The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func DeleteResource(ctx context.Context, opts DeleteResourceOpts) error
- func SetAPIKey(apiKey string)
- func TestBatchWarrants(t *testing.T)
- func TestConvertResourceTypesLive(t *testing.T)
- func TestConvertSchemaLive(t *testing.T)
- func TestCrudResources(t *testing.T)
- func TestMultiTenancy(t *testing.T)
- func TestPricingTiersFeaturesAndUsers(t *testing.T)
- func TestQueryWarrants(t *testing.T)
- func TestRBAC(t *testing.T)
- func TestWarrants(t *testing.T)
- func TestWarrantsWithPolicy(t *testing.T)
- type CheckBatchOpts
- type CheckOpts
- type CheckResponse
- type Client
- func (c *Client) BatchUpdateResourceTypes(ctx context.Context, opts []UpdateResourceTypeOpts) ([]ResourceType, error)
- func (c *Client) BatchWriteWarrants(ctx context.Context, opts []WriteWarrantOpts) (WriteWarrantResponse, error)
- func (c *Client) Check(ctx context.Context, opts CheckOpts) (CheckResponse, error)
- func (c *Client) CheckBatch(ctx context.Context, opts CheckBatchOpts) ([]CheckResponse, error)
- func (c *Client) ConvertResourceTypesToSchema(ctx context.Context, opts ConvertResourceTypesToSchemaOpts) (ConvertSchemaResponse, error)
- func (c *Client) ConvertSchemaToResourceTypes(ctx context.Context, opts ConvertSchemaToResourceTypesOpts) (ConvertSchemaResponse, error)
- func (c *Client) CreateResource(ctx context.Context, opts CreateResourceOpts) (Resource, error)
- func (c *Client) DeleteResource(ctx context.Context, opts DeleteResourceOpts) error
- func (c *Client) GetResource(ctx context.Context, opts GetResourceOpts) (Resource, error)
- func (c *Client) GetSchema(ctx context.Context) (GetSchemaResponse, error)
- func (c *Client) ListResourceTypes(ctx context.Context, opts ListResourceTypesOpts) (ListResourceTypesResponse, error)
- func (c *Client) ListResources(ctx context.Context, opts ListResourcesOpts) (ListResourcesResponse, error)
- func (c *Client) ListWarrants(ctx context.Context, opts ListWarrantsOpts) (ListWarrantsResponse, error)
- func (c *Client) Query(ctx context.Context, opts QueryOpts) (QueryResponse, error)
- func (c *Client) UpdateResource(ctx context.Context, opts UpdateResourceOpts) (Resource, error)
- func (c *Client) UpdateSchema(ctx context.Context, opts UpdateSchemaOpts) (GetSchemaResponse, error)
- func (c *Client) WriteWarrant(ctx context.Context, opts WriteWarrantOpts) (WriteWarrantResponse, error)
- type Context
- type ConvertResourceTypesToSchemaOpts
- type ConvertSchemaResponse
- type ConvertSchemaToResourceTypesOpts
- type ConvertSchemaWarning
- type CreateResourceOpts
- type DebugInfo
- type DecisionTreeNode
- type DeleteResourceOpts
- type GetResourceOpts
- type GetSchemaResponse
- type ListResourceTypesOpts
- type ListResourceTypesResponse
- type ListResourcesOpts
- type ListResourcesResponse
- type ListWarrantsOpts
- type ListWarrantsResponse
- type Order
- type Policy
- type PolicyParameter
- type QueryOpts
- type QueryResponse
- type QueryResult
- type Resource
- type ResourceType
- type Subject
- type UpdatePolicyOpts
- type UpdateResourceOpts
- type UpdateResourceTypeOpts
- type UpdateSchemaOpts
- type Warrant
- type WarrantCheck
- type WriteWarrantOpts
- type WriteWarrantResponse
Constants ¶
View Source
const ( Asc Order = "asc" Desc Order = "desc" CheckOpAllOf = "all_of" CheckOpAnyOf = "any_of" CheckOpBatch = "batch" CheckResultAuthorized = "authorized" CheckResultNotAuthorized = "not_authorized" WarrantOpCreate = "create" WarrantOpDelete = "delete" )
Constants that enumerate the available orders.
