Start(ctx context.Context) error

Start begins processing invocations

func (*AddonInvocationWorker) Stop 

func (w *AddonInvocationWorker) Stop()

Stop gracefully stops the worker

type AddonQuotaUpdate 

type AddonQuotaUpdate struct {
	// MaxActiveInvocations Maximum concurrent active addon invocations
	MaxActiveInvocations int `json:"max_active_invocations"`

	// MaxInvocationsPerHour Maximum addon invocations per hour
	MaxInvocationsPerHour int `json:"max_invocations_per_hour"`
}

AddonQuotaUpdate defines model for AddonQuotaUpdate.

type AddonRateLimiter 

type AddonRateLimiter struct {
	// contains filtered or unexported fields
}

AddonRateLimiter provides rate limiting for add-on invocations 

var GlobalAddonRateLimiter *AddonRateLimiter

GlobalAddonRateLimiter is the global singleton for rate limiting

func NewAddonRateLimiter 

func NewAddonRateLimiter(redis *db.RedisDB, quotaStore AddonInvocationQuotaStore) *AddonRateLimiter

NewAddonRateLimiter creates a new rate limiter

func (*AddonRateLimiter) CheckActiveInvocationLimit 

func (rl *AddonRateLimiter) CheckActiveInvocationLimit(ctx context.Context, userID uuid.UUID) error

CheckActiveInvocationLimit checks if user has an active invocation (blocks if they do)

func (*AddonRateLimiter) CheckHourlyRateLimit 

func (rl *AddonRateLimiter) CheckHourlyRateLimit(ctx context.Context, userID uuid.UUID) error

CheckHourlyRateLimit checks if user has exceeded hourly invocation limit using sliding window

func (*AddonRateLimiter) RecordInvocation 

func (rl *AddonRateLimiter) RecordInvocation(ctx context.Context, userID uuid.UUID) error

RecordInvocation records a new invocation in the sliding window

type AddonResponse 

type AddonResponse struct {
	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// Description Add-on description
	Description *string `json:"description,omitempty"`

	// Icon Icon identifier
	Icon *string `json:"icon,omitempty"`

	// Id Add-on identifier
	Id openapi_types.UUID `json:"id"`

	// Name Display name
	Name string `json:"name"`

	// Objects Supported TMI object types
	Objects *[]string `json:"objects,omitempty"`

	// ThreatModelId Threat model scope (if scoped)
	ThreatModelId *openapi_types.UUID `json:"threat_model_id,omitempty"`

	// WebhookId Associated webhook subscription ID
	WebhookId openapi_types.UUID `json:"webhook_id"`
}

AddonResponse defines model for AddonResponse.

type AddonStore 

type AddonStore interface {
	// Create creates a new add-on
	Create(ctx context.Context, addon *Addon) error

	// Get retrieves an add-on by ID
	Get(ctx context.Context, id uuid.UUID) (*Addon, error)

	// List retrieves add-ons with pagination, optionally filtered by threat model
	List(ctx context.Context, limit, offset int, threatModelID *uuid.UUID) ([]Addon, int, error)

	// Delete removes an add-on by ID
	Delete(ctx context.Context, id uuid.UUID) error

	// GetByWebhookID retrieves all add-ons associated with a webhook
	GetByWebhookID(ctx context.Context, webhookID uuid.UUID) ([]Addon, error)

	// CountActiveInvocations counts pending/in_progress invocations for an add-on
	// This will be used to block deletion when active invocations exist
	// Returns count of active invocations
	CountActiveInvocations(ctx context.Context, addonID uuid.UUID) (int, error)
}

AddonStore defines the interface for add-on storage operations 

var GlobalAddonStore AddonStore

GlobalAddonStore is the global singleton for add-on storage

type AdminCheckerAdapter 

type AdminCheckerAdapter struct {
	// contains filtered or unexported fields
}

AdminCheckerAdapter adapts AdministratorDatabaseStore to the auth.AdminChecker interface

func NewAdminCheckerAdapter 

func NewAdminCheckerAdapter(store *AdministratorDatabaseStore) *AdminCheckerAdapter

NewAdminCheckerAdapter creates a new adapter for the auth.AdminChecker interface

func (*AdminCheckerAdapter) GetGroupUUIDsByNames 

func (a *AdminCheckerAdapter) GetGroupUUIDsByNames(ctx context.Context, provider string, groupNames []string) ([]string, error)

GetGroupUUIDsByNames converts group names to UUIDs (implements auth.AdminChecker)

func (*AdminCheckerAdapter) IsAdmin 

func (a *AdminCheckerAdapter) IsAdmin(ctx context.Context, userInternalUUID *string, provider string, groupUUIDs []string) (bool, error)

IsAdmin checks if a user is an administrator (implements auth.AdminChecker)

type AdminContext 

type AdminContext struct {
	Email        string
	InternalUUID *uuid.UUID
	Provider     string
	GroupNames   []string
	GroupUUIDs   []uuid.UUID
}

AdminContext contains the authenticated administrator's information

func RequireAdministrator 

func RequireAdministrator(c *gin.Context) (*AdminContext, error)

RequireAdministrator checks if the current user is an administrator Returns an AdminContext if authorized, or nil with error response sent

type AdminFilter 

type AdminFilter struct {
	Provider string     // Filter by provider (optional)
	UserID   *uuid.UUID // Filter by user_internal_uuid (optional)
	GroupID  *uuid.UUID // Filter by group_internal_uuid (optional)
	Limit    int        // Pagination limit (default 50, max 100)
	Offset   int        // Pagination offset (default 0)
}

AdminFilter represents filtering criteria for listing administrators

type AdminGroup 

type AdminGroup struct {
	// Description Group description
	Description *string `json:"description,omitempty"`

	// FirstUsed First time this group was referenced
	FirstUsed time.Time `json:"first_used"`

	// GroupName Provider-assigned group name
	GroupName string `json:"group_name"`

	// InternalUuid Internal system UUID for the group
	InternalUuid openapi_types.UUID `json:"internal_uuid"`

	// LastUsed Last time this group was referenced
	LastUsed time.Time `json:"last_used"`

	// MemberCount Number of members in the group from IdP (enriched, if available)
	MemberCount *int `json:"member_count,omitempty"`

	// Name Human-readable group name
	Name *string `json:"name,omitempty"`

	// Provider OAuth/SAML provider identifier, or "*" for provider-independent groups
	Provider string `json:"provider"`

	// UsageCount Number of times this group has been referenced
	UsageCount int `json:"usage_count"`

	// UsedInAdminGrants Whether this group is used in any admin grants (enriched)
	UsedInAdminGrants *bool `json:"used_in_admin_grants,omitempty"`

	// UsedInAuthorizations Whether this group is used in any authorizations (enriched)
	UsedInAuthorizations *bool `json:"used_in_authorizations,omitempty"`
}

AdminGroup Group object with administrative fields and enriched data

type AdminGroupListResponse 

type AdminGroupListResponse struct {
	// Groups List of groups
	Groups []AdminGroup `json:"groups"`

	// Limit Maximum number of results returned
	Limit int `json:"limit"`

	// Offset Number of results skipped
	Offset int `json:"offset"`

	// Total Total number of groups matching the filter
	Total int `json:"total"`
}

AdminGroupListResponse defines model for AdminGroupListResponse.

type AdminUser 

type AdminUser struct {
	// ActiveThreatModels Number of active threat models owned by user (enriched)
	ActiveThreatModels *int `json:"active_threat_models,omitempty"`

	// CreatedAt Account creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// Email User email address
	Email openapi_types.Email `json:"email"`

	// EmailVerified Whether the email has been verified
	EmailVerified bool `json:"email_verified"`

	// Groups List of group names the user belongs to (enriched)
	Groups *[]string `json:"groups,omitempty"`

	// InternalUuid Internal system UUID for the user
	InternalUuid openapi_types.UUID `json:"internal_uuid"`

	// IsAdmin Whether the user has administrator privileges (enriched)
	IsAdmin *bool `json:"is_admin,omitempty"`

	// LastLogin Last login timestamp
	LastLogin *time.Time `json:"last_login"`

	// ModifiedAt Last modification timestamp
	ModifiedAt time.Time `json:"modified_at"`

	// Name User display name
	Name string `json:"name"`

	// Provider OAuth/SAML provider identifier
	Provider string `json:"provider"`

	// ProviderUserId Provider-assigned user identifier
	ProviderUserId string `json:"provider_user_id"`
}

AdminUser User object with administrative fields and enriched data

type AdminUserListResponse 

type AdminUserListResponse struct {
	// Limit Maximum number of results returned
	Limit int `json:"limit"`

	// Offset Number of results skipped
	Offset int `json:"offset"`

	// Total Total number of users matching the filter
	Total int `json:"total"`

	// Users List of users
	Users []AdminUser `json:"users"`
}

AdminUserListResponse defines model for AdminUserListResponse.

type Administrator 

type Administrator struct {
	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// GroupId Group ID (if group-based grant)
	GroupId *openapi_types.UUID `json:"group_id"`

	// GroupName Group name (enriched)
	GroupName *string `json:"group_name"`

	// Id Administrator grant identifier
	Id openapi_types.UUID `json:"id"`

	// Provider OAuth/SAML provider
	Provider string `json:"provider"`

	// UserEmail User email (enriched)
	UserEmail *string `json:"user_email"`

	// UserId User ID (if user-based grant)
	UserId *openapi_types.UUID `json:"user_id"`

	// UserName User display name (enriched)
	UserName *string `json:"user_name"`
}

Administrator defines model for Administrator.

type AdministratorDatabaseStore 

type AdministratorDatabaseStore struct {
	// contains filtered or unexported fields
}

AdministratorDatabaseStore implements AdministratorStore using PostgreSQL

func NewAdministratorDatabaseStore 

func NewAdministratorDatabaseStore(db *sql.DB) *AdministratorDatabaseStore

NewAdministratorDatabaseStore creates a new database-backed administrator store

func (*AdministratorDatabaseStore) Create 

func (s *AdministratorDatabaseStore) Create(ctx context.Context, admin DBAdministrator) error

Create adds a new administrator entry

func (*AdministratorDatabaseStore) Delete 

func (s *AdministratorDatabaseStore) Delete(ctx context.Context, id uuid.UUID) error

Delete removes an administrator entry by ID

func (*AdministratorDatabaseStore) EnrichAdministrators 

func (s *AdministratorDatabaseStore) EnrichAdministrators(ctx context.Context, admins []DBAdministrator) ([]DBAdministrator, error)

EnrichAdministrators adds user_email, user_name, and group_name to administrator records

func (*AdministratorDatabaseStore) Get 

func (s *AdministratorDatabaseStore) Get(ctx context.Context, id uuid.UUID) (*DBAdministrator, error)

Get retrieves a single administrator grant by ID

func (*AdministratorDatabaseStore) GetByPrincipal 

func (s *AdministratorDatabaseStore) GetByPrincipal(ctx context.Context, userUUID *uuid.UUID, groupUUID *uuid.UUID, provider string) ([]DBAdministrator, error)

GetByPrincipal retrieves administrator entries by user or group UUID

func (*AdministratorDatabaseStore) GetGroupName 

func (s *AdministratorDatabaseStore) GetGroupName(ctx context.Context, groupID uuid.UUID, provider string) (string, error)

GetGroupName retrieves name for a group_id (for enrichment in list responses)

func (*AdministratorDatabaseStore) GetGroupUUIDsByNames 

func (s *AdministratorDatabaseStore) GetGroupUUIDsByNames(ctx context.Context, provider string, groupNames []string) ([]uuid.UUID, error)

GetGroupUUIDsByNames looks up group UUIDs from group names for a given provider This is a helper function for middleware/handlers that receive group names from JWT

func (*AdministratorDatabaseStore) GetUserDetails 

func (s *AdministratorDatabaseStore) GetUserDetails(ctx context.Context, userID uuid.UUID) (email string, name string, err error)

GetUserDetails retrieves email and name for an internal_uuid (for enrichment in list responses)

func (*AdministratorDatabaseStore) HasAnyAdministrators 

func (s *AdministratorDatabaseStore) HasAnyAdministrators(ctx context.Context) (bool, error)

HasAnyAdministrators returns true if at least one administrator grant exists

func (*AdministratorDatabaseStore) IsAdmin 

func (s *AdministratorDatabaseStore) IsAdmin(ctx context.Context, userUUID *uuid.UUID, provider string, groupUUIDs []uuid.UUID) (bool, error)

IsAdmin checks if a user or any of their groups is an administrator Checks by user UUID and provider, or by group UUIDs and provider

func (*AdministratorDatabaseStore) List 

func (s *AdministratorDatabaseStore) List(ctx context.Context) ([]DBAdministrator, error)

List returns all administrator entries

func (*AdministratorDatabaseStore) ListFiltered 

func (s *AdministratorDatabaseStore) ListFiltered(ctx context.Context, filter AdminFilter) ([]DBAdministrator, error)

ListFiltered retrieves administrator grants with optional filtering

type AdministratorStore 

type AdministratorStore interface {
	// Create adds a new administrator entry
	Create(ctx context.Context, admin DBAdministrator) error

	// Delete removes an administrator entry by ID
	Delete(ctx context.Context, id uuid.UUID) error

	// List returns all administrator entries
	List(ctx context.Context) ([]DBAdministrator, error)

	// IsAdmin checks if a user or any of their groups is an administrator
	// Checks by user UUID and provider, or by group UUIDs and provider
	IsAdmin(ctx context.Context, userUUID *uuid.UUID, provider string, groupUUIDs []uuid.UUID) (bool, error)

	// GetByPrincipal retrieves administrator entries by user or group UUID
	GetByPrincipal(ctx context.Context, userUUID *uuid.UUID, groupUUID *uuid.UUID, provider string) ([]DBAdministrator, error)
}

AdministratorStore defines the interface for administrator storage operations 

var GlobalAdministratorStore AdministratorStore

GlobalAdministratorStore is the global singleton for administrator storage

type ApiInfo 

type ApiInfo struct {
	Api struct {
		// Specification URL to the API specification
		Specification string `json:"specification"`

		// Version API version
		Version string `json:"version"`
	} `json:"api"`
	Operator struct {
		// Contact Operator contact information from environment variables
		Contact string `json:"contact"`

		// Name Operator name from environment variables
		Name string `json:"name"`
	} `json:"operator"`
	Service struct {
		// Build Current build number
		Build string `json:"build"`

		// Name Name of the service
		Name string `json:"name"`
	} `json:"service"`
	Status struct {
		// Code Status code indicating if the API is functioning correctly
		Code ApiInfoStatusCode `json:"code"`

		// Time Current server time in UTC, formatted as RFC 3339
		Time time.Time `json:"time"`
	} `json:"status"`
}

ApiInfo API information response for the root endpoint

type ApiInfoHandler 

type ApiInfoHandler struct {
	// contains filtered or unexported fields
}

ApiInfoHandler handles requests to the root endpoint

func NewApiInfoHandler 

func NewApiInfoHandler(server *Server) *ApiInfoHandler

NewApiInfoHandler creates a new handler for API info

func (*ApiInfoHandler) GetApiInfo 

func (h *ApiInfoHandler) GetApiInfo(c *gin.Context)

GetApiInfo returns service, API, and operator information

type ApiInfoStatusCode 

type ApiInfoStatusCode string

ApiInfoStatusCode Status code indicating if the API is functioning correctly 

const (
	ERROR ApiInfoStatusCode = "ERROR"
	OK    ApiInfoStatusCode = "OK"
)

Defines values for ApiInfoStatusCode.

type Asset 

type Asset struct {
	// Classification Classification tags for the asset
	Classification *[]string `json:"classification"`

	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Criticality Criticality level of the asset
	Criticality *string `json:"criticality"`

	// Description Description of the asset
	Description *string `json:"description"`

	// Id Unique identifier for the asset
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Optional metadata key-value pairs
	Metadata *[]Metadata `json:"metadata,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Asset name
	Name string `binding:"required" json:"name"`

	// Sensitivity Sensitivity label for the asset
	Sensitivity *string `json:"sensitivity"`

	// Type Type of asset
	Type AssetType `binding:"required" json:"type"`
}

Asset defines model for Asset.

type AssetBase 

type AssetBase struct {
	// Classification Classification tags for the asset
	Classification *[]string `json:"classification"`

	// Criticality Criticality level of the asset
	Criticality *string `json:"criticality"`

	// Description Description of the asset
	Description *string `json:"description"`

	// Name Asset name
	Name string `binding:"required" json:"name"`

	// Sensitivity Sensitivity label for the asset
	Sensitivity *string `json:"sensitivity"`

	// Type Type of asset
	Type AssetBaseType `binding:"required" json:"type"`
}

AssetBase Base fields for Asset (user-writable only)

type AssetBaseType 

type AssetBaseType string

AssetBaseType Type of asset 

const (
	AssetBaseTypeData           AssetBaseType = "data"
	AssetBaseTypeHardware       AssetBaseType = "hardware"
	AssetBaseTypeInfrastructure AssetBaseType = "infrastructure"
	AssetBaseTypePersonnel      AssetBaseType = "personnel"
	AssetBaseTypeService        AssetBaseType = "service"
	AssetBaseTypeSoftware       AssetBaseType = "software"
)

Defines values for AssetBaseType.

type AssetId 

type AssetId = openapi_types.UUID

AssetId defines model for AssetId.

type AssetInput 

type AssetInput = AssetBase

AssetInput Base fields for Asset (user-writable only)

type AssetMetadataHandler 

type AssetMetadataHandler struct {
	// contains filtered or unexported fields
}

AssetMetadataHandler provides handlers for asset metadata operations

func NewAssetMetadataHandler 

func NewAssetMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *AssetMetadataHandler

NewAssetMetadataHandler creates a new asset metadata handler

func (*AssetMetadataHandler) BulkCreateAssetMetadata 

func (h *AssetMetadataHandler) BulkCreateAssetMetadata(c *gin.Context)

BulkCreateAssetMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/assets/{asset_id}/metadata/bulk

func (*AssetMetadataHandler) BulkUpdateAssetMetadata 

func (h *AssetMetadataHandler) BulkUpdateAssetMetadata(c *gin.Context)

BulkUpdateAssetMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/assets/{asset_id}/metadata/bulk

func (*AssetMetadataHandler) CreateAssetMetadata 

func (h *AssetMetadataHandler) CreateAssetMetadata(c *gin.Context)

CreateAssetMetadata creates a new metadata entry for a asset POST /threat_models/{threat_model_id}/assets/{asset_id}/metadata

func (*AssetMetadataHandler) DeleteAssetMetadata 

func (h *AssetMetadataHandler) DeleteAssetMetadata(c *gin.Context)

DeleteAssetMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key}

func (*AssetMetadataHandler) GetAssetMetadata 

func (h *AssetMetadataHandler) GetAssetMetadata(c *gin.Context)

GetAssetMetadata retrieves all metadata for a asset GET /threat_models/{threat_model_id}/assets/{asset_id}/metadata

func (*AssetMetadataHandler) GetAssetMetadataByKey 

func (h *AssetMetadataHandler) GetAssetMetadataByKey(c *gin.Context)

GetAssetMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key}

func (*AssetMetadataHandler) UpdateAssetMetadata 

func (h *AssetMetadataHandler) UpdateAssetMetadata(c *gin.Context)

UpdateAssetMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key}

type AssetStore 

type AssetStore interface {
	// CRUD operations
	Create(ctx context.Context, asset *Asset, threatModelID string) error
	Get(ctx context.Context, id string) (*Asset, error)
	Update(ctx context.Context, asset *Asset, threatModelID string) error
	Delete(ctx context.Context, id string) error
	Patch(ctx context.Context, id string, operations []PatchOperation) (*Asset, error)

	// List operations with pagination
	List(ctx context.Context, threatModelID string, offset, limit int) ([]Asset, error)

	// Bulk operations
	BulkCreate(ctx context.Context, assets []Asset, threatModelID string) error

	// Cache management
	InvalidateCache(ctx context.Context, id string) error
	WarmCache(ctx context.Context, threatModelID string) error
}

AssetStore defines the interface for asset operations with caching support 

var GlobalAssetStore AssetStore

type AssetSubResourceHandler 

type AssetSubResourceHandler struct {
	// contains filtered or unexported fields
}

AssetSubResourceHandler provides handlers for asset sub-resource operations

func NewAssetSubResourceHandler 

func NewAssetSubResourceHandler(assetStore AssetStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *AssetSubResourceHandler

NewAssetSubResourceHandler creates a new asset sub-resource handler

func (*AssetSubResourceHandler) BulkCreateAssets 

func (h *AssetSubResourceHandler) BulkCreateAssets(c *gin.Context)

BulkCreateAssets creates multiple assets in a single request POST /threat_models/{threat_model_id}/assets/bulk

func (*AssetSubResourceHandler) BulkUpdateAssets 

func (h *AssetSubResourceHandler) BulkUpdateAssets(c *gin.Context)

BulkUpdateAssets updates or creates multiple assets (upsert operation) PUT /threat_models/{threat_model_id}/assets/bulk

func (*AssetSubResourceHandler) CreateAsset 

func (h *AssetSubResourceHandler) CreateAsset(c *gin.Context)

CreateAsset creates a new asset in a threat model POST /threat_models/{threat_model_id}/assets

func (*AssetSubResourceHandler) DeleteAsset 

func (h *AssetSubResourceHandler) DeleteAsset(c *gin.Context)

DeleteAsset deletes an asset DELETE /threat_models/{threat_model_id}/assets/{asset_id}

func (*AssetSubResourceHandler) GetAsset 

func (h *AssetSubResourceHandler) GetAsset(c *gin.Context)

GetAsset retrieves a specific asset by ID GET /threat_models/{threat_model_id}/assets/{asset_id}

func (*AssetSubResourceHandler) GetAssets 

func (h *AssetSubResourceHandler) GetAssets(c *gin.Context)

GetAssets retrieves all assets for a threat model with pagination GET /threat_models/{threat_model_id}/assets

func (*AssetSubResourceHandler) PatchAsset 

func (h *AssetSubResourceHandler) PatchAsset(c *gin.Context)

PatchAsset applies JSON patch operations to an asset PATCH /threat_models/{threat_model_id}/assets/{asset_id}

func (*AssetSubResourceHandler) UpdateAsset 

func (h *AssetSubResourceHandler) UpdateAsset(c *gin.Context)

UpdateAsset updates an existing asset PUT /threat_models/{threat_model_id}/assets/{asset_id}

type AssetType 

type AssetType string

AssetType Type of asset 

const (
	AssetTypeData           AssetType = "data"
	AssetTypeHardware       AssetType = "hardware"
	AssetTypeInfrastructure AssetType = "infrastructure"
	AssetTypePersonnel      AssetType = "personnel"
	AssetTypeService        AssetType = "service"
	AssetTypeSoftware       AssetType = "software"
)

Defines values for AssetType.

type AsyncMessage 

type AsyncMessage interface {
	GetMessageType() MessageType
	Validate() error
}

AsyncMessage is the base interface for all WebSocket messages

func ParseAsyncMessage 

func ParseAsyncMessage(data []byte) (AsyncMessage, error)

Message Parser utility to parse incoming WebSocket messages

type AsyncParticipant 

type AsyncParticipant struct {
	User         User      `json:"user"`
	Permissions  string    `json:"permissions"`
	LastActivity time.Time `json:"last_activity"`
}

AsyncParticipant represents a participant in the AsyncAPI format

type AuditContext 

type AuditContext struct {
	ActorUserID string
	ActorEmail  string
}

AuditContext contains the actor information for audit logs

func ExtractAuditContext 

func ExtractAuditContext(c *gin.Context) *AuditContext

ExtractAuditContext extracts actor information from the Gin context

type AuditLogger 

type AuditLogger struct {
	// contains filtered or unexported fields
}

AuditLogger provides standardized audit logging for admin operations

func NewAuditLogger 

func NewAuditLogger() *AuditLogger

NewAuditLogger creates a new audit logger

func (*AuditLogger) LogAction 

func (a *AuditLogger) LogAction(ctx *AuditContext, action string, details map[string]interface{})

LogAction logs an audit event with standardized format

func (*AuditLogger) LogAdministratorGrantCreated 

func (a *AuditLogger) LogAdministratorGrantCreated(ctx *AuditContext, grantID string, userID interface{}, groupID interface{}, provider string)

LogAdministratorGrantCreated logs an administrator grant creation event

func (*AuditLogger) LogAdministratorGrantDeleted 

func (a *AuditLogger) LogAdministratorGrantDeleted(ctx *AuditContext, grantID string, userID interface{}, groupID interface{}, provider string)

LogAdministratorGrantDeleted logs an administrator grant deletion event

func (*AuditLogger) LogCreate 

func (a *AuditLogger) LogCreate(ctx *AuditContext, entityType string, entityID string, details map[string]interface{})

LogCreate logs an entity creation event

func (*AuditLogger) LogDelete 

func (a *AuditLogger) LogDelete(ctx *AuditContext, entityType string, entityID string, details map[string]interface{})

LogDelete logs an entity deletion event

func (*AuditLogger) LogGroupMemberAdded 

func (a *AuditLogger) LogGroupMemberAdded(ctx *AuditContext, groupUUID string, userUUID string, userEmail string)

LogGroupMemberAdded logs a group member addition event

func (*AuditLogger) LogGroupMemberRemoved 

func (a *AuditLogger) LogGroupMemberRemoved(ctx *AuditContext, groupUUID string, userUUID string)

LogGroupMemberRemoved logs a group member removal event

func (*AuditLogger) LogUpdate 

func (a *AuditLogger) LogUpdate(ctx *AuditContext, entityType string, entityID string, changes []string)

LogUpdate logs an entity update event

func (*AuditLogger) LogUserDeletion 

func (a *AuditLogger) LogUserDeletion(ctx *AuditContext, provider string, providerUserID string, email string, transferred int, deleted int)

LogUserDeletion logs a user deletion event with transfer and deletion counts

type AuthFlowRateLimiter 

type AuthFlowRateLimiter struct {
	// contains filtered or unexported fields
}

AuthFlowRateLimiter implements multi-scope rate limiting for OAuth/SAML auth flows

func NewAuthFlowRateLimiter 

func NewAuthFlowRateLimiter(redisClient *redis.Client) *AuthFlowRateLimiter

NewAuthFlowRateLimiter creates a new auth flow rate limiter

func (*AuthFlowRateLimiter) CheckRateLimit 

func (r *AuthFlowRateLimiter) CheckRateLimit(ctx context.Context, sessionID string, ipAddress string, userIdentifier string) (*RateLimitResult, error)

CheckRateLimit checks all three scopes and returns the most restrictive result Scopes: session (5/min), IP (100/min), user identifier (10/hour)

type AuthService 

type AuthService interface {
	GetProviders(c *gin.Context)
	GetSAMLProviders(c *gin.Context)
	Authorize(c *gin.Context)
	Callback(c *gin.Context)
	Exchange(c *gin.Context)
	Token(c *gin.Context)
	Refresh(c *gin.Context)
	Logout(c *gin.Context)
	Me(c *gin.Context)
	IsValidProvider(idp string) bool
	GetProviderGroupsFromCache(ctx context.Context, idp string) ([]string, error)
}

AuthService placeholder - we'll need to create this interface to avoid circular deps 

var GlobalAuthServiceForEvents AuthService

Global auth service for owner UUID lookups

type AuthServiceAdapter 

type AuthServiceAdapter struct {
	// contains filtered or unexported fields
}

AuthServiceAdapter adapts the auth package's Handlers to implement our AuthService interface

func NewAuthServiceAdapter 

func NewAuthServiceAdapter(handlers *auth.Handlers) *AuthServiceAdapter

NewAuthServiceAdapter creates a new adapter for auth handlers

func (*AuthServiceAdapter) Authorize 

func (a *AuthServiceAdapter) Authorize(c *gin.Context)

Authorize delegates to auth handlers

func (*AuthServiceAdapter) Callback 

func (a *AuthServiceAdapter) Callback(c *gin.Context)

Callback delegates to auth handlers

func (*AuthServiceAdapter) Exchange 

func (a *AuthServiceAdapter) Exchange(c *gin.Context)

Exchange delegates to auth handlers

func (*AuthServiceAdapter) GetJWKS 

func (a *AuthServiceAdapter) GetJWKS(c *gin.Context)

GetJWKS delegates to auth handlers

func (*AuthServiceAdapter) GetOAuthAuthorizationServerMetadata 

func (a *AuthServiceAdapter) GetOAuthAuthorizationServerMetadata(c *gin.Context)

GetOAuthAuthorizationServerMetadata delegates to auth handlers

func (*AuthServiceAdapter) GetOAuthProtectedResourceMetadata 

func (a *AuthServiceAdapter) GetOAuthProtectedResourceMetadata(c *gin.Context)

GetOAuthProtectedResourceMetadata delegates to auth handlers

func (*AuthServiceAdapter) GetOpenIDConfiguration 

func (a *AuthServiceAdapter) GetOpenIDConfiguration(c *gin.Context)

GetOpenIDConfiguration delegates to auth handlers

func (*AuthServiceAdapter) GetProviderGroupsFromCache 

func (a *AuthServiceAdapter) GetProviderGroupsFromCache(ctx context.Context, idp string) ([]string, error)

GetProviderGroupsFromCache retrieves all unique groups for a provider from cached user sessions

func (*AuthServiceAdapter) GetProviders 

func (a *AuthServiceAdapter) GetProviders(c *gin.Context)

GetProviders delegates to auth handlers

func (*AuthServiceAdapter) GetSAMLMetadata 

func (a *AuthServiceAdapter) GetSAMLMetadata(c *gin.Context, providerID string)

GetSAMLMetadata delegates to auth handlers for SAML metadata

func (*AuthServiceAdapter) GetSAMLProviders 

func (a *AuthServiceAdapter) GetSAMLProviders(c *gin.Context)

GetSAMLProviders delegates to auth handlers

func (*AuthServiceAdapter) GetService 

func (a *AuthServiceAdapter) GetService() *auth.Service

GetService returns the underlying auth service for advanced operations

func (*AuthServiceAdapter) InitiateSAMLLogin 

func (a *AuthServiceAdapter) InitiateSAMLLogin(c *gin.Context, providerID string, clientCallback *string)

InitiateSAMLLogin delegates to auth handlers to start SAML authentication

func (*AuthServiceAdapter) IntrospectToken 

func (a *AuthServiceAdapter) IntrospectToken(c *gin.Context)

IntrospectToken delegates to auth handlers

func (*AuthServiceAdapter) IsValidProvider 

func (a *AuthServiceAdapter) IsValidProvider(idp string) bool

IsValidProvider checks if the given provider ID is configured and enabled

func (*AuthServiceAdapter) Logout 

func (a *AuthServiceAdapter) Logout(c *gin.Context)

Logout delegates to auth handlers

func (*AuthServiceAdapter) Me 

func (a *AuthServiceAdapter) Me(c *gin.Context)

Me delegates to auth handlers, with fallback user lookup if needed

func (*AuthServiceAdapter) ProcessSAMLLogout 

func (a *AuthServiceAdapter) ProcessSAMLLogout(c *gin.Context, providerID string, samlRequest string)

ProcessSAMLLogout delegates to auth handlers for SAML logout

func (*AuthServiceAdapter) ProcessSAMLResponse 

func (a *AuthServiceAdapter) ProcessSAMLResponse(c *gin.Context, providerID string, samlResponse string, relayState string)

ProcessSAMLResponse delegates to auth handlers to process SAML assertion

func (*AuthServiceAdapter) Refresh 

func (a *AuthServiceAdapter) Refresh(c *gin.Context)

Refresh delegates to auth handlers

func (*AuthServiceAdapter) Token 

func (a *AuthServiceAdapter) Token(c *gin.Context)

Token delegates to auth handlers (supports all grant types and content types)

type AuthServiceGetter 

type AuthServiceGetter interface {
	GetService() *auth.Service
}

AuthServiceGetter defines an interface for getting the auth service

type AuthTestHelper 

type AuthTestHelper struct {
	DB               *sql.DB
	Cache            *CacheService
	CacheInvalidator *CacheInvalidator
	TestContext      context.Context
}

AuthTestHelper provides utilities for testing authorization functionality with caching

func NewAuthTestHelper 

func NewAuthTestHelper(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *AuthTestHelper

NewAuthTestHelper creates a new authorization test helper

func (*AuthTestHelper) CleanupTestAuth 

func (h *AuthTestHelper) CleanupTestAuth(t *testing.T, threatModelIDs []string)

CleanupTestAuth cleans up test authorization data

func (*AuthTestHelper) CreateTestGinContext 

func (h *AuthTestHelper) CreateTestGinContext(userEmail string, threatModelID string) (*gin.Context, *httptest.ResponseRecorder)

CreateTestGinContext creates a Gin context for testing with authentication

func (*AuthTestHelper) SetupTestAuthorizationData 

func (h *AuthTestHelper) SetupTestAuthorizationData() []AuthTestScenario

SetupTestAuthorizationData creates test authorization data for various scenarios

func (*AuthTestHelper) SetupTestThreatModel 

func (h *AuthTestHelper) SetupTestThreatModel(t *testing.T, owner string, authList []Authorization) string

SetupTestThreatModel creates a test threat model with authorization for testing

func (*AuthTestHelper) TestCacheInvalidation 

func (h *AuthTestHelper) TestCacheInvalidation(t *testing.T, threatModelID string)

TestCacheInvalidation tests that cache is properly invalidated when authorization changes

func (*AuthTestHelper) TestCheckSubResourceAccess 

func (h *AuthTestHelper) TestCheckSubResourceAccess(t *testing.T, scenarios []AuthTestScenario)

TestCheckSubResourceAccess tests the CheckSubResourceAccess function with caching

func (*AuthTestHelper) TestGetInheritedAuthData 

func (h *AuthTestHelper) TestGetInheritedAuthData(t *testing.T, scenarios []AuthTestScenario)

TestGetInheritedAuthData tests the GetInheritedAuthData function with various scenarios

func (*AuthTestHelper) TestValidateSubResourceAccess 

func (h *AuthTestHelper) TestValidateSubResourceAccess(t *testing.T, scenarios []AuthTestScenario)

TestValidateSubResourceAccess tests the middleware function

func (*AuthTestHelper) VerifyAuthorizationInheritance 

func (h *AuthTestHelper) VerifyAuthorizationInheritance(t *testing.T, threatModelID, subResourceID string)

VerifyAuthorizationInheritance verifies that sub-resource authorization inherits from threat model

type AuthTestScenario 

type AuthTestScenario struct {
	Description      string
	User             string
	ThreatModelID    string
	ExpectedAccess   bool
	ExpectedRole     Role
	ShouldCache      bool
	ExpectedCacheHit bool
}

AuthTestScenario defines a test scenario for authorization testing

type AuthTokenResponse 

type AuthTokenResponse struct {
	// AccessToken JWT access token
	AccessToken string `json:"access_token"`

	// ExpiresIn Access token expiration time in seconds
	ExpiresIn int `json:"expires_in"`

	// RefreshToken Refresh token for obtaining new access tokens
	RefreshToken string `json:"refresh_token"`

	// TokenType Token type
	TokenType AuthTokenResponseTokenType `json:"token_type"`
}

AuthTokenResponse JWT token response for authentication endpoints

type AuthTokenResponseTokenType 

type AuthTokenResponseTokenType string

AuthTokenResponseTokenType Token type 

const (
	Bearer AuthTokenResponseTokenType = "Bearer"
)

Defines values for AuthTokenResponseTokenType.

type AuthUser 

type AuthUser struct {
	Email     string    `json:"email"`
	Name      string    `json:"name"`
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
}

AuthUser represents authenticated user information

type Authorization 

type Authorization struct {
	// DisplayName Human-readable display name for UI presentation
	DisplayName *string `json:"display_name,omitempty"`

	// Email Email address (required for users, optional for groups)
	Email *openapi_types.Email `json:"email,omitempty"`

	// PrincipalType Type of principal: user (individual) or group
	PrincipalType AuthorizationPrincipalType `json:"principal_type"`

	// Provider Identity provider name (e.g., "google", "github", "microsoft", "test"). Use "*" for provider-independent groups.
	Provider string `json:"provider"`

	// ProviderId Provider-assigned identifier. For users: provider_user_id (e.g., email or OAuth sub). For groups: group_name.
	ProviderId string `json:"provider_id"`

	// Role Role: reader (view), writer (edit), owner (full control)
	Role AuthorizationRole `binding:"required" json:"role"`
}

Authorization defines model for Authorization.

func ApplyOwnershipTransferRule 

func ApplyOwnershipTransferRule(authList []Authorization, originalOwner, newOwner string) []Authorization

ApplyOwnershipTransferRule applies the business rule that when ownership changes, the original owner should be preserved in the authorization list with owner role

func DeduplicateAuthorizationList 

func DeduplicateAuthorizationList(authList []Authorization) []Authorization

DeduplicateAuthorizationList removes duplicate authorization entries, keeping the last occurrence. This mimics database ON CONFLICT behavior where the latest value wins.

Deduplication uses the same logic as ValidateDuplicateSubjects: - For groups: (provider, provider_id) - For users with provider_id: (provider, provider_id) - For users without provider_id: (provider, email)

When duplicates are found, the LAST occurrence is kept (latest wins), which matches the behavior of applying multiple PATCH operations where the final role should be used.

func ExtractOwnershipChangesFromOperations 

func ExtractOwnershipChangesFromOperations(operations []PatchOperation) (newOwner string, newAuth []Authorization, hasOwnerChange, hasAuthChange bool)

ExtractOwnershipChangesFromOperations extracts owner and authorization changes from patch operations

func NormalizePseudoGroupAuthorization 

func NormalizePseudoGroupAuthorization(auth Authorization) Authorization

NormalizePseudoGroupAuthorization ensures pseudo-group authorization entries have the correct Provider value ("*" for cross-provider pseudo-groups)

func NormalizePseudoGroupAuthorizationList 

func NormalizePseudoGroupAuthorizationList(authList []Authorization) []Authorization

NormalizePseudoGroupAuthorizationList applies normalization to a list of authorization entries

func StripResponseOnlyAuthFields 

func StripResponseOnlyAuthFields(authList []Authorization) []Authorization

StripResponseOnlyAuthFields strips response-only fields from authorization entries This should be called before validation to allow clients to send back authorization data they received from the server (which includes response-only fields)

type AuthorizationData 

type AuthorizationData struct {
	Type          string          `json:"type"`
	Owner         User            `json:"owner"`
	Authorization []Authorization `json:"authorization"`
}

AuthorizationData represents abstracted authorization data for any resource

func ExtractAuthData 

func ExtractAuthData(resource interface{}) (AuthorizationData, error)

ExtractAuthData extracts authorization data from threat models or diagrams This is a generic helper that works with any struct that has Owner and Authorization fields

func GetInheritedAuthData 

func GetInheritedAuthData(ctx context.Context, db *sql.DB, threatModelID string) (*AuthorizationData, error)

GetInheritedAuthData retrieves authorization data for a threat model from the database This function implements authorization inheritance by fetching threat model permissions that apply to all sub-resources within that threat model

func GetTestAuthorizationData 

func GetTestAuthorizationData(scenario string) *AuthorizationData

GetTestAuthorizationData returns test authorization data for a specific scenario

type AuthorizationDeniedMessage 

type AuthorizationDeniedMessage struct {
	MessageType         MessageType `json:"message_type"`
	OriginalOperationID string      `json:"original_operation_id"`
	Reason              string      `json:"reason"`
}

func (AuthorizationDeniedMessage) GetMessageType 

func (m AuthorizationDeniedMessage) GetMessageType() MessageType

func (AuthorizationDeniedMessage) Validate 

func (m AuthorizationDeniedMessage) Validate() error

type AuthorizationPrincipalType 

type AuthorizationPrincipalType string

AuthorizationPrincipalType Type of principal: user (individual) or group 

const (
	AuthorizationPrincipalTypeGroup AuthorizationPrincipalType = "group"
	AuthorizationPrincipalTypeUser  AuthorizationPrincipalType = "user"
)

Defines values for AuthorizationPrincipalType.

type AuthorizationRole 

type AuthorizationRole string

AuthorizationRole Role: reader (view), writer (edit), owner (full control) 

const (
	AuthorizationRoleOwner  AuthorizationRole = "owner"
	AuthorizationRoleReader AuthorizationRole = "reader"
	AuthorizationRoleWriter AuthorizationRole = "writer"
)

Defines values for AuthorizationRole.

type AuthorizeOAuthProviderParams 

type AuthorizeOAuthProviderParams struct {
	// Idp OAuth provider identifier. Defaults to 'test' provider in non-production builds if not specified.
	Idp *IdpQueryParam `form:"idp,omitempty" json:"idp,omitempty"`

	// ClientCallback Client callback URL where TMI should redirect after successful OAuth completion with tokens in URL fragment (#access_token=...). If not provided, tokens are returned as JSON response. Per OAuth 2.0 implicit flow spec, tokens are in fragments to prevent logging.
	ClientCallback *ClientCallbackQueryParam `form:"client_callback,omitempty" json:"client_callback,omitempty"`

	// State CSRF protection state parameter. Recommended for security. Will be included in the callback response.
	State *StateQueryParam `form:"state,omitempty" json:"state,omitempty"`

	// LoginHint User identity hint for test OAuth provider. Allows specifying a desired user identity for testing and automation. Only supported by the test provider (ignored by production providers like Google, GitHub, etc.). Must be 3-20 characters, alphanumeric and hyphens only.
	LoginHint *LoginHintQueryParam `form:"login_hint,omitempty" json:"login_hint,omitempty"`

	// Scope OAuth 2.0 scope parameter. For OpenID Connect, must include "openid". Supports "profile" and "email" scopes. Other scopes are silently ignored. Space-separated values.
	Scope ScopeQueryParam `form:"scope" json:"scope"`

	// CodeChallenge PKCE code challenge (RFC 7636) - Base64url-encoded SHA256 hash of the code_verifier. Must be 43-128 characters using unreserved characters [A-Za-z0-9-._~]. The server associates this with the authorization code for later verification during token exchange.
	CodeChallenge CodeChallengeQueryParam `form:"code_challenge" json:"code_challenge"`

	// CodeChallengeMethod PKCE code challenge method (RFC 7636) - Specifies the transformation applied to the code_verifier. Only "S256" (SHA256) is supported for security. The "plain" method is not supported.
	CodeChallengeMethod AuthorizeOAuthProviderParamsCodeChallengeMethod `form:"code_challenge_method" json:"code_challenge_method"`
}

AuthorizeOAuthProviderParams defines parameters for AuthorizeOAuthProvider.

type AuthorizeOAuthProviderParamsCodeChallengeMethod 

type AuthorizeOAuthProviderParamsCodeChallengeMethod string

AuthorizeOAuthProviderParamsCodeChallengeMethod defines parameters for AuthorizeOAuthProvider. 

const (
	AuthorizeOAuthProviderParamsCodeChallengeMethodS256 AuthorizeOAuthProviderParamsCodeChallengeMethod = "S256"
)

Defines values for AuthorizeOAuthProviderParamsCodeChallengeMethod.

type BaseDiagram 

type BaseDiagram struct {
	// CreatedAt Creation timestamp (ISO3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Optional description of the diagram
	Description *string `json:"description"`

	// Id Unique identifier for the diagram (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Image Image data with version information
	Image *struct {
		// Svg BASE64 encoded SVG representation of the diagram, used for thumbnails and reports
		Svg *[]byte `json:"svg,omitempty"`

		// UpdateVector Version of the diagram when this SVG was generated. If not provided when svg is updated, will be auto-set to BaseDiagram.update_vector
		UpdateVector *int64 `json:"update_vector,omitempty"`
	} `json:"image"`

	// Metadata Key-value pairs for additional diagram metadata
	Metadata *[]Metadata `json:"metadata"`

	// ModifiedAt Last modification timestamp (ISO3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Name of the diagram
	Name string `json:"name"`

	// Type Type of diagram with version
	Type BaseDiagramType `json:"type"`

	// UpdateVector Server-managed monotonic version counter, incremented on each diagram update
	UpdateVector *int64 `json:"update_vector,omitempty"`
}

BaseDiagram Base diagram object with common properties - used for API responses

type BaseDiagramInput 

type BaseDiagramInput struct {
	// Description Optional description of the diagram
	Description *string `json:"description"`

	// Image Image data with version information
	Image *struct {
		// Svg BASE64 encoded SVG representation of the diagram, used for thumbnails and reports
		Svg *[]byte `json:"svg,omitempty"`

		// UpdateVector Version of the diagram when this SVG was generated. If not provided when svg is updated, will be auto-set to BaseDiagram.update_vector
		UpdateVector *int64 `json:"update_vector,omitempty"`
	} `json:"image"`

	// Metadata Key-value pairs for additional diagram metadata
	Metadata *[]Metadata `json:"metadata"`

	// Name Name of the diagram
	Name string `json:"name"`

	// Type Type of diagram with version
	Type BaseDiagramInputType `json:"type"`
}

BaseDiagramInput Base diagram input for PUT/PATCH requests - excludes readOnly server-managed fields

type BaseDiagramInputType 

type BaseDiagramInputType string

BaseDiagramInputType Type of diagram with version 

const (
	BaseDiagramInputTypeDFD100 BaseDiagramInputType = "DFD-1.0.0"
)

Defines values for BaseDiagramInputType.

type BaseDiagramType 

type BaseDiagramType string

BaseDiagramType Type of diagram with version 

const (
	BaseDiagramTypeDFD100 BaseDiagramType = "DFD-1.0.0"
)

Defines values for BaseDiagramType.

type BulkCreateDiagramMetadataJSONBody 

type BulkCreateDiagramMetadataJSONBody = []Metadata

BulkCreateDiagramMetadataJSONBody defines parameters for BulkCreateDiagramMetadata.

type BulkCreateDiagramMetadataJSONRequestBody 

type BulkCreateDiagramMetadataJSONRequestBody = BulkCreateDiagramMetadataJSONBody

BulkCreateDiagramMetadataJSONRequestBody defines body for BulkCreateDiagramMetadata for application/json ContentType.

type BulkCreateDocumentMetadataJSONBody 

type BulkCreateDocumentMetadataJSONBody = []Metadata

BulkCreateDocumentMetadataJSONBody defines parameters for BulkCreateDocumentMetadata.

type BulkCreateDocumentMetadataJSONRequestBody 

type BulkCreateDocumentMetadataJSONRequestBody = BulkCreateDocumentMetadataJSONBody

BulkCreateDocumentMetadataJSONRequestBody defines body for BulkCreateDocumentMetadata for application/json ContentType.

type BulkCreateNoteMetadataJSONBody 

type BulkCreateNoteMetadataJSONBody = []Metadata

BulkCreateNoteMetadataJSONBody defines parameters for BulkCreateNoteMetadata.

type BulkCreateNoteMetadataJSONRequestBody 

type BulkCreateNoteMetadataJSONRequestBody = BulkCreateNoteMetadataJSONBody

BulkCreateNoteMetadataJSONRequestBody defines body for BulkCreateNoteMetadata for application/json ContentType.

type BulkCreateRepositoryMetadataJSONBody 

type BulkCreateRepositoryMetadataJSONBody = []Metadata

BulkCreateRepositoryMetadataJSONBody defines parameters for BulkCreateRepositoryMetadata.

type BulkCreateRepositoryMetadataJSONRequestBody 

type BulkCreateRepositoryMetadataJSONRequestBody = BulkCreateRepositoryMetadataJSONBody

BulkCreateRepositoryMetadataJSONRequestBody defines body for BulkCreateRepositoryMetadata for application/json ContentType.

type BulkCreateThreatMetadataJSONBody 

type BulkCreateThreatMetadataJSONBody = []Metadata

BulkCreateThreatMetadataJSONBody defines parameters for BulkCreateThreatMetadata.

type BulkCreateThreatMetadataJSONRequestBody 

type BulkCreateThreatMetadataJSONRequestBody = BulkCreateThreatMetadataJSONBody

BulkCreateThreatMetadataJSONRequestBody defines body for BulkCreateThreatMetadata for application/json ContentType.

type BulkCreateThreatModelAssetMetadataJSONBody 

type BulkCreateThreatModelAssetMetadataJSONBody = []Metadata

BulkCreateThreatModelAssetMetadataJSONBody defines parameters for BulkCreateThreatModelAssetMetadata.

type BulkCreateThreatModelAssetMetadataJSONRequestBody 

type BulkCreateThreatModelAssetMetadataJSONRequestBody = BulkCreateThreatModelAssetMetadataJSONBody

BulkCreateThreatModelAssetMetadataJSONRequestBody defines body for BulkCreateThreatModelAssetMetadata for application/json ContentType.

type BulkCreateThreatModelAssetsJSONBody 

type BulkCreateThreatModelAssetsJSONBody = []Asset

BulkCreateThreatModelAssetsJSONBody defines parameters for BulkCreateThreatModelAssets.

type BulkCreateThreatModelAssetsJSONRequestBody 

type BulkCreateThreatModelAssetsJSONRequestBody = BulkCreateThreatModelAssetsJSONBody

BulkCreateThreatModelAssetsJSONRequestBody defines body for BulkCreateThreatModelAssets for application/json ContentType.

type BulkCreateThreatModelDocumentsJSONBody 

type BulkCreateThreatModelDocumentsJSONBody = []Document

BulkCreateThreatModelDocumentsJSONBody defines parameters for BulkCreateThreatModelDocuments.

type BulkCreateThreatModelDocumentsJSONRequestBody 

type BulkCreateThreatModelDocumentsJSONRequestBody = BulkCreateThreatModelDocumentsJSONBody

BulkCreateThreatModelDocumentsJSONRequestBody defines body for BulkCreateThreatModelDocuments for application/json ContentType.

type BulkCreateThreatModelMetadataJSONBody 

type BulkCreateThreatModelMetadataJSONBody = []Metadata

BulkCreateThreatModelMetadataJSONBody defines parameters for BulkCreateThreatModelMetadata.

type BulkCreateThreatModelMetadataJSONRequestBody 

type BulkCreateThreatModelMetadataJSONRequestBody = BulkCreateThreatModelMetadataJSONBody

BulkCreateThreatModelMetadataJSONRequestBody defines body for BulkCreateThreatModelMetadata for application/json ContentType.

type BulkCreateThreatModelRepositoriesJSONBody 

type BulkCreateThreatModelRepositoriesJSONBody = []Repository

BulkCreateThreatModelRepositoriesJSONBody defines parameters for BulkCreateThreatModelRepositories.

type BulkCreateThreatModelRepositoriesJSONRequestBody 

type BulkCreateThreatModelRepositoriesJSONRequestBody = BulkCreateThreatModelRepositoriesJSONBody

BulkCreateThreatModelRepositoriesJSONRequestBody defines body for BulkCreateThreatModelRepositories for application/json ContentType.

type BulkCreateThreatModelThreatsJSONBody 

type BulkCreateThreatModelThreatsJSONBody = []Threat

BulkCreateThreatModelThreatsJSONBody defines parameters for BulkCreateThreatModelThreats.

type BulkCreateThreatModelThreatsJSONRequestBody 

type BulkCreateThreatModelThreatsJSONRequestBody = BulkCreateThreatModelThreatsJSONBody

BulkCreateThreatModelThreatsJSONRequestBody defines body for BulkCreateThreatModelThreats for application/json ContentType.

type BulkDeleteThreatModelThreatsParams 

type BulkDeleteThreatModelThreatsParams struct {
	// ThreatIds Comma-separated list of threat IDs to delete (UUID format)
	ThreatIds ThreatIdsQueryParam `form:"threat_ids" json:"threat_ids"`
}

BulkDeleteThreatModelThreatsParams defines parameters for BulkDeleteThreatModelThreats.

type BulkPatchThreatModelThreatsApplicationJSONPatchPlusJSONRequestBody 

type BulkPatchThreatModelThreatsApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

BulkPatchThreatModelThreatsApplicationJSONPatchPlusJSONRequestBody defines body for BulkPatchThreatModelThreats for application/json-patch+json ContentType.

type BulkUpdateNoteMetadataJSONBody 

type BulkUpdateNoteMetadataJSONBody = []Metadata

BulkUpdateNoteMetadataJSONBody defines parameters for BulkUpdateNoteMetadata.

type BulkUpdateNoteMetadataJSONRequestBody 

type BulkUpdateNoteMetadataJSONRequestBody = BulkUpdateNoteMetadataJSONBody

BulkUpdateNoteMetadataJSONRequestBody defines body for BulkUpdateNoteMetadata for application/json ContentType.

type BulkUpdateThreatModelThreatsJSONBody 

type BulkUpdateThreatModelThreatsJSONBody = []Threat

BulkUpdateThreatModelThreatsJSONBody defines parameters for BulkUpdateThreatModelThreats.

type BulkUpdateThreatModelThreatsJSONRequestBody 

type BulkUpdateThreatModelThreatsJSONRequestBody = BulkUpdateThreatModelThreatsJSONBody

BulkUpdateThreatModelThreatsJSONRequestBody defines body for BulkUpdateThreatModelThreats for application/json ContentType.

type BulkUpsertDiagramMetadataJSONBody 

type BulkUpsertDiagramMetadataJSONBody = []Metadata

BulkUpsertDiagramMetadataJSONBody defines parameters for BulkUpsertDiagramMetadata.

type BulkUpsertDiagramMetadataJSONRequestBody 

type BulkUpsertDiagramMetadataJSONRequestBody = BulkUpsertDiagramMetadataJSONBody

BulkUpsertDiagramMetadataJSONRequestBody defines body for BulkUpsertDiagramMetadata for application/json ContentType.

type BulkUpsertDocumentMetadataJSONBody 

type BulkUpsertDocumentMetadataJSONBody = []Metadata

BulkUpsertDocumentMetadataJSONBody defines parameters for BulkUpsertDocumentMetadata.

type BulkUpsertDocumentMetadataJSONRequestBody 

type BulkUpsertDocumentMetadataJSONRequestBody = BulkUpsertDocumentMetadataJSONBody

BulkUpsertDocumentMetadataJSONRequestBody defines body for BulkUpsertDocumentMetadata for application/json ContentType.

type BulkUpsertRepositoryMetadataJSONBody 

type BulkUpsertRepositoryMetadataJSONBody = []Metadata

BulkUpsertRepositoryMetadataJSONBody defines parameters for BulkUpsertRepositoryMetadata.

type BulkUpsertRepositoryMetadataJSONRequestBody 

type BulkUpsertRepositoryMetadataJSONRequestBody = BulkUpsertRepositoryMetadataJSONBody

BulkUpsertRepositoryMetadataJSONRequestBody defines body for BulkUpsertRepositoryMetadata for application/json ContentType.

type BulkUpsertThreatMetadataJSONBody 

type BulkUpsertThreatMetadataJSONBody = []Metadata

BulkUpsertThreatMetadataJSONBody defines parameters for BulkUpsertThreatMetadata.

type BulkUpsertThreatMetadataJSONRequestBody 

type BulkUpsertThreatMetadataJSONRequestBody = BulkUpsertThreatMetadataJSONBody

BulkUpsertThreatMetadataJSONRequestBody defines body for BulkUpsertThreatMetadata for application/json ContentType.

type BulkUpsertThreatModelAssetMetadataJSONBody 

type BulkUpsertThreatModelAssetMetadataJSONBody = []Metadata

BulkUpsertThreatModelAssetMetadataJSONBody defines parameters for BulkUpsertThreatModelAssetMetadata.

type BulkUpsertThreatModelAssetMetadataJSONRequestBody 

type BulkUpsertThreatModelAssetMetadataJSONRequestBody = BulkUpsertThreatModelAssetMetadataJSONBody

BulkUpsertThreatModelAssetMetadataJSONRequestBody defines body for BulkUpsertThreatModelAssetMetadata for application/json ContentType.

type BulkUpsertThreatModelAssetsJSONBody 

type BulkUpsertThreatModelAssetsJSONBody = []Asset

BulkUpsertThreatModelAssetsJSONBody defines parameters for BulkUpsertThreatModelAssets.

type BulkUpsertThreatModelAssetsJSONRequestBody 

type BulkUpsertThreatModelAssetsJSONRequestBody = BulkUpsertThreatModelAssetsJSONBody

BulkUpsertThreatModelAssetsJSONRequestBody defines body for BulkUpsertThreatModelAssets for application/json ContentType.

type BulkUpsertThreatModelDocumentsJSONBody 

type BulkUpsertThreatModelDocumentsJSONBody = []Document

BulkUpsertThreatModelDocumentsJSONBody defines parameters for BulkUpsertThreatModelDocuments.

type BulkUpsertThreatModelDocumentsJSONRequestBody 

type BulkUpsertThreatModelDocumentsJSONRequestBody = BulkUpsertThreatModelDocumentsJSONBody

BulkUpsertThreatModelDocumentsJSONRequestBody defines body for BulkUpsertThreatModelDocuments for application/json ContentType.

type BulkUpsertThreatModelMetadataJSONBody 

type BulkUpsertThreatModelMetadataJSONBody = []Metadata

BulkUpsertThreatModelMetadataJSONBody defines parameters for BulkUpsertThreatModelMetadata.

type BulkUpsertThreatModelMetadataJSONRequestBody 

type BulkUpsertThreatModelMetadataJSONRequestBody = BulkUpsertThreatModelMetadataJSONBody

BulkUpsertThreatModelMetadataJSONRequestBody defines body for BulkUpsertThreatModelMetadata for application/json ContentType.

type BulkUpsertThreatModelRepositoriesJSONBody 

type BulkUpsertThreatModelRepositoriesJSONBody = []Repository

BulkUpsertThreatModelRepositoriesJSONBody defines parameters for BulkUpsertThreatModelRepositories.

type BulkUpsertThreatModelRepositoriesJSONRequestBody 

type BulkUpsertThreatModelRepositoriesJSONRequestBody = BulkUpsertThreatModelRepositoriesJSONBody

BulkUpsertThreatModelRepositoriesJSONRequestBody defines body for BulkUpsertThreatModelRepositories for application/json ContentType.

type CacheInvalidator 

type CacheInvalidator struct {
	// contains filtered or unexported fields
}

CacheInvalidator handles complex cache invalidation scenarios

func NewCacheInvalidator 

func NewCacheInvalidator(redis *db.RedisDB, cache *CacheService) *CacheInvalidator

NewCacheInvalidator creates a new cache invalidator

func (*CacheInvalidator) BulkInvalidate 

func (ci *CacheInvalidator) BulkInvalidate(ctx context.Context, events []InvalidationEvent) error

BulkInvalidate handles bulk cache invalidation for multiple entities

func (*CacheInvalidator) GetInvalidationPattern 

func (ci *CacheInvalidator) GetInvalidationPattern(entityType, entityID, parentType, parentID string) []string

GetInvalidationPattern returns cache key patterns that would be affected by an entity change

func (*CacheInvalidator) InvalidateAllRelatedCaches 

func (ci *CacheInvalidator) InvalidateAllRelatedCaches(ctx context.Context, threatModelID string) error

InvalidateAllRelatedCaches performs comprehensive cache invalidation for a threat model

func (*CacheInvalidator) InvalidatePermissionRelatedCaches 

func (ci *CacheInvalidator) InvalidatePermissionRelatedCaches(ctx context.Context, threatModelID string) error

InvalidatePermissionRelatedCaches invalidates caches when permissions change

func (*CacheInvalidator) InvalidateSubResourceChange 

func (ci *CacheInvalidator) InvalidateSubResourceChange(ctx context.Context, event InvalidationEvent) error

InvalidateSubResourceChange handles cache invalidation when a sub-resource changes

type CacheService 

type CacheService struct {
	// contains filtered or unexported fields
}

CacheService provides caching functionality for sub-resources

func NewCacheService 

func NewCacheService(redis *db.RedisDB) *CacheService

NewCacheService creates a new cache service instance

func (*CacheService) CacheAsset 

func (cs *CacheService) CacheAsset(ctx context.Context, asset *Asset) error

CacheAsset caches an asset

func (*CacheService) CacheAuthData 

func (cs *CacheService) CacheAuthData(ctx context.Context, threatModelID string, authData AuthorizationData) error

