Documentation
¶
Overview ¶
Package postgres provides a PostgreSQL implementation of the Warden composite store using grove ORM with Go-based migrations.
Index ¶
- Variables
- type Store
- func (s *Store) AttachPermission(ctx context.Context, roleID id.RoleID, ref permission.Ref) error
- func (s *Store) CheckDirectRelation(ctx context.Context, ...) (bool, error)
- func (s *Store) Close() error
- func (s *Store) CountAssignments(ctx context.Context, filter *assignment.ListFilter) (int64, error)
- func (s *Store) CountCheckLogs(ctx context.Context, filter *checklog.QueryFilter) (int64, error)
- func (s *Store) CountPermissions(ctx context.Context, filter *permission.ListFilter) (int64, error)
- func (s *Store) CountPolicies(ctx context.Context, filter *policy.ListFilter) (int64, error)
- func (s *Store) CountRelations(ctx context.Context, filter *relation.ListFilter) (int64, error)
- func (s *Store) CountResourceTypes(ctx context.Context, filter *resourcetype.ListFilter) (int64, error)
- func (s *Store) CountRoles(ctx context.Context, filter *role.ListFilter) (int64, error)
- func (s *Store) CreateAssignment(ctx context.Context, a *assignment.Assignment) error
- func (s *Store) CreateCheckLog(ctx context.Context, e *checklog.Entry) error
- func (s *Store) CreatePermission(ctx context.Context, p *permission.Permission) error
- func (s *Store) CreatePolicy(ctx context.Context, p *policy.Policy) error
- func (s *Store) CreateRelation(ctx context.Context, t *relation.Tuple) error
- func (s *Store) CreateResourceType(ctx context.Context, rt *resourcetype.ResourceType) error
- func (s *Store) CreateRole(ctx context.Context, r *role.Role) error
- func (s *Store) DeleteAssignment(ctx context.Context, assID id.AssignmentID) error
- func (s *Store) DeleteAssignmentsByRole(ctx context.Context, roleID id.RoleID) error
- func (s *Store) DeleteAssignmentsBySubject(ctx context.Context, tenantID, subjectKind, subjectID string) error
- func (s *Store) DeleteAssignmentsByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeleteCheckLogsByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeleteExpiredAssignments(ctx context.Context, now time.Time) (int64, error)
- func (s *Store) DeletePermission(ctx context.Context, permID id.PermissionID) error
- func (s *Store) DeletePermissionsByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeletePoliciesByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeletePolicy(ctx context.Context, polID id.PolicyID) error
- func (s *Store) DeleteRelation(ctx context.Context, relID id.RelationID) error
- func (s *Store) DeleteRelationTuple(ctx context.Context, ...) error
- func (s *Store) DeleteRelationsByObject(ctx context.Context, tenantID, objectType, objectID string) error
- func (s *Store) DeleteRelationsBySubject(ctx context.Context, tenantID, subjectType, subjectID string) error
- func (s *Store) DeleteRelationsByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeleteResourceType(ctx context.Context, rtID id.ResourceTypeID) error
- func (s *Store) DeleteResourceTypesByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DeleteRole(ctx context.Context, roleID id.RoleID) error
- func (s *Store) DeleteRolesByTenant(ctx context.Context, tenantID string) error
- func (s *Store) DetachPermission(ctx context.Context, roleID id.RoleID, ref permission.Ref) error
- func (s *Store) GetAssignment(ctx context.Context, assID id.AssignmentID) (*assignment.Assignment, error)
- func (s *Store) GetCheckLog(ctx context.Context, logID id.CheckLogID) (*checklog.Entry, error)
- func (s *Store) GetPermission(ctx context.Context, permID id.PermissionID) (*permission.Permission, error)
- func (s *Store) GetPermissionByName(ctx context.Context, tenantID, namespacePath, name string) (*permission.Permission, error)