View Source
const ResponseLimit = 10
ResponseLimit is the default number of records to limit a response to.
View Source
const (
SchemaConvertEndpoint = "%s/fga/v1/schemas/convert"
)
Variables ¶
View Source
var (
DefaultClient = &Client{
Endpoint: "https://api.workos.com",
}
)
DefaultClient is the client used by SetAPIKey and FGA functions.
Functions ¶
func DeleteResource ¶
func DeleteResource( ctx context.Context, opts DeleteResourceOpts, ) error
DeleteResource deletes a Resource.
func TestBatchWarrants ¶
func TestConvertResourceTypesLive ¶ added in v4.21.0
func TestConvertSchemaLive ¶ added in v4.21.0
func TestCrudResources ¶
func TestMultiTenancy ¶
func TestQueryWarrants ¶
func TestWarrants ¶
func TestWarrantsWithPolicy ¶
Types ¶
type CheckBatchOpts ¶
type CheckBatchOpts struct {
// List of warrants to check.
Checks []WarrantCheck `json:"checks"`
// Flag to include debug information in the response.
Debug bool `json:"debug,omitempty"`
// Optional token to specify desired read consistency
WarrantToken string `json:"-"`
}
type CheckOpts ¶
type CheckOpts struct {
// The operator to use for the given warrants.
Op string `json:"op,omitempty"`
// List of warrants to check.
Checks []WarrantCheck `json:"checks"`
// Flag to include debug information in the response.
Debug bool `json:"debug,omitempty"`
// Optional token to specify desired read consistency
WarrantToken string `json:"-"`
}
type CheckResponse ¶
type CheckResponse struct {
Result string `json:"result"`
IsImplicit bool `json:"is_implicit"`
DebugInfo DebugInfo `json:"debug_info,omitempty"`
}
func Check ¶
func Check( ctx context.Context, opts CheckOpts, ) (CheckResponse, error)
Check performs access checks on multiple Warrants.
func CheckBatch ¶
func CheckBatch( ctx context.Context, opts CheckBatchOpts, ) ([]CheckResponse, error)
CheckBatch performs individual access checks on multiple Warrants in one request.
func (CheckResponse) Authorized ¶
func (checkResponse CheckResponse) Authorized() bool
type Client ¶
type Client struct {
// The WorkOS API Key. It can be found in https://dashboard.workos.com/api-keys.
APIKey string
// The http.Client that is used to get FGA records from WorkOS.
// Defaults to http.Client.
HTTPClient *retryablehttp.HttpClient
// The endpoint to WorkOS API. Defaults to https://api.workos.com.
Endpoint string
// The function used to encode in JSON. Defaults to json.Marshal.
JSONEncode func(v interface{}) ([]byte, error)
// contains filtered or unexported fields
}
Client represents a client that performs FGA requests to the WorkOS API.
func (*Client) BatchUpdateResourceTypes ¶
func (c *Client) BatchUpdateResourceTypes(ctx context.Context, opts []UpdateResourceTypeOpts) ([]ResourceType, error)
BatchUpdateResourceTypes sets the environment's set of resource types to match the resource types passed.
func (*Client) BatchWriteWarrants ¶
func (c *Client) BatchWriteWarrants(ctx context.Context, opts []WriteWarrantOpts) (WriteWarrantResponse, error)
BatchWriteWarrants performs a write operation on a Warrant.
