Documentation
¶
Index ¶
- Variables
- type Decision
- func (*Decision) Descriptor() ([]byte, []int)deprecated
- func (x *Decision) GetAnnotations() map[string]string
- func (x *Decision) GetId() string
- func (x *Decision) GetOutcomes() map[string]bool
- func (x *Decision) GetPath() string
- func (x *Decision) GetPolicy() *DecisionPolicy
- func (x *Decision) GetResource() *structpb.Struct
- func (x *Decision) GetTenantId() string
- func (x *Decision) GetTimestamp() *timestamppb.Timestamp
- func (x *Decision) GetUser() *DecisionUser
- func (*Decision) ProtoMessage()
- func (x *Decision) ProtoReflect() protoreflect.Message
- func (x *Decision) Reset()
- func (x *Decision) String() string
- type DecisionPolicy
- func (*DecisionPolicy) Descriptor() ([]byte, []int)deprecated
- func (x *DecisionPolicy) GetContext() *PolicyContext
- func (x *DecisionPolicy) GetPolicyInstance() *PolicyInstance
- func (x *DecisionPolicy) GetRegistryDigest() string
- func (x *DecisionPolicy) GetRegistryImage() string
- func (x *DecisionPolicy) GetRegistryService() string
- func (x *DecisionPolicy) GetRegistryTag() string
- func (*DecisionPolicy) ProtoMessage()
- func (x *DecisionPolicy) ProtoReflect() protoreflect.Message
- func (x *DecisionPolicy) Reset()
- func (x *DecisionPolicy) String() string
- type DecisionUser
- func (*DecisionUser) Descriptor() ([]byte, []int)deprecated
- func (x *DecisionUser) GetContext() *IdentityContext
- func (x *DecisionUser) GetEmail() string
- func (x *DecisionUser) GetId() string
- func (*DecisionUser) ProtoMessage()
- func (x *DecisionUser) ProtoReflect() protoreflect.Message
- func (x *DecisionUser) Reset()
- func (x *DecisionUser) String() string
- type IdentityContext
- func (*IdentityContext) Descriptor() ([]byte, []int)deprecated
- func (x *IdentityContext) GetIdentity() string
- func (x *IdentityContext) GetType() IdentityType
- func (*IdentityContext) ProtoMessage()
- func (x *IdentityContext) ProtoReflect() protoreflect.Message
- func (x *IdentityContext) Reset()
- func (x *IdentityContext) String() string
- type IdentityType
- func (IdentityType) Descriptor() protoreflect.EnumDescriptor
- func (x IdentityType) Enum() *IdentityType
- func (IdentityType) EnumDescriptor() ([]byte, []int)deprecated
- func (x IdentityType) Number() protoreflect.EnumNumber
- func (x IdentityType) String() string
- func (IdentityType) Type() protoreflect.EnumType
- type Module
- func (*Module) Descriptor() ([]byte, []int)deprecated
- func (x *Module) GetAst() *structpb.Value
- func (x *Module) GetId() string
- func (x *Module) GetPackagePath() string
- func (x *Module) GetPackageRoot() string
- func (x *Module) GetRaw() string
- func (*Module) ProtoMessage()
- func (x *Module) ProtoReflect() protoreflect.Message
- func (x *Module) Reset()
- func (x *Module) String() string
- type PolicyContext
- func (*PolicyContext) Descriptor() ([]byte, []int)deprecated
- func (x *PolicyContext) GetDecisions() []string
- func (x *PolicyContext) GetPath() string
- func (*PolicyContext) ProtoMessage()
- func (x *PolicyContext) ProtoReflect() protoreflect.Message
- func (x *PolicyContext) Reset()
- func (x *PolicyContext) String() string
- type PolicyInstance
- func (*PolicyInstance) Descriptor() ([]byte, []int)deprecated
- func (x *PolicyInstance) GetInstanceLabel() string
- func (x *PolicyInstance) GetName() string
- func (*PolicyInstance) ProtoMessage()
- func (x *PolicyInstance) ProtoReflect() protoreflect.Message
- func (x *PolicyInstance) Reset()
- func (x *PolicyInstance) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( IdentityType_name = map[int32]string{ 0: "IDENTITY_TYPE_UNKNOWN", 1: "IDENTITY_TYPE_NONE", 2: "IDENTITY_TYPE_SUB", 3: "IDENTITY_TYPE_JWT", 4: "IDENTITY_TYPE_MANUAL", } IdentityType_value = map[string]int32{ "IDENTITY_TYPE_UNKNOWN": 0, "IDENTITY_TYPE_NONE": 1, "IDENTITY_TYPE_SUB": 2, "IDENTITY_TYPE_JWT": 3, "IDENTITY_TYPE_MANUAL": 4, } )
Enum value maps for IdentityType.