CacheAuthData caches authorization data for a threat model

func (*CacheService) CacheCells 

func (cs *CacheService) CacheCells(ctx context.Context, diagramID string, cells []Cell) error

CacheCells caches diagram cells collection

func (*CacheService) CacheDocument 

func (cs *CacheService) CacheDocument(ctx context.Context, document *Document) error

CacheDocument caches a document

func (*CacheService) CacheList 

func (cs *CacheService) CacheList(ctx context.Context, entityType, parentID string, offset, limit int, data interface{}) error

CacheList caches a paginated list result

func (*CacheService) CacheMetadata 

func (cs *CacheService) CacheMetadata(ctx context.Context, entityType, entityID string, metadata []Metadata) error

CacheMetadata caches metadata collection for an entity

func (*CacheService) CacheNote 

func (cs *CacheService) CacheNote(ctx context.Context, note *Note) error

CacheNote caches a note

func (*CacheService) CacheRepository 

func (cs *CacheService) CacheRepository(ctx context.Context, repository *Repository) error

CacheRepository caches a repository code entry

func (*CacheService) CacheThreat 

func (cs *CacheService) CacheThreat(ctx context.Context, threat *Threat) error

CacheThreat caches an individual threat with write-through strategy

func (*CacheService) GetCachedAsset 

func (cs *CacheService) GetCachedAsset(ctx context.Context, assetID string) (*Asset, error)

GetCachedAsset retrieves a cached asset

func (*CacheService) GetCachedAuthData 

func (cs *CacheService) GetCachedAuthData(ctx context.Context, threatModelID string) (*AuthorizationData, error)

GetCachedAuthData retrieves cached authorization data

func (*CacheService) GetCachedCells 

func (cs *CacheService) GetCachedCells(ctx context.Context, diagramID string) ([]Cell, error)

GetCachedCells retrieves cached diagram cells

func (*CacheService) GetCachedDocument 

func (cs *CacheService) GetCachedDocument(ctx context.Context, documentID string) (*Document, error)

GetCachedDocument retrieves a cached document

func (*CacheService) GetCachedList 

func (cs *CacheService) GetCachedList(ctx context.Context, entityType, parentID string, offset, limit int, result interface{}) error

GetCachedList retrieves a cached paginated list result

func (*CacheService) GetCachedMetadata 

func (cs *CacheService) GetCachedMetadata(ctx context.Context, entityType, entityID string) ([]Metadata, error)

GetCachedMetadata retrieves cached metadata for an entity

func (*CacheService) GetCachedNote 

func (cs *CacheService) GetCachedNote(ctx context.Context, noteID string) (*Note, error)

GetCachedNote retrieves a cached note

func (*CacheService) GetCachedRepository 

func (cs *CacheService) GetCachedRepository(ctx context.Context, repositoryID string) (*Repository, error)

GetCachedRepository retrieves a cached repository code entry

func (*CacheService) GetCachedThreat 

func (cs *CacheService) GetCachedThreat(ctx context.Context, threatID string) (*Threat, error)

GetCachedThreat retrieves a cached threat

func (*CacheService) InvalidateAuthData 

func (cs *CacheService) InvalidateAuthData(ctx context.Context, threatModelID string) error

InvalidateAuthData removes authorization data cache

func (*CacheService) InvalidateEntity 

func (cs *CacheService) InvalidateEntity(ctx context.Context, entityType, entityID string) error

InvalidateEntity removes an entity from cache

func (*CacheService) InvalidateMetadata 

func (cs *CacheService) InvalidateMetadata(ctx context.Context, entityType, entityID string) error

InvalidateMetadata removes metadata cache for an entity

type CacheTestHelper 

type CacheTestHelper struct {
	Cache       *CacheService
	Invalidator *CacheInvalidator
	RedisClient *db.RedisDB
	TestContext context.Context
	KeyBuilder  *db.RedisKeyBuilder
}

CacheTestHelper provides utilities for testing Redis cache functionality

func NewCacheTestHelper 

func NewCacheTestHelper(cache *CacheService, invalidator *CacheInvalidator, redisClient *db.RedisDB) *CacheTestHelper

NewCacheTestHelper creates a new cache test helper

func (*CacheTestHelper) CacheTestDocument 

func (h *CacheTestHelper) CacheTestDocument(t *testing.T, document *Document)

CacheTestDocument caches a document for testing

func (*CacheTestHelper) CacheTestRepository 

func (h *CacheTestHelper) CacheTestRepository(t *testing.T, repository *Repository)

CacheTestRepository caches a repository for testing

func (*CacheTestHelper) CacheTestThreat 

func (h *CacheTestHelper) CacheTestThreat(t *testing.T, threat *Threat)

CacheTestThreat caches a threat for testing

func (*CacheTestHelper) ClearAllTestCache 

func (h *CacheTestHelper) ClearAllTestCache(t *testing.T)

ClearAllTestCache clears all test cache data

func (*CacheTestHelper) ClearDocumentCache 

func (h *CacheTestHelper) ClearDocumentCache(t *testing.T, documentID string)

ClearDocumentCache clears document cache for testing

func (*CacheTestHelper) ClearRepositoryCache 

func (h *CacheTestHelper) ClearRepositoryCache(t *testing.T, repositoryID string)

ClearRepositoryCache clears repository cache for testing

func (*CacheTestHelper) ClearThreatCache 

func (h *CacheTestHelper) ClearThreatCache(t *testing.T, threatID string)

ClearThreatCache clears threat cache for testing

func (*CacheTestHelper) GetCacheStats 

func (h *CacheTestHelper) GetCacheStats(t *testing.T) map[string]interface{}

GetCacheStats returns cache statistics for testing

func (*CacheTestHelper) SetupTestCache 

func (h *CacheTestHelper) SetupTestCache(t *testing.T)

SetupTestCache initializes cache with test data

func (*CacheTestHelper) TestCacheAuthOperations 

func (h *CacheTestHelper) TestCacheAuthOperations(t *testing.T, threatModelID string)

TestCacheAuthOperations tests caching operations for authorization data

func (*CacheTestHelper) TestCacheConsistency 

func (h *CacheTestHelper) TestCacheConsistency(t *testing.T, threatModelID string)

TestCacheConsistency tests cache consistency across operations

func (*CacheTestHelper) TestCacheDocumentOperations 

func (h *CacheTestHelper) TestCacheDocumentOperations(t *testing.T, scenarios []CacheTestScenario)

TestCacheDocumentOperations tests caching operations for documents

func (*CacheTestHelper) TestCacheInvalidationStrategies 

func (h *CacheTestHelper) TestCacheInvalidationStrategies(t *testing.T, threatModelID string)

TestCacheInvalidationStrategies tests different invalidation strategies

func (*CacheTestHelper) TestCacheMetadataOperations 

func (h *CacheTestHelper) TestCacheMetadataOperations(t *testing.T, entityType, entityID string)

TestCacheMetadataOperations tests caching operations for metadata

func (*CacheTestHelper) TestCacheRepositoryOperations 

func (h *CacheTestHelper) TestCacheRepositoryOperations(t *testing.T, scenarios []CacheTestScenario)

TestCacheRepositoryOperations tests caching operations for repositories

func (*CacheTestHelper) TestCacheTTLBehavior 

func (h *CacheTestHelper) TestCacheTTLBehavior(t *testing.T, scenarios []CacheTestScenario)

TestCacheTTLBehavior tests TTL behavior for cached items

func (*CacheTestHelper) TestCacheThreatOperations 

func (h *CacheTestHelper) TestCacheThreatOperations(t *testing.T, scenarios []CacheTestScenario)

TestCacheThreatOperations tests caching operations for threats

func (*CacheTestHelper) VerifyCacheMetrics 

func (h *CacheTestHelper) VerifyCacheMetrics(t *testing.T, expectedHitRatio float64)

VerifyCacheMetrics verifies cache performance metrics

type CacheTestScenario 

type CacheTestScenario struct {
	Description     string
	EntityType      string
	EntityID        string
	ThreatModelID   string
	ExpectedHit     bool
	ExpectedMiss    bool
	TTL             time.Duration
	ShouldExpire    bool
	InvalidateAfter bool
}

CacheTestScenario defines a test scenario for cache testing

func SetupCacheTestScenarios 

func SetupCacheTestScenarios() []CacheTestScenario

SetupCacheTestScenarios returns common cache test scenarios

type CacheWarmer 

type CacheWarmer struct {
	// contains filtered or unexported fields
}

CacheWarmer handles proactive cache warming for frequently accessed data

func NewCacheWarmer 

func NewCacheWarmer(
	db *sql.DB,
	cache *CacheService,
	threatStore ThreatStore,
	documentStore DocumentStore,
	repositoryStore RepositoryStore,
	metadataStore MetadataStore,
) *CacheWarmer

NewCacheWarmer creates a new cache warmer instance

func (*CacheWarmer) DisableWarming 

func (cw *CacheWarmer) DisableWarming()

DisableWarming disables cache warming

func (*CacheWarmer) EnableWarming 

func (cw *CacheWarmer) EnableWarming()

EnableWarming enables cache warming

func (*CacheWarmer) GetWarmingStats 

func (cw *CacheWarmer) GetWarmingStats() WarmingStats

GetWarmingStats returns current warming statistics

func (*CacheWarmer) IsWarmingEnabled 

func (cw *CacheWarmer) IsWarmingEnabled() bool

IsWarmingEnabled returns whether cache warming is enabled

func (*CacheWarmer) SetWarmingInterval 

func (cw *CacheWarmer) SetWarmingInterval(interval time.Duration)

SetWarmingInterval configures the proactive warming interval

func (*CacheWarmer) StartProactiveWarming 

func (cw *CacheWarmer) StartProactiveWarming(ctx context.Context) error

StartProactiveWarming starts the proactive cache warming process

func (*CacheWarmer) StopProactiveWarming 

func (cw *CacheWarmer) StopProactiveWarming()

StopProactiveWarming stops the proactive cache warming process

func (*CacheWarmer) WarmFrequentlyAccessedData 

func (cw *CacheWarmer) WarmFrequentlyAccessedData(ctx context.Context) error

WarmFrequentlyAccessedData warms cache with frequently accessed data

func (*CacheWarmer) WarmOnDemandRequest 

func (cw *CacheWarmer) WarmOnDemandRequest(ctx context.Context, request WarmingRequest) error

WarmOnDemandRequest handles on-demand cache warming requests

func (*CacheWarmer) WarmThreatModelData 

func (cw *CacheWarmer) WarmThreatModelData(ctx context.Context, threatModelID string) error

WarmThreatModelData warms cache with all data for a specific threat model

type Cell 

type Cell struct {
	// Data Flexible data storage compatible with X6, with reserved metadata namespace
	Data *Cell_Data `json:"data,omitempty"`

	// Id Unique identifier of the cell (UUID)
	Id openapi_types.UUID `json:"id"`

	// Markup SVG/HTML markup definition for custom shape rendering in X6
	Markup *[]MarkupElement `json:"markup,omitempty"`

	// Shape Shape type identifier that determines cell structure and behavior
	Shape string `json:"shape"`

	// Visible Whether the cell is visible in the diagram
	Visible *bool `json:"visible,omitempty"`

	// ZIndex Z-order layer for rendering (higher values render on top)
	ZIndex *float32 `json:"zIndex,omitempty"`
}

Cell Base schema for all diagram cells (nodes and edges) in AntV X6 native format. This schema matches X6's toJSON() output exactly, enabling zero-transformation persistence. X6-specific properties like markup, tools, router, and connector are fully supported.

type CellHandler 

type CellHandler struct {
	// contains filtered or unexported fields
}

CellHandler provides handlers for diagram cell operations with PATCH support and metadata

func NewCellHandler 

func NewCellHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *CellHandler

NewCellHandler creates a new cell handler

func NewCellHandlerSimple 

func NewCellHandlerSimple() *CellHandler

NewCellHandlerSimple creates a new cell handler with default dependencies

func (*CellHandler) BatchPatchCells 

func (h *CellHandler) BatchPatchCells(c *gin.Context)

BatchPatchCells applies patch operations to multiple cells (optimized for collaboration) POST /diagrams/{diagram_id}/cells/batch/patch

func (*CellHandler) CreateCellMetadata 

func (h *CellHandler) CreateCellMetadata(c *gin.Context)

CreateCellMetadata creates a new metadata entry for a cell POST /diagrams/{diagram_id}/cells/{cell_id}/metadata

func (*CellHandler) DeleteCellMetadata 

func (h *CellHandler) DeleteCellMetadata(c *gin.Context)

DeleteCellMetadata deletes a metadata entry DELETE /diagrams/{diagram_id}/cells/{cell_id}/metadata/{key}

func (*CellHandler) GetCellMetadata 

func (h *CellHandler) GetCellMetadata(c *gin.Context)

GetCellMetadata retrieves all metadata for a diagram cell GET /diagrams/{diagram_id}/cells/{cell_id}/metadata

func (*CellHandler) GetCellMetadataByKey 

func (h *CellHandler) GetCellMetadataByKey(c *gin.Context)

GetCellMetadataByKey retrieves a specific metadata entry by key GET /diagrams/{diagram_id}/cells/{cell_id}/metadata/{key}

func (*CellHandler) PatchCell 

func (h *CellHandler) PatchCell(c *gin.Context)

PatchCell applies JSON patch operations to a cell (requires WebSocket connection for real-time updates) PATCH /diagrams/{diagram_id}/cells/{cell_id}

func (*CellHandler) UpdateCellMetadata 

func (h *CellHandler) UpdateCellMetadata(c *gin.Context)

UpdateCellMetadata updates an existing metadata entry PUT /diagrams/{diagram_id}/cells/{cell_id}/metadata/{key}

type CellIdQueryParam 

type CellIdQueryParam = openapi_types.UUID

CellIdQueryParam defines model for CellIdQueryParam.

type CellOperation 

type CellOperation struct {
	ID        string                 `json:"id"`
	Operation string                 `json:"operation"`
	Data      *DfdDiagram_Cells_Item `json:"data,omitempty"` // Union type: Node | Edge
}

CellOperation represents a single cell operation (add/update/remove)

func (CellOperation) Validate 

func (op CellOperation) Validate() error

type CellOperationProcessor 

type CellOperationProcessor struct {
	// contains filtered or unexported fields
}

CellOperationProcessor processes cell operations with validation and conflict detection

func NewCellOperationProcessor 

func NewCellOperationProcessor(store DiagramStoreInterface) *CellOperationProcessor

NewCellOperationProcessor creates a new cell operation processor

func (*CellOperationProcessor) ProcessCellOperations 

func (cop *CellOperationProcessor) ProcessCellOperations(diagramID string, operation CellPatchOperation) (*OperationValidationResult, error)

ProcessCellOperations processes a batch of cell operations with full validation

type CellPatchOperation 

type CellPatchOperation struct {
	Type  string          `json:"type"`
	Cells []CellOperation `json:"cells"`
}

CellPatchOperation mirrors REST PATCH operations for cells with batch support

func ConvertJSONPatchToCellOperations 

func ConvertJSONPatchToCellOperations(operations []PatchOperation) (*CellPatchOperation, error)

ConvertJSONPatchToCellOperations converts standard JSON Patch operations to CellPatchOperation format This enables code reuse between REST PATCH endpoints and WebSocket operations

func (CellPatchOperation) Validate 

func (op CellPatchOperation) Validate() error

type Cell_Data 

type Cell_Data struct {
	// Metadata Reserved namespace for structured business metadata
	Metadata             *[]Metadata            `json:"_metadata,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

Cell_Data Flexible data storage compatible with X6, with reserved metadata namespace

func (Cell_Data) Get 

func (a Cell_Data) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for Cell_Data. Returns the specified element and whether it was found

func (Cell_Data) MarshalJSON 

func (a Cell_Data) MarshalJSON() ([]byte, error)

Override default JSON handling for Cell_Data to handle AdditionalProperties

func (*Cell_Data) Set 

func (a *Cell_Data) Set(fieldName string, value interface{})

Setter for additional properties for Cell_Data

func (*Cell_Data) UnmarshalJSON 

func (a *Cell_Data) UnmarshalJSON(b []byte) error

Override default JSON handling for Cell_Data to handle AdditionalProperties

type ChallengeQueryParam 

type ChallengeQueryParam = string

ChallengeQueryParam defines model for ChallengeQueryParam.

type ChangePresenterMessage 

type ChangePresenterMessage struct {
	MessageType    MessageType `json:"message_type"`
	InitiatingUser User        `json:"initiating_user"`
	NewPresenter   User        `json:"new_presenter"`
}

func (ChangePresenterMessage) GetMessageType 

func (m ChangePresenterMessage) GetMessageType() MessageType

func (ChangePresenterMessage) Validate 

func (m ChangePresenterMessage) Validate() error

type ChangePresenterRequest 

type ChangePresenterRequest struct {
	MessageType  MessageType `json:"message_type"`
	NewPresenter User        `json:"new_presenter"`
}

ChangePresenterRequest is sent by client to change presenter

func (ChangePresenterRequest) GetMessageType 

func (m ChangePresenterRequest) GetMessageType() MessageType

func (ChangePresenterRequest) Validate 

func (m ChangePresenterRequest) Validate() error

type ChangePresenterRequestHandler 

type ChangePresenterRequestHandler struct{}

ChangePresenterRequestHandler handles change presenter request messages

func (*ChangePresenterRequestHandler) HandleMessage 

func (h *ChangePresenterRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*ChangePresenterRequestHandler) MessageType 

func (h *ChangePresenterRequestHandler) MessageType() string

type ClientCallbackQueryParam 

type ClientCallbackQueryParam = string

ClientCallbackQueryParam defines model for ClientCallbackQueryParam.

type ClientCredentialInfo 

type ClientCredentialInfo struct {
	// ClientId OAuth 2.0 client ID (format: tmi_cc_*)
	ClientId string `json:"client_id"`

	// CreatedAt Creation timestamp (ISO 8601)
	CreatedAt time.Time `json:"created_at"`

	// Description Optional description of the credential's purpose
	Description *string `json:"description,omitempty"`

	// ExpiresAt Optional expiration timestamp (ISO 8601)
	ExpiresAt *time.Time `json:"expires_at,omitempty"`

	// Id Unique identifier for the credential
	Id openapi_types.UUID `json:"id"`

	// IsActive Whether the credential is active
	IsActive bool `json:"is_active"`

	// LastUsedAt Last time this credential was used (ISO 8601)
	LastUsedAt *time.Time `json:"last_used_at,omitempty"`

	// ModifiedAt Last modification timestamp (ISO 8601)
	ModifiedAt time.Time `json:"modified_at"`

	// Name Human-readable name for the credential
	Name string `json:"name"`
}

ClientCredentialInfo Client credential information without the secret

type ClientCredentialInfoInternal 

type ClientCredentialInfoInternal struct {
	ID          uuid.UUID  `json:"id"`
	ClientID    string     `json:"client_id"`
	Name        string     `json:"name"`
	Description string     `json:"description"`
	IsActive    bool       `json:"is_active"`
	LastUsedAt  *time.Time `json:"last_used_at,omitempty"`
	CreatedAt   time.Time  `json:"created_at"`
	ModifiedAt  time.Time  `json:"modified_at"`
	ExpiresAt   *time.Time `json:"expires_at,omitempty"`
}

ClientCredentialInfoInternal represents a client credential without the secret (internal type)

type ClientCredentialQuotaStore 

type ClientCredentialQuotaStore interface {
	// GetClientCredentialQuota retrieves the maximum number of credentials allowed for a user
	GetClientCredentialQuota(ctx context.Context, userUUID uuid.UUID) (int, error)

	// GetClientCredentialCount retrieves the current number of active credentials for a user
	GetClientCredentialCount(ctx context.Context, userUUID uuid.UUID) (int, error)

	// CheckClientCredentialQuota verifies if a user can create a new credential
	CheckClientCredentialQuota(ctx context.Context, userUUID uuid.UUID) error
}

ClientCredentialQuotaStore defines the interface for client credential quota operations 

var GlobalClientCredentialQuotaStore ClientCredentialQuotaStore

GlobalClientCredentialQuotaStore is the global singleton for client credential quota

type ClientCredentialResponse 

type ClientCredentialResponse struct {
	// ClientId OAuth 2.0 client ID (format: tmi_cc_*)
	ClientId string `json:"client_id"`

	// ClientSecret OAuth 2.0 client secret - ONLY returned at creation time, cannot be retrieved later
	ClientSecret string `json:"client_secret"`

	// CreatedAt Creation timestamp (ISO 8601)
	CreatedAt time.Time `json:"created_at"`

	// Description Optional description of the credential's purpose
	Description *string `json:"description,omitempty"`

	// ExpiresAt Optional expiration timestamp (ISO 8601)
	ExpiresAt *time.Time `json:"expires_at,omitempty"`

	// Id Unique identifier for the credential
	Id openapi_types.UUID `json:"id"`

	// Name Human-readable name for the credential
	Name string `json:"name"`
}

ClientCredentialResponse Response from creating a client credential. WARNING: The client_secret is ONLY returned once and cannot be retrieved later.

type ClientCredentialService 

type ClientCredentialService struct {
	// contains filtered or unexported fields
}

ClientCredentialService handles client credential generation and management

func NewClientCredentialService 

func NewClientCredentialService(authService *auth.Service) *ClientCredentialService

NewClientCredentialService creates a new client credential service

func (*ClientCredentialService) Create 

func (s *ClientCredentialService) Create(ctx context.Context, ownerUUID uuid.UUID, req CreateClientCredentialRequest) (*CreateClientCredentialResponse, error)

Create generates a new client credential for the specified owner The client_secret is only returned once and cannot be retrieved later (GitHub PAT pattern)

func (*ClientCredentialService) Deactivate 

func (s *ClientCredentialService) Deactivate(ctx context.Context, credID uuid.UUID, ownerUUID uuid.UUID) error

Deactivate soft-deletes a client credential (sets is_active = false)

func (*ClientCredentialService) Delete 

func (s *ClientCredentialService) Delete(ctx context.Context, credID uuid.UUID, ownerUUID uuid.UUID) error

Delete permanently deletes a client credential

func (*ClientCredentialService) List 

func (s *ClientCredentialService) List(ctx context.Context, ownerUUID uuid.UUID) ([]*ClientCredentialInfoInternal, error)

List retrieves all client credentials for the specified owner (without secrets)

type CodeChallengeMethodQueryParam 

type CodeChallengeMethodQueryParam string

CodeChallengeMethodQueryParam defines model for CodeChallengeMethodQueryParam. 

const (
	CodeChallengeMethodQueryParamS256 CodeChallengeMethodQueryParam = "S256"
)

Defines values for CodeChallengeMethodQueryParam.

type CodeChallengeQueryParam 

type CodeChallengeQueryParam = string

CodeChallengeQueryParam defines model for CodeChallengeQueryParam.

type CodeQueryParam 

type CodeQueryParam = string

CodeQueryParam defines model for CodeQueryParam.

type CollaborationInviteData 

type CollaborationInviteData struct {
	DiagramID       string `json:"diagram_id"`
	DiagramName     string `json:"diagram_name,omitempty"`
	ThreatModelID   string `json:"threat_model_id"`
	ThreatModelName string `json:"threat_model_name,omitempty"`
	InviterEmail    string `json:"inviter_email"`
	Role            string `json:"role"` // viewer, writer
}

CollaborationInviteData contains data for collaboration invitations

type CollaborationNotificationData 

type CollaborationNotificationData struct {
	DiagramID       string `json:"diagram_id"`
	DiagramName     string `json:"diagram_name,omitempty"`
	ThreatModelID   string `json:"threat_model_id"`
	ThreatModelName string `json:"threat_model_name,omitempty"`
	SessionID       string `json:"session_id,omitempty"`
}

CollaborationNotificationData contains data for collaboration notifications

type CollaborationSession 

type CollaborationSession struct {
	// DiagramId Unique identifier of the associated diagram (UUID)
	DiagramId openapi_types.UUID `json:"diagram_id"`

	// DiagramName Name of the associated diagram
	DiagramName string `json:"diagram_name"`

	// Host Email address of the session host
	Host *string `json:"host,omitempty"`

	// Participants List of active participants
	Participants []Participant `json:"participants"`

	// Presenter Email address of the current presenter
	Presenter *string `json:"presenter,omitempty"`

	// SessionId Unique identifier for the session (UUID)
	SessionId *openapi_types.UUID `json:"session_id,omitempty"`

	// ThreatModelId Unique identifier of the associated threat model (UUID)
	ThreatModelId openapi_types.UUID `json:"threat_model_id"`

	// ThreatModelName Name of the associated threat model
	ThreatModelName string `json:"threat_model_name"`

	// WebsocketUrl WebSocket URL for real-time updates
	WebsocketUrl string `json:"websocket_url"`
}

CollaborationSession Details of an active collaboration session for a diagram

type CommonValidatorRegistry 

type CommonValidatorRegistry struct {
	// contains filtered or unexported fields
}

CommonValidatorRegistry provides a centralized registry of reusable validators

func NewValidatorRegistry 

func NewValidatorRegistry() *CommonValidatorRegistry

NewValidatorRegistry creates a new validator registry with common validators

func (*CommonValidatorRegistry) Get 

func (r *CommonValidatorRegistry) Get(name string) (ValidatorFunc, bool)

Get retrieves a validator by name

func (*CommonValidatorRegistry) GetValidators 

func (r *CommonValidatorRegistry) GetValidators(names []string) []ValidatorFunc

GetValidators returns multiple validators by names

func (*CommonValidatorRegistry) Register 

func (r *CommonValidatorRegistry) Register(name string, validator ValidatorFunc)

Register adds a validator to the registry

type Component 

type Component struct {
	ID       string                 `json:"id"`
	Type     string                 `json:"type" binding:"required"`
	Data     map[string]interface{} `json:"data"`
	Metadata []MetadataItem         `json:"metadata,omitempty"`
}

Component represents a diagram component

type CreateAddonJSONRequestBody 

type CreateAddonJSONRequestBody = CreateAddonRequest

CreateAddonJSONRequestBody defines body for CreateAddon for application/json ContentType.

type CreateAddonRequest 

type CreateAddonRequest struct {
	// Description Description of what the add-on does
	Description *string `json:"description,omitempty"`

	// Icon Icon identifier (Material Symbols or FontAwesome format)
	Icon *string `json:"icon,omitempty"`

	// Name Display name for the add-on
	Name string `json:"name"`

	// Objects TMI object types this add-on can operate on
	Objects *[]CreateAddonRequestObjects `json:"objects,omitempty"`

	// ThreatModelId Optional: Scope add-on to specific threat model
	ThreatModelId *openapi_types.UUID `json:"threat_model_id,omitempty"`

	// WebhookId UUID of the associated webhook subscription
	WebhookId openapi_types.UUID `json:"webhook_id"`
}

CreateAddonRequest defines model for CreateAddonRequest.

type CreateAddonRequestObjects 

type CreateAddonRequestObjects string

CreateAddonRequestObjects defines model for CreateAddonRequest.Objects. 

const (
	CreateAddonRequestObjectsAsset       CreateAddonRequestObjects = "asset"
	CreateAddonRequestObjectsDiagram     CreateAddonRequestObjects = "diagram"
	CreateAddonRequestObjectsDocument    CreateAddonRequestObjects = "document"
	CreateAddonRequestObjectsMetadata    CreateAddonRequestObjects = "metadata"
	CreateAddonRequestObjectsNote        CreateAddonRequestObjects = "note"
	CreateAddonRequestObjectsRepository  CreateAddonRequestObjects = "repository"
	CreateAddonRequestObjectsThreat      CreateAddonRequestObjects = "threat"
	CreateAddonRequestObjectsThreatModel CreateAddonRequestObjects = "threat_model"
)

Defines values for CreateAddonRequestObjects.

type CreateAdminGroupJSONRequestBody 

type CreateAdminGroupJSONRequestBody = CreateAdminGroupRequest

CreateAdminGroupJSONRequestBody defines body for CreateAdminGroup for application/json ContentType.

type CreateAdminGroupRequest 

type CreateAdminGroupRequest struct {
	// Description Optional group description
	Description *string `json:"description,omitempty"`

	// GroupName Group identifier (alphanumeric, hyphens, underscores only)
	GroupName string `json:"group_name"`

	// Name Human-readable group name
	Name string `json:"name"`
}

CreateAdminGroupRequest Request body for creating a provider-independent group

type CreateAdministratorJSONRequestBody 

type CreateAdministratorJSONRequestBody = CreateAdministratorRequest

CreateAdministratorJSONRequestBody defines body for CreateAdministrator for application/json ContentType.

type CreateAdministratorRequest 

type CreateAdministratorRequest struct {
	// Email User email to grant admin privileges (mutually exclusive with provider_user_id and group_name)
	Email *openapi_types.Email `json:"email,omitempty"`

	// GroupName Group name to grant admin privileges (mutually exclusive with email and provider_user_id)
	GroupName *string `json:"group_name,omitempty"`

	// Provider OAuth/SAML provider
	Provider string `json:"provider"`

	// ProviderUserId Provider's user ID to grant admin privileges (mutually exclusive with email and group_name)
	ProviderUserId *string `json:"provider_user_id,omitempty"`
}

CreateAdministratorRequest defines model for CreateAdministratorRequest.

type CreateClientCredentialRequest 

type CreateClientCredentialRequest struct {
	Name        string     `json:"name" binding:"required,min=1,max=100"`
	Description string     `json:"description" binding:"max=500"`
	ExpiresAt   *time.Time `json:"expires_at,omitempty"`
}

CreateClientCredentialRequest contains parameters for creating a new client credential

type CreateClientCredentialResponse 

type CreateClientCredentialResponse struct {
	ID           uuid.UUID  `json:"id"`
	ClientID     string     `json:"client_id"`
	ClientSecret string     `json:"client_secret"` // ONLY returned at creation time
	Name         string     `json:"name"`
	Description  string     `json:"description"`
	CreatedAt    time.Time  `json:"created_at"`
	ExpiresAt    *time.Time `json:"expires_at,omitempty"`
}

CreateClientCredentialResponse contains the response from creating a client credential WARNING: The client_secret is ONLY returned at creation time and cannot be retrieved later

type CreateCurrentUserClientCredentialJSONBody 

type CreateCurrentUserClientCredentialJSONBody struct {
	// Description Optional description of the credential's purpose
	Description *string `json:"description,omitempty"`

	// ExpiresAt Optional expiration timestamp (ISO 8601)
	ExpiresAt *time.Time `json:"expires_at,omitempty"`

	// Name Human-readable name for the credential
	Name string `json:"name"`
}

CreateCurrentUserClientCredentialJSONBody defines parameters for CreateCurrentUserClientCredential.

type CreateCurrentUserClientCredentialJSONRequestBody 

type CreateCurrentUserClientCredentialJSONRequestBody CreateCurrentUserClientCredentialJSONBody

CreateCurrentUserClientCredentialJSONRequestBody defines body for CreateCurrentUserClientCredential for application/json ContentType.

type CreateDiagramMetadataJSONRequestBody 

type CreateDiagramMetadataJSONRequestBody = Metadata

CreateDiagramMetadataJSONRequestBody defines body for CreateDiagramMetadata for application/json ContentType.

type CreateDiagramRequest 

type CreateDiagramRequest struct {
	// Name Name of the diagram
	Name string `json:"name"`

	// Type Type of diagram with version
	Type CreateDiagramRequestType `json:"type"`
}

CreateDiagramRequest Request body for creating a new diagram - only includes client-provided fields

type CreateDiagramRequestType 

type CreateDiagramRequestType string

CreateDiagramRequestType Type of diagram with version 

const (
	CreateDiagramRequestTypeDFD100 CreateDiagramRequestType = "DFD-1.0.0"
)

Defines values for CreateDiagramRequestType.

type CreateDocumentMetadataJSONRequestBody 

type CreateDocumentMetadataJSONRequestBody = Metadata

CreateDocumentMetadataJSONRequestBody defines body for CreateDocumentMetadata for application/json ContentType.

type CreateNoteMetadataJSONRequestBody 

type CreateNoteMetadataJSONRequestBody = Metadata

CreateNoteMetadataJSONRequestBody defines body for CreateNoteMetadata for application/json ContentType.

type CreateRepositoryMetadataJSONRequestBody 

type CreateRepositoryMetadataJSONRequestBody = Metadata

CreateRepositoryMetadataJSONRequestBody defines body for CreateRepositoryMetadata for application/json ContentType.

type CreateThreatMetadataJSONRequestBody 

type CreateThreatMetadataJSONRequestBody = Metadata

CreateThreatMetadataJSONRequestBody defines body for CreateThreatMetadata for application/json ContentType.

type CreateThreatModelAssetJSONRequestBody 

type CreateThreatModelAssetJSONRequestBody = AssetInput

CreateThreatModelAssetJSONRequestBody defines body for CreateThreatModelAsset for application/json ContentType.

type CreateThreatModelAssetMetadataJSONRequestBody 

type CreateThreatModelAssetMetadataJSONRequestBody = Metadata

CreateThreatModelAssetMetadataJSONRequestBody defines body for CreateThreatModelAssetMetadata for application/json ContentType.

type CreateThreatModelDiagramJSONRequestBody 

type CreateThreatModelDiagramJSONRequestBody = CreateDiagramRequest

CreateThreatModelDiagramJSONRequestBody defines body for CreateThreatModelDiagram for application/json ContentType.

type CreateThreatModelDocumentJSONRequestBody 

type CreateThreatModelDocumentJSONRequestBody = DocumentInput

CreateThreatModelDocumentJSONRequestBody defines body for CreateThreatModelDocument for application/json ContentType.

type CreateThreatModelJSONRequestBody 

type CreateThreatModelJSONRequestBody = ThreatModelInput

CreateThreatModelJSONRequestBody defines body for CreateThreatModel for application/json ContentType.

type CreateThreatModelMetadataJSONRequestBody 

type CreateThreatModelMetadataJSONRequestBody = Metadata

CreateThreatModelMetadataJSONRequestBody defines body for CreateThreatModelMetadata for application/json ContentType.

type CreateThreatModelNoteJSONRequestBody 

type CreateThreatModelNoteJSONRequestBody = NoteInput

CreateThreatModelNoteJSONRequestBody defines body for CreateThreatModelNote for application/json ContentType.

type CreateThreatModelRepositoryJSONRequestBody 

type CreateThreatModelRepositoryJSONRequestBody = RepositoryInput

CreateThreatModelRepositoryJSONRequestBody defines body for CreateThreatModelRepository for application/json ContentType.

type CreateThreatModelThreatJSONRequestBody 

type CreateThreatModelThreatJSONRequestBody = ThreatInput

CreateThreatModelThreatJSONRequestBody defines body for CreateThreatModelThreat for application/json ContentType.

type CreateWebhookSubscriptionJSONRequestBody 

type CreateWebhookSubscriptionJSONRequestBody = WebhookSubscriptionInput

CreateWebhookSubscriptionJSONRequestBody defines body for CreateWebhookSubscription for application/json ContentType.

type CreatedAfter 

type CreatedAfter = time.Time

CreatedAfter defines model for CreatedAfter.

type CreatedAfterQueryParam 

type CreatedAfterQueryParam = time.Time

CreatedAfterQueryParam defines model for CreatedAfterQueryParam.

type CreatedBefore 

type CreatedBefore = time.Time

CreatedBefore defines model for CreatedBefore.

type CreatedBeforeQueryParam 

type CreatedBeforeQueryParam = time.Time

CreatedBeforeQueryParam defines model for CreatedBeforeQueryParam.

type CursorPosition 

type CursorPosition struct {
	X float64 `json:"x"`
	Y float64 `json:"y"`
}

CursorPosition represents cursor coordinates

type CustomDiagram 

type CustomDiagram struct {
	DfdDiagram
	Owner         string
	Authorization []Authorization
}

Fixtures provides test data for unit tests CustomDiagram extends Diagram with authorization fields for testing

type DBAdministrator 

type DBAdministrator struct {
	ID                uuid.UUID  `json:"id"`
	UserInternalUUID  *uuid.UUID `json:"user_internal_uuid,omitempty"`  // Populated for user-type admins
	UserEmail         string     `json:"user_email,omitempty"`          // Enriched field - user's email
	UserName          string     `json:"user_name,omitempty"`           // Enriched field - user's display name
	GroupInternalUUID *uuid.UUID `json:"group_internal_uuid,omitempty"` // Populated for group-type admins
	GroupName         string     `json:"group_name,omitempty"`          // Enriched field - group's name
	SubjectType       string     `json:"subject_type"`                  // "user" or "group"
	Provider          string     `json:"provider"`                      // OAuth/SAML provider
	GrantedAt         time.Time  `json:"granted_at"`
	GrantedBy         *uuid.UUID `json:"granted_by,omitempty"`
	Notes             string     `json:"notes,omitempty"`
}

DBAdministrator represents the internal database model for an administrator entry This has more fields than the API's Administrator type for internal tracking

func (*DBAdministrator) ToAPI 

func (db *DBAdministrator) ToAPI() Administrator

ToAPI converts DBAdministrator to API Administrator type

type DBWebhookDelivery 

type DBWebhookDelivery struct {
	Id             uuid.UUID  `json:"id"` // UUIDv7 for time-ordered IDs
	SubscriptionId uuid.UUID  `json:"subscription_id"`
	EventType      string     `json:"event_type"`
	Payload        string     `json:"payload"` // JSON string
	Status         string     `json:"status"`  // pending, delivered, failed
	Attempts       int        `json:"attempts"`
	NextRetryAt    *time.Time `json:"next_retry_at,omitempty"`
	LastError      string     `json:"last_error,omitempty"`
	CreatedAt      time.Time  `json:"created_at"`
	DeliveredAt    *time.Time `json:"delivered_at,omitempty"`
}

DBWebhookDelivery represents a webhook delivery attempt in the database

type DBWebhookDeliveryDatabaseStore 

type DBWebhookDeliveryDatabaseStore struct {
	// contains filtered or unexported fields
}

DBWebhookDeliveryDatabaseStore implements WebhookDeliveryStoreInterface

func NewDBWebhookDeliveryDatabaseStore 

func NewDBWebhookDeliveryDatabaseStore(db *sql.DB) *DBWebhookDeliveryDatabaseStore

NewDBWebhookDeliveryDatabaseStore creates a new database-backed store

func (*DBWebhookDeliveryDatabaseStore) Count 

func (s *DBWebhookDeliveryDatabaseStore) Count() int

Count returns the total number of webhook deliveries

func (*DBWebhookDeliveryDatabaseStore) Create 

func (s *DBWebhookDeliveryDatabaseStore) Create(item DBWebhookDelivery) (DBWebhookDelivery, error)

Create creates a new webhook delivery

func (*DBWebhookDeliveryDatabaseStore) Delete 

func (s *DBWebhookDeliveryDatabaseStore) Delete(id string) error

Delete deletes a webhook delivery

func (*DBWebhookDeliveryDatabaseStore) DeleteOld 

func (s *DBWebhookDeliveryDatabaseStore) DeleteOld(daysOld int) (int, error)

DeleteOld deletes deliveries older than a certain number of days

func (*DBWebhookDeliveryDatabaseStore) Get 

func (s *DBWebhookDeliveryDatabaseStore) Get(id string) (DBWebhookDelivery, error)

Get retrieves a webhook delivery by ID

func (*DBWebhookDeliveryDatabaseStore) List 

func (s *DBWebhookDeliveryDatabaseStore) List(offset, limit int, filter func(DBWebhookDelivery) bool) []DBWebhookDelivery

List retrieves webhook deliveries with pagination and filtering

func (*DBWebhookDeliveryDatabaseStore) ListBySubscription 

func (s *DBWebhookDeliveryDatabaseStore) ListBySubscription(subscriptionID string, offset, limit int) ([]DBWebhookDelivery, error)

ListBySubscription retrieves deliveries for a specific subscription

func (*DBWebhookDeliveryDatabaseStore) ListPending 

func (s *DBWebhookDeliveryDatabaseStore) ListPending(limit int) ([]DBWebhookDelivery, error)

ListPending retrieves pending deliveries

func (*DBWebhookDeliveryDatabaseStore) ListReadyForRetry 

func (s *DBWebhookDeliveryDatabaseStore) ListReadyForRetry() ([]DBWebhookDelivery, error)

ListReadyForRetry retrieves deliveries ready for retry

func (*DBWebhookDeliveryDatabaseStore) Update 

func (s *DBWebhookDeliveryDatabaseStore) Update(id string, item DBWebhookDelivery) error

Update updates an existing webhook delivery

func (*DBWebhookDeliveryDatabaseStore) UpdateRetry 

func (s *DBWebhookDeliveryDatabaseStore) UpdateRetry(id string, attempts int, nextRetryAt *time.Time, lastError string) error

UpdateRetry updates retry-related fields

func (*DBWebhookDeliveryDatabaseStore) UpdateStatus 

func (s *DBWebhookDeliveryDatabaseStore) UpdateStatus(id string, status string, deliveredAt *time.Time) error

UpdateStatus updates only the status and delivered_at fields

type DBWebhookQuota 

type DBWebhookQuota struct {
	OwnerId                          uuid.UUID `json:"owner_id"`
	MaxSubscriptions                 int       `json:"max_subscriptions"`
	MaxEventsPerMinute               int       `json:"max_events_per_minute"`
	MaxSubscriptionRequestsPerMinute int       `json:"max_subscription_requests_per_minute"`
	MaxSubscriptionRequestsPerDay    int       `json:"max_subscription_requests_per_day"`
	CreatedAt                        time.Time `json:"created_at"`
	ModifiedAt                       time.Time `json:"modified_at"`
}

DBWebhookQuota represents per-owner rate limits with database timestamps This is the internal database model; the API uses the generated WebhookQuota type

func (*DBWebhookQuota) SetCreatedAt 

func (w *DBWebhookQuota) SetCreatedAt(t time.Time)

SetCreatedAt implements WithTimestamps for DBWebhookQuota

func (*DBWebhookQuota) SetModifiedAt 

func (w *DBWebhookQuota) SetModifiedAt(t time.Time)

SetModifiedAt implements WithTimestamps for DBWebhookQuota

type DBWebhookSubscription 

type DBWebhookSubscription struct {
	Id                  uuid.UUID  `json:"id"`
	OwnerId             uuid.UUID  `json:"owner_id"`
	ThreatModelId       *uuid.UUID `json:"threat_model_id,omitempty"` // NULL means all threat models
	Name                string     `json:"name"`
	Url                 string     `json:"url"`
	Events              []string   `json:"events"`
	Secret              string     `json:"secret,omitempty"`
	Status              string     `json:"status"` // pending_verification, active, pending_delete
	Challenge           string     `json:"challenge,omitempty"`
	ChallengesSent      int        `json:"challenges_sent"`
	CreatedAt           time.Time  `json:"created_at"`
	ModifiedAt          time.Time  `json:"modified_at"`
	LastSuccessfulUse   *time.Time `json:"last_successful_use,omitempty"`
	PublicationFailures int        `json:"publication_failures"`
	TimeoutCount        int        `json:"timeout_count"` // Count of consecutive addon invocation timeouts
}

DBWebhookSubscription represents a webhook subscription in the database

func (*DBWebhookSubscription) SetCreatedAt 

func (w *DBWebhookSubscription) SetCreatedAt(t time.Time)

SetCreatedAt implements WithTimestamps

func (*DBWebhookSubscription) SetModifiedAt 

func (w *DBWebhookSubscription) SetModifiedAt(t time.Time)

SetModifiedAt implements WithTimestamps

type DBWebhookSubscriptionDatabaseStore 

type DBWebhookSubscriptionDatabaseStore struct {
	// contains filtered or unexported fields
}

DBWebhookSubscriptionDatabaseStore implements WebhookSubscriptionStoreInterface

func NewDBWebhookSubscriptionDatabaseStore 

func NewDBWebhookSubscriptionDatabaseStore(db *sql.DB) *DBWebhookSubscriptionDatabaseStore

NewDBWebhookSubscriptionDatabaseStore creates a new database-backed store

func (*DBWebhookSubscriptionDatabaseStore) Count 

func (s *DBWebhookSubscriptionDatabaseStore) Count() int

Count returns the total number of webhook subscriptions

func (*DBWebhookSubscriptionDatabaseStore) CountByOwner 

func (s *DBWebhookSubscriptionDatabaseStore) CountByOwner(ownerID string) (int, error)

CountByOwner returns the number of subscriptions for a specific owner

func (*DBWebhookSubscriptionDatabaseStore) Create 

func (s *DBWebhookSubscriptionDatabaseStore) Create(item DBWebhookSubscription, idSetter func(DBWebhookSubscription, string) DBWebhookSubscription) (DBWebhookSubscription, error)

Create creates a new webhook subscription

func (*DBWebhookSubscriptionDatabaseStore) Delete 

func (s *DBWebhookSubscriptionDatabaseStore) Delete(id string) error

Delete deletes a webhook subscription

func (*DBWebhookSubscriptionDatabaseStore) Get 

func (s *DBWebhookSubscriptionDatabaseStore) Get(id string) (DBWebhookSubscription, error)

Get retrieves a webhook subscription by ID

func (*DBWebhookSubscriptionDatabaseStore) IncrementTimeouts 

func (s *DBWebhookSubscriptionDatabaseStore) IncrementTimeouts(id string) error

IncrementTimeouts increments the timeout count for a webhook subscription

func (*DBWebhookSubscriptionDatabaseStore) List 

func (s *DBWebhookSubscriptionDatabaseStore) List(offset, limit int, filter func(DBWebhookSubscription) bool) []DBWebhookSubscription

List retrieves webhook subscriptions with pagination and filtering

func (*DBWebhookSubscriptionDatabaseStore) ListActiveByOwner 

func (s *DBWebhookSubscriptionDatabaseStore) ListActiveByOwner(ownerID string) ([]DBWebhookSubscription, error)

ListActiveByOwner retrieves active subscriptions for an owner

func (*DBWebhookSubscriptionDatabaseStore) ListBroken 

func (s *DBWebhookSubscriptionDatabaseStore) ListBroken(minFailures int, daysSinceSuccess int) ([]DBWebhookSubscription, error)

ListBroken retrieves subscriptions with too many failures

func (*DBWebhookSubscriptionDatabaseStore) ListByOwner 

func (s *DBWebhookSubscriptionDatabaseStore) ListByOwner(ownerID string, offset, limit int) ([]DBWebhookSubscription, error)

ListByOwner retrieves subscriptions for a specific owner

func (*DBWebhookSubscriptionDatabaseStore) ListByThreatModel 

func (s *DBWebhookSubscriptionDatabaseStore) ListByThreatModel(threatModelID string, offset, limit int) ([]DBWebhookSubscription, error)

ListByThreatModel retrieves subscriptions for a specific threat model

func (*DBWebhookSubscriptionDatabaseStore) ListIdle 

func (s *DBWebhookSubscriptionDatabaseStore) ListIdle(daysIdle int) ([]DBWebhookSubscription, error)

ListIdle retrieves subscriptions that have been idle for a certain number of days

func (*DBWebhookSubscriptionDatabaseStore) ListPendingDelete 

func (s *DBWebhookSubscriptionDatabaseStore) ListPendingDelete() ([]DBWebhookSubscription, error)

ListPendingDelete retrieves subscriptions pending deletion

func (*DBWebhookSubscriptionDatabaseStore) ListPendingVerification 

func (s *DBWebhookSubscriptionDatabaseStore) ListPendingVerification() ([]DBWebhookSubscription, error)

ListPendingVerification retrieves subscriptions pending verification

func (*DBWebhookSubscriptionDatabaseStore) ResetTimeouts 

func (s *DBWebhookSubscriptionDatabaseStore) ResetTimeouts(id string) error

ResetTimeouts resets the timeout count to 0 for a webhook subscription

func (*DBWebhookSubscriptionDatabaseStore) Update 

func (s *DBWebhookSubscriptionDatabaseStore) Update(id string, item DBWebhookSubscription) error

Update updates an existing webhook subscription

func (*DBWebhookSubscriptionDatabaseStore) UpdateChallenge 

func (s *DBWebhookSubscriptionDatabaseStore) UpdateChallenge(id string, challenge string, challengesSent int) error

UpdateChallenge updates challenge-related fields

func (*DBWebhookSubscriptionDatabaseStore) UpdatePublicationStats 

func (s *DBWebhookSubscriptionDatabaseStore) UpdatePublicationStats(id string, success bool) error

UpdatePublicationStats updates publication statistics

func (*DBWebhookSubscriptionDatabaseStore) UpdateStatus 

func (s *DBWebhookSubscriptionDatabaseStore) UpdateStatus(id string, status string) error

UpdateStatus updates only the status field

type DatabaseAssetStore 

type DatabaseAssetStore struct {
	// contains filtered or unexported fields
}

DatabaseAssetStore implements AssetStore with database persistence and Redis caching

func NewDatabaseAssetStore 

func NewDatabaseAssetStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseAssetStore

NewDatabaseAssetStore creates a new database-backed asset store with caching

func (*DatabaseAssetStore) BulkCreate 

func (s *DatabaseAssetStore) BulkCreate(ctx context.Context, assets []Asset, threatModelID string) error

BulkCreate creates multiple assets in a single transaction

func (*DatabaseAssetStore) Create 

func (s *DatabaseAssetStore) Create(ctx context.Context, asset *Asset, threatModelID string) error

Create creates a new asset with write-through caching

func (*DatabaseAssetStore) Delete 

func (s *DatabaseAssetStore) Delete(ctx context.Context, id string) error

Delete removes an asset and invalidates related caches

func (*DatabaseAssetStore) Get 

func (s *DatabaseAssetStore) Get(ctx context.Context, id string) (*Asset, error)

Get retrieves an asset by ID with cache-first strategy

func (*DatabaseAssetStore) InvalidateCache 

func (s *DatabaseAssetStore) InvalidateCache(ctx context.Context, id string) error

InvalidateCache invalidates the cache for a specific asset

func (*DatabaseAssetStore) List 

func (s *DatabaseAssetStore) List(ctx context.Context, threatModelID string, offset, limit int) ([]Asset, error)

List retrieves assets for a threat model with pagination and caching

func (*DatabaseAssetStore) Patch 

func (s *DatabaseAssetStore) Patch(ctx context.Context, id string, operations []PatchOperation) (*Asset, error)

Patch applies JSON patch operations to an asset

func (*DatabaseAssetStore) Update 

func (s *DatabaseAssetStore) Update(ctx context.Context, asset *Asset, threatModelID string) error

Update updates an existing asset with write-through caching

func (*DatabaseAssetStore) WarmCache 

func (s *DatabaseAssetStore) WarmCache(ctx context.Context, threatModelID string) error

WarmCache pre-loads assets for a threat model into the cache

type DatabaseClientCredentialQuotaStore 

type DatabaseClientCredentialQuotaStore struct {
	// contains filtered or unexported fields
}

DatabaseClientCredentialQuotaStore implements ClientCredentialQuotaStore using auth service and global quota store

func NewDatabaseClientCredentialQuotaStore 

func NewDatabaseClientCredentialQuotaStore(authService *auth.Service, defaultQuota int, globalStore UserAPIQuotaStoreInterface) *DatabaseClientCredentialQuotaStore

NewDatabaseClientCredentialQuotaStore creates a new client credential quota store

func (*DatabaseClientCredentialQuotaStore) CheckClientCredentialQuota 

func (s *DatabaseClientCredentialQuotaStore) CheckClientCredentialQuota(ctx context.Context, userUUID uuid.UUID) error

CheckClientCredentialQuota verifies if a user can create a new credential

func (*DatabaseClientCredentialQuotaStore) GetClientCredentialCount 

func (s *DatabaseClientCredentialQuotaStore) GetClientCredentialCount(ctx context.Context, userUUID uuid.UUID) (int, error)

GetClientCredentialCount retrieves the current number of active credentials for a user

func (*DatabaseClientCredentialQuotaStore) GetClientCredentialQuota 

func (s *DatabaseClientCredentialQuotaStore) GetClientCredentialQuota(ctx context.Context, userUUID uuid.UUID) (int, error)

GetClientCredentialQuota retrieves the maximum number of credentials allowed for a user

type DatabaseDocumentStore 

type DatabaseDocumentStore struct {
	// contains filtered or unexported fields
}

DatabaseDocumentStore implements DocumentStore with database persistence and Redis caching

func NewDatabaseDocumentStore 

func NewDatabaseDocumentStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseDocumentStore

NewDatabaseDocumentStore creates a new database-backed document store with caching

func (*DatabaseDocumentStore) BulkCreate 

func (s *DatabaseDocumentStore) BulkCreate(ctx context.Context, documents []Document, threatModelID string) error

BulkCreate creates multiple documents in a single transaction

func (*DatabaseDocumentStore) Create 

func (s *DatabaseDocumentStore) Create(ctx context.Context, document *Document, threatModelID string) error

Create creates a new document with write-through caching

func (*DatabaseDocumentStore) Delete 

func (s *DatabaseDocumentStore) Delete(ctx context.Context, id string) error

Delete removes a document and invalidates related caches

func (*DatabaseDocumentStore) Get 

func (s *DatabaseDocumentStore) Get(ctx context.Context, id string) (*Document, error)

Get retrieves a document by ID with cache-first strategy

func (*DatabaseDocumentStore) InvalidateCache 

func (s *DatabaseDocumentStore) InvalidateCache(ctx context.Context, id string) error

InvalidateCache removes document-related cache entries

func (*DatabaseDocumentStore) List 

func (s *DatabaseDocumentStore) List(ctx context.Context, threatModelID string, offset, limit int) ([]Document, error)

List retrieves documents for a threat model with pagination and caching

func (*DatabaseDocumentStore) Patch 

func (s *DatabaseDocumentStore) Patch(ctx context.Context, id string, operations []PatchOperation) (*Document, error)

Patch applies JSON patch operations to a document

func (*DatabaseDocumentStore) Update 

func (s *DatabaseDocumentStore) Update(ctx context.Context, document *Document, threatModelID string) error

Update updates an existing document with write-through caching

func (*DatabaseDocumentStore) WarmCache 

func (s *DatabaseDocumentStore) WarmCache(ctx context.Context, threatModelID string) error

WarmCache preloads documents for a threat model into cache

type DatabaseMetadataStore 

type DatabaseMetadataStore struct {
	// contains filtered or unexported fields
}

DatabaseMetadataStore implements MetadataStore with database persistence and Redis caching

func NewDatabaseMetadataStore 

func NewDatabaseMetadataStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseMetadataStore

NewDatabaseMetadataStore creates a new database-backed metadata store with caching

func (*DatabaseMetadataStore) BulkCreate 

func (s *DatabaseMetadataStore) BulkCreate(ctx context.Context, entityType, entityID string, metadata []Metadata) error

BulkCreate creates multiple metadata entries in a single transaction

func (*DatabaseMetadataStore) BulkDelete 

func (s *DatabaseMetadataStore) BulkDelete(ctx context.Context, entityType, entityID string, keys []string) error

BulkDelete deletes multiple metadata entries by key in a single transaction

func (*DatabaseMetadataStore) BulkUpdate 

func (s *DatabaseMetadataStore) BulkUpdate(ctx context.Context, entityType, entityID string, metadata []Metadata) error

BulkUpdate updates multiple metadata entries in a single transaction

func (*DatabaseMetadataStore) Create 

func (s *DatabaseMetadataStore) Create(ctx context.Context, entityType, entityID string, metadata *Metadata) error

Create creates a new metadata entry with write-through caching

func (*DatabaseMetadataStore) Delete 

func (s *DatabaseMetadataStore) Delete(ctx context.Context, entityType, entityID, key string) error

Delete removes a metadata entry and invalidates related caches

func (*DatabaseMetadataStore) Get 

func (s *DatabaseMetadataStore) Get(ctx context.Context, entityType, entityID, key string) (*Metadata, error)

Get retrieves a specific metadata entry by key with cache-first strategy

func (*DatabaseMetadataStore) GetByKey 

func (s *DatabaseMetadataStore) GetByKey(ctx context.Context, key string) ([]Metadata, error)

GetByKey retrieves all metadata entries with a specific key across all entities

func (*DatabaseMetadataStore) InvalidateCache 

func (s *DatabaseMetadataStore) InvalidateCache(ctx context.Context, entityType, entityID string) error

InvalidateCache removes metadata-related cache entries

func (*DatabaseMetadataStore) List 

func (s *DatabaseMetadataStore) List(ctx context.Context, entityType, entityID string) ([]Metadata, error)

List retrieves all metadata for an entity with caching

func (*DatabaseMetadataStore) ListKeys 

func (s *DatabaseMetadataStore) ListKeys(ctx context.Context, entityType, entityID string) ([]string, error)

ListKeys retrieves all metadata keys for an entity

func (*DatabaseMetadataStore) Post 

func (s *DatabaseMetadataStore) Post(ctx context.Context, entityType, entityID string, metadata *Metadata) error

Post creates a new metadata entry using POST semantics (allowing duplicates initially)

func (*DatabaseMetadataStore) Update 

func (s *DatabaseMetadataStore) Update(ctx context.Context, entityType, entityID string, metadata *Metadata) error

Update updates an existing metadata entry with write-through caching

func (*DatabaseMetadataStore) WarmCache 

func (s *DatabaseMetadataStore) WarmCache(ctx context.Context, entityType, entityID string) error

WarmCache preloads metadata for an entity into cache

type DatabaseNoteStore 

type DatabaseNoteStore struct {
	// contains filtered or unexported fields
}

DatabaseNoteStore implements NoteStore with database persistence and Redis caching

func NewDatabaseNoteStore 

func NewDatabaseNoteStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseNoteStore

NewDatabaseNoteStore creates a new database-backed note store with caching

func (*DatabaseNoteStore) Create 

func (s *DatabaseNoteStore) Create(ctx context.Context, note *Note, threatModelID string) error

Create creates a new note with write-through caching

func (*DatabaseNoteStore) Delete 

func (s *DatabaseNoteStore) Delete(ctx context.Context, id string) error

Delete removes a note and invalidates related caches

func (*DatabaseNoteStore) Get 

func (s *DatabaseNoteStore) Get(ctx context.Context, id string) (*Note, error)

Get retrieves a note by ID with cache-first strategy

func (*DatabaseNoteStore) InvalidateCache 

func (s *DatabaseNoteStore) InvalidateCache(ctx context.Context, id string) error

InvalidateCache removes note-related cache entries

func (*DatabaseNoteStore) List 

func (s *DatabaseNoteStore) List(ctx context.Context, threatModelID string, offset, limit int) ([]Note, error)

List retrieves notes for a threat model with pagination and caching

func (*DatabaseNoteStore) Patch 

func (s *DatabaseNoteStore) Patch(ctx context.Context, id string, operations []PatchOperation) (*Note, error)

Patch applies JSON patch operations to a note

func (*DatabaseNoteStore) Update 

func (s *DatabaseNoteStore) Update(ctx context.Context, note *Note, threatModelID string) error

Update updates an existing note with write-through caching

func (*DatabaseNoteStore) WarmCache 

func (s *DatabaseNoteStore) WarmCache(ctx context.Context, threatModelID string) error

WarmCache preloads notes for a threat model into cache

type DatabaseRepositoryStore 

type DatabaseRepositoryStore struct {
	// contains filtered or unexported fields
}

DatabaseRepositoryStore implements RepositoryStore with database persistence and Redis caching

func NewDatabaseRepositoryStore 

func NewDatabaseRepositoryStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseRepositoryStore

NewDatabaseRepositoryStore creates a new database-backed repository store with caching

func (*DatabaseRepositoryStore) BulkCreate 

func (s *DatabaseRepositoryStore) BulkCreate(ctx context.Context, repositorys []Repository, threatModelID string) error

BulkCreate creates multiple repositorys in a single transaction

func (*DatabaseRepositoryStore) Create 

func (s *DatabaseRepositoryStore) Create(ctx context.Context, repository *Repository, threatModelID string) error