func (*Client) CheckBatch ¶
func (c *Client) CheckBatch(ctx context.Context, opts CheckBatchOpts) ([]CheckResponse, error)
func (*Client) ConvertResourceTypesToSchema ¶ added in v4.21.0
func (c *Client) ConvertResourceTypesToSchema(ctx context.Context, opts ConvertResourceTypesToSchemaOpts) (ConvertSchemaResponse, error)
ConvertResourceTypesToSchema converts resource types to a schema.
func (*Client) ConvertSchemaToResourceTypes ¶ added in v4.21.0
func (c *Client) ConvertSchemaToResourceTypes(ctx context.Context, opts ConvertSchemaToResourceTypesOpts) (ConvertSchemaResponse, error)
ConvertSchemaToResourceTypes converts a schema to resource types.
func (*Client) CreateResource ¶
CreateResource creates a new resource
func (*Client) DeleteResource ¶
func (c *Client) DeleteResource(ctx context.Context, opts DeleteResourceOpts) error
DeleteResource deletes a Resource
func (*Client) GetResource ¶
GetResource gets a Resource.
func (*Client) GetSchema ¶ added in v4.32.0
func (c *Client) GetSchema(ctx context.Context) (GetSchemaResponse, error)
GetSchema gets the current schema for the environment.
func (*Client) ListResourceTypes ¶
func (c *Client) ListResourceTypes(ctx context.Context, opts ListResourceTypesOpts) (ListResourceTypesResponse, error)
ListResourceTypes gets a list of FGA resource types.
func (*Client) ListResources ¶
func (c *Client) ListResources(ctx context.Context, opts ListResourcesOpts) (ListResourcesResponse, error)
ListResources gets a list of FGA resources.
func (*Client) ListWarrants ¶
func (c *Client) ListWarrants(ctx context.Context, opts ListWarrantsOpts) (ListWarrantsResponse, error)
ListWarrants gets a list of Warrants.
func (*Client) UpdateResource ¶
UpdateResource updates an existing Resource
func (*Client) UpdateSchema ¶ added in v4.32.0
func (c *Client) UpdateSchema(ctx context.Context, opts UpdateSchemaOpts) (GetSchemaResponse, error)
UpdateSchema updates the current schema for the environment.
func (*Client) WriteWarrant ¶
func (c *Client) WriteWarrant(ctx context.Context, opts WriteWarrantOpts) (WriteWarrantResponse, error)
WriteWarrant performs a write operation on a Warrant.
type ConvertResourceTypesToSchemaOpts ¶ added in v4.21.0
type ConvertResourceTypesToSchemaOpts struct {
// The version of the transpiler to use.
Version string `json:"version"`
// The resource types to convert to a schema.
ResourceTypes []ResourceType `json:"resource_types"`
}
type ConvertSchemaResponse ¶ added in v4.21.0
type ConvertSchemaResponse struct {
// The version transpiler used to convert the schema.
Version string `json:"version"`
// Warnings generated from schema issues.
Warnings []ConvertSchemaWarning `json:"warnings,omitempty"`
// The schema generated from the resource types.
Schema *string `json:"schema,omitempty"`
// The resource types generated from the schema.
ResourceTypes []ResourceType `json:"resource_types,omitempty"`
}
func ConvertResourceTypesToSchema ¶ added in v4.21.0
func ConvertResourceTypesToSchema( ctx context.Context, opts ConvertResourceTypesToSchemaOpts, ) (ConvertSchemaResponse, error)
func ConvertSchemaToResourceTypes ¶ added in v4.21.0
func ConvertSchemaToResourceTypes( ctx context.Context, opts ConvertSchemaToResourceTypesOpts, ) (ConvertSchemaResponse, error)
type ConvertSchemaToResourceTypesOpts ¶ added in v4.21.0
type ConvertSchemaToResourceTypesOpts struct {
// The schema to convert to resource types.
Schema string
}
Schema
type ConvertSchemaWarning ¶ added in v4.21.0
type ConvertSchemaWarning struct {
// The warning message.
Message string `json:"message"`
}
type CreateResourceOpts ¶
type CreateResourceOpts struct {
// The type of the resource.
