Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessDescriptor ¶
type AccessDescriptor interface {
Principal() string
Tenant() string
Resource() string
Permission() string
Name() string
WithPrincipal(string) AccessDescriptor
WithTenant(string) AccessDescriptor
WithResource(string) AccessDescriptor
WithPermission(string) AccessDescriptor
WithName(string) AccessDescriptor
}
AccessDescriptor describes the context of an access request.
type AccessFactory ¶
type AccessFactory func() AccessDescriptor
AccessFactory defines a function to create an AccessDescriptor.
type Authorizer ¶
type Authorizer interface {
// Check determines if a given access request is permitted for a single resource.
Check(ctx context.Context, tx *sql.Tx, fn ArgFn, accessDescriptor AccessDescriptor) bool
// Partial generates a SQL expression (a WHERE clause) that can be used to
// filter a list of resources based on the user's permissions.
Partial(ctx context.Context, accessDescriptor AccessDescriptor, extraColumnMappings map[string]SQLColumnRef) (Expr, error)
}
Authorizer defines the interface for making authorization decisions.
type Expr ¶
type Expr interface {
SQL(ArgFn, []any) (string, []any)
Tables() []SQLTableRef
}
Expr represents a SQL expression generated by partial evaluation.
type SQLColumnRef ¶
SQLColumnRef represents a reference to a specific column in a SQL table.
func (SQLColumnRef) Tables ¶
func (sc SQLColumnRef) Tables() []SQLTableRef
type SQLTableRef ¶
type SQLTableRef struct {
Table string
}
SQLTableRef represents a reference to a SQL table.
Source Files
Click to show internal directories.
Click to hide internal directories.