Create creates a new repository with write-through caching

func (*DatabaseRepositoryStore) Delete 

func (s *DatabaseRepositoryStore) Delete(ctx context.Context, id string) error

Delete removes a repository and invalidates related caches

func (*DatabaseRepositoryStore) Get 

func (s *DatabaseRepositoryStore) Get(ctx context.Context, id string) (*Repository, error)

Get retrieves a repository by ID with cache-first strategy

func (*DatabaseRepositoryStore) InvalidateCache 

func (s *DatabaseRepositoryStore) InvalidateCache(ctx context.Context, id string) error

InvalidateCache removes repository-related cache entries

func (*DatabaseRepositoryStore) List 

func (s *DatabaseRepositoryStore) List(ctx context.Context, threatModelID string, offset, limit int) ([]Repository, error)

List retrieves repositorys for a threat model with pagination and caching

func (*DatabaseRepositoryStore) Patch 

func (s *DatabaseRepositoryStore) Patch(ctx context.Context, id string, operations []PatchOperation) (*Repository, error)

Patch applies JSON patch operations to a repository

func (*DatabaseRepositoryStore) Update 

func (s *DatabaseRepositoryStore) Update(ctx context.Context, repository *Repository, threatModelID string) error

Update updates an existing repository with write-through caching

func (*DatabaseRepositoryStore) WarmCache 

func (s *DatabaseRepositoryStore) WarmCache(ctx context.Context, threatModelID string) error

WarmCache preloads repositorys for a threat model into cache

type DatabaseStore 

type DatabaseStore[T any] struct {
	// contains filtered or unexported fields
}

DatabaseStore provides a database-backed store implementation

func NewDatabaseStore 

func NewDatabaseStore[T any](database *sql.DB, tableName, entityType string) *DatabaseStore[T]

NewDatabaseStore creates a new database-backed store

type DatabaseThreatStore 

type DatabaseThreatStore struct {
	// contains filtered or unexported fields
}

DatabaseThreatStore implements ThreatStore with database persistence and Redis caching

func NewDatabaseThreatStore 

func NewDatabaseThreatStore(db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DatabaseThreatStore

NewDatabaseThreatStore creates a new database-backed threat store with caching

func (*DatabaseThreatStore) BulkCreate 

func (s *DatabaseThreatStore) BulkCreate(ctx context.Context, threats []Threat) error

BulkCreate creates multiple threats in a single transaction

func (*DatabaseThreatStore) BulkUpdate 

func (s *DatabaseThreatStore) BulkUpdate(ctx context.Context, threats []Threat) error

BulkUpdate updates multiple threats in a single transaction

func (*DatabaseThreatStore) Create 

func (s *DatabaseThreatStore) Create(ctx context.Context, threat *Threat) error

Create creates a new threat with write-through caching

func (*DatabaseThreatStore) Delete 

func (s *DatabaseThreatStore) Delete(ctx context.Context, id string) error

Delete removes a threat and invalidates related caches

func (*DatabaseThreatStore) Get 

func (s *DatabaseThreatStore) Get(ctx context.Context, id string) (*Threat, error)

Get retrieves a threat by ID with cache-first strategy

func (*DatabaseThreatStore) InvalidateCache 

func (s *DatabaseThreatStore) InvalidateCache(ctx context.Context, id string) error

InvalidateCache removes threat-related cache entries

func (*DatabaseThreatStore) List 

func (s *DatabaseThreatStore) List(ctx context.Context, threatModelID string, filter ThreatFilter) ([]Threat, error)

List retrieves threats for a threat model with advanced filtering, sorting and pagination

func (*DatabaseThreatStore) Patch 

func (s *DatabaseThreatStore) Patch(ctx context.Context, id string, operations []PatchOperation) (*Threat, error)

Patch applies JSON patch operations to a threat

func (*DatabaseThreatStore) Update 

func (s *DatabaseThreatStore) Update(ctx context.Context, threat *Threat) error

Update updates an existing threat with write-through caching

func (*DatabaseThreatStore) WarmCache 

func (s *DatabaseThreatStore) WarmCache(ctx context.Context, threatModelID string) error

WarmCache preloads threats for a threat model into cache

type DebugHandlers 

type DebugHandlers struct {
	// contains filtered or unexported fields
}

DebugHandlers provides HTTP endpoints for controlling debug logging

func NewDebugHandlers 

func NewDebugHandlers() *DebugHandlers

NewDebugHandlers creates a new debug handlers instance

func (*DebugHandlers) HandleWebSocketDebugClear 

func (h *DebugHandlers) HandleWebSocketDebugClear(c *gin.Context)

HandleWebSocketDebugClear disables debug logging for all sessions DELETE /debug/websocket/sessions

func (*DebugHandlers) HandleWebSocketDebugControl 

func (h *DebugHandlers) HandleWebSocketDebugControl(c *gin.Context)

HandleWebSocketDebugControl handles enabling/disabling WebSocket debug logging for sessions POST /debug/websocket/{session_id}?action=enable|disable

func (*DebugHandlers) HandleWebSocketDebugStatus 

func (h *DebugHandlers) HandleWebSocketDebugStatus(c *gin.Context)

HandleWebSocketDebugStatus returns status of all debug logging sessions GET /debug/websocket/status

type DeleteUserAccountParams 

type DeleteUserAccountParams struct {
	// Challenge Challenge string from first request (step 2 only). Must match exactly.
	Challenge *ChallengeQueryParam `form:"challenge,omitempty" json:"challenge,omitempty"`
}

DeleteUserAccountParams defines parameters for DeleteUserAccount.

type DeletionChallenge 

type DeletionChallenge struct {
	// ChallengeText The exact challenge string that must be provided to confirm deletion
	ChallengeText string `json:"challenge_text"`

	// ExpiresAt When the challenge expires (3 minutes from issuance)
	ExpiresAt time.Time `json:"expires_at"`
}

DeletionChallenge Challenge response for user account deletion

type DeletionStats 

type DeletionStats struct {
	ThreatModelsTransferred int    `json:"threat_models_transferred"`
	ThreatModelsDeleted     int    `json:"threat_models_deleted"`
	UserEmail               string `json:"user_email"`
}

DeletionStats contains statistics about user deletion

type DeliveryId 

type DeliveryId = openapi_types.UUID

DeliveryId defines model for DeliveryId.

type DescriptionQueryParam 

type DescriptionQueryParam = string

DescriptionQueryParam defines model for DescriptionQueryParam.

type DfdDiagram 

type DfdDiagram struct {
	// Cells List of diagram cells (nodes and edges) following X6 structure
	Cells []DfdDiagram_Cells_Item `json:"cells"`

	// CreatedAt Creation timestamp (ISO3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Optional description of the diagram
	Description *string `json:"description"`

	// Id Unique identifier for the diagram (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Image Image data with version information
	Image *struct {
		// Svg BASE64 encoded SVG representation of the diagram, used for thumbnails and reports
		Svg *[]byte `json:"svg,omitempty"`

		// UpdateVector Version of the diagram when this SVG was generated. If not provided when svg is updated, will be auto-set to BaseDiagram.update_vector
		UpdateVector *int64 `json:"update_vector,omitempty"`
	} `json:"image"`

	// Metadata Key-value pairs for additional diagram metadata
	Metadata *[]Metadata `json:"metadata"`

	// ModifiedAt Last modification timestamp (ISO3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Name of the diagram
	Name string `json:"name"`

	// Type DFD diagram type with version
	Type DfdDiagramType `json:"type"`

	// UpdateVector Server-managed monotonic version counter, incremented on each diagram update
	UpdateVector *int64 `json:"update_vector,omitempty"`
}

DfdDiagram defines model for DfdDiagram.

func (*DfdDiagram) SetCreatedAt 

func (d *DfdDiagram) SetCreatedAt(t time.Time)

SetCreatedAt implements WithTimestamps interface for DfdDiagram

func (*DfdDiagram) SetModifiedAt 

func (d *DfdDiagram) SetModifiedAt(t time.Time)

SetModifiedAt implements WithTimestamps interface for DfdDiagram

type DfdDiagramInput 

type DfdDiagramInput struct {
	// Cells List of diagram cells (nodes and edges) following X6 structure
	Cells []DfdDiagramInput_Cells_Item `json:"cells"`

	// Description Optional description of the diagram
	Description *string `json:"description"`

	// Image Image data with version information
	Image *struct {
		// Svg BASE64 encoded SVG representation of the diagram, used for thumbnails and reports
		Svg *[]byte `json:"svg,omitempty"`

		// UpdateVector Version of the diagram when this SVG was generated. If not provided when svg is updated, will be auto-set to BaseDiagram.update_vector
		UpdateVector *int64 `json:"update_vector,omitempty"`
	} `json:"image"`

	// Metadata Key-value pairs for additional diagram metadata
	Metadata *[]Metadata `json:"metadata"`

	// Name Name of the diagram
	Name string `json:"name"`

	// Type DFD diagram type with version
	Type DfdDiagramInputType `json:"type"`
}

DfdDiagramInput defines model for DfdDiagramInput.

type DfdDiagramInputType 

type DfdDiagramInputType string

DfdDiagramInputType DFD diagram type with version 

const (
	DfdDiagramInputTypeDFD100 DfdDiagramInputType = "DFD-1.0.0"
)

Defines values for DfdDiagramInputType.

type DfdDiagramInput_Cells_Item 

type DfdDiagramInput_Cells_Item struct {
	// contains filtered or unexported fields
}

DfdDiagramInput_Cells_Item defines model for DfdDiagramInput.cells.Item.

func (DfdDiagramInput_Cells_Item) AsEdge 

func (t DfdDiagramInput_Cells_Item) AsEdge() (Edge, error)

AsEdge returns the union data inside the DfdDiagramInput_Cells_Item as a Edge

func (DfdDiagramInput_Cells_Item) AsNode 

func (t DfdDiagramInput_Cells_Item) AsNode() (Node, error)

AsNode returns the union data inside the DfdDiagramInput_Cells_Item as a Node

func (DfdDiagramInput_Cells_Item) Discriminator 

func (t DfdDiagramInput_Cells_Item) Discriminator() (string, error)

func (*DfdDiagramInput_Cells_Item) FromEdge 

func (t *DfdDiagramInput_Cells_Item) FromEdge(v Edge) error

FromEdge overwrites any union data inside the DfdDiagramInput_Cells_Item as the provided Edge

func (*DfdDiagramInput_Cells_Item) FromNode 

func (t *DfdDiagramInput_Cells_Item) FromNode(v Node) error

FromNode overwrites any union data inside the DfdDiagramInput_Cells_Item as the provided Node

func (DfdDiagramInput_Cells_Item) MarshalJSON 

func (t DfdDiagramInput_Cells_Item) MarshalJSON() ([]byte, error)

func (*DfdDiagramInput_Cells_Item) MergeEdge 

func (t *DfdDiagramInput_Cells_Item) MergeEdge(v Edge) error

MergeEdge performs a merge with any union data inside the DfdDiagramInput_Cells_Item, using the provided Edge

func (*DfdDiagramInput_Cells_Item) MergeNode 

func (t *DfdDiagramInput_Cells_Item) MergeNode(v Node) error

MergeNode performs a merge with any union data inside the DfdDiagramInput_Cells_Item, using the provided Node

func (*DfdDiagramInput_Cells_Item) UnmarshalJSON 

func (t *DfdDiagramInput_Cells_Item) UnmarshalJSON(b []byte) error

func (DfdDiagramInput_Cells_Item) ValueByDiscriminator 

func (t DfdDiagramInput_Cells_Item) ValueByDiscriminator() (interface{}, error)

type DfdDiagramType 

type DfdDiagramType string

DfdDiagramType DFD diagram type with version 

const (
	DfdDiagramTypeDFD100 DfdDiagramType = "DFD-1.0.0"
)

Defines values for DfdDiagramType.

type DfdDiagram_Cells_Item 

type DfdDiagram_Cells_Item struct {
	// contains filtered or unexported fields
}

DfdDiagram_Cells_Item defines model for DfdDiagram.cells.Item.

func CreateEdge 

func CreateEdge(id string, shape EdgeShape, sourceId, targetId string) (DfdDiagram_Cells_Item, error)

CreateEdge creates an Edge union item from basic parameters (test helper)

func CreateNode 

func CreateNode(id string, shape NodeShape, x, y, width, height float32) (DfdDiagram_Cells_Item, error)

CreateNode creates a Node union item from basic parameters (test helper)

func (DfdDiagram_Cells_Item) AsEdge 

func (t DfdDiagram_Cells_Item) AsEdge() (Edge, error)

AsEdge returns the union data inside the DfdDiagram_Cells_Item as a Edge

func (DfdDiagram_Cells_Item) AsNode 

func (t DfdDiagram_Cells_Item) AsNode() (Node, error)

AsNode returns the union data inside the DfdDiagram_Cells_Item as a Node

func (DfdDiagram_Cells_Item) Discriminator 

func (t DfdDiagram_Cells_Item) Discriminator() (string, error)

func (*DfdDiagram_Cells_Item) FromEdge 

func (t *DfdDiagram_Cells_Item) FromEdge(v Edge) error

FromEdge overwrites any union data inside the DfdDiagram_Cells_Item as the provided Edge

func (*DfdDiagram_Cells_Item) FromNode 

func (t *DfdDiagram_Cells_Item) FromNode(v Node) error

FromNode overwrites any union data inside the DfdDiagram_Cells_Item as the provided Node

func (DfdDiagram_Cells_Item) MarshalJSON 

func (t DfdDiagram_Cells_Item) MarshalJSON() ([]byte, error)

func (*DfdDiagram_Cells_Item) MergeEdge 

func (t *DfdDiagram_Cells_Item) MergeEdge(v Edge) error

MergeEdge performs a merge with any union data inside the DfdDiagram_Cells_Item, using the provided Edge

func (*DfdDiagram_Cells_Item) MergeNode 

func (t *DfdDiagram_Cells_Item) MergeNode(v Node) error

MergeNode performs a merge with any union data inside the DfdDiagram_Cells_Item, using the provided Node

func (*DfdDiagram_Cells_Item) UnmarshalJSON 

func (t *DfdDiagram_Cells_Item) UnmarshalJSON(b []byte) error

func (DfdDiagram_Cells_Item) ValueByDiscriminator 

func (t DfdDiagram_Cells_Item) ValueByDiscriminator() (interface{}, error)

type Diagram 

type Diagram struct {
	// contains filtered or unexported fields
}

Diagram DEPRECATED: Empty wrapper schema for polymorphic diagram types. Use DfdDiagram directly instead. This schema is kept for backward compatibility but generates empty classes in client libraries.

func (Diagram) AsDfdDiagram 

func (t Diagram) AsDfdDiagram() (DfdDiagram, error)

AsDfdDiagram returns the union data inside the Diagram as a DfdDiagram

func (Diagram) Discriminator 

func (t Diagram) Discriminator() (string, error)

func (*Diagram) FromDfdDiagram 

func (t *Diagram) FromDfdDiagram(v DfdDiagram) error

FromDfdDiagram overwrites any union data inside the Diagram as the provided DfdDiagram

func (Diagram) MarshalJSON 

func (t Diagram) MarshalJSON() ([]byte, error)

func (*Diagram) MergeDfdDiagram 

func (t *Diagram) MergeDfdDiagram(v DfdDiagram) error

MergeDfdDiagram performs a merge with any union data inside the Diagram, using the provided DfdDiagram

func (*Diagram) UnmarshalJSON 

func (t *Diagram) UnmarshalJSON(b []byte) error

func (Diagram) ValueByDiscriminator 

func (t Diagram) ValueByDiscriminator() (interface{}, error)

type DiagramDatabaseStore 

type DiagramDatabaseStore struct {
	// contains filtered or unexported fields
}

DiagramDatabaseStore handles diagram database operations

func NewDiagramDatabaseStore 

func NewDiagramDatabaseStore(database *sql.DB) *DiagramDatabaseStore

NewDiagramDatabaseStore creates a new diagram database store

func (*DiagramDatabaseStore) Count 

func (s *DiagramDatabaseStore) Count() int

Count returns the total number of diagrams

func (*DiagramDatabaseStore) Create 

func (s *DiagramDatabaseStore) Create(item DfdDiagram, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)

Create adds a new diagram (maintains backward compatibility)

func (*DiagramDatabaseStore) CreateWithThreatModel 

func (s *DiagramDatabaseStore) CreateWithThreatModel(item DfdDiagram, threatModelID string, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)

CreateWithThreatModel adds a new diagram with a specific threat model ID

func (*DiagramDatabaseStore) Delete 

func (s *DiagramDatabaseStore) Delete(id string) error

Delete removes a diagram

func (*DiagramDatabaseStore) Get 

func (s *DiagramDatabaseStore) Get(id string) (DfdDiagram, error)

Get retrieves a diagram by ID

func (*DiagramDatabaseStore) List 

func (s *DiagramDatabaseStore) List(offset, limit int, filter func(DfdDiagram) bool) []DfdDiagram

List returns all diagrams (not used in current implementation)

func (*DiagramDatabaseStore) Update 

func (s *DiagramDatabaseStore) Update(id string, item DfdDiagram) error

Update modifies an existing diagram

type DiagramId 

type DiagramId = openapi_types.UUID

DiagramId defines model for DiagramId.

type DiagramIdPathParam 

type DiagramIdPathParam = openapi_types.UUID

DiagramIdPathParam defines model for DiagramIdPathParam.

type DiagramIdQueryParam 

type DiagramIdQueryParam = openapi_types.UUID

DiagramIdQueryParam defines model for DiagramIdQueryParam.

type DiagramListItem 

type DiagramListItem struct {
	// Id Unique identifier of the diagram (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Name Name of the diagram
	Name string `json:"name"`

	// Type Type of the diagram
	Type DiagramListItemType `json:"type"`
}

DiagramListItem Summary diagram object for GET /diagrams list endpoints. Excludes large fields (cells, image) for performance. Full diagram details available via GET /diagrams/{id} which returns DfdDiagram.

type DiagramListItemType 

type DiagramListItemType string

DiagramListItemType Type of the diagram 

const (
	DiagramListItemTypeDFD100 DiagramListItemType = "DFD-1.0.0"
)

Defines values for DiagramListItemType.

type DiagramMetadataHandler 

type DiagramMetadataHandler struct {
	// contains filtered or unexported fields
}

DiagramMetadataHandler provides handlers for diagram metadata operations

func NewDiagramMetadataHandler 

func NewDiagramMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DiagramMetadataHandler

NewDiagramMetadataHandler creates a new diagram metadata handler

func (*DiagramMetadataHandler) BulkCreateDirectDiagramMetadata 

func (h *DiagramMetadataHandler) BulkCreateDirectDiagramMetadata(c *gin.Context)

BulkCreateDirectDiagramMetadata creates multiple metadata entries for a diagram via direct route POST /diagrams/{id}/metadata/bulk

func (*DiagramMetadataHandler) BulkCreateThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) BulkCreateThreatModelDiagramMetadata(c *gin.Context)

BulkCreateThreatModelDiagramMetadata creates multiple metadata entries for a diagram within a threat model POST /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/bulk

func (*DiagramMetadataHandler) BulkUpdateDirectDiagramMetadata 

func (h *DiagramMetadataHandler) BulkUpdateDirectDiagramMetadata(c *gin.Context)

BulkUpdateDirectDiagramMetadata updates multiple metadata entries for a diagram via direct route PUT /diagrams/{id}/metadata/bulk

func (*DiagramMetadataHandler) BulkUpdateThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) BulkUpdateThreatModelDiagramMetadata(c *gin.Context)

BulkUpdateThreatModelDiagramMetadata updates multiple metadata entries for a diagram within a threat model PUT /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/bulk

func (*DiagramMetadataHandler) CreateDirectDiagramCellMetadata 

func (h *DiagramMetadataHandler) CreateDirectDiagramCellMetadata(c *gin.Context)

CreateDirectDiagramCellMetadata creates a new metadata entry for a diagram cell POST /diagrams/{id}/cells/{cell_id}/metadata

func (*DiagramMetadataHandler) CreateDirectDiagramMetadata 

func (h *DiagramMetadataHandler) CreateDirectDiagramMetadata(c *gin.Context)

CreateDirectDiagramMetadata creates a new metadata entry for a diagram via direct route POST /diagrams/{id}/metadata

func (*DiagramMetadataHandler) CreateThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) CreateThreatModelDiagramMetadata(c *gin.Context)

CreateThreatModelDiagramMetadata creates a new metadata entry for a diagram within a threat model POST /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata

func (*DiagramMetadataHandler) DeleteDirectDiagramCellMetadata 

func (h *DiagramMetadataHandler) DeleteDirectDiagramCellMetadata(c *gin.Context)

DeleteDirectDiagramCellMetadata deletes a metadata entry for a diagram cell DELETE /diagrams/{id}/cells/{cell_id}/metadata/{key}

func (*DiagramMetadataHandler) DeleteDirectDiagramMetadata 

func (h *DiagramMetadataHandler) DeleteDirectDiagramMetadata(c *gin.Context)

DeleteDirectDiagramMetadata deletes a metadata entry via direct route DELETE /diagrams/{id}/metadata/{key}

func (*DiagramMetadataHandler) DeleteThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) DeleteThreatModelDiagramMetadata(c *gin.Context)

DeleteThreatModelDiagramMetadata deletes a metadata entry for a diagram within a threat model DELETE /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key}

func (*DiagramMetadataHandler) GetDirectDiagramCellMetadata 

func (h *DiagramMetadataHandler) GetDirectDiagramCellMetadata(c *gin.Context)

GetDirectDiagramCellMetadata retrieves all metadata for a diagram cell via direct route GET /diagrams/{id}/cells/{cell_id}/metadata

func (*DiagramMetadataHandler) GetDirectDiagramCellMetadataByKey 

func (h *DiagramMetadataHandler) GetDirectDiagramCellMetadataByKey(c *gin.Context)

GetDirectDiagramCellMetadataByKey retrieves a specific metadata entry by key for a diagram cell GET /diagrams/{id}/cells/{cell_id}/metadata/{key}

func (*DiagramMetadataHandler) GetDirectDiagramMetadata 

func (h *DiagramMetadataHandler) GetDirectDiagramMetadata(c *gin.Context)

GetDirectDiagramMetadata retrieves all metadata for a diagram via direct route GET /diagrams/{id}/metadata

func (*DiagramMetadataHandler) GetDirectDiagramMetadataByKey 

func (h *DiagramMetadataHandler) GetDirectDiagramMetadataByKey(c *gin.Context)

GetDirectDiagramMetadataByKey retrieves a specific metadata entry by key via direct route GET /diagrams/{id}/metadata/{key}

func (*DiagramMetadataHandler) GetThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) GetThreatModelDiagramMetadata(c *gin.Context)

GetThreatModelDiagramMetadata retrieves all metadata for a diagram within a threat model GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata

func (*DiagramMetadataHandler) GetThreatModelDiagramMetadataByKey 

func (h *DiagramMetadataHandler) GetThreatModelDiagramMetadataByKey(c *gin.Context)

GetThreatModelDiagramMetadataByKey retrieves a specific metadata entry by key for a diagram within a threat model GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key}

func (*DiagramMetadataHandler) UpdateDirectDiagramCellMetadata 

func (h *DiagramMetadataHandler) UpdateDirectDiagramCellMetadata(c *gin.Context)

UpdateDirectDiagramCellMetadata updates an existing metadata entry for a diagram cell PUT /diagrams/{id}/cells/{cell_id}/metadata/{key}

func (*DiagramMetadataHandler) UpdateDirectDiagramMetadata 

func (h *DiagramMetadataHandler) UpdateDirectDiagramMetadata(c *gin.Context)

UpdateDirectDiagramMetadata updates an existing metadata entry via direct route PUT /diagrams/{id}/metadata/{key}

func (*DiagramMetadataHandler) UpdateThreatModelDiagramMetadata 

func (h *DiagramMetadataHandler) UpdateThreatModelDiagramMetadata(c *gin.Context)

UpdateThreatModelDiagramMetadata updates an existing metadata entry for a diagram within a threat model PUT /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key}

type DiagramOperation 

type DiagramOperation struct {
	// Operation type (add, remove, update)
	Type string `json:"type"`
	// Component ID (for update/remove)
	ComponentID string `json:"component_id,omitempty"`
	// Properties to update (for update)
	Properties map[string]interface{} `json:"properties,omitempty"`
}

DiagramOperation defines a change to a diagram

type DiagramOperationEvent 

type DiagramOperationEvent struct {
	MessageType    MessageType        `json:"message_type"`
	InitiatingUser User               `json:"initiating_user"`
	OperationID    string             `json:"operation_id"`
	SequenceNumber *uint64            `json:"sequence_number,omitempty"`
	UpdateVector   int64              `json:"update_vector"` // Server's update vector after operation
	Operation      CellPatchOperation `json:"operation"`
}

DiagramOperationEvent is broadcast by server when a diagram operation occurs

func (DiagramOperationEvent) GetMessageType 

func (m DiagramOperationEvent) GetMessageType() MessageType

func (DiagramOperationEvent) Validate 

func (m DiagramOperationEvent) Validate() error

type DiagramOperationMessage 

type DiagramOperationMessage struct {
	MessageType    MessageType        `json:"message_type"`
	InitiatingUser User               `json:"initiating_user"`
	OperationID    string             `json:"operation_id"`
	SequenceNumber *uint64            `json:"sequence_number,omitempty"` // Server-assigned
	Operation      CellPatchOperation `json:"operation"`
}

DiagramOperationMessage represents enhanced collaborative editing operations

func (DiagramOperationMessage) GetMessageType 

func (m DiagramOperationMessage) GetMessageType() MessageType

func (DiagramOperationMessage) Validate 

func (m DiagramOperationMessage) Validate() error

type DiagramOperationRequest 

type DiagramOperationRequest struct {
	MessageType    MessageType        `json:"message_type"`
	OperationID    string             `json:"operation_id"`
	BaseVector     *int64             `json:"base_vector,omitempty"`     // Client's state when operation was created
	SequenceNumber *uint64            `json:"sequence_number,omitempty"` // Server-assigned
	Operation      CellPatchOperation `json:"operation"`
}

DiagramOperationRequest is sent by client to perform a diagram operation

func (DiagramOperationRequest) GetMessageType 

func (m DiagramOperationRequest) GetMessageType() MessageType

func (DiagramOperationRequest) Validate 

func (m DiagramOperationRequest) Validate() error

type DiagramOperationRequestHandler 

type DiagramOperationRequestHandler struct{}

DiagramOperationRequestHandler handles diagram operation request messages

func (*DiagramOperationRequestHandler) HandleMessage 

func (h *DiagramOperationRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

HandleMessage processes diagram operation request messages

func (*DiagramOperationRequestHandler) MessageType 

func (h *DiagramOperationRequestHandler) MessageType() string

MessageType returns the message type this handler processes

type DiagramRequest 

type DiagramRequest struct {
	Name        string  `json:"name" binding:"required"`
	Description *string `json:"description,omitempty"`
	GraphData   []Cell  `json:"graphData,omitempty"`
}

DiagramRequest is used for creating and updating diagrams

type DiagramSession 

type DiagramSession struct {
	// Session ID
	ID string
	// Diagram ID
	DiagramID string
	// Threat Model ID (parent of the diagram)
	ThreatModelID string
	// Session state
	State SessionState
	// Connected clients
	Clients map[*WebSocketClient]bool
	// Inbound messages from clients
	Broadcast chan []byte
	// Register requests
	Register chan *WebSocketClient
	// Unregister requests
	Unregister chan *WebSocketClient
	// Last activity timestamp
	LastActivity time.Time
	// Session creation timestamp
	CreatedAt time.Time
	// Session termination timestamp (when host disconnected)
	TerminatedAt *time.Time

	// Reference to the hub for cleanup when session terminates
	Hub *WebSocketHub
	// Message router for handling WebSocket messages
	MessageRouter *MessageRouter

	// Enhanced collaboration state
	// Host (user who created the session) - stores provider_id for lookup
	Host string
	// Host user info for ParticipantsUpdate messages
	HostUserInfo *User
	// Current presenter (user whose cursor/selection is broadcast) - stores provider_id for lookup
	CurrentPresenter string
	// Current presenter user info for ParticipantsUpdate messages
	CurrentPresenterUserInfo *User
	// Deny list for removed participants (session-specific)
	DeniedUsers map[string]bool
	// Operation history for conflict resolution
	OperationHistory *OperationHistory
	// Next sequence number for operations
	NextSequenceNumber uint64
	// contains filtered or unexported fields
}

DiagramSession represents a collaborative editing session

func (*DiagramSession) GetHistoryEntry 

func (s *DiagramSession) GetHistoryEntry(sequenceNumber uint64) (*HistoryEntry, bool)

GetHistoryEntry retrieves a specific history entry by sequence number

func (*DiagramSession) GetHistoryStats 

func (s *DiagramSession) GetHistoryStats() map[string]interface{}

GetHistoryStats returns statistics about the operation history

func (*DiagramSession) GetRecentOperations 

func (s *DiagramSession) GetRecentOperations(count int) []*HistoryEntry

GetRecentOperations returns the most recent N operations

func (*DiagramSession) ProcessMessage 

func (s *DiagramSession) ProcessMessage(client *WebSocketClient, message []byte)

ProcessMessage handles enhanced message types for collaborative editing

func (*DiagramSession) Run 

func (s *DiagramSession) Run()

Run processes messages for a diagram session

type DiagramStateMessage 

type DiagramStateMessage struct {
	MessageType  MessageType             `json:"message_type"`
	DiagramID    string                  `json:"diagram_id"`
	UpdateVector int64                   `json:"update_vector"`
	Cells        []DfdDiagram_Cells_Item `json:"cells"`
}

DiagramStateMessage is sent by server with full diagram state

func (DiagramStateMessage) GetMessageType 

func (m DiagramStateMessage) GetMessageType() MessageType

func (DiagramStateMessage) Validate 

func (m DiagramStateMessage) Validate() error

type DiagramStoreInterface 

type DiagramStoreInterface interface {
	Get(id string) (DfdDiagram, error)
	List(offset, limit int, filter func(DfdDiagram) bool) []DfdDiagram
	Create(item DfdDiagram, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)
	CreateWithThreatModel(item DfdDiagram, threatModelID string, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)
	Update(id string, item DfdDiagram) error
	Delete(id string) error
	Count() int
}
var DiagramStore DiagramStoreInterface

type Document 

type Document struct {
	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Description of document purpose or content
	Description *string `json:"description"`

	// Id Unique identifier for the document
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Optional metadata key-value pairs
	Metadata *[]Metadata `json:"metadata,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Document name
	Name string `binding:"required" json:"name"`

	// Uri URL location of the document
	Uri string `binding:"required,url" json:"uri"`
}

Document defines model for Document.

func CreateTestDocumentWithMetadata 

func CreateTestDocumentWithMetadata(metadata []Metadata) Document

CreateTestDocumentWithMetadata creates a document with associated metadata for testing

type DocumentBase 

type DocumentBase struct {
	// Description Description of document purpose or content
	Description *string `json:"description"`

	// Name Document name
	Name string `binding:"required" json:"name"`

	// Uri URL location of the document
	Uri string `binding:"required,url" json:"uri"`
}

DocumentBase Base fields for Document (user-writable only)

type DocumentId 

type DocumentId = openapi_types.UUID

DocumentId defines model for DocumentId.

type DocumentInput 

type DocumentInput = DocumentBase

DocumentInput Base fields for Document (user-writable only)

type DocumentMetadataHandler 

type DocumentMetadataHandler struct {
	// contains filtered or unexported fields
}

DocumentMetadataHandler provides handlers for document metadata operations

func NewDocumentMetadataHandler 

func NewDocumentMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DocumentMetadataHandler

NewDocumentMetadataHandler creates a new document metadata handler

func (*DocumentMetadataHandler) BulkCreateDocumentMetadata 

func (h *DocumentMetadataHandler) BulkCreateDocumentMetadata(c *gin.Context)

BulkCreateDocumentMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/documents/{document_id}/metadata/bulk

func (*DocumentMetadataHandler) BulkUpdateDocumentMetadata 

func (h *DocumentMetadataHandler) BulkUpdateDocumentMetadata(c *gin.Context)

BulkUpdateDocumentMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/documents/{document_id}/metadata/bulk

func (*DocumentMetadataHandler) CreateDocumentMetadata 

func (h *DocumentMetadataHandler) CreateDocumentMetadata(c *gin.Context)

CreateDocumentMetadata creates a new metadata entry for a document POST /threat_models/{threat_model_id}/documents/{document_id}/metadata

func (*DocumentMetadataHandler) DeleteDocumentMetadata 

func (h *DocumentMetadataHandler) DeleteDocumentMetadata(c *gin.Context)

DeleteDocumentMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key}

func (*DocumentMetadataHandler) GetDocumentMetadata 

func (h *DocumentMetadataHandler) GetDocumentMetadata(c *gin.Context)

GetDocumentMetadata retrieves all metadata for a document GET /threat_models/{threat_model_id}/documents/{document_id}/metadata

func (*DocumentMetadataHandler) GetDocumentMetadataByKey 

func (h *DocumentMetadataHandler) GetDocumentMetadataByKey(c *gin.Context)

GetDocumentMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key}

func (*DocumentMetadataHandler) UpdateDocumentMetadata 

func (h *DocumentMetadataHandler) UpdateDocumentMetadata(c *gin.Context)

UpdateDocumentMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key}

type DocumentStore 

type DocumentStore interface {
	// CRUD operations
	Create(ctx context.Context, document *Document, threatModelID string) error
	Get(ctx context.Context, id string) (*Document, error)
	Update(ctx context.Context, document *Document, threatModelID string) error
	Delete(ctx context.Context, id string) error
	Patch(ctx context.Context, id string, operations []PatchOperation) (*Document, error)

	// List operations with pagination
	List(ctx context.Context, threatModelID string, offset, limit int) ([]Document, error)

	// Bulk operations
	BulkCreate(ctx context.Context, documents []Document, threatModelID string) error

	// Cache management
	InvalidateCache(ctx context.Context, id string) error
	WarmCache(ctx context.Context, threatModelID string) error
}

DocumentStore defines the interface for document operations with caching support 

var GlobalDocumentStore DocumentStore

type DocumentSubResourceHandler 

type DocumentSubResourceHandler struct {
	// contains filtered or unexported fields
}

DocumentSubResourceHandler provides handlers for document sub-resource operations

func NewDocumentSubResourceHandler 

func NewDocumentSubResourceHandler(documentStore DocumentStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *DocumentSubResourceHandler

NewDocumentSubResourceHandler creates a new document sub-resource handler

func (*DocumentSubResourceHandler) BulkCreateDocuments 

func (h *DocumentSubResourceHandler) BulkCreateDocuments(c *gin.Context)

BulkCreateDocuments creates multiple documents in a single request POST /threat_models/{threat_model_id}/documents/bulk

func (*DocumentSubResourceHandler) BulkUpdateDocuments 

func (h *DocumentSubResourceHandler) BulkUpdateDocuments(c *gin.Context)

BulkUpdateDocuments updates or creates multiple documents (upsert operation) PUT /threat_models/{threat_model_id}/documents/bulk

func (*DocumentSubResourceHandler) CreateDocument 

func (h *DocumentSubResourceHandler) CreateDocument(c *gin.Context)

CreateDocument creates a new document in a threat model POST /threat_models/{threat_model_id}/documents

func (*DocumentSubResourceHandler) DeleteDocument 

func (h *DocumentSubResourceHandler) DeleteDocument(c *gin.Context)

DeleteDocument deletes a document DELETE /threat_models/{threat_model_id}/documents/{document_id}

func (*DocumentSubResourceHandler) GetDocument 

func (h *DocumentSubResourceHandler) GetDocument(c *gin.Context)

GetDocument retrieves a specific document by ID GET /threat_models/{threat_model_id}/documents/{document_id}

func (*DocumentSubResourceHandler) GetDocuments 

func (h *DocumentSubResourceHandler) GetDocuments(c *gin.Context)

GetDocuments retrieves all documents for a threat model with pagination GET /threat_models/{threat_model_id}/documents

func (*DocumentSubResourceHandler) PatchDocument 

func (h *DocumentSubResourceHandler) PatchDocument(c *gin.Context)

PatchDocument applies JSON patch operations to a document PATCH /threat_models/{threat_model_id}/documents/{document_id}

func (*DocumentSubResourceHandler) UpdateDocument 

func (h *DocumentSubResourceHandler) UpdateDocument(c *gin.Context)

UpdateDocument updates an existing document PUT /threat_models/{threat_model_id}/documents/{document_id}

type Edge 

type Edge struct {
	// Attrs Visual styling attributes for the edge
	Attrs *EdgeAttrs `json:"attrs,omitempty"`

	// Connector Edge connector style configuration for visual appearance
	Connector *EdgeConnector `json:"connector,omitempty"`

	// Data Flexible data storage compatible with X6, with reserved metadata namespace
	Data *Edge_Data `json:"data,omitempty"`

	// DefaultLabel Default label configuration applied to edges without explicit labels
	DefaultLabel *EdgeLabel `json:"defaultLabel,omitempty"`

	// Id Unique identifier of the cell (UUID)
	Id openapi_types.UUID `json:"id"`

	// Labels Text labels positioned along the edge
	Labels *[]EdgeLabel `json:"labels,omitempty"`

	// Markup SVG/HTML markup definition for custom shape rendering in X6
	Markup *[]MarkupElement `json:"markup,omitempty"`

	// Router Edge routing algorithm configuration for path calculation
	Router *EdgeRouter `json:"router,omitempty"`

	// Shape Edge type identifier
	Shape EdgeShape `json:"shape"`

	// Source Source connection point
	Source EdgeTerminal `json:"source"`

	// Target Target connection point
	Target EdgeTerminal `json:"target"`

	// Vertices Intermediate waypoints for edge routing
	Vertices *[]Point `json:"vertices,omitempty"`

	// Visible Whether the cell is visible in the diagram
	Visible *bool `json:"visible,omitempty"`

	// ZIndex Z-order layer for rendering (higher values render on top)
	ZIndex *float32 `json:"zIndex,omitempty"`
}

Edge defines model for Edge.

type EdgeAttrs 

type EdgeAttrs struct {
	// Line Line styling attributes
	Line *struct {
		// SourceMarker Source marker configuration
		SourceMarker *struct {
			// Name Marker type
			Name *EdgeAttrsLineSourceMarkerName `json:"name,omitempty"`

			// Size Marker size in pixels
			Size *float32 `json:"size,omitempty"`
		} `json:"sourceMarker,omitempty"`

		// Stroke Line color
		Stroke *string `json:"stroke,omitempty"`

		// StrokeDasharray Dash pattern for the line
		StrokeDasharray *string `json:"strokeDasharray"`

		// StrokeWidth Line width in pixels
		StrokeWidth *float32 `json:"strokeWidth,omitempty"`

		// TargetMarker Arrowhead marker configuration
		TargetMarker *struct {
			// Name Marker type
			Name *EdgeAttrsLineTargetMarkerName `json:"name,omitempty"`

			// Size Marker size in pixels
			Size *float32 `json:"size,omitempty"`
		} `json:"targetMarker,omitempty"`
	} `json:"line,omitempty"`
}

EdgeAttrs Visual attributes for an edge

type EdgeAttrsLineSourceMarkerName 

type EdgeAttrsLineSourceMarkerName string

EdgeAttrsLineSourceMarkerName Marker type 

const (
	EdgeAttrsLineSourceMarkerNameBlock   EdgeAttrsLineSourceMarkerName = "block"
	EdgeAttrsLineSourceMarkerNameCircle  EdgeAttrsLineSourceMarkerName = "circle"
	EdgeAttrsLineSourceMarkerNameClassic EdgeAttrsLineSourceMarkerName = "classic"
	EdgeAttrsLineSourceMarkerNameDiamond EdgeAttrsLineSourceMarkerName = "diamond"
)

Defines values for EdgeAttrsLineSourceMarkerName.

type EdgeAttrsLineTargetMarkerName 

type EdgeAttrsLineTargetMarkerName string

EdgeAttrsLineTargetMarkerName Marker type 

const (
	EdgeAttrsLineTargetMarkerNameBlock   EdgeAttrsLineTargetMarkerName = "block"
	EdgeAttrsLineTargetMarkerNameCircle  EdgeAttrsLineTargetMarkerName = "circle"
	EdgeAttrsLineTargetMarkerNameClassic EdgeAttrsLineTargetMarkerName = "classic"
	EdgeAttrsLineTargetMarkerNameDiamond EdgeAttrsLineTargetMarkerName = "diamond"
)

Defines values for EdgeAttrsLineTargetMarkerName.

type EdgeConnector 

type EdgeConnector struct {
	// contains filtered or unexported fields
}

EdgeConnector Edge connector style configuration for visual appearance

func (EdgeConnector) AsEdgeConnector0 

func (t EdgeConnector) AsEdgeConnector0() (EdgeConnector0, error)

AsEdgeConnector0 returns the union data inside the EdgeConnector as a EdgeConnector0

func (EdgeConnector) AsEdgeConnector1 

func (t EdgeConnector) AsEdgeConnector1() (EdgeConnector1, error)

AsEdgeConnector1 returns the union data inside the EdgeConnector as a EdgeConnector1

func (*EdgeConnector) FromEdgeConnector0 

func (t *EdgeConnector) FromEdgeConnector0(v EdgeConnector0) error

FromEdgeConnector0 overwrites any union data inside the EdgeConnector as the provided EdgeConnector0

func (*EdgeConnector) FromEdgeConnector1 

func (t *EdgeConnector) FromEdgeConnector1(v EdgeConnector1) error

FromEdgeConnector1 overwrites any union data inside the EdgeConnector as the provided EdgeConnector1

func (EdgeConnector) MarshalJSON 

func (t EdgeConnector) MarshalJSON() ([]byte, error)

func (*EdgeConnector) MergeEdgeConnector0 

func (t *EdgeConnector) MergeEdgeConnector0(v EdgeConnector0) error

MergeEdgeConnector0 performs a merge with any union data inside the EdgeConnector, using the provided EdgeConnector0

func (*EdgeConnector) MergeEdgeConnector1 

func (t *EdgeConnector) MergeEdgeConnector1(v EdgeConnector1) error

MergeEdgeConnector1 performs a merge with any union data inside the EdgeConnector, using the provided EdgeConnector1

func (*EdgeConnector) UnmarshalJSON 

func (t *EdgeConnector) UnmarshalJSON(b []byte) error

type EdgeConnector0 

type EdgeConnector0 string

EdgeConnector0 Built-in connector name 

const (
	EdgeConnector0Jumpover EdgeConnector0 = "jumpover"
	EdgeConnector0Normal   EdgeConnector0 = "normal"
	EdgeConnector0Rounded  EdgeConnector0 = "rounded"
	EdgeConnector0Smooth   EdgeConnector0 = "smooth"
)

Defines values for EdgeConnector0.

type EdgeConnector1 

type EdgeConnector1 struct {
	// Args Connector-specific arguments
	Args *EdgeConnector_1_Args `json:"args,omitempty"`

	// Name Connector style name
	Name EdgeConnector1Name `json:"name"`
}

EdgeConnector1 Connector with custom configuration

type EdgeConnector1ArgsJump 

type EdgeConnector1ArgsJump string

EdgeConnector1ArgsJump Jump style for jumpover connectors 

const (
	Arc   EdgeConnector1ArgsJump = "arc"
	Cubic EdgeConnector1ArgsJump = "cubic"
	Gap   EdgeConnector1ArgsJump = "gap"
)

Defines values for EdgeConnector1ArgsJump.

type EdgeConnector1Name 

type EdgeConnector1Name string

EdgeConnector1Name Connector style name 

const (
	EdgeConnector1NameJumpover EdgeConnector1Name = "jumpover"
	EdgeConnector1NameNormal   EdgeConnector1Name = "normal"
	EdgeConnector1NameRounded  EdgeConnector1Name = "rounded"
	EdgeConnector1NameSmooth   EdgeConnector1Name = "smooth"
)

Defines values for EdgeConnector1Name.

type EdgeConnector_1_Args 

type EdgeConnector_1_Args struct {
	// Jump Jump style for jumpover connectors
	Jump *EdgeConnector1ArgsJump `json:"jump,omitempty"`

	// Precision Precision for smooth connectors
	Precision *float32 `json:"precision,omitempty"`

	// Radius Radius for rounded connectors
	Radius *float32 `json:"radius,omitempty"`

	// Size Jump size for jumpover connectors
	Size                 *float32               `json:"size,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

EdgeConnector_1_Args Connector-specific arguments

func (EdgeConnector_1_Args) Get 

func (a EdgeConnector_1_Args) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for EdgeConnector_1_Args. Returns the specified element and whether it was found

func (EdgeConnector_1_Args) MarshalJSON 

func (a EdgeConnector_1_Args) MarshalJSON() ([]byte, error)

Override default JSON handling for EdgeConnector_1_Args to handle AdditionalProperties

func (*EdgeConnector_1_Args) Set 

func (a *EdgeConnector_1_Args) Set(fieldName string, value interface{})

Setter for additional properties for EdgeConnector_1_Args

func (*EdgeConnector_1_Args) UnmarshalJSON 

func (a *EdgeConnector_1_Args) UnmarshalJSON(b []byte) error

Override default JSON handling for EdgeConnector_1_Args to handle AdditionalProperties

type EdgeLabel 

type EdgeLabel struct {
	// Attrs Label styling attributes
	Attrs *struct {
		// Text Text styling
		Text *struct {
			// Fill Text color
			Fill *string `json:"fill,omitempty"`

			// FontFamily Font family
			FontFamily *string `json:"fontFamily,omitempty"`

			// FontSize Font size in pixels
			FontSize *float32 `json:"fontSize,omitempty"`

			// Text Label text content
			Text *string `json:"text,omitempty"`
		} `json:"text,omitempty"`
	} `json:"attrs,omitempty"`
	Position *EdgeLabel_Position `json:"position,omitempty"`
}

EdgeLabel Label positioned along an edge

type EdgeLabelPosition0 

type EdgeLabelPosition0 = float32

EdgeLabelPosition0 Simple position: 0-1 for percentage, >1 for pixels from start, <0 for pixels from end

type EdgeLabelPosition1 

type EdgeLabelPosition1 struct {
	// Angle Rotation angle in degrees (clockwise)
	Angle *float32 `json:"angle,omitempty"`

	// Distance Position along the edge: 0-1 for percentage, >1 for pixels from start, <0 for pixels from end
	Distance float32                      `json:"distance"`
	Offset   *EdgeLabel_Position_1_Offset `json:"offset,omitempty"`

	// Options Advanced positioning options
	Options *struct {
		// AbsoluteDistance Forces absolute coordinates for distance
		AbsoluteDistance *bool `json:"absoluteDistance,omitempty"`

		// AbsoluteOffset Forces absolute coordinates for offset
		AbsoluteOffset *bool `json:"absoluteOffset,omitempty"`

		// EnsureLegibility Rotates labels to avoid upside-down text
		EnsureLegibility *bool `json:"ensureLegibility,omitempty"`

		// KeepGradient Auto-adjusts angle to match path gradient
		KeepGradient *bool `json:"keepGradient,omitempty"`

		// ReverseDistance Forces reverse absolute coordinates
		ReverseDistance *bool `json:"reverseDistance,omitempty"`
	} `json:"options,omitempty"`
}

EdgeLabelPosition1 Advanced position with offset and angle (X6 LabelPositionObject format)

type EdgeLabelPosition1Offset0 

type EdgeLabelPosition1Offset0 = float32

EdgeLabelPosition1Offset0 Perpendicular offset from edge (positive = down/right, negative = up/left)

type EdgeLabelPosition1Offset1 

type EdgeLabelPosition1Offset1 struct {
	X *float32 `json:"x,omitempty"`
	Y *float32 `json:"y,omitempty"`
}

EdgeLabelPosition1Offset1 Absolute x,y offset

type EdgeLabel_Position 

type EdgeLabel_Position struct {
	// contains filtered or unexported fields
}

EdgeLabel_Position defines model for EdgeLabel.Position.

func (EdgeLabel_Position) AsEdgeLabelPosition0 

func (t EdgeLabel_Position) AsEdgeLabelPosition0() (EdgeLabelPosition0, error)

AsEdgeLabelPosition0 returns the union data inside the EdgeLabel_Position as a EdgeLabelPosition0

func (EdgeLabel_Position) AsEdgeLabelPosition1 

func (t EdgeLabel_Position) AsEdgeLabelPosition1() (EdgeLabelPosition1, error)

AsEdgeLabelPosition1 returns the union data inside the EdgeLabel_Position as a EdgeLabelPosition1

func (*EdgeLabel_Position) FromEdgeLabelPosition0 

func (t *EdgeLabel_Position) FromEdgeLabelPosition0(v EdgeLabelPosition0) error

FromEdgeLabelPosition0 overwrites any union data inside the EdgeLabel_Position as the provided EdgeLabelPosition0

func (*EdgeLabel_Position) FromEdgeLabelPosition1 

func (t *EdgeLabel_Position) FromEdgeLabelPosition1(v EdgeLabelPosition1) error

FromEdgeLabelPosition1 overwrites any union data inside the EdgeLabel_Position as the provided EdgeLabelPosition1

func (EdgeLabel_Position) MarshalJSON 

func (t EdgeLabel_Position) MarshalJSON() ([]byte, error)

func (*EdgeLabel_Position) MergeEdgeLabelPosition0 

func (t *EdgeLabel_Position) MergeEdgeLabelPosition0(v EdgeLabelPosition0) error

MergeEdgeLabelPosition0 performs a merge with any union data inside the EdgeLabel_Position, using the provided EdgeLabelPosition0

func (*EdgeLabel_Position) MergeEdgeLabelPosition1 

func (t *EdgeLabel_Position) MergeEdgeLabelPosition1(v EdgeLabelPosition1) error

MergeEdgeLabelPosition1 performs a merge with any union data inside the EdgeLabel_Position, using the provided EdgeLabelPosition1

func (*EdgeLabel_Position) UnmarshalJSON 

func (t *EdgeLabel_Position) UnmarshalJSON(b []byte) error

type EdgeLabel_Position_1_Offset 

type EdgeLabel_Position_1_Offset struct {
	// contains filtered or unexported fields
}

EdgeLabel_Position_1_Offset defines model for EdgeLabel.Position.1.Offset.

func (EdgeLabel_Position_1_Offset) AsEdgeLabelPosition1Offset0 

func (t EdgeLabel_Position_1_Offset) AsEdgeLabelPosition1Offset0() (EdgeLabelPosition1Offset0, error)

AsEdgeLabelPosition1Offset0 returns the union data inside the EdgeLabel_Position_1_Offset as a EdgeLabelPosition1Offset0

func (EdgeLabel_Position_1_Offset) AsEdgeLabelPosition1Offset1 

func (t EdgeLabel_Position_1_Offset) AsEdgeLabelPosition1Offset1() (EdgeLabelPosition1Offset1, error)

AsEdgeLabelPosition1Offset1 returns the union data inside the EdgeLabel_Position_1_Offset as a EdgeLabelPosition1Offset1

func (*EdgeLabel_Position_1_Offset) FromEdgeLabelPosition1Offset0 

func (t *EdgeLabel_Position_1_Offset) FromEdgeLabelPosition1Offset0(v EdgeLabelPosition1Offset0) error

FromEdgeLabelPosition1Offset0 overwrites any union data inside the EdgeLabel_Position_1_Offset as the provided EdgeLabelPosition1Offset0

func (*EdgeLabel_Position_1_Offset) FromEdgeLabelPosition1Offset1 

func (t *EdgeLabel_Position_1_Offset) FromEdgeLabelPosition1Offset1(v EdgeLabelPosition1Offset1) error

FromEdgeLabelPosition1Offset1 overwrites any union data inside the EdgeLabel_Position_1_Offset as the provided EdgeLabelPosition1Offset1

func (EdgeLabel_Position_1_Offset) MarshalJSON 

func (t EdgeLabel_Position_1_Offset) MarshalJSON() ([]byte, error)

func (*EdgeLabel_Position_1_Offset) MergeEdgeLabelPosition1Offset0 

func (t *EdgeLabel_Position_1_Offset) MergeEdgeLabelPosition1Offset0(v EdgeLabelPosition1Offset0) error

MergeEdgeLabelPosition1Offset0 performs a merge with any union data inside the EdgeLabel_Position_1_Offset, using the provided EdgeLabelPosition1Offset0

func (*EdgeLabel_Position_1_Offset) MergeEdgeLabelPosition1Offset1 

func (t *EdgeLabel_Position_1_Offset) MergeEdgeLabelPosition1Offset1(v EdgeLabelPosition1Offset1) error

MergeEdgeLabelPosition1Offset1 performs a merge with any union data inside the EdgeLabel_Position_1_Offset, using the provided EdgeLabelPosition1Offset1

func (*EdgeLabel_Position_1_Offset) UnmarshalJSON 

func (t *EdgeLabel_Position_1_Offset) UnmarshalJSON(b []byte) error

type EdgeRouter 

type EdgeRouter struct {
	// contains filtered or unexported fields
}

EdgeRouter Edge routing algorithm configuration for pathfinding

func (EdgeRouter) AsEdgeRouter0 

func (t EdgeRouter) AsEdgeRouter0() (EdgeRouter0, error)

AsEdgeRouter0 returns the union data inside the EdgeRouter as a EdgeRouter0

func (EdgeRouter) AsEdgeRouter1 

func (t EdgeRouter) AsEdgeRouter1() (EdgeRouter1, error)

AsEdgeRouter1 returns the union data inside the EdgeRouter as a EdgeRouter1

func (*EdgeRouter) FromEdgeRouter0 

func (t *EdgeRouter) FromEdgeRouter0(v EdgeRouter0) error

FromEdgeRouter0 overwrites any union data inside the EdgeRouter as the provided EdgeRouter0

func (*EdgeRouter) FromEdgeRouter1 

func (t *EdgeRouter) FromEdgeRouter1(v EdgeRouter1) error

FromEdgeRouter1 overwrites any union data inside the EdgeRouter as the provided EdgeRouter1

func (EdgeRouter) MarshalJSON 

func (t EdgeRouter) MarshalJSON() ([]byte, error)

func (*EdgeRouter) MergeEdgeRouter0 

func (t *EdgeRouter) MergeEdgeRouter0(v EdgeRouter0) error

MergeEdgeRouter0 performs a merge with any union data inside the EdgeRouter, using the provided EdgeRouter0

func (*EdgeRouter) MergeEdgeRouter1 

func (t *EdgeRouter) MergeEdgeRouter1(v EdgeRouter1) error

MergeEdgeRouter1 performs a merge with any union data inside the EdgeRouter, using the provided EdgeRouter1

func (*EdgeRouter) UnmarshalJSON 

func (t *EdgeRouter) UnmarshalJSON(b []byte) error

type EdgeRouter0 

type EdgeRouter0 string

EdgeRouter0 Built-in router name 

const (
	EdgeRouter0Er        EdgeRouter0 = "er"
	EdgeRouter0Manhattan EdgeRouter0 = "manhattan"
	EdgeRouter0Metro     EdgeRouter0 = "metro"
	EdgeRouter0Normal    EdgeRouter0 = "normal"
	EdgeRouter0OneSide   EdgeRouter0 = "oneSide"
	EdgeRouter0Orth      EdgeRouter0 = "orth"
)

Defines values for EdgeRouter0.

type EdgeRouter1 

type EdgeRouter1 struct {
	// Args Router-specific arguments
	Args *EdgeRouter_1_Args `json:"args,omitempty"`

	// Name Router algorithm name
	Name EdgeRouter1Name `json:"name"`
}

EdgeRouter1 Router with custom configuration

type EdgeRouter1ArgsDirections 

type EdgeRouter1ArgsDirections string

EdgeRouter1ArgsDirections defines model for EdgeRouter.1.Args.Directions. 

const (
	EdgeRouter1ArgsDirectionsBottom EdgeRouter1ArgsDirections = "bottom"
	EdgeRouter1ArgsDirectionsLeft   EdgeRouter1ArgsDirections = "left"
	EdgeRouter1ArgsDirectionsRight  EdgeRouter1ArgsDirections = "right"
	EdgeRouter1ArgsDirectionsTop    EdgeRouter1ArgsDirections = "top"
)

Defines values for EdgeRouter1ArgsDirections.

type EdgeRouter1Name 

type EdgeRouter1Name string

EdgeRouter1Name Router algorithm name 

const (
	EdgeRouter1NameEr        EdgeRouter1Name = "er"
	EdgeRouter1NameManhattan EdgeRouter1Name = "manhattan"
	EdgeRouter1NameMetro     EdgeRouter1Name = "metro"
	EdgeRouter1NameNormal    EdgeRouter1Name = "normal"
	EdgeRouter1NameOneSide   EdgeRouter1Name = "oneSide"
	EdgeRouter1NameOrth      EdgeRouter1Name = "orth"
)

Defines values for EdgeRouter1Name.

type EdgeRouter_1_Args 

type EdgeRouter_1_Args struct {
	// Directions Allowed routing directions
	Directions *[]EdgeRouter1ArgsDirections `json:"directions,omitempty"`

	// Padding Padding around obstacles for routing
	Padding *float32 `json:"padding,omitempty"`

	// Step Grid step size for orthogonal routing
	Step                 *float32               `json:"step,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

EdgeRouter_1_Args Router-specific arguments

func (EdgeRouter_1_Args) Get 

func (a EdgeRouter_1_Args) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for EdgeRouter_1_Args. Returns the specified element and whether it was found

func (EdgeRouter_1_Args) MarshalJSON 

func (a EdgeRouter_1_Args) MarshalJSON() ([]byte, error)

Override default JSON handling for EdgeRouter_1_Args to handle AdditionalProperties

func (*EdgeRouter_1_Args) Set 

func (a *EdgeRouter_1_Args) Set(fieldName string, value interface{})

Setter for additional properties for EdgeRouter_1_Args

func (*EdgeRouter_1_Args) UnmarshalJSON 

func (a *EdgeRouter_1_Args) UnmarshalJSON(b []byte) error

Override default JSON handling for EdgeRouter_1_Args to handle AdditionalProperties

type EdgeShape 

type EdgeShape string

EdgeShape Edge type identifier 

const (
	EdgeShapeEdge EdgeShape = "edge"
)

Defines values for EdgeShape.

type EdgeTerminal 

type EdgeTerminal struct {
	// Cell ID of the connected node (UUID)
	Cell openapi_types.UUID `json:"cell"`

	// Port ID of the specific port on the node (optional)
	Port *string `json:"port"`
}

EdgeTerminal Connection point for an edge (source or target)

type Edge_Data 

type Edge_Data struct {
	// Metadata Reserved namespace for structured business metadata
	Metadata             *[]Metadata            `json:"_metadata,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

Edge_Data Flexible data storage compatible with X6, with reserved metadata namespace

func (Edge_Data) Get 

func (a Edge_Data) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for Edge_Data. Returns the specified element and whether it was found

func (Edge_Data) MarshalJSON 

func (a Edge_Data) MarshalJSON() ([]byte, error)

Override default JSON handling for Edge_Data to handle AdditionalProperties

func (*Edge_Data) Set 

func (a *Edge_Data) Set(fieldName string, value interface{})

Setter for additional properties for Edge_Data

func (*Edge_Data) UnmarshalJSON 

func (a *Edge_Data) UnmarshalJSON(b []byte) error

Override default JSON handling for Edge_Data to handle AdditionalProperties

type EmailQueryParam 

type EmailQueryParam = string

EmailQueryParam defines model for EmailQueryParam.

type EnhancedMetadataCreateRequest 

type EnhancedMetadataCreateRequest struct {
	Key   string `json:"key" binding:"required" maxlength:"100"`
	Value string `json:"value" binding:"required" maxlength:"1000"`
}

Additional validation struct examples for metadata (avoiding conflicts with existing types)

type Error 

type Error struct {
	// Details Additional context-specific error information
	Details *struct {
		// Code Machine-readable error code for programmatic handling
		Code *string `json:"code,omitempty"`