ResourceType string `json:"resource_type"`
// The customer defined string identifier for this resource.
ResourceId string `json:"resource_id,omitempty"`
// Map containing additional information about this resource.
Meta map[string]interface{} `json:"meta,omitempty"`
}
type DebugInfo ¶
type DebugInfo struct {
ProcessingTime time.Duration `json:"processing_time"`
DecisionTree *DecisionTreeNode `json:"decision_tree"`
}
type DecisionTreeNode ¶
type DecisionTreeNode struct {
Check WarrantCheck `json:"check"`
Policy string `json:"policy,omitempty"`
Decision string `json:"decision"`
ProcessingTime time.Duration `json:"processing_time"`
Children []DecisionTreeNode `json:"children"`
}
type DeleteResourceOpts ¶
type DeleteResourceOpts struct {
// The type of the resource.
ResourceType string
// The customer defined string identifier for this resource.
ResourceId string
}
DeleteResourceOpts contains the options to delete a resource.
type GetResourceOpts ¶
type GetSchemaResponse ¶ added in v4.32.0
type GetSchemaResponse struct {
// The version of the schema.
Version string `json:"version"`
// The resource types generated from the schema.
ResourceTypes []ResourceType `json:"resource_types"`
// The policies generated from the schema.
Policies map[string]Policy `json:"policies"`
}
func GetSchema ¶ added in v4.32.0
func GetSchema( ctx context.Context, ) (GetSchemaResponse, error)
GetSchema retrieves the current schema for the environment.
func UpdateSchema ¶ added in v4.32.0
func UpdateSchema( ctx context.Context, opts UpdateSchemaOpts, ) (GetSchemaResponse, error)
UpdateSchema applies a schema to the environment, updating the current schema.
type ListResourceTypesOpts ¶
type ListResourceTypesOpts struct {
// Maximum number of records to return.
Limit int `url:"limit,omitempty"`
// The order in which to paginate records.
Order Order `url:"order,omitempty"`
// Pagination cursor to receive records before a provided ResourceType ID.
Before string `url:"before,omitempty"`
// Pagination cursor to receive records after a provided ResourceType ID.
After string `url:"after,omitempty"`
}
type ListResourceTypesResponse ¶
type ListResourceTypesResponse struct {
// List of Resource Types.
Data []ResourceType `json:"data"`
// Cursor pagination options.
ListMetadata common.ListMetadata `json:"list_metadata"`
}
func ListResourceTypes ¶
func ListResourceTypes( ctx context.Context, opts ListResourceTypesOpts, ) (ListResourceTypesResponse, error)
ListResourceTypes gets a list of ResourceTypes.
type ListResourcesOpts ¶
type ListResourcesOpts struct {
// The type of the resource.
ResourceType string `url:"resource_type,omitempty"`
// Searchable text for a Resource. Can be empty.
Search string `url:"search,omitempty"`
// Maximum number of records to return.
Limit int `url:"limit,omitempty"`
// The order in which to paginate records.
Order Order `url:"order,omitempty"`
// Pagination cursor to receive records before a provided Resource ID.
Before string `url:"before,omitempty"`
// Pagination cursor to receive records after a provided Resource ID.
After string `url:"after,omitempty"`
}
type ListResourcesResponse ¶
type ListResourcesResponse struct {
// List of provisioned Resources.
Data []Resource `json:"data"`
// Cursor pagination options.
ListMetadata common.ListMetadata `json:"list_metadata"`
}
ListResourcesResponse describes the response structure when requesting Resources
func ListResources ¶
func ListResources( ctx context.Context, opts ListResourcesOpts, ) (ListResourcesResponse, error)
ListResources gets a list of Resources.
type ListWarrantsOpts ¶
type ListWarrantsOpts struct {
// Only return warrants whose resourceType matches this value.