Functions ¶
This section is empty.
Types ¶
type Decision ¶
type Decision struct {
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // unique id, replay a decision starting with this, also useful to de-dup
Timestamp *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=timestamp,proto3" json:"timestamp,omitempty"` // UTC time when the decision was made
Path string `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"` // Policy path used in decision
User *DecisionUser `protobuf:"bytes,4,opt,name=user,proto3" json:"user,omitempty"` // info about user for whom the decision as made
Policy *DecisionPolicy `protobuf:"bytes,5,opt,name=policy,proto3" json:"policy,omitempty"` // info about policy used for the decision
Outcomes map[string]bool `` // outcome of the decisions specified in the policy context
/* 158-byte string literal not displayed */
Resource *structpb.Struct `protobuf:"bytes,7,opt,name=resource,proto3" json:"resource,omitempty"` // the resource context used in a decision
Annotations map[string]string `` // annotations that may be added to a decision
/* 163-byte string literal not displayed */
TenantId *string `protobuf:"bytes,9,opt,name=tenant_id,json=tenantId,proto3,oneof" json:"tenant_id,omitempty"` // id of the tenant that generated the decision
// contains filtered or unexported fields
}
represents a decision that an authorizer performed in the past
func (*Decision) Descriptor
deprecated
func (*Decision) GetAnnotations ¶
func (*Decision) GetOutcomes ¶
func (*Decision) GetPolicy ¶
func (x *Decision) GetPolicy() *DecisionPolicy
func (*Decision) GetResource ¶
func (*Decision) GetTenantId ¶ added in v0.20.2
func (*Decision) GetTimestamp ¶
func (x *Decision) GetTimestamp() *timestamppb.Timestamp
func (*Decision) GetUser ¶
func (x *Decision) GetUser() *DecisionUser
func (*Decision) ProtoMessage ¶
func (*Decision) ProtoMessage()
func (*Decision) ProtoReflect ¶
func (x *Decision) ProtoReflect() protoreflect.Message
type DecisionPolicy ¶
type DecisionPolicy struct {
Context *PolicyContext `protobuf:"bytes,1,opt,name=context,proto3" json:"context,omitempty"` // policy context used in the decision
RegistryService string `protobuf:"bytes,2,opt,name=registry_service,json=registryService,proto3" json:"registry_service,omitempty"` // registry service where policy was retrieved from (e.g. opcr.io)
RegistryImage string `protobuf:"bytes,3,opt,name=registry_image,json=registryImage,proto3" json:"registry_image,omitempty"` // image of the policy in the registry, including org (e.g. acmecorp/peoplefinder-abac)
RegistryTag string `protobuf:"bytes,4,opt,name=registry_tag,json=registryTag,proto3" json:"registry_tag,omitempty"` // tag of the policy image (e.g. 0.8.2 or latest)
RegistryDigest string `protobuf:"bytes,5,opt,name=registry_digest,json=registryDigest,proto3" json:"registry_digest,omitempty"` // digest of the policy image
PolicyInstance *PolicyInstance `protobuf:"bytes,6,opt,name=policy_instance,json=policyInstance,proto3" json:"policy_instance,omitempty"` // policy instance used in decision
// contains filtered or unexported fields
}
information about a policy used in a decision
func (*DecisionPolicy) Descriptor
deprecated
func (*DecisionPolicy) Descriptor() ([]byte, []int)
Deprecated: Use DecisionPolicy.ProtoReflect.Descriptor instead.