		// Context Contextual information about the error
		Context *map[string]interface{} `json:"context,omitempty"`

		// Suggestion Human-readable suggestion for resolving the error
		Suggestion *string `json:"suggestion,omitempty"`
	} `json:"details"`

	// Error Error code
	Error string `json:"error"`

	// ErrorDescription Human-readable error description
	ErrorDescription string `json:"error_description"`

	// ErrorUri URI to documentation about the error
	ErrorUri *string `json:"error_uri,omitempty"`
}

Error Standard error response format

type ErrorDetails 

type ErrorDetails struct {
	Code       *string                `json:"code,omitempty"`
	Context    map[string]interface{} `json:"context,omitempty"`
	Suggestion *string                `json:"suggestion,omitempty"`
}

ErrorDetails provides structured context for errors

type ErrorMessage 

type ErrorMessage struct {
	MessageType MessageType            `json:"message_type"`
	Error       string                 `json:"error"`
	Message     string                 `json:"message"`
	Code        *string                `json:"code,omitempty"`
	Details     map[string]interface{} `json:"details,omitempty"`
	Timestamp   time.Time              `json:"timestamp"`
}

ErrorMessage represents an error response

func (ErrorMessage) GetMessageType 

func (m ErrorMessage) GetMessageType() MessageType

func (ErrorMessage) Validate 

func (m ErrorMessage) Validate() error

type ErrorResponse 

type ErrorResponse = Error

ErrorResponse is deprecated. Use the OpenAPI-generated Error type instead. This type has been replaced with api.Error which uses error_description field per OpenAPI specification requirements. Deprecated: Use Error from api.go (OpenAPI-generated)

type EventEmitter 

type EventEmitter struct {
	// contains filtered or unexported fields
}

EventEmitter handles event emission to Redis Streams 

var GlobalEventEmitter *EventEmitter

Global event emitter instance

func NewEventEmitter 

func NewEventEmitter(redisClient *redis.Client, streamKey string) *EventEmitter

NewEventEmitter creates a new event emitter

func (*EventEmitter) EmitEvent 

func (e *EventEmitter) EmitEvent(ctx context.Context, payload EventPayload) error

EmitEvent emits an event to Redis Stream with deduplication

type EventPayload 

type EventPayload struct {
	EventType     string                 `json:"event_type"`
	ThreatModelID string                 `json:"threat_model_id,omitempty"`
	ResourceID    string                 `json:"resource_id"`
	ResourceType  string                 `json:"resource_type"`
	OwnerID       string                 `json:"owner_id"`
	Timestamp     time.Time              `json:"timestamp"`
	Data          map[string]interface{} `json:"data,omitempty"`
}

EventPayload represents the structure of an event emitted to Redis

type ExchangeOAuthCodeFormdataRequestBody 

type ExchangeOAuthCodeFormdataRequestBody = TokenRequest

ExchangeOAuthCodeFormdataRequestBody defines body for ExchangeOAuthCode for application/x-www-form-urlencoded ContentType.

type ExchangeOAuthCodeJSONBody 

type ExchangeOAuthCodeJSONBody struct {
	// ClientId Client identifier (required for client_credentials grant)
	ClientId *string `json:"client_id"`

	// ClientSecret Client secret (required for client_credentials grant)
	ClientSecret *string `json:"client_secret"`

	// Code Authorization code received from OAuth provider. Per RFC 6749, can contain any visible ASCII characters (VSCHAR: 0x20-0x7E).
	Code *string `json:"code"`

	// CodeVerifier PKCE code verifier (RFC 7636) - High-entropy cryptographic random string used to mitigate authorization code interception attacks. Must be 43-128 characters using [A-Za-z0-9-._~] characters.
	CodeVerifier *string `json:"code_verifier"`

	// GrantType OAuth 2.0 grant type (RFC 6749)
	GrantType ExchangeOAuthCodeJSONBodyGrantType `json:"grant_type"`

	// RedirectUri Redirect URI used in the authorization request (must match exactly)
	RedirectUri *string `json:"redirect_uri"`

	// RefreshToken Refresh token (required for refresh_token grant)
	RefreshToken *string `json:"refresh_token"`

	// State State parameter for CSRF protection (optional but recommended)
	State *string `json:"state"`
}

ExchangeOAuthCodeJSONBody defines parameters for ExchangeOAuthCode.

type ExchangeOAuthCodeJSONBodyGrantType 

type ExchangeOAuthCodeJSONBodyGrantType string

ExchangeOAuthCodeJSONBodyGrantType defines parameters for ExchangeOAuthCode. 

const (
	ExchangeOAuthCodeJSONBodyGrantTypeAuthorizationCode ExchangeOAuthCodeJSONBodyGrantType = "authorization_code"
	ExchangeOAuthCodeJSONBodyGrantTypeClientCredentials ExchangeOAuthCodeJSONBodyGrantType = "client_credentials"
	ExchangeOAuthCodeJSONBodyGrantTypeRefreshToken      ExchangeOAuthCodeJSONBodyGrantType = "refresh_token"
)

Defines values for ExchangeOAuthCodeJSONBodyGrantType.

type ExchangeOAuthCodeJSONRequestBody 

type ExchangeOAuthCodeJSONRequestBody ExchangeOAuthCodeJSONBody

ExchangeOAuthCodeJSONRequestBody defines body for ExchangeOAuthCode for application/json ContentType.

type ExchangeOAuthCodeParams 

type ExchangeOAuthCodeParams struct {
	// Idp OAuth provider identifier. Defaults to 'test' provider in non-production builds if not specified.
	Idp *IdpQueryParam `form:"idp,omitempty" json:"idp,omitempty"`
}

ExchangeOAuthCodeParams defines parameters for ExchangeOAuthCode.

type ExtendedAsset 

type ExtendedAsset struct {
	// Classification Classification tags for the asset
	Classification *[]string `json:"classification"`

	// CreatedAt Creation timestamp (ISO3339)
	CreatedAt time.Time `json:"created_at"`

	// Criticality Criticality level of the asset
	Criticality *string `json:"criticality"`

	// Description Description of the asset
	Description *string `json:"description"`

	// Id Unique identifier for the asset
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Optional metadata key-value pairs
	Metadata *[]Metadata `json:"metadata,omitempty"`

	// ModifiedAt Last modification timestamp (ISO3339)
	ModifiedAt time.Time `json:"modified_at"`

	// Name Asset name
	Name string `binding:"required" json:"name"`

	// Sensitivity Sensitivity label for the asset
	Sensitivity *string `json:"sensitivity"`

	// ThreatModelId ID of the threat model this asset belongs to
	ThreatModelId openapi_types.UUID `json:"threat_model_id"`

	// Type Type of asset
	Type ExtendedAssetType `binding:"required" json:"type"`
}

ExtendedAsset defines model for ExtendedAsset.

type ExtendedAssetType 

type ExtendedAssetType string

ExtendedAssetType Type of asset 

const (
	Data           ExtendedAssetType = "data"
	Hardware       ExtendedAssetType = "hardware"
	Infrastructure ExtendedAssetType = "infrastructure"
	Personnel      ExtendedAssetType = "personnel"
	Service        ExtendedAssetType = "service"
	Software       ExtendedAssetType = "software"
)

Defines values for ExtendedAssetType.

type ExtendedDocument 

type ExtendedDocument struct {
	Document
	ThreatModelId uuid.UUID `json:"threat_model_id"`
	CreatedAt     time.Time `json:"created_at"`
	ModifiedAt    time.Time `json:"modified_at"`
}

ExtendedDocument includes database fields not in the API model

type ExtendedMetadata 

type ExtendedMetadata struct {
	Metadata
	ID         uuid.UUID `json:"id"`
	EntityType string    `json:"entity_type"`
	EntityID   uuid.UUID `json:"entity_id"`
	CreatedAt  time.Time `json:"created_at"`
	ModifiedAt time.Time `json:"modified_at"`
}

ExtendedMetadata includes database fields not in the API model

type ExtendedNote 

type ExtendedNote struct {
	Note
	ThreatModelId uuid.UUID `json:"threat_model_id"`
	CreatedAt     time.Time `json:"created_at"`
	ModifiedAt    time.Time `json:"modified_at"`
}

ExtendedNote includes database fields not in the API model

type ExtendedRepository 

type ExtendedRepository struct {
	Repository
	ThreatModelId uuid.UUID `json:"threat_model_id"`
	CreatedAt     time.Time `json:"created_at"`
	ModifiedAt    time.Time `json:"modified_at"`
}

ExtendedRepository includes database fields not in the API model

type FieldErrorRegistry 

type FieldErrorRegistry struct {
	// contains filtered or unexported fields
}

FieldErrorRegistry provides contextual error messages for prohibited fields

func (*FieldErrorRegistry) GetMessage 

func (r *FieldErrorRegistry) GetMessage(field, operation string) string

GetFieldErrorMessage returns a contextual error message for a prohibited field

type FormatQueryParam 

type FormatQueryParam string

FormatQueryParam defines model for FormatQueryParam. 

const (
	FormatQueryParamGraphml FormatQueryParam = "graphml"
	FormatQueryParamJson    FormatQueryParam = "json"
	FormatQueryParamYaml    FormatQueryParam = "yaml"
)

Defines values for FormatQueryParam.

type GenericId 

type GenericId = openapi_types.UUID

GenericId defines model for GenericId.

type GetDiagramModelParams 

type GetDiagramModelParams struct {
	// Format Output format for the diagram model (case-insensitive). Defaults to json if not specified.
	Format *GetDiagramModelParamsFormat `form:"format,omitempty" json:"format,omitempty"`
}

GetDiagramModelParams defines parameters for GetDiagramModel.

type GetDiagramModelParamsFormat 

type GetDiagramModelParamsFormat string

GetDiagramModelParamsFormat defines parameters for GetDiagramModel. 

const (
	GetDiagramModelParamsFormatGraphml GetDiagramModelParamsFormat = "graphml"
	GetDiagramModelParamsFormatJson    GetDiagramModelParamsFormat = "json"
	GetDiagramModelParamsFormatYaml    GetDiagramModelParamsFormat = "yaml"
)

Defines values for GetDiagramModelParamsFormat.

type GetThreatModelAssetsParams 

type GetThreatModelAssetsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`
}

GetThreatModelAssetsParams defines parameters for GetThreatModelAssets.

type GetThreatModelDiagramsParams 

type GetThreatModelDiagramsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`
}

GetThreatModelDiagramsParams defines parameters for GetThreatModelDiagrams.

type GetThreatModelDocumentsParams 

type GetThreatModelDocumentsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`
}

GetThreatModelDocumentsParams defines parameters for GetThreatModelDocuments.

type GetThreatModelNotesParams 

type GetThreatModelNotesParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`
}

GetThreatModelNotesParams defines parameters for GetThreatModelNotes.

type GetThreatModelRepositoriesParams 

type GetThreatModelRepositoriesParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`
}

GetThreatModelRepositoriesParams defines parameters for GetThreatModelRepositories.

type GetThreatModelThreatsParams 

type GetThreatModelThreatsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// Sort Sort order (e.g., created_at:desc, name:asc, severity:desc, score:desc)
	Sort *SortQueryParam `form:"sort,omitempty" json:"sort,omitempty"`

	// Name Filter by threat model name (partial match)
	Name *NameQueryParam `form:"name,omitempty" json:"name,omitempty"`

	// Description Filter by threat model description (partial match)
	Description *DescriptionQueryParam `form:"description,omitempty" json:"description,omitempty"`

	// ThreatType Filter by threat types (AND logic). Threat must contain ALL specified types. Example: ?threat_type=Tampering&threat_type=Spoofing
	ThreatType *ThreatTypeQueryParam `form:"threat_type,omitempty" json:"threat_type,omitempty"`

	// Severity Filter by severity level (exact match)
	Severity *GetThreatModelThreatsParamsSeverity `form:"severity,omitempty" json:"severity,omitempty"`

	// Priority Filter by priority (exact match)
	Priority *PriorityQueryParam `form:"priority,omitempty" json:"priority,omitempty"`

	// Status Filter by status value (exact match). To filter by multiple statuses, use multiple status parameters or comma-separated values.
	Status *StatusQueryParam `form:"status,omitempty" json:"status,omitempty"`

	// DiagramId Filter by diagram ID (exact match)
	DiagramId *DiagramIdQueryParam `form:"diagram_id,omitempty" json:"diagram_id,omitempty"`

	// CellId Filter by cell ID (exact match)
	CellId *CellIdQueryParam `form:"cell_id,omitempty" json:"cell_id,omitempty"`

	// ScoreGt Filter threats with score greater than this value
	ScoreGt *ScoreGtQueryParam `form:"score_gt,omitempty" json:"score_gt,omitempty"`

	// ScoreLt Filter threats with score less than this value
	ScoreLt *ScoreLtQueryParam `form:"score_lt,omitempty" json:"score_lt,omitempty"`

	// ScoreEq Filter threats with score equal to this value
	ScoreEq *ScoreEqQueryParam `form:"score_eq,omitempty" json:"score_eq,omitempty"`

	// ScoreGe Filter threats with score greater than or equal to this value
	ScoreGe *ScoreGeQueryParam `form:"score_ge,omitempty" json:"score_ge,omitempty"`

	// ScoreLe Filter threats with score less than or equal to this value
	ScoreLe *ScoreLeQueryParam `form:"score_le,omitempty" json:"score_le,omitempty"`

	// CreatedAfter Filter results created after this timestamp (ISO 8601)
	CreatedAfter *CreatedAfter `form:"created_after,omitempty" json:"created_after,omitempty"`

	// CreatedBefore Filter results created before this timestamp (ISO 8601)
	CreatedBefore *CreatedBefore `form:"created_before,omitempty" json:"created_before,omitempty"`

	// ModifiedAfter Filter results modified after this timestamp (ISO 8601)
	ModifiedAfter *ModifiedAfter `form:"modified_after,omitempty" json:"modified_after,omitempty"`

	// ModifiedBefore Filter results modified before this timestamp (ISO 8601)
	ModifiedBefore *ModifiedBefore `form:"modified_before,omitempty" json:"modified_before,omitempty"`
}

GetThreatModelThreatsParams defines parameters for GetThreatModelThreats.

type GetThreatModelThreatsParamsSeverity 

type GetThreatModelThreatsParamsSeverity string

GetThreatModelThreatsParamsSeverity defines parameters for GetThreatModelThreats. 

const (
	GetThreatModelThreatsParamsSeverityCritical GetThreatModelThreatsParamsSeverity = "Critical"
	GetThreatModelThreatsParamsSeverityHigh     GetThreatModelThreatsParamsSeverity = "High"
	GetThreatModelThreatsParamsSeverityLow      GetThreatModelThreatsParamsSeverity = "Low"
	GetThreatModelThreatsParamsSeverityMedium   GetThreatModelThreatsParamsSeverity = "Medium"
	GetThreatModelThreatsParamsSeverityNone     GetThreatModelThreatsParamsSeverity = "None"
	GetThreatModelThreatsParamsSeverityUnknown  GetThreatModelThreatsParamsSeverity = "Unknown"
)

Defines values for GetThreatModelThreatsParamsSeverity.

type GinServerOptions 

type GinServerOptions struct {
	BaseURL      string
	Middlewares  []MiddlewareFunc
	ErrorHandler func(*gin.Context, error, int)
}

GinServerOptions provides options for the Gin server.

type GlobalPerformanceMetrics 

type GlobalPerformanceMetrics struct {
	TotalOperations         int64         `json:"total_operations"`
	TotalMessages           int64         `json:"total_messages"`
	TotalConnections        int64         `json:"total_connections"`
	TotalDisconnections     int64         `json:"total_disconnections"`
	TotalStateCorrections   int64         `json:"total_state_corrections"`
	ActiveSessions          int64         `json:"active_sessions"`
	AverageOperationLatency time.Duration `json:"average_operation_latency"`
	AverageMessageSize      float64       `json:"average_message_size"`
	AverageSessionDuration  time.Duration `json:"average_session_duration"`
}

GlobalPerformanceMetrics represents system-wide performance statistics

type GraphData 

type GraphData struct {
	Key   string `xml:"key,attr"`
	Value string `xml:",chardata"`
}

type GraphKey 

type GraphKey struct {
	ID       string `xml:"id,attr"`
	For      string `xml:"for,attr"`
	AttrName string `xml:"attr.name,attr"`
	AttrType string `xml:"attr.type,attr"`
}

type GraphML 

type GraphML struct {
	XMLName        xml.Name     `xml:"graphml"`
	XMLNS          string       `xml:"xmlns,attr"`
	XMLNSXSI       string       `xml:"xmlns:xsi,attr"`
	SchemaLocation string       `xml:"xsi:schemaLocation,attr"`
	Keys           []GraphKey   `xml:"key"`
	Graph          GraphMLGraph `xml:"graph"`
}

type GraphMLEdge 

type GraphMLEdge struct {
	ID     string      `xml:"id,attr"`
	Source string      `xml:"source,attr"`
	Target string      `xml:"target,attr"`
	Data   []GraphData `xml:"data"`
}

type GraphMLGraph 

type GraphMLGraph struct {
	ID          string        `xml:"id,attr"`
	EdgeDefault string        `xml:"edgedefault,attr"`
	Data        []GraphData   `xml:"data"`
	Nodes       []GraphMLNode `xml:"node"`
	Edges       []GraphMLEdge `xml:"edge"`
}

type GraphMLNode 

type GraphMLNode struct {
	ID   string      `xml:"id,attr"`
	Data []GraphData `xml:"data"`
}

type Group 

type Group struct {
	InternalUUID uuid.UUID `json:"internal_uuid"`
	Provider     string    `json:"provider"`
	GroupName    string    `json:"group_name"`
	Name         string    `json:"name,omitempty"`
	Description  string    `json:"description,omitempty"`
	FirstUsed    time.Time `json:"first_used"`
	LastUsed     time.Time `json:"last_used"`
	UsageCount   int       `json:"usage_count"`

	// Enriched fields (not in database)
	UsedInAuthorizations bool `json:"used_in_authorizations,omitempty"`
	UsedInAdminGrants    bool `json:"used_in_admin_grants,omitempty"`
	MemberCount          int  `json:"member_count,omitempty"` // If available from IdP
}

Group represents a group in the system

type GroupDatabaseStore 

type GroupDatabaseStore struct {
	// contains filtered or unexported fields
}

GroupDatabaseStore implements GroupStore using PostgreSQL

func NewGroupDatabaseStore 

func NewGroupDatabaseStore(db *sql.DB, authService *auth.Service) *GroupDatabaseStore

NewGroupDatabaseStore creates a new database-backed group store

func (*GroupDatabaseStore) Count 

func (s *GroupDatabaseStore) Count(ctx context.Context, filter GroupFilter) (int, error)

Count returns total count of groups matching the filter

func (*GroupDatabaseStore) Create 

func (s *GroupDatabaseStore) Create(ctx context.Context, group Group) error

Create creates a new group (primarily for provider-independent groups)

func (*GroupDatabaseStore) Delete 

func (s *GroupDatabaseStore) Delete(ctx context.Context, groupName string) (*GroupDeletionStats, error)

Delete deletes a TMI-managed group by group_name (provider is always "*") Delegates to auth service for proper cleanup of threat models and relationships

func (*GroupDatabaseStore) EnrichGroups 

func (s *GroupDatabaseStore) EnrichGroups(ctx context.Context, groups []Group) ([]Group, error)

EnrichGroups adds related data to groups (usage in authorizations/admin grants)

func (*GroupDatabaseStore) Get 

func (s *GroupDatabaseStore) Get(ctx context.Context, internalUUID uuid.UUID) (*Group, error)

Get retrieves a group by internal UUID

func (*GroupDatabaseStore) GetByProviderAndName 

func (s *GroupDatabaseStore) GetByProviderAndName(ctx context.Context, provider string, groupName string) (*Group, error)

GetByProviderAndName retrieves a group by provider and group_name

func (*GroupDatabaseStore) GetGroupsForProvider 

func (s *GroupDatabaseStore) GetGroupsForProvider(ctx context.Context, provider string) ([]Group, error)

GetGroupsForProvider returns all groups for a specific provider (for UI autocomplete)

func (*GroupDatabaseStore) List 

func (s *GroupDatabaseStore) List(ctx context.Context, filter GroupFilter) ([]Group, error)

List returns groups with optional filtering and pagination

func (*GroupDatabaseStore) Update 

func (s *GroupDatabaseStore) Update(ctx context.Context, group Group) error

Update updates group metadata (name, description)

type GroupDeletionStats 

type GroupDeletionStats struct {
	ThreatModelsDeleted  int    `json:"threat_models_deleted"`
	ThreatModelsRetained int    `json:"threat_models_retained"`
	GroupName            string `json:"group_name"`
}

GroupDeletionStats contains statistics about group deletion

type GroupFilter 

type GroupFilter struct {
	Provider             string
	GroupName            string // Case-insensitive ILIKE %name%
	UsedInAuthorizations *bool
	Limit                int
	Offset               int
	SortBy               string // group_name, first_used, last_used, usage_count
	SortOrder            string // asc, desc
}

GroupFilter defines filtering options for group queries

type GroupIdQueryParam 

type GroupIdQueryParam = openapi_types.UUID

GroupIdQueryParam defines model for GroupIdQueryParam.

type GroupMember 

type GroupMember struct {
	// AddedAt Timestamp when the user was added to the group (RFC3339)
	AddedAt time.Time `json:"added_at"`

	// AddedByEmail Email of the administrator who added this member
	AddedByEmail *openapi_types.Email `json:"added_by_email"`

	// AddedByInternalUuid Internal UUID of the administrator who added this member
	AddedByInternalUuid *openapi_types.UUID `json:"added_by_internal_uuid"`

	// GroupInternalUuid Internal UUID of the group
	GroupInternalUuid openapi_types.UUID `json:"group_internal_uuid"`

	// Id Unique identifier for the membership record
	Id openapi_types.UUID `json:"id"`

	// Notes Optional notes about this membership
	Notes *string `json:"notes"`

	// UserEmail Email address of the user
	UserEmail openapi_types.Email `json:"user_email"`

	// UserInternalUuid Internal UUID of the user
	UserInternalUuid openapi_types.UUID `json:"user_internal_uuid"`

	// UserName Display name of the user
	UserName string `json:"user_name"`

	// UserProvider OAuth/SAML provider for the user
	UserProvider string `json:"user_provider"`

	// UserProviderUserId Provider-specific user identifier
	UserProviderUserId string `json:"user_provider_user_id"`
}

GroupMember defines model for GroupMember.

type GroupMemberDatabaseStore 

type GroupMemberDatabaseStore struct {
	// contains filtered or unexported fields
}

GroupMemberDatabaseStore implements group membership operations using PostgreSQL 

var GlobalGroupMemberStore *GroupMemberDatabaseStore

GlobalGroupMemberStore is the global singleton for group membership storage

func NewGroupMemberDatabaseStore 

func NewGroupMemberDatabaseStore(db *sql.DB) *GroupMemberDatabaseStore

NewGroupMemberDatabaseStore creates a new database-backed group member store

func (*GroupMemberDatabaseStore) AddMember 

func (s *GroupMemberDatabaseStore) AddMember(ctx context.Context, groupInternalUUID, userInternalUUID uuid.UUID, addedByInternalUUID *uuid.UUID, notes *string) (*GroupMember, error)

AddMember adds a user to a group

func (*GroupMemberDatabaseStore) CountMembers 

func (s *GroupMemberDatabaseStore) CountMembers(ctx context.Context, groupInternalUUID uuid.UUID) (int, error)

CountMembers returns the total number of members in a group

func (*GroupMemberDatabaseStore) IsMember 

func (s *GroupMemberDatabaseStore) IsMember(ctx context.Context, groupInternalUUID, userInternalUUID uuid.UUID) (bool, error)

IsMember checks if a user is a member of a group

func (*GroupMemberDatabaseStore) ListMembers 

func (s *GroupMemberDatabaseStore) ListMembers(ctx context.Context, filter GroupMemberFilter) ([]GroupMember, error)

ListMembers returns all members of a group with pagination

func (*GroupMemberDatabaseStore) RemoveMember 

func (s *GroupMemberDatabaseStore) RemoveMember(ctx context.Context, groupInternalUUID, userInternalUUID uuid.UUID) error

RemoveMember removes a user from a group

type GroupMemberFilter 

type GroupMemberFilter struct {
	GroupInternalUUID uuid.UUID
	Limit             int
	Offset            int
}

GroupMemberFilter defines filtering and pagination for group membership queries

type GroupMemberListResponse 

type GroupMemberListResponse struct {
	// Limit Maximum number of results per page
	Limit   int           `json:"limit"`
	Members []GroupMember `json:"members"`

	// Offset Number of results skipped
	Offset int `json:"offset"`

	// Total Total number of members in the group
	Total int `json:"total"`
}

GroupMemberListResponse defines model for GroupMemberListResponse.

type GroupNameQueryParam 

type GroupNameQueryParam = string

GroupNameQueryParam defines model for GroupNameQueryParam.

type GroupStore 

type GroupStore interface {
	// List returns groups with optional filtering and pagination
	List(ctx context.Context, filter GroupFilter) ([]Group, error)

	// Get retrieves a group by internal UUID
	Get(ctx context.Context, internalUUID uuid.UUID) (*Group, error)

	// GetByProviderAndName retrieves a group by provider and group_name
	GetByProviderAndName(ctx context.Context, provider string, groupName string) (*Group, error)

	// Create creates a new group (primarily for provider-independent groups)
	Create(ctx context.Context, group Group) error

	// Update updates group metadata (name, description)
	Update(ctx context.Context, group Group) error

	// Delete deletes a TMI-managed group by group_name (provider is always "*")
	// Returns deletion statistics
	Delete(ctx context.Context, groupName string) (*GroupDeletionStats, error)

	// Count returns total count of groups matching the filter
	Count(ctx context.Context, filter GroupFilter) (int, error)

	// EnrichGroups adds related data to groups (usage in authorizations/admin grants)
	EnrichGroups(ctx context.Context, groups []Group) ([]Group, error)

	// GetGroupsForProvider returns all groups for a specific provider (for UI autocomplete)
	GetGroupsForProvider(ctx context.Context, provider string) ([]Group, error)
}

GroupStore defines the interface for group storage operations 

var GlobalGroupStore GroupStore

GlobalGroupStore is the global singleton for group storage

type HandleOAuthCallbackParams 

type HandleOAuthCallbackParams struct {
	// Code Authorization code from the OAuth provider
	Code CodeQueryParam `form:"code" json:"code"`

	// State CSRF protection state parameter. Recommended for security. Will be included in the callback response.
	State *StateQueryParam `form:"state,omitempty" json:"state,omitempty"`
}

HandleOAuthCallbackParams defines parameters for HandleOAuthCallback.

type HistoryEntry 

type HistoryEntry struct {
	SequenceNumber uint64
	OperationID    string
	UserID         string
	Timestamp      time.Time
	Operation      CellPatchOperation
	// State before this operation (for undo)
	PreviousState map[string]*DfdDiagram_Cells_Item
}

HistoryEntry represents a single operation in history

type HistoryOperationMessage 

type HistoryOperationMessage struct {
	MessageType   MessageType `json:"message_type"`
	OperationType string      `json:"operation_type"`
	Message       string      `json:"message"`
}

func (HistoryOperationMessage) GetMessageType 

func (m HistoryOperationMessage) GetMessageType() MessageType

func (HistoryOperationMessage) Validate 

func (m HistoryOperationMessage) Validate() error

type IPRateLimiter 

type IPRateLimiter struct {
	// contains filtered or unexported fields
}

IPRateLimiter implements rate limiting based on IP address

func NewIPRateLimiter 

func NewIPRateLimiter(redisClient *redis.Client) *IPRateLimiter

NewIPRateLimiter creates a new IP-based rate limiter

func (*IPRateLimiter) CheckRateLimit 

func (r *IPRateLimiter) CheckRateLimit(ctx context.Context, ipAddress string, limit int, windowSeconds int) (bool, int, error)

CheckRateLimit checks if an IP has exceeded its rate limit Returns allowed (bool), retryAfter (seconds), and error

func (*IPRateLimiter) GetRateLimitInfo 

func (r *IPRateLimiter) GetRateLimitInfo(ctx context.Context, ipAddress string, limit int, windowSeconds int) (remaining int, resetAt int64, err error)

GetRateLimitInfo returns current rate limit status for an IP

type IdPathParam 

type IdPathParam = openapi_types.UUID

IdPathParam defines model for IdPathParam.

type IdpPathParam 

type IdpPathParam = string

IdpPathParam defines model for IdpPathParam.

type IdpQueryParam 

type IdpQueryParam = string

IdpQueryParam defines model for IdpQueryParam.

type InitiateSAMLLoginParams 

type InitiateSAMLLoginParams struct {
	// ClientCallback Client callback URL where TMI should redirect after successful OAuth completion with tokens in URL fragment (#access_token=...). If not provided, tokens are returned as JSON response. Per OAuth 2.0 implicit flow spec, tokens are in fragments to prevent logging.
	ClientCallback *ClientCallbackQueryParam `form:"client_callback,omitempty" json:"client_callback,omitempty"`
}

InitiateSAMLLoginParams defines parameters for InitiateSAMLLogin.

type InternalServerError 

type InternalServerError struct {
	// Error Error message describing what went wrong
	Error string `json:"error"`

	// RequestId Unique request identifier for troubleshooting
	RequestId *string `json:"request_id,omitempty"`
}

InternalServerError defines model for InternalServerError.

type InternalUuidPathParam 

type InternalUuidPathParam = openapi_types.UUID

InternalUuidPathParam defines model for InternalUuidPathParam.

type IntrospectTokenFormdataRequestBody 

type IntrospectTokenFormdataRequestBody = TokenIntrospectionRequest

IntrospectTokenFormdataRequestBody defines body for IntrospectToken for application/x-www-form-urlencoded ContentType.

type InvalidationEvent 

type InvalidationEvent struct {
	EntityType    string
	EntityID      string
	ParentType    string
	ParentID      string
	OperationType string // create, update, delete
	Strategy      InvalidationStrategy
}

InvalidationEvent represents a cache invalidation event

type InvalidationStrategy 

type InvalidationStrategy int

InvalidationStrategy defines different cache invalidation approaches 

const (
	// InvalidateImmediately removes cache entries immediately
	InvalidateImmediately InvalidationStrategy = iota
	// InvalidateAsync removes cache entries asynchronously
	InvalidateAsync
	// InvalidateWithDelay removes cache entries after a short delay
	InvalidateWithDelay
)

type InvocationResponse 

type InvocationResponse struct {
	// AddonId Add-on that was invoked
	AddonId openapi_types.UUID `json:"addon_id"`

	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// Id Invocation identifier
	Id openapi_types.UUID `json:"id"`

	// InvokedBy User who triggered the invocation
	InvokedBy User `json:"invoked_by"`

	// ObjectId Object ID (if specified)
	ObjectId *openapi_types.UUID `json:"object_id,omitempty"`

	// ObjectType Object type (if specified)
	ObjectType *string `json:"object_type,omitempty"`

	// Payload JSON-encoded payload
	Payload *string `json:"payload,omitempty"`

	// Status Current status
	Status InvocationResponseStatus `json:"status"`

	// StatusMessage Optional status description
	StatusMessage *string `json:"status_message,omitempty"`

	// StatusPercent Progress percentage (0-100)
	StatusPercent int `json:"status_percent"`

	// StatusUpdatedAt Last status update timestamp
	StatusUpdatedAt time.Time `json:"status_updated_at"`

	// ThreatModelId Threat model context
	ThreatModelId openapi_types.UUID `json:"threat_model_id"`
}

InvocationResponse defines model for InvocationResponse.

type InvocationResponseStatus 

type InvocationResponseStatus string

InvocationResponseStatus Current status 

const (
	InvocationResponseStatusCompleted  InvocationResponseStatus = "completed"
	InvocationResponseStatusFailed     InvocationResponseStatus = "failed"
	InvocationResponseStatusInProgress InvocationResponseStatus = "in_progress"
	InvocationResponseStatusPending    InvocationResponseStatus = "pending"
)

Defines values for InvocationResponseStatus.

type InvokeAddonJSONRequestBody 

type InvokeAddonJSONRequestBody = InvokeAddonRequest

InvokeAddonJSONRequestBody defines body for InvokeAddon for application/json ContentType.

type InvokeAddonRequest 

type InvokeAddonRequest struct {
	// ObjectId Optional: Specific object ID to operate on
	ObjectId *openapi_types.UUID `json:"object_id,omitempty"`

	// ObjectType Optional: Specific object type to operate on
	ObjectType *InvokeAddonRequestObjectType `json:"object_type,omitempty"`

	// Payload User-provided data for the add-on (max 1KB JSON-serialized)
	Payload *map[string]interface{} `json:"payload,omitempty"`

	// ThreatModelId Threat model context for invocation
	ThreatModelId openapi_types.UUID `json:"threat_model_id"`
}

InvokeAddonRequest defines model for InvokeAddonRequest.

type InvokeAddonRequestObjectType 

type InvokeAddonRequestObjectType string

InvokeAddonRequestObjectType Optional: Specific object type to operate on 

const (
	InvokeAddonRequestObjectTypeAsset       InvokeAddonRequestObjectType = "asset"
	InvokeAddonRequestObjectTypeDiagram     InvokeAddonRequestObjectType = "diagram"
	InvokeAddonRequestObjectTypeDocument    InvokeAddonRequestObjectType = "document"
	InvokeAddonRequestObjectTypeMetadata    InvokeAddonRequestObjectType = "metadata"
	InvokeAddonRequestObjectTypeNote        InvokeAddonRequestObjectType = "note"
	InvokeAddonRequestObjectTypeRepository  InvokeAddonRequestObjectType = "repository"
	InvokeAddonRequestObjectTypeThreat      InvokeAddonRequestObjectType = "threat"
	InvokeAddonRequestObjectTypeThreatModel InvokeAddonRequestObjectType = "threat_model"
)

Defines values for InvokeAddonRequestObjectType.

type InvokeAddonResponse 

type InvokeAddonResponse struct {
	// CreatedAt Invocation creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// InvocationId Invocation identifier for tracking
	InvocationId openapi_types.UUID `json:"invocation_id"`

	// Status Current invocation status
	Status InvokeAddonResponseStatus `json:"status"`
}

InvokeAddonResponse defines model for InvokeAddonResponse.

type InvokeAddonResponseStatus 

type InvokeAddonResponseStatus string

InvokeAddonResponseStatus Current invocation status 

const (
	InvokeAddonResponseStatusCompleted  InvokeAddonResponseStatus = "completed"
	InvokeAddonResponseStatusFailed     InvokeAddonResponseStatus = "failed"
	InvokeAddonResponseStatusInProgress InvokeAddonResponseStatus = "in_progress"
	InvokeAddonResponseStatusPending    InvokeAddonResponseStatus = "pending"
)

Defines values for InvokeAddonResponseStatus.

type IssueUriQueryParam 

type IssueUriQueryParam = string

IssueUriQueryParam defines model for IssueUriQueryParam.

type JsonPatchDocument 

type JsonPatchDocument = []struct {
	// Op Patch operation type
	Op JsonPatchDocumentOp `json:"op"`

	// Path JSON path to target
	Path  string       `json:"path"`
	Value *interface{} `json:"value,omitempty"`
}

JsonPatchDocument JSON Patch document as defined in RFC 6902

type JsonPatchDocumentOp 

type JsonPatchDocumentOp string

JsonPatchDocumentOp Patch operation type 

const (
	Add     JsonPatchDocumentOp = "add"
	Copy    JsonPatchDocumentOp = "copy"
	Move    JsonPatchDocumentOp = "move"
	Remove  JsonPatchDocumentOp = "remove"
	Replace JsonPatchDocumentOp = "replace"
	Test    JsonPatchDocumentOp = "test"
)

Defines values for JsonPatchDocumentOp.

type LastLoginAfterQueryParam 

type LastLoginAfterQueryParam = time.Time

LastLoginAfterQueryParam defines model for LastLoginAfterQueryParam.

type LastLoginBeforeQueryParam 

type LastLoginBeforeQueryParam = time.Time

LastLoginBeforeQueryParam defines model for LastLoginBeforeQueryParam.

type LimitQueryParam 

type LimitQueryParam = int

LimitQueryParam defines model for LimitQueryParam.

type ListAddonInvocationQuotasParams 

type ListAddonInvocationQuotasParams struct {
	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`
}

ListAddonInvocationQuotasParams defines parameters for ListAddonInvocationQuotas.

type ListAddonsParams 

type ListAddonsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// ThreatModelId Filter subscriptions by threat model ID
	ThreatModelId *ThreatModelIdQueryParam `form:"threat_model_id,omitempty" json:"threat_model_id,omitempty"`
}

ListAddonsParams defines parameters for ListAddons.

type ListAddonsResponse 

type ListAddonsResponse struct {
	Addons []AddonResponse `json:"addons"`

	// Limit Pagination limit
	Limit int `json:"limit"`

	// Offset Pagination offset
	Offset int `json:"offset"`

	// Total Total number of add-ons matching criteria
	Total int `json:"total"`
}

ListAddonsResponse defines model for ListAddonsResponse.

type ListAdminGroupsParams 

type ListAdminGroupsParams struct {
	// Provider Filter by OAuth/SAML provider
	Provider *ProviderQueryParam `form:"provider,omitempty" json:"provider,omitempty"`

	// GroupName Filter by group name (case-insensitive substring match)
	GroupName *GroupNameQueryParam `form:"group_name,omitempty" json:"group_name,omitempty"`

	// UsedInAuthorizations Filter groups used (true) or not used (false) in authorizations
	UsedInAuthorizations *UsedInAuthorizationsQueryParam `form:"used_in_authorizations,omitempty" json:"used_in_authorizations,omitempty"`

	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`

	// SortBy Field to sort by
	SortBy *ListAdminGroupsParamsSortBy `form:"sort_by,omitempty" json:"sort_by,omitempty"`

	// SortOrder Sort direction
	SortOrder *ListAdminGroupsParamsSortOrder `form:"sort_order,omitempty" json:"sort_order,omitempty"`
}

ListAdminGroupsParams defines parameters for ListAdminGroups.

type ListAdminGroupsParamsSortBy 

type ListAdminGroupsParamsSortBy string

ListAdminGroupsParamsSortBy defines parameters for ListAdminGroups. 

const (
	ListAdminGroupsParamsSortByCreatedAt ListAdminGroupsParamsSortBy = "created_at"
	ListAdminGroupsParamsSortByEmail     ListAdminGroupsParamsSortBy = "email"
	ListAdminGroupsParamsSortByLastLogin ListAdminGroupsParamsSortBy = "last_login"
)

Defines values for ListAdminGroupsParamsSortBy.

type ListAdminGroupsParamsSortOrder 

type ListAdminGroupsParamsSortOrder string

ListAdminGroupsParamsSortOrder defines parameters for ListAdminGroups. 

const (
	ListAdminGroupsParamsSortOrderAsc  ListAdminGroupsParamsSortOrder = "asc"
	ListAdminGroupsParamsSortOrderDesc ListAdminGroupsParamsSortOrder = "desc"
)

Defines values for ListAdminGroupsParamsSortOrder.

type ListAdminUsersParams 

type ListAdminUsersParams struct {
	// Provider Filter by OAuth/SAML provider
	Provider *ProviderQueryParam `form:"provider,omitempty" json:"provider,omitempty"`

	// Email Filter by email (case-insensitive substring match)
	Email *EmailQueryParam `form:"email,omitempty" json:"email,omitempty"`

	// CreatedAfter Filter users created after this timestamp (RFC3339)
	CreatedAfter *CreatedAfterQueryParam `form:"created_after,omitempty" json:"created_after,omitempty"`

	// CreatedBefore Filter users created before this timestamp (RFC3339)
	CreatedBefore *CreatedBeforeQueryParam `form:"created_before,omitempty" json:"created_before,omitempty"`

	// LastLoginAfter Filter users who logged in after this timestamp (RFC3339)
	LastLoginAfter *LastLoginAfterQueryParam `form:"last_login_after,omitempty" json:"last_login_after,omitempty"`

	// LastLoginBefore Filter users who logged in before this timestamp (RFC3339)
	LastLoginBefore *LastLoginBeforeQueryParam `form:"last_login_before,omitempty" json:"last_login_before,omitempty"`

	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`

	// SortBy Field to sort by
	SortBy *ListAdminUsersParamsSortBy `form:"sort_by,omitempty" json:"sort_by,omitempty"`

	// SortOrder Sort direction
	SortOrder *ListAdminUsersParamsSortOrder `form:"sort_order,omitempty" json:"sort_order,omitempty"`
}

ListAdminUsersParams defines parameters for ListAdminUsers.

type ListAdminUsersParamsSortBy 

type ListAdminUsersParamsSortBy string

ListAdminUsersParamsSortBy defines parameters for ListAdminUsers. 

const (
	CreatedAt ListAdminUsersParamsSortBy = "created_at"
	Email     ListAdminUsersParamsSortBy = "email"
	LastLogin ListAdminUsersParamsSortBy = "last_login"
)

Defines values for ListAdminUsersParamsSortBy.

type ListAdminUsersParamsSortOrder 

type ListAdminUsersParamsSortOrder string

ListAdminUsersParamsSortOrder defines parameters for ListAdminUsers. 

const (
	Asc  ListAdminUsersParamsSortOrder = "asc"
	Desc ListAdminUsersParamsSortOrder = "desc"
)

Defines values for ListAdminUsersParamsSortOrder.

type ListAdministratorsParams 

type ListAdministratorsParams struct {
	// Provider Filter by OAuth/SAML provider
	Provider *ProviderQueryParam `form:"provider,omitempty" json:"provider,omitempty"`

	// UserId Filter by user ID
	UserId *UserIdQueryParam `form:"user_id,omitempty" json:"user_id,omitempty"`

	// GroupId Filter by group ID
	GroupId *GroupIdQueryParam `form:"group_id,omitempty" json:"group_id,omitempty"`

	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`
}

ListAdministratorsParams defines parameters for ListAdministrators.

type ListAdministratorsResponse 

type ListAdministratorsResponse struct {
	// Administrators List of administrator grants
	Administrators []Administrator `json:"administrators"`

	// Total Total number of grants matching filter
	Total int `json:"total"`
}

ListAdministratorsResponse defines model for ListAdministratorsResponse.

type ListGroupMembersParams 

type ListGroupMembersParams struct {
	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`
}

ListGroupMembersParams defines parameters for ListGroupMembers.

type ListInvocationsParams 

type ListInvocationsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// Status Filter by status value (exact match). To filter by multiple statuses, use multiple status parameters or comma-separated values.
	Status *StatusQueryParam `form:"status,omitempty" json:"status,omitempty"`

	// AddonId Filter by add-on
	AddonId *AddonIdQueryParam `form:"addon_id,omitempty" json:"addon_id,omitempty"`
}

ListInvocationsParams defines parameters for ListInvocations.

type ListInvocationsResponse 

type ListInvocationsResponse struct {
	Invocations []InvocationResponse `json:"invocations"`

	// Limit Pagination limit
	Limit int `json:"limit"`

	// Offset Pagination offset
	Offset int `json:"offset"`

	// Total Total number of invocations
	Total int `json:"total"`
}

ListInvocationsResponse defines model for ListInvocationsResponse.

type ListThreatModelsParams 

type ListThreatModelsParams struct {
	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// Owner Filter by owner name or email
	Owner *OwnerQueryParam `form:"owner,omitempty" json:"owner,omitempty"`

	// Name Filter by threat model name (partial match)
	Name *NameQueryParam `form:"name,omitempty" json:"name,omitempty"`

	// Description Filter by threat model description (partial match)
	Description *DescriptionQueryParam `form:"description,omitempty" json:"description,omitempty"`

	// IssueUri Filter by issue URI (partial match)
	IssueUri *IssueUriQueryParam `form:"issue_uri,omitempty" json:"issue_uri,omitempty"`

	// CreatedAfter Filter results created after this timestamp (ISO 8601)
	CreatedAfter *CreatedAfter `form:"created_after,omitempty" json:"created_after,omitempty"`

	// CreatedBefore Filter results created before this timestamp (ISO 8601)
	CreatedBefore *CreatedBefore `form:"created_before,omitempty" json:"created_before,omitempty"`

	// ModifiedAfter Filter results modified after this timestamp (ISO 8601)
	ModifiedAfter *ModifiedAfter `form:"modified_after,omitempty" json:"modified_after,omitempty"`

	// ModifiedBefore Filter results modified before this timestamp (ISO 8601)
	ModifiedBefore *ModifiedBefore `form:"modified_before,omitempty" json:"modified_before,omitempty"`

	// Status Filter by status value (exact match). To filter by multiple statuses, use multiple status parameters or comma-separated values.
	Status *StatusQueryParam `form:"status,omitempty" json:"status,omitempty"`

	// StatusUpdatedAfter Filter threat models where status was updated after this timestamp (RFC3339)
	StatusUpdatedAfter *StatusUpdatedAfterQueryParam `form:"status_updated_after,omitempty" json:"status_updated_after,omitempty"`

	// StatusUpdatedBefore Filter threat models where status was updated before this timestamp (RFC3339)
	StatusUpdatedBefore *StatusUpdatedBeforeQueryParam `form:"status_updated_before,omitempty" json:"status_updated_before,omitempty"`
}

ListThreatModelsParams defines parameters for ListThreatModels.

type ListUserAPIQuotasParams 

type ListUserAPIQuotasParams struct {
	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`
}

ListUserAPIQuotasParams defines parameters for ListUserAPIQuotas.

type ListWebhookDeliveriesParams 

type ListWebhookDeliveriesParams struct {
	// SubscriptionId Filter by subscription ID
	SubscriptionId *SubscriptionIdQueryParam `form:"subscription_id,omitempty" json:"subscription_id,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`
}

ListWebhookDeliveriesParams defines parameters for ListWebhookDeliveries.

type ListWebhookQuotasParams 

type ListWebhookQuotasParams struct {
	// Limit Maximum number of results to return
	Limit *LimitQueryParam `form:"limit,omitempty" json:"limit,omitempty"`

	// Offset Number of results to skip
	Offset *OffsetQueryParam `form:"offset,omitempty" json:"offset,omitempty"`
}

ListWebhookQuotasParams defines parameters for ListWebhookQuotas.

type ListWebhookSubscriptionsParams 

type ListWebhookSubscriptionsParams struct {
	// ThreatModelId Filter subscriptions by threat model ID
	ThreatModelId *ThreatModelIdQueryParam `form:"threat_model_id,omitempty" json:"threat_model_id,omitempty"`

	// Offset Number of results to skip
	Offset *PaginationOffset `form:"offset,omitempty" json:"offset,omitempty"`

	// Limit Maximum number of results to return
	Limit *PaginationLimit `form:"limit,omitempty" json:"limit,omitempty"`
}

ListWebhookSubscriptionsParams defines parameters for ListWebhookSubscriptions.

type LogLevel 

type LogLevel int

LogLevel represents logging verbosity 

const (
	// LogLevelDebug includes detailed debug information
	LogLevelDebug LogLevel = iota
	// LogLevelInfo includes general request information
	LogLevelInfo
	// LogLevelWarn includes warnings and errors only
	LogLevelWarn
	// LogLevelError includes only errors
	LogLevelError
)

func ParseLogLevel 

func ParseLogLevel(level string) LogLevel

ParseLogLevel converts a string log level to LogLevel

type LoginHintQueryParam 

type LoginHintQueryParam = string

LoginHintQueryParam defines model for LoginHintQueryParam.

type LogoutUserJSONBody 

type LogoutUserJSONBody = map[string]interface{}

LogoutUserJSONBody defines parameters for LogoutUser.

type LogoutUserJSONRequestBody 

type LogoutUserJSONRequestBody = LogoutUserJSONBody

LogoutUserJSONRequestBody defines body for LogoutUser for application/json ContentType.

type MarkupElement 

type MarkupElement struct {
	// Attrs Element attributes and styling properties
	Attrs *map[string]interface{} `json:"attrs,omitempty"`

	// Children Nested child elements
	Children *[]MarkupElement `json:"children,omitempty"`

	// Selector CSS selector for targeting this element in styling
	Selector *string `json:"selector,omitempty"`

	// TagName SVG or HTML tag name (e.g., 'rect', 'circle', 'path', 'text')
	TagName string `json:"tagName"`
}

MarkupElement SVG/HTML markup element for custom shape definitions in X6

type MessageHandler 

type MessageHandler interface {
	HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error
	MessageType() string
}

MessageHandler defines the interface for handling WebSocket messages

type MessageRouter 

type MessageRouter struct {
	// contains filtered or unexported fields
}

MessageRouter handles routing of WebSocket messages to appropriate handlers

func NewMessageRouter 

func NewMessageRouter() *MessageRouter

NewMessageRouter creates a new message router with default handlers

func (*MessageRouter) RegisterHandler 

func (r *MessageRouter) RegisterHandler(handler MessageHandler)

RegisterHandler registers a message handler for a specific message type

func (*MessageRouter) RouteMessage 

func (r *MessageRouter) RouteMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

RouteMessage routes a message to the appropriate handler

type MessageType 

type MessageType string

MessageType represents the type of WebSocket message 

const (
	// Collaborative editing message types
	MessageTypeDiagramOperation       MessageType = "diagram_operation"
	MessageTypePresenterRequest       MessageType = "presenter_request"
	MessageTypePresenterDeniedRequest MessageType = "presenter_denied_request"
	MessageTypePresenterDeniedEvent   MessageType = "presenter_denied_event"
	MessageTypeChangePresenter        MessageType = "change_presenter"
	MessageTypeRemoveParticipant      MessageType = "remove_participant"
	MessageTypePresenterCursor        MessageType = "presenter_cursor"
	MessageTypePresenterSelection     MessageType = "presenter_selection"
	MessageTypeAuthorizationDenied    MessageType = "authorization_denied"
	MessageTypeHistoryOperation       MessageType = "history_operation"
	MessageTypeUndoRequest            MessageType = "undo_request"
	MessageTypeRedoRequest            MessageType = "redo_request"

	// Sync message types (new protocol)
	MessageTypeSyncStatusRequest  MessageType = "sync_status_request"
	MessageTypeSyncStatusResponse MessageType = "sync_status_response"
	MessageTypeSyncRequest        MessageType = "sync_request"
	MessageTypeDiagramState       MessageType = "diagram_state"

	// Request/Event pattern message types (Client→Server requests, Server→Client events)
	MessageTypeDiagramOperationRequest  MessageType = "diagram_operation_request"
	MessageTypeDiagramOperationEvent    MessageType = "diagram_operation_event"
	MessageTypePresenterRequestEvent    MessageType = "presenter_request_event"
	MessageTypeChangePresenterRequest   MessageType = "change_presenter_request"
	MessageTypeRemoveParticipantRequest MessageType = "remove_participant_request"

	// Session management message types
	MessageTypeParticipantsUpdate MessageType = "participants_update"
	MessageTypeError              MessageType = "error"
	MessageTypeOperationRejected  MessageType = "operation_rejected"
)

type Metadata 

type Metadata struct {
	// Key Metadata key
	Key string `binding:"required" json:"key"`

	// Value Metadata value
	Value string `binding:"required" json:"value"`
}

Metadata A key-value pair for extensible metadata

type MetadataItem 

type MetadataItem struct {
	Key   string `json:"key" binding:"required"`
	Value string `json:"value" binding:"required"`
}

MetadataItem represents a metadata key-value pair

type MetadataKey 

type MetadataKey = string

MetadataKey defines model for MetadataKey.

type MetadataStore 

type MetadataStore interface {
	// CRUD operations
	Create(ctx context.Context, entityType, entityID string, metadata *Metadata) error
	Get(ctx context.Context, entityType, entityID, key string) (*Metadata, error)
	Update(ctx context.Context, entityType, entityID string, metadata *Metadata) error
	Delete(ctx context.Context, entityType, entityID, key string) error

	// Collection operations
	List(ctx context.Context, entityType, entityID string) ([]Metadata, error)

	// POST operations - adding metadata without specifying key upfront
	Post(ctx context.Context, entityType, entityID string, metadata *Metadata) error

	// Bulk operations
	BulkCreate(ctx context.Context, entityType, entityID string, metadata []Metadata) error
	BulkUpdate(ctx context.Context, entityType, entityID string, metadata []Metadata) error
	BulkDelete(ctx context.Context, entityType, entityID string, keys []string) error

	// Key-based operations
	GetByKey(ctx context.Context, key string) ([]Metadata, error)
	ListKeys(ctx context.Context, entityType, entityID string) ([]string, error)

	// Cache management
	InvalidateCache(ctx context.Context, entityType, entityID string) error
	WarmCache(ctx context.Context, entityType, entityID string) error
}

MetadataStore defines the interface for metadata operations with caching support Metadata supports POST operations and key-based access per the implementation plan 

var GlobalMetadataStore MetadataStore

type MethodNotAllowed 

type MethodNotAllowed = Error

MethodNotAllowed Standard error response format

type MiddlewareFunc 

type MiddlewareFunc func(c *gin.Context)

type MinimalCell 

type MinimalCell struct {
	// contains filtered or unexported fields
}

MinimalCell defines model for MinimalCell.

func (MinimalCell) AsMinimalEdge 

func (t MinimalCell) AsMinimalEdge() (MinimalEdge, error)

AsMinimalEdge returns the union data inside the MinimalCell as a MinimalEdge

func (MinimalCell) AsMinimalNode 

func (t MinimalCell) AsMinimalNode() (MinimalNode, error)

AsMinimalNode returns the union data inside the MinimalCell as a MinimalNode

func (MinimalCell) Discriminator 

func (t MinimalCell) Discriminator() (string, error)

func (*MinimalCell) FromMinimalEdge 

func (t *MinimalCell) FromMinimalEdge(v MinimalEdge) error

FromMinimalEdge overwrites any union data inside the MinimalCell as the provided MinimalEdge

func (*MinimalCell) FromMinimalNode 

func (t *MinimalCell) FromMinimalNode(v MinimalNode) error

FromMinimalNode overwrites any union data inside the MinimalCell as the provided MinimalNode

func (MinimalCell) MarshalJSON 

func (t MinimalCell) MarshalJSON() ([]byte, error)

func (*MinimalCell) MergeMinimalEdge 

func (t *MinimalCell) MergeMinimalEdge(v MinimalEdge) error

MergeMinimalEdge performs a merge with any union data inside the MinimalCell, using the provided MinimalEdge

func (*MinimalCell) MergeMinimalNode 

func (t *MinimalCell) MergeMinimalNode(v MinimalNode) error

MergeMinimalNode performs a merge with any union data inside the MinimalCell, using the provided MinimalNode

func (*MinimalCell) UnmarshalJSON 

func (t *MinimalCell) UnmarshalJSON(b []byte) error

func (MinimalCell) ValueByDiscriminator 

func (t MinimalCell) ValueByDiscriminator() (interface{}, error)

type MinimalDiagramModel 

type MinimalDiagramModel struct {
	// Cells Minimal cell data (nodes and edges) without visual styling
	Cells []MinimalCell `json:"cells"`

	// Description Threat model description
	Description string `json:"description"`

	// Id Threat model unique identifier
	Id openapi_types.UUID `json:"id"`

	// Metadata Flattened metadata from threat model (converted from array format to key-value pairs)
	Metadata map[string]string `json:"metadata"`

	// Name Threat model name
	Name string `json:"name"`
}

MinimalDiagramModel Minimal diagram representation optimized for automated threat modeling, containing threat model context and simplified cell data without visual styling

type MinimalEdge 

type MinimalEdge struct {
	// DataAssetId Optional reference to a data asset entity
	DataAssetId *openapi_types.UUID `json:"dataAssetId"`

	// Id Cell unique identifier
	Id openapi_types.UUID `json:"id"`

	// Labels Text labels extracted from edge labels array
	Labels []string `json:"labels"`

	// Metadata Flattened edge metadata (converted from _metadata array in edge.data)
	Metadata map[string]string `json:"metadata"`

	// Shape Edge shape type
	Shape MinimalEdgeShape `json:"shape"`

	// Source Source node connection details
	Source EdgeTerminal `json:"source"`

	// Target Target node connection details
	Target EdgeTerminal `json:"target"`
}

MinimalEdge Minimal edge representation without visual styling or routing information

type MinimalEdgeShape 

type MinimalEdgeShape string

MinimalEdgeShape Edge shape type 

const (
	MinimalEdgeShapeEdge MinimalEdgeShape = "edge"
)

Defines values for MinimalEdgeShape.

type MinimalNode 

type MinimalNode struct {
	// Children Child cell IDs (computed bidirectional relationship including reverse parent references)
	Children []openapi_types.UUID `json:"children"`

	// DataAssetId Optional reference to a data asset entity
	DataAssetId *openapi_types.UUID `json:"dataAssetId"`

	// Id Cell unique identifier
	Id openapi_types.UUID `json:"id"`

	// Labels Text labels extracted from node attrs and embedded text-box children
	Labels []string `json:"labels"`

	// Metadata Flattened cell metadata (converted from _metadata array in cell.data)
	Metadata map[string]string `json:"metadata"`

	// Parent Parent cell ID for nested nodes (null for top-level nodes)
	Parent *openapi_types.UUID `json:"parent"`

	// Shape Node shape type determining its semantic role in the diagram
	Shape MinimalNodeShape `json:"shape"`
}

MinimalNode Minimal node representation without visual styling or layout information

type MinimalNodeShape 

type MinimalNodeShape string

MinimalNodeShape Node shape type determining its semantic role in the diagram 

const (
	MinimalNodeShapeActor            MinimalNodeShape = "actor"
	MinimalNodeShapeProcess          MinimalNodeShape = "process"
	MinimalNodeShapeSecurityBoundary MinimalNodeShape = "security-boundary"
	MinimalNodeShapeStore            MinimalNodeShape = "store"
	MinimalNodeShapeTextBox          MinimalNodeShape = "text-box"
)

Defines values for MinimalNodeShape.

type MockDiagramStore 

type MockDiagramStore struct {
	// contains filtered or unexported fields
}

func (*MockDiagramStore) Count 

func (m *MockDiagramStore) Count() int

func (*MockDiagramStore) Create 

func (m *MockDiagramStore) Create(item DfdDiagram, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)

func (*MockDiagramStore) CreateWithThreatModel 

func (m *MockDiagramStore) CreateWithThreatModel(item DfdDiagram, threatModelID string, idSetter func(DfdDiagram, string) DfdDiagram) (DfdDiagram, error)

func (*MockDiagramStore) Delete 

func (m *MockDiagramStore) Delete(id string) error

func (*MockDiagramStore) Get 

func (m *MockDiagramStore) Get(id string) (DfdDiagram, error)

func (*MockDiagramStore) List 

func (m *MockDiagramStore) List(offset, limit int, filter func(DfdDiagram) bool) []DfdDiagram

func (*MockDiagramStore) Update 

func (m *MockDiagramStore) Update(id string, item DfdDiagram) error

type MockThreatModelStore 

type MockThreatModelStore struct {
	// contains filtered or unexported fields
}

Simple mock stores for unit tests

func (*MockThreatModelStore) Count 

func (m *MockThreatModelStore) Count() int

func (*MockThreatModelStore) Create 

func (m *MockThreatModelStore) Create(item ThreatModel, idSetter func(ThreatModel, string) ThreatModel) (ThreatModel, error)

func (*MockThreatModelStore) Delete 

func (m *MockThreatModelStore) Delete(id string) error

func (*MockThreatModelStore) Get 

func (m *MockThreatModelStore) Get(id string) (ThreatModel, error)

func (*MockThreatModelStore) List 

func (m *MockThreatModelStore) List(offset, limit int, filter func(ThreatModel) bool) []ThreatModel

func (*MockThreatModelStore) ListWithCounts 

func (m *MockThreatModelStore) ListWithCounts(offset, limit int, filter func(ThreatModel) bool) []ThreatModelWithCounts

func (*MockThreatModelStore) Update 

func (m *MockThreatModelStore) Update(id string, item ThreatModel) error

type ModifiedAfter 

type ModifiedAfter = time.Time

ModifiedAfter defines model for ModifiedAfter.

