Versions in this module Expand all Collapse all v0 v0.2.0 Mar 8, 2026 v0.1.0 Feb 28, 2026 Changes in this version + var CoreForgeTables = []string + func BypassRLS(roleName string) string + func ContextWithTenant(ctx context.Context, tenantID uuid.UUID) context.Context + func ContextWithTenantAndUser(ctx context.Context, tenantID, userID uuid.UUID) context.Context + func ContextWithUser(ctx context.Context, userID uuid.UUID) context.Context + func HasTenant(ctx context.Context) bool + func HasUser(ctx context.Context) bool + func NoBypassRLS(roleName string) string + func TenantIDFromContext(ctx context.Context) uuid.UUID + func TenantIDString(ctx context.Context) string + func UserIDFromContext(ctx context.Context) uuid.UUID + func UserIDString(ctx context.Context) string + func WithTenant(ctx context.Context, db *sql.DB, helper *Helper, tenantID, userID uuid.UUID, ...) error + func WithTenantFromContext(ctx context.Context, db *sql.DB, helper *Helper, fn TxFunc) error + func WithTenantOpts(ctx context.Context, db *sql.DB, helper *Helper, opts *TxOptions, fn TxFunc) error + type Config struct + SessionVariable string + TenantColumn string + UserColumn string + UserSessionVariable string + func DefaultConfig() *Config + type ConnWithRLS struct + func GetConnWithRLS(ctx context.Context, db *sql.DB, cfg *Config) (*ConnWithRLS, error) + func NewConnWithRLS(ctx context.Context, conn *sql.Conn, cfg *Config) (*ConnWithRLS, error) + type ContextInjector struct + func NewContextInjector(cfg *Config) *ContextInjector + func (ci *ContextInjector) InjectContext(ctx context.Context, conn *sql.Conn) error + type DBWithRLS struct + func NewDBWithRLS(db *sql.DB, cfg *Config) *DBWithRLS + type EntDriver struct + func NewEntDriver(cfg *Config) *EntDriver + type EntHook struct + func NewEntHook(db *sql.DB, cfg *Config) *EntHook + func (h *EntHook) SetContextFromContext(ctx context.Context) error + type Executor interface + ExecContext func(ctx context.Context, query string, args ...any) (sql.Result, error) + type Helper struct + func NewHelper(cfg *Config) *Helper + func (h *Helper) ClearContext(ctx context.Context, db Executor) error + func (h *Helper) SetContext(ctx context.Context, db Executor, tenantID, userID string) error + func (h *Helper) SetTenant(ctx context.Context, db Executor, tenantID string) error + func (h *Helper) SetUser(ctx context.Context, db Executor, userID string) error + type Middleware struct + func NewMiddleware(db *sql.DB, cfg *Config) *Middleware + func (m *Middleware) RequireTenant() func(http.Handler) http.Handler + func (m *Middleware) SetRLSContext() func(http.Handler) http.Handler + type MigrationConfig struct + AppRole string + BypassRoles []string + SessionVariable string + Tables []string + TenantColumn string + func DefaultMigrationConfig() *MigrationConfig + type Migrator struct + func NewMigrator(db *sql.DB, cfg *MigrationConfig) *Migrator + func (m *Migrator) DisableRLS(ctx context.Context, table string) error + func (m *Migrator) EnableRLS(ctx context.Context, table string) error + func (m *Migrator) GenerateMigrationSQL() string + func (m *Migrator) GenerateRollbackSQL() string + func (m *Migrator) GrantBypass(ctx context.Context, role string) error + func (m *Migrator) MigrateCoreForge(ctx context.Context) error + func (m *Migrator) RevokeBypass(ctx context.Context, role string) error + func (m *Migrator) VerifyRLS(ctx context.Context) ([]TableRLSStatus, error) + type PolicySQL struct + func NewPolicySQL(tableName, policyName string, cfg *Config) *PolicySQL + func (p *PolicySQL) CreateAllPolicies() string + func (p *PolicySQL) CreateDeletePolicy() string + func (p *PolicySQL) CreateInsertPolicy() string + func (p *PolicySQL) CreateSelectPolicy() string + func (p *PolicySQL) CreateUpdatePolicy() string + func (p *PolicySQL) DropAllPolicies() string + func (p *PolicySQL) DropPolicy(operation string) string + func (p *PolicySQL) EnableRLS() string + func (p *PolicySQL) ForceRLS() string + type TableRLSStatus struct + HasPolicies bool + Policies []string + RLSEnabled bool + RLSForced bool + Table string + type TestHelper struct + func NewTestHelper(t *testing.T, db *sql.DB, cfg *Config) *TestHelper + func (th *TestHelper) AsTenant(tenantID uuid.UUID, fn func(ctx context.Context, tx *sql.Tx)) + func (th *TestHelper) AsUser(tenantID, userID uuid.UUID, fn func(ctx context.Context, tx *sql.Tx)) + func (th *TestHelper) AssertCanRead(tenantID, userID uuid.UUID, table, whereClause string, args ...any) + func (th *TestHelper) AssertCannotRead(tenantID, userID uuid.UUID, table, whereClause string, args ...any) + func (th *TestHelper) AssertTenantIsolation(table, insertCol, valueCol string) + func (th *TestHelper) SetupTestTenant(name string) (tenantID uuid.UUID, cleanup func()) + func (th *TestHelper) SetupTestUser(tenantID uuid.UUID, email, role string) (userID uuid.UUID, cleanup func()) + func (th *TestHelper) WithoutRLS(fn func(ctx context.Context, tx *sql.Tx)) + type TxFunc func(tx *sql.Tx) error + type TxManager struct + func NewTxManager(db *sql.DB, cfg *Config) *TxManager + func (m *TxManager) Begin(ctx context.Context, tenantID, userID uuid.UUID) (*sql.Tx, error) + func (m *TxManager) BeginFromContext(ctx context.Context) (*sql.Tx, error) + func (m *TxManager) WithTenant(ctx context.Context, tenantID, userID uuid.UUID, fn TxFunc) error + func (m *TxManager) WithTenantFromContext(ctx context.Context, fn TxFunc) error + type TxOptions struct + IsolationLevel sql.IsolationLevel + ReadOnly bool + TenantID uuid.UUID + UserID uuid.UUID
Go to main page