tenant

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2026 License: GPL-3.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultInvitationExpiry is the default expiry duration for invitations.
	DefaultInvitationExpiry = 7 * 24 * time.Hour // 7 days
)

Variables

View Source 
var AllRiskScoringPresets = map[string]RiskScoringSettings{
	"legacy":     LegacyRiskScoringSettings(),
	"default":    DefaultRiskScoringPreset(),
	"banking":    bankingRiskScoringPreset(),
	"healthcare": healthcareRiskScoringPreset(),
	"ecommerce":  ecommerceRiskScoringPreset(),
	"government": governmentRiskScoringPreset(),
}

AllRiskScoringPresets contains all available risk scoring presets.

View Source 
var InvitableRoles = []Role{RoleAdmin, RoleMember, RoleViewer}

InvitableRoles returns the roles that can be assigned when inviting. Note: Owner role cannot be assigned via invitation.

Functions

func GenerateSlug 

func GenerateSlug(name string) string

GenerateSlug generates a slug from a name.

func IsValidSlug 

func IsValidSlug(slug string) bool

IsValidSlug checks if a slug is valid.

Types

type AIMode 

type AIMode string

AIMode represents how the tenant uses AI services. 

const (
	// AIModeDisabled means AI features are disabled.
	AIModeDisabled AIMode = "disabled"
	// AIModePlatform uses the platform's AI (included in subscription).
	AIModePlatform AIMode = "platform"
	// AIModeBYOK means tenant brings their own API key.
	AIModeBYOK AIMode = "byok"
	// AIModeAgent means tenant uses a self-hosted AI agent.
	AIModeAgent AIMode = "agent"
)

func (AIMode) IsValid 

func (m AIMode) IsValid() bool

IsValid checks if the AI mode is valid.

type AISettings 

type AISettings struct {
	// Mode determines how AI is used: disabled, platform, or byok
	Mode AIMode `json:"mode"`

	// BYOK (Bring Your Own Key) Configuration - only used when Mode = "byok"
	Provider      LLMProvider `json:"provider,omitempty"`       // claude, openai, azure_openai
	APIKey        string      `json:"api_key,omitempty"`        // Encrypted API key (set via special endpoint)
	AzureEndpoint string      `json:"azure_endpoint,omitempty"` // For Azure OpenAI
	ModelOverride string      `json:"model_override,omitempty"` // Optional model preference

	// Auto-Triage Configuration
	AutoTriageEnabled      bool     `json:"auto_triage_enabled"`              // Enable auto-triage on new findings
	AutoTriageSeverities   []string `json:"auto_triage_severities,omitempty"` // Severities to auto-triage: critical, high, etc.
	AutoTriageDelaySeconds int      `json:"auto_triage_delay_seconds"`        // Delay before auto-triage (for dedup)

	// Usage Limits
	MonthlyTokenLimit   int `json:"monthly_token_limit,omitempty"` // Optional cost control (0 = unlimited)
	TokensUsedThisMonth int `json:"tokens_used_this_month"`        // Tracked internally
}

AISettings contains AI/LLM configuration for the tenant.

func (*AISettings) Validate 

func (s *AISettings) Validate() error

Validate validates AI settings.

type APISettings 

type APISettings struct {
	APIKeyEnabled bool           `json:"api_key_enabled"` // Enable API key access
	WebhookURL    string         `json:"webhook_url"`     // Webhook endpoint URL
	WebhookSecret string         `json:"webhook_secret"`  // Webhook signing secret
	WebhookEvents []WebhookEvent `json:"webhook_events"`  // Events to send to webhook
}

APISettings contains API and webhook configuration.

func (*APISettings) Validate 

func (s *APISettings) Validate() error

Validate validates API settings.

type BranchSettings 

type BranchSettings struct {
	// TypeRules defines custom prefix/exact-match rules for branch type detection.
	// Rules are ordered; first match wins. If no rule matches, falls through
	// to system defaults (feature/, release/, hotfix/, main, master, etc.).
	TypeRules branch.BranchTypeRules `json:"type_rules,omitempty"`
}

BranchSettings contains branch naming convention configuration. When TypeRules is nil or empty, system defaults are used.

func (*BranchSettings) Validate 

func (s *BranchSettings) Validate() error

Validate validates branch settings.