type ModifiedBefore 

type ModifiedBefore = time.Time

ModifiedBefore defines model for ModifiedBefore.

type NameQueryParam 

type NameQueryParam = string

NameQueryParam defines model for NameQueryParam.

type Node 

type Node struct {
	// Angle Rotation angle in degrees
	Angle *float32 `json:"angle,omitempty"`

	// Attrs Visual styling attributes for the node
	Attrs *NodeAttrs `json:"attrs,omitempty"`

	// Data Flexible data storage compatible with X6, with reserved metadata namespace
	Data *Node_Data `json:"data,omitempty"`

	// Height Height in pixels (flat format)
	Height *float32 `json:"height,omitempty"`

	// Id Unique identifier of the cell (UUID)
	Id openapi_types.UUID `json:"id"`

	// Markup SVG/HTML markup definition for custom shape rendering in X6
	Markup *[]MarkupElement `json:"markup,omitempty"`

	// Parent ID of the parent cell for nested/grouped nodes (UUID)
	Parent *openapi_types.UUID `json:"parent"`

	// Ports Port configuration for connections
	Ports *PortConfiguration `json:"ports,omitempty"`

	// Position Node position in X6 nested format. Use either this with size object OR use flat x/y/width/height properties.
	Position *struct {
		// X X coordinate
		X float32 `json:"x"`

		// Y Y coordinate
		Y float32 `json:"y"`
	} `json:"position,omitempty"`

	// Shape Node type determining its visual representation and behavior
	Shape NodeShape `json:"shape"`

	// Size Node size in X6 nested format. Use either this with position object OR use flat x/y/width/height properties.
	Size *struct {
		// Height Height in pixels
		Height float32 `json:"height"`

		// Width Width in pixels
		Width float32 `json:"width"`
	} `json:"size,omitempty"`

	// Visible Whether the cell is visible in the diagram
	Visible *bool `json:"visible,omitempty"`

	// Width Width in pixels (flat format)
	Width *float32 `json:"width,omitempty"`

	// X X coordinate (flat format). Use either this with y, width, height OR use position/size objects.
	X *float32 `json:"x,omitempty"`

	// Y Y coordinate (flat format)
	Y *float32 `json:"y,omitempty"`

	// ZIndex Z-order layer for rendering (higher values render on top)
	ZIndex *float32 `json:"zIndex,omitempty"`
}

Node defines model for Node.

func (Node) MarshalJSON 

func (n Node) MarshalJSON() ([]byte, error)

MarshalJSON implements custom marshaling for Node to always output flat format (x, y, width, height) as per AntV/X6 Format 2.

func (*Node) UnmarshalJSON 

func (n *Node) UnmarshalJSON(data []byte) error

UnmarshalJSON implements custom unmarshaling for Node to support both nested format (position/size objects) and flat format (x/y/width/height). This allows the API to accept both AntV/X6 formats.

type NodeAttrs 

type NodeAttrs struct {
	// Body Body/shape styling attributes
	Body *struct {
		// Fill Fill color
		Fill *string `json:"fill,omitempty"`

		// Stroke Stroke color
		Stroke *string `json:"stroke,omitempty"`

		// StrokeDasharray Dash pattern for strokes
		StrokeDasharray *string `json:"strokeDasharray"`

		// StrokeWidth Stroke width in pixels
		StrokeWidth *float32 `json:"strokeWidth,omitempty"`
	} `json:"body,omitempty"`

	// Text Text/label styling attributes
	Text *struct {
		// Fill Text color
		Fill *string `json:"fill,omitempty"`

		// FontFamily Font family
		FontFamily *string `json:"fontFamily,omitempty"`

		// FontSize Font size in pixels
		FontSize *float32 `json:"fontSize,omitempty"`

		// Text Label text content
		Text *string `json:"text,omitempty"`
	} `json:"text,omitempty"`
}

NodeAttrs Visual attributes for a node

type NodeShape 

type NodeShape string

NodeShape Node type determining its visual representation and behavior 

const (
	NodeShapeActor            NodeShape = "actor"
	NodeShapeProcess          NodeShape = "process"
	NodeShapeSecurityBoundary NodeShape = "security-boundary"
	NodeShapeStore            NodeShape = "store"
	NodeShapeTextBox          NodeShape = "text-box"
)

Defines values for NodeShape.

type Node_Data 

type Node_Data struct {
	// Metadata Reserved namespace for structured business metadata
	Metadata             *[]Metadata            `json:"_metadata,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

Node_Data Flexible data storage compatible with X6, with reserved metadata namespace

func (Node_Data) Get 

func (a Node_Data) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for Node_Data. Returns the specified element and whether it was found

func (Node_Data) MarshalJSON 

func (a Node_Data) MarshalJSON() ([]byte, error)

Override default JSON handling for Node_Data to handle AdditionalProperties

func (*Node_Data) Set 

func (a *Node_Data) Set(fieldName string, value interface{})

Setter for additional properties for Node_Data

func (*Node_Data) UnmarshalJSON 

func (a *Node_Data) UnmarshalJSON(b []byte) error

Override default JSON handling for Node_Data to handle AdditionalProperties

type NotAcceptable 

type NotAcceptable = Error

NotAcceptable Standard error response format

type Note 

type Note struct {
	// Content Note content in markdown format
	Content string `binding:"required" json:"content"`

	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Description of note purpose or context
	Description *string `json:"description"`

	// Id Unique identifier for the note
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Optional metadata key-value pairs
	Metadata *[]Metadata `json:"metadata,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Note name
	Name string `binding:"required" json:"name"`
}

Note defines model for Note.

type NoteBase 

type NoteBase struct {
	// Content Note content in markdown format
	Content string `binding:"required" json:"content"`

	// Description Description of note purpose or context
	Description *string `json:"description"`

	// Name Note name
	Name string `binding:"required" json:"name"`
}

NoteBase Base fields for Note (user-writable only)

type NoteId 

type NoteId = openapi_types.UUID

NoteId defines model for NoteId.

type NoteInput 

type NoteInput = NoteBase

NoteInput Base fields for Note (user-writable only)

type NoteListItem 

type NoteListItem struct {
	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Description of note purpose or context
	Description *string `json:"description"`

	// Id Unique identifier for the note
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Key-value pairs for additional note metadata
	Metadata *[]Metadata `json:"metadata"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Note name
	Name string `binding:"required" json:"name"`
}

NoteListItem Summary information for Note in list responses

type NoteMetadataHandler 

type NoteMetadataHandler struct {
	// contains filtered or unexported fields
}

NoteMetadataHandler provides handlers for note metadata operations

func NewNoteMetadataHandler 

func NewNoteMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *NoteMetadataHandler

NewNoteMetadataHandler creates a new note metadata handler

func (*NoteMetadataHandler) BulkCreateNoteMetadata 

func (h *NoteMetadataHandler) BulkCreateNoteMetadata(c *gin.Context)

BulkCreateNoteMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/notes/{note_id}/metadata/bulk

func (*NoteMetadataHandler) BulkUpdateNoteMetadata 

func (h *NoteMetadataHandler) BulkUpdateNoteMetadata(c *gin.Context)

BulkUpdateNoteMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/notes/{note_id}/metadata/bulk

func (*NoteMetadataHandler) CreateNoteMetadata 

func (h *NoteMetadataHandler) CreateNoteMetadata(c *gin.Context)

CreateNoteMetadata creates a new metadata entry for a note POST /threat_models/{threat_model_id}/notes/{note_id}/metadata

func (*NoteMetadataHandler) DeleteNoteMetadata 

func (h *NoteMetadataHandler) DeleteNoteMetadata(c *gin.Context)

DeleteNoteMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key}

func (*NoteMetadataHandler) GetNoteMetadata 

func (h *NoteMetadataHandler) GetNoteMetadata(c *gin.Context)

GetNoteMetadata retrieves all metadata for a note GET /threat_models/{threat_model_id}/notes/{note_id}/metadata

func (*NoteMetadataHandler) GetNoteMetadataByKey 

func (h *NoteMetadataHandler) GetNoteMetadataByKey(c *gin.Context)

GetNoteMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key}

func (*NoteMetadataHandler) UpdateNoteMetadata 

func (h *NoteMetadataHandler) UpdateNoteMetadata(c *gin.Context)

UpdateNoteMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key}

type NoteStore 

type NoteStore interface {
	// CRUD operations
	Create(ctx context.Context, note *Note, threatModelID string) error
	Get(ctx context.Context, id string) (*Note, error)
	Update(ctx context.Context, note *Note, threatModelID string) error
	Delete(ctx context.Context, id string) error
	Patch(ctx context.Context, id string, operations []PatchOperation) (*Note, error)

	// List operations with pagination
	List(ctx context.Context, threatModelID string, offset, limit int) ([]Note, error)

	// Cache management
	InvalidateCache(ctx context.Context, id string) error
	WarmCache(ctx context.Context, threatModelID string) error
}

NoteStore defines the interface for note operations with caching support 

var GlobalNoteStore NoteStore

type NoteSubResourceHandler 

type NoteSubResourceHandler struct {
	// contains filtered or unexported fields
}

NoteSubResourceHandler provides handlers for note sub-resource operations

func NewNoteSubResourceHandler 

func NewNoteSubResourceHandler(noteStore NoteStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *NoteSubResourceHandler

NewNoteSubResourceHandler creates a new note sub-resource handler

func (*NoteSubResourceHandler) CreateNote 

func (h *NoteSubResourceHandler) CreateNote(c *gin.Context)

CreateNote creates a new note in a threat model POST /threat_models/{threat_model_id}/notes

func (*NoteSubResourceHandler) DeleteNote 

func (h *NoteSubResourceHandler) DeleteNote(c *gin.Context)

DeleteNote deletes a note DELETE /threat_models/{threat_model_id}/notes/{note_id}

func (*NoteSubResourceHandler) GetNote 

func (h *NoteSubResourceHandler) GetNote(c *gin.Context)

GetNote retrieves a specific note by ID GET /threat_models/{threat_model_id}/notes/{note_id}

func (*NoteSubResourceHandler) GetNotes 

func (h *NoteSubResourceHandler) GetNotes(c *gin.Context)

GetNotes retrieves all notes for a threat model with pagination GET /threat_models/{threat_model_id}/notes

func (*NoteSubResourceHandler) PatchNote 

func (h *NoteSubResourceHandler) PatchNote(c *gin.Context)

PatchNote applies JSON patch operations to a note PATCH /threat_models/{threat_model_id}/notes/{note_id}

func (*NoteSubResourceHandler) UpdateNote 

func (h *NoteSubResourceHandler) UpdateNote(c *gin.Context)

UpdateNote updates an existing note PUT /threat_models/{threat_model_id}/notes/{note_id}

type NotificationClient 

type NotificationClient struct {
	// Unique identifier for the client
	ID string

	// User information
	UserID    string
	UserEmail string
	UserName  string

	// WebSocket connection
	Conn *websocket.Conn

	// Send channel for messages
	Send chan []byte

	// Subscription preferences
	Subscription *NotificationSubscription

	// Hub reference
	Hub *NotificationHub

	// Connection metadata
	ConnectedAt time.Time
}

NotificationClient represents a client connected to the notification hub

type NotificationHub 

type NotificationHub struct {
	// contains filtered or unexported fields
}

NotificationHub manages all notification WebSocket connections

func GetNotificationHub 

func GetNotificationHub() *NotificationHub

GetNotificationHub returns the global notification hub instance

func NewNotificationHub 

func NewNotificationHub() *NotificationHub

NewNotificationHub creates a new notification hub

func (*NotificationHub) BroadcastCollaborationEvent 

func (h *NotificationHub) BroadcastCollaborationEvent(eventType NotificationMessageType, userID, diagramID, diagramName, tmID, tmName, sessionID string)

BroadcastCollaborationEvent broadcasts a collaboration event to all connected clients

func (*NotificationHub) BroadcastSystemNotification 

func (h *NotificationHub) BroadcastSystemNotification(severity, message string, actionRequired bool, actionURL string)

BroadcastSystemNotification broadcasts a system notification to all connected clients

func (*NotificationHub) BroadcastThreatModelEvent 

func (h *NotificationHub) BroadcastThreatModelEvent(eventType NotificationMessageType, userID string, tmID, tmName, action string)

BroadcastThreatModelEvent broadcasts a threat model event to all connected clients

func (*NotificationHub) GetConnectedUsers 

func (h *NotificationHub) GetConnectedUsers() []string

GetConnectedUsers returns a list of currently connected user IDs

func (*NotificationHub) GetConnectionCount 

func (h *NotificationHub) GetConnectionCount() int

GetConnectionCount returns the total number of active connections

func (*NotificationHub) Run 

func (h *NotificationHub) Run()

Run starts the notification hub

type NotificationMessage 

type NotificationMessage struct {
	MessageType NotificationMessageType `json:"message_type"`
	UserID      string                  `json:"user_id"` // internal_uuid of user who triggered the event
	Timestamp   time.Time               `json:"timestamp"`
	Data        interface{}             `json:"data,omitempty"` // Type-specific data
}

NotificationMessage is the base structure for all notification messages

type NotificationMessageType 

type NotificationMessageType string

NotificationMessageType represents the type of notification message 

const (
	// Threat model related notifications
	NotificationThreatModelCreated NotificationMessageType = "threat_model_created"
	NotificationThreatModelUpdated NotificationMessageType = "threat_model_updated"
	NotificationThreatModelDeleted NotificationMessageType = "threat_model_deleted"
	NotificationThreatModelShared  NotificationMessageType = "threat_model_shared"

	// Diagram collaboration notifications
	NotificationCollaborationStarted NotificationMessageType = "collaboration_started"
	NotificationCollaborationEnded   NotificationMessageType = "collaboration_ended"
	NotificationCollaborationInvite  NotificationMessageType = "collaboration_invite"

	// System notifications
	NotificationSystemAnnouncement NotificationMessageType = "system_announcement"
	NotificationSystemMaintenance  NotificationMessageType = "system_maintenance"
	NotificationSystemUpdate       NotificationMessageType = "system_update"

	// User activity notifications
	NotificationUserJoined NotificationMessageType = "user_joined"
	NotificationUserLeft   NotificationMessageType = "user_left"

	// Keep-alive
	NotificationHeartbeat NotificationMessageType = "heartbeat"
)

type NotificationSubscription 

type NotificationSubscription struct {
	UserID             string                    `json:"user_id"`
	SubscribedTypes    []NotificationMessageType `json:"subscribed_types"`
	ThreatModelFilters []string                  `json:"threat_model_filters,omitempty"` // Specific threat model IDs to filter
	DiagramFilters     []string                  `json:"diagram_filters,omitempty"`      // Specific diagram IDs to filter
}

NotificationSubscription represents a user's notification preferences

type OAuthProtectedResourceMetadata 

type OAuthProtectedResourceMetadata struct {
	// AuthorizationServers List of authorization server issuer identifiers that can issue tokens for this resource
	AuthorizationServers *[]string `json:"authorization_servers,omitempty"`

	// BearerMethodsSupported Supported token presentation methods for bearer tokens
	BearerMethodsSupported *[]OAuthProtectedResourceMetadataBearerMethodsSupported `json:"bearer_methods_supported,omitempty"`

	// JwksUrl URL of the protected resource's JSON Web Key Set
	JwksUrl *string `json:"jwks_url,omitempty"`

	// Resource The protected resource's resource identifier URL
	Resource string `json:"resource"`

	// ResourceDocumentation URL with information for developers on how to use this protected resource
	ResourceDocumentation *string `json:"resource_documentation,omitempty"`

	// ResourceName Human-readable name of the protected resource
	ResourceName *string `json:"resource_name,omitempty"`

	// ScopesSupported JSON array of OAuth scope values supported by this protected resource
	ScopesSupported *[]string `json:"scopes_supported,omitempty"`

	// TlsClientCertificateBoundAccessTokens Whether the protected resource supports TLS client certificate bound access tokens
	TlsClientCertificateBoundAccessTokens *bool `json:"tls_client_certificate_bound_access_tokens,omitempty"`
}

OAuthProtectedResourceMetadata OAuth 2.0 protected resource metadata as defined in RFC 9728

type OAuthProtectedResourceMetadataBearerMethodsSupported 

type OAuthProtectedResourceMetadataBearerMethodsSupported string

OAuthProtectedResourceMetadataBearerMethodsSupported OAuth 2.0 bearer token transmission method (RFC 6750) 

const (
	Body   OAuthProtectedResourceMetadataBearerMethodsSupported = "body"
	Header OAuthProtectedResourceMetadataBearerMethodsSupported = "header"
	Query  OAuthProtectedResourceMetadataBearerMethodsSupported = "query"
)

Defines values for OAuthProtectedResourceMetadataBearerMethodsSupported.

type OffsetQueryParam 

type OffsetQueryParam = int

OffsetQueryParam defines model for OffsetQueryParam.

type OperationHistory 

type OperationHistory struct {
	// Operations by sequence number
	Operations map[uint64]*HistoryEntry
	// Current diagram state snapshot for conflict detection
	CurrentState map[string]*DfdDiagram_Cells_Item
	// Maximum history entries to keep
	MaxEntries int
	// Current position in history for undo/redo (points to last applied operation)
	CurrentPosition uint64
	// contains filtered or unexported fields
}

OperationHistory tracks mutations for conflict resolution and undo/redo

func NewOperationHistory 

func NewOperationHistory() *OperationHistory

NewOperationHistory creates a new operation history

func (*OperationHistory) AddOperation 

func (h *OperationHistory) AddOperation(entry *HistoryEntry)

AddOperation adds a new operation to history and updates current position

func (*OperationHistory) CanRedo 

func (h *OperationHistory) CanRedo() bool

CanRedo returns true if there are operations to redo

func (*OperationHistory) CanUndo 

func (h *OperationHistory) CanUndo() bool

CanUndo returns true if there are operations to undo

func (*OperationHistory) GetRedoOperation 

func (h *OperationHistory) GetRedoOperation() (*HistoryEntry, bool)

GetRedoOperation returns the operation to redo

func (*OperationHistory) GetUndoOperation 

func (h *OperationHistory) GetUndoOperation() (*HistoryEntry, map[string]*DfdDiagram_Cells_Item, bool)

GetUndoOperation returns the operation to undo and the previous state

func (*OperationHistory) MoveToPosition 

func (h *OperationHistory) MoveToPosition(newPosition uint64)

MoveToPosition updates the current position in history (for undo/redo)

type OperationPerformance 

type OperationPerformance struct {
	OperationID      string
	UserID           string
	StartTime        time.Time
	ProcessingTime   time.Duration
	ValidationTime   time.Duration
	BroadcastTime    time.Duration
	TotalTime        time.Duration
	CellCount        int
	StateChanged     bool
	ConflictDetected bool
}

OperationPerformance tracks individual operation performance

type OperationRejectedMessage 

type OperationRejectedMessage struct {
	MessageType    MessageType `json:"message_type"`
	OperationID    string      `json:"operation_id"`
	SequenceNumber *uint64     `json:"sequence_number,omitempty"` // May be assigned before rejection
	UpdateVector   int64       `json:"update_vector"`             // Current server update vector
	Reason         string      `json:"reason"`                    // Structured reason code
	Message        string      `json:"message"`                   // Human-readable description
	Details        *string     `json:"details,omitempty"`         // Optional technical details
	AffectedCells  []string    `json:"affected_cells,omitempty"`  // Cell IDs affected
	RequiresResync bool        `json:"requires_resync"`           // Whether client should resync
	Timestamp      time.Time   `json:"timestamp"`
}

OperationRejectedMessage represents a notification sent exclusively to the operation originator when their diagram operation is rejected

func (OperationRejectedMessage) GetMessageType 

func (m OperationRejectedMessage) GetMessageType() MessageType

func (OperationRejectedMessage) Validate 

func (m OperationRejectedMessage) Validate() error

type OperationValidationResult 

type OperationValidationResult struct {
	Valid            bool
	Reason           string
	CorrectionNeeded bool
	ConflictDetected bool
	StateChanged     bool
	CellsModified    []string
	PreviousState    map[string]*DfdDiagram_Cells_Item
}

OperationValidationResult represents the result of operation validation

func ProcessDiagramCellOperations 

func ProcessDiagramCellOperations(diagramID string, operations CellPatchOperation) (*OperationValidationResult, error)

ProcessDiagramCellOperations provides a shared interface for diagram cell operations This can be used by both REST PATCH handlers and WebSocket operations

type OwnerQueryParam 

type OwnerQueryParam = string

OwnerQueryParam defines model for OwnerQueryParam.

type PaginationLimit 

type PaginationLimit = int

PaginationLimit defines model for PaginationLimit.

type PaginationOffset 

type PaginationOffset = int

PaginationOffset defines model for PaginationOffset.

type Participant 

type Participant struct {
	// LastActivity Last activity timestamp
	LastActivity time.Time `json:"last_activity"`

	// Permissions Access permissions in the collaboration session
	Permissions ParticipantPermissions `json:"permissions"`
	User        User                   `json:"user"`
}

Participant A participant in a collaboration session

type ParticipantPermissions 

type ParticipantPermissions string

ParticipantPermissions Access permissions in the collaboration session 

const (
	ParticipantPermissionsReader ParticipantPermissions = "reader"
	ParticipantPermissionsWriter ParticipantPermissions = "writer"
)

Defines values for ParticipantPermissions.

type ParticipantsUpdateMessage 

type ParticipantsUpdateMessage struct {
	MessageType      MessageType        `json:"message_type"`
	Participants     []AsyncParticipant `json:"participants"`
	Host             User               `json:"host"`
	CurrentPresenter *User              `json:"current_presenter"`
}

ParticipantsUpdateMessage provides complete participant list with roles

func (ParticipantsUpdateMessage) GetMessageType 

func (m ParticipantsUpdateMessage) GetMessageType() MessageType

func (ParticipantsUpdateMessage) Validate 

func (m ParticipantsUpdateMessage) Validate() error

type PatchOperation 

type PatchOperation struct {
	Op    string      `json:"op" binding:"required,oneof=add remove replace move copy test"`
	Path  string      `json:"path" binding:"required"`
	Value interface{} `json:"value,omitempty"`
	From  string      `json:"from,omitempty"`
}

PatchOperation represents a JSON Patch operation

func ParsePatchRequest 

func ParsePatchRequest(c *gin.Context) ([]PatchOperation, error)

ParsePatchRequest parses JSON Patch operations from the request body

type PatchThreatModelApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModel for application/json-patch+json ContentType.

type PatchThreatModelAssetApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelAssetApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelAssetApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelAsset for application/json-patch+json ContentType.

type PatchThreatModelDiagramApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelDiagramApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelDiagramApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelDiagram for application/json-patch+json ContentType.

type PatchThreatModelDocumentApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelDocumentApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelDocumentApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelDocument for application/json-patch+json ContentType.

type PatchThreatModelNoteApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelNoteApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelNoteApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelNote for application/json-patch+json ContentType.

type PatchThreatModelRepositoryApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelRepositoryApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelRepositoryApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelRepository for application/json-patch+json ContentType.

type PatchThreatModelThreatApplicationJSONPatchPlusJSONRequestBody 

type PatchThreatModelThreatApplicationJSONPatchPlusJSONRequestBody = JsonPatchDocument

PatchThreatModelThreatApplicationJSONPatchPlusJSONRequestBody defines body for PatchThreatModelThreat for application/json-patch+json ContentType.

type PerformanceMonitor 

type PerformanceMonitor struct {
	// Session metrics
	SessionMetrics map[string]*SessionPerformanceData

	// Global counters
	TotalOperations       int64
	TotalMessages         int64
	TotalConnections      int64
	TotalDisconnections   int64
	TotalStateCorrections int64

	// Performance tracking
	OperationLatencies  []time.Duration
	MessageSizes        []int
	ConnectionDurations []time.Duration
	// contains filtered or unexported fields
}

PerformanceMonitor tracks collaboration system performance metrics 

var GlobalPerformanceMonitor *PerformanceMonitor

Global performance monitor instance

func NewPerformanceMonitor 

func NewPerformanceMonitor() *PerformanceMonitor

NewPerformanceMonitor creates a new performance monitor

func (*PerformanceMonitor) GetGlobalMetrics 

func (pm *PerformanceMonitor) GetGlobalMetrics() GlobalPerformanceMetrics

GetGlobalMetrics returns global performance statistics

func (*PerformanceMonitor) GetSessionMetrics 

func (pm *PerformanceMonitor) GetSessionMetrics() map[string]*SessionPerformanceData

GetSessionMetrics returns current session performance data

func (*PerformanceMonitor) RecordAuthorizationDenied 

func (pm *PerformanceMonitor) RecordAuthorizationDenied(sessionID, userID, reason string)

RecordAuthorizationDenied records authorization denial events

func (*PerformanceMonitor) RecordConnection 

func (pm *PerformanceMonitor) RecordConnection(sessionID string, connect bool)

RecordConnection records connection events

func (*PerformanceMonitor) RecordMessage 

func (pm *PerformanceMonitor) RecordMessage(sessionID string, messageSize int, processingTime time.Duration)

RecordMessage records metrics for WebSocket message handling

func (*PerformanceMonitor) RecordOperation 

func (pm *PerformanceMonitor) RecordOperation(perf *OperationPerformance)

RecordOperation records performance metrics for a diagram operation

func (*PerformanceMonitor) RecordResyncRequest 

func (pm *PerformanceMonitor) RecordResyncRequest(sessionID, userID string)

RecordResyncRequest records resync request events

func (*PerformanceMonitor) RecordSessionEnd 

func (pm *PerformanceMonitor) RecordSessionEnd(sessionID string)

RecordSessionEnd records the end of a collaboration session

func (*PerformanceMonitor) RecordSessionStart 

func (pm *PerformanceMonitor) RecordSessionStart(sessionID, diagramID string)

RecordSessionStart records the start of a new collaboration session

func (*PerformanceMonitor) RecordStateCorrection 

func (pm *PerformanceMonitor) RecordStateCorrection(sessionID, userID, reason string)

RecordStateCorrection records state correction events

func (*PerformanceMonitor) Shutdown 

func (pm *PerformanceMonitor) Shutdown()

Shutdown gracefully stops the performance monitor

type Point 

type Point struct {
	// X X coordinate
	X float32 `json:"x"`

	// Y Y coordinate
	Y float32 `json:"y"`
}

Point A 2D point with x and y coordinates

type PortConfiguration 

type PortConfiguration struct {
	// Groups Port group definitions
	Groups *map[string]struct {
		// Position Port position on the node
		Position *PortConfigurationGroupsPosition `json:"position,omitempty"`
	} `json:"groups,omitempty"`

	// Items Individual port instances
	Items *[]struct {
		// Group Port group this port belongs to
		Group string `json:"group"`

		// Id Unique port identifier
		Id string `json:"id"`
	} `json:"items,omitempty"`
}

PortConfiguration Port configuration for node connections

type PortConfigurationGroupsPosition 

type PortConfigurationGroupsPosition string

PortConfigurationGroupsPosition Port position on the node 

const (
	PortConfigurationGroupsPositionBottom PortConfigurationGroupsPosition = "bottom"
	PortConfigurationGroupsPositionLeft   PortConfigurationGroupsPosition = "left"
	PortConfigurationGroupsPositionRight  PortConfigurationGroupsPosition = "right"
	PortConfigurationGroupsPositionTop    PortConfigurationGroupsPosition = "top"
)

Defines values for PortConfigurationGroupsPosition.

type PresenterCursorHandler 

type PresenterCursorHandler struct{}

PresenterCursorHandler handles presenter cursor messages

func (*PresenterCursorHandler) HandleMessage 

func (h *PresenterCursorHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*PresenterCursorHandler) MessageType 

func (h *PresenterCursorHandler) MessageType() string

type PresenterCursorMessage 

type PresenterCursorMessage struct {
	MessageType    MessageType    `json:"message_type"`
	CursorPosition CursorPosition `json:"cursor_position"`
}

func (PresenterCursorMessage) GetMessageType 

func (m PresenterCursorMessage) GetMessageType() MessageType

func (PresenterCursorMessage) Validate 

func (m PresenterCursorMessage) Validate() error

type PresenterDeniedEvent 

type PresenterDeniedEvent struct {
	MessageType MessageType `json:"message_type"`
	DeniedUser  User        `json:"denied_user"`
}

PresenterDeniedEvent is sent by server to the denied user

func (PresenterDeniedEvent) GetMessageType 

func (m PresenterDeniedEvent) GetMessageType() MessageType

func (PresenterDeniedEvent) Validate 

func (m PresenterDeniedEvent) Validate() error

type PresenterDeniedRequest 

type PresenterDeniedRequest struct {
	MessageType MessageType `json:"message_type"`
	DeniedUser  User        `json:"denied_user"`
}

PresenterDeniedRequest is sent by host to server to deny a presenter request

func (PresenterDeniedRequest) GetMessageType 

func (m PresenterDeniedRequest) GetMessageType() MessageType

func (PresenterDeniedRequest) Validate 

func (m PresenterDeniedRequest) Validate() error

type PresenterDeniedRequestHandler 

type PresenterDeniedRequestHandler struct{}

PresenterDeniedRequestHandler handles presenter denied request messages from host

func (*PresenterDeniedRequestHandler) HandleMessage 

func (h *PresenterDeniedRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*PresenterDeniedRequestHandler) MessageType 

func (h *PresenterDeniedRequestHandler) MessageType() string

type PresenterRequestEvent 

type PresenterRequestEvent struct {
	MessageType    MessageType `json:"message_type"`
	RequestingUser User        `json:"requesting_user"`
}

PresenterRequestEvent is sent by server to host when a participant requests presenter

func (PresenterRequestEvent) GetMessageType 

func (m PresenterRequestEvent) GetMessageType() MessageType

func (PresenterRequestEvent) Validate 

func (m PresenterRequestEvent) Validate() error

type PresenterRequestHandler 

type PresenterRequestHandler struct{}

PresenterRequestHandler handles presenter request messages

func (*PresenterRequestHandler) HandleMessage 

func (h *PresenterRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*PresenterRequestHandler) MessageType 

func (h *PresenterRequestHandler) MessageType() string

type PresenterRequestMessage 

type PresenterRequestMessage struct {
	MessageType MessageType `json:"message_type"`
}

func (PresenterRequestMessage) GetMessageType 

func (m PresenterRequestMessage) GetMessageType() MessageType

func (PresenterRequestMessage) Validate 

func (m PresenterRequestMessage) Validate() error

type PresenterSelectionHandler 

type PresenterSelectionHandler struct{}

PresenterSelectionHandler handles presenter selection messages

func (*PresenterSelectionHandler) HandleMessage 

func (h *PresenterSelectionHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*PresenterSelectionHandler) MessageType 

func (h *PresenterSelectionHandler) MessageType() string

type PresenterSelectionMessage 

type PresenterSelectionMessage struct {
	MessageType   MessageType `json:"message_type"`
	SelectedCells []string    `json:"selected_cells"`
}

func (PresenterSelectionMessage) GetMessageType 

func (m PresenterSelectionMessage) GetMessageType() MessageType

func (PresenterSelectionMessage) Validate 

func (m PresenterSelectionMessage) Validate() error

type Principal 

type Principal struct {
	// DisplayName Human-readable display name for UI presentation
	DisplayName *string `json:"display_name,omitempty"`

	// Email Email address (required for users, optional for groups)
	Email *openapi_types.Email `json:"email,omitempty"`

	// PrincipalType Type of principal: user (individual) or group
	PrincipalType PrincipalPrincipalType `json:"principal_type"`

	// Provider Identity provider name (e.g., "google", "github", "microsoft", "test"). Use "*" for provider-independent groups.
	Provider string `json:"provider"`

	// ProviderId Provider-assigned identifier. For users: provider_user_id (e.g., email or OAuth sub). For groups: group_name.
	ProviderId string `json:"provider_id"`
}

Principal Base identity representation for users and groups with portable, globally-unique identifiers

type PrincipalPrincipalType 

type PrincipalPrincipalType string

PrincipalPrincipalType Type of principal: user (individual) or group 

const (
	PrincipalPrincipalTypeGroup PrincipalPrincipalType = "group"
	PrincipalPrincipalTypeUser  PrincipalPrincipalType = "user"
)

Defines values for PrincipalPrincipalType.

type PriorityQueryParam 

type PriorityQueryParam = string

PriorityQueryParam defines model for PriorityQueryParam.

type ProcessSAMLLogoutParams 

type ProcessSAMLLogoutParams struct {
	// SAMLRequest Base64-encoded SAML logout request
	SAMLRequest SamlrequestQueryParam `form:"SAMLRequest" json:"SAMLRequest"`
}

ProcessSAMLLogoutParams defines parameters for ProcessSAMLLogout.

type ProcessSAMLLogoutPostFormdataRequestBody 

type ProcessSAMLLogoutPostFormdataRequestBody = SamlSingleLogoutRequest

ProcessSAMLLogoutPostFormdataRequestBody defines body for ProcessSAMLLogoutPost for application/x-www-form-urlencoded ContentType.

type ProcessSAMLResponseFormdataRequestBody 

type ProcessSAMLResponseFormdataRequestBody = SamlAssertionConsumerRequest

ProcessSAMLResponseFormdataRequestBody defines body for ProcessSAMLResponse for application/x-www-form-urlencoded ContentType.

type ProviderPathParam 

type ProviderPathParam = string

ProviderPathParam defines model for ProviderPathParam.

type ProviderQueryParam 

type ProviderQueryParam = string

ProviderQueryParam defines model for ProviderQueryParam.

type QuotaCache 

type QuotaCache struct {
	// contains filtered or unexported fields
}

QuotaCache provides in-memory caching for quota lookups with TTL 

var GlobalQuotaCache *QuotaCache

Global quota cache instance (60 second TTL for dynamic adjustment)

func NewQuotaCache 

func NewQuotaCache(ttl time.Duration) *QuotaCache

NewQuotaCache creates a new quota cache with the specified TTL

func (*QuotaCache) GetUserAPIQuota 

func (c *QuotaCache) GetUserAPIQuota(userID string, store UserAPIQuotaStoreInterface) UserAPIQuota

GetUserAPIQuota retrieves a user API quota from cache or store

func (*QuotaCache) GetWebhookQuota 

func (c *QuotaCache) GetWebhookQuota(userID string, store WebhookQuotaStoreInterface) DBWebhookQuota

GetWebhookQuota retrieves a webhook quota from cache or store

func (*QuotaCache) InvalidateAll 

func (c *QuotaCache) InvalidateAll()

InvalidateAll clears all cached quotas

func (*QuotaCache) InvalidateUserAPIQuota 

func (c *QuotaCache) InvalidateUserAPIQuota(userID string)

InvalidateUserAPIQuota removes a user API quota from cache

func (*QuotaCache) InvalidateWebhookQuota 

func (c *QuotaCache) InvalidateWebhookQuota(userID string)

InvalidateWebhookQuota removes a webhook quota from cache

func (*QuotaCache) Stop 

func (c *QuotaCache) Stop()

Stop stops the cleanup goroutine

type RateLimitResult 

type RateLimitResult struct {
	Allowed        bool
	BlockedByScope string // "session", "ip", or "user"
	RetryAfter     int    // seconds
	Limit          int
	Remaining      int
	ResetAt        int64
}

RateLimitResult represents the result of a rate limit check

type RedoRequestHandler 

type RedoRequestHandler struct{}

RedoRequestHandler handles redo request messages

func (*RedoRequestHandler) HandleMessage 

func (h *RedoRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*RedoRequestHandler) MessageType 

func (h *RedoRequestHandler) MessageType() string

type RedoRequestMessage 

type RedoRequestMessage struct {
	MessageType    MessageType `json:"message_type"`
	InitiatingUser User        `json:"initiating_user"`
}

func (RedoRequestMessage) GetMessageType 

func (m RedoRequestMessage) GetMessageType() MessageType

func (RedoRequestMessage) Validate 

func (m RedoRequestMessage) Validate() error

type RefreshTokenJSONRequestBody 

type RefreshTokenJSONRequestBody = TokenRefreshRequest

RefreshTokenJSONRequestBody defines body for RefreshToken for application/json ContentType.

type RemoveParticipantMessage 

type RemoveParticipantMessage struct {
	MessageType MessageType `json:"message_type"`
	RemovedUser User        `json:"removed_user"`
}

func (RemoveParticipantMessage) GetMessageType 

func (m RemoveParticipantMessage) GetMessageType() MessageType

func (RemoveParticipantMessage) Validate 

func (m RemoveParticipantMessage) Validate() error

type RemoveParticipantRequest 

type RemoveParticipantRequest struct {
	MessageType MessageType `json:"message_type"`
	RemovedUser User        `json:"removed_user"`
}

RemoveParticipantRequest is sent by client to remove a participant

func (RemoveParticipantRequest) GetMessageType 

func (m RemoveParticipantRequest) GetMessageType() MessageType

func (RemoveParticipantRequest) Validate 

func (m RemoveParticipantRequest) Validate() error

type RemoveParticipantRequestHandler 

type RemoveParticipantRequestHandler struct{}

RemoveParticipantRequestHandler handles remove participant request messages

func (*RemoveParticipantRequestHandler) HandleMessage 

func (h *RemoveParticipantRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*RemoveParticipantRequestHandler) MessageType 

func (h *RemoveParticipantRequestHandler) MessageType() string

type Repository 

type Repository struct {
	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Description of the referenced source code
	Description *string `json:"description"`

	// Id Unique identifier for the repository
	Id *openapi_types.UUID `json:"id,omitempty"`

	// Metadata Optional metadata key-value pairs
	Metadata *[]Metadata `json:"metadata,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Name for the source code reference
	Name *string `json:"name,omitempty"`

	// Parameters repo-specific parameters for retrieving the source
	Parameters *struct {
		// RefType Reference type (branch, tag, or commit)
		RefType RepositoryParametersRefType `json:"refType"`

		// RefValue Reference value (branch name, tag value, or commit id)
		RefValue string `json:"refValue"`

		// SubPath Sub-path within the repository
		SubPath *string `json:"subPath,omitempty"`
	} `json:"parameters,omitempty"`

	// Type Source code repository type
	Type *RepositoryType `json:"type,omitempty"`

	// Uri URL to retrieve the referenced source code
	Uri string `json:"uri"`
}

Repository defines model for Repository.

func CreateTestRepositoryWithMetadata 

func CreateTestRepositoryWithMetadata(metadata []Metadata) Repository

CreateTestRepositoryWithMetadata creates a repository with associated metadata for testing

type RepositoryBase 

type RepositoryBase struct {
	// Description Description of the referenced source code
	Description *string `json:"description"`

	// Name Name for the source code reference
	Name *string `json:"name,omitempty"`

	// Parameters repo-specific parameters for retrieving the source
	Parameters *struct {
		// RefType Reference type (branch, tag, or commit)
		RefType RepositoryBaseParametersRefType `json:"refType"`

		// RefValue Reference value (branch name, tag value, or commit id)
		RefValue string `json:"refValue"`

		// SubPath Sub-path within the repository
		SubPath *string `json:"subPath,omitempty"`
	} `json:"parameters,omitempty"`

	// Type Source code repository type
	Type *RepositoryBaseType `json:"type,omitempty"`

	// Uri URL to retrieve the referenced source code
	Uri string `json:"uri"`
}

RepositoryBase Base fields for Repository (user-writable only)

type RepositoryBaseParametersRefType 

type RepositoryBaseParametersRefType string

RepositoryBaseParametersRefType Reference type (branch, tag, or commit) 

const (
	RepositoryBaseParametersRefTypeBranch RepositoryBaseParametersRefType = "branch"
	RepositoryBaseParametersRefTypeCommit RepositoryBaseParametersRefType = "commit"
	RepositoryBaseParametersRefTypeTag    RepositoryBaseParametersRefType = "tag"
)

Defines values for RepositoryBaseParametersRefType.

type RepositoryBaseType 

type RepositoryBaseType string

RepositoryBaseType Source code repository type 

const (
	RepositoryBaseTypeGit       RepositoryBaseType = "git"
	RepositoryBaseTypeMercurial RepositoryBaseType = "mercurial"
	RepositoryBaseTypeOther     RepositoryBaseType = "other"
	RepositoryBaseTypeSvn       RepositoryBaseType = "svn"
)

Defines values for RepositoryBaseType.

type RepositoryId 

type RepositoryId = openapi_types.UUID

RepositoryId defines model for RepositoryId.

type RepositoryInput 

type RepositoryInput = RepositoryBase

RepositoryInput Base fields for Repository (user-writable only)

type RepositoryMetadataHandler 

type RepositoryMetadataHandler struct {
	// contains filtered or unexported fields
}

RepositoryMetadataHandler provides handlers for repository code metadata operations

func NewRepositoryMetadataHandler 

func NewRepositoryMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *RepositoryMetadataHandler

NewRepositoryMetadataHandler creates a new repository code metadata handler

func (*RepositoryMetadataHandler) BulkCreateRepositoryMetadata 

func (h *RepositoryMetadataHandler) BulkCreateRepositoryMetadata(c *gin.Context)

BulkCreateRepositoryMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata/bulk

func (*RepositoryMetadataHandler) BulkUpdateRepositoryMetadata 

func (h *RepositoryMetadataHandler) BulkUpdateRepositoryMetadata(c *gin.Context)

BulkUpdateRepositoryMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata/bulk

func (*RepositoryMetadataHandler) CreateRepositoryMetadata 

func (h *RepositoryMetadataHandler) CreateRepositoryMetadata(c *gin.Context)

CreateRepositoryMetadata creates a new metadata entry for a repository code reference POST /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata

func (*RepositoryMetadataHandler) DeleteRepositoryMetadata 

func (h *RepositoryMetadataHandler) DeleteRepositoryMetadata(c *gin.Context)

DeleteRepositoryMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata/{key}

func (*RepositoryMetadataHandler) GetRepositoryMetadata 

func (h *RepositoryMetadataHandler) GetRepositoryMetadata(c *gin.Context)

GetRepositoryMetadata retrieves all metadata for a repository code reference GET /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata

func (*RepositoryMetadataHandler) GetRepositoryMetadataByKey 

func (h *RepositoryMetadataHandler) GetRepositoryMetadataByKey(c *gin.Context)

GetRepositoryMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata/{key}

func (*RepositoryMetadataHandler) UpdateRepositoryMetadata 

func (h *RepositoryMetadataHandler) UpdateRepositoryMetadata(c *gin.Context)

UpdateRepositoryMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/repositorys/{repository_id}/metadata/{key}

type RepositoryParametersRefType 

type RepositoryParametersRefType string

RepositoryParametersRefType Reference type (branch, tag, or commit) 

const (
	RepositoryParametersRefTypeBranch RepositoryParametersRefType = "branch"
	RepositoryParametersRefTypeCommit RepositoryParametersRefType = "commit"
	RepositoryParametersRefTypeTag    RepositoryParametersRefType = "tag"
)

Defines values for RepositoryParametersRefType.

type RepositoryStore 

type RepositoryStore interface {
	// CRUD operations
	Create(ctx context.Context, repository *Repository, threatModelID string) error
	Get(ctx context.Context, id string) (*Repository, error)
	Update(ctx context.Context, repository *Repository, threatModelID string) error
	Delete(ctx context.Context, id string) error
	Patch(ctx context.Context, id string, operations []PatchOperation) (*Repository, error)

	// List operations with pagination
	List(ctx context.Context, threatModelID string, offset, limit int) ([]Repository, error)

	// Bulk operations
	BulkCreate(ctx context.Context, repositorys []Repository, threatModelID string) error

	// Cache management
	InvalidateCache(ctx context.Context, id string) error
	WarmCache(ctx context.Context, threatModelID string) error
}

RepositoryStore defines the interface for repository operations with caching support 

var GlobalRepositoryStore RepositoryStore

type RepositorySubResourceHandler 

type RepositorySubResourceHandler struct {
	// contains filtered or unexported fields
}

RepositorySubResourceHandler provides handlers for repository code sub-resource operations

func NewRepositorySubResourceHandler 

func NewRepositorySubResourceHandler(repositoryStore RepositoryStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *RepositorySubResourceHandler

NewRepositorySubResourceHandler creates a new repository code sub-resource handler

func (*RepositorySubResourceHandler) BulkCreateRepositorys 

func (h *RepositorySubResourceHandler) BulkCreateRepositorys(c *gin.Context)

BulkCreateRepositorys creates multiple repository code references in a single request POST /threat_models/{threat_model_id}/repositorys/bulk

func (*RepositorySubResourceHandler) BulkUpdateRepositorys 

func (h *RepositorySubResourceHandler) BulkUpdateRepositorys(c *gin.Context)

BulkUpdateRepositorys updates or creates multiple repositories (upsert operation) PUT /threat_models/{threat_model_id}/repositories/bulk

func (*RepositorySubResourceHandler) CreateRepository 

func (h *RepositorySubResourceHandler) CreateRepository(c *gin.Context)

CreateRepository creates a new repository code reference in a threat model POST /threat_models/{threat_model_id}/repositorys

func (*RepositorySubResourceHandler) DeleteRepository 

func (h *RepositorySubResourceHandler) DeleteRepository(c *gin.Context)

DeleteRepository deletes a repository code reference DELETE /threat_models/{threat_model_id}/repositorys/{repository_id}

func (*RepositorySubResourceHandler) GetRepository 

func (h *RepositorySubResourceHandler) GetRepository(c *gin.Context)

GetRepository retrieves a specific repository code reference by ID GET /threat_models/{threat_model_id}/repositorys/{repository_id}

func (*RepositorySubResourceHandler) GetRepositorys 

func (h *RepositorySubResourceHandler) GetRepositorys(c *gin.Context)

GetRepositorys retrieves all repository code references for a threat model with pagination GET /threat_models/{threat_model_id}/repositorys

func (*RepositorySubResourceHandler) PatchRepository 

func (h *RepositorySubResourceHandler) PatchRepository(c *gin.Context)

PatchRepository applies JSON patch operations to a repository PATCH /threat_models/{threat_model_id}/repositories/{repository_id}

func (*RepositorySubResourceHandler) UpdateRepository 

func (h *RepositorySubResourceHandler) UpdateRepository(c *gin.Context)

UpdateRepository updates an existing repository code reference PUT /threat_models/{threat_model_id}/repositorys/{repository_id}

type RepositoryType 

type RepositoryType string

RepositoryType Source code repository type 

const (
	RepositoryTypeGit       RepositoryType = "git"
	RepositoryTypeMercurial RepositoryType = "mercurial"
	RepositoryTypeOther     RepositoryType = "other"
	RepositoryTypeSvn       RepositoryType = "svn"
)

Defines values for RepositoryType.

type RequestError 

type RequestError struct {
	Status  int
	Code    string
	Message string
	Details *ErrorDetails
}

RequestError represents an error that should be returned as an HTTP response

func ConflictError 

func ConflictError(message string) *RequestError

ConflictError creates a RequestError for resource conflicts

func ForbiddenError 

func ForbiddenError(message string) *RequestError

ForbiddenError creates a RequestError for forbidden access

func InvalidIDError 

func InvalidIDError(message string) *RequestError

InvalidIDError creates a RequestError for invalid ID formats

func InvalidInputError 

func InvalidInputError(message string) *RequestError

InvalidInputError creates a RequestError for validation failures

func InvalidInputErrorWithDetails 

func InvalidInputErrorWithDetails(message string, code string, context map[string]interface{}, suggestion string) *RequestError

InvalidInputErrorWithDetails creates a RequestError for validation failures with additional context

func NotFoundError 

func NotFoundError(message string) *RequestError

NotFoundError creates a RequestError for resource not found

func NotFoundErrorWithDetails 

func NotFoundErrorWithDetails(message string, code string, context map[string]interface{}, suggestion string) *RequestError

NotFoundErrorWithDetails creates a RequestError for resource not found with additional context

func ServerError 

func ServerError(message string) *RequestError

ServerError creates a RequestError for internal server errors

func ServerErrorWithDetails 

func ServerErrorWithDetails(message string, code string, context map[string]interface{}, suggestion string) *RequestError

ServerErrorWithDetails creates a RequestError for internal server errors with additional context

func UnauthorizedError 

func UnauthorizedError(message string) *RequestError

func (*RequestError) Error 

func (e *RequestError) Error() string

type Role 

type Role = AuthorizationRole

Role represents a user role with permission levels 

const (
	// RoleOwner has full control over the resource
	RoleOwner Role = AuthorizationRoleOwner
	// RoleWriter can edit but not delete or change ownership
	RoleWriter Role = AuthorizationRoleWriter
	// RoleReader can only view the resource
	RoleReader Role = AuthorizationRoleReader
)

func GetUserRole 

func GetUserRole(userEmail string, userProviderID string, userInternalUUID string, userIdP string, userGroups []string, threatModel ThreatModel) Role

GetUserRole determines the role of the user for a given threat model This now supports both user and group authorization with IdP scoping

func GetUserRoleForDiagram 

func GetUserRoleForDiagram(userEmail string, userProviderID string, userInternalUUID string, userIdP string, userGroups []string, diagram DfdDiagram) Role

GetUserRoleForDiagram determines the role of the user for a given diagram This now supports both user and group authorization with IdP scoping and flexible user matching

func ValidateAuthenticatedUser 

func ValidateAuthenticatedUser(c *gin.Context) (string, string, Role, error)

ValidateAuthenticatedUser extracts and validates the authenticated user from context Returns (email, providerId, role, error) The providerId is the OAuth provider's unique user identifier (from JWT "sub" claim) The email is the user's email address (from JWT "email" claim)

type SAMLProviderInfo 

type SAMLProviderInfo struct {
	// AcsUrl Assertion Consumer Service URL
	AcsUrl string `json:"acs_url"`

	// AuthUrl TMI SAML login endpoint URL
	AuthUrl string `json:"auth_url"`

	// EntityId Service Provider entity ID
	EntityId string `json:"entity_id"`

	// Icon Icon identifier for the provider (Font Awesome class, URL, or path)
	Icon string `json:"icon"`

	// Id Provider identifier
	Id string `json:"id"`

	// MetadataUrl SAML service provider metadata URL
	MetadataUrl string `json:"metadata_url"`

	// Name Display name of the provider
	Name string `json:"name"`

	// SloUrl Single Logout URL
	SloUrl *string `json:"slo_url,omitempty"`
}

SAMLProviderInfo defines model for SAMLProviderInfo.

type SamlAssertionConsumerRequest 

type SamlAssertionConsumerRequest struct {
	// RelayState State parameter for CSRF protection
	RelayState *string `json:"RelayState,omitempty"`

	// SAMLResponse Base64-encoded SAML response
	SAMLResponse string `json:"SAMLResponse"`
}

SamlAssertionConsumerRequest defines model for SamlAssertionConsumerRequest.

type SamlSingleLogoutRequest 

type SamlSingleLogoutRequest struct {
	// SAMLRequest Base64-encoded SAML logout request
	SAMLRequest string `json:"SAMLRequest"`
}

SamlSingleLogoutRequest defines model for SamlSingleLogoutRequest.

type SamlrequestQueryParam 

type SamlrequestQueryParam = string

SamlrequestQueryParam defines model for SamlrequestQueryParam.

type ScopeQueryParam 

type ScopeQueryParam = string

ScopeQueryParam defines model for ScopeQueryParam.

type ScoreEqQueryParam 

type ScoreEqQueryParam = float32

ScoreEqQueryParam defines model for ScoreEqQueryParam.

type ScoreGeQueryParam 

type ScoreGeQueryParam = float32

ScoreGeQueryParam defines model for ScoreGeQueryParam.

type ScoreGtQueryParam 

type ScoreGtQueryParam = float32

ScoreGtQueryParam defines model for ScoreGtQueryParam.

type ScoreLeQueryParam 

type ScoreLeQueryParam = float32

ScoreLeQueryParam defines model for ScoreLeQueryParam.

type ScoreLtQueryParam 

type ScoreLtQueryParam = float32

ScoreLtQueryParam defines model for ScoreLtQueryParam.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is the main API server instance

func NewServer 

func NewServer(wsLoggingConfig slogging.WebSocketLoggingConfig, inactivityTimeout time.Duration) *Server

NewServer creates a new API server instance

func NewServerForTests 

func NewServerForTests() *Server

NewServerForTests creates a server with default test configuration

func (*Server) AddGroupMember 

func (s *Server) AddGroupMember(c *gin.Context, internalUuid openapi_types.UUID)

AddGroupMember handles POST /admin/groups/{internal_uuid}/members

func (*Server) AuthorizeOAuthProvider 

func (s *Server) AuthorizeOAuthProvider(c *gin.Context, params AuthorizeOAuthProviderParams)

AuthorizeOAuthProvider initiates OAuth flow

func (*Server) BulkCreateDiagramMetadata 

func (s *Server) BulkCreateDiagramMetadata(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

BulkCreateDiagramMetadata bulk creates diagram metadata

func (*Server) BulkCreateDocumentMetadata 

func (s *Server) BulkCreateDocumentMetadata(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

BulkCreateDocumentMetadata bulk creates document metadata

func (*Server) BulkCreateNoteMetadata 

func (s *Server) BulkCreateNoteMetadata(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

BulkCreateNoteMetadata bulk creates note metadata

func (*Server) BulkCreateRepositoryMetadata 

func (s *Server) BulkCreateRepositoryMetadata(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

BulkCreateRepositoryMetadata bulk creates repository metadata

func (*Server) BulkCreateThreatMetadata 

func (s *Server) BulkCreateThreatMetadata(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

BulkCreateThreatMetadata bulk creates threat metadata

func (*Server) BulkCreateThreatModelAssetMetadata 

func (s *Server) BulkCreateThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

BulkCreateThreatModelAssetMetadata bulk creates asset metadata

func (*Server) BulkCreateThreatModelAssets 

func (s *Server) BulkCreateThreatModelAssets(c *gin.Context, threatModelId openapi_types.UUID)

BulkCreateThreatModelAssets bulk creates assets

func (*Server) BulkCreateThreatModelDocuments 

func (s *Server) BulkCreateThreatModelDocuments(c *gin.Context, threatModelId openapi_types.UUID)

BulkCreateThreatModelDocuments bulk creates documents

func (*Server) BulkCreateThreatModelMetadata 

func (s *Server) BulkCreateThreatModelMetadata(c *gin.Context, threatModelId openapi_types.UUID)

BulkCreateThreatModelMetadata bulk creates threat model metadata

func (*Server) BulkCreateThreatModelRepositories 

func (s *Server) BulkCreateThreatModelRepositories(c *gin.Context, threatModelId openapi_types.UUID)

BulkCreateThreatModelRepositories bulk creates repositories

func (*Server) BulkCreateThreatModelThreats 

func (s *Server) BulkCreateThreatModelThreats(c *gin.Context, threatModelId openapi_types.UUID)

BulkCreateThreatModelThreats bulk creates threats

func (*Server) BulkDeleteThreatModelThreats 

func (s *Server) BulkDeleteThreatModelThreats(c *gin.Context, threatModelId openapi_types.UUID, params BulkDeleteThreatModelThreatsParams)

BulkDeleteThreatModelThreats bulk deletes threats

func (*Server) BulkPatchThreatModelThreats 

func (s *Server) BulkPatchThreatModelThreats(c *gin.Context, threatModelId openapi_types.UUID)

BulkPatchThreatModelThreats bulk patches threats

func (*Server) BulkUpdateNoteMetadata 

func (s *Server) BulkUpdateNoteMetadata(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

BulkUpdateNoteMetadata bulk updates note metadata

func (*Server) BulkUpdateThreatModelThreats 

func (s *Server) BulkUpdateThreatModelThreats(c *gin.Context, threatModelId openapi_types.UUID)

BulkUpdateThreatModelThreats bulk updates threats

func (*Server) BulkUpsertDiagramMetadata 

func (s *Server) BulkUpsertDiagramMetadata(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

BulkUpsertDiagramMetadata bulk upserts diagram metadata

func (*Server) BulkUpsertDocumentMetadata 

func (s *Server) BulkUpsertDocumentMetadata(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

BulkUpsertDocumentMetadata bulk upserts document metadata

func (*Server) BulkUpsertRepositoryMetadata 

func (s *Server) BulkUpsertRepositoryMetadata(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

BulkUpsertRepositoryMetadata bulk upserts repository metadata

func (*Server) BulkUpsertThreatMetadata 

func (s *Server) BulkUpsertThreatMetadata(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

BulkUpsertThreatMetadata bulk upserts threat metadata

func (*Server) BulkUpsertThreatModelAssetMetadata 

func (s *Server) BulkUpsertThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

BulkUpsertThreatModelAssetMetadata creates or updates multiple asset metadata entries

func (*Server) BulkUpsertThreatModelAssets 

func (s *Server) BulkUpsertThreatModelAssets(c *gin.Context, threatModelId openapi_types.UUID)

BulkUpsertThreatModelAssets bulk upserts assets

func (*Server) BulkUpsertThreatModelDocuments 

func (s *Server) BulkUpsertThreatModelDocuments(c *gin.Context, threatModelId openapi_types.UUID)

BulkUpsertThreatModelDocuments bulk upserts documents

func (*Server) BulkUpsertThreatModelMetadata 

func (s *Server) BulkUpsertThreatModelMetadata(c *gin.Context, threatModelId openapi_types.UUID)

BulkUpsertThreatModelMetadata bulk upserts threat model metadata

func (*Server) BulkUpsertThreatModelRepositories 

func (s *Server) BulkUpsertThreatModelRepositories(c *gin.Context, threatModelId openapi_types.UUID)

BulkUpsertThreatModelRepositories bulk upserts repositories

func (*Server) CreateAddon 

func (s *Server) CreateAddon(c *gin.Context)

CreateAddon creates a new add-on (admin only)

func (*Server) CreateAdminGroup 

func (s *Server) CreateAdminGroup(c *gin.Context)

CreateAdminGroup handles POST /admin/groups

func (*Server) CreateAdministrator 

func (s *Server) CreateAdministrator(c *gin.Context)

CreateAdministrator handles POST /admin/administrators

func (*Server) CreateCurrentUserClientCredential 

func (s *Server) CreateCurrentUserClientCredential(c *gin.Context)

CreateCurrentUserClientCredential handles POST /users/me/client_credentials Creates a new OAuth 2.0 client credential for machine-to-machine authentication

func (*Server) CreateDiagramCollaborationSession 

func (s *Server) CreateDiagramCollaborationSession(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

CreateDiagramCollaborationSession creates a new collaboration session for a diagram

func (*Server) CreateDiagramMetadata 

func (s *Server) CreateDiagramMetadata(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

CreateDiagramMetadata creates diagram metadata

func (*Server) CreateDocumentMetadata 

func (s *Server) CreateDocumentMetadata(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

CreateDocumentMetadata creates document metadata

func (*Server) CreateNoteMetadata 

func (s *Server) CreateNoteMetadata(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

CreateNoteMetadata creates note metadata

func (*Server) CreateRepositoryMetadata 

func (s *Server) CreateRepositoryMetadata(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

CreateRepositoryMetadata creates repository metadata

func (*Server) CreateThreatMetadata 

func (s *Server) CreateThreatMetadata(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

CreateThreatMetadata creates threat metadata

func (*Server) CreateThreatModel 

func (s *Server) CreateThreatModel(c *gin.Context)

CreateThreatModel creates a new threat model

func (*Server) CreateThreatModelAsset 

func (s *Server) CreateThreatModelAsset(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelAsset creates an asset

func (*Server) CreateThreatModelAssetMetadata 

func (s *Server) CreateThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

CreateThreatModelAssetMetadata creates asset metadata

func (*Server) CreateThreatModelDiagram 

func (s *Server) CreateThreatModelDiagram(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelDiagram creates a new diagram

func (*Server) CreateThreatModelDocument 

func (s *Server) CreateThreatModelDocument(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelDocument creates a document

func (*Server) CreateThreatModelMetadata 

func (s *Server) CreateThreatModelMetadata(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelMetadata creates threat model metadata

func (*Server) CreateThreatModelNote 

func (s *Server) CreateThreatModelNote(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelNote creates a note

func (*Server) CreateThreatModelRepository 

func (s *Server) CreateThreatModelRepository(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelRepository creates a repository

func (*Server) CreateThreatModelThreat 

func (s *Server) CreateThreatModelThreat(c *gin.Context, threatModelId openapi_types.UUID)