- func (s *Store) GetPolicy(ctx context.Context, polID id.PolicyID) (*policy.Policy, error)
- func (s *Store) GetPolicyByName(ctx context.Context, tenantID, namespacePath, name string) (*policy.Policy, error)
- func (s *Store) GetResourceType(ctx context.Context, rtID id.ResourceTypeID) (*resourcetype.ResourceType, error)
- func (s *Store) GetResourceTypeByName(ctx context.Context, tenantID, namespacePath, name string) (*resourcetype.ResourceType, error)
- func (s *Store) GetRole(ctx context.Context, roleID id.RoleID) (*role.Role, error)
- func (s *Store) GetRoleBySlug(ctx context.Context, tenantID, namespacePath, slug string) (*role.Role, error)
- func (s *Store) ListActivePolicies(ctx context.Context, tenantID string, namespacePaths []string) ([]*policy.Policy, error)
- func (s *Store) ListAssignments(ctx context.Context, filter *assignment.ListFilter) ([]*assignment.Assignment, error)
- func (s *Store) ListCheckLogs(ctx context.Context, filter *checklog.QueryFilter) ([]*checklog.Entry, error)
- func (s *Store) ListChildRoles(ctx context.Context, tenantID, parentSlug string) ([]*role.Role, error)
- func (s *Store) ListPermissions(ctx context.Context, filter *permission.ListFilter) ([]*permission.Permission, error)
- func (s *Store) ListPermissionsByRole(ctx context.Context, roleID id.RoleID) ([]*permission.Permission, error)
- func (s *Store) ListPermissionsBySubject(ctx context.Context, tenantID, subjectKind, subjectID string) ([]*permission.Permission, error)
- func (s *Store) ListPolicies(ctx context.Context, filter *policy.ListFilter) ([]*policy.Policy, error)
- func (s *Store) ListRelationObjects(ctx context.Context, ...) ([]*relation.Tuple, error)
- func (s *Store) ListRelationSubjects(ctx context.Context, tenantID, namespacePath, objectType, objectID, rel string) ([]*relation.Tuple, error)
- func (s *Store) ListRelations(ctx context.Context, filter *relation.ListFilter) ([]*relation.Tuple, error)
- func (s *Store) ListResourceTypes(ctx context.Context, filter *resourcetype.ListFilter) ([]*resourcetype.ResourceType, error)
- func (s *Store) ListRolePermissions(ctx context.Context, roleID id.RoleID) ([]*permission.Permission, error)
- func (s *Store) ListRoles(ctx context.Context, filter *role.ListFilter) ([]*role.Role, error)
- func (s *Store) ListRolesForSubject(ctx context.Context, tenantID string, namespacePaths []string, ...) ([]id.RoleID, error)
- func (s *Store) ListRolesForSubjectOnResource(ctx context.Context, tenantID string, namespacePaths []string, ...) ([]id.RoleID, error)
- func (s *Store) ListSubjectsForRole(ctx context.Context, roleID id.RoleID) ([]*assignment.Assignment, error)
- func (s *Store) Migrate(ctx context.Context) error
- func (s *Store) Ping(ctx context.Context) error
- func (s *Store) PurgeCheckLogs(ctx context.Context, before time.Time) (int64, error)
- func (s *Store) SetPolicyVersion(ctx context.Context, polID id.PolicyID, version int) error
- func (s *Store) SetRolePermissions(ctx context.Context, roleID id.RoleID, refs []permission.Ref) error
- func (s *Store) UpdatePermission(ctx context.Context, p *permission.Permission) error
- func (s *Store) UpdatePolicy(ctx context.Context, p *policy.Policy) error
- func (s *Store) UpdateResourceType(ctx context.Context, rt *resourcetype.ResourceType) error
- func (s *Store) UpdateRole(ctx context.Context, r *role.Role) error
Constants ¶
This section is empty.
Variables ¶
View Source
var Migrations = migrate.NewGroup("warden")
Migrations is the grove migration group for the Warden store. It can be registered with the grove extension for orchestrated migration management (locking, version tracking, rollback support).
Functions ¶
This section is empty.
Types ¶
type Store ¶
type Store struct {
// contains filtered or unexported fields
}
Store is a PostgreSQL implementation of the composite Warden store.