type BrandingSettings 

type BrandingSettings struct {
	PrimaryColor string `json:"primary_color"` // Hex color code, e.g., "#3B82F6"
	LogoDarkURL  string `json:"logo_dark_url"` // Logo for dark theme (URL)
	LogoData     string `json:"logo_data"`     // Logo as base64 data URL (max 150KB)
}

BrandingSettings contains branding configuration.

func (*BrandingSettings) Validate 

func (s *BrandingSettings) Validate() error

Validate validates branding settings.

type CTEMPointsConfig added in v0.1.2 

type CTEMPointsConfig struct {
	Enabled            bool `json:"enabled"`
	InternetAccessible int  `json:"internet_accessible"`
	PIIExposed         int  `json:"pii_exposed"`
	PHIExposed         int  `json:"phi_exposed"`
	HighRiskCompliance int  `json:"high_risk_compliance"`
	RestrictedData     int  `json:"restricted_data"`
}

type ComponentWeights added in v0.1.2 

type ComponentWeights struct {
	Exposure    int `json:"exposure"`
	Criticality int `json:"criticality"`
	Findings    int `json:"findings"`
	CTEM        int `json:"ctem"`
}

type ConfigOption added in v0.1.2 

type ConfigOption struct {
	Value string `json:"value"`
	Label string `json:"label"`
}

ConfigOption represents a configurable option with value and label.

type CriticalityScoreConfig added in v0.1.2 

type CriticalityScoreConfig struct {
	Critical int `json:"critical"`
	High     int `json:"high"`
	Medium   int `json:"medium"`
	Low      int `json:"low"`
	None     int `json:"none"`
}

type ExposureMultiplierConfig added in v0.1.2 

type ExposureMultiplierConfig struct {
	Public     float64 `json:"public"`
	Restricted float64 `json:"restricted"`
	Private    float64 `json:"private"`
	Isolated   float64 `json:"isolated"`
	Unknown    float64 `json:"unknown"`
}

type ExposureScoreConfig added in v0.1.2 

type ExposureScoreConfig struct {
	Public     int `json:"public"`
	Restricted int `json:"restricted"`
	Private    int `json:"private"`
	Isolated   int `json:"isolated"`
	Unknown    int `json:"unknown"`
}

type FindingImpactConfig added in v0.1.2 

type FindingImpactConfig struct {
	Mode             string               `json:"mode"`
	PerFindingPoints int                  `json:"per_finding_points"`
	FindingCap       int                  `json:"finding_cap"`
	SeverityWeights  SeverityWeightConfig `json:"severity_weights"`
}

type GeneralSettings 

type GeneralSettings struct {
	Timezone string `json:"timezone"` // e.g., "Asia/Ho_Chi_Minh", "UTC"
	Language string `json:"language"` // e.g., "en", "vi"
	Industry string `json:"industry"` // e.g., "technology", "finance", "healthcare"
	Website  string `json:"website"`  // Company website URL
}

GeneralSettings contains general tenant configuration.

func (*GeneralSettings) Validate 

func (s *GeneralSettings) Validate() error

Validate validates general settings.

type Invitation 

type Invitation struct {
	// contains filtered or unexported fields
}

Invitation represents an invitation to join a tenant.

func NewInvitation 

func NewInvitation(tenantID shared.ID, email string, role Role, invitedBy shared.ID, roleIDs []string) (*Invitation, error)

NewInvitation creates a new Invitation. invitedBy is the local user ID (from users table) of the person sending the invitation. roleIDs are the RBAC role IDs to assign when user accepts the invitation.

func ReconstituteInvitation 

func ReconstituteInvitation(
	id shared.ID,
	tenantID shared.ID,
	email string,
	role Role,
	roleIDs []string,
	token string,
	invitedBy shared.ID,
	expiresAt time.Time,
	acceptedAt *time.Time,
	createdAt time.Time,
) *Invitation

ReconstituteInvitation recreates an Invitation from persistence.

func (*Invitation) Accept 

func (i *Invitation) Accept() error

Accept marks the invitation as accepted.

func (*Invitation) AcceptedAt 

func (i *Invitation) AcceptedAt() *time.Time

AcceptedAt returns when the invitation was accepted (nil if not accepted).

func (*Invitation) CreatedAt 

func (i *Invitation) CreatedAt() time.Time

CreatedAt returns when the invitation was created.

func (*Invitation) Email 

func (i *Invitation) Email() string

Email returns the invitee's email.