CreateThreatModelThreat creates a threat

func (*Server) CreateWebhookSubscription 

func (s *Server) CreateWebhookSubscription(c *gin.Context)

CreateWebhookSubscription creates a new webhook subscription

func (*Server) DeleteAddon 

func (s *Server) DeleteAddon(c *gin.Context, id openapi_types.UUID)

DeleteAddon deletes an add-on (admin only)

func (*Server) DeleteAddonInvocationQuota 

func (s *Server) DeleteAddonInvocationQuota(c *gin.Context, userId openapi_types.UUID)

DeleteAddonInvocationQuota deletes the addon invocation quota for a specific user, reverting to defaults (admin only)

func (*Server) DeleteAdminGroup 

func (s *Server) DeleteAdminGroup(c *gin.Context, internalUuid openapi_types.UUID)

DeleteAdminGroup handles DELETE /admin/groups/{internal_uuid}

func (*Server) DeleteAdminUser 

func (s *Server) DeleteAdminUser(c *gin.Context, internalUuid openapi_types.UUID)

DeleteAdminUser handles DELETE /admin/users/{internal_uuid}

func (*Server) DeleteAdministrator 

func (s *Server) DeleteAdministrator(c *gin.Context, id openapi_types.UUID)

DeleteAdministrator handles DELETE /admin/administrators/{id}

func (*Server) DeleteCurrentUserClientCredential 

func (s *Server) DeleteCurrentUserClientCredential(c *gin.Context, id openapi_types.UUID)

DeleteCurrentUserClientCredential handles DELETE /users/me/client_credentials/{id} Permanently deletes a client credential

func (*Server) DeleteDiagramMetadataByKey 

func (s *Server) DeleteDiagramMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID, key string)

DeleteDiagramMetadataByKey deletes diagram metadata by key

func (*Server) DeleteDocumentMetadataByKey 

func (s *Server) DeleteDocumentMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID, key string)

DeleteDocumentMetadataByKey deletes document metadata by key

func (*Server) DeleteNoteMetadataByKey 

func (s *Server) DeleteNoteMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID, key string)

DeleteNoteMetadataByKey deletes note metadata by key

func (*Server) DeleteRepositoryMetadataByKey 

func (s *Server) DeleteRepositoryMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID, key string)

DeleteRepositoryMetadataByKey deletes repository metadata by key

func (*Server) DeleteThreatMetadataByKey 

func (s *Server) DeleteThreatMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID, key string)

DeleteThreatMetadataByKey deletes threat metadata by key

func (*Server) DeleteThreatModel 

func (s *Server) DeleteThreatModel(c *gin.Context, threatModelId openapi_types.UUID)

DeleteThreatModel deletes a threat model

func (*Server) DeleteThreatModelAsset 

func (s *Server) DeleteThreatModelAsset(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

DeleteThreatModelAsset deletes an asset

func (*Server) DeleteThreatModelAssetMetadata 

func (s *Server) DeleteThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID, key string)

DeleteThreatModelAssetMetadata deletes asset metadata by key

func (*Server) DeleteThreatModelDiagram 

func (s *Server) DeleteThreatModelDiagram(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

DeleteThreatModelDiagram deletes a diagram

func (*Server) DeleteThreatModelDocument 

func (s *Server) DeleteThreatModelDocument(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

DeleteThreatModelDocument deletes a document

func (*Server) DeleteThreatModelMetadataByKey 

func (s *Server) DeleteThreatModelMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, key string)

DeleteThreatModelMetadataByKey deletes threat model metadata by key

func (*Server) DeleteThreatModelNote 

func (s *Server) DeleteThreatModelNote(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

DeleteThreatModelNote deletes a note

func (*Server) DeleteThreatModelRepository 

func (s *Server) DeleteThreatModelRepository(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

DeleteThreatModelRepository deletes a repository

func (*Server) DeleteThreatModelThreat 

func (s *Server) DeleteThreatModelThreat(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

DeleteThreatModelThreat deletes a threat

func (*Server) DeleteUserAPIQuota 

func (s *Server) DeleteUserAPIQuota(c *gin.Context, userId openapi_types.UUID)

DeleteUserAPIQuota deletes the API quota for a specific user, reverting to defaults (admin only)

func (*Server) DeleteUserAccount 

func (s *Server) DeleteUserAccount(c *gin.Context, params DeleteUserAccountParams)

DeleteUserAccount handles user account deletion (two-step challenge-response)

func (*Server) DeleteWebhookQuota 

func (s *Server) DeleteWebhookQuota(c *gin.Context, userId openapi_types.UUID)

DeleteWebhookQuota deletes the webhook quota for a specific user, reverting to defaults (admin only)

func (*Server) DeleteWebhookSubscription 

func (s *Server) DeleteWebhookSubscription(c *gin.Context, webhookId openapi_types.UUID)

DeleteWebhookSubscription deletes a webhook subscription

func (*Server) EndDiagramCollaborationSession 

func (s *Server) EndDiagramCollaborationSession(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

EndDiagramCollaborationSession ends a collaboration session for a diagram

func (*Server) ExchangeOAuthCode 

func (s *Server) ExchangeOAuthCode(c *gin.Context, params ExchangeOAuthCodeParams)

ExchangeOAuthCode exchanges auth code for tokens

func (*Server) GetAddon 

func (s *Server) GetAddon(c *gin.Context, id openapi_types.UUID)

GetAddon gets a single add-on by ID

func (*Server) GetAddonInvocationQuota 

func (s *Server) GetAddonInvocationQuota(c *gin.Context, userId openapi_types.UUID)

GetAddonInvocationQuota retrieves the addon invocation quota for a specific user (admin only)

func (*Server) GetAdminGroup 

func (s *Server) GetAdminGroup(c *gin.Context, internalUuid openapi_types.UUID)

GetAdminGroup handles GET /admin/groups/{internal_uuid}

func (*Server) GetAdminUser 

func (s *Server) GetAdminUser(c *gin.Context, internalUuid openapi_types.UUID)

GetAdminUser handles GET /admin/users/{internal_uuid}

func (*Server) GetApiInfo 

func (s *Server) GetApiInfo(c *gin.Context)

GetApiInfo returns API information

func (*Server) GetAuthProviders 

func (s *Server) GetAuthProviders(c *gin.Context)

GetAuthProviders lists OAuth providers

func (*Server) GetCollaborationSessions 

func (s *Server) GetCollaborationSessions(c *gin.Context)

GetCollaborationSessions returns active collaboration sessions (already implemented)

func (*Server) GetCurrentUser 

func (s *Server) GetCurrentUser(c *gin.Context)

GetCurrentUser gets current user information

func (*Server) GetCurrentUserProfile 

func (s *Server) GetCurrentUserProfile(c *gin.Context)

GetCurrentUserProfile gets current user profile with groups and admin status (from /users/me endpoint)

func (*Server) GetDiagramCollaborationSession 

func (s *Server) GetDiagramCollaborationSession(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

GetDiagramCollaborationSession retrieves the current collaboration session for a diagram

func (*Server) GetDiagramMetadata 

func (s *Server) GetDiagramMetadata(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

GetDiagramMetadata gets diagram metadata

func (*Server) GetDiagramMetadataByKey 

func (s *Server) GetDiagramMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID, key string)

GetDiagramMetadataByKey gets diagram metadata by key

func (*Server) GetDiagramModel 

func (s *Server) GetDiagramModel(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID, params GetDiagramModelParams)

GetDiagramModel gets minimal diagram model for automated analysis

func (*Server) GetDocumentMetadata 

func (s *Server) GetDocumentMetadata(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

GetDocumentMetadata gets document metadata

func (*Server) GetDocumentMetadataByKey 

func (s *Server) GetDocumentMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID, key string)

GetDocumentMetadataByKey gets document metadata by key

func (*Server) GetInvocation 

func (s *Server) GetInvocation(c *gin.Context, id openapi_types.UUID)

GetInvocation gets a single invocation by ID

func (*Server) GetJWKS 

func (s *Server) GetJWKS(c *gin.Context)

GetJWKS returns the JSON Web Key Set for JWT signature verification

func (*Server) GetNoteMetadata 

func (s *Server) GetNoteMetadata(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

GetNoteMetadata gets note metadata

func (*Server) GetNoteMetadataByKey 

func (s *Server) GetNoteMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID, key string)

GetNoteMetadataByKey gets note metadata by key

func (*Server) GetOAuthAuthorizationServerMetadata 

func (s *Server) GetOAuthAuthorizationServerMetadata(c *gin.Context)

GetOAuthAuthorizationServerMetadata returns OAuth 2.0 Authorization Server Metadata

func (*Server) GetOAuthProtectedResourceMetadata 

func (s *Server) GetOAuthProtectedResourceMetadata(c *gin.Context)

GetOAuthProtectedResourceMetadata returns OAuth 2.0 protected resource metadata as per RFC 9728

func (*Server) GetOpenIDConfiguration 

func (s *Server) GetOpenIDConfiguration(c *gin.Context)

GetOpenIDConfiguration returns OpenID Connect configuration

func (*Server) GetProviderGroups 

func (s *Server) GetProviderGroups(c *gin.Context, idp string)

GetProviderGroups returns groups available from a specific identity provider

func (*Server) GetRepositoryMetadata 

func (s *Server) GetRepositoryMetadata(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

GetRepositoryMetadata gets repository metadata

func (*Server) GetRepositoryMetadataByKey 

func (s *Server) GetRepositoryMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID, key string)

GetRepositoryMetadataByKey gets repository metadata by key

func (*Server) GetSAMLMetadata 

func (s *Server) GetSAMLMetadata(c *gin.Context, provider string)

GetSAMLMetadata returns SAML service provider metadata

func (*Server) GetSAMLProviders 

func (s *Server) GetSAMLProviders(c *gin.Context)

GetSAMLProviders implements ServerInterface

func (*Server) GetThreatMetadata 

func (s *Server) GetThreatMetadata(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

GetThreatMetadata gets threat metadata

func (*Server) GetThreatMetadataByKey 

func (s *Server) GetThreatMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID, key string)

GetThreatMetadataByKey gets threat metadata by key

func (*Server) GetThreatModel 

func (s *Server) GetThreatModel(c *gin.Context, threatModelId openapi_types.UUID)

GetThreatModel gets a specific threat model

func (*Server) GetThreatModelAsset 

func (s *Server) GetThreatModelAsset(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

GetThreatModelAsset gets an asset

func (*Server) GetThreatModelAssetMetadata 

func (s *Server) GetThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

GetThreatModelAssetMetadata gets asset metadata

func (*Server) GetThreatModelAssetMetadataByKey 

func (s *Server) GetThreatModelAssetMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID, key string)

GetThreatModelAssetMetadataByKey gets asset metadata by key

func (*Server) GetThreatModelAssets 

func (s *Server) GetThreatModelAssets(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelAssetsParams)

GetThreatModelAssets lists assets

func (*Server) GetThreatModelDiagram 

func (s *Server) GetThreatModelDiagram(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

GetThreatModelDiagram gets a specific diagram

func (*Server) GetThreatModelDiagrams 

func (s *Server) GetThreatModelDiagrams(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelDiagramsParams)

GetThreatModelDiagrams lists diagrams for a threat model

func (*Server) GetThreatModelDocument 

func (s *Server) GetThreatModelDocument(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

GetThreatModelDocument gets a document

func (*Server) GetThreatModelDocuments 

func (s *Server) GetThreatModelDocuments(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelDocumentsParams)

GetThreatModelDocuments lists documents

func (*Server) GetThreatModelMetadata 

func (s *Server) GetThreatModelMetadata(c *gin.Context, threatModelId openapi_types.UUID)

GetThreatModelMetadata gets threat model metadata

func (*Server) GetThreatModelMetadataByKey 

func (s *Server) GetThreatModelMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, key string)

GetThreatModelMetadataByKey gets threat model metadata by key

func (*Server) GetThreatModelNote 

func (s *Server) GetThreatModelNote(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

GetThreatModelNote gets a note

func (*Server) GetThreatModelNotes 

func (s *Server) GetThreatModelNotes(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelNotesParams)

GetThreatModelNotes lists notes

func (*Server) GetThreatModelRepositories 

func (s *Server) GetThreatModelRepositories(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelRepositoriesParams)

GetThreatModelRepositories lists repositories

func (*Server) GetThreatModelRepository 

func (s *Server) GetThreatModelRepository(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

GetThreatModelRepository gets a repository

func (*Server) GetThreatModelThreat 

func (s *Server) GetThreatModelThreat(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

GetThreatModelThreat gets a threat

func (*Server) GetThreatModelThreats 

func (s *Server) GetThreatModelThreats(c *gin.Context, threatModelId openapi_types.UUID, params GetThreatModelThreatsParams)

GetThreatModelThreats lists threats

func (*Server) GetUserAPIQuota 

func (s *Server) GetUserAPIQuota(c *gin.Context, userId openapi_types.UUID)

GetUserAPIQuota retrieves the API quota for a specific user (admin only)

func (*Server) GetWebSocketHub 

func (s *Server) GetWebSocketHub() *WebSocketHub

GetWebSocketHub returns the WebSocket hub instance

func (*Server) GetWebhookDelivery 

func (s *Server) GetWebhookDelivery(c *gin.Context, deliveryId openapi_types.UUID)

GetWebhookDelivery gets a specific webhook delivery

func (*Server) GetWebhookQuota 

func (s *Server) GetWebhookQuota(c *gin.Context, userId openapi_types.UUID)

GetWebhookQuota retrieves the webhook quota for a specific user (admin only)

func (*Server) GetWebhookSubscription 

func (s *Server) GetWebhookSubscription(c *gin.Context, webhookId openapi_types.UUID)

GetWebhookSubscription gets a specific webhook subscription

func (*Server) HandleCollaborationSessions 

func (s *Server) HandleCollaborationSessions(c *gin.Context)

HandleCollaborationSessions returns all active collaboration sessions that the user has access to

func (*Server) HandleNotificationWebSocket 

func (s *Server) HandleNotificationWebSocket(c *gin.Context)

HandleNotificationWebSocket handles WebSocket connections for notifications

func (*Server) HandleOAuthCallback 

func (s *Server) HandleOAuthCallback(c *gin.Context, params HandleOAuthCallbackParams)

HandleOAuthCallback handles OAuth callback

func (*Server) HandleServerInfo 

func (s *Server) HandleServerInfo(c *gin.Context)

HandleServerInfo provides server configuration information to clients

func (*Server) HandleWebSocket 

func (s *Server) HandleWebSocket(c *gin.Context)

HandleWebSocket handles WebSocket connections

func (*Server) InitiateSAMLLogin 

func (s *Server) InitiateSAMLLogin(c *gin.Context, provider string, params InitiateSAMLLoginParams)

InitiateSAMLLogin starts SAML authentication flow

func (*Server) IntrospectToken 

func (s *Server) IntrospectToken(c *gin.Context)

IntrospectToken handles token introspection requests per RFC 7662

func (*Server) InvokeAddon 

func (s *Server) InvokeAddon(c *gin.Context, id openapi_types.UUID)

InvokeAddon invokes an add-on

func (*Server) ListAddonInvocationQuotas 

func (s *Server) ListAddonInvocationQuotas(c *gin.Context, params ListAddonInvocationQuotasParams)

ListAddonInvocationQuotas retrieves all custom addon invocation quotas (admin only)

func (*Server) ListAddons 

func (s *Server) ListAddons(c *gin.Context, params ListAddonsParams)

ListAddons lists all add-ons

func (*Server) ListAdminGroups 

func (s *Server) ListAdminGroups(c *gin.Context, params ListAdminGroupsParams)

ListAdminGroups handles GET /admin/groups

func (*Server) ListAdminUsers 

func (s *Server) ListAdminUsers(c *gin.Context, params ListAdminUsersParams)

ListAdminUsers handles GET /admin/users

func (*Server) ListAdministrators 

func (s *Server) ListAdministrators(c *gin.Context, params ListAdministratorsParams)

ListAdministrators handles GET /admin/administrators

func (*Server) ListCurrentUserClientCredentials 

func (s *Server) ListCurrentUserClientCredentials(c *gin.Context)

ListCurrentUserClientCredentials handles GET /users/me/client_credentials Retrieves all client credentials owned by the authenticated user (without secrets)

func (*Server) ListGroupMembers 

func (s *Server) ListGroupMembers(c *gin.Context, internalUuid openapi_types.UUID, params ListGroupMembersParams)

ListGroupMembers handles GET /admin/groups/{internal_uuid}/members

func (*Server) ListInvocations 

func (s *Server) ListInvocations(c *gin.Context, params ListInvocationsParams)

ListInvocations lists invocations (user sees own, admin sees all)

func (*Server) ListSAMLUsers 

func (s *Server) ListSAMLUsers(c *gin.Context, idp string)

ListSAMLUsers handles GET /saml/providers/{idp}/users

func (*Server) ListThreatModels 

func (s *Server) ListThreatModels(c *gin.Context, params ListThreatModelsParams)

ListThreatModels lists threat models

func (*Server) ListUserAPIQuotas 

func (s *Server) ListUserAPIQuotas(c *gin.Context, params ListUserAPIQuotasParams)

ListUserAPIQuotas retrieves all custom user API quotas (admin only)

func (*Server) ListWebhookDeliveries 

func (s *Server) ListWebhookDeliveries(c *gin.Context, params ListWebhookDeliveriesParams)

ListWebhookDeliveries lists webhook deliveries for the authenticated user

func (*Server) ListWebhookQuotas 

func (s *Server) ListWebhookQuotas(c *gin.Context, params ListWebhookQuotasParams)

ListWebhookQuotas retrieves all custom webhook quotas (admin only)

func (*Server) ListWebhookSubscriptions 

func (s *Server) ListWebhookSubscriptions(c *gin.Context, params ListWebhookSubscriptionsParams)

ListWebhookSubscriptions lists webhook subscriptions for the authenticated user

func (*Server) LogoutUser 

func (s *Server) LogoutUser(c *gin.Context)

LogoutUser logs out the current user

func (*Server) PatchThreatModel 

func (s *Server) PatchThreatModel(c *gin.Context, threatModelId openapi_types.UUID)

PatchThreatModel partially updates a threat model

func (*Server) PatchThreatModelAsset 

func (s *Server) PatchThreatModelAsset(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

PatchThreatModelAsset patches an asset

func (*Server) PatchThreatModelDiagram 

func (s *Server) PatchThreatModelDiagram(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

PatchThreatModelDiagram partially updates a diagram

func (*Server) PatchThreatModelDocument 

func (s *Server) PatchThreatModelDocument(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

PatchThreatModelDocument patches a document

func (*Server) PatchThreatModelNote 

func (s *Server) PatchThreatModelNote(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

PatchThreatModelNote patches a note

func (*Server) PatchThreatModelRepository 

func (s *Server) PatchThreatModelRepository(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

PatchThreatModelRepository patches a repository

func (*Server) PatchThreatModelThreat 

func (s *Server) PatchThreatModelThreat(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

PatchThreatModelThreat patches a threat

func (*Server) ProcessSAMLLogout 

func (s *Server) ProcessSAMLLogout(c *gin.Context, params ProcessSAMLLogoutParams)

ProcessSAMLLogout handles SAML single logout (GET)

func (*Server) ProcessSAMLLogoutPost 

func (s *Server) ProcessSAMLLogoutPost(c *gin.Context)

ProcessSAMLLogoutPost handles SAML single logout (POST)

func (*Server) ProcessSAMLResponse 

func (s *Server) ProcessSAMLResponse(c *gin.Context)

ProcessSAMLResponse handles SAML assertion consumer service

func (*Server) RefreshToken 

func (s *Server) RefreshToken(c *gin.Context)

RefreshToken refreshes JWT token

func (*Server) RegisterHandlers 

func (s *Server) RegisterHandlers(r *gin.Engine)

RegisterHandlers registers custom API handlers with the router

func (*Server) RemoveGroupMember 

func (s *Server) RemoveGroupMember(c *gin.Context, internalUuid openapi_types.UUID, userUuid openapi_types.UUID)

RemoveGroupMember handles DELETE /admin/groups/{internal_uuid}/members/{user_uuid}

func (*Server) SetAPIRateLimiter 

func (s *Server) SetAPIRateLimiter(rateLimiter *APIRateLimiter)

SetAPIRateLimiter sets the API rate limiter

func (*Server) SetAuthFlowRateLimiter 

func (s *Server) SetAuthFlowRateLimiter(rateLimiter *AuthFlowRateLimiter)

SetAuthFlowRateLimiter sets the auth flow rate limiter

func (*Server) SetAuthService 

func (s *Server) SetAuthService(authService AuthService)

SetAuthService sets the auth service for delegating auth-related methods

func (*Server) SetIPRateLimiter 

func (s *Server) SetIPRateLimiter(rateLimiter *IPRateLimiter)

SetIPRateLimiter sets the IP rate limiter

func (*Server) SetWebhookRateLimiter 

func (s *Server) SetWebhookRateLimiter(rateLimiter *WebhookRateLimiter)

SetWebhookRateLimiter sets the webhook rate limiter

func (*Server) StartWebSocketHub 

func (s *Server) StartWebSocketHub(ctx context.Context)

StartWebSocketHub starts the WebSocket hub cleanup timer

func (*Server) TestWebhookSubscription 

func (s *Server) TestWebhookSubscription(c *gin.Context, webhookId openapi_types.UUID)

TestWebhookSubscription sends a test event to the webhook

func (*Server) UpdateAddonInvocationQuota 

func (s *Server) UpdateAddonInvocationQuota(c *gin.Context, userId openapi_types.UUID)

UpdateAddonInvocationQuota creates or updates the addon invocation quota for a specific user (admin only)

func (*Server) UpdateAdminGroup 

func (s *Server) UpdateAdminGroup(c *gin.Context, internalUuid openapi_types.UUID)

UpdateAdminGroup handles PATCH /admin/groups/{internal_uuid}

func (*Server) UpdateAdminUser 

func (s *Server) UpdateAdminUser(c *gin.Context, internalUuid openapi_types.UUID)

UpdateAdminUser handles PATCH /admin/users/{internal_uuid}

func (*Server) UpdateDiagramMetadataByKey 

func (s *Server) UpdateDiagramMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID, key string)

UpdateDiagramMetadataByKey updates diagram metadata by key

func (*Server) UpdateDocumentMetadataByKey 

func (s *Server) UpdateDocumentMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID, key string)

UpdateDocumentMetadataByKey updates document metadata by key

func (*Server) UpdateInvocationStatus 

func (s *Server) UpdateInvocationStatus(c *gin.Context, id openapi_types.UUID, params UpdateInvocationStatusParams)

UpdateInvocationStatus updates invocation status (webhook callback with HMAC auth)

func (*Server) UpdateNoteMetadataByKey 

func (s *Server) UpdateNoteMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID, key string)

UpdateNoteMetadataByKey updates note metadata by key

func (*Server) UpdateRepositoryMetadataByKey 

func (s *Server) UpdateRepositoryMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID, key string)

UpdateRepositoryMetadataByKey updates repository metadata by key

func (*Server) UpdateThreatMetadataByKey 

func (s *Server) UpdateThreatMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID, key string)

UpdateThreatMetadataByKey updates threat metadata by key

func (*Server) UpdateThreatModel 

func (s *Server) UpdateThreatModel(c *gin.Context, threatModelId openapi_types.UUID)

UpdateThreatModel updates a threat model

func (*Server) UpdateThreatModelAsset 

func (s *Server) UpdateThreatModelAsset(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID)

UpdateThreatModelAsset updates an asset

func (*Server) UpdateThreatModelAssetMetadata 

func (s *Server) UpdateThreatModelAssetMetadata(c *gin.Context, threatModelId openapi_types.UUID, assetId openapi_types.UUID, key string)

UpdateThreatModelAssetMetadata updates asset metadata by key

func (*Server) UpdateThreatModelDiagram 

func (s *Server) UpdateThreatModelDiagram(c *gin.Context, threatModelId openapi_types.UUID, diagramId openapi_types.UUID)

UpdateThreatModelDiagram updates a diagram

func (*Server) UpdateThreatModelDocument 

func (s *Server) UpdateThreatModelDocument(c *gin.Context, threatModelId openapi_types.UUID, documentId openapi_types.UUID)

UpdateThreatModelDocument updates a document

func (*Server) UpdateThreatModelMetadataByKey 

func (s *Server) UpdateThreatModelMetadataByKey(c *gin.Context, threatModelId openapi_types.UUID, key string)

UpdateThreatModelMetadataByKey updates threat model metadata by key

func (*Server) UpdateThreatModelNote 

func (s *Server) UpdateThreatModelNote(c *gin.Context, threatModelId openapi_types.UUID, noteId openapi_types.UUID)

UpdateThreatModelNote updates a note

func (*Server) UpdateThreatModelRepository 

func (s *Server) UpdateThreatModelRepository(c *gin.Context, threatModelId openapi_types.UUID, repositoryId openapi_types.UUID)

UpdateThreatModelRepository updates a repository

func (*Server) UpdateThreatModelThreat 

func (s *Server) UpdateThreatModelThreat(c *gin.Context, threatModelId openapi_types.UUID, threatId openapi_types.UUID)

UpdateThreatModelThreat updates a threat

func (*Server) UpdateUserAPIQuota 

func (s *Server) UpdateUserAPIQuota(c *gin.Context, userId openapi_types.UUID)

UpdateUserAPIQuota creates or updates the API quota for a specific user (admin only)

func (*Server) UpdateWebhookQuota 

func (s *Server) UpdateWebhookQuota(c *gin.Context, userId openapi_types.UUID)

UpdateWebhookQuota creates or updates the webhook quota for a specific user (admin only)

type ServerInfo 

type ServerInfo struct {
	// Whether TLS is enabled
	TLSEnabled bool `json:"tls_enabled"`
	// Subject name for TLS certificate
	TLSSubjectName string `json:"tls_subject_name,omitempty"`
	// WebSocket base URL
	WebSocketBaseURL string `json:"websocket_base_url"`
}

ServerInfo provides information about the server configuration

type ServerInterface 

type ServerInterface interface {
	// Get API information
	// (GET /)
	GetApiInfo(c *gin.Context)
	// JSON Web Key Set
	// (GET /.well-known/jwks.json)
	GetJWKS(c *gin.Context)
	// OAuth 2.0 Authorization Server Metadata
	// (GET /.well-known/oauth-authorization-server)
	GetOAuthAuthorizationServerMetadata(c *gin.Context)
	// OAuth 2.0 Protected Resource Metadata
	// (GET /.well-known/oauth-protected-resource)
	GetOAuthProtectedResourceMetadata(c *gin.Context)
	// OpenID Connect Discovery Configuration
	// (GET /.well-known/openid-configuration)
	GetOpenIDConfiguration(c *gin.Context)
	// List add-ons
	// (GET /addons)
	ListAddons(c *gin.Context, params ListAddonsParams)
	// Create add-on
	// (POST /addons)
	CreateAddon(c *gin.Context)
	// Delete add-on
	// (DELETE /addons/{id})
	DeleteAddon(c *gin.Context, id GenericId)
	// Get add-on
	// (GET /addons/{id})
	GetAddon(c *gin.Context, id GenericId)
	// Invoke add-on
	// (POST /addons/{id}/invoke)
	InvokeAddon(c *gin.Context, id GenericId)
	// List administrators
	// (GET /admin/administrators)
	ListAdministrators(c *gin.Context, params ListAdministratorsParams)
	// Create administrator grant
	// (POST /admin/administrators)
	CreateAdministrator(c *gin.Context)
	// Delete administrator grant
	// (DELETE /admin/administrators/{id})
	DeleteAdministrator(c *gin.Context, id IdPathParam)
	// List groups
	// (GET /admin/groups)
	ListAdminGroups(c *gin.Context, params ListAdminGroupsParams)
	// Create provider-independent group
	// (POST /admin/groups)
	CreateAdminGroup(c *gin.Context)
	// Delete group
	// (DELETE /admin/groups/{internal_uuid})
	DeleteAdminGroup(c *gin.Context, internalUuid InternalUuidPathParam)
	// Get group details
	// (GET /admin/groups/{internal_uuid})
	GetAdminGroup(c *gin.Context, internalUuid InternalUuidPathParam)
	// Update group metadata
	// (PATCH /admin/groups/{internal_uuid})
	UpdateAdminGroup(c *gin.Context, internalUuid InternalUuidPathParam)
	// List group members
	// (GET /admin/groups/{internal_uuid}/members)
	ListGroupMembers(c *gin.Context, internalUuid InternalUuidPathParam, params ListGroupMembersParams)
	// Add member to group
	// (POST /admin/groups/{internal_uuid}/members)
	AddGroupMember(c *gin.Context, internalUuid InternalUuidPathParam)
	// Remove member from group
	// (DELETE /admin/groups/{internal_uuid}/members/{user_uuid})
	RemoveGroupMember(c *gin.Context, internalUuid InternalUuidPathParam, userUuid UserUuidPathParam)
	// List all addon invocation quotas
	// (GET /admin/quotas/addons)
	ListAddonInvocationQuotas(c *gin.Context, params ListAddonInvocationQuotasParams)
	// Delete addon invocation quota
	// (DELETE /admin/quotas/addons/{user_id})
	DeleteAddonInvocationQuota(c *gin.Context, userId UserIdPathParam)
	// Get addon invocation quota
	// (GET /admin/quotas/addons/{user_id})
	GetAddonInvocationQuota(c *gin.Context, userId UserIdPathParam)
	// Update addon invocation quota
	// (PUT /admin/quotas/addons/{user_id})
	UpdateAddonInvocationQuota(c *gin.Context, userId UserIdPathParam)
	// List all user API quotas
	// (GET /admin/quotas/users)
	ListUserAPIQuotas(c *gin.Context, params ListUserAPIQuotasParams)
	// Delete user API quota
	// (DELETE /admin/quotas/users/{user_id})
	DeleteUserAPIQuota(c *gin.Context, userId UserIdPathParam)
	// Get user API quota
	// (GET /admin/quotas/users/{user_id})
	GetUserAPIQuota(c *gin.Context, userId UserIdPathParam)
	// Update user API quota
	// (PUT /admin/quotas/users/{user_id})
	UpdateUserAPIQuota(c *gin.Context, userId UserIdPathParam)
	// List all webhook quotas
	// (GET /admin/quotas/webhooks)
	ListWebhookQuotas(c *gin.Context, params ListWebhookQuotasParams)
	// Delete webhook quota
	// (DELETE /admin/quotas/webhooks/{user_id})
	DeleteWebhookQuota(c *gin.Context, userId UserIdPathParam)
	// Get webhook quota
	// (GET /admin/quotas/webhooks/{user_id})
	GetWebhookQuota(c *gin.Context, userId UserIdPathParam)
	// Update webhook quota
	// (PUT /admin/quotas/webhooks/{user_id})
	UpdateWebhookQuota(c *gin.Context, userId UserIdPathParam)
	// List users
	// (GET /admin/users)
	ListAdminUsers(c *gin.Context, params ListAdminUsersParams)
	// Delete user
	// (DELETE /admin/users/{internal_uuid})
	DeleteAdminUser(c *gin.Context, internalUuid InternalUuidPathParam)
	// Get user details
	// (GET /admin/users/{internal_uuid})
	GetAdminUser(c *gin.Context, internalUuid InternalUuidPathParam)
	// Update user metadata
	// (PATCH /admin/users/{internal_uuid})
	UpdateAdminUser(c *gin.Context, internalUuid InternalUuidPathParam)
	// List active collaboration sessions
	// (GET /collaboration/sessions)
	GetCollaborationSessions(c *gin.Context)
	// List invocations
	// (GET /invocations)
	ListInvocations(c *gin.Context, params ListInvocationsParams)
	// Get invocation
	// (GET /invocations/{id})
	GetInvocation(c *gin.Context, id GenericId)
	// Update invocation status
	// (POST /invocations/{id}/status)
	UpdateInvocationStatus(c *gin.Context, id GenericId, params UpdateInvocationStatusParams)
	// Initiate OAuth authorization flow
	// (GET /oauth2/authorize)
	AuthorizeOAuthProvider(c *gin.Context, params AuthorizeOAuthProviderParams)
	// Handle OAuth callback
	// (GET /oauth2/callback)
	HandleOAuthCallback(c *gin.Context, params HandleOAuthCallbackParams)
	// Token Introspection
	// (POST /oauth2/introspect)
	IntrospectToken(c *gin.Context)
	// List available OAuth providers
	// (GET /oauth2/providers)
	GetAuthProviders(c *gin.Context)
	// Get groups for identity provider
	// (GET /oauth2/providers/{idp}/groups)
	GetProviderGroups(c *gin.Context, idp IdpPathParam)
	// Refresh JWT token
	// (POST /oauth2/refresh)
	RefreshToken(c *gin.Context)
	// Logout user
	// (POST /oauth2/revoke)
	LogoutUser(c *gin.Context)
	// Exchange OAuth credentials for JWT tokens
	// (POST /oauth2/token)
	ExchangeOAuthCode(c *gin.Context, params ExchangeOAuthCodeParams)
	// Get current user information
	// (GET /oauth2/userinfo)
	GetCurrentUser(c *gin.Context)
	// SAML Assertion Consumer Service
	// (POST /saml/acs)
	ProcessSAMLResponse(c *gin.Context)
	// List available SAML providers
	// (GET /saml/providers)
	GetSAMLProviders(c *gin.Context)
	// List SAML users for UI autocomplete
	// (GET /saml/providers/{idp}/users)
	ListSAMLUsers(c *gin.Context, idp IdpPathParam)
	// SAML Single Logout
	// (GET /saml/slo)
	ProcessSAMLLogout(c *gin.Context, params ProcessSAMLLogoutParams)
	// SAML Single Logout (POST)
	// (POST /saml/slo)
	ProcessSAMLLogoutPost(c *gin.Context)
	// Initiate SAML authentication
	// (GET /saml/{provider}/login)
	InitiateSAMLLogin(c *gin.Context, provider ProviderPathParam, params InitiateSAMLLoginParams)
	// Get SAML service provider metadata
	// (GET /saml/{provider}/metadata)
	GetSAMLMetadata(c *gin.Context, provider ProviderPathParam)
	// List threat models
	// (GET /threat_models)
	ListThreatModels(c *gin.Context, params ListThreatModelsParams)
	// Create a threat model
	// (POST /threat_models)
	CreateThreatModel(c *gin.Context)
	// Delete a threat model
	// (DELETE /threat_models/{threat_model_id})
	DeleteThreatModel(c *gin.Context, threatModelId ThreatModelId)
	// Retrieve a threat model
	// (GET /threat_models/{threat_model_id})
	GetThreatModel(c *gin.Context, threatModelId ThreatModelId)
	// Partially update a threat model
	// (PATCH /threat_models/{threat_model_id})
	PatchThreatModel(c *gin.Context, threatModelId ThreatModelId)
	// Update a threat model
	// (PUT /threat_models/{threat_model_id})
	UpdateThreatModel(c *gin.Context, threatModelId ThreatModelId)
	// List assets in a threat model
	// (GET /threat_models/{threat_model_id}/assets)
	GetThreatModelAssets(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelAssetsParams)
	// Create a new asset
	// (POST /threat_models/{threat_model_id}/assets)
	CreateThreatModelAsset(c *gin.Context, threatModelId ThreatModelId)
	// Bulk create assets
	// (POST /threat_models/{threat_model_id}/assets/bulk)
	BulkCreateThreatModelAssets(c *gin.Context, threatModelId ThreatModelId)
	// Bulk upsert assets
	// (PUT /threat_models/{threat_model_id}/assets/bulk)
	BulkUpsertThreatModelAssets(c *gin.Context, threatModelId ThreatModelId)
	// Delete an asset
	// (DELETE /threat_models/{threat_model_id}/assets/{asset_id})
	DeleteThreatModelAsset(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Get a specific asset
	// (GET /threat_models/{threat_model_id}/assets/{asset_id})
	GetThreatModelAsset(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Partially update asset
	// (PATCH /threat_models/{threat_model_id}/assets/{asset_id})
	PatchThreatModelAsset(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Update an asset
	// (PUT /threat_models/{threat_model_id}/assets/{asset_id})
	UpdateThreatModelAsset(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Get all metadata for an asset
	// (GET /threat_models/{threat_model_id}/assets/{asset_id}/metadata)
	GetThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Add metadata to an asset
	// (POST /threat_models/{threat_model_id}/assets/{asset_id}/metadata)
	CreateThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Bulk create asset metadata
	// (POST /threat_models/{threat_model_id}/assets/{asset_id}/metadata/bulk)
	BulkCreateThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Bulk upsert asset metadata
	// (PUT /threat_models/{threat_model_id}/assets/{asset_id}/metadata/bulk)
	BulkUpsertThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId)
	// Delete asset metadata
	// (DELETE /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key})
	DeleteThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId, key MetadataKey)
	// Get specific metadata for an asset
	// (GET /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key})
	GetThreatModelAssetMetadataByKey(c *gin.Context, threatModelId ThreatModelId, assetId AssetId, key MetadataKey)
	// Update asset metadata
	// (PUT /threat_models/{threat_model_id}/assets/{asset_id}/metadata/{key})
	UpdateThreatModelAssetMetadata(c *gin.Context, threatModelId ThreatModelId, assetId AssetId, key MetadataKey)
	// List threat model diagrams
	// (GET /threat_models/{threat_model_id}/diagrams)
	GetThreatModelDiagrams(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelDiagramsParams)
	// Create a new diagram
	// (POST /threat_models/{threat_model_id}/diagrams)
	CreateThreatModelDiagram(c *gin.Context, threatModelId ThreatModelId)
	// Delete a diagram
	// (DELETE /threat_models/{threat_model_id}/diagrams/{diagram_id})
	DeleteThreatModelDiagram(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Get a specific diagram
	// (GET /threat_models/{threat_model_id}/diagrams/{diagram_id})
	GetThreatModelDiagram(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Partially update a diagram
	// (PATCH /threat_models/{threat_model_id}/diagrams/{diagram_id})
	PatchThreatModelDiagram(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Update a diagram
	// (PUT /threat_models/{threat_model_id}/diagrams/{diagram_id})
	UpdateThreatModelDiagram(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// End diagram collaboration session
	// (DELETE /threat_models/{threat_model_id}/diagrams/{diagram_id}/collaborate)
	EndDiagramCollaborationSession(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Get diagram collaboration session
	// (GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/collaborate)
	GetDiagramCollaborationSession(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Create diagram collaboration session
	// (POST /threat_models/{threat_model_id}/diagrams/{diagram_id}/collaborate)
	CreateDiagramCollaborationSession(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Get diagram metadata
	// (GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata)
	GetDiagramMetadata(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Create diagram metadata
	// (POST /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata)
	CreateDiagramMetadata(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Bulk create diagram metadata
	// (POST /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/bulk)
	BulkCreateDiagramMetadata(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Bulk upsert diagram metadata
	// (PUT /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/bulk)
	BulkUpsertDiagramMetadata(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId)
	// Delete diagram metadata by key
	// (DELETE /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key})
	DeleteDiagramMetadataByKey(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId, key MetadataKey)
	// Get diagram metadata by key
	// (GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key})
	GetDiagramMetadataByKey(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId, key MetadataKey)
	// Update diagram metadata by key
	// (PUT /threat_models/{threat_model_id}/diagrams/{diagram_id}/metadata/{key})
	UpdateDiagramMetadataByKey(c *gin.Context, threatModelId ThreatModelId, diagramId DiagramId, key MetadataKey)
	// Get minimal diagram model for automated analysis
	// (GET /threat_models/{threat_model_id}/diagrams/{diagram_id}/model)
	GetDiagramModel(c *gin.Context, threatModelId ThreatModelIdPathParam, diagramId DiagramIdPathParam, params GetDiagramModelParams)
	// List documents in a threat model
	// (GET /threat_models/{threat_model_id}/documents)
	GetThreatModelDocuments(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelDocumentsParams)
	// Create a new document
	// (POST /threat_models/{threat_model_id}/documents)
	CreateThreatModelDocument(c *gin.Context, threatModelId ThreatModelId)
	// Bulk create documents
	// (POST /threat_models/{threat_model_id}/documents/bulk)
	BulkCreateThreatModelDocuments(c *gin.Context, threatModelId ThreatModelId)
	// Bulk upsert documents
	// (PUT /threat_models/{threat_model_id}/documents/bulk)
	BulkUpsertThreatModelDocuments(c *gin.Context, threatModelId ThreatModelId)
	// Delete a document
	// (DELETE /threat_models/{threat_model_id}/documents/{document_id})
	DeleteThreatModelDocument(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Get a specific document
	// (GET /threat_models/{threat_model_id}/documents/{document_id})
	GetThreatModelDocument(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Partially update document
	// (PATCH /threat_models/{threat_model_id}/documents/{document_id})
	PatchThreatModelDocument(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Update a document
	// (PUT /threat_models/{threat_model_id}/documents/{document_id})
	UpdateThreatModelDocument(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Get document metadata
	// (GET /threat_models/{threat_model_id}/documents/{document_id}/metadata)
	GetDocumentMetadata(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Create document metadata
	// (POST /threat_models/{threat_model_id}/documents/{document_id}/metadata)
	CreateDocumentMetadata(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Bulk create document metadata
	// (POST /threat_models/{threat_model_id}/documents/{document_id}/metadata/bulk)
	BulkCreateDocumentMetadata(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Bulk upsert document metadata
	// (PUT /threat_models/{threat_model_id}/documents/{document_id}/metadata/bulk)
	BulkUpsertDocumentMetadata(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId)
	// Delete document metadata by key
	// (DELETE /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key})
	DeleteDocumentMetadataByKey(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId, key MetadataKey)
	// Get document metadata by key
	// (GET /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key})
	GetDocumentMetadataByKey(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId, key MetadataKey)
	// Update document metadata by key
	// (PUT /threat_models/{threat_model_id}/documents/{document_id}/metadata/{key})
	UpdateDocumentMetadataByKey(c *gin.Context, threatModelId ThreatModelId, documentId DocumentId, key MetadataKey)
	// Get threat model metadata
	// (GET /threat_models/{threat_model_id}/metadata)
	GetThreatModelMetadata(c *gin.Context, threatModelId ThreatModelId)
	// Create threat model metadata
	// (POST /threat_models/{threat_model_id}/metadata)
	CreateThreatModelMetadata(c *gin.Context, threatModelId ThreatModelId)
	// Bulk create threat model metadata
	// (POST /threat_models/{threat_model_id}/metadata/bulk)
	BulkCreateThreatModelMetadata(c *gin.Context, threatModelId ThreatModelId)
	// Bulk upsert threat model metadata
	// (PUT /threat_models/{threat_model_id}/metadata/bulk)
	BulkUpsertThreatModelMetadata(c *gin.Context, threatModelId ThreatModelId)
	// Delete threat model metadata by key
	// (DELETE /threat_models/{threat_model_id}/metadata/{key})
	DeleteThreatModelMetadataByKey(c *gin.Context, threatModelId ThreatModelId, key MetadataKey)
	// Get threat model metadata by key
	// (GET /threat_models/{threat_model_id}/metadata/{key})
	GetThreatModelMetadataByKey(c *gin.Context, threatModelId ThreatModelId, key MetadataKey)
	// Update threat model metadata by key
	// (PUT /threat_models/{threat_model_id}/metadata/{key})
	UpdateThreatModelMetadataByKey(c *gin.Context, threatModelId ThreatModelId, key MetadataKey)
	// List notes in a threat model
	// (GET /threat_models/{threat_model_id}/notes)
	GetThreatModelNotes(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelNotesParams)
	// Create a new note
	// (POST /threat_models/{threat_model_id}/notes)
	CreateThreatModelNote(c *gin.Context, threatModelId ThreatModelId)
	// Delete a note
	// (DELETE /threat_models/{threat_model_id}/notes/{note_id})
	DeleteThreatModelNote(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Get a specific note
	// (GET /threat_models/{threat_model_id}/notes/{note_id})
	GetThreatModelNote(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Partially update note
	// (PATCH /threat_models/{threat_model_id}/notes/{note_id})
	PatchThreatModelNote(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Update a note
	// (PUT /threat_models/{threat_model_id}/notes/{note_id})
	UpdateThreatModelNote(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Get note metadata
	// (GET /threat_models/{threat_model_id}/notes/{note_id}/metadata)
	GetNoteMetadata(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Create note metadata
	// (POST /threat_models/{threat_model_id}/notes/{note_id}/metadata)
	CreateNoteMetadata(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Bulk create note metadata
	// (POST /threat_models/{threat_model_id}/notes/{note_id}/metadata/bulk)
	BulkCreateNoteMetadata(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Bulk update note metadata
	// (PUT /threat_models/{threat_model_id}/notes/{note_id}/metadata/bulk)
	BulkUpdateNoteMetadata(c *gin.Context, threatModelId ThreatModelId, noteId NoteId)
	// Delete note metadata by key
	// (DELETE /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key})
	DeleteNoteMetadataByKey(c *gin.Context, threatModelId ThreatModelId, noteId NoteId, key MetadataKey)
	// Get note metadata by key
	// (GET /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key})
	GetNoteMetadataByKey(c *gin.Context, threatModelId ThreatModelId, noteId NoteId, key MetadataKey)
	// Update note metadata by key
	// (PUT /threat_models/{threat_model_id}/notes/{note_id}/metadata/{key})
	UpdateNoteMetadataByKey(c *gin.Context, threatModelId ThreatModelId, noteId NoteId, key MetadataKey)
	// List sources in a threat model
	// (GET /threat_models/{threat_model_id}/repositories)
	GetThreatModelRepositories(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelRepositoriesParams)
	// Create a new source reference
	// (POST /threat_models/{threat_model_id}/repositories)
	CreateThreatModelRepository(c *gin.Context, threatModelId ThreatModelId)
	// Bulk create sources
	// (POST /threat_models/{threat_model_id}/repositories/bulk)
	BulkCreateThreatModelRepositories(c *gin.Context, threatModelId ThreatModelId)
	// Bulk upsert repositories
	// (PUT /threat_models/{threat_model_id}/repositories/bulk)
	BulkUpsertThreatModelRepositories(c *gin.Context, threatModelId ThreatModelId)
	// Delete a source reference
	// (DELETE /threat_models/{threat_model_id}/repositories/{repository_id})
	DeleteThreatModelRepository(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Get a specific source reference
	// (GET /threat_models/{threat_model_id}/repositories/{repository_id})
	GetThreatModelRepository(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Partially update repository
	// (PATCH /threat_models/{threat_model_id}/repositories/{repository_id})
	PatchThreatModelRepository(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Update a source reference
	// (PUT /threat_models/{threat_model_id}/repositories/{repository_id})
	UpdateThreatModelRepository(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Get source metadata
	// (GET /threat_models/{threat_model_id}/repositories/{repository_id}/metadata)
	GetRepositoryMetadata(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Create source metadata
	// (POST /threat_models/{threat_model_id}/repositories/{repository_id}/metadata)
	CreateRepositoryMetadata(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Bulk create source metadata
	// (POST /threat_models/{threat_model_id}/repositories/{repository_id}/metadata/bulk)
	BulkCreateRepositoryMetadata(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Bulk upsert repository metadata
	// (PUT /threat_models/{threat_model_id}/repositories/{repository_id}/metadata/bulk)
	BulkUpsertRepositoryMetadata(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId)
	// Delete source metadata by key
	// (DELETE /threat_models/{threat_model_id}/repositories/{repository_id}/metadata/{key})
	DeleteRepositoryMetadataByKey(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId, key MetadataKey)
	// Get source metadata by key
	// (GET /threat_models/{threat_model_id}/repositories/{repository_id}/metadata/{key})
	GetRepositoryMetadataByKey(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId, key MetadataKey)
	// Update source metadata by key
	// (PUT /threat_models/{threat_model_id}/repositories/{repository_id}/metadata/{key})
	UpdateRepositoryMetadataByKey(c *gin.Context, threatModelId ThreatModelId, repositoryId RepositoryId, key MetadataKey)
	// List threats in a threat model
	// (GET /threat_models/{threat_model_id}/threats)
	GetThreatModelThreats(c *gin.Context, threatModelId ThreatModelId, params GetThreatModelThreatsParams)
	// Create a new threat
	// (POST /threat_models/{threat_model_id}/threats)
	CreateThreatModelThreat(c *gin.Context, threatModelId ThreatModelId)
	// Bulk DELETE threats
	// (DELETE /threat_models/{threat_model_id}/threats/bulk)
	BulkDeleteThreatModelThreats(c *gin.Context, threatModelId ThreatModelId, params BulkDeleteThreatModelThreatsParams)
	// Bulk PATCH threats
	// (PATCH /threat_models/{threat_model_id}/threats/bulk)
	BulkPatchThreatModelThreats(c *gin.Context, threatModelId ThreatModelId)
	// Bulk create threats
	// (POST /threat_models/{threat_model_id}/threats/bulk)
	BulkCreateThreatModelThreats(c *gin.Context, threatModelId ThreatModelId)
	// Bulk update threats
	// (PUT /threat_models/{threat_model_id}/threats/bulk)
	BulkUpdateThreatModelThreats(c *gin.Context, threatModelId ThreatModelId)
	// Delete a threat
	// (DELETE /threat_models/{threat_model_id}/threats/{threat_id})
	DeleteThreatModelThreat(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Get a specific threat
	// (GET /threat_models/{threat_model_id}/threats/{threat_id})
	GetThreatModelThreat(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Partially update a threat
	// (PATCH /threat_models/{threat_model_id}/threats/{threat_id})
	PatchThreatModelThreat(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Update a threat
	// (PUT /threat_models/{threat_model_id}/threats/{threat_id})
	UpdateThreatModelThreat(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Get threat metadata
	// (GET /threat_models/{threat_model_id}/threats/{threat_id}/metadata)
	GetThreatMetadata(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Create threat metadata
	// (POST /threat_models/{threat_model_id}/threats/{threat_id}/metadata)
	CreateThreatMetadata(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Bulk create threat metadata
	// (POST /threat_models/{threat_model_id}/threats/{threat_id}/metadata/bulk)
	BulkCreateThreatMetadata(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Bulk upsert threat metadata
	// (PUT /threat_models/{threat_model_id}/threats/{threat_id}/metadata/bulk)
	BulkUpsertThreatMetadata(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId)
	// Delete threat metadata by key
	// (DELETE /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key})
	DeleteThreatMetadataByKey(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId, key MetadataKey)
	// Get threat metadata by key
	// (GET /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key})
	GetThreatMetadataByKey(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId, key MetadataKey)
	// Update threat metadata by key
	// (PUT /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key})
	UpdateThreatMetadataByKey(c *gin.Context, threatModelId ThreatModelId, threatId ThreatId, key MetadataKey)
	// Delete authenticated user account and all data
	// (DELETE /users/me)
	DeleteUserAccount(c *gin.Context, params DeleteUserAccountParams)
	// Get current user profile
	// (GET /users/me)
	GetCurrentUserProfile(c *gin.Context)
	// List client credentials
	// (GET /users/me/client_credentials)
	ListCurrentUserClientCredentials(c *gin.Context)
	// Create client credential
	// (POST /users/me/client_credentials)
	CreateCurrentUserClientCredential(c *gin.Context)
	// Delete client credential
	// (DELETE /users/me/client_credentials/{id})
	DeleteCurrentUserClientCredential(c *gin.Context, id IdPathParam)
	// List webhook deliveries
	// (GET /webhooks/deliveries)
	ListWebhookDeliveries(c *gin.Context, params ListWebhookDeliveriesParams)
	// Get webhook delivery
	// (GET /webhooks/deliveries/{delivery_id})
	GetWebhookDelivery(c *gin.Context, deliveryId DeliveryId)
	// List webhook subscriptions
	// (GET /webhooks/subscriptions)
	ListWebhookSubscriptions(c *gin.Context, params ListWebhookSubscriptionsParams)
	// Create webhook subscription
	// (POST /webhooks/subscriptions)
	CreateWebhookSubscription(c *gin.Context)
	// Delete webhook subscription
	// (DELETE /webhooks/subscriptions/{webhook_id})
	DeleteWebhookSubscription(c *gin.Context, webhookId WebhookId)
	// Get webhook subscription
	// (GET /webhooks/subscriptions/{webhook_id})
	GetWebhookSubscription(c *gin.Context, webhookId WebhookId)
	// Test webhook subscription
	// (POST /webhooks/subscriptions/{webhook_id}/test)
	TestWebhookSubscription(c *gin.Context, webhookId WebhookId)
}

ServerInterface represents all server handlers.

type ServerInterfaceWrapper 

type ServerInterfaceWrapper struct {
	Handler            ServerInterface
	HandlerMiddlewares []MiddlewareFunc
	ErrorHandler       func(*gin.Context, error, int)
}

ServerInterfaceWrapper converts contexts to parameters.

func (*ServerInterfaceWrapper) AddGroupMember 

func (siw *ServerInterfaceWrapper) AddGroupMember(c *gin.Context)

AddGroupMember operation middleware

func (*ServerInterfaceWrapper) AuthorizeOAuthProvider 

func (siw *ServerInterfaceWrapper) AuthorizeOAuthProvider(c *gin.Context)

AuthorizeOAuthProvider operation middleware

func (*ServerInterfaceWrapper) BulkCreateDiagramMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateDiagramMetadata(c *gin.Context)

BulkCreateDiagramMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateDocumentMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateDocumentMetadata(c *gin.Context)

BulkCreateDocumentMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateNoteMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateNoteMetadata(c *gin.Context)

BulkCreateNoteMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateRepositoryMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateRepositoryMetadata(c *gin.Context)

BulkCreateRepositoryMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateThreatMetadata(c *gin.Context)

BulkCreateThreatMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelAssetMetadata(c *gin.Context)

BulkCreateThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelAssets 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelAssets(c *gin.Context)

BulkCreateThreatModelAssets operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelDocuments 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelDocuments(c *gin.Context)

BulkCreateThreatModelDocuments operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelMetadata 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelMetadata(c *gin.Context)

BulkCreateThreatModelMetadata operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelRepositories 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelRepositories(c *gin.Context)

BulkCreateThreatModelRepositories operation middleware

func (*ServerInterfaceWrapper) BulkCreateThreatModelThreats 

func (siw *ServerInterfaceWrapper) BulkCreateThreatModelThreats(c *gin.Context)

BulkCreateThreatModelThreats operation middleware

func (*ServerInterfaceWrapper) BulkDeleteThreatModelThreats 

func (siw *ServerInterfaceWrapper) BulkDeleteThreatModelThreats(c *gin.Context)

BulkDeleteThreatModelThreats operation middleware

func (*ServerInterfaceWrapper) BulkPatchThreatModelThreats 

func (siw *ServerInterfaceWrapper) BulkPatchThreatModelThreats(c *gin.Context)

BulkPatchThreatModelThreats operation middleware

func (*ServerInterfaceWrapper) BulkUpdateNoteMetadata 

func (siw *ServerInterfaceWrapper) BulkUpdateNoteMetadata(c *gin.Context)

BulkUpdateNoteMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpdateThreatModelThreats 

func (siw *ServerInterfaceWrapper) BulkUpdateThreatModelThreats(c *gin.Context)

BulkUpdateThreatModelThreats operation middleware

func (*ServerInterfaceWrapper) BulkUpsertDiagramMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertDiagramMetadata(c *gin.Context)

BulkUpsertDiagramMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertDocumentMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertDocumentMetadata(c *gin.Context)

BulkUpsertDocumentMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertRepositoryMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertRepositoryMetadata(c *gin.Context)

BulkUpsertRepositoryMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatMetadata(c *gin.Context)

BulkUpsertThreatMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatModelAssetMetadata(c *gin.Context)

BulkUpsertThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatModelAssets 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatModelAssets(c *gin.Context)

BulkUpsertThreatModelAssets operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatModelDocuments 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatModelDocuments(c *gin.Context)

BulkUpsertThreatModelDocuments operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatModelMetadata 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatModelMetadata(c *gin.Context)

BulkUpsertThreatModelMetadata operation middleware

func (*ServerInterfaceWrapper) BulkUpsertThreatModelRepositories 

func (siw *ServerInterfaceWrapper) BulkUpsertThreatModelRepositories(c *gin.Context)

BulkUpsertThreatModelRepositories operation middleware

func (*ServerInterfaceWrapper) CreateAddon 

func (siw *ServerInterfaceWrapper) CreateAddon(c *gin.Context)

CreateAddon operation middleware

func (*ServerInterfaceWrapper) CreateAdminGroup 

func (siw *ServerInterfaceWrapper) CreateAdminGroup(c *gin.Context)

CreateAdminGroup operation middleware

func (*ServerInterfaceWrapper) CreateAdministrator 

func (siw *ServerInterfaceWrapper) CreateAdministrator(c *gin.Context)

CreateAdministrator operation middleware

func (*ServerInterfaceWrapper) CreateCurrentUserClientCredential 

func (siw *ServerInterfaceWrapper) CreateCurrentUserClientCredential(c *gin.Context)

CreateCurrentUserClientCredential operation middleware

func (*ServerInterfaceWrapper) CreateDiagramCollaborationSession 

func (siw *ServerInterfaceWrapper) CreateDiagramCollaborationSession(c *gin.Context)

CreateDiagramCollaborationSession operation middleware

func (*ServerInterfaceWrapper) CreateDiagramMetadata 

func (siw *ServerInterfaceWrapper) CreateDiagramMetadata(c *gin.Context)

CreateDiagramMetadata operation middleware

func (*ServerInterfaceWrapper) CreateDocumentMetadata 

func (siw *ServerInterfaceWrapper) CreateDocumentMetadata(c *gin.Context)

CreateDocumentMetadata operation middleware

func (*ServerInterfaceWrapper) CreateNoteMetadata 

func (siw *ServerInterfaceWrapper) CreateNoteMetadata(c *gin.Context)

CreateNoteMetadata operation middleware

func (*ServerInterfaceWrapper) CreateRepositoryMetadata 

func (siw *ServerInterfaceWrapper) CreateRepositoryMetadata(c *gin.Context)

CreateRepositoryMetadata operation middleware

func (*ServerInterfaceWrapper) CreateThreatMetadata 

func (siw *ServerInterfaceWrapper) CreateThreatMetadata(c *gin.Context)

CreateThreatMetadata operation middleware

func (*ServerInterfaceWrapper) CreateThreatModel 

func (siw *ServerInterfaceWrapper) CreateThreatModel(c *gin.Context)

CreateThreatModel operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelAsset 

func (siw *ServerInterfaceWrapper) CreateThreatModelAsset(c *gin.Context)

CreateThreatModelAsset operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) CreateThreatModelAssetMetadata(c *gin.Context)

CreateThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelDiagram 

func (siw *ServerInterfaceWrapper) CreateThreatModelDiagram(c *gin.Context)

CreateThreatModelDiagram operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelDocument 

func (siw *ServerInterfaceWrapper) CreateThreatModelDocument(c *gin.Context)

CreateThreatModelDocument operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelMetadata 

func (siw *ServerInterfaceWrapper) CreateThreatModelMetadata(c *gin.Context)

CreateThreatModelMetadata operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelNote 

func (siw *ServerInterfaceWrapper) CreateThreatModelNote(c *gin.Context)

CreateThreatModelNote operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelRepository 

func (siw *ServerInterfaceWrapper) CreateThreatModelRepository(c *gin.Context)

CreateThreatModelRepository operation middleware

func (*ServerInterfaceWrapper) CreateThreatModelThreat 

func (siw *ServerInterfaceWrapper) CreateThreatModelThreat(c *gin.Context)