func (*DecisionPolicy) GetContext ¶
func (x *DecisionPolicy) GetContext() *PolicyContext
func (*DecisionPolicy) GetPolicyInstance ¶ added in v0.20.2
func (x *DecisionPolicy) GetPolicyInstance() *PolicyInstance
func (*DecisionPolicy) GetRegistryDigest ¶
func (x *DecisionPolicy) GetRegistryDigest() string
func (*DecisionPolicy) GetRegistryImage ¶
func (x *DecisionPolicy) GetRegistryImage() string
func (*DecisionPolicy) GetRegistryService ¶
func (x *DecisionPolicy) GetRegistryService() string
func (*DecisionPolicy) GetRegistryTag ¶
func (x *DecisionPolicy) GetRegistryTag() string
func (*DecisionPolicy) ProtoMessage ¶
func (*DecisionPolicy) ProtoMessage()
func (*DecisionPolicy) ProtoReflect ¶
func (x *DecisionPolicy) ProtoReflect() protoreflect.Message
func (*DecisionPolicy) Reset ¶
func (x *DecisionPolicy) Reset()
func (*DecisionPolicy) String ¶
func (x *DecisionPolicy) String() string
type DecisionUser ¶
type DecisionUser struct {
Context *IdentityContext `protobuf:"bytes,1,opt,name=context,proto3" json:"context,omitempty"` // identity context used in the decision
Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` // id of the user the identity resolved to
Email string `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"` // convinience human-readable identifier
// contains filtered or unexported fields
}
information about a user on behalf of whom a decision was made
func (*DecisionUser) Descriptor
deprecated
func (*DecisionUser) Descriptor() ([]byte, []int)
Deprecated: Use DecisionUser.ProtoReflect.Descriptor instead.
func (*DecisionUser) GetContext ¶
func (x *DecisionUser) GetContext() *IdentityContext
func (*DecisionUser) GetEmail ¶
func (x *DecisionUser) GetEmail() string
func (*DecisionUser) GetId ¶
func (x *DecisionUser) GetId() string
func (*DecisionUser) ProtoMessage ¶
func (*DecisionUser) ProtoMessage()
func (*DecisionUser) ProtoReflect ¶
func (x *DecisionUser) ProtoReflect() protoreflect.Message
func (*DecisionUser) Reset ¶
func (x *DecisionUser) Reset()
func (*DecisionUser) String ¶
func (x *DecisionUser) String() string
type IdentityContext ¶
type IdentityContext struct {
Identity string `protobuf:"bytes,1,opt,name=identity,proto3" json:"identity,omitempty"`
Type IdentityType `protobuf:"varint,2,opt,name=type,proto3,enum=aserto.authorizer.v2.api.IdentityType" json:"type,omitempty"`
// contains filtered or unexported fields
}
func (*IdentityContext) Descriptor
deprecated
func (*IdentityContext) Descriptor() ([]byte, []int)
Deprecated: Use IdentityContext.ProtoReflect.Descriptor instead.
func (*IdentityContext) GetIdentity ¶
func (x *IdentityContext) GetIdentity() string
func (*IdentityContext) GetType ¶
func (x *IdentityContext) GetType() IdentityType
func (*IdentityContext) ProtoMessage ¶
func (*IdentityContext) ProtoMessage()
func (*IdentityContext) ProtoReflect ¶
func (x *IdentityContext) ProtoReflect() protoreflect.Message
func (*IdentityContext) Reset ¶
func (x *IdentityContext) Reset()
func (*IdentityContext) String ¶
func (x *IdentityContext) String() string
type IdentityType ¶
type IdentityType int32
Identity types, describes the payload type of the identity field inside the IdentityContext message.
const ( // Unknown, value not set, requests will fail with identity type not set error. IdentityType_IDENTITY_TYPE_UNKNOWN IdentityType = 0 // None, no explicit identity context set, equals anonymous. IdentityType_IDENTITY_TYPE_NONE IdentityType = 1 // Sub(ject), identity field contains an oAUTH subject. IdentityType_IDENTITY_TYPE_SUB IdentityType = 2 // JWT, identity field contains a JWT access token. IdentityType_IDENTITY_TYPE_JWT IdentityType = 3 // Manual, propagates thw identity field as-is, without validation, into the input object. IdentityType_IDENTITY_TYPE_MANUAL IdentityType = 4 )
func (IdentityType) Descriptor ¶
func (IdentityType) Descriptor() protoreflect.EnumDescriptor
func (IdentityType) Enum ¶
func (x IdentityType) Enum() *IdentityType
func (IdentityType) EnumDescriptor
deprecated
func (IdentityType) EnumDescriptor() ([]byte, []int)
Deprecated: Use IdentityType.Descriptor instead.