func (*Invitation) ExpiresAt 

func (i *Invitation) ExpiresAt() time.Time

ExpiresAt returns when the invitation expires.

func (*Invitation) ID 

func (i *Invitation) ID() shared.ID

ID returns the invitation ID.

func (*Invitation) InvitedBy 

func (i *Invitation) InvitedBy() shared.ID

InvitedBy returns the local user ID of who sent the invitation.

func (*Invitation) IsAccepted 

func (i *Invitation) IsAccepted() bool

IsAccepted checks if the invitation has been accepted.

func (*Invitation) IsExpired 

func (i *Invitation) IsExpired() bool

IsExpired checks if the invitation has expired.

func (*Invitation) IsPending 

func (i *Invitation) IsPending() bool

IsPending checks if the invitation is pending (not expired and not accepted).

func (*Invitation) Role 

func (i *Invitation) Role() Role

Role returns the membership role to be assigned.

func (*Invitation) RoleIDs 

func (i *Invitation) RoleIDs() []string

RoleIDs returns the RBAC role IDs to be assigned when user accepts.

func (*Invitation) TenantID 

func (i *Invitation) TenantID() shared.ID

TenantID returns the tenant ID.

func (*Invitation) Token 

func (i *Invitation) Token() string

Token returns the invitation token.

type LLMProvider 

type LLMProvider string

LLMProvider represents supported LLM providers. 

const (
	LLMProviderClaude      LLMProvider = "claude"
	LLMProviderOpenAI      LLMProvider = "openai"
	LLMProviderAzureOpenAI LLMProvider = "azure_openai"
	LLMProviderGemini      LLMProvider = "gemini"
)

func (LLMProvider) IsValid 

func (p LLMProvider) IsValid() bool

IsValid checks if the LLM provider is valid.

type MemberInfo 

type MemberInfo struct {
	Membership *Membership
	UserID     shared.ID // Local user ID
	Email      string    // From local users table
	Name       string    // From local users table
	AvatarURL  string    // From local users table
}

MemberInfo represents a membership with user info. Note: User info should be fetched from the local users table by the service layer.

type MemberSearchFilters 

type MemberSearchFilters struct {
	Search string // Search by name or email (case-insensitive)
	Limit  int    // Maximum number of results (0 = no limit)
	Offset int    // Offset for pagination
}

MemberSearchFilters defines filters for searching members.

type MemberSearchResult 

type MemberSearchResult struct {
	Members []*MemberWithUser
	Total   int // Total matching members (before limit)
}

MemberSearchResult contains the search results and total count.

type MemberStats 

type MemberStats struct {
	TotalMembers   int            `json:"total_members"`
	ActiveMembers  int            `json:"active_members"`
	PendingInvites int            `json:"pending_invites"`
	RoleCounts     map[string]int `json:"role_counts"`
}

MemberStats contains statistics about tenant members.

type MemberWithUser 

type MemberWithUser struct {
	// Membership fields
	ID        shared.ID
	UserID    shared.ID
	Role      Role
	InvitedBy *shared.ID
	JoinedAt  time.Time
	// User fields
	Email       string
	Name        string
	AvatarURL   string
	Status      string // active, pending, inactive
	LastLoginAt *time.Time
}

MemberWithUser represents a membership joined with user details.

type Membership 

type Membership struct {
	// contains filtered or unexported fields
}

Membership represents a user's membership in a tenant. Note: Role is now stored in the user_roles table, not in tenant_members. The role field here is populated from v_user_effective_role view on read, and used for initial role assignment on create.

func NewMembership 

func NewMembership(userID, tenantID shared.ID, role Role, invitedBy *shared.ID) (*Membership, error)

NewMembership creates a new Membership.

func NewOwnerMembership 

func NewOwnerMembership(userID, tenantID shared.ID) (*Membership, error)

NewOwnerMembership creates a membership for the tenant owner.

func ReconstituteMembership 

func ReconstituteMembership(
	id shared.ID,
	userID shared.ID,
	tenantID shared.ID,
	role Role,
	invitedBy *shared.ID,
	joinedAt time.Time,
) *Membership

ReconstituteMembership recreates a Membership from persistence.

func (*Membership) CanRead 

func (m *Membership) CanRead() bool

CanRead checks if this membership has read permissions.

