hooks

package
v1.2.13 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2026 License: Apache-2.0 Imports: 124 Imported by: 0

Documentation

Overview

Package hooks is middleware to alter the graphql mutation

Index

Constants

View Source 
const (
	// AdminsGroup is the group name for all organization admins and owner, these users have full read and write access in the organization
	AdminsGroup = "Admins"
	// ViewersGroup is the group name for all organization members that only have view access in the organization
	ViewersGroup = "Viewers"
	// AllMembersGroup is the group name for all members of the organization, no matter their role
	AllMembersGroup = "All Members"
)
View Source 
const (
	SoftDeleteOne = "SoftDeleteOne"
)

Variables

View Source 
var (
	// ErrCustomEnumCreationFailed is returned when a custom enum value does not exist but is attempted to be set
	ErrCustomEnumCreationFailed = errors.New("value does not exist")
	// ErrCustomEnumInUse is returned when a custom enum is in use and cannot be deleted
	ErrCustomEnumInUse = errors.New("enum is in use")
)
View Source 
var (
	// ErrInternalServerError is returned when an internal error occurs.
	ErrInternalServerError = errors.New("internal server error")
	// ErrInvalidInput is returned when the input is invalid.
	ErrInvalidInput = errors.New("invalid input")
	// ErrPersonalOrgsNoChildren is returned when personal org attempts to add a child org
	ErrPersonalOrgsNoChildren = errors.New("personal organizations are not allowed to have child organizations")
	// ErrPersonalOrgsNoMembers is returned when personal org attempts to add members
	ErrPersonalOrgsNoMembers = errors.New("personal organizations are not allowed to have members other than the owner")
	// ErrOrgOwnerCannotBeDeleted is returned when an org owner is attempted to be deleted
	ErrOrgOwnerCannotBeDeleted = errors.New("organization owner cannot be deleted, it must be transferred to a new owner first")
	// ErrPersonalOrgsNoUser is returned when personal org has no user associated, so no permissions can be added
	ErrPersonalOrgsNoUser = errors.New("personal organizations missing user association")
	// ErrUserNotInOrg is returned when a user is not a member of an organization when trying to add them to a group
	ErrUserNotInOrg = errors.New("user not in organization")
	// ErrUnsupportedFGARole is returned when a role is assigned that is not supported in our fine grained authorization system
	ErrUnsupportedFGARole = errors.New("unsupported role")
	// ErrMissingRole is returned when an update request is made that contains no role
	ErrMissingRole = errors.New("missing role in update")
	// ErrUserAlreadyOrgMember is returned when an user attempts to be invited to an org they are already a member of
	ErrUserAlreadyOrgMember = errors.New("user already member of organization")
	// ErrUserAlreadySubscriber is returned when an user attempts to subscribe to an organization but is already a subscriber
	ErrUserAlreadySubscriber = errors.New("subscriber already exists")
	// ErrEmailRequired is returned when an email is required but not provided
	ErrEmailRequired = errors.New("email is required but not provided")
	// ErrMaxAttempts is returned when a user has reached the max attempts to resend an invitation to an org
	ErrMaxAttempts = errors.New("too many attempts to resend org invitation")
	// ErrMaxAttemptsAssessments is returned when a user has reached the max attempts to resend an assessment
	ErrMaxAttemptsAssessments = errors.New("too many attempts to resend assessment invitation")
	// ErrMaxSubscriptionAttempts is returned when a user has reached the max attempts to subscribe to an org
	ErrMaxSubscriptionAttempts = errors.New("too many attempts to resend org subscription email")
	// ErrAssessmentInProgress is returned when attempting to resend an email for an assessment that is already in progress
	ErrAssessmentInProgress = errors.New("assessment is already in progress or completed")
	// ErrMissingRecipientEmail is returned when an email is required but not provided
	ErrMissingRecipientEmail = errors.New("recipient email is required but not provided")
	// ErrMissingRequiredName is returned when a name is required but not provided
	ErrMissingRequiredName = errors.New("name or display name is required but not provided")
	// ErrTooManyAvatarFiles is returned when a user attempts to upload more than one avatar file
	ErrTooManyAvatarFiles = errors.New("too many avatar files uploaded, only one is allowed")
	// ErrFailedToRegisterListener is returned when a listener fails to register
	ErrFailedToRegisterListener = errors.New("failed to register listener")
	// ErrNoControls is returned when a subcontrol has no controls assigned
	ErrNoControls = errors.New("subcontrol must have at least one control assigned")
	// ErrUnableToCast is returned when a type assertion fails
	ErrUnableToCast = errors.New("unable to cast")
	// ErrNoSubscriptions is returned when an organization has no subscriptions
	ErrNoSubscriptions = errors.New("organization has no subscriptions")
	// ErrTooManySubscriptions is returned when an organization has too many subscriptions
	ErrTooManySubscriptions = errors.New("organization has too many subscriptions")
	// ErrTooManyPrices is returned when an organization has too many subscriptions
	ErrTooManyPrices = errors.New("organization has too many prices on a subscription")
	// ErrNoPrices is returned when a subscription has no price
	ErrNoPrices = errors.New("subscription has no price")
	// ErrManagedGroup is returned when a user attempts to modify a managed group
	ErrManagedGroup = errors.New("managed groups cannot be modified")
	// ErrMaxAttemptsOrganization is returned when the max attempts have been reached to create an organization via onboarding
	ErrMaxAttemptsOrganization = errors.New("too many attempts to create organization")