CreateThreatModelThreat operation middleware

func (*ServerInterfaceWrapper) CreateWebhookSubscription 

func (siw *ServerInterfaceWrapper) CreateWebhookSubscription(c *gin.Context)

CreateWebhookSubscription operation middleware

func (*ServerInterfaceWrapper) DeleteAddon 

func (siw *ServerInterfaceWrapper) DeleteAddon(c *gin.Context)

DeleteAddon operation middleware

func (*ServerInterfaceWrapper) DeleteAddonInvocationQuota 

func (siw *ServerInterfaceWrapper) DeleteAddonInvocationQuota(c *gin.Context)

DeleteAddonInvocationQuota operation middleware

func (*ServerInterfaceWrapper) DeleteAdminGroup 

func (siw *ServerInterfaceWrapper) DeleteAdminGroup(c *gin.Context)

DeleteAdminGroup operation middleware

func (*ServerInterfaceWrapper) DeleteAdminUser 

func (siw *ServerInterfaceWrapper) DeleteAdminUser(c *gin.Context)

DeleteAdminUser operation middleware

func (*ServerInterfaceWrapper) DeleteAdministrator 

func (siw *ServerInterfaceWrapper) DeleteAdministrator(c *gin.Context)

DeleteAdministrator operation middleware

func (*ServerInterfaceWrapper) DeleteCurrentUserClientCredential 

func (siw *ServerInterfaceWrapper) DeleteCurrentUserClientCredential(c *gin.Context)

DeleteCurrentUserClientCredential operation middleware

func (*ServerInterfaceWrapper) DeleteDiagramMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteDiagramMetadataByKey(c *gin.Context)

DeleteDiagramMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteDocumentMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteDocumentMetadataByKey(c *gin.Context)

DeleteDocumentMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteNoteMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteNoteMetadataByKey(c *gin.Context)

DeleteNoteMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteRepositoryMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteRepositoryMetadataByKey(c *gin.Context)

DeleteRepositoryMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteThreatMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteThreatMetadataByKey(c *gin.Context)

DeleteThreatMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModel 

func (siw *ServerInterfaceWrapper) DeleteThreatModel(c *gin.Context)

DeleteThreatModel operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelAsset 

func (siw *ServerInterfaceWrapper) DeleteThreatModelAsset(c *gin.Context)

DeleteThreatModelAsset operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) DeleteThreatModelAssetMetadata(c *gin.Context)

DeleteThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelDiagram 

func (siw *ServerInterfaceWrapper) DeleteThreatModelDiagram(c *gin.Context)

DeleteThreatModelDiagram operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelDocument 

func (siw *ServerInterfaceWrapper) DeleteThreatModelDocument(c *gin.Context)

DeleteThreatModelDocument operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelMetadataByKey 

func (siw *ServerInterfaceWrapper) DeleteThreatModelMetadataByKey(c *gin.Context)

DeleteThreatModelMetadataByKey operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelNote 

func (siw *ServerInterfaceWrapper) DeleteThreatModelNote(c *gin.Context)

DeleteThreatModelNote operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelRepository 

func (siw *ServerInterfaceWrapper) DeleteThreatModelRepository(c *gin.Context)

DeleteThreatModelRepository operation middleware

func (*ServerInterfaceWrapper) DeleteThreatModelThreat 

func (siw *ServerInterfaceWrapper) DeleteThreatModelThreat(c *gin.Context)

DeleteThreatModelThreat operation middleware

func (*ServerInterfaceWrapper) DeleteUserAPIQuota 

func (siw *ServerInterfaceWrapper) DeleteUserAPIQuota(c *gin.Context)

DeleteUserAPIQuota operation middleware

func (*ServerInterfaceWrapper) DeleteUserAccount 

func (siw *ServerInterfaceWrapper) DeleteUserAccount(c *gin.Context)

DeleteUserAccount operation middleware

func (*ServerInterfaceWrapper) DeleteWebhookQuota 

func (siw *ServerInterfaceWrapper) DeleteWebhookQuota(c *gin.Context)

DeleteWebhookQuota operation middleware

func (*ServerInterfaceWrapper) DeleteWebhookSubscription 

func (siw *ServerInterfaceWrapper) DeleteWebhookSubscription(c *gin.Context)

DeleteWebhookSubscription operation middleware

func (*ServerInterfaceWrapper) EndDiagramCollaborationSession 

func (siw *ServerInterfaceWrapper) EndDiagramCollaborationSession(c *gin.Context)

EndDiagramCollaborationSession operation middleware

func (*ServerInterfaceWrapper) ExchangeOAuthCode 

func (siw *ServerInterfaceWrapper) ExchangeOAuthCode(c *gin.Context)

ExchangeOAuthCode operation middleware

func (*ServerInterfaceWrapper) GetAddon 

func (siw *ServerInterfaceWrapper) GetAddon(c *gin.Context)

GetAddon operation middleware

func (*ServerInterfaceWrapper) GetAddonInvocationQuota 

func (siw *ServerInterfaceWrapper) GetAddonInvocationQuota(c *gin.Context)

GetAddonInvocationQuota operation middleware

func (*ServerInterfaceWrapper) GetAdminGroup 

func (siw *ServerInterfaceWrapper) GetAdminGroup(c *gin.Context)

GetAdminGroup operation middleware

func (*ServerInterfaceWrapper) GetAdminUser 

func (siw *ServerInterfaceWrapper) GetAdminUser(c *gin.Context)

GetAdminUser operation middleware

func (*ServerInterfaceWrapper) GetApiInfo 

func (siw *ServerInterfaceWrapper) GetApiInfo(c *gin.Context)

GetApiInfo operation middleware

func (*ServerInterfaceWrapper) GetAuthProviders 

func (siw *ServerInterfaceWrapper) GetAuthProviders(c *gin.Context)

GetAuthProviders operation middleware

func (*ServerInterfaceWrapper) GetCollaborationSessions 

func (siw *ServerInterfaceWrapper) GetCollaborationSessions(c *gin.Context)

GetCollaborationSessions operation middleware

func (*ServerInterfaceWrapper) GetCurrentUser 

func (siw *ServerInterfaceWrapper) GetCurrentUser(c *gin.Context)

GetCurrentUser operation middleware

func (*ServerInterfaceWrapper) GetCurrentUserProfile 

func (siw *ServerInterfaceWrapper) GetCurrentUserProfile(c *gin.Context)

GetCurrentUserProfile operation middleware

func (*ServerInterfaceWrapper) GetDiagramCollaborationSession 

func (siw *ServerInterfaceWrapper) GetDiagramCollaborationSession(c *gin.Context)

GetDiagramCollaborationSession operation middleware

func (*ServerInterfaceWrapper) GetDiagramMetadata 

func (siw *ServerInterfaceWrapper) GetDiagramMetadata(c *gin.Context)

GetDiagramMetadata operation middleware

func (*ServerInterfaceWrapper) GetDiagramMetadataByKey 

func (siw *ServerInterfaceWrapper) GetDiagramMetadataByKey(c *gin.Context)

GetDiagramMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetDiagramModel 

func (siw *ServerInterfaceWrapper) GetDiagramModel(c *gin.Context)

GetDiagramModel operation middleware

func (*ServerInterfaceWrapper) GetDocumentMetadata 

func (siw *ServerInterfaceWrapper) GetDocumentMetadata(c *gin.Context)

GetDocumentMetadata operation middleware

func (*ServerInterfaceWrapper) GetDocumentMetadataByKey 

func (siw *ServerInterfaceWrapper) GetDocumentMetadataByKey(c *gin.Context)

GetDocumentMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetInvocation 

func (siw *ServerInterfaceWrapper) GetInvocation(c *gin.Context)

GetInvocation operation middleware

func (*ServerInterfaceWrapper) GetJWKS 

func (siw *ServerInterfaceWrapper) GetJWKS(c *gin.Context)

GetJWKS operation middleware

func (*ServerInterfaceWrapper) GetNoteMetadata 

func (siw *ServerInterfaceWrapper) GetNoteMetadata(c *gin.Context)

GetNoteMetadata operation middleware

func (*ServerInterfaceWrapper) GetNoteMetadataByKey 

func (siw *ServerInterfaceWrapper) GetNoteMetadataByKey(c *gin.Context)

GetNoteMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetOAuthAuthorizationServerMetadata 

func (siw *ServerInterfaceWrapper) GetOAuthAuthorizationServerMetadata(c *gin.Context)

GetOAuthAuthorizationServerMetadata operation middleware

func (*ServerInterfaceWrapper) GetOAuthProtectedResourceMetadata 

func (siw *ServerInterfaceWrapper) GetOAuthProtectedResourceMetadata(c *gin.Context)

GetOAuthProtectedResourceMetadata operation middleware

func (*ServerInterfaceWrapper) GetOpenIDConfiguration 

func (siw *ServerInterfaceWrapper) GetOpenIDConfiguration(c *gin.Context)

GetOpenIDConfiguration operation middleware

func (*ServerInterfaceWrapper) GetProviderGroups 

func (siw *ServerInterfaceWrapper) GetProviderGroups(c *gin.Context)

GetProviderGroups operation middleware

func (*ServerInterfaceWrapper) GetRepositoryMetadata 

func (siw *ServerInterfaceWrapper) GetRepositoryMetadata(c *gin.Context)

GetRepositoryMetadata operation middleware

func (*ServerInterfaceWrapper) GetRepositoryMetadataByKey 

func (siw *ServerInterfaceWrapper) GetRepositoryMetadataByKey(c *gin.Context)

GetRepositoryMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetSAMLMetadata 

func (siw *ServerInterfaceWrapper) GetSAMLMetadata(c *gin.Context)

GetSAMLMetadata operation middleware

func (*ServerInterfaceWrapper) GetSAMLProviders 

func (siw *ServerInterfaceWrapper) GetSAMLProviders(c *gin.Context)

GetSAMLProviders operation middleware

func (*ServerInterfaceWrapper) GetThreatMetadata 

func (siw *ServerInterfaceWrapper) GetThreatMetadata(c *gin.Context)

GetThreatMetadata operation middleware

func (*ServerInterfaceWrapper) GetThreatMetadataByKey 

func (siw *ServerInterfaceWrapper) GetThreatMetadataByKey(c *gin.Context)

GetThreatMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetThreatModel 

func (siw *ServerInterfaceWrapper) GetThreatModel(c *gin.Context)

GetThreatModel operation middleware

func (*ServerInterfaceWrapper) GetThreatModelAsset 

func (siw *ServerInterfaceWrapper) GetThreatModelAsset(c *gin.Context)

GetThreatModelAsset operation middleware

func (*ServerInterfaceWrapper) GetThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) GetThreatModelAssetMetadata(c *gin.Context)

GetThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) GetThreatModelAssetMetadataByKey 

func (siw *ServerInterfaceWrapper) GetThreatModelAssetMetadataByKey(c *gin.Context)

GetThreatModelAssetMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetThreatModelAssets 

func (siw *ServerInterfaceWrapper) GetThreatModelAssets(c *gin.Context)

GetThreatModelAssets operation middleware

func (*ServerInterfaceWrapper) GetThreatModelDiagram 

func (siw *ServerInterfaceWrapper) GetThreatModelDiagram(c *gin.Context)

GetThreatModelDiagram operation middleware

func (*ServerInterfaceWrapper) GetThreatModelDiagrams 

func (siw *ServerInterfaceWrapper) GetThreatModelDiagrams(c *gin.Context)

GetThreatModelDiagrams operation middleware

func (*ServerInterfaceWrapper) GetThreatModelDocument 

func (siw *ServerInterfaceWrapper) GetThreatModelDocument(c *gin.Context)

GetThreatModelDocument operation middleware

func (*ServerInterfaceWrapper) GetThreatModelDocuments 

func (siw *ServerInterfaceWrapper) GetThreatModelDocuments(c *gin.Context)

GetThreatModelDocuments operation middleware

func (*ServerInterfaceWrapper) GetThreatModelMetadata 

func (siw *ServerInterfaceWrapper) GetThreatModelMetadata(c *gin.Context)

GetThreatModelMetadata operation middleware

func (*ServerInterfaceWrapper) GetThreatModelMetadataByKey 

func (siw *ServerInterfaceWrapper) GetThreatModelMetadataByKey(c *gin.Context)

GetThreatModelMetadataByKey operation middleware

func (*ServerInterfaceWrapper) GetThreatModelNote 

func (siw *ServerInterfaceWrapper) GetThreatModelNote(c *gin.Context)

GetThreatModelNote operation middleware

func (*ServerInterfaceWrapper) GetThreatModelNotes 

func (siw *ServerInterfaceWrapper) GetThreatModelNotes(c *gin.Context)

GetThreatModelNotes operation middleware

func (*ServerInterfaceWrapper) GetThreatModelRepositories 

func (siw *ServerInterfaceWrapper) GetThreatModelRepositories(c *gin.Context)

GetThreatModelRepositories operation middleware

func (*ServerInterfaceWrapper) GetThreatModelRepository 

func (siw *ServerInterfaceWrapper) GetThreatModelRepository(c *gin.Context)

GetThreatModelRepository operation middleware

func (*ServerInterfaceWrapper) GetThreatModelThreat 

func (siw *ServerInterfaceWrapper) GetThreatModelThreat(c *gin.Context)

GetThreatModelThreat operation middleware

func (*ServerInterfaceWrapper) GetThreatModelThreats 

func (siw *ServerInterfaceWrapper) GetThreatModelThreats(c *gin.Context)

GetThreatModelThreats operation middleware

func (*ServerInterfaceWrapper) GetUserAPIQuota 

func (siw *ServerInterfaceWrapper) GetUserAPIQuota(c *gin.Context)

GetUserAPIQuota operation middleware

func (*ServerInterfaceWrapper) GetWebhookDelivery 

func (siw *ServerInterfaceWrapper) GetWebhookDelivery(c *gin.Context)

GetWebhookDelivery operation middleware

func (*ServerInterfaceWrapper) GetWebhookQuota 

func (siw *ServerInterfaceWrapper) GetWebhookQuota(c *gin.Context)

GetWebhookQuota operation middleware

func (*ServerInterfaceWrapper) GetWebhookSubscription 

func (siw *ServerInterfaceWrapper) GetWebhookSubscription(c *gin.Context)

GetWebhookSubscription operation middleware

func (*ServerInterfaceWrapper) HandleOAuthCallback 

func (siw *ServerInterfaceWrapper) HandleOAuthCallback(c *gin.Context)

HandleOAuthCallback operation middleware

func (*ServerInterfaceWrapper) InitiateSAMLLogin 

func (siw *ServerInterfaceWrapper) InitiateSAMLLogin(c *gin.Context)

InitiateSAMLLogin operation middleware

func (*ServerInterfaceWrapper) IntrospectToken 

func (siw *ServerInterfaceWrapper) IntrospectToken(c *gin.Context)

IntrospectToken operation middleware

func (*ServerInterfaceWrapper) InvokeAddon 

func (siw *ServerInterfaceWrapper) InvokeAddon(c *gin.Context)

InvokeAddon operation middleware

func (*ServerInterfaceWrapper) ListAddonInvocationQuotas 

func (siw *ServerInterfaceWrapper) ListAddonInvocationQuotas(c *gin.Context)

ListAddonInvocationQuotas operation middleware

func (*ServerInterfaceWrapper) ListAddons 

func (siw *ServerInterfaceWrapper) ListAddons(c *gin.Context)

ListAddons operation middleware

func (*ServerInterfaceWrapper) ListAdminGroups 

func (siw *ServerInterfaceWrapper) ListAdminGroups(c *gin.Context)

ListAdminGroups operation middleware

func (*ServerInterfaceWrapper) ListAdminUsers 

func (siw *ServerInterfaceWrapper) ListAdminUsers(c *gin.Context)

ListAdminUsers operation middleware

func (*ServerInterfaceWrapper) ListAdministrators 

func (siw *ServerInterfaceWrapper) ListAdministrators(c *gin.Context)

ListAdministrators operation middleware

func (*ServerInterfaceWrapper) ListCurrentUserClientCredentials 

func (siw *ServerInterfaceWrapper) ListCurrentUserClientCredentials(c *gin.Context)

ListCurrentUserClientCredentials operation middleware

func (*ServerInterfaceWrapper) ListGroupMembers 

func (siw *ServerInterfaceWrapper) ListGroupMembers(c *gin.Context)

ListGroupMembers operation middleware

func (*ServerInterfaceWrapper) ListInvocations 

func (siw *ServerInterfaceWrapper) ListInvocations(c *gin.Context)

ListInvocations operation middleware

func (*ServerInterfaceWrapper) ListSAMLUsers 

func (siw *ServerInterfaceWrapper) ListSAMLUsers(c *gin.Context)

ListSAMLUsers operation middleware

func (*ServerInterfaceWrapper) ListThreatModels 

func (siw *ServerInterfaceWrapper) ListThreatModels(c *gin.Context)

ListThreatModels operation middleware

func (*ServerInterfaceWrapper) ListUserAPIQuotas 

func (siw *ServerInterfaceWrapper) ListUserAPIQuotas(c *gin.Context)

ListUserAPIQuotas operation middleware

func (*ServerInterfaceWrapper) ListWebhookDeliveries 

func (siw *ServerInterfaceWrapper) ListWebhookDeliveries(c *gin.Context)

ListWebhookDeliveries operation middleware

func (*ServerInterfaceWrapper) ListWebhookQuotas 

func (siw *ServerInterfaceWrapper) ListWebhookQuotas(c *gin.Context)

ListWebhookQuotas operation middleware

func (*ServerInterfaceWrapper) ListWebhookSubscriptions 

func (siw *ServerInterfaceWrapper) ListWebhookSubscriptions(c *gin.Context)

ListWebhookSubscriptions operation middleware

func (*ServerInterfaceWrapper) LogoutUser 

func (siw *ServerInterfaceWrapper) LogoutUser(c *gin.Context)

LogoutUser operation middleware

func (*ServerInterfaceWrapper) PatchThreatModel 

func (siw *ServerInterfaceWrapper) PatchThreatModel(c *gin.Context)

PatchThreatModel operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelAsset 

func (siw *ServerInterfaceWrapper) PatchThreatModelAsset(c *gin.Context)

PatchThreatModelAsset operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelDiagram 

func (siw *ServerInterfaceWrapper) PatchThreatModelDiagram(c *gin.Context)

PatchThreatModelDiagram operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelDocument 

func (siw *ServerInterfaceWrapper) PatchThreatModelDocument(c *gin.Context)

PatchThreatModelDocument operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelNote 

func (siw *ServerInterfaceWrapper) PatchThreatModelNote(c *gin.Context)

PatchThreatModelNote operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelRepository 

func (siw *ServerInterfaceWrapper) PatchThreatModelRepository(c *gin.Context)

PatchThreatModelRepository operation middleware

func (*ServerInterfaceWrapper) PatchThreatModelThreat 

func (siw *ServerInterfaceWrapper) PatchThreatModelThreat(c *gin.Context)

PatchThreatModelThreat operation middleware

func (*ServerInterfaceWrapper) ProcessSAMLLogout 

func (siw *ServerInterfaceWrapper) ProcessSAMLLogout(c *gin.Context)

ProcessSAMLLogout operation middleware

func (*ServerInterfaceWrapper) ProcessSAMLLogoutPost 

func (siw *ServerInterfaceWrapper) ProcessSAMLLogoutPost(c *gin.Context)

ProcessSAMLLogoutPost operation middleware

func (*ServerInterfaceWrapper) ProcessSAMLResponse 

func (siw *ServerInterfaceWrapper) ProcessSAMLResponse(c *gin.Context)

ProcessSAMLResponse operation middleware

func (*ServerInterfaceWrapper) RefreshToken 

func (siw *ServerInterfaceWrapper) RefreshToken(c *gin.Context)

RefreshToken operation middleware

func (*ServerInterfaceWrapper) RemoveGroupMember 

func (siw *ServerInterfaceWrapper) RemoveGroupMember(c *gin.Context)

RemoveGroupMember operation middleware

func (*ServerInterfaceWrapper) TestWebhookSubscription 

func (siw *ServerInterfaceWrapper) TestWebhookSubscription(c *gin.Context)

TestWebhookSubscription operation middleware

func (*ServerInterfaceWrapper) UpdateAddonInvocationQuota 

func (siw *ServerInterfaceWrapper) UpdateAddonInvocationQuota(c *gin.Context)

UpdateAddonInvocationQuota operation middleware

func (*ServerInterfaceWrapper) UpdateAdminGroup 

func (siw *ServerInterfaceWrapper) UpdateAdminGroup(c *gin.Context)

UpdateAdminGroup operation middleware

func (*ServerInterfaceWrapper) UpdateAdminUser 

func (siw *ServerInterfaceWrapper) UpdateAdminUser(c *gin.Context)

UpdateAdminUser operation middleware

func (*ServerInterfaceWrapper) UpdateDiagramMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateDiagramMetadataByKey(c *gin.Context)

UpdateDiagramMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateDocumentMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateDocumentMetadataByKey(c *gin.Context)

UpdateDocumentMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateInvocationStatus 

func (siw *ServerInterfaceWrapper) UpdateInvocationStatus(c *gin.Context)

UpdateInvocationStatus operation middleware

func (*ServerInterfaceWrapper) UpdateNoteMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateNoteMetadataByKey(c *gin.Context)

UpdateNoteMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateRepositoryMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateRepositoryMetadataByKey(c *gin.Context)

UpdateRepositoryMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateThreatMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateThreatMetadataByKey(c *gin.Context)

UpdateThreatMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModel 

func (siw *ServerInterfaceWrapper) UpdateThreatModel(c *gin.Context)

UpdateThreatModel operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelAsset 

func (siw *ServerInterfaceWrapper) UpdateThreatModelAsset(c *gin.Context)

UpdateThreatModelAsset operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelAssetMetadata 

func (siw *ServerInterfaceWrapper) UpdateThreatModelAssetMetadata(c *gin.Context)

UpdateThreatModelAssetMetadata operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelDiagram 

func (siw *ServerInterfaceWrapper) UpdateThreatModelDiagram(c *gin.Context)

UpdateThreatModelDiagram operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelDocument 

func (siw *ServerInterfaceWrapper) UpdateThreatModelDocument(c *gin.Context)

UpdateThreatModelDocument operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelMetadataByKey 

func (siw *ServerInterfaceWrapper) UpdateThreatModelMetadataByKey(c *gin.Context)

UpdateThreatModelMetadataByKey operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelNote 

func (siw *ServerInterfaceWrapper) UpdateThreatModelNote(c *gin.Context)

UpdateThreatModelNote operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelRepository 

func (siw *ServerInterfaceWrapper) UpdateThreatModelRepository(c *gin.Context)

UpdateThreatModelRepository operation middleware

func (*ServerInterfaceWrapper) UpdateThreatModelThreat 

func (siw *ServerInterfaceWrapper) UpdateThreatModelThreat(c *gin.Context)

UpdateThreatModelThreat operation middleware

func (*ServerInterfaceWrapper) UpdateUserAPIQuota 

func (siw *ServerInterfaceWrapper) UpdateUserAPIQuota(c *gin.Context)

UpdateUserAPIQuota operation middleware

func (*ServerInterfaceWrapper) UpdateWebhookQuota 

func (siw *ServerInterfaceWrapper) UpdateWebhookQuota(c *gin.Context)

UpdateWebhookQuota operation middleware

type SessionPerformanceData 

type SessionPerformanceData struct {
	SessionID    string
	DiagramID    string
	StartTime    time.Time
	LastActivity time.Time

	// Operation metrics
	OperationCount   int64
	OperationLatency time.Duration
	AverageLatency   time.Duration

	// Message metrics
	MessageCount  int64
	BytesSent     int64
	BytesReceived int64

	// Participant metrics
	ParticipantCount int
	MaxParticipants  int
	PeakConcurrency  int

	// Error metrics
	ConflictCount        int64
	StateCorrectionCount int64
	ResyncRequestCount   int64
	AuthDeniedCount      int64

	// Connection quality
	DisconnectionCount int64
	ReconnectionCount  int64
	AverageMessageSize float64
}

SessionPerformanceData tracks performance metrics for a single collaboration session

type SessionState 

type SessionState string

SessionState represents the lifecycle state of a collaboration session 

const (
	// SessionStateActive means the session is active and accepting connections
	SessionStateActive SessionState = "active"
	// SessionStateTerminating means the session is in the process of terminating
	SessionStateTerminating SessionState = "terminating"
	// SessionStateTerminated means the session has been terminated and should be cleaned up
	SessionStateTerminated SessionState = "terminated"
)

type SessionValidator 

type SessionValidator struct{}

SessionValidator handles session validation logic

func (*SessionValidator) ValidateSessionAccess 

func (v *SessionValidator) ValidateSessionAccess(hub *WebSocketHub, userInfo *UserInfo, threatModelID, diagramID string) error

ValidateSessionAccess validates that a user can access a diagram session Uses flexible user identifier matching (email, provider_user_id, or internal_uuid)

func (*SessionValidator) ValidateSessionID 

func (v *SessionValidator) ValidateSessionID(session *DiagramSession, providedSessionID string) error

ValidateSessionID validates that the provided session ID matches the actual session

func (*SessionValidator) ValidateSessionState 

func (v *SessionValidator) ValidateSessionState(session *DiagramSession) error

ValidateSessionState validates the session is in the correct state for connection

type SeverityQueryParam 

type SeverityQueryParam string

SeverityQueryParam defines model for SeverityQueryParam. 

const (
	SeverityQueryParamCritical SeverityQueryParam = "Critical"
	SeverityQueryParamHigh     SeverityQueryParam = "High"
	SeverityQueryParamLow      SeverityQueryParam = "Low"
	SeverityQueryParamMedium   SeverityQueryParam = "Medium"
	SeverityQueryParamNone     SeverityQueryParam = "None"
	SeverityQueryParamUnknown  SeverityQueryParam = "Unknown"
)

Defines values for SeverityQueryParam.

type SortByQueryParam 

type SortByQueryParam string

SortByQueryParam defines model for SortByQueryParam. 

const (
	SortByQueryParamCreatedAt SortByQueryParam = "created_at"
	SortByQueryParamEmail     SortByQueryParam = "email"
	SortByQueryParamLastLogin SortByQueryParam = "last_login"
)

Defines values for SortByQueryParam.

type SortOrderQueryParam 

type SortOrderQueryParam string

SortOrderQueryParam defines model for SortOrderQueryParam. 

const (
	SortOrderQueryParamAsc  SortOrderQueryParam = "asc"
	SortOrderQueryParamDesc SortOrderQueryParam = "desc"
)

Defines values for SortOrderQueryParam.

type SortQueryParam 

type SortQueryParam = string

SortQueryParam defines model for SortQueryParam.

type StateQueryParam 

type StateQueryParam = string

StateQueryParam defines model for StateQueryParam.

type StatusQueryParam 

type StatusQueryParam = string

StatusQueryParam defines model for StatusQueryParam.

type StatusUpdatedAfterQueryParam 

type StatusUpdatedAfterQueryParam = time.Time

StatusUpdatedAfterQueryParam defines model for StatusUpdatedAfterQueryParam.

type StatusUpdatedBeforeQueryParam 

type StatusUpdatedBeforeQueryParam = time.Time

StatusUpdatedBeforeQueryParam defines model for StatusUpdatedBeforeQueryParam.

type SubResourceTestFixtures 

type SubResourceTestFixtures struct {
	// Test users for authorization
	OwnerUser    string
	WriterUser   string
	ReaderUser   string
	ExternalUser string // User with no access

	// Test threat model
	ThreatModel   ThreatModel
	ThreatModelID string

	// Test threats
	Threat1   Threat
	Threat1ID string
	Threat2   Threat
	Threat2ID string

	// Test documents
	Document1   Document
	Document1ID string
	Document2   Document
	Document2ID string

	// Test repositories
	Repository1   Repository
	Repository1ID string
	Repository2   Repository
	Repository2ID string

	// Test metadata
	ThreatMetadata1     Metadata
	ThreatMetadata2     Metadata
	DocumentMetadata1   Metadata
	DocumentMetadata2   Metadata
	RepositoryMetadata1 Metadata
	RepositoryMetadata2 Metadata
	DiagramMetadata1    Metadata
	DiagramMetadata2    Metadata

	// Test diagram for cell testing
	Diagram   DfdDiagram
	DiagramID string
	Cell1     DfdDiagram_Cells_Item
	Cell1ID   string
	Cell2     DfdDiagram_Cells_Item
	Cell2ID   string

	// Authorization data
	Authorization []Authorization

	// Initialization flag
	Initialized bool
}

SubResourceTestFixtures provides comprehensive test data for sub-resource testing 

var SubResourceFixtures SubResourceTestFixtures

type SubscriptionIdQueryParam 

type SubscriptionIdQueryParam = openapi_types.UUID

SubscriptionIdQueryParam defines model for SubscriptionIdQueryParam.

type SyncRequestHandler 

type SyncRequestHandler struct{}

SyncRequestHandler handles sync request messages

func (*SyncRequestHandler) HandleMessage 

func (h *SyncRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*SyncRequestHandler) MessageType 

func (h *SyncRequestHandler) MessageType() string

type SyncRequestMessage 

type SyncRequestMessage struct {
	MessageType  MessageType `json:"message_type"`
	UpdateVector *int64      `json:"update_vector,omitempty"` // Client's current vector, nil means "send everything"
}

SyncRequestMessage is sent by client to request full state if stale

func (SyncRequestMessage) GetMessageType 

func (m SyncRequestMessage) GetMessageType() MessageType

func (SyncRequestMessage) Validate 

func (m SyncRequestMessage) Validate() error

type SyncStatusRequestHandler 

type SyncStatusRequestHandler struct{}

SyncStatusRequestHandler handles sync status request messages

func (*SyncStatusRequestHandler) HandleMessage 

func (h *SyncStatusRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*SyncStatusRequestHandler) MessageType 

func (h *SyncStatusRequestHandler) MessageType() string

type SyncStatusRequestMessage 

type SyncStatusRequestMessage struct {
	MessageType MessageType `json:"message_type"`
}

SyncStatusRequestMessage is sent by client to check server's current update vector

func (SyncStatusRequestMessage) GetMessageType 

func (m SyncStatusRequestMessage) GetMessageType() MessageType

func (SyncStatusRequestMessage) Validate 

func (m SyncStatusRequestMessage) Validate() error

type SyncStatusResponseMessage 

type SyncStatusResponseMessage struct {
	MessageType  MessageType `json:"message_type"`
	UpdateVector int64       `json:"update_vector"`
}

SyncStatusResponseMessage is sent by server with current update vector

func (SyncStatusResponseMessage) GetMessageType 

func (m SyncStatusResponseMessage) GetMessageType() MessageType

func (SyncStatusResponseMessage) Validate 

func (m SyncStatusResponseMessage) Validate() error

type SystemNotificationData 

type SystemNotificationData struct {
	Severity       string `json:"severity"` // info, warning, error, critical
	Message        string `json:"message"`
	ActionRequired bool   `json:"action_required"`
	ActionURL      string `json:"action_url,omitempty"`
}

SystemNotificationData contains data for system notifications

type TMListItem 

type TMListItem struct {
	// AssetCount Number of assets associated with this threat model
	AssetCount int `json:"asset_count"`

	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt time.Time `json:"created_at"`

	// CreatedBy Email address, name or identifier of the creator
	CreatedBy string `json:"created_by"`

	// Description Description of the threat model
	Description *string `json:"description,omitempty"`

	// DiagramCount Number of diagrams associated with this threat model
	DiagramCount int `json:"diagram_count"`

	// DocumentCount Number of documents associated with this threat model
	DocumentCount int `json:"document_count"`

	// Id Unique identifier of the threat model (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// IssueUri URL to an issue in an issue tracking system
	IssueUri *string `json:"issue_uri,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt time.Time `json:"modified_at"`

	// Name Name of the threat model
	Name string `json:"name"`

	// NoteCount Number of notes associated with this threat model
	NoteCount int `json:"note_count"`

	// Owner Email address of the current owner
	Owner string `json:"owner"`

	// RepoCount Number of source code repository entries associated with this threat model
	RepoCount int `json:"repo_count"`

	// Status Status of the threat model in the organization's threat modeling or SDLC process. Examples: "Not started", "In progress", "Review", "Approved", "Closed"
	Status *string `json:"status"`

	// StatusUpdated Timestamp when the status field was last modified (RFC3339). Automatically updated by the server when status changes.
	StatusUpdated *time.Time `json:"status_updated"`

	// ThreatCount Number of threats defined in this threat model
	ThreatCount int `json:"threat_count"`

	// ThreatModelFramework The framework used for this threat model
	ThreatModelFramework string `json:"threat_model_framework"`
}

TMListItem Enhanced item for threat model list endpoints with key metadata and counts

type TestWebhookSubscriptionJSONRequestBody 

type TestWebhookSubscriptionJSONRequestBody = WebhookTestRequest

TestWebhookSubscriptionJSONRequestBody defines body for TestWebhookSubscription for application/json ContentType.

type Threat 

type Threat struct {
	// AssetId Unique identifier of the associated asset (if applicable) (UUID)
	AssetId *openapi_types.UUID `json:"asset_id"`

	// CellId Unique identifier of the associated cell (if applicable) (UUID)
	CellId *openapi_types.UUID `json:"cell_id"`

	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// Description Description of the threat and risk to the organization
	Description *string `json:"description,omitempty"`

	// DiagramId Unique identifier of the associated diagram (if applicable) (UUID)
	DiagramId *openapi_types.UUID `json:"diagram_id"`

	// Id Unique identifier for the threat (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// IssueUri URL to an issue in an issue tracking system for this threat
	IssueUri *string `json:"issue_uri,omitempty"`

	// Metadata Key-value pairs for additional threat metadata
	Metadata *[]Metadata `json:"metadata"`

	// Mitigated Whether the threat has been mitigated
	Mitigated *bool `json:"mitigated,omitempty"`

	// Mitigation Recommended or planned mitigation(s) for the threat
	Mitigation *string `json:"mitigation,omitempty"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Name of the threat
	Name string `json:"name"`

	// Priority Priority level for addressing the threat
	Priority *string `json:"priority,omitempty"`

	// Score Numeric score representing the risk or impact of the threat
	Score *float32 `json:"score,omitempty"`

	// Severity Severity level of the threat
	Severity *string `json:"severity,omitempty"`

	// Status Current status of the threat
	Status *string `json:"status,omitempty"`

	// ThreatModelId Unique identifier of the parent threat model (UUID)
	ThreatModelId *openapi_types.UUID `json:"threat_model_id,omitempty"`

	// ThreatType Types or categories of the threat. Supports multiple classifications within the same framework (e.g., ['Spoofing', 'Tampering']). Empty array indicates no types assigned.
	ThreatType []string `json:"threat_type"`
}

Threat defines model for Threat.

func CreateTestThreatWithMetadata 

func CreateTestThreatWithMetadata(threatModelID string, metadata []Metadata) Threat

CreateTestThreatWithMetadata creates a threat with associated metadata for testing

type ThreatBase 

type ThreatBase struct {
	// AssetId Unique identifier of the associated asset (if applicable) (UUID)
	AssetId *openapi_types.UUID `json:"asset_id"`

	// CellId Unique identifier of the associated cell (if applicable) (UUID)
	CellId *openapi_types.UUID `json:"cell_id"`

	// Description Description of the threat and risk to the organization
	Description *string `json:"description,omitempty"`

	// DiagramId Unique identifier of the associated diagram (if applicable) (UUID)
	DiagramId *openapi_types.UUID `json:"diagram_id"`

	// IssueUri URL to an issue in an issue tracking system for this threat
	IssueUri *string `json:"issue_uri,omitempty"`

	// Metadata Key-value pairs for additional threat metadata
	Metadata *[]Metadata `json:"metadata"`

	// Mitigated Whether the threat has been mitigated
	Mitigated *bool `json:"mitigated,omitempty"`

	// Mitigation Recommended or planned mitigation(s) for the threat
	Mitigation *string `json:"mitigation,omitempty"`

	// Name Name of the threat
	Name string `json:"name"`

	// Priority Priority level for addressing the threat
	Priority *string `json:"priority,omitempty"`

	// Score Numeric score representing the risk or impact of the threat
	Score *float32 `json:"score,omitempty"`

	// Severity Severity level of the threat
	Severity *string `json:"severity,omitempty"`

	// Status Current status of the threat
	Status *string `json:"status,omitempty"`

	// ThreatType Types or categories of the threat. Supports multiple classifications within the same framework (e.g., ['Spoofing', 'Tampering']). Empty array indicates no types assigned.
	ThreatType []string `json:"threat_type"`
}

ThreatBase Base schema for Threat with client-writable fields

type ThreatEntity 

type ThreatEntity struct {
	ID          string         `json:"id,omitempty"`
	Name        string         `json:"name" binding:"required"`
	Description *string        `json:"description,omitempty"`
	Metadata    []MetadataItem `json:"metadata,omitempty"`
}

ThreatEntity represents a threat in a threat model (custom name to avoid collision with generated Threat)

type ThreatFilter 

type ThreatFilter struct {
	// Basic filters
	Name        *string
	Description *string
	ThreatType  []string
	Severity    *string
	Priority    *string
	Status      *string
	DiagramID   *uuid.UUID
	CellID      *uuid.UUID

	// Score comparison filters
	ScoreGT *float32
	ScoreLT *float32
	ScoreEQ *float32
	ScoreGE *float32
	ScoreLE *float32

	// Date filters
	CreatedAfter   *time.Time
	CreatedBefore  *time.Time
	ModifiedAfter  *time.Time
	ModifiedBefore *time.Time

	// Sorting and pagination
	Sort   *string
	Offset int
	Limit  int
}

ThreatFilter defines filtering criteria for threats

type ThreatId 

type ThreatId = openapi_types.UUID

ThreatId defines model for ThreatId.

type ThreatIdsQueryParam 

type ThreatIdsQueryParam = []openapi_types.UUID

ThreatIdsQueryParam defines model for ThreatIdsQueryParam.

type ThreatInput 

type ThreatInput = ThreatBase

ThreatInput Base schema for Threat with client-writable fields

type ThreatMetadataHandler 

type ThreatMetadataHandler struct {
	// contains filtered or unexported fields
}

ThreatMetadataHandler provides handlers for threat metadata operations

func NewThreatMetadataHandler 

func NewThreatMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *ThreatMetadataHandler

NewThreatMetadataHandler creates a new threat metadata handler

func (*ThreatMetadataHandler) BulkCreateThreatMetadata 

func (h *ThreatMetadataHandler) BulkCreateThreatMetadata(c *gin.Context)

BulkCreateThreatMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/threats/{threat_id}/metadata/bulk

func (*ThreatMetadataHandler) BulkUpdateThreatMetadata 

func (h *ThreatMetadataHandler) BulkUpdateThreatMetadata(c *gin.Context)

BulkUpdateThreatMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/threats/{threat_id}/metadata/bulk

func (*ThreatMetadataHandler) CreateThreatMetadata 

func (h *ThreatMetadataHandler) CreateThreatMetadata(c *gin.Context)

CreateThreatMetadata creates a new metadata entry for a threat POST /threat_models/{threat_model_id}/threats/{threat_id}/metadata

func (*ThreatMetadataHandler) DeleteThreatMetadata 

func (h *ThreatMetadataHandler) DeleteThreatMetadata(c *gin.Context)

DeleteThreatMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key}

func (*ThreatMetadataHandler) GetThreatMetadata 

func (h *ThreatMetadataHandler) GetThreatMetadata(c *gin.Context)

GetThreatMetadata retrieves all metadata for a threat GET /threat_models/{threat_model_id}/threats/{threat_id}/metadata

func (*ThreatMetadataHandler) GetThreatMetadataByKey 

func (h *ThreatMetadataHandler) GetThreatMetadataByKey(c *gin.Context)

GetThreatMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key}

func (*ThreatMetadataHandler) UpdateThreatMetadata 

func (h *ThreatMetadataHandler) UpdateThreatMetadata(c *gin.Context)

UpdateThreatMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/threats/{threat_id}/metadata/{key}

type ThreatModel 

type ThreatModel struct {
	// Assets List of assets associated with the threat model
	Assets *[]ExtendedAsset `json:"assets,omitempty"`

	// Authorization List of users and their roles for this threat model
	Authorization []Authorization `json:"authorization"`

	// CreatedAt Creation timestamp (RFC3339)
	CreatedAt *time.Time `json:"created_at,omitempty"`

	// CreatedBy User who created the threat model
	CreatedBy *User `json:"created_by,omitempty"`

	// Description Description of the threat model
	Description *string `json:"description,omitempty"`

	// Diagrams List of diagram objects associated with this threat model
	Diagrams *[]Diagram `json:"diagrams,omitempty"`

	// Documents List of documents related to the threat model
	Documents *[]Document `json:"documents,omitempty"`

	// Id Unique identifier for the threat model (UUID)
	Id *openapi_types.UUID `json:"id,omitempty"`

	// IssueUri URL to an issue in an issue tracking system for this threat model
	IssueUri *string `json:"issue_uri,omitempty"`

	// Metadata Key-value pairs for additional threat model metadata
	Metadata *[]Metadata `json:"metadata"`

	// ModifiedAt Last modification timestamp (RFC3339)
	ModifiedAt *time.Time `json:"modified_at,omitempty"`

	// Name Name of the threat model
	Name string `binding:"required" json:"name"`

	// Notes List of notes associated with the threat model
	Notes *[]Note `json:"notes,omitempty"`

	// Owner User who owns the threat model (can be null for orphaned models)
	Owner User `json:"owner"`

	// Repositories List of source code repositories related to the threat model
	Repositories *[]Repository `json:"repositories,omitempty"`

	// Status Status of the threat model in the organization's threat modeling or SDLC process. Examples: "Not started", "In progress", "Review", "Approved", "Closed"
	Status *string `json:"status"`

	// StatusUpdated Timestamp when the status field was last modified (RFC3339). Automatically updated by the server when status changes.
	StatusUpdated *time.Time `json:"status_updated"`

	// ThreatModelFramework The framework used for this threat model
	ThreatModelFramework string `json:"threat_model_framework"`

	// Threats List of threats within the threat model
	Threats *[]Threat `json:"threats,omitempty"`
}

ThreatModel defines model for ThreatModel.

func (*ThreatModel) SetCreatedAt 

func (t *ThreatModel) SetCreatedAt(time time.Time)

SetCreatedAt implements WithTimestamps interface

func (*ThreatModel) SetModifiedAt 

func (t *ThreatModel) SetModifiedAt(time time.Time)

SetModifiedAt implements WithTimestamps interface

type ThreatModelBase 

type ThreatModelBase struct {
	// Authorization List of users and their roles for this threat model
	Authorization []Authorization `json:"authorization"`

	// Description Description of the threat model
	Description *string `json:"description,omitempty"`

	// IssueUri URL to an issue in an issue tracking system for this threat model
	IssueUri *string `json:"issue_uri,omitempty"`

	// Metadata Key-value pairs for additional threat model metadata
	Metadata *[]Metadata `json:"metadata"`

	// Name Name of the threat model
	Name string `binding:"required" json:"name"`

	// Owner User who owns the threat model (can be null for orphaned models)
	Owner User `json:"owner"`

	// Status Status of the threat model in the organization's threat modeling or SDLC process. Examples: "Not started", "In progress", "Review", "Approved", "Closed"
	Status *string `json:"status"`

	// ThreatModelFramework The framework used for this threat model
	ThreatModelFramework string `json:"threat_model_framework"`
}

ThreatModelBase Base schema for ThreatModel with client-writable fields

type ThreatModelDatabaseStore 

type ThreatModelDatabaseStore struct {
	// contains filtered or unexported fields
}

ThreatModelDatabaseStore handles threat model database operations

func NewThreatModelDatabaseStore 

func NewThreatModelDatabaseStore(database *sql.DB) *ThreatModelDatabaseStore

NewThreatModelDatabaseStore creates a new threat model database store

func (*ThreatModelDatabaseStore) Count 

func (s *ThreatModelDatabaseStore) Count() int

Count returns the total number of threat models

func (*ThreatModelDatabaseStore) Create 

func (s *ThreatModelDatabaseStore) Create(item ThreatModel, idSetter func(ThreatModel, string) ThreatModel) (ThreatModel, error)

Create adds a new threat model

func (*ThreatModelDatabaseStore) Delete 

func (s *ThreatModelDatabaseStore) Delete(id string) error

Delete removes a threat model

func (*ThreatModelDatabaseStore) Get 

func (s *ThreatModelDatabaseStore) Get(id string) (ThreatModel, error)

Get retrieves a threat model by ID

func (*ThreatModelDatabaseStore) GetDB 

func (s *ThreatModelDatabaseStore) GetDB() *sql.DB

GetDB returns the underlying database connection

func (*ThreatModelDatabaseStore) List 

func (s *ThreatModelDatabaseStore) List(offset, limit int, filter func(ThreatModel) bool) []ThreatModel

List returns filtered and paginated threat models

func (*ThreatModelDatabaseStore) ListWithCounts 

func (s *ThreatModelDatabaseStore) ListWithCounts(offset, limit int, filter func(ThreatModel) bool) []ThreatModelWithCounts

ListWithCounts returns filtered and paginated threat models with count information

func (*ThreatModelDatabaseStore) Update 

func (s *ThreatModelDatabaseStore) Update(id string, item ThreatModel) error

Update modifies an existing threat model

type ThreatModelDiagramHandler 

type ThreatModelDiagramHandler struct {
	// contains filtered or unexported fields
}

ThreatModelDiagramHandler provides handlers for diagram operations within threat models

func NewThreatModelDiagramHandler 

func NewThreatModelDiagramHandler(wsHub *WebSocketHub) *ThreatModelDiagramHandler

NewThreatModelDiagramHandler creates a new handler for diagrams within threat models

func (*ThreatModelDiagramHandler) CreateDiagram 

func (h *ThreatModelDiagramHandler) CreateDiagram(c *gin.Context, threatModelId string)

CreateDiagram creates a new diagram for a threat model

func (*ThreatModelDiagramHandler) CreateDiagramCollaborate 

func (h *ThreatModelDiagramHandler) CreateDiagramCollaborate(c *gin.Context, threatModelId, diagramId string)

CreateDiagramCollaborate creates a new collaboration session for a diagram within a threat model

func (*ThreatModelDiagramHandler) DeleteDiagram 

func (h *ThreatModelDiagramHandler) DeleteDiagram(c *gin.Context, threatModelId, diagramId string)

DeleteDiagram deletes a diagram within a threat model

func (*ThreatModelDiagramHandler) DeleteDiagramCollaborate 

func (h *ThreatModelDiagramHandler) DeleteDiagramCollaborate(c *gin.Context, threatModelId, diagramId string)

DeleteDiagramCollaborate leaves a collaboration session for a diagram within a threat model

func (*ThreatModelDiagramHandler) GetDiagramByID 

func (h *ThreatModelDiagramHandler) GetDiagramByID(c *gin.Context, threatModelId, diagramId string)

GetDiagramByID retrieves a specific diagram within a threat model

func (*ThreatModelDiagramHandler) GetDiagramCollaborate 

func (h *ThreatModelDiagramHandler) GetDiagramCollaborate(c *gin.Context, threatModelId, diagramId string)

GetDiagramCollaborate gets collaboration session status for a diagram within a threat model

func (*ThreatModelDiagramHandler) GetDiagramModel 

func (h *ThreatModelDiagramHandler) GetDiagramModel(c *gin.Context, threatModelId, diagramId openapi_types.UUID, params GetDiagramModelParams)

GetDiagramModel retrieves a minimal model representation of a diagram within a threat model. This endpoint is optimized for automated threat modeling tools, returning only essential data without visual styling, layout information, or rendering properties.

Response includes:

  • Threat model context (id, name, description, flattened metadata)
  • Minimal cells (nodes and edges) with:
  • Computed bidirectional parent-child relationships
  • Text labels extracted from attrs and text-box children
  • Flattened metadata from cell.data._metadata
  • Optional dataAssetId references

Authorization: Requires at least RoleReader on the threat model.

Supported output formats (via ?format query parameter):

  • json (default): application/json
  • yaml: application/x-yaml
  • graphml: application/xml (GraphML 1.0 standard)

func (*ThreatModelDiagramHandler) GetDiagrams 

func (h *ThreatModelDiagramHandler) GetDiagrams(c *gin.Context, threatModelId string)

GetDiagrams returns a list of diagrams for a threat model

func (*ThreatModelDiagramHandler) PatchDiagram 

func (h *ThreatModelDiagramHandler) PatchDiagram(c *gin.Context, threatModelId, diagramId string)

PatchDiagram partially updates a diagram within a threat model

func (*ThreatModelDiagramHandler) UpdateDiagram 

func (h *ThreatModelDiagramHandler) UpdateDiagram(c *gin.Context, threatModelId, diagramId string)

UpdateDiagram fully updates a diagram within a threat model

type ThreatModelHandler 

type ThreatModelHandler struct {
	// contains filtered or unexported fields
}

ThreatModelHandler provides handlers for threat model operations

func NewThreatModelHandler 

func NewThreatModelHandler(wsHub *WebSocketHub) *ThreatModelHandler

NewThreatModelHandler creates a new threat model handler

func (*ThreatModelHandler) CreateThreatModel 

func (h *ThreatModelHandler) CreateThreatModel(c *gin.Context)

CreateThreatModel creates a new threat model

func (*ThreatModelHandler) DeleteThreatModel 

func (h *ThreatModelHandler) DeleteThreatModel(c *gin.Context)

DeleteThreatModel deletes a threat model

func (*ThreatModelHandler) GetThreatModelByID 

func (h *ThreatModelHandler) GetThreatModelByID(c *gin.Context)

GetThreatModelByID retrieves a specific threat model

func (*ThreatModelHandler) GetThreatModels 

func (h *ThreatModelHandler) GetThreatModels(c *gin.Context)

GetThreatModels returns a list of threat models

func (*ThreatModelHandler) PatchThreatModel 

func (h *ThreatModelHandler) PatchThreatModel(c *gin.Context)

PatchThreatModel partially updates a threat model

func (*ThreatModelHandler) UpdateThreatModel 

func (h *ThreatModelHandler) UpdateThreatModel(c *gin.Context)

UpdateThreatModel fully updates a threat model

type ThreatModelId 

type ThreatModelId = openapi_types.UUID

ThreatModelId defines model for ThreatModelId.

type ThreatModelIdPathParam 

type ThreatModelIdPathParam = openapi_types.UUID

ThreatModelIdPathParam defines model for ThreatModelIdPathParam.

type ThreatModelIdQueryParam 

type ThreatModelIdQueryParam = openapi_types.UUID

ThreatModelIdQueryParam defines model for ThreatModelIdQueryParam.

type ThreatModelInput 

type ThreatModelInput struct {
	// Authorization List of users and their roles for this threat model
	Authorization *[]Authorization `json:"authorization,omitempty"`

	// Description Description of the threat model and its purpose
	Description *string `json:"description"`

	// IssueUri URL to an issue in an issue tracking system for this threat model
	IssueUri *string `json:"issue_uri"`

	// Metadata Key-value pairs for additional threat model metadata
	Metadata *[]Metadata `json:"metadata"`

	// Name Name of the threat model
	Name string `json:"name"`

	// ThreatModelFramework The framework used for this threat model
	ThreatModelFramework *string `json:"threat_model_framework,omitempty"`
}

ThreatModelInput Input schema for creating/updating ThreatModel

type ThreatModelInternal 

type ThreatModelInternal struct {
	// Core fields
	Id                   *openapi_types.UUID `json:"id,omitempty"`
	Name                 string              `json:"name"`
	Description          *string             `json:"description,omitempty"`
	Owner                User                `json:"owner"`
	ThreatModelFramework string              `json:"threat_model_framework"`
	CreatedAt            *time.Time          `json:"created_at,omitempty"`
	ModifiedAt           *time.Time          `json:"modified_at,omitempty"`
	CreatedBy            *User               `json:"created_by,omitempty"`
	IssueUri             *string             `json:"issue_uri,omitempty"`

	// Authorization (stored directly since it's small)
	Authorization []Authorization `json:"authorization"`

	// References to related entities (IDs only)
	DiagramIds  []string `json:"diagram_ids,omitempty"`
	ThreatIds   []string `json:"threat_ids,omitempty"`
	DocumentIds []string `json:"document_ids,omitempty"`
	SourceIds   []string `json:"source_ids,omitempty"`
}

ThreatModelInternal is the internal representation used by stores It stores diagram/threat/document IDs instead of full objects for single source of truth

func (*ThreatModelInternal) FromThreatModel 

func (tm *ThreatModelInternal) FromThreatModel(external *ThreatModel)

FromThreatModel converts external API model to internal representation

func (*ThreatModelInternal) ToThreatModel 

func (tm *ThreatModelInternal) ToThreatModel() (*ThreatModel, error)

ToThreatModel converts internal representation to external API model This function dynamically loads related entities from their respective stores

type ThreatModelMetadataHandler 

type ThreatModelMetadataHandler struct {
	// contains filtered or unexported fields
}

ThreatModelMetadataHandler provides handlers for threat model metadata operations

func NewThreatModelMetadataHandler 

func NewThreatModelMetadataHandler(metadataStore MetadataStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *ThreatModelMetadataHandler

NewThreatModelMetadataHandler creates a new threat model metadata handler

func (*ThreatModelMetadataHandler) BulkCreateThreatModelMetadata 

func (h *ThreatModelMetadataHandler) BulkCreateThreatModelMetadata(c *gin.Context)

BulkCreateThreatModelMetadata creates multiple metadata entries in a single request POST /threat_models/{threat_model_id}/metadata/bulk

func (*ThreatModelMetadataHandler) BulkUpdateThreatModelMetadata 

func (h *ThreatModelMetadataHandler) BulkUpdateThreatModelMetadata(c *gin.Context)

BulkUpdateThreatModelMetadata updates multiple metadata entries in a single request PUT /threat_models/{threat_model_id}/metadata/bulk

func (*ThreatModelMetadataHandler) CreateThreatModelMetadata 

func (h *ThreatModelMetadataHandler) CreateThreatModelMetadata(c *gin.Context)

CreateThreatModelMetadata creates a new metadata entry for a threat model POST /threat_models/{threat_model_id}/metadata

func (*ThreatModelMetadataHandler) DeleteThreatModelMetadata 

func (h *ThreatModelMetadataHandler) DeleteThreatModelMetadata(c *gin.Context)

DeleteThreatModelMetadata deletes a metadata entry DELETE /threat_models/{threat_model_id}/metadata/{key}

func (*ThreatModelMetadataHandler) GetThreatModelMetadata 

func (h *ThreatModelMetadataHandler) GetThreatModelMetadata(c *gin.Context)

GetThreatModelMetadata retrieves all metadata for a threat model GET /threat_models/{threat_model_id}/metadata

func (*ThreatModelMetadataHandler) GetThreatModelMetadataByKey 

func (h *ThreatModelMetadataHandler) GetThreatModelMetadataByKey(c *gin.Context)

GetThreatModelMetadataByKey retrieves a specific metadata entry by key GET /threat_models/{threat_model_id}/metadata/{key}

func (*ThreatModelMetadataHandler) UpdateThreatModelMetadata 

func (h *ThreatModelMetadataHandler) UpdateThreatModelMetadata(c *gin.Context)

UpdateThreatModelMetadata updates an existing metadata entry PUT /threat_models/{threat_model_id}/metadata/{key}

type ThreatModelNotificationData 

type ThreatModelNotificationData struct {
	ThreatModelID   string `json:"threat_model_id"`
	ThreatModelName string `json:"threat_model_name"`
	Action          string `json:"action"` // created, updated, deleted
}

ThreatModelNotificationData contains data for threat model notifications

type ThreatModelRequest 

type ThreatModelRequest struct {
	Name        string         `json:"name" binding:"required"`
	Description *string        `json:"description,omitempty"`
	DiagramIDs  []string       `json:"diagram_ids,omitempty"`
	Threats     []ThreatEntity `json:"threats,omitempty"`
}

ThreatModelRequest is used for creating and updating threat models

type ThreatModelShareData 

type ThreatModelShareData struct {
	ThreatModelID   string `json:"threat_model_id"`
	ThreatModelName string `json:"threat_model_name"`
	SharedWithEmail string `json:"shared_with_email"`
	Role            string `json:"role"` // reader, writer, owner
}

ThreatModelShareData contains data for threat model sharing notifications

type ThreatModelStoreInterface 

type ThreatModelStoreInterface interface {
	Get(id string) (ThreatModel, error)
	List(offset, limit int, filter func(ThreatModel) bool) []ThreatModel
	ListWithCounts(offset, limit int, filter func(ThreatModel) bool) []ThreatModelWithCounts
	Create(item ThreatModel, idSetter func(ThreatModel, string) ThreatModel) (ThreatModel, error)
	Update(id string, item ThreatModel) error
	Delete(id string) error
	Count() int
}
var ThreatModelStore ThreatModelStoreInterface

Global store instances (will be initialized in main.go)

type ThreatModelWithCounts 

type ThreatModelWithCounts struct {
	ThreatModel
	DocumentCount int
	SourceCount   int
	DiagramCount  int
	ThreatCount   int
	NoteCount     int
	AssetCount    int
}

Store interfaces to allow switching between in-memory and database implementations ThreatModelWithCounts extends ThreatModel with count information

type ThreatStore 

type ThreatStore interface {
	// CRUD operations
	Create(ctx context.Context, threat *Threat) error
	Get(ctx context.Context, id string) (*Threat, error)
	Update(ctx context.Context, threat *Threat) error
	Delete(ctx context.Context, id string) error

	// List operations with filtering, sorting and pagination
	List(ctx context.Context, threatModelID string, filter ThreatFilter) ([]Threat, error)

	// PATCH operations for granular updates
	Patch(ctx context.Context, id string, operations []PatchOperation) (*Threat, error)

	// Bulk operations
	BulkCreate(ctx context.Context, threats []Threat) error
	BulkUpdate(ctx context.Context, threats []Threat) error

	// Cache management
	InvalidateCache(ctx context.Context, id string) error
	WarmCache(ctx context.Context, threatModelID string) error
}

ThreatStore defines the interface for threat operations with caching support 

var GlobalThreatStore ThreatStore

type ThreatSubResourceHandler 

type ThreatSubResourceHandler struct {
	// contains filtered or unexported fields
}

ThreatSubResourceHandler provides handlers for threat sub-resource operations

func NewThreatSubResourceHandler 

func NewThreatSubResourceHandler(threatStore ThreatStore, db *sql.DB, cache *CacheService, invalidator *CacheInvalidator) *ThreatSubResourceHandler

NewThreatSubResourceHandler creates a new threat sub-resource handler

func (*ThreatSubResourceHandler) BulkCreateThreats 

func (h *ThreatSubResourceHandler) BulkCreateThreats(c *gin.Context)

BulkCreateThreats creates multiple threats in a single request POST /threat_models/{threat_model_id}/threats/bulk

func (*ThreatSubResourceHandler) BulkDeleteThreats 

func (h *ThreatSubResourceHandler) BulkDeleteThreats(c *gin.Context)

BulkDeleteThreats deletes multiple threats DELETE /threat_models/{threat_model_id}/threats/bulk

func (*ThreatSubResourceHandler) BulkPatchThreats 

func (h *ThreatSubResourceHandler) BulkPatchThreats(c *gin.Context)

BulkPatchThreats applies JSON patch operations to multiple threats PATCH /threat_models/{threat_model_id}/threats/bulk

func (*ThreatSubResourceHandler) BulkUpdateThreats 

func (h *ThreatSubResourceHandler) BulkUpdateThreats(c *gin.Context)

BulkUpdateThreats updates multiple threats in a single request PUT /threat_models/{threat_model_id}/threats/bulk

func (*ThreatSubResourceHandler) CreateThreat 

func (h *ThreatSubResourceHandler) CreateThreat(c *gin.Context)