func (*Membership) CanWrite 

func (m *Membership) CanWrite() bool

CanWrite checks if this membership has write permissions.

func (*Membership) ID 

func (m *Membership) ID() shared.ID

ID returns the membership ID.

func (*Membership) InvitedBy 

func (m *Membership) InvitedBy() *shared.ID

InvitedBy returns the user ID who invited this member.

func (*Membership) IsAdmin 

func (m *Membership) IsAdmin() bool

IsAdmin checks if this membership has admin role.

func (*Membership) IsOwner 

func (m *Membership) IsOwner() bool

IsOwner checks if this membership has owner role.

func (*Membership) JoinedAt 

func (m *Membership) JoinedAt() time.Time

JoinedAt returns when the member joined.

func (*Membership) Role 

func (m *Membership) Role() Role

Role returns the member's role.

func (*Membership) TenantID 

func (m *Membership) TenantID() shared.ID

TenantID returns the tenant ID.

func (*Membership) UpdateRole 

func (m *Membership) UpdateRole(role Role) error

UpdateRole updates the member's role.

func (*Membership) UserID 

func (m *Membership) UserID() shared.ID

UserID returns the local user ID.

type PentestSettings added in v0.1.2 

type PentestSettings struct {
	CampaignTypes []ConfigOption `json:"campaign_types,omitempty"`
	Methodologies []ConfigOption `json:"methodologies,omitempty"`
}

PentestSettings holds pentest-related configuration per tenant.

func (*PentestSettings) Validate added in v0.1.2 

func (s *PentestSettings) Validate() error

Validate validates pentest settings.

type Plan 

type Plan string

Plan represents a tenant's module configuration. In OSS edition, all tenants have unlimited access. 

const (
	// PlanFree is the only plan in OSS edition - provides full access
	PlanFree Plan = "free"
)

func ParsePlan 

func ParsePlan(s string) (Plan, bool)

ParsePlan parses a string to a Plan.

func (Plan) GetLimits 

func (p Plan) GetLimits() PlanLimits

GetLimits returns the limits for this plan. In OSS edition, all features are unlimited.

func (Plan) IsValid 

func (p Plan) IsValid() bool

IsValid checks if the plan is valid.

func (Plan) String 

func (p Plan) String() string

String returns the string representation of the plan.

type PlanLimits 

type PlanLimits struct {
	MaxMembers    int
	MaxAssets     int
	MaxScansMonth int
	SSO           bool
	AuditLog      bool
	APIAccess     bool
}

PlanLimits defines the limits for each plan. In OSS edition, all limits are unlimited (-1).

type Repository 

type Repository interface {
	// Tenant CRUD
	Create(ctx context.Context, t *Tenant) error
	GetByID(ctx context.Context, id shared.ID) (*Tenant, error)
	GetBySlug(ctx context.Context, slug string) (*Tenant, error)
	Update(ctx context.Context, t *Tenant) error
	Delete(ctx context.Context, id shared.ID) error
	ExistsBySlug(ctx context.Context, slug string) (bool, error)

	// ListActiveTenantIDs returns all active tenant IDs.
	// Used by background jobs that need to process data across all tenants.
	ListActiveTenantIDs(ctx context.Context) ([]shared.ID, error)

	// Membership operations
	CreateMembership(ctx context.Context, membership *Membership) error
	GetMembership(ctx context.Context, userID shared.ID, tenantID shared.ID) (*Membership, error)
	GetMembershipByID(ctx context.Context, id shared.ID) (*Membership, error)
	UpdateMembership(ctx context.Context, membership *Membership) error
	DeleteMembership(ctx context.Context, id shared.ID) error
	ListMembersByTenant(ctx context.Context, tenantID shared.ID) ([]*Membership, error)
	ListMembersWithUserInfo(ctx context.Context, tenantID shared.ID) ([]*MemberWithUser, error)
	SearchMembersWithUserInfo(ctx context.Context, tenantID shared.ID, filters MemberSearchFilters) (*MemberSearchResult, error)
	ListTenantsByUser(ctx context.Context, userID shared.ID) ([]*TenantWithRole, error)
	CountMembersByTenant(ctx context.Context, tenantID shared.ID) (int64, error)
	GetMemberStats(ctx context.Context, tenantID shared.ID) (*MemberStats, error)
	// GetUserMemberships returns lightweight membership data for JWT tokens
	GetUserMemberships(ctx context.Context, userID shared.ID) ([]UserMembership, error)
	// GetMemberByEmail retrieves a member by email address within a tenant
	GetMemberByEmail(ctx context.Context, tenantID shared.ID, email string) (*MemberWithUser, error)