	// ErrEmailDomainNotAllowed is returned when an email domain is not allowed to be used for an organization
	ErrEmailDomainNotAllowed = errors.New("email domain not allowed in organization")
	// ErrUserNotFound is returned when a user is not found in the system
	ErrUserNotFound = errors.New("user not found")
	// ErrCronRequired is returned when a user does not provide a cron expression
	ErrCronRequired = errors.New("cron expression must be specified")
	// ErrZeroTimeNotAllowed is returned when you try to set a non usable time value
	ErrZeroTimeNotAllowed = errors.New("time cannot be empty. Provide a valid time/date")
	// ErrFutureTimeNotAllowed is returned when you try to set a time into the future.
	// future being any second/minute past the current time of validation
	ErrFutureTimeNotAllowed = errors.New("time cannot be in the future")
	// ErrPastTimeNotAllowed is returned when you try to set a time into the past.
	ErrPastTimeNotAllowed = errors.New("time cannot be in the past")
	// ErrFieldRequired is returned when a field is required but not provided
	ErrFieldRequired = errors.New("field is required but not provided")
	// ErrOwnerIDNotExists is returned when an owner_id cannot be found
	ErrOwnerIDNotExists = errors.New("owner_id is required")
	// ErrArchivedProgramUpdateNotAllowed is returned when an archived program is updated. It only
	// allows updates if the status is changed
	ErrArchivedProgramUpdateNotAllowed = errors.New("you cannot update an archived program")
	// ErrNotSingularUpload is returned when a user is importing content to create a schema
	// and they upload more than one file
	ErrNotSingularUpload = errors.New("multiple uploads not supported")
	// ErrSSONotEnforceable makes sure the connection has been tested before it can be enforced for an org
	ErrSSONotEnforceable = errors.New("you cannot enforce sso without testing the connection works correctly")
	// ErrUnableToDetermineEventID is returned when we cannot determine the event ID for an event
	ErrUnableToDetermineEventID = errors.New("unable to determine event ID")
	// ErrNotSingularTrustCenter is returned when an org is trying to create multiple trust centers
	ErrNotSingularTrustCenter = errors.New("you can only create/manage one trust center at a time")
	// ErrStatusApprovedNotAllowed is returned when a user attempts to set status to APPROVED without being in the approver or delegate group
	ErrStatusApprovedNotAllowed = errors.New("you must be in the approver group to mark as approved")
	// ErrInvalidChannel is returned when an invalid notification channel is provided
	ErrInvalidChannel = errors.New("invalid channel")
	// ErrTemplateIDRequired is returned when an assessment is created without a template
	ErrTemplateIDRequired = errors.New("template id required when creating an assessment")
	// ErrTemplateNotFound is returned when an assessment is created with a non existing template
	ErrTemplateNotFound = errors.New("template does not exist")
	// ErrTemplateNotQuestionnaire is returned when an assessment tries to use a wrong template type
	ErrTemplateNotQuestionnaire = errors.New("template must be a questionnaire")
	// ErrTrustCenterIDRequired is returned when the trustcenter id is not provided
	// when creating a customer for the trust center
	ErrTrustCenterIDRequired = errors.New("trustcenter entity must include a trustcenter id")
	// ErrUnableToCreateContact is returned when a contact could not be created
	ErrUnableToCreateContact = errors.New("unable to create a contact")
	// ErrTooManyLogoFiles is returned when a user attempts to upload more than one logo file
	ErrTooManyLogoFiles = errors.New("too many logo files uploaded, only one is allowed")
	// ErrTooManyFaviconFiles is returned when a user attempts to upload more than one favicon file
	ErrTooManyFaviconFiles = errors.New("too many favicon files uploaded, only one is allowed")
	// ErrMissingTrustCenterID is returned when a trust center id is required but not provided
	ErrMissingTrustCenterID = errors.New("trust center id is required")
	// ErrMissingFileID is returned when a file id is required but not provided
	ErrMissingFileID = errors.New("missing file id")
	// ErrCannotSetFileOnCreate is returned when trying to set a file id on create mutations
	ErrCannotSetFileOnCreate = errors.New("cannot set file id on create")
)
View Source 
var (
	// ErrPublicStandardCannotBeDeleted defines an error that denotes a public standard cannot be
	// deleted once made public
	ErrPublicStandardCannotBeDeleted = errors.New("public standard not allowed to be deleted")
	// ErrStandardInUseByControls defines an error that denotes a standard cannot be deleted
	// because it is in use by active controls in the system
	ErrStandardInUseByControls = errors.New("standard cannot be deleted because it is in use by one or more controls")
	// ErrStandardInUseByTrustCenter defines an error that denotes a standard cannot be deleted
	// because it is in use by an active trust center
	ErrStandardInUseByTrustCenter = errors.New("standard cannot be deleted because it is in use by a trust center")
	// ErrSystemOwnedStandardCannotBeDeleted defines an error that denotes a system-owned standard
	// can only be deleted by a system admin
	ErrSystemOwnedStandardCannotBeDeleted = errors.New("system-owned standard can only be deleted by a system admin")
)
View Source 
var (
	// ErrTagDefinitionInUse is returned when a tag definition is in use and cannot be deleted
	ErrTagDefinitionInUse = errors.New("tag definition is in use")
	// ErrTagDefinitionInUse is returned when there is a db level error fetching all org owned tags
	ErrTagsNotFetched = errors.New("an error occurred while fetching all tags")
)
View Source 
var ErrTextContainsComments = errors.New("text contains comments, unable to set description due to potential loss of data in conversion")