ResourceType string `url:"resource_type,omitempty"`
// Only return warrants whose resourceId matches this value.
ResourceId string `url:"resource_id,omitempty"`
// Only return warrants whose relation matches this value.
Relation string `url:"relation,omitempty"`
// Only return warrants with a subject whose resourceType matches this value.
SubjectType string `url:"subject_type,omitempty"`
// Only return warrants with a subject whose resourceId matches this value.
SubjectId string `url:"subject_id,omitempty"`
// Only return warrants with a subject whose relation matches this value.
SubjectRelation string `url:"subject_relation,omitempty"`
// Maximum number of records to return.
Limit int `url:"limit,omitempty"`
// Pagination cursor to receive records after a provided Warrant ID.
After string `url:"after,omitempty"`
// Optional token to specify desired read consistency
WarrantToken string `url:"-"`
}
type ListWarrantsResponse ¶
type ListWarrantsResponse struct {
// List of provisioned Warrants.
Data []Warrant `json:"data"`
// Cursor pagination options.
ListMetadata common.ListMetadata `json:"list_metadata"`
}
ListWarrantsResponse describes the response structure when requesting Warrants
func ListWarrants ¶
func ListWarrants( ctx context.Context, opts ListWarrantsOpts, ) (ListWarrantsResponse, error)
ListWarrants gets a list of Warrants.
type Policy ¶ added in v4.32.0
type Policy struct {
// The name of the policy.
Name string `json:"name"`
// The language of the policy expression.
Language string `json:"language"`
//The description of the policy.
Description string `json:"description,omitempty"`
// Parameters for the policy.
Parameters []PolicyParameter `json:"parameters"`
// The expression of the policy.
Expression string `json:"expression"`
}
Policies
type PolicyParameter ¶ added in v4.32.0
type QueryOpts ¶
type QueryOpts struct {
// Query to be executed.
Query string `url:"q"`
// Contextual data to use for the query.
Context Context `url:"context,omitempty"`
// Maximum number of records to return.
Limit int `url:"limit,omitempty"`
// The order in which to paginate records.
Order Order `url:"order,omitempty"`
// Pagination cursor to receive records before a provided Warrant ID.
Before string `url:"before,omitempty"`
// Pagination cursor to receive records after a provided Warrant ID.
After string `url:"after,omitempty"`
// Optional token to specify desired read consistency
WarrantToken string `url:"-"`
}
Query
type QueryResponse ¶
type QueryResponse struct {
// List of query results.
Data []QueryResult `json:"data"`
// Cursor pagination options.
ListMetadata common.ListMetadata `json:"list_metadata"`
}
type QueryResult ¶
type QueryResult struct {
// The type of the resource.
ResourceType string `json:"resource_type"`
// Id of the specific resource.
ResourceId string `json:"resource_id"`
// Relation between the resource and subject.
Relation string `json:"relation"`
// Warrant matching the provided query
Warrant Warrant `json:"warrant"`
// Specifies whether the warrant is implicitly defined.
IsImplicit bool `json:"is_implicit"`
// Metadata of the resource.
Meta map[string]interface{} `json:"meta,omitempty"`
}
type Resource ¶
type Resource struct {
// The type of the resource.
ResourceType string `json:"resource_type"`
// The customer defined string identifier for this resource.
ResourceId string `json:"resource_id"`
// Map containing additional information about this resource.
Meta map[string]interface{} `json:"meta"`
}
Resources
func CreateResource ¶
func CreateResource( ctx context.Context, opts CreateResourceOpts, ) (Resource, error)
CreateResource creates a Resource.
func GetResource ¶
func GetResource( ctx context.Context, opts GetResourceOpts, ) (Resource, error)
GetResource gets a Resource.
func UpdateResource ¶
func UpdateResource( ctx context.Context, opts UpdateResourceOpts, ) (Resource, error)
UpdateResource updates a Resource.
type ResourceType ¶
type ResourceType struct {
// Unique string ID of the resource type.