	// Invitation operations
	CreateInvitation(ctx context.Context, invitation *Invitation) error
	GetInvitationByToken(ctx context.Context, token string) (*Invitation, error)
	GetInvitationByID(ctx context.Context, id shared.ID) (*Invitation, error)
	UpdateInvitation(ctx context.Context, invitation *Invitation) error
	DeleteInvitation(ctx context.Context, id shared.ID) error
	ListPendingInvitationsByTenant(ctx context.Context, tenantID shared.ID) ([]*Invitation, error)
	GetPendingInvitationByEmail(ctx context.Context, tenantID shared.ID, email string) (*Invitation, error)
	DeleteExpiredInvitations(ctx context.Context) (int64, error)

	// AcceptInvitationTx atomically updates the invitation and creates the membership in a single transaction.
	// This ensures data consistency - either both operations succeed or neither does.
	AcceptInvitationTx(ctx context.Context, invitation *Invitation, membership *Membership) error
}

Repository defines the interface for tenant persistence.

type RiskLevelConfig added in v0.1.2 

type RiskLevelConfig struct {
	CriticalMin int `json:"critical_min"`
	HighMin     int `json:"high_min"`
	MediumMin   int `json:"medium_min"`
	LowMin      int `json:"low_min"`
}

type RiskScoringSettings added in v0.1.2 

type RiskScoringSettings struct {
	Preset              string                   `json:"preset,omitempty"`
	Weights             ComponentWeights         `json:"weights"`
	ExposureScores      ExposureScoreConfig      `json:"exposure_scores"`
	ExposureMultipliers ExposureMultiplierConfig `json:"exposure_multipliers"`
	CriticalityScores   CriticalityScoreConfig   `json:"criticality_scores"`
	FindingImpact       FindingImpactConfig      `json:"finding_impact"`
	CTEMPoints          CTEMPointsConfig         `json:"ctem_points"`
	RiskLevels          RiskLevelConfig          `json:"risk_levels"`
}

RiskScoringSettings configures the risk scoring formula per tenant.

func DefaultRiskScoringPreset added in v0.1.2 

func DefaultRiskScoringPreset() RiskScoringSettings

DefaultRiskScoringPreset returns the recommended risk scoring settings for new tenants who opt-in to configurable risk scoring.

func LegacyRiskScoringSettings added in v0.1.2 

func LegacyRiskScoringSettings() RiskScoringSettings

LegacyRiskScoringSettings returns settings that reproduce the exact current hardcoded risk scoring formula for backward compatibility.

func RiskScoringPreset added in v0.1.2 

func RiskScoringPreset(name string) (RiskScoringSettings, bool)

RiskScoringPreset returns a preset by name.

func (*RiskScoringSettings) Validate added in v0.1.2 

func (s *RiskScoringSettings) Validate() error

Validate validates the risk scoring settings.

type Role 

type Role string

Role represents a user's role within a tenant. 

const (
	RoleOwner  Role = "owner"
	RoleAdmin  Role = "admin"
	RoleMember Role = "member"
	RoleViewer Role = "viewer"
)

func ParseRole 

func ParseRole(s string) (Role, bool)

ParseRole parses a string to a Role.

func (Role) CanAssignRole 

func (r Role) CanAssignRole(target Role) bool

CanAssignRole checks if this role can assign the target role to others.

func (Role) CanDelete 

func (r Role) CanDelete() bool

CanDelete checks if this role can delete the tenant.

func (Role) CanInvite 

func (r Role) CanInvite() bool

CanInvite checks if this role can invite new members.

func (Role) CanManageBilling 

func (r Role) CanManageBilling() bool

CanManageBilling checks if this role can manage billing.

func (Role) CanManageMembers 

func (r Role) CanManageMembers() bool

CanManageMembers checks if this role can manage (update/remove) members.

func (Role) CanRead 

func (r Role) CanRead() bool

CanRead checks if this role has read permissions.

func (Role) CanWrite 

func (r Role) CanWrite() bool

CanWrite checks if this role has write permissions.

func (Role) IsValid 

func (r Role) IsValid() bool

IsValid checks if the role is valid.