ErrTextContainsComments is returned when attempting to set a text field with a corresponding JSON field that contains comments, this will cause the comment links to be lost in conversion and is not allowed

View Source 
var ExportableSchemas = map[string]bool{
	"CONTROL":                   true,
	"DIRECTORY_MEMBERSHIP":      true,
	"EVIDENCE":                  true,
	"FINDING":                   true,
	"INTERNAL_POLICY":           true,
	"PROCEDURE":                 true,
	"REMEDIATION":               true,
	"REVIEW":                    true,
	"RISK":                      true,
	"SUBPROCESSOR":              true,
	"SUBSCRIBER":                true,
	"TASK":                      true,
	"TRUST_CENTER_SUBPROCESSOR": true,
	"VULNERABILITY":             true,
}

ExportableSchemas contains all schemas that have Exportable annotation

Functions

func AddOrDeletePublicStandardTuple added in v0.8.3 

func AddOrDeletePublicStandardTuple(ctx context.Context, m *generated.StandardMutation) (bool, bool, error)

AddOrDeletePublicStandardTuple determines whether to add or delete a standard tuple based on the mutation operation and field values.

Parameters: - ctx: The context for the operation. - m: The StandardMutation containing the mutation details.

Returns: - add: A boolean indicating whether to add the tuple. - delete: A boolean indicating whether to delete the tuple. - err: An error if any occurred during the operation.

The function handles the following mutation operations: - OpCreate: Adds the tuple if both systemOwned and isPublic are true. - OpDelete, OpDeleteOne: Deletes the tuple. - OpUpdateOne: Deletes the tuple if it's a soft delete or if isPublic fields has changed. Adds the tuple if both fields are true. - OpUpdate: Deletes the tuple if isPublic field has been cleared. Adds the tuple if both fields are true.

func AddPostMutationHook added in v0.5.0 

func AddPostMutationHook[T any](hook func(ctx context.Context, v T) error)

The `AddPostMutationHook` function is used to add a post-mutation hook to the list of runtime hooks. This function takes a hook function as a parameter, which will be executed after a mutation operation is performed. The hook function is expected to take a context and a value of type `T` as input parameters and return an error if any

func DeletePermissionsHook added in v0.40.1 

func DeletePermissionsHook(ctx context.Context, m utils.GenericMutation) error

DeletePermissionsHook deletes all relationship tuples associated with the object(s) in the mutation

func EmitEventHook added in v0.4.1 

func EmitEventHook(e *Eventer) ent.Hook

EmitEventHook returns a hook that emits events after mutations

func GetObjectIDFromEntValue added in v0.6.13 

func GetObjectIDFromEntValue(m ent.Value) (string, error)

GetObjectIDFromEntValue extracts the object id from a generic ent value return type this function should be called after the mutation has been successful

func GetObjectIDsFromMutation added in v0.7.3 

func GetObjectIDsFromMutation(ctx context.Context, m utils.GenericMutation, v ent.Value) ([]string, error)

GetObjectIDsFromMutation gets the object ids from the mutation, if it is a create it will use the ent.Value to get the id, requiring the mutation be executed first For updates, it will use the `IDs()` function to get the IDs by querying the database and returning the entity ids that match the mutation's predicate.

func GetObjectTypeFromEntMutation added in v0.6.13 

func GetObjectTypeFromEntMutation(m ent.Mutation) string

GetObjectTypeFromEntMutation gets the object type from the ent mutation

func HookBillingEmailChange added in v1.2.9 

func HookBillingEmailChange() ent.Hook

HookBillingEmailChange is triggered when the billing_email field is updated on an organization setting.

func HookContact added in v0.6.21 

func HookContact() ent.Hook

HookContact runs on contact create mutations

func HookControlImplementation added in v0.8.10 

func HookControlImplementation() ent.Hook

HookControlImplementation sets default values for the control implementation

func HookControlReferenceFramework added in v0.18.3 

func HookControlReferenceFramework() ent.Hook

HookControlReferenceFramework runs on control mutations to set the reference framework based on the standard's short name

func HookCreateAPIToken 

func HookCreateAPIToken() ent.Hook

HookCreateAPIToken runs on api token mutations and sets the owner id

func HookCreateAssessmentResponse added in v0.46.3 

func HookCreateAssessmentResponse() ent.Hook

HookCreateAssessmentResponse sends the email to the user to fill in and input their data. It also makes sure to bump up the send attempts if needed.

