core

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2026 License: MIT Imports: 17 Imported by: 4

Documentation

Index

Constants

View Source 
const InvitationProviderRegistryServiceKey = "invitation.provider.registry"

Variables

This section is empty.

Functions

func BootstrapModules 

func BootstrapModules(
	publicRouter chi.Router,
	privateRouter chi.Router,
	logger logging.Logger,
	deps *Dependencies,
	factories ...ModuleFactory,
)

BootstrapModules loads and registers all modules.

func GetDomainID 

func GetDomainID(ctx context.Context) (string, bool)

GetDomainID extracts domain ID from context.

func GetProjectID 

func GetProjectID(ctx context.Context) (string, bool)

GetProjectID extracts project ID from context.

func GetTenantID 

func GetTenantID(ctx context.Context) (string, bool)

GetTenantID extracts tenant ID from identity or context

func GetUserID 

func GetUserID(ctx context.Context) (uuid.UUID, bool)

GetUserID is a convenience helper to get only the UserID

func WithActingContext 

func WithActingContext(ctx context.Context, ac *ActingContext) context.Context

WithActingContext injects ActingContext into context.

func WithDomainID 

func WithDomainID(ctx context.Context, domainID string) context.Context

WithDomainID injects a domain ID into the context.

func WithIdentity 

func WithIdentity(ctx context.Context, id Identity) context.Context

WithIdentity injects an Identity into the context

func WithProjectID 

func WithProjectID(ctx context.Context, projectID string) context.Context

WithProjectID injects a project ID into the context.

func WithTenantID 

func WithTenantID(ctx context.Context, tenantID string) context.Context

WithTenantID injects a tenant ID into the context

func WithoutIdentity 

func WithoutIdentity(ctx context.Context) context.Context

WithoutIdentity removes identity from context for system/global operations.

func WithoutProject 

func WithoutProject(ctx context.Context) context.Context

WithoutProject clears project scope from context.

func WithoutTenant 

func WithoutTenant(ctx context.Context) context.Context

WithoutTenant clears tenant scope from both identity and context.

Types

type ActingContext 

type ActingContext struct {
	ActorID           uuid.UUID
	Domain            *ResolvedDomain
	IsImpersonating   bool
	ImpersonateReason string
	ImpersonateExpiry time.Time
}

ActingContext stores request-time domain and impersonation metadata.

func GetActingContext 

func GetActingContext(ctx context.Context) *ActingContext

GetActingContext returns ActingContext if present.

func MustGetActingContext 

func MustGetActingContext(ctx context.Context) *ActingContext

MustGetActingContext returns ActingContext and panics if missing.

func (*ActingContext) CasbinDomain 

func (ac *ActingContext) CasbinDomain() string

CasbinDomain returns the Casbin domain string.

func (*ActingContext) IsDomainType 

func (ac *ActingContext) IsDomainType(typeCode string) bool

IsDomainType reports whether the resolved domain matches the given type code.

func (*ActingContext) IsPlatformDomain 

func (ac *ActingContext) IsPlatformDomain() bool

IsPlatformDomain reports whether the request is running in platform domain.

type Dependencies 

type Dependencies struct {
	Client         *ent.Client             // Backend Ent client
	FrameClient    *frameEnt.Client        // Framework Ent client
	Config         *config.Config          // Configuration
	PermManager    *auth.PermissionManager // Permission manager (RBAC/ABAC)
	PermSyncer     *permissionsync.Syncer  // Permission syncer
	JWTService     *jwt.JWTService         // JWT service for impersonation/switch-tenant
	CaptchaService frameCaptcha.Service    // Captcha service for verification
	Router         chi.Router              // Root router for snapshotting

	// Middleware functions (optional, for modules that need them).
	APIKeyMiddleware func(http.Handler) http.Handler

	// Common services can be added here if needed across modules.
	DomainService       DomainResolver
	InvitationProviders *InvitationProviderRegistry
}

Dependencies holds common dependencies required by modules.

type DomainResolver 

type DomainResolver interface {
	ResolveDomain(ctx context.Context, typeCode, key string) (*ResolvedDomain, error)
	ResolveDomainByID(ctx context.Context, domainID uuid.UUID) (*ResolvedDomain, error)
	CheckMembership(ctx context.Context, domainID, subjectID uuid.UUID) (bool, error)
	GetUserDefaultDomain(ctx context.Context, userID uuid.UUID) (*ResolvedDomain, error)
	GetDomainString(typeCode, key string) string
	ListUserDomains(ctx context.Context, userID uuid.UUID) ([]*UserDomainInfo, error)
}

DomainResolver defines read operations for resolving acting domains.