func (Role) Priority 

func (r Role) Priority() int

Priority returns the priority of the role (higher = more permissions).

func (Role) String 

func (r Role) String() string

String returns the string representation of the role.

type SecuritySettings 

type SecuritySettings struct {
	SSOEnabled        bool     `json:"sso_enabled"`         // Enable SSO (SAML 2.0, OIDC)
	SSOProvider       string   `json:"sso_provider"`        // e.g., "saml", "oidc"
	SSOConfigURL      string   `json:"sso_config_url"`      // SSO metadata/config URL
	MFARequired       bool     `json:"mfa_required"`        // Require MFA for all users
	SessionTimeoutMin int      `json:"session_timeout_min"` // Session timeout in minutes (15-480)
	IPWhitelist       []string `json:"ip_whitelist"`        // Allowed IP addresses/CIDR ranges
	AllowedDomains    []string `json:"allowed_domains"`     // Allowed email domains for signup
}

SecuritySettings contains security-related configuration.

func (*SecuritySettings) Validate 

func (s *SecuritySettings) Validate() error

Validate validates security settings.

type Settings 

type Settings struct {
	General     GeneralSettings     `json:"general"`
	Security    SecuritySettings    `json:"security"`
	API         APISettings         `json:"api"`
	Branding    BrandingSettings    `json:"branding"`
	Branch      BranchSettings      `json:"branch"`
	AI          AISettings          `json:"ai"`
	RiskScoring RiskScoringSettings `json:"risk_scoring"`
	Pentest     PentestSettings     `json:"pentest"`
}

Settings represents the typed settings for a tenant.

func DefaultSettings 

func DefaultSettings() Settings

DefaultSettings returns the default settings for a new tenant.

func SettingsFromMap 

func SettingsFromMap(m map[string]any) Settings

SettingsFromMap converts map[string]any to Settings.

func (*Settings) ToMap 

func (s *Settings) ToMap() map[string]any

ToMap converts Settings to map[string]any for storage.

func (*Settings) Validate 

func (s *Settings) Validate() error

Validate validates the settings.

type SeverityWeightConfig added in v0.1.2 

type SeverityWeightConfig struct {
	Critical int `json:"critical"`
	High     int `json:"high"`
	Medium   int `json:"medium"`
	Low      int `json:"low"`
	Info     int `json:"info"`
}

type Tenant 

type Tenant struct {
	// contains filtered or unexported fields
}

Tenant represents a tenant (displayed as "Team" in UI) entity.

func NewTenant 

func NewTenant(name, slug, createdBy string) (*Tenant, error)

NewTenant creates a new Tenant entity.

func Reconstitute 

func Reconstitute(
	id shared.ID,
	name, slug, description, logoURL string,
	settings map[string]any,
	createdBy string,
	createdAt, updatedAt time.Time,
) *Tenant

Reconstitute recreates a Tenant from persistence.

func (*Tenant) CreatedAt 

func (t *Tenant) CreatedAt() time.Time

CreatedAt returns the creation timestamp.

func (*Tenant) CreatedBy 

func (t *Tenant) CreatedBy() string

CreatedBy returns the user ID who created this tenant.

func (*Tenant) Description 

func (t *Tenant) Description() string

Description returns the tenant description.

func (*Tenant) GetSetting 

func (t *Tenant) GetSetting(key string) (any, bool)

GetSetting gets a setting value.

func (*Tenant) ID 

func (t *Tenant) ID() shared.ID

ID returns the tenant ID.

func (*Tenant) LogoURL 

func (t *Tenant) LogoURL() string

LogoURL returns the tenant logo URL.

func (*Tenant) Name 

func (t *Tenant) Name() string

Name returns the tenant name.

func (*Tenant) Plan 

func (t *Tenant) Plan() Plan

Plan returns the tenant's module configuration. In OSS edition, all tenants have the free plan with unlimited access.

func (*Tenant) SetSetting 

func (t *Tenant) SetSetting(key string, value any)

SetSetting sets a setting value.

func (*Tenant) Settings 

func (t *Tenant) Settings() map[string]any

Settings returns the tenant settings.

func (*Tenant) Slug 

func (t *Tenant) Slug() string

Slug returns the tenant slug (URL-friendly identifier).