func HookCreateCustomDomain added in v0.15.1 

func HookCreateCustomDomain() ent.Hook

HookCustomDomain runs on create mutations

func HookCreatePersonalAccessToken 

func HookCreatePersonalAccessToken() ent.Hook

HookCreatePersonalAccessToken runs on access token mutations and sets the owner id

func HookCreateTrustCenterDoc added in v0.35.2 

func HookCreateTrustCenterDoc() ent.Hook

HookCreateTrustCenterDoc is an ent hook that processes file uploads and sets appropriate fields and permissions on create

func HookCustomEnums added in v0.43.0 

func HookCustomEnums(in CustomEnumFilter) ent.Hook

HookCustomEnums ensures that a custom enum value exists for the given object type and field It looks up the enum by name and sets the corresponding edge field on the mutation

func HookCustomTypeEnumDelete added in v0.47.4 

func HookCustomTypeEnumDelete() ent.Hook

HookCustomTypeEnumDelete checks if the enum(s) being deleted is in use by any other object. If in use, the deletion cannot proceed

func HookDNSVerificationDelete added in v0.52.1 

func HookDNSVerificationDelete() ent.Hook

HookDNSVerificationDelete cleans up preview domain DNS records when a verification record is deleted

func HookDeleteCustomDomain added in v0.15.1 

func HookDeleteCustomDomain() ent.Hook

HookCustomDomain runs on create mutations

func HookDeletePermissions added in v0.40.1 

func HookDeletePermissions() ent.Hook

HookDeletePermissions is an ent hook that deletes all relationship tuples associated with an object on either delete or soft-delete operations

func HookDeleteUser 

func HookDeleteUser() ent.Hook

HookDeleteUser runs on user deletions to clean up personal organizations

func HookDocumentDataTrustCenterNDA added in v0.34.5 

func HookDocumentDataTrustCenterNDA() ent.Hook

HookDocumentDataTrustCenterNDA runs on document data create mutations to ensure trust center NDA document submissions are valid

func HookEdgePermissions added in v0.26.0 

func HookEdgePermissions() ent.Hook

HookEdgePermissions runs on edge mutations to ensure the user has access to the object they are trying to add for edges. It uses the accessmap generated to get the object type and checks if the user has access to it.

func HookEmailValidation added in v0.36.0 

func HookEmailValidation() ent.Hook

HookEmailValidation runs on user mutations to validate email addresses to ensure they meet the configured criteria which could include checks for disposable, free, or role-based emails. Additionally, it can set a default avatar using Gravatar if no avatar is provided during user creation. This hook only accepts mutations that implement the MutationWithEmail interface or are Invite mutations, which used the recipient field.

func HookEmailVerificationToken 

func HookEmailVerificationToken() ent.Hook

HookEmailVerificationToken runs on email verification mutations and sets expires

func HookEnableTFA 

func HookEnableTFA() ent.Hook

HookEnableTFA is a hook that generates the tfa secrets if the totp setting is set to allowed

func HookEntityCreate 

func HookEntityCreate() ent.Hook

HookEntityCreate runs on entity mutations to set default values that are not provided

func HookEvidenceFiles added in v0.6.19 

func HookEvidenceFiles() ent.Hook

HookEvidenceFiles runs on evidence mutations to check for uploaded files

func HookExport added in v0.22.3 

func HookExport() ent.Hook

func HookFileDelete added in v0.22.3 

func HookFileDelete() ent.Hook

HookFileDelete makes sure to clean up the file from external storage once deleted

func HookFileDownloadToken added in v0.39.2 

func HookFileDownloadToken() ent.Hook

HookPasswordResetToken runs on reset token mutations and sets expires

func HookGroup 

func HookGroup() ent.Hook

HookGroup runs on group mutations to set default values that are not provided

func HookGroupAuthz 

func HookGroupAuthz() ent.Hook

HookGroupAuthz runs on group mutations to setup or remove relationship tuples

func HookGroupMembers 

func HookGroupMembers() ent.Hook

func HookGroupPermissionsTuples added in v0.6.21 

func HookGroupPermissionsTuples() ent.Hook

HookGroupPermissionsTuples is a hook that adds group permissions tuples for the object being created this is the reverse edge of the object owned tuples, meaning these run on group mutations whereas the other hooks run on the object mutations

func HookGroupSettingVisibility added in v0.7.0 

func HookGroupSettingVisibility() ent.Hook

HookGroupSettingVisibility is a hook that updates the conditional tuples for group settings based on the visibility setting changing the initial tuple is set up on group creation

func HookImportDocument added in v0.37.3 

func HookImportDocument() ent.Hook

HookImportDocument is an ent hook that imports document content from either an uploaded file or a provided URL If a file is uploaded it becomes the source of the details and sets the document name to the original filename

func HookInvite 

func HookInvite() ent.Hook

HookInvite runs on invite create mutations

func HookInviteAccepted 

func HookInviteAccepted() ent.Hook

HookInviteAccepted adds the user to the organization when the status is accepted and any groups specified in the invite

func HookInviteGroups added in v0.23.3 

func HookInviteGroups() ent.Hook

HookInviteGroups checks the user has access to the groups specified in the invite mutation before allowing the mutation to proceed users must have edit access to the group to be able to add an invite

func HookJobResultFiles added in v0.30.0 

func HookJobResultFiles() ent.Hook

HookJobResultFiles runs on jobresult mutations to check for uploaded files

func HookJobRunnerCreate added in v0.14.1 

func HookJobRunnerCreate() ent.Hook

HookJobRunnerCreate makes sure there is always a token for the job runner node when a new runner is created