func (IdentityType) Number ¶
func (x IdentityType) Number() protoreflect.EnumNumber
func (IdentityType) String ¶
func (x IdentityType) String() string
func (IdentityType) Type ¶
func (IdentityType) Type() protoreflect.EnumType
type Module ¶ added in v0.0.5
type Module struct {
Id *string `protobuf:"bytes,1,opt,name=id,proto3,oneof" json:"id,omitempty"`
Raw *string `protobuf:"bytes,2,opt,name=raw,proto3,oneof" json:"raw,omitempty"`
PackagePath *string `protobuf:"bytes,3,opt,name=package_path,json=packagePath,proto3,oneof" json:"package_path,omitempty"`
Ast *structpb.Value `protobuf:"bytes,4,opt,name=ast,proto3,oneof" json:"ast,omitempty"`
PackageRoot *string `protobuf:"bytes,5,opt,name=package_root,json=packageRoot,proto3,oneof" json:"package_root,omitempty"`
// contains filtered or unexported fields
}
func (*Module) Descriptor
deprecated
added in
v0.0.5
func (*Module) GetPackagePath ¶ added in v0.0.5
func (*Module) GetPackageRoot ¶ added in v0.0.9
func (*Module) ProtoMessage ¶ added in v0.0.5
func (*Module) ProtoMessage()
func (*Module) ProtoReflect ¶ added in v0.0.5
func (x *Module) ProtoReflect() protoreflect.Message
type PolicyContext ¶
type PolicyContext struct {
Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"` // policy path aka package name
Decisions []string `protobuf:"bytes,2,rep,name=decisions,proto3" json:"decisions,omitempty"` // list (1..N) of policy decisions (aka rules)
// contains filtered or unexported fields
}
func (*PolicyContext) Descriptor
deprecated
func (*PolicyContext) Descriptor() ([]byte, []int)
Deprecated: Use PolicyContext.ProtoReflect.Descriptor instead.
func (*PolicyContext) GetDecisions ¶
func (x *PolicyContext) GetDecisions() []string
func (*PolicyContext) GetPath ¶
func (x *PolicyContext) GetPath() string
func (*PolicyContext) ProtoMessage ¶
func (*PolicyContext) ProtoMessage()
func (*PolicyContext) ProtoReflect ¶
func (x *PolicyContext) ProtoReflect() protoreflect.Message
func (*PolicyContext) Reset ¶
func (x *PolicyContext) Reset()
func (*PolicyContext) String ¶
func (x *PolicyContext) String() string
type PolicyInstance ¶ added in v0.0.9
type PolicyInstance struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // policy name
InstanceLabel string `protobuf:"bytes,2,opt,name=instance_label,json=instanceLabel,proto3" json:"instance_label,omitempty"` // label identifying the instance of the policy
// contains filtered or unexported fields
}
func (*PolicyInstance) Descriptor
deprecated
added in
v0.0.9
func (*PolicyInstance) Descriptor() ([]byte, []int)
Deprecated: Use PolicyInstance.ProtoReflect.Descriptor instead.
func (*PolicyInstance) GetInstanceLabel ¶ added in v0.0.9
func (x *PolicyInstance) GetInstanceLabel() string
func (*PolicyInstance) GetName ¶ added in v0.0.9
func (x *PolicyInstance) GetName() string
func (*PolicyInstance) ProtoMessage ¶ added in v0.0.9
func (*PolicyInstance) ProtoMessage()
func (*PolicyInstance) ProtoReflect ¶ added in v0.0.9
func (x *PolicyInstance) ProtoReflect() protoreflect.Message
func (*PolicyInstance) Reset ¶ added in v0.0.9
func (x *PolicyInstance) Reset()
func (*PolicyInstance) String ¶ added in v0.0.9
func (x *PolicyInstance) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.