func (*Tenant) TypedSettings 

func (t *Tenant) TypedSettings() Settings

TypedSettings returns the settings as a typed Settings struct.

func (*Tenant) UpdateAISettings 

func (t *Tenant) UpdateAISettings(ai AISettings) error

UpdateAISettings updates only the AI settings.

func (*Tenant) UpdateAPISettings 

func (t *Tenant) UpdateAPISettings(api APISettings) error

UpdateAPISettings updates only the API settings.

func (*Tenant) UpdateBranchSettings 

func (t *Tenant) UpdateBranchSettings(bs BranchSettings) error

UpdateBranchSettings updates only the branch naming convention settings.

func (*Tenant) UpdateBrandingSettings 

func (t *Tenant) UpdateBrandingSettings(branding BrandingSettings) error

UpdateBrandingSettings updates only the branding settings.

func (*Tenant) UpdateDescription 

func (t *Tenant) UpdateDescription(description string)

UpdateDescription updates the tenant description.

func (*Tenant) UpdateGeneralSettings 

func (t *Tenant) UpdateGeneralSettings(general GeneralSettings) error

UpdateGeneralSettings updates only the general settings.

func (*Tenant) UpdateLogoURL 

func (t *Tenant) UpdateLogoURL(logoURL string)

UpdateLogoURL updates the tenant logo URL.

func (*Tenant) UpdateName 

func (t *Tenant) UpdateName(name string) error

UpdateName updates the tenant name.

func (*Tenant) UpdatePentestSettings added in v0.1.2 

func (t *Tenant) UpdatePentestSettings(ps PentestSettings) error

UpdatePentestSettings updates only the pentest settings.

func (*Tenant) UpdatePlan 

func (t *Tenant) UpdatePlan(_ Plan) error

UpdatePlan updates the tenant's module configuration. In OSS edition, this is a no-op as all tenants have unlimited access.

func (*Tenant) UpdateRiskScoringSettings added in v0.1.2 

func (t *Tenant) UpdateRiskScoringSettings(rs RiskScoringSettings) error

UpdateRiskScoringSettings updates only the risk scoring settings.

func (*Tenant) UpdateSecuritySettings 

func (t *Tenant) UpdateSecuritySettings(security SecuritySettings) error

UpdateSecuritySettings updates only the security settings.

func (*Tenant) UpdateSettings 

func (t *Tenant) UpdateSettings(settings Settings) error

UpdateSettings updates the tenant settings with a typed Settings struct.

func (*Tenant) UpdateSlug 

func (t *Tenant) UpdateSlug(slug string) error

UpdateSlug updates the tenant slug. Note: Caller must verify uniqueness before calling this method.

func (*Tenant) UpdatedAt 

func (t *Tenant) UpdatedAt() time.Time

UpdatedAt returns the last update timestamp.

type TenantWithRole 

type TenantWithRole struct {
	Tenant   *Tenant
	Role     Role
	JoinedAt time.Time
}

TenantWithRole represents a tenant with the user's role in it.

type UserMembership 

type UserMembership struct {
	TenantID   string // Tenant UUID
	TenantSlug string // Tenant slug for URL-friendly access
	TenantName string // Tenant display name
	Role       string // Role in tenant (owner, admin, member, viewer)
}

UserMembership is a lightweight struct for JWT token generation. Contains only the essential data needed for authorization.

type WebhookEvent 

type WebhookEvent string

WebhookEvent represents a webhook event type. 

const (
	WebhookEventFindingCreated  WebhookEvent = "finding.created"
	WebhookEventFindingResolved WebhookEvent = "finding.resolved"
	WebhookEventFindingUpdated  WebhookEvent = "finding.updated"
	WebhookEventScanCompleted   WebhookEvent = "scan.completed"
	WebhookEventScanFailed      WebhookEvent = "scan.failed"
	WebhookEventAssetDiscovered WebhookEvent = "asset.discovered"
	WebhookEventAssetUpdated    WebhookEvent = "asset.updated"
	WebhookEventMemberJoined    WebhookEvent = "member.joined"
	WebhookEventMemberRemoved   WebhookEvent = "member.removed"
)

func ValidWebhookEvents 

func ValidWebhookEvents() []WebhookEvent

ValidWebhookEvents returns all valid webhook events.

func (WebhookEvent) IsValid 

func (e WebhookEvent) IsValid() bool

IsValid checks if the webhook event is valid.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.