This also deletes the registration token

func HookJobRunnerDelete added in v0.14.1 

func HookJobRunnerDelete() ent.Hook

HookJobRunnerDelete deletes all token associated with a runner when the runner is deleted

func HookJobRunnerRegistrationToken added in v0.14.1 

func HookJobRunnerRegistrationToken() ent.Hook

HookJobRunnerRegistrationToken auto deletes registration tokens

There can also be only one token available at any given time. - If a new token is generated, delete the existing registration tokens - If a token has been used to successfully register a job runner node, delete it

func HookManagedGroups added in v0.6.11 

func HookManagedGroups() ent.Hook

HookManagedGroups runs on group mutations to prevent updates to managed groups

func HookMappedControl added in v0.32.0 

func HookMappedControl() ent.Hook

HookMappedControl runs on mapped control create and update mutations to restrict certain fields to system admins only

func HookMembershipSelf added in v0.6.23 

func HookMembershipSelf(table string) ent.Hook

HookMembershipSelf is a hook that runs on membership mutations to prevent users from updating their own membership

func HookNoteFiles added in v0.8.9 

func HookNoteFiles() ent.Hook

HookNoteFiles runs on note mutations to check for uploaded files

func HookNotification added in v0.45.13 

func HookNotification() ent.Hook

HookNotification runs on notification mutations to validate channels

func HookNotificationPublish added in v0.51.0 

func HookNotificationPublish() ent.Hook

HookNotificationPublish runs after notification creation to publish to subscribers

func HookObjectOwnedTuples added in v0.3.4 

func HookObjectOwnedTuples(parents []string, ownerRelation string, skipCreateUserPermissions skipCreateUserPermissions) ent.Hook

HookObjectOwnedTuples is a hook that adds object owned tuples for the object being created given a set of parent id fields, it will add the user and parent permissions to the object on creation by default, it will always add a user permission to the object ownerRelation should normally be set to fgax.ParentRelation, but in some cases this is set to owner to account for different inherited permissions from parent objects vs. the user/service owner of the object (see notes as an example)

func HookOnboarding added in v0.6.24 

func HookOnboarding() ent.Hook

HookOnboarding runs on onboarding mutations to create the organization and settings

func HookOrgMembers 

func HookOrgMembers() ent.Hook

func HookOrgMembersDelete 

func HookOrgMembersDelete() ent.Hook

HookOrgMembersDelete is a hook that runs during the delete operation of an org membership

func HookOrgModule added in v0.28.0 

func HookOrgModule() ent.Hook

HookOrgModule adds the feature tuples to fga as needed

func HookOrgModuleUpdate added in v0.28.0 

func HookOrgModuleUpdate() ent.Hook

HookOrgModuleUpdate updates the feature tuple in fga based off the module status in the database

func HookOrganization 

func HookOrganization() ent.Hook

HookOrganization runs on org mutations to set default values that are not provided

func HookOrganizationCreatePolicy added in v0.7.0 

func HookOrganizationCreatePolicy() ent.Hook

HookOrganizationCreatePolicy is used on organization and organization setting creation mutations if the allowed email domains are set, it will create a conditional tuple that restricts access to the organization based on the email domain

func HookOrganizationDelete 

func HookOrganizationDelete() ent.Hook

HookOrganizationDelete runs on org delete mutations to ensure the org can be deleted

func HookOrganizationUpdatePolicy added in v0.7.0 

func HookOrganizationUpdatePolicy() ent.Hook

HookOrganizationUpdatePolicy is used on organization setting mutations where the allowed email domains are set in the request it will update the conditional tuple that restricts access to the organization based on the email domain

func HookPasswordResetToken 

func HookPasswordResetToken() ent.Hook

HookPasswordResetToken runs on reset token mutations and sets expires

func HookProgramAuthz added in v0.3.5 

func HookProgramAuthz() ent.Hook

HookProgramAuthz runs on program mutations to setup or remove relationship tuples and prevents updates to archived programs - except if the update contains status changes too

func HookProgramMembers added in v0.3.5 

func HookProgramMembers() ent.Hook

HookProgramMembers is a hook that ensures that the user is a member of the organization before allowing them to be added to a program TODO (sfunk): can this be generic across all edges with users that are owned by an organization?

func HookQuestionnaireAssessment added in v0.46.3 

func HookQuestionnaireAssessment() ent.Hook

HookQuestionnaireAssessment is a hook that checks if the templatate associated with the assessment is a questionnaire

func HookRelationTuples added in v0.4.2 

func HookRelationTuples(objects map[string]string, relation fgax.Relation) ent.Hook

