render

package
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 14, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package render builds and renders per-tenant backup-assurance reports (HTML + PDF) over the report store's compliance and rule_321110 views.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrNoData = errors.New("no captured assets for tenant")
)

ErrNoData is returned by Build when a tenant has no captured assets (→ HTTP 404, distinct from a database failure → 500). errUnsupportedFormat is shared by the CLI and HTTP format checks.

Functions

func FormatExt

func FormatExt(format string) (string, error)

FormatExt validates an output format and returns its file extension ("" defaults to html). Shared by the CLI render command and the HTTP endpoint so both accept the same set.

func NewHandler

func NewHandler(st *report.Store, brand string, authz *Authorizer) http.Handler

NewHandler returns the read-only report HTTP surface: GET /report?tenant=&format= and GET /healthz. authz enforces per-tenant access; when no tokens are configured it is a no-op (the endpoint is open — localhost posture).

func RenderHTML

func RenderHTML(w io.Writer, d ReportData) error

RenderHTML writes the branded HTML report. html/template auto-escapes all data, so a hostile asset name cannot inject markup.

func RenderPDF

func RenderPDF(w io.Writer, d ReportData) error

RenderPDF writes a structured, tabular PDF of the same ReportData (independent layout from the HTML — the cost of a browser-free, pure-Go renderer).

Types

type Authorizer added in v1.1.0

type Authorizer struct {
	// contains filtered or unexported fields
}

Authorizer maps bearer tokens (by sha256 hash) to their Scope.

func NewAuthorizer added in v1.1.0

func NewAuthorizer(authToken string, scopes []TokenScope) *Authorizer

NewAuthorizer builds the registry. A non-empty authToken is registered as an all-tenants (admin) token; empty token entries are ignored. Required() is false only when nothing was registered.

func (*Authorizer) Allows added in v1.1.0

func (a *Authorizer) Allows(s Scope, tenant string) bool

Allows reports whether an authenticated Scope may read tenant.

func (*Authorizer) Authenticate added in v1.1.0

func (a *Authorizer) Authenticate(r *http.Request) (Scope, bool)

Authenticate matches a request's Bearer token to its Scope; ok=false if the token is absent or unknown. Lookup is a single map access on the sha256 hash (no per-token comparison).

func (*Authorizer) Required added in v1.1.0

func (a *Authorizer) Required() bool

Required reports whether any token is registered (i.e. auth must be enforced).

type ReportData

type ReportData struct {
	Tenant      string
	BrandName   string
	GeneratedAt time.Time
	Summary     report.Summary
	Compliance  []report.ComplianceRow
	Rule321     []report.Rule321Row
}

ReportData is everything a renderer needs for one tenant's current-snapshot report.

func Build

func Build(ctx context.Context, st *report.Store, tenant, brand string, now time.Time) (ReportData, error)

Build assembles a tenant's report from the store. now is injected (testable). It errors when the tenant has no assets — there is nothing to assure.

func (ReportData) BadgeText

func (d ReportData) BadgeText() string

BadgeText renders the 3-2-1-1-0 verdict as a word.

func (ReportData) CompliantPercent

func (d ReportData) CompliantPercent() int

CompliantPercent is the share of assets meeting every SLA rule, 0..100 (0 when no assets).

type Scope added in v1.1.0

type Scope struct {
	// contains filtered or unexported fields
}

Scope is an authenticated token's authorization: all tenants, or a specific set.

type TokenScope added in v1.1.0

type TokenScope struct {
	Token   string
	Tenants []string
}

TokenScope is one bearer token and the tenants it may read ("*" = all). Plain DTO so the render package stays free of internal/config; cmd/report maps config tokens into these.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL