authorization

package
v0.0.16 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 29, 2025 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const DomainIdContextKey contextKey = "domainId"
View Source 
const DomainTypeContextKey contextKey = "domainType"
View Source 
const (
	OrgIDTemplate = "{ORG_ID}"
)
View Source 
const OrganizationContextKey contextKey = "organization"

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthService 

type AuthService struct {
	// contains filtered or unexported fields
}

func NewAuthService 

func NewAuthService() (*AuthService, error)

func (*AuthService) AddUserToGroup 

func (a *AuthService) AddUserToGroup(domainID string, domainType string, userID string, group string) error

func (*AuthService) AssignRole 

func (a *AuthService) AssignRole(userID, role, domainID string, domainType string) error

func (*AuthService) CheckAndSyncMissingPermissions 

func (a *AuthService) CheckAndSyncMissingPermissions() error

Example usage function for checking and syncing missing permissions

func (*AuthService) CheckOrganizationPermission 

func (a *AuthService) CheckOrganizationPermission(userID, orgID, resource, action string) (bool, error)

func (*AuthService) CreateCustomRole 

func (a *AuthService) CreateCustomRole(domainID string, roleDefinition *RoleDefinition) error

func (*AuthService) CreateGroup 

func (a *AuthService) CreateGroup(domainID string, domainType string, groupName string, role string, displayName string, description string) error

func (*AuthService) DeleteCustomRole 

func (a *AuthService) DeleteCustomRole(domainID string, domainType string, roleName string) error

func (*AuthService) DeleteGroup 

func (a *AuthService) DeleteGroup(domainID string, domainType string, groupName string) error

func (*AuthService) DestroyOrganization 

func (a *AuthService) DestroyOrganization(tx *gorm.DB, orgID string) error

func (*AuthService) DetectMissingPermissions 

func (a *AuthService) DetectMissingPermissions() ([]string, error)

func (*AuthService) GetAllRoleDefinitions 

func (a *AuthService) GetAllRoleDefinitions(domainType string, domainID string) ([]*RoleDefinition, error)

func (*AuthService) GetGroupRole 

func (a *AuthService) GetGroupRole(domainID string, domainType string, group string) (string, error)

func (*AuthService) GetGroupUsers 

func (a *AuthService) GetGroupUsers(domainID string, domainType string, group string) ([]string, error)

func (*AuthService) GetGroups 

func (a *AuthService) GetGroups(domainID string, domainType string) ([]string, error)

func (*AuthService) GetOrgUsersForRole 

func (a *AuthService) GetOrgUsersForRole(role string, orgID string) ([]string, error)

func (*AuthService) GetRoleDefinition 

func (a *AuthService) GetRoleDefinition(roleName string, domainType string, domainID string) (*RoleDefinition, error)

func (*AuthService) GetRoleHierarchy 

func (a *AuthService) GetRoleHierarchy(roleName string, domainType string, domainID string) ([]string, error)

func (*AuthService) GetRolePermissions 

func (a *AuthService) GetRolePermissions(roleName string, domainType string, domainID string) ([]*Permission, error)

func (*AuthService) GetUserRolesForOrg 

func (a *AuthService) GetUserRolesForOrg(userID string, orgID string) ([]*RoleDefinition, error)

func (*AuthService) IsDefaultRole 

func (a *AuthService) IsDefaultRole(roleName string, domainType string) bool

func (*AuthService) RemoveRole 

func (a *AuthService) RemoveRole(userID, role, domainID string, domainType string) error

func (*AuthService) RemoveUserFromGroup 

func (a *AuthService) RemoveUserFromGroup(domainID string, domainType string, userID string, group string) error

func (*AuthService) SetupOrganization 

func (a *AuthService) SetupOrganization(tx *gorm.DB, orgID, ownerID string) error