CreateThreat creates a new threat in a threat model POST /threat_models/{threat_model_id}/threats

func (*ThreatSubResourceHandler) DeleteThreat 

func (h *ThreatSubResourceHandler) DeleteThreat(c *gin.Context)

DeleteThreat deletes a threat DELETE /threat_models/{threat_model_id}/threats/{threat_id}

func (*ThreatSubResourceHandler) GetThreat 

func (h *ThreatSubResourceHandler) GetThreat(c *gin.Context)

GetThreat retrieves a specific threat by ID GET /threat_models/{threat_model_id}/threats/{threat_id}

func (*ThreatSubResourceHandler) GetThreats 

func (h *ThreatSubResourceHandler) GetThreats(c *gin.Context)

GetThreats retrieves all threats for a threat model with pagination GET /threat_models/{threat_model_id}/threats

func (*ThreatSubResourceHandler) GetThreatsWithFilters 

func (h *ThreatSubResourceHandler) GetThreatsWithFilters(c *gin.Context, params GetThreatModelThreatsParams)

GetThreatsWithFilters retrieves all threats for a threat model with advanced filtering GET /threat_models/{threat_model_id}/threats with query parameters

func (*ThreatSubResourceHandler) PatchThreat 

func (h *ThreatSubResourceHandler) PatchThreat(c *gin.Context)

PatchThreat applies JSON patch operations to a threat PATCH /threat_models/{threat_model_id}/threats/{threat_id}

func (*ThreatSubResourceHandler) UpdateThreat 

func (h *ThreatSubResourceHandler) UpdateThreat(c *gin.Context)

UpdateThreat updates an existing threat PUT /threat_models/{threat_model_id}/threats/{threat_id}

type ThreatTypeQueryParam 

type ThreatTypeQueryParam = []string

ThreatTypeQueryParam defines model for ThreatTypeQueryParam.

type TokenIntrospectionRequest 

type TokenIntrospectionRequest struct {
	// Token The JWT token to introspect
	Token string `json:"token"`

	// TokenTypeHint Optional hint about the type of token being introspected
	TokenTypeHint *string `json:"token_type_hint"`
}

TokenIntrospectionRequest defines model for TokenIntrospectionRequest.

type TokenRefreshRequest 

type TokenRefreshRequest struct {
	// RefreshToken Valid refresh token
	RefreshToken string `json:"refresh_token"`
}

TokenRefreshRequest defines model for TokenRefreshRequest.

type TokenRequest 

type TokenRequest struct {
	// ClientId Client identifier (required for client_credentials grant)
	ClientId *string `json:"client_id"`

	// ClientSecret Client secret (required for client_credentials grant)
	ClientSecret *string `json:"client_secret"`

	// Code Authorization code (required for authorization_code grant)
	Code *string `json:"code"`

	// CodeVerifier PKCE code verifier (required for authorization_code grant)
	CodeVerifier *string `json:"code_verifier"`

	// GrantType OAuth 2.0 grant type (RFC 6749)
	GrantType TokenRequestGrantType `json:"grant_type"`

	// RedirectUri Redirect URI (required for authorization_code grant)
	RedirectUri *string `json:"redirect_uri"`

	// RefreshToken Refresh token (required for refresh_token grant)
	RefreshToken *string `json:"refresh_token"`

	// State State parameter for CSRF protection
	State *string `json:"state"`
}

TokenRequest defines model for TokenRequest.

type TokenRequestGrantType 

type TokenRequestGrantType string

TokenRequestGrantType OAuth 2.0 grant type (RFC 6749) 

const (
	TokenRequestGrantTypeAuthorizationCode TokenRequestGrantType = "authorization_code"
	TokenRequestGrantTypeClientCredentials TokenRequestGrantType = "client_credentials"
	TokenRequestGrantTypeRefreshToken      TokenRequestGrantType = "refresh_token"
)

Defines values for TokenRequestGrantType.

type TooManyRequests 

type TooManyRequests = Error

TooManyRequests Standard error response format

type TypesUUID 

type TypesUUID = openapi_types.UUID

TypesUUID is an alias for openapi_types.UUID to make it easier to use

func NewUUID 

func NewUUID() TypesUUID

NewUUID generates a new UUID

func ParseUUID 

func ParseUUID(s string) (TypesUUID, error)

ParseUUID converts a string to a TypesUUID

type UndoRequestHandler 

type UndoRequestHandler struct{}

UndoRequestHandler handles undo request messages

func (*UndoRequestHandler) HandleMessage 

func (h *UndoRequestHandler) HandleMessage(session *DiagramSession, client *WebSocketClient, message []byte) error

func (*UndoRequestHandler) MessageType 

func (h *UndoRequestHandler) MessageType() string

type UndoRequestMessage 

type UndoRequestMessage struct {
	MessageType    MessageType `json:"message_type"`
	InitiatingUser User        `json:"initiating_user"`
}

func (UndoRequestMessage) GetMessageType 

func (m UndoRequestMessage) GetMessageType() MessageType

func (UndoRequestMessage) Validate 

func (m UndoRequestMessage) Validate() error

type UpdateAddonInvocationQuotaJSONRequestBody 

type UpdateAddonInvocationQuotaJSONRequestBody = AddonQuotaUpdate

UpdateAddonInvocationQuotaJSONRequestBody defines body for UpdateAddonInvocationQuota for application/json ContentType.

type UpdateAdminGroupJSONRequestBody 

type UpdateAdminGroupJSONRequestBody = UpdateAdminGroupRequest

UpdateAdminGroupJSONRequestBody defines body for UpdateAdminGroup for application/json ContentType.

type UpdateAdminGroupRequest 

type UpdateAdminGroupRequest struct {
	// Description Updated group description
	Description *string `json:"description,omitempty"`

	// Name Updated human-readable group name
	Name *string `json:"name,omitempty"`
}

UpdateAdminGroupRequest Request body for updating group metadata

type UpdateAdminUserJSONRequestBody 

type UpdateAdminUserJSONRequestBody = UpdateAdminUserRequest

UpdateAdminUserJSONRequestBody defines body for UpdateAdminUser for application/json ContentType.

type UpdateAdminUserRequest 

type UpdateAdminUserRequest struct {
	// Email Updated email address
	Email *openapi_types.Email `json:"email,omitempty"`

	// EmailVerified Updated email verification status
	EmailVerified *bool `json:"email_verified,omitempty"`

	// Name Updated display name
	Name *string `json:"name,omitempty"`
}

UpdateAdminUserRequest Request body for updating user metadata

type UpdateDiagramMetadataByKeyJSONBody 

type UpdateDiagramMetadataByKeyJSONBody struct {
	// Value Metadata value
	Value string `json:"value"`
}

UpdateDiagramMetadataByKeyJSONBody defines parameters for UpdateDiagramMetadataByKey.

type UpdateDiagramMetadataByKeyJSONRequestBody 

type UpdateDiagramMetadataByKeyJSONRequestBody UpdateDiagramMetadataByKeyJSONBody

UpdateDiagramMetadataByKeyJSONRequestBody defines body for UpdateDiagramMetadataByKey for application/json ContentType.

type UpdateDiagramResult 

type UpdateDiagramResult struct {
	UpdatedDiagram    DfdDiagram
	PreviousVector    int64
	NewVector         int64
	VectorIncremented bool
}

UpdateDiagramResult contains the result of a centralized diagram update

type UpdateDocumentMetadataByKeyJSONBody 

type UpdateDocumentMetadataByKeyJSONBody struct {
	// Value New value for the metadata entry
	Value string `json:"value"`
}

UpdateDocumentMetadataByKeyJSONBody defines parameters for UpdateDocumentMetadataByKey.

type UpdateDocumentMetadataByKeyJSONRequestBody 

type UpdateDocumentMetadataByKeyJSONRequestBody UpdateDocumentMetadataByKeyJSONBody

UpdateDocumentMetadataByKeyJSONRequestBody defines body for UpdateDocumentMetadataByKey for application/json ContentType.

type UpdateInvocationStatusJSONRequestBody 

type UpdateInvocationStatusJSONRequestBody = UpdateInvocationStatusRequest

UpdateInvocationStatusJSONRequestBody defines body for UpdateInvocationStatus for application/json ContentType.

type UpdateInvocationStatusParams 

type UpdateInvocationStatusParams struct {
	// XWebhookSignature HMAC-SHA256 signature (format: sha256={hex_signature})
	XWebhookSignature XWebhookSignatureHeaderParam `json:"X-Webhook-Signature"`
}

UpdateInvocationStatusParams defines parameters for UpdateInvocationStatus.

type UpdateInvocationStatusRequest 

type UpdateInvocationStatusRequest struct {
	// Status New status (cannot transition back to pending)
	Status UpdateInvocationStatusRequestStatus `json:"status"`

	// StatusMessage Optional status description
	StatusMessage *string `json:"status_message,omitempty"`

	// StatusPercent Progress percentage
	StatusPercent *int `json:"status_percent,omitempty"`
}

UpdateInvocationStatusRequest defines model for UpdateInvocationStatusRequest.

type UpdateInvocationStatusRequestStatus 

type UpdateInvocationStatusRequestStatus string

UpdateInvocationStatusRequestStatus New status (cannot transition back to pending) 

const (
	UpdateInvocationStatusRequestStatusCompleted  UpdateInvocationStatusRequestStatus = "completed"
	UpdateInvocationStatusRequestStatusFailed     UpdateInvocationStatusRequestStatus = "failed"
	UpdateInvocationStatusRequestStatusInProgress UpdateInvocationStatusRequestStatus = "in_progress"
)

Defines values for UpdateInvocationStatusRequestStatus.

type UpdateInvocationStatusResponse 

type UpdateInvocationStatusResponse struct {
	// Id Invocation identifier
	Id openapi_types.UUID `json:"id"`

	// Status Current status
	Status UpdateInvocationStatusResponseStatus `json:"status"`

	// StatusPercent Progress percentage
	StatusPercent int `json:"status_percent"`

	// StatusUpdatedAt Status update timestamp
	StatusUpdatedAt time.Time `json:"status_updated_at"`
}

UpdateInvocationStatusResponse defines model for UpdateInvocationStatusResponse.

type UpdateInvocationStatusResponseStatus 

type UpdateInvocationStatusResponseStatus string

UpdateInvocationStatusResponseStatus Current status 

const (
	UpdateInvocationStatusResponseStatusCompleted  UpdateInvocationStatusResponseStatus = "completed"
	UpdateInvocationStatusResponseStatusFailed     UpdateInvocationStatusResponseStatus = "failed"
	UpdateInvocationStatusResponseStatusInProgress UpdateInvocationStatusResponseStatus = "in_progress"
	UpdateInvocationStatusResponseStatusPending    UpdateInvocationStatusResponseStatus = "pending"
)

Defines values for UpdateInvocationStatusResponseStatus.

type UpdateNoteMetadataByKeyJSONBody 

type UpdateNoteMetadataByKeyJSONBody struct {
	// Value New value for the metadata entry
	Value string `json:"value"`
}

UpdateNoteMetadataByKeyJSONBody defines parameters for UpdateNoteMetadataByKey.

type UpdateNoteMetadataByKeyJSONRequestBody 

type UpdateNoteMetadataByKeyJSONRequestBody UpdateNoteMetadataByKeyJSONBody

UpdateNoteMetadataByKeyJSONRequestBody defines body for UpdateNoteMetadataByKey for application/json ContentType.

type UpdateRepositoryMetadataByKeyJSONBody 

type UpdateRepositoryMetadataByKeyJSONBody struct {
	// Value New value for the metadata entry
	Value string `json:"value"`
}

UpdateRepositoryMetadataByKeyJSONBody defines parameters for UpdateRepositoryMetadataByKey.

type UpdateRepositoryMetadataByKeyJSONRequestBody 

type UpdateRepositoryMetadataByKeyJSONRequestBody UpdateRepositoryMetadataByKeyJSONBody

UpdateRepositoryMetadataByKeyJSONRequestBody defines body for UpdateRepositoryMetadataByKey for application/json ContentType.

type UpdateThreatMetadataByKeyJSONBody 

type UpdateThreatMetadataByKeyJSONBody struct {
	// Value New value for the metadata entry
	Value string `json:"value"`
}

UpdateThreatMetadataByKeyJSONBody defines parameters for UpdateThreatMetadataByKey.

type UpdateThreatMetadataByKeyJSONRequestBody 

type UpdateThreatMetadataByKeyJSONRequestBody UpdateThreatMetadataByKeyJSONBody

UpdateThreatMetadataByKeyJSONRequestBody defines body for UpdateThreatMetadataByKey for application/json ContentType.

type UpdateThreatModelAssetJSONRequestBody 

type UpdateThreatModelAssetJSONRequestBody = AssetInput

UpdateThreatModelAssetJSONRequestBody defines body for UpdateThreatModelAsset for application/json ContentType.

type UpdateThreatModelAssetMetadataJSONRequestBody 

type UpdateThreatModelAssetMetadataJSONRequestBody = Metadata

UpdateThreatModelAssetMetadataJSONRequestBody defines body for UpdateThreatModelAssetMetadata for application/json ContentType.

type UpdateThreatModelDiagramJSONRequestBody 

type UpdateThreatModelDiagramJSONRequestBody = DfdDiagramInput

UpdateThreatModelDiagramJSONRequestBody defines body for UpdateThreatModelDiagram for application/json ContentType.

type UpdateThreatModelDocumentJSONRequestBody 

type UpdateThreatModelDocumentJSONRequestBody = DocumentInput

UpdateThreatModelDocumentJSONRequestBody defines body for UpdateThreatModelDocument for application/json ContentType.

type UpdateThreatModelJSONRequestBody 

type UpdateThreatModelJSONRequestBody = ThreatModelInput

UpdateThreatModelJSONRequestBody defines body for UpdateThreatModel for application/json ContentType.

type UpdateThreatModelMetadataByKeyJSONBody 

type UpdateThreatModelMetadataByKeyJSONBody struct {
	// Value New value for the metadata entry
	Value string `json:"value"`
}

UpdateThreatModelMetadataByKeyJSONBody defines parameters for UpdateThreatModelMetadataByKey.

type UpdateThreatModelMetadataByKeyJSONRequestBody 

type UpdateThreatModelMetadataByKeyJSONRequestBody UpdateThreatModelMetadataByKeyJSONBody

UpdateThreatModelMetadataByKeyJSONRequestBody defines body for UpdateThreatModelMetadataByKey for application/json ContentType.

type UpdateThreatModelNoteJSONRequestBody 

type UpdateThreatModelNoteJSONRequestBody = NoteInput

UpdateThreatModelNoteJSONRequestBody defines body for UpdateThreatModelNote for application/json ContentType.

type UpdateThreatModelRepositoryJSONRequestBody 

type UpdateThreatModelRepositoryJSONRequestBody = RepositoryInput

UpdateThreatModelRepositoryJSONRequestBody defines body for UpdateThreatModelRepository for application/json ContentType.

type UpdateThreatModelThreatJSONRequestBody 

type UpdateThreatModelThreatJSONRequestBody = ThreatInput

UpdateThreatModelThreatJSONRequestBody defines body for UpdateThreatModelThreat for application/json ContentType.

type UpdateUserAPIQuotaJSONRequestBody 

type UpdateUserAPIQuotaJSONRequestBody = UserQuotaUpdate

UpdateUserAPIQuotaJSONRequestBody defines body for UpdateUserAPIQuota for application/json ContentType.

type UpdateWebhookQuotaJSONRequestBody 

type UpdateWebhookQuotaJSONRequestBody = WebhookQuotaUpdate

UpdateWebhookQuotaJSONRequestBody defines body for UpdateWebhookQuota for application/json ContentType.

type UsedInAuthorizationsQueryParam 

type UsedInAuthorizationsQueryParam = bool

UsedInAuthorizationsQueryParam defines model for UsedInAuthorizationsQueryParam.

type User 

type User struct {
	// DisplayName User full name for display
	DisplayName string `json:"display_name"`

	// Email User email address (required)
	Email openapi_types.Email `json:"email"`

	// PrincipalType Always "user" for User objects
	PrincipalType UserPrincipalType `json:"principal_type"`

	// Provider Identity provider name (e.g., "google", "github", "microsoft", "test"). Use "*" for provider-independent groups.
	Provider string `json:"provider"`

	// ProviderId Provider-assigned identifier. For users: provider_user_id (e.g., email or OAuth sub). For groups: group_name.
	ProviderId string `json:"provider_id"`
}

User defines model for User.

type UserAPIQuota 

type UserAPIQuota struct {
	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// MaxRequestsPerHour Maximum API requests per hour (optional)
	MaxRequestsPerHour *int `json:"max_requests_per_hour"`

	// MaxRequestsPerMinute Maximum API requests per minute
	MaxRequestsPerMinute int `json:"max_requests_per_minute"`

	// ModifiedAt Last modification timestamp
	ModifiedAt time.Time `json:"modified_at"`

	// UserId User ID
	UserId openapi_types.UUID `json:"user_id"`
}

UserAPIQuota defines model for UserAPIQuota.

func (*UserAPIQuota) SetCreatedAt 

func (q *UserAPIQuota) SetCreatedAt(t time.Time)

SetCreatedAt implements WithTimestamps for UserAPIQuota

func (*UserAPIQuota) SetModifiedAt 

func (q *UserAPIQuota) SetModifiedAt(t time.Time)

SetModifiedAt implements WithTimestamps for UserAPIQuota

type UserAPIQuotaDatabaseStore 

type UserAPIQuotaDatabaseStore struct {
	// contains filtered or unexported fields
}

UserAPIQuotaDatabaseStore implements UserAPIQuotaStoreInterface

func NewUserAPIQuotaDatabaseStore 

func NewUserAPIQuotaDatabaseStore(db *sql.DB) *UserAPIQuotaDatabaseStore

NewUserAPIQuotaDatabaseStore creates a new database-backed store

func (*UserAPIQuotaDatabaseStore) Create 

func (s *UserAPIQuotaDatabaseStore) Create(item UserAPIQuota) (UserAPIQuota, error)

Create creates a new user API quota

func (*UserAPIQuotaDatabaseStore) Delete 

func (s *UserAPIQuotaDatabaseStore) Delete(userID string) error

Delete deletes a user API quota

func (*UserAPIQuotaDatabaseStore) Get 

func (s *UserAPIQuotaDatabaseStore) Get(userID string) (UserAPIQuota, error)

Get retrieves a user API quota by user ID

func (*UserAPIQuotaDatabaseStore) GetOrDefault 

func (s *UserAPIQuotaDatabaseStore) GetOrDefault(userID string) UserAPIQuota

GetOrDefault retrieves a quota or returns default values

func (*UserAPIQuotaDatabaseStore) List 

func (s *UserAPIQuotaDatabaseStore) List(offset, limit int) ([]UserAPIQuota, error)

List retrieves all user API quotas with pagination

func (*UserAPIQuotaDatabaseStore) Update 

func (s *UserAPIQuotaDatabaseStore) Update(userID string, item UserAPIQuota) error

Update updates an existing user API quota

type UserAPIQuotaStoreInterface 

type UserAPIQuotaStoreInterface interface {
	Get(userID string) (UserAPIQuota, error)
	GetOrDefault(userID string) UserAPIQuota
	List(offset, limit int) ([]UserAPIQuota, error)
	Create(item UserAPIQuota) (UserAPIQuota, error)
	Update(userID string, item UserAPIQuota) error
	Delete(userID string) error
}

UserAPIQuotaStoreInterface defines operations for user API quotas 

var GlobalUserAPIQuotaStore UserAPIQuotaStoreInterface

Global user API quota store instance

type UserActivityData 

type UserActivityData struct {
	UserEmail string `json:"user_email"`
	UserName  string `json:"user_name,omitempty"`
}

UserActivityData contains data for user activity notifications

type UserContext 

type UserContext struct {
	Email          string   `json:"email"`
	InternalUUID   string   `json:"internal_uuid"`    // System-generated UUID (never in JWT)
	Provider       string   `json:"provider"`         // OAuth provider name
	ProviderUserID string   `json:"provider_user_id"` // Provider's user ID (from JWT sub)
	DisplayName    string   `json:"display_name,omitempty"`
	Groups         []string `json:"groups,omitempty"`
}

UserContext represents the authenticated user's context information This is a convenience structure for passing user info between handlers

func GetUserContext 

func GetUserContext(c *gin.Context) (*UserContext, error)

GetUserContext is a convenience function that returns a structured UserContext containing all user identification information from the Gin context

func (*UserContext) String 

func (uc *UserContext) String() string

String returns a string representation of the UserContext for logging

type UserDatabaseStore 

type UserDatabaseStore struct {
	// contains filtered or unexported fields
}

UserDatabaseStore implements UserStore using PostgreSQL

func NewUserDatabaseStore 

func NewUserDatabaseStore(db *sql.DB, authService *auth.Service) *UserDatabaseStore

NewUserDatabaseStore creates a new database-backed user store

func (*UserDatabaseStore) Count 

func (s *UserDatabaseStore) Count(ctx context.Context, filter UserFilter) (int, error)

Count returns total count of users matching the filter

func (*UserDatabaseStore) Delete 

func (s *UserDatabaseStore) Delete(ctx context.Context, provider string, providerUserID string) (*DeletionStats, error)

Delete deletes a user by provider and provider_user_id

func (*UserDatabaseStore) EnrichUsers 

func (s *UserDatabaseStore) EnrichUsers(ctx context.Context, users []AdminUser) ([]AdminUser, error)

EnrichUsers adds related data to users (admin status, groups, threat model counts)

func (*UserDatabaseStore) Get 

func (s *UserDatabaseStore) Get(ctx context.Context, internalUUID uuid.UUID) (*AdminUser, error)

Get retrieves a user by internal UUID

func (*UserDatabaseStore) GetByProviderAndID 

func (s *UserDatabaseStore) GetByProviderAndID(ctx context.Context, provider string, providerUserID string) (*AdminUser, error)

GetByProviderAndID retrieves a user by provider and provider_user_id

func (*UserDatabaseStore) List 

func (s *UserDatabaseStore) List(ctx context.Context, filter UserFilter) ([]AdminUser, error)

List returns users with optional filtering and pagination

func (*UserDatabaseStore) Update 

func (s *UserDatabaseStore) Update(ctx context.Context, user AdminUser) error

Update updates user metadata (email, name, email_verified)

type UserDeletionHandler 

type UserDeletionHandler struct {
	// contains filtered or unexported fields
}

UserDeletionHandler handles user self-deletion operations

func NewUserDeletionHandler 

func NewUserDeletionHandler(authService *auth.Service) *UserDeletionHandler

NewUserDeletionHandler creates a new user deletion handler

func (*UserDeletionHandler) DeleteUserAccount 

func (h *UserDeletionHandler) DeleteUserAccount(c *gin.Context)

DeleteUserAccount handles the two-step user deletion process Step 1: No challenge parameter -> Generate and return challenge Step 2: With challenge parameter -> Validate and delete user

type UserFilter 

type UserFilter struct {
	Provider        string
	Email           string // Case-insensitive ILIKE %email%
	CreatedAfter    *time.Time
	CreatedBefore   *time.Time
	LastLoginAfter  *time.Time
	LastLoginBefore *time.Time
	Limit           int
	Offset          int
	SortBy          string // created_at, last_login, email
	SortOrder       string // asc, desc
}

UserFilter defines filtering options for user queries

type UserIdPathParam 

type UserIdPathParam = openapi_types.UUID

UserIdPathParam defines model for UserIdPathParam.

type UserIdQueryParam 

type UserIdQueryParam = openapi_types.UUID

UserIdQueryParam defines model for UserIdQueryParam.

type UserInfo 

type UserInfo struct {
	UserID       string
	UserName     string
	UserEmail    string
	UserProvider string
}

UserInfo represents extracted user information

type UserInfoExtractor 

type UserInfoExtractor struct{}

UserInfoExtractor handles extracting user information from the request context

func (*UserInfoExtractor) ExtractUserInfo 

func (u *UserInfoExtractor) ExtractUserInfo(c *gin.Context) (*UserInfo, error)

ExtractUserInfo extracts user information from the gin context

type UserPrincipalType 

type UserPrincipalType string

UserPrincipalType Always "user" for User objects 

const (
	UserPrincipalTypeUser UserPrincipalType = "user"
)

Defines values for UserPrincipalType.

type UserQuotaUpdate 

type UserQuotaUpdate struct {
	// MaxRequestsPerHour Maximum API requests per hour (optional)
	MaxRequestsPerHour *int `json:"max_requests_per_hour"`

	// MaxRequestsPerMinute Maximum API requests per minute
	MaxRequestsPerMinute int `json:"max_requests_per_minute"`
}

UserQuotaUpdate defines model for UserQuotaUpdate.

type UserStore 

type UserStore interface {
	// List returns users with optional filtering and pagination
	List(ctx context.Context, filter UserFilter) ([]AdminUser, error)

	// Get retrieves a user by internal UUID
	Get(ctx context.Context, internalUUID uuid.UUID) (*AdminUser, error)

	// GetByProviderAndID retrieves a user by provider and provider_user_id
	GetByProviderAndID(ctx context.Context, provider string, providerUserID string) (*AdminUser, error)

	// Update updates user metadata (email, name, email_verified)
	Update(ctx context.Context, user AdminUser) error

	// Delete deletes a user by provider and provider_user_id
	// Returns deletion statistics
	Delete(ctx context.Context, provider string, providerUserID string) (*DeletionStats, error)

	// Count returns total count of users matching the filter
	Count(ctx context.Context, filter UserFilter) (int, error)

	// EnrichUsers adds related data to users (admin status, groups, threat model counts)
	EnrichUsers(ctx context.Context, users []AdminUser) ([]AdminUser, error)
}

UserStore defines the interface for user storage operations 

var GlobalUserStore UserStore

GlobalUserStore is the global singleton for user storage

type UserUuidPathParam 

type UserUuidPathParam = openapi_types.UUID

UserUuidPathParam defines model for UserUuidPathParam.

type UserWithAdminStatus 

type UserWithAdminStatus struct {
	// DisplayName User full name for display
	DisplayName string `json:"display_name"`

	// Email User email address (required)
	Email openapi_types.Email `json:"email"`

	// IsAdmin Whether the user has administrator privileges (computed dynamically based on administrators table)
	IsAdmin bool `json:"is_admin"`

	// PrincipalType Always "user" for User objects
	PrincipalType UserWithAdminStatusPrincipalType `json:"principal_type"`

	// Provider Identity provider name (e.g., "google", "github", "microsoft", "test"). Use "*" for provider-independent groups.
	Provider string `json:"provider"`

	// ProviderId Provider-assigned identifier. For users: provider_user_id (e.g., email or OAuth sub). For groups: group_name.
	ProviderId string `json:"provider_id"`
}

UserWithAdminStatus defines model for UserWithAdminStatus.

type UserWithAdminStatusPrincipalType 

type UserWithAdminStatusPrincipalType string

UserWithAdminStatusPrincipalType Always "user" for User objects 

const (
	UserWithAdminStatusPrincipalTypeUser UserWithAdminStatusPrincipalType = "user"
)

Defines values for UserWithAdminStatusPrincipalType.

type ValidatedMetadataRequest 

type ValidatedMetadataRequest struct {
	Key   string `json:"key" binding:"required" maxlength:"100"`
	Value string `json:"value" binding:"required" maxlength:"1000"`
}

Enhanced Metadata Request Structs (for migration example)

type ValidationConfig 

type ValidationConfig struct {
	// ProhibitedFields lists fields that cannot be set for this operation
	ProhibitedFields []string
	// CustomValidators are additional validation functions to run
	CustomValidators []ValidatorFunc
	// AllowOwnerField permits the owner field (for PUT operations)
	AllowOwnerField bool
	// Operation type for context-specific error messages
	Operation string
}

ValidationConfig defines validation rules for an endpoint

func GetValidationConfig 

func GetValidationConfig(endpoint string) (ValidationConfig, bool)

GetValidationConfig returns the validation config for an endpoint

type ValidationError 

type ValidationError struct {
	Field   string `json:"field"`
	Message string `json:"message"`
}

ValidationError represents a validation error

type ValidationResult 

type ValidationResult struct {
	Valid  bool
	Errors []string
}

ValidationResult provides validation outcome details

func ValidateStruct 

func ValidateStruct(s interface{}, config ValidationConfig) ValidationResult

ValidateStruct performs validation on any struct and returns detailed results

type ValidatorFunc 

type ValidatorFunc func(interface{}) error

ValidatorFunc is a function that validates a parsed request 

var ValidateAuthorizationEntriesFunc ValidatorFunc = ValidateAuthorizationEntriesFromStruct

ValidateAuthorizationEntriesFunc validates authorization array 

var ValidateDiagramTypeFunc ValidatorFunc = func(data interface{}) error {
	return ValidateDiagramType(data)
}

ValidateDiagramTypeFunc validates diagram type field 

var ValidateUUIDFieldsFunc ValidatorFunc = func(data interface{}) error {
	return ValidateUUIDFieldsFromStruct(data)
}

ValidateUUIDFieldsFunc validates UUID format for ID fields

type Version 

type Version struct {
	Major      int    `json:"major"`
	Minor      int    `json:"minor"`
	Patch      int    `json:"patch"`
	GitCommit  string `json:"git_commit,omitempty"`
	BuildDate  string `json:"build_date,omitempty"`
	APIVersion string `json:"api_version"`
}

Version contains versioning information for the API

func GetVersion 

func GetVersion() Version

GetVersion returns the current application version

type WarmingPriority 

type WarmingPriority int

WarmingPriority defines priority levels for cache warming 

const (
	// PriorityHigh for critical data that must be cached
	PriorityHigh WarmingPriority = iota
	// PriorityMedium for important but not critical data
	PriorityMedium
	// PriorityLow for nice-to-have cached data
	PriorityLow
)

type WarmingRequest 

type WarmingRequest struct {
	EntityType    string
	EntityID      string
	ThreatModelID string
	Priority      WarmingPriority
	Strategy      WarmingStrategy
	TTLOverride   *time.Duration
	ForceRefresh  bool
}

WarmingRequest represents a request to warm specific cache data

type WarmingStats 

type WarmingStats struct {
	TotalWarmed       int
	ThreatsWarmed     int
	DocumentsWarmed   int
	SourcesWarmed     int
	MetadataWarmed    int
	AuthDataWarmed    int
	WarmingDuration   time.Duration
	ErrorsEncountered int
	LastWarmingTime   time.Time
}

WarmingStats tracks cache warming performance

type WarmingStrategy 

type WarmingStrategy int

WarmingStrategy defines different cache warming approaches 

const (
	// WarmOnAccess warms cache when data is first accessed
	WarmOnAccess WarmingStrategy = iota
	// WarmProactively warms cache on a schedule
	WarmProactively
	// WarmOnDemand warms cache only when explicitly requested
	WarmOnDemand
)

type WebSocketClient 

type WebSocketClient struct {
	// Hub reference
	Hub *WebSocketHub
	// Diagram session reference
	Session *DiagramSession
	// The websocket connection
	Conn *websocket.Conn
	// User ID from JWT 'sub' claim (immutable identifier)
	UserID string
	// User display name from JWT 'name' claim
	UserName string
	// User email from JWT 'email' claim
	UserEmail string
	// User identity provider from JWT 'idp' claim
	UserProvider string
	// Buffered channel of outbound messages
	Send chan []byte
	// Last activity timestamp
	LastActivity time.Time
	// contains filtered or unexported fields
}

WebSocketClient represents a connected client

func (*WebSocketClient) ReadPump 

func (c *WebSocketClient) ReadPump()

ReadPump pumps messages from WebSocket to hub

func (*WebSocketClient) WritePump 

func (c *WebSocketClient) WritePump()

WritePump pumps messages from hub to WebSocket

type WebSocketConnectionManager 

type WebSocketConnectionManager struct{}

WebSocketConnectionManager handles WebSocket connection setup and error handling

func (*WebSocketConnectionManager) RegisterClientWithTimeout 

func (m *WebSocketConnectionManager) RegisterClientWithTimeout(session *DiagramSession, client *WebSocketClient, timeoutDuration time.Duration) error

RegisterClientWithTimeout registers a client with the session with a timeout to prevent blocking

func (*WebSocketConnectionManager) SendCloseAndClose 

func (m *WebSocketConnectionManager) SendCloseAndClose(conn *websocket.Conn, closeCode int, closeText string)

SendCloseAndClose sends a close message to the WebSocket connection and closes it

func (*WebSocketConnectionManager) SendErrorAndClose 

func (m *WebSocketConnectionManager) SendErrorAndClose(conn *websocket.Conn, errorCode, errorMessage string)

SendErrorAndClose sends an error message to the WebSocket connection and closes it

type WebSocketHub 

type WebSocketHub struct {
	// Registered connections by diagram ID
	Diagrams map[string]*DiagramSession

	// WebSocket logging configuration
	LoggingConfig slogging.WebSocketLoggingConfig
	// Inactivity timeout duration
	InactivityTimeout time.Duration
	// contains filtered or unexported fields
}

WebSocketHub maintains active connections and broadcasts messages

func NewWebSocketHub 

func NewWebSocketHub(loggingConfig slogging.WebSocketLoggingConfig, inactivityTimeout time.Duration) *WebSocketHub

NewWebSocketHub creates a new WebSocket hub

func NewWebSocketHubForTests 

func NewWebSocketHubForTests() *WebSocketHub

NewWebSocketHubForTests creates a WebSocket hub with default test configuration

func (*WebSocketHub) CleanupAllSessions 

func (h *WebSocketHub) CleanupAllSessions()

CleanupAllSessions removes all active sessions (used at server startup)

func (*WebSocketHub) CleanupEmptySessions 

func (h *WebSocketHub) CleanupEmptySessions()

CleanupEmptySessions performs immediate cleanup of empty sessions

func (*WebSocketHub) CleanupInactiveSessions 

func (h *WebSocketHub) CleanupInactiveSessions()

CleanupInactiveSessions removes sessions that are inactive or empty with grace period

func (*WebSocketHub) CloseSession 

func (h *WebSocketHub) CloseSession(diagramID string)

CloseSession closes a session and removes it

func (*WebSocketHub) CreateSession 

func (h *WebSocketHub) CreateSession(diagramID string, threatModelID string, hostUserID string) (*DiagramSession, error)

CreateSession creates a new collaboration session if none exists, returns error if one already exists

func (*WebSocketHub) GetActiveSessions 

func (h *WebSocketHub) GetActiveSessions() []CollaborationSession

GetActiveSessions returns all active collaboration sessions

func (*WebSocketHub) GetActiveSessionsForUser 

func (h *WebSocketHub) GetActiveSessionsForUser(c *gin.Context, userName string) []CollaborationSession

GetActiveSessionsForUser returns all active collaboration sessions that the specified user has access to

func (*WebSocketHub) GetOrCreateSession 

func (h *WebSocketHub) GetOrCreateSession(diagramID string, threatModelID string, hostUserID string) *DiagramSession

GetOrCreateSession returns an existing session or creates a new one

func (*WebSocketHub) GetSession 

func (h *WebSocketHub) GetSession(diagramID string) *DiagramSession

GetSession returns an existing session or nil if none exists

func (*WebSocketHub) HandleWS 

func (h *WebSocketHub) HandleWS(c *gin.Context)

HandleWS handles WebSocket connections

func (*WebSocketHub) HasActiveSession 

func (h *WebSocketHub) HasActiveSession(diagramID string) bool

HasActiveSession checks if there is an active collaboration session for a diagram

func (*WebSocketHub) JoinSession 

func (h *WebSocketHub) JoinSession(diagramID string, userID string) (*DiagramSession, error)

JoinSession joins an existing collaboration session, returns error if none exists

func (*WebSocketHub) StartCleanupTimer 

func (h *WebSocketHub) StartCleanupTimer(ctx context.Context)

StartCleanupTimer starts a periodic cleanup timer

func (*WebSocketHub) UpdateDiagram 

func (h *WebSocketHub) UpdateDiagram(diagramID string, updateFunc func(DfdDiagram) (DfdDiagram, bool, error), updateSource string, excludeUserID string) (*UpdateDiagramResult, error)

UpdateDiagram provides centralized diagram updates with version control and WebSocket notification This function: 1. Handles all diagram modifications (cells, metadata, properties) 2. Auto-increments update_vector when cells[] changes or when explicitly requested 3. Notifies WebSocket sessions when updates come from REST API 4. Serves as single source of truth for all diagram modifications 5. Provides thread-safe updates with proper locking

func (*WebSocketHub) UpdateDiagramCells 

func (h *WebSocketHub) UpdateDiagramCells(diagramID string, newCells []DfdDiagram_Cells_Item, updateSource string, excludeUserID string) (*UpdateDiagramResult, error)

UpdateDiagramCells provides centralized diagram cell updates (convenience wrapper)

type WebhookChallengeWorker 

type WebhookChallengeWorker struct {
	// contains filtered or unexported fields
}

WebhookChallengeWorker handles webhook subscription verification challenges

func NewWebhookChallengeWorker 

func NewWebhookChallengeWorker() *WebhookChallengeWorker

NewWebhookChallengeWorker creates a new challenge verification worker

func (*WebhookChallengeWorker) Start 

func (w *WebhookChallengeWorker) Start(ctx context.Context) error

Start begins processing pending verification challenges

func (*WebhookChallengeWorker) Stop 

func (w *WebhookChallengeWorker) Stop()

Stop gracefully stops the worker

type WebhookCleanupWorker 

type WebhookCleanupWorker struct {
	// contains filtered or unexported fields
}

WebhookCleanupWorker handles cleanup of old deliveries, idle subscriptions, and broken subscriptions

func NewWebhookCleanupWorker 

func NewWebhookCleanupWorker() *WebhookCleanupWorker

NewWebhookCleanupWorker creates a new cleanup worker

func (*WebhookCleanupWorker) Start 

func (w *WebhookCleanupWorker) Start(ctx context.Context) error

Start begins cleanup operations

func (*WebhookCleanupWorker) Stop 

func (w *WebhookCleanupWorker) Stop()

Stop gracefully stops the worker

type WebhookDelivery 

type WebhookDelivery struct {
	// Attempts Number of delivery attempts
	Attempts int `json:"attempts"`

	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// DeliveredAt Successful delivery timestamp
	DeliveredAt *time.Time `json:"delivered_at"`

	// EventType Webhook event type following {resource}.{action} pattern. CRUD events are emitted for resource lifecycle changes (created, updated, deleted). The addon.invoked event is emitted when an add-on is invoked.
	EventType WebhookEventType `json:"event_type"`

	// Id Unique identifier (UUIDv7)
	Id openapi_types.UUID `json:"id"`

	// LastError Last error message
	LastError *string `json:"last_error,omitempty"`

	// NextRetryAt Next retry timestamp
	NextRetryAt *time.Time `json:"next_retry_at"`

	// Payload Event payload (JSON)
	Payload *map[string]interface{} `json:"payload,omitempty"`

	// Status Delivery status
	Status WebhookDeliveryStatus `json:"status"`

	// SubscriptionId Subscription that triggered this delivery
	SubscriptionId openapi_types.UUID `json:"subscription_id"`
}

WebhookDelivery defines model for WebhookDelivery.

type WebhookDeliveryStatus 

type WebhookDeliveryStatus string

WebhookDeliveryStatus Delivery status 

const (
	Delivered WebhookDeliveryStatus = "delivered"
	Failed    WebhookDeliveryStatus = "failed"
	Pending   WebhookDeliveryStatus = "pending"
)

Defines values for WebhookDeliveryStatus.

type WebhookDeliveryStoreInterface 

type WebhookDeliveryStoreInterface interface {
	Get(id string) (DBWebhookDelivery, error)
	List(offset, limit int, filter func(DBWebhookDelivery) bool) []DBWebhookDelivery
	ListBySubscription(subscriptionID string, offset, limit int) ([]DBWebhookDelivery, error)
	ListPending(limit int) ([]DBWebhookDelivery, error)
	ListReadyForRetry() ([]DBWebhookDelivery, error)
	Create(item DBWebhookDelivery) (DBWebhookDelivery, error)
	Update(id string, item DBWebhookDelivery) error
	UpdateStatus(id string, status string, deliveredAt *time.Time) error
	UpdateRetry(id string, attempts int, nextRetryAt *time.Time, lastError string) error
	Delete(id string) error
	DeleteOld(daysOld int) (int, error)
	Count() int
}

WebhookDeliveryStoreInterface defines operations for webhook deliveries 

var GlobalWebhookDeliveryStore WebhookDeliveryStoreInterface

type WebhookDeliveryWorker 

type WebhookDeliveryWorker struct {
	// contains filtered or unexported fields
}

WebhookDeliveryWorker handles delivery of webhook events to subscribed endpoints

func NewWebhookDeliveryWorker 

func NewWebhookDeliveryWorker() *WebhookDeliveryWorker

NewWebhookDeliveryWorker creates a new delivery worker

func (*WebhookDeliveryWorker) Start 

func (w *WebhookDeliveryWorker) Start(ctx context.Context) error

Start begins processing pending deliveries

func (*WebhookDeliveryWorker) Stop 

func (w *WebhookDeliveryWorker) Stop()

Stop gracefully stops the worker

type WebhookEventConsumer 

type WebhookEventConsumer struct {
	// contains filtered or unexported fields
}

WebhookEventConsumer consumes events from Redis Streams and creates webhook deliveries

func NewWebhookEventConsumer 

func NewWebhookEventConsumer(redisClient *redis.Client, streamKey, groupName, consumerID string) *WebhookEventConsumer

NewWebhookEventConsumer creates a new event consumer

func (*WebhookEventConsumer) Start 

func (c *WebhookEventConsumer) Start(ctx context.Context) error

Start begins consuming events from the Redis Stream

func (*WebhookEventConsumer) Stop 

func (c *WebhookEventConsumer) Stop()

Stop gracefully stops the consumer

type WebhookEventType 

type WebhookEventType string

WebhookEventType Webhook event type following {resource}.{action} pattern. CRUD events are emitted for resource lifecycle changes (created, updated, deleted). The addon.invoked event is emitted when an add-on is invoked. 

const (
	WebhookEventTypeAddonInvoked       WebhookEventType = "addon.invoked"
	WebhookEventTypeAssetCreated       WebhookEventType = "asset.created"
	WebhookEventTypeAssetDeleted       WebhookEventType = "asset.deleted"
	WebhookEventTypeAssetUpdated       WebhookEventType = "asset.updated"
	WebhookEventTypeDiagramCreated     WebhookEventType = "diagram.created"
	WebhookEventTypeDiagramDeleted     WebhookEventType = "diagram.deleted"
	WebhookEventTypeDiagramUpdated     WebhookEventType = "diagram.updated"
	WebhookEventTypeDocumentCreated    WebhookEventType = "document.created"
	WebhookEventTypeDocumentDeleted    WebhookEventType = "document.deleted"
	WebhookEventTypeDocumentUpdated    WebhookEventType = "document.updated"
	WebhookEventTypeMetadataCreated    WebhookEventType = "metadata.created"
	WebhookEventTypeMetadataDeleted    WebhookEventType = "metadata.deleted"
	WebhookEventTypeMetadataUpdated    WebhookEventType = "metadata.updated"
	WebhookEventTypeNoteCreated        WebhookEventType = "note.created"
	WebhookEventTypeNoteDeleted        WebhookEventType = "note.deleted"
	WebhookEventTypeNoteUpdated        WebhookEventType = "note.updated"
	WebhookEventTypeRepositoryCreated  WebhookEventType = "repository.created"
	WebhookEventTypeRepositoryDeleted  WebhookEventType = "repository.deleted"
	WebhookEventTypeRepositoryUpdated  WebhookEventType = "repository.updated"
	WebhookEventTypeThreatCreated      WebhookEventType = "threat.created"
	WebhookEventTypeThreatDeleted      WebhookEventType = "threat.deleted"
	WebhookEventTypeThreatModelCreated WebhookEventType = "threat_model.created"
	WebhookEventTypeThreatModelDeleted WebhookEventType = "threat_model.deleted"
	WebhookEventTypeThreatModelUpdated WebhookEventType = "threat_model.updated"
	WebhookEventTypeThreatUpdated      WebhookEventType = "threat.updated"
)

Defines values for WebhookEventType.

type WebhookId 

type WebhookId = openapi_types.UUID

WebhookId defines model for WebhookId.

type WebhookQuota 

type WebhookQuota struct {
	// MaxEventsPerMinute Maximum webhook events per minute
	MaxEventsPerMinute int `json:"max_events_per_minute"`

	// MaxSubscriptionRequestsPerDay Maximum subscription requests per day
	MaxSubscriptionRequestsPerDay int `json:"max_subscription_requests_per_day"`

	// MaxSubscriptionRequestsPerMinute Maximum subscription requests per minute
	MaxSubscriptionRequestsPerMinute int `json:"max_subscription_requests_per_minute"`

	// MaxSubscriptions Maximum number of webhook subscriptions
	MaxSubscriptions int `json:"max_subscriptions"`

	// OwnerId Owner ID
	OwnerId openapi_types.UUID `json:"owner_id"`
}

WebhookQuota defines model for WebhookQuota.

type WebhookQuotaDatabaseStore 

type WebhookQuotaDatabaseStore struct {
	// contains filtered or unexported fields
}

WebhookQuotaDatabaseStore implements WebhookQuotaStoreInterface

func NewWebhookQuotaDatabaseStore 

func NewWebhookQuotaDatabaseStore(db *sql.DB) *WebhookQuotaDatabaseStore

NewWebhookQuotaDatabaseStore creates a new database-backed store

func (*WebhookQuotaDatabaseStore) Create 

func (s *WebhookQuotaDatabaseStore) Create(item DBWebhookQuota) (DBWebhookQuota, error)

Create creates a new webhook quota

func (*WebhookQuotaDatabaseStore) Delete 

func (s *WebhookQuotaDatabaseStore) Delete(ownerID string) error

Delete deletes a webhook quota

func (*WebhookQuotaDatabaseStore) Get 

func (s *WebhookQuotaDatabaseStore) Get(ownerID string) (DBWebhookQuota, error)

Get retrieves a webhook quota by owner ID

func (*WebhookQuotaDatabaseStore) GetOrDefault 

func (s *WebhookQuotaDatabaseStore) GetOrDefault(ownerID string) DBWebhookQuota

GetOrDefault retrieves a quota or returns default values

func (*WebhookQuotaDatabaseStore) List 

func (s *WebhookQuotaDatabaseStore) List(offset, limit int) ([]DBWebhookQuota, error)

List retrieves all webhook quotas with pagination

func (*WebhookQuotaDatabaseStore) Update 

func (s *WebhookQuotaDatabaseStore) Update(ownerID string, item DBWebhookQuota) error

Update updates an existing webhook quota

type WebhookQuotaStoreInterface 

type WebhookQuotaStoreInterface interface {
	Get(ownerID string) (DBWebhookQuota, error)
	GetOrDefault(ownerID string) DBWebhookQuota
	List(offset, limit int) ([]DBWebhookQuota, error)
	Create(item DBWebhookQuota) (DBWebhookQuota, error)
	Update(ownerID string, item DBWebhookQuota) error
	Delete(ownerID string) error
}

WebhookQuotaStoreInterface defines operations for webhook quotas 

var GlobalWebhookQuotaStore WebhookQuotaStoreInterface

type WebhookQuotaUpdate 

type WebhookQuotaUpdate struct {
	// MaxEventsPerMinute Maximum webhook events per minute
	MaxEventsPerMinute int `json:"max_events_per_minute"`

	// MaxSubscriptionRequestsPerDay Maximum subscription requests per day
	MaxSubscriptionRequestsPerDay int `json:"max_subscription_requests_per_day"`

	// MaxSubscriptionRequestsPerMinute Maximum subscription requests per minute
	MaxSubscriptionRequestsPerMinute int `json:"max_subscription_requests_per_minute"`

	// MaxSubscriptions Maximum webhook subscriptions
	MaxSubscriptions int `json:"max_subscriptions"`
}

WebhookQuotaUpdate defines model for WebhookQuotaUpdate.

type WebhookRateLimiter 

type WebhookRateLimiter struct {
	// contains filtered or unexported fields
}

WebhookRateLimiter implements rate limiting for webhook operations using Redis

func NewWebhookRateLimiter 

func NewWebhookRateLimiter(redisClient *redis.Client) *WebhookRateLimiter

NewWebhookRateLimiter creates a new rate limiter

func (*WebhookRateLimiter) CheckEventPublicationLimit 

func (r *WebhookRateLimiter) CheckEventPublicationLimit(ctx context.Context, ownerID string) error

CheckEventPublicationLimit checks rate limit for event publications

func (*WebhookRateLimiter) CheckSubscriptionLimit 

func (r *WebhookRateLimiter) CheckSubscriptionLimit(ctx context.Context, ownerID string) error

CheckSubscriptionLimit checks if owner can create a new subscription

func (*WebhookRateLimiter) CheckSubscriptionRequestLimit 

func (r *WebhookRateLimiter) CheckSubscriptionRequestLimit(ctx context.Context, ownerID string) error

CheckSubscriptionRequestLimit checks rate limit for subscription creation requests

func (*WebhookRateLimiter) GetSubscriptionRateLimitInfo 

func (r *WebhookRateLimiter) GetSubscriptionRateLimitInfo(ctx context.Context, ownerID string) (limit int, remaining int, resetAt int64, err error)

GetSubscriptionRateLimitInfo returns current subscription request rate limit status

func (*WebhookRateLimiter) RecordEventPublication 

func (r *WebhookRateLimiter) RecordEventPublication(ctx context.Context, ownerID string) error

RecordEventPublication records an event publication for rate limiting

func (*WebhookRateLimiter) RecordSubscriptionRequest 

func (r *WebhookRateLimiter) RecordSubscriptionRequest(ctx context.Context, ownerID string) error

RecordSubscriptionRequest records a subscription creation request for rate limiting

type WebhookSubscription 

type WebhookSubscription struct {
	// ChallengesSent Number of verification challenges sent
	ChallengesSent *int `json:"challenges_sent,omitempty"`

	// CreatedAt Creation timestamp
	CreatedAt time.Time `json:"created_at"`

	// Events List of event types to subscribe to. See WebhookEventType for available events.
	Events []WebhookEventType `json:"events"`

	// Id Unique identifier
	Id openapi_types.UUID `json:"id"`

	// LastSuccessfulUse Last successful delivery timestamp
	LastSuccessfulUse *time.Time `json:"last_successful_use"`

	// ModifiedAt Last modification timestamp
	ModifiedAt time.Time `json:"modified_at"`

	// Name Descriptive name
	Name string `json:"name"`

	// OwnerId Owner user ID
	OwnerId openapi_types.UUID `json:"owner_id"`

	// PublicationFailures Count of consecutive failed deliveries
	PublicationFailures *int `json:"publication_failures,omitempty"`

	// Secret HMAC secret for signing payloads (not returned in GET responses)
	Secret *string `json:"secret,omitempty"`

	// Status Subscription status
	Status WebhookSubscriptionStatus `json:"status"`

	// ThreatModelId Optional threat model filter (null means all threat models)
	ThreatModelId *openapi_types.UUID `json:"threat_model_id"`

	// Url Webhook endpoint URL (must be HTTPS)
	Url string `json:"url"`
}

WebhookSubscription defines model for WebhookSubscription.

type WebhookSubscriptionInput 

type WebhookSubscriptionInput struct {
	// Events List of event types to subscribe to
	Events []string `json:"events"`

	// Name Descriptive name for the subscription
	Name string `json:"name"`

	// Secret Optional HMAC secret for signing payloads (auto-generated if not provided)
	Secret *string `json:"secret,omitempty"`

	// ThreatModelId Optional threat model filter
	ThreatModelId *openapi_types.UUID `json:"threat_model_id"`

	// Url Webhook endpoint URL (must be HTTPS)
	Url string `json:"url"`
}

WebhookSubscriptionInput defines model for WebhookSubscriptionInput.

type WebhookSubscriptionStatus 

type WebhookSubscriptionStatus string

WebhookSubscriptionStatus Subscription status 

const (
	Active              WebhookSubscriptionStatus = "active"
	PendingDelete       WebhookSubscriptionStatus = "pending_delete"
	PendingVerification WebhookSubscriptionStatus = "pending_verification"
)

Defines values for WebhookSubscriptionStatus.

type WebhookSubscriptionStoreInterface 

type WebhookSubscriptionStoreInterface interface {
	Get(id string) (DBWebhookSubscription, error)
	List(offset, limit int, filter func(DBWebhookSubscription) bool) []DBWebhookSubscription
	ListByOwner(ownerID string, offset, limit int) ([]DBWebhookSubscription, error)
	ListByThreatModel(threatModelID string, offset, limit int) ([]DBWebhookSubscription, error)
	ListActiveByOwner(ownerID string) ([]DBWebhookSubscription, error)
	ListPendingVerification() ([]DBWebhookSubscription, error)
	ListPendingDelete() ([]DBWebhookSubscription, error)
	ListIdle(daysIdle int) ([]DBWebhookSubscription, error)
	ListBroken(minFailures int, daysSinceSuccess int) ([]DBWebhookSubscription, error)
	Create(item DBWebhookSubscription, idSetter func(DBWebhookSubscription, string) DBWebhookSubscription) (DBWebhookSubscription, error)
	Update(id string, item DBWebhookSubscription) error
	UpdateStatus(id string, status string) error
	UpdateChallenge(id string, challenge string, challengesSent int) error
	UpdatePublicationStats(id string, success bool) error
	IncrementTimeouts(id string) error
	ResetTimeouts(id string) error
	Delete(id string) error
	Count() int
	CountByOwner(ownerID string) (int, error)
}

WebhookSubscriptionStoreInterface defines operations for webhook subscriptions 

var GlobalWebhookSubscriptionStore WebhookSubscriptionStoreInterface

Global webhook store instances

type WebhookTestRequest 

type WebhookTestRequest struct {
	// EventType Webhook event type following {resource}.{action} pattern
	EventType *WebhookTestRequestEventType `json:"event_type,omitempty"`
}

WebhookTestRequest defines model for WebhookTestRequest.

type WebhookTestRequestEventType 

type WebhookTestRequestEventType string

WebhookTestRequestEventType Webhook event type following {resource}.{action} pattern 

const (
	WebhookTestRequestEventTypeAssetCreated       WebhookTestRequestEventType = "asset.created"
	WebhookTestRequestEventTypeAssetDeleted       WebhookTestRequestEventType = "asset.deleted"
	WebhookTestRequestEventTypeAssetUpdated       WebhookTestRequestEventType = "asset.updated"
	WebhookTestRequestEventTypeDiagramCreated     WebhookTestRequestEventType = "diagram.created"
	WebhookTestRequestEventTypeDiagramDeleted     WebhookTestRequestEventType = "diagram.deleted"
	WebhookTestRequestEventTypeDiagramUpdated     WebhookTestRequestEventType = "diagram.updated"
	WebhookTestRequestEventTypeDocumentCreated    WebhookTestRequestEventType = "document.created"
	WebhookTestRequestEventTypeDocumentDeleted    WebhookTestRequestEventType = "document.deleted"
	WebhookTestRequestEventTypeDocumentUpdated    WebhookTestRequestEventType = "document.updated"
	WebhookTestRequestEventTypeMetadataCreated    WebhookTestRequestEventType = "metadata.created"
	WebhookTestRequestEventTypeMetadataDeleted    WebhookTestRequestEventType = "metadata.deleted"
	WebhookTestRequestEventTypeMetadataUpdated    WebhookTestRequestEventType = "metadata.updated"
	WebhookTestRequestEventTypeNoteCreated        WebhookTestRequestEventType = "note.created"
	WebhookTestRequestEventTypeNoteDeleted        WebhookTestRequestEventType = "note.deleted"
	WebhookTestRequestEventTypeNoteUpdated        WebhookTestRequestEventType = "note.updated"
	WebhookTestRequestEventTypeRepositoryCreated  WebhookTestRequestEventType = "repository.created"
	WebhookTestRequestEventTypeRepositoryDeleted  WebhookTestRequestEventType = "repository.deleted"
	WebhookTestRequestEventTypeRepositoryUpdated  WebhookTestRequestEventType = "repository.updated"
	WebhookTestRequestEventTypeThreatCreated      WebhookTestRequestEventType = "threat.created"
	WebhookTestRequestEventTypeThreatDeleted      WebhookTestRequestEventType = "threat.deleted"
	WebhookTestRequestEventTypeThreatModelCreated WebhookTestRequestEventType = "threat_model.created"
	WebhookTestRequestEventTypeThreatModelDeleted WebhookTestRequestEventType = "threat_model.deleted"
	WebhookTestRequestEventTypeThreatModelUpdated WebhookTestRequestEventType = "threat_model.updated"
	WebhookTestRequestEventTypeThreatUpdated      WebhookTestRequestEventType = "threat.updated"
)

Defines values for WebhookTestRequestEventType.

type WebhookTestResponse 

type WebhookTestResponse struct {
	// DeliveryId Test delivery ID
	DeliveryId openapi_types.UUID `json:"delivery_id"`

	// Message Result message
	Message *string `json:"message,omitempty"`

	// Status Test result status
	Status string `json:"status"`
}

WebhookTestResponse defines model for WebhookTestResponse.

type WebhookUrlDenyListDatabaseStore 

type WebhookUrlDenyListDatabaseStore struct {
	// contains filtered or unexported fields
}

WebhookUrlDenyListDatabaseStore implements WebhookUrlDenyListStoreInterface

func NewWebhookUrlDenyListDatabaseStore 

func NewWebhookUrlDenyListDatabaseStore(db *sql.DB) *WebhookUrlDenyListDatabaseStore

NewWebhookUrlDenyListDatabaseStore creates a new database-backed store

func (*WebhookUrlDenyListDatabaseStore) Create 

func (s *WebhookUrlDenyListDatabaseStore) Create(item WebhookUrlDenyListEntry) (WebhookUrlDenyListEntry, error)

Create creates a new deny list entry

func (*WebhookUrlDenyListDatabaseStore) Delete 

func (s *WebhookUrlDenyListDatabaseStore) Delete(id string) error

Delete deletes a deny list entry

func (*WebhookUrlDenyListDatabaseStore) List 

func (s *WebhookUrlDenyListDatabaseStore) List() ([]WebhookUrlDenyListEntry, error)

List retrieves all deny list entries

type WebhookUrlDenyListEntry 

type WebhookUrlDenyListEntry struct {
	Id          uuid.UUID `json:"id"`
	Pattern     string    `json:"pattern"`
	PatternType string    `json:"pattern_type"` // glob, regex
	Description string    `json:"description"`
	CreatedAt   time.Time `json:"created_at"`
}

WebhookUrlDenyListEntry represents a URL pattern to block

type WebhookUrlDenyListStoreInterface 

type WebhookUrlDenyListStoreInterface interface {
	List() ([]WebhookUrlDenyListEntry, error)
	Create(item WebhookUrlDenyListEntry) (WebhookUrlDenyListEntry, error)
	Delete(id string) error
}

WebhookUrlDenyListStoreInterface defines operations for URL deny list 

var GlobalWebhookUrlDenyListStore WebhookUrlDenyListStoreInterface

type WebhookUrlValidator 

type WebhookUrlValidator struct {
	// contains filtered or unexported fields
}

WebhookUrlValidator validates webhook URLs against security rules

func NewWebhookUrlValidator 

func NewWebhookUrlValidator(denyListStore WebhookUrlDenyListStoreInterface) *WebhookUrlValidator

NewWebhookUrlValidator creates a new URL validator

func (*WebhookUrlValidator) ValidateWebhookURL 

func (v *WebhookUrlValidator) ValidateWebhookURL(rawURL string) error

ValidateWebhookURL validates a webhook URL according to security requirements

type WithTimestamps 

type WithTimestamps interface {
	SetCreatedAt(time.Time)
	SetModifiedAt(time.Time)
}

WithTimestamps is a mixin interface for entities with timestamps

type XWebhookSignatureHeaderParam 

type XWebhookSignatureHeaderParam = string

XWebhookSignatureHeaderParam defines model for X-Webhook-SignatureHeaderParam.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.