HookRelationTuples is a hook that adds tuples for the object being created the objects input is a map of object id fields to the object type these tuples based are based on the direct relation, e.g. a group#member to another object this is the reverse of the HookGroupPermissionsTuples

func HookRequestor added in v1.2.9 

func HookRequestor() ent.Hook

HookRequestor sets the requestor_id field on create mutations

func HookRevisionUpdate added in v0.7.5 

func HookRevisionUpdate() ent.Hook

HookRevisionUpdate is a hook that runs on update mutations to handle the revision of an object It checks if the revision is set, and if not, it retrieves the current revision from the database and bumps the patch version If the revision is cleared, it sets the revision to the default value

func HookScheduledJobCreate added in v0.15.0 

func HookScheduledJobCreate() ent.Hook

HookScheduledJobCreate verifies a job that can be attached to a control/subcontrol has a cron and the configuration matches what is expected

func HookSlateJSON added in v1.2.5 

func HookSlateJSON() ent.Hook

HookSlateJSON is an ent hook that will handle clearing JSON fields if description is set, this will prevent stale JSON data from remaining when a user sets description via the API (or bulk csv operations) that does not include the JSON field data

func HookStandardCreate added in v0.8.3 

func HookStandardCreate() ent.Hook

HookStandardCreate sets default values on creation, such as setting the short name to the name if it's not provided

func HookStandardDelete added in v0.23.9 

func HookStandardDelete() ent.Hook

HookStandardDelete blocks deletion of a standard that is in use by trust center compliances. For system-owned standards, it cascades the deletion by clearing standard_id from org-owned controls and deleting system-owned controls. For non-system-owned standards, it blocks deletion if controls exist.

func HookStandardFileUpload added in v0.47.4 

func HookStandardFileUpload() ent.Hook

func HookStandardPublicAccessTuples added in v0.7.3 

func HookStandardPublicAccessTuples() ent.Hook

HookStandardPublicAccessTuples adds tuples for publicly available standards based on the system owned and isPublic fields; and deletes them when the fields are cleared. see AddOrDeleteStandardTuple for details on how the fields are checked and it's called functions for specifics on mutation types

func HookStatusApproval added in v0.41.2 

func HookStatusApproval() ent.Hook

HookStatusApproval is an ent hook that ensures only users in the approver or delegate group can set status to APPROVED

func HookSubcontrolCreate added in v0.8.9 

func HookSubcontrolCreate() ent.Hook

HookSubcontrolCreate sets default values for the subcontrol on creation

func HookSubcontrolUpdate added in v0.5.0 

func HookSubcontrolUpdate() ent.Hook

HookSubcontrolUpdate ensures that there is at least 1 control assigned to the subcontrol

func HookSubprocessor added in v0.22.3 

func HookSubprocessor() ent.Hook

HookSubprocessor runs on subprocessor mutations to check for uploaded logo file

func HookSubscriberCreate added in v0.8.4 

func HookSubscriberCreate() ent.Hook

HookSubscriberCreate runs on subscriber create mutations

func HookSubscriberUpdated added in v0.8.4 

func HookSubscriberUpdated() ent.Hook

HookSubscriberUpdated runs on subscriber update mutations to set the active status to false if the user is unsubscribed

func HookSummarizeDetails added in v0.11.0 

func HookSummarizeDetails() ent.Hook

HookSummarizeDetails is an ent hook that summarizes long details fields into a short human readable summary

func HookSystemOwnedControls added in v0.47.4 

func HookSystemOwnedControls() ent.Hook

HookSystemOwnedControls runs on mutations to check for system owned controls since only view access to a control is required for edges on tasks, evidence, this ensures that system owned controls are not linked to org owned objects

func HookTagDefinition added in v0.49.5 

func HookTagDefinition() ent.Hook

func HookTagDefinitionDelete added in v0.47.4 

func HookTagDefinitionDelete() ent.Hook

HookTagDefinitionDelete checks if the tag definition(s) being deleted is in use by any workflow definition. If in use, the deletion cannot proceed

func HookTags added in v0.43.0 

func HookTags() ent.Hook

HookTags will create tag definitions if they do not already exist when tags are added to an entity

func HookTaskCreate added in v0.3.4 

func HookTaskCreate() ent.Hook

HookTaskCreate runs on task create mutations to set default values that are not provided this will set the assigner to the current user if it is not provided

func HookTaskPermissions added in v0.7.1 

func HookTaskPermissions() ent.Hook

HookTaskPermissions runs on task create and update mutations to add and remove the assignee tuple

func HookTemplate added in v0.32.0 

func HookTemplate() ent.Hook

HookTemplate runs on template create and update mutations

func HookTemplateAuthz added in v0.34.1 

func HookTemplateAuthz() ent.Hook

func HookTemplateFiles added in v0.34.1 

func HookTemplateFiles() ent.Hook

func HookTrustCenter added in v0.19.0 

func HookTrustCenter() ent.Hook

HookTrustCenter runs on trust center create mutations

func HookTrustCenterComplianceAuthz added in v0.28.2 

func HookTrustCenterComplianceAuthz() ent.Hook

HookTrustCenterComplianceAuthz runs on trust center compliance mutations to setup or remove relationship tuples

func HookTrustCenterDelete added in v0.46.6 

func HookTrustCenterDelete() ent.Hook

HookTrustCenterDelete runs on trust center delete mutations

func HookTrustCenterSetting added in v0.20.7 

func HookTrustCenterSetting() ent.Hook

HookTrustCenterSetting process files for trust center settings

func HookTrustCenterSettingCreatePreview added in v0.46.7 

func HookTrustCenterSettingCreatePreview() ent.Hook

HookTrustCenterSettingCreatePreview is a hook that runs on trust center setting create or update to enqueue a job to create the preview domain