func (*AuthService) SyncDefaultRoles 

func (a *AuthService) SyncDefaultRoles() error

func (*AuthService) SyncOrganizationRoles 

func (a *AuthService) SyncOrganizationRoles(orgID string) error

func (*AuthService) UpdateCustomRole 

func (a *AuthService) UpdateCustomRole(domainID string, roleDefinition *RoleDefinition) error

func (*AuthService) UpdateGroup 

func (a *AuthService) UpdateGroup(domainID string, domainType string, groupName string, newRole string, displayName string, description string) error

type Authorization 

type Authorization interface {
	PermissionChecker
	GroupManager
	RoleManager
	AuthorizationSetup
	UserAccessQuery
	RoleDefinitionQuery
	CustomRoleManager
}

Authorization interface

type AuthorizationInterceptor 

type AuthorizationInterceptor struct {
	// contains filtered or unexported fields
}

func NewAuthorizationInterceptor 

func NewAuthorizationInterceptor(authService Authorization) *AuthorizationInterceptor

func (*AuthorizationInterceptor) UnaryInterceptor 

func (a *AuthorizationInterceptor) UnaryInterceptor() grpc.UnaryServerInterceptor

type AuthorizationRule 

type AuthorizationRule struct {
	Resource   string
	Action     string
	DomainType string
}

type AuthorizationSetup 

type AuthorizationSetup interface {
	SetupOrganization(tx *gorm.DB, orgID, ownerID string) error
	DestroyOrganization(tx *gorm.DB, orgID string) error
}

Setup and initialization interface

type CustomRoleManager 

type CustomRoleManager interface {
	CreateCustomRole(domainID string, roleDefinition *RoleDefinition) error
	UpdateCustomRole(domainID string, roleDefinition *RoleDefinition) error
	DeleteCustomRole(domainID string, domainType string, roleName string) error
	IsDefaultRole(roleName string, domainType string) bool
}

Custom role management interface

type GroupManager 

type GroupManager interface {
	CreateGroup(domainID string, domainType string, groupName string, role string, displayName string, description string) error
	DeleteGroup(domainID string, domainType string, groupName string) error
	UpdateGroup(domainID string, domainType string, groupName string, newRole string, displayName string, description string) error
	AddUserToGroup(domainID string, domainType string, userID string, group string) error
	RemoveUserFromGroup(domainID string, domainType string, userID string, group string) error
	GetGroupUsers(domainID string, domainType string, group string) ([]string, error)
	GetGroups(domainID string, domainType string) ([]string, error)
	GetGroupRole(domainID string, domainType string, group string) (string, error)
}

Group management interface

type Permission 

type Permission struct {
	Resource   string
	Action     string
	DomainType string
}

type PermissionChecker 

type PermissionChecker interface {
	CheckOrganizationPermission(userID, orgID, resource, action string) (bool, error)
}

type RoleDefinition 

type RoleDefinition struct {
	Name         string
	DisplayName  string
	DomainType   string
	Description  string
	Permissions  []*Permission
	InheritsFrom *RoleDefinition
	Readonly     bool
}

type RoleDefinitionQuery 

type RoleDefinitionQuery interface {
	GetRoleDefinition(roleName string, domainType string, domainID string) (*RoleDefinition, error)
	GetAllRoleDefinitions(domainType string, domainID string) ([]*RoleDefinition, error)
	GetRolePermissions(roleName string, domainType string, domainID string) ([]*Permission, error)
	GetRoleHierarchy(roleName string, domainType string, domainID string) ([]string, error)
}

Role definition and hierarchy interface

type RoleManager 

type RoleManager interface {
	AssignRole(userID, role, domainID string, domainType string) error
	RemoveRole(userID, role, domainID string, domainType string) error
	GetOrgUsersForRole(role string, orgID string) ([]string, error)
}

Role management interface

type UserAccessQuery 

type UserAccessQuery interface {
	GetUserRolesForOrg(userID string, orgID string) ([]*RoleDefinition, error)
}

User access and role query interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.