type DomainType 

type DomainType string

DomainType represents top-level acting domain type. 

const (
	DomainPlatform DomainType = "platform"
)

type DomainTypeInfo 

type DomainTypeInfo struct {
	ID   uuid.UUID
	Code string
	Name string
}

DomainTypeInfo holds basic domain type metadata.

type DomainWriter 

type DomainWriter interface {
	DomainResolver
	EnsureDomain(ctx context.Context, typeCode, key, displayName string) (*ResolvedDomain, error)
	AddMembership(ctx context.Context, domainID, subjectID uuid.UUID, memberRole string, isDefault bool) error
	RemoveMembership(ctx context.Context, domainID, subjectID uuid.UUID) error
}

DomainWriter extends DomainResolver with write operations for plugins that need to create domains and manage memberships.

type Identity 

type Identity struct {
	UserID       uuid.UUID      `json:"userId"`
	Username     string         `json:"username,omitempty"`
	Type         IdentityType   `json:"type"`
	Roles        []string       `json:"roles,omitempty"`
	Permissions  []string       `json:"permissions,omitempty"`
	TenantID     string         `json:"tenantId,omitempty"`
	IsSuperAdmin bool           `json:"isSuperAdmin"`
	DataFilters  map[string]any `json:"dataFilters,omitempty"`
	Metadata     map[string]any `json:"metadata,omitempty"`
}

Identity represents a unified authenticated entity (User or Service)

func GetIdentity 

func GetIdentity(ctx context.Context) (Identity, bool)

GetIdentity extracts the Identity from the context

func RequireJWT 

func RequireJWT(ctx context.Context) (Identity, bool)

RequireJWT checks if the current identity is JWT-authenticated. Returns the identity if valid, or false if not JWT.

type IdentityType 

type IdentityType string

IdentityType defines the source of authentication 

const (
	IdentityTypeJWT    IdentityType = "jwt"
	IdentityTypeAPIKey IdentityType = "api_key"
)

type InvitationActivatedRequest 

type InvitationActivatedRequest struct {
	InvitationID uuid.UUID
	ActivatedBy  uuid.UUID
	DomainType   string
	DomainKey    string
	RoleIDs      []string
}

InvitationActivatedRequest represents callback input after invitation activation succeeds.

type InvitationCreateRequest 

type InvitationCreateRequest struct {
	Username   string
	Email      string
	DomainType string
	DomainKey  string
	RoleIDs    []string
	CreatedBy  uuid.UUID
}

InvitationCreateRequest represents domain validation input before issuing invite JWT.

type InvitationDomainProvider 

type InvitationDomainProvider interface {
	TypeCode() string
	ValidateCreate(ctx context.Context, req InvitationCreateRequest) error
	OnActivated(ctx context.Context, req InvitationActivatedRequest) error
}

InvitationDomainProvider handles domain-specific invitation behaviors.

type InvitationProviderRegistry 

type InvitationProviderRegistry struct {
	// contains filtered or unexported fields
}

InvitationProviderRegistry stores invitation providers by domain type code.

func NewInvitationProviderRegistry 

func NewInvitationProviderRegistry() *InvitationProviderRegistry

func (*InvitationProviderRegistry) Register 

func (r *InvitationProviderRegistry) Register(p InvitationDomainProvider) error

func (*InvitationProviderRegistry) Resolve 

func (r *InvitationProviderRegistry) Resolve(typeCode string) (InvitationDomainProvider, bool)

type Module 

type Module interface {
	// Name returns the unique name of the module.
	Name() string

	// RegisterPublicRoutes registers public API endpoints (no authentication required).
	RegisterPublicRoutes(router chi.Router)

	// RegisterPrivateRoutes registers private API endpoints (JWT authentication required).
	RegisterPrivateRoutes(router chi.Router)
}

Module defines the interface that all feature modules must implement.

type ModuleFactory 

type ModuleFactory func(logger logging.Logger, dependencies *Dependencies) Module

ModuleFactory defines a function that creates a new module instance.

type ResolvedDomain 

type ResolvedDomain struct {
	DomainID    uuid.UUID `json:"domainId"`
	TypeCode    string    `json:"typeCode"`
	Key         string    `json:"key"`
	DisplayName string    `json:"displayName"`
}

ResolvedDomain holds the resolved domain information from the database.

type UserDomainInfo 

type UserDomainInfo struct {
	DomainID    uuid.UUID `json:"domainId"`
	TypeCode    string    `json:"typeCode"`
	Key         string    `json:"key"`
	DisplayName string    `json:"displayName"`
	MemberRole  string    `json:"memberRole"`
	IsDefault   bool      `json:"isDefault"`
}

UserDomainInfo holds a user's domain membership information.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.