func HookTrustCenterUpdate added in v0.46.6 

func HookTrustCenterUpdate() ent.Hook

HookTrustCenterUpdate runs on trust center update mutations

func HookTrustCenterWatermarkConfig added in v0.34.5 

func HookTrustCenterWatermarkConfig() ent.Hook

HookTrustCenterWatermarkConfig process files for trust center watermark config

func HookTrustcenterEntityCreate added in v0.47.5 

func HookTrustcenterEntityCreate() ent.Hook

HookTrustcenterEntityCreate scopes the entity to the customer type by default. If the customer entity does not exist ( maybe old orgs ), it creates it before proceeding to the trustcenter entity creation

func HookTrustcenterEntityFiles added in v0.47.5 

func HookTrustcenterEntityFiles() ent.Hook

HookTrustcenterEntityFiles runs on trustcenter entity mutations and checks for an uploaded logo file

func HookUpdateAPIToken 

func HookUpdateAPIToken() ent.Hook

HookUpdateAPIToken runs on api token update and redacts the token

func HookUpdateAssessmentResponse added in v0.46.3 

func HookUpdateAssessmentResponse() ent.Hook

HookUpdateAssessmentResponse checks if the assessment response is past due and updates the status accordingly

func HookUpdateManagedGroups added in v0.6.11 

func HookUpdateManagedGroups() ent.Hook

HookUpdateManagedGroups runs when org members are added to add the users to the system managed groups

func HookUpdatePersonalAccessToken 

func HookUpdatePersonalAccessToken() ent.Hook

HookUpdatePersonalAccessToken runs on access token update and redacts the token

func HookUpdateTrustCenterDoc added in v0.35.2 

func HookUpdateTrustCenterDoc() ent.Hook

HookUpdateTrustCenterDoc is an ent hook that processes file uploads and sets appropriate fields and permissions on update

func HookUser 

func HookUser() ent.Hook

HookUser runs on user mutations validate and hash the password and set default values that are not provided

func HookUserCanViewTuple added in v0.28.1 

func HookUserCanViewTuple() ent.Hook

HookUserCanViewTuple adds the user#can_view relation for the created object it is agnostic to the object type so it can be used on any schema

func HookUserPermissions added in v0.3.1 

func HookUserPermissions() ent.Hook

HookUserPermissions runs on user creations to add user _self permissions these are used for parent inherited relations on other objects in the system

func HookUserSetting 

func HookUserSetting() ent.Hook

HookUserSetting runs on user settings mutations and validates input on update

func HookUserSettingEmailConfirmation added in v0.35.0 

func HookUserSettingEmailConfirmation() ent.Hook

HookUserSettingEmailConfirmation runs on user settings mutations and handles auto-join when email is confirmed and sends welcome email after verification

func HookValidateIdentityProviderConfig added in v0.22.0 

func HookValidateIdentityProviderConfig() ent.Hook

HookValidateIdentityProviderConfig ensures identity provider configuration is present when SSO login is enforced and resets enforced/tested status when SSO configuration fields change

func HookVerifyTFA added in v0.6.12 

func HookVerifyTFA() ent.Hook

HookVerifyTFA is a hook that will generate recovery codes and enable TFA for a user if the TFA has been verified

func HookWebauthnDelete added in v0.10.10 

func HookWebauthnDelete() ent.Hook

HookWebauthnDelete runs on passkey delete mutations to ensure that we update the user's settings if needed

func IsSchemaExportable added in v0.22.3 

func IsSchemaExportable(schemaName string) bool

IsSchemaExportable checks if a schema name is exportable

func IsUniqueConstraintError 

func IsUniqueConstraintError(err error) bool

IsUniqueConstraintError reports if the error resulted from a DB uniqueness constraint violation. e.g. duplicate value in unique index.

func MetricsHook added in v0.9.0 

func MetricsHook() ent.Hook

MetricsHook inits the collectors with count total at beginning, error on mutation error and a duration after the mutation

func OrgOwnedTuplesHook added in v0.16.0 

func OrgOwnedTuplesHook() ent.Hook

OrgOwnedTuplesHook is a hook that adds organization owned tuples for the object being created it will only add the parent organization permissions, and no specific user permissions

func OrgOwnedTuplesHookWithAdmin added in v0.16.0 

func OrgOwnedTuplesHookWithAdmin() ent.Hook

OrgOwnedTuplesHookWithAdmin is a hook that adds organization owned tuples for the object being created it will add the user and parent (organization owner_id) permissions to the object on creation, and will also add an admin user permission to the object

func RegisterGlobalHooks added in v0.4.1 

func RegisterGlobalHooks(client *entgen.Client, e *Eventer)

RegisterGlobalHooks registers global event hooks for the entdb client and expects a pointer to an Eventer

func RegisterListeners added in v0.4.1 

func RegisterListeners(e *Eventer) error

RegisterListeners registers all listeners on the Eventer with the emitter

func SetNewRevision added in v0.7.5 

func SetNewRevision(ctx context.Context, mut MutationWithRevision) error

SetNewRevision sets the new revision for a mutation based on the current revision and the revision bump If the revision is set, it does nothing If the revision is not set, it retrieves the current revision from the database and bumps the version based on the revision bump If there is no revision bump set, it bumps the patch version

func SetSlackConfig added in v0.18.8 

func SetSlackConfig(cfg SlackConfig)