Type string `json:"type"`
// Set of relationships that subjects can have on resources of this type.
Relations map[string]interface{} `json:"relations"`
}
Resource types
func BatchUpdateResourceTypes ¶
func BatchUpdateResourceTypes( ctx context.Context, opts []UpdateResourceTypeOpts, ) ([]ResourceType, error)
BatchUpdateResourceTypes sets the environment's object types to match the provided types.
type Subject ¶
type Subject struct {
// The type of the subject.
ResourceType string `json:"resource_type"`
// The customer defined string identifier for this subject.
ResourceId string `json:"resource_id"`
// The relation of the subject.
Relation string `json:"relation,omitempty"`
}
Warrants
type UpdatePolicyOpts ¶ added in v4.32.0
type UpdatePolicyOpts struct {
// The name of the policy.
Name string `json:"name"`
// The language of the policy expression.
Language string `json:"language"`
// The description of the policy.
Description string `json:"description,omitempty"`
// Parameters for the policy.
Parameters []PolicyParameter `json:"parameters"`
// The expression of the policy.
Expression string `json:"expression"`
}
type UpdateResourceOpts ¶
type UpdateResourceOpts struct {
// The type of the resource.
ResourceType string `json:"resource_type"`
// The customer defined string identifier for this resource.
ResourceId string `json:"resource_id"`
// Map containing additional information about this resource.
Meta map[string]interface{} `json:"meta,omitempty"`
}
type UpdateResourceTypeOpts ¶
type UpdateSchemaOpts ¶ added in v4.32.0
type UpdateSchemaOpts struct {
// The resource types generated from the schema.
ResourceTypes []UpdateResourceTypeOpts `json:"resource_types"`
// The policies generated from the schema.
Policies map[string]UpdatePolicyOpts `json:"policies"`
}
type Warrant ¶
type Warrant struct {
// Type of resource to assign a relation to. Must be an existing type.
ResourceType string `json:"resource_type"`
// Id of the resource to assign a relation to.
ResourceId string `json:"resource_id"`
// Relation to assign to the resource.
Relation string `json:"relation"`
// Subject of the warrant
Subject Subject `json:"subject"`
// Policy that must evaluate to true for warrant to be valid
Policy string `json:"policy,omitempty"`
}
type WarrantCheck ¶
type WarrantCheck struct {
// The type of the resource.
ResourceType string `json:"resource_type"`
// Id of the specific resource.
ResourceId string `json:"resource_id"`
// Relation to check between the resource and subject.
Relation string `json:"relation"`
// The subject that must have the specified relation.
Subject Subject `json:"subject"`
// Contextual data to use for the access check.
Context Context `json:"context,omitempty"`
}
type WriteWarrantOpts ¶
type WriteWarrantOpts struct {
// Operation to perform for the given warrant
Op string `json:"op,omitempty"`
// Type of resource to assign a relation to. Must be an existing type.
ResourceType string `json:"resource_type"`
// Id of the resource to assign a relation to.
ResourceId string `json:"resource_id"`
// Relation to assign to the resource.
Relation string `json:"relation"`
// Subject of the warrant
Subject Subject `json:"subject"`
// Policy that must evaluate to true for warrant to be valid
Policy string `json:"policy,omitempty"`
}
type WriteWarrantResponse ¶
type WriteWarrantResponse struct {
WarrantToken string `json:"warrant_token"`
}
func BatchWriteWarrants ¶
func BatchWriteWarrants( ctx context.Context, opts []WriteWarrantOpts, ) (WriteWarrantResponse, error)
BatchWriteWarrants performs write operations on multiple Warrants in one request.
func WriteWarrant ¶
func WriteWarrant( ctx context.Context, opts WriteWarrantOpts, ) (WriteWarrantResponse, error)
WriteWarrant performs a write operation on a Warrant.
Source Files
Click to show internal directories.
Click to hide internal directories.