func (*Store) AttachPermission ¶
func (*Store) CheckDirectRelation ¶
func (*Store) CountAssignments ¶
func (s *Store) CountAssignments(ctx context.Context, filter *assignment.ListFilter) (int64, error)
func (*Store) CountCheckLogs ¶
func (*Store) CountPermissions ¶
func (s *Store) CountPermissions(ctx context.Context, filter *permission.ListFilter) (int64, error)
func (*Store) CountPolicies ¶
func (*Store) CountRelations ¶
func (*Store) CountResourceTypes ¶
func (s *Store) CountResourceTypes(ctx context.Context, filter *resourcetype.ListFilter) (int64, error)
func (*Store) CountRoles ¶
func (*Store) CreateAssignment ¶
func (s *Store) CreateAssignment(ctx context.Context, a *assignment.Assignment) error
func (*Store) CreateCheckLog ¶
func (*Store) CreatePermission ¶
func (s *Store) CreatePermission(ctx context.Context, p *permission.Permission) error
func (*Store) CreatePolicy ¶
func (*Store) CreateRelation ¶
func (*Store) CreateResourceType ¶
func (s *Store) CreateResourceType(ctx context.Context, rt *resourcetype.ResourceType) error
func (*Store) DeleteAssignment ¶
func (*Store) DeleteAssignmentsByRole ¶
func (*Store) DeleteAssignmentsBySubject ¶
func (*Store) DeleteAssignmentsByTenant ¶
func (*Store) DeleteCheckLogsByTenant ¶
func (*Store) DeleteExpiredAssignments ¶
func (*Store) DeletePermission ¶
func (*Store) DeletePermissionsByTenant ¶
func (*Store) DeletePoliciesByTenant ¶
func (*Store) DeletePolicy ¶
func (*Store) DeleteRelation ¶
func (*Store) DeleteRelationTuple ¶
func (*Store) DeleteRelationsByObject ¶
func (*Store) DeleteRelationsBySubject ¶
func (*Store) DeleteRelationsByTenant ¶
func (*Store) DeleteResourceType ¶
func (*Store) DeleteResourceTypesByTenant ¶
func (*Store) DeleteRolesByTenant ¶
func (*Store) DetachPermission ¶
func (*Store) GetAssignment ¶
func (s *Store) GetAssignment(ctx context.Context, assID id.AssignmentID) (*assignment.Assignment, error)
func (*Store) GetCheckLog ¶
func (*Store) GetPermission ¶
func (s *Store) GetPermission(ctx context.Context, permID id.PermissionID) (*permission.Permission, error)
func (*Store) GetPermissionByName ¶
func (s *Store) GetPermissionByName(ctx context.Context, tenantID, namespacePath, name string) (*permission.Permission, error)
func (*Store) GetPolicyByName ¶
func (*Store) GetResourceType ¶
func (s *Store) GetResourceType(ctx context.Context, rtID id.ResourceTypeID) (*resourcetype.ResourceType, error)
func (*Store) GetResourceTypeByName ¶
func (s *Store) GetResourceTypeByName(ctx context.Context, tenantID, namespacePath, name string) (*resourcetype.ResourceType, error)
func (*Store) GetRoleBySlug ¶
func (*Store) ListActivePolicies ¶
func (*Store) ListAssignments ¶
func (s *Store) ListAssignments(ctx context.Context, filter *assignment.ListFilter) ([]*assignment.Assignment, error)
func (*Store) ListCheckLogs ¶
func (*Store) ListChildRoles ¶
func (*Store) ListPermissions ¶
func (s *Store) ListPermissions(ctx context.Context, filter *permission.ListFilter) ([]*permission.Permission, error)
func (*Store) ListPermissionsByRole ¶
func (s *Store) ListPermissionsByRole(ctx context.Context, roleID id.RoleID) ([]*permission.Permission, error)
func (*Store) ListPermissionsBySubject ¶
func (s *Store) ListPermissionsBySubject(ctx context.Context, tenantID, subjectKind, subjectID string) ([]*permission.Permission, error)
func (*Store) ListPolicies ¶
func (*Store) ListRelationObjects ¶
func (*Store) ListRelationSubjects ¶
func (*Store) ListRelations ¶
func (*Store) ListResourceTypes ¶
func (s *Store) ListResourceTypes(ctx context.Context, filter *resourcetype.ListFilter) ([]*resourcetype.ResourceType, error)
func (*Store) ListRolePermissions ¶
func (s *Store) ListRolePermissions(ctx context.Context, roleID id.RoleID) ([]*permission.Permission, error)
func (*Store) ListRolesForSubject ¶
func (*Store) ListRolesForSubjectOnResource ¶
func (*Store) ListSubjectsForRole ¶
func (s *Store) ListSubjectsForRole(ctx context.Context, roleID id.RoleID) ([]*assignment.Assignment, error)
func (*Store) PurgeCheckLogs ¶
func (*Store) SetPolicyVersion ¶
func (*Store) SetRolePermissions ¶
func (*Store) UpdatePermission ¶
func (s *Store) UpdatePermission(ctx context.Context, p *permission.Permission) error
func (*Store) UpdatePolicy ¶
func (*Store) UpdateResourceType ¶
func (s *Store) UpdateResourceType(ctx context.Context, rt *resourcetype.ResourceType) error
Source Files
Click to show internal directories.
Click to hide internal directories.