SetSlackConfig replaces the active Slack notification configuration

func SetTrustCenterConfig added in v0.46.7 

func SetTrustCenterConfig(cfg TrustCenterConfig)

SetTrustCenterConfig sets the trust center configuration

func StripInvalidChars added in v0.42.2 

func StripInvalidChars(s string) string

StripInvalidChars removes invalid characters from a string

func ValidateExportType added in v0.22.3 

func ValidateExportType(exportType string) error

ValidateExportType validates that an export type corresponds to an exportable schema

func ValidateIdentityProviderConfig added in v0.22.0 

func ValidateIdentityProviderConfig(ctx context.Context, m *generated.OrganizationSettingMutation) error

ValidateIdentityProviderConfig checks if the identity provider configuration is valid the intent of the function is to ensure all necessary identity provider configuration fields are present and valid when SSO enforcement is being set to active, while also supporting partial updates by falling back to existing values when appropriate

Types

type AvatarMutation added in v0.6.10 

type AvatarMutation interface {
	SetAvatarLocalFileID(s string)
	ID() (id string, exists bool)
	Type() string
}

AvatarMutation is an interface for setting the local file ID for an avatar

type CustomEnumFilter added in v0.43.0 

type CustomEnumFilter struct {
	// ObjectType is the object type the enum applies to, e.g. "risk", "control", "risk_category"
	ObjectType string
	// Field is the field the enum applies to, e.g. "kind", "category"
	Field string
	// EdgeFieldName is the edge field name the enum applies to that is the foreign key, e.g. "risk_kind_id"
	EdgeFieldName string
	// SchemaFieldName is the schema field name the enum applies to, e.g. "control_kind_name
	SchemaFieldName string
}

CustomEnumFilter is used to filter custom enums based on object type and field

type EventID added in v0.4.1 

type EventID struct {
	ID string `json:"id,omitempty"`
}

EventID represents the ID structure used in events

type Eventer added in v0.5.0 

type Eventer struct {
	Emitter *soiree.EventBus
	// contains filtered or unexported fields
}

Eventer coordinates the mutation listeners that will be registered against the ent client and underpins the hook emission predicate

func NewEventer added in v0.5.0 

func NewEventer(opts ...EventerOpts) *Eventer

NewEventer constructs an Eventer and applies the provided option set; callers typically use this when they have an existing event bus that needs to be reused

func NewEventerPool added in v0.5.0 

func NewEventerPool(client any) *Eventer

NewEventerPool builds a fresh event bus, associates it with an Eventer, and wires the default mutation listeners

func (*Eventer) AddMutationListener added in v0.45.0 

func (e *Eventer) AddMutationListener(entity string, handler MutationHandler)

AddMutationListener registers a handler for the supplied entity; registration automatically opts the entity into event emission

type EventerOpts added in v0.5.0 

type EventerOpts func(*Eventer)

EventerOpts configures an Eventer instance via the functional-options pattern

func WithEventerEmitter added in v0.5.0 

func WithEventerEmitter(emitter *soiree.EventBus) EventerOpts

WithEventerEmitter injects an existing soiree.EventBus into an Eventer

type ManagedContextKey added in v0.6.11 

type ManagedContextKey struct{}

ManagedContextKey is the context key name for managed group updates

type MutationHandler added in v0.45.0 

type MutationHandler func(*soiree.EventContext, *events.MutationPayload) error

MutationHandler is the signature listener implementations expose for mutation events

type MutationMember added in v0.6.23 

type MutationMember interface {
	UserIDs() []string
	UserID() (string, bool)
	ID() (string, bool)
	IDs(ctx context.Context) ([]string, error)
	Op() ent.Op
	Client() *generated.Client
}

MutationMember is an interface that can be implemented by a member mutation to get IDs

type MutationWithEmail added in v0.36.0 

type MutationWithEmail interface {
	Email() (string, bool)

	utils.GenericMutation
}

MutationWithEmail is an interface that mutations that require email validation must implement

type MutationWithRevision added in v0.7.5 

type MutationWithRevision interface {
	Revision() (string, bool)
	RevisionCleared() bool
	OldRevision(ctx context.Context) (string, error)
	SetRevision(s string)

	utils.GenericMutation
}

MutationWithRevision is an interface that defines the methods required for a mutation to be able to handle revisions It includes methods for getting and setting the revision

type OrgMember added in v0.6.11 

type OrgMember struct {
	// UserID is the user ID of the org member
	UserID string
	// Role is the role of the org member
	Role enums.Role
	// OrgID is the organization ID of the org member
	OrgID string
}

OrgMember is a struct to hold the org member details

type SlackConfig added in v0.18.8 

type SlackConfig struct {
	// WebhookURL is the endpoint to send messages to
	WebhookURL string
	// NewSubscriberMessageFile is an optional path to a bespoke Slack template for new subscriber notifications (cat memes)
	NewSubscriberMessageFile string
	// NewUserMessageFile is an optional path to a bespoke Slack template for new user notifications (welcome messages)
	NewUserMessageFile string
}

SlackConfig defines the runtime configuration for Slack notifications emitted by listeners

type TrustCenterConfig added in v0.46.7 

type TrustCenterConfig struct {
	PreviewZoneID string
	CnameTarget   string
}

TrustCenterConfig holds the trust center configuration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.