Documentation ¶
Index ¶
- Constants
- Variables
- func NewAuthorizer(opts ...javascript.Opt) (*javascript.JavascriptAuthorizer, error)
- func RegisterExampleServiceServer(s grpc.ServiceRegistrar, srv ExampleServiceServer)
- type ExampleServiceClient
- type ExampleServiceServer
- type Request
- type UnimplementedExampleServiceServer
- func (UnimplementedExampleServiceServer) AllowAll(context.Context, *Request) (*emptypb.Empty, error)
- func (UnimplementedExampleServiceServer) MetadataMatch(context.Context, *Request) (*emptypb.Empty, error)
- func (UnimplementedExampleServiceServer) RequestMatch(context.Context, *Request) (*emptypb.Empty, error)
- type UnsafeExampleServiceServer
- type User
- func (*User) Descriptor() ([]byte, []int)deprecated
- func (x *User) GetAccountIds() []string
- func (x *User) GetEmail() string
- func (x *User) GetId() string
- func (x *User) GetIsSuperAdmin() bool
- func (x *User) GetName() string
- func (x *User) GetRoles() []string
- func (*User) ProtoMessage()
- func (x *User) ProtoReflect() protoreflect.Message
- func (x *User) Reset()
- func (x *User) String() string
Constants ¶
const ( ExampleService_RequestMatch_FullMethodName = "/authorize.ExampleService/RequestMatch" ExampleService_MetadataMatch_FullMethodName = "/authorize.ExampleService/MetadataMatch" ExampleService_AllowAll_FullMethodName = "/authorize.ExampleService/AllowAll" )
Variables ¶
var ExampleService_ServiceDesc = grpc.ServiceDesc{ ServiceName: "authorize.ExampleService", HandlerType: (*ExampleServiceServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "RequestMatch", Handler: _ExampleService_RequestMatch_Handler, }, { MethodName: "MetadataMatch", Handler: _ExampleService_MetadataMatch_Handler, }, { MethodName: "AllowAll", Handler: _ExampleService_AllowAll_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "example/example.proto", }
ExampleService_ServiceDesc is the grpc.ServiceDesc for ExampleService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
var File_example_example_proto protoreflect.FileDescriptor
Functions ¶
func NewAuthorizer ¶ added in v0.2.0
func NewAuthorizer(opts ...javascript.Opt) (*javascript.JavascriptAuthorizer, error)
NewAuthorizer returns a new javascript authorizer. The rules map is a map of method names to RuleSets. The RuleSets are used to authorize the method. The RuleSets are evaluated in order and the first rule that evaluates to true will authorize the request. The mapping can be generated with the protoc-gen-authorize plugin.
func RegisterExampleServiceServer ¶
func RegisterExampleServiceServer(s grpc.ServiceRegistrar, srv ExampleServiceServer)
Types ¶
type ExampleServiceClient ¶
type ExampleServiceClient interface { // RequestMatch - Only super admins OR users with the admin role and access to the account id in the request will be allowed RequestMatch(ctx context.Context, in *Request, opts ...grpc.CallOption) (*emptypb.Empty, error) // MetadataMatch - Only super admins OR users with the admin role and access to the account id in the metadata will be allowed MetadataMatch(ctx context.Context, in *Request, opts ...grpc.CallOption) (*emptypb.Empty, error) // AllowAll is an example of how to configure a method to allow all requests AllowAll(ctx context.Context, in *Request, opts ...grpc.CallOption) (*emptypb.Empty, error) }
ExampleServiceClient is the client API for ExampleService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewExampleServiceClient ¶
func NewExampleServiceClient(cc grpc.ClientConnInterface) ExampleServiceClient
type ExampleServiceServer ¶
type ExampleServiceServer interface { // RequestMatch - Only super admins OR users with the admin role and access to the account id in the request will be allowed RequestMatch(context.Context, *Request) (*emptypb.Empty, error) // MetadataMatch - Only super admins OR users with the admin role and access to the account id in the metadata will be allowed MetadataMatch(context.Context, *Request) (*emptypb.Empty, error) // AllowAll is an example of how to configure a method to allow all requests AllowAll(context.Context, *Request) (*emptypb.Empty, error) // contains filtered or unexported methods }
ExampleServiceServer is the server API for ExampleService service. All implementations must embed UnimplementedExampleServiceServer for forward compatibility
type Request ¶
type Request struct { AccountId string `protobuf:"bytes,1,opt,name=account_id,json=accountId,proto3" json:"account_id,omitempty"` Message string `protobuf:"bytes,2,opt,name=message,proto3" json:"message,omitempty"` // contains filtered or unexported fields }
Request is an example of a request object that would be passed into the authorize rules
func (*Request) Descriptor
deprecated
func (*Request) GetAccountId ¶
func (*Request) GetMessage ¶
func (*Request) ProtoMessage ¶
func (*Request) ProtoMessage()
func (*Request) ProtoReflect ¶
func (x *Request) ProtoReflect() protoreflect.Message
type UnimplementedExampleServiceServer ¶
type UnimplementedExampleServiceServer struct { }
UnimplementedExampleServiceServer must be embedded to have forward compatible implementations.
func (UnimplementedExampleServiceServer) MetadataMatch ¶ added in v0.5.0
func (UnimplementedExampleServiceServer) RequestMatch ¶ added in v0.5.0
type UnsafeExampleServiceServer ¶
type UnsafeExampleServiceServer interface {
// contains filtered or unexported methods
}
UnsafeExampleServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to ExampleServiceServer will result in compilation errors.
type User ¶
type User struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` Email string `protobuf:"bytes,2,opt,name=email,proto3" json:"email,omitempty"` Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"` AccountIds []string `protobuf:"bytes,4,rep,name=account_ids,json=accountIds,proto3" json:"account_ids,omitempty"` Roles []string `protobuf:"bytes,5,rep,name=roles,proto3" json:"roles,omitempty"` IsSuperAdmin bool `protobuf:"varint,6,opt,name=is_super_admin,json=isSuperAdmin,proto3" json:"is_super_admin,omitempty"` // contains filtered or unexported fields }
User is an example of a user object that would be passed into the authorize rules
func (*User) Descriptor
deprecated
func (*User) GetAccountIds ¶
func (*User) GetIsSuperAdmin ¶
func (*User) ProtoMessage ¶
func (*User) ProtoMessage()
func (*User) ProtoReflect ¶
func (x *User) ProtoReflect() protoreflect.Message