repository

package
v0.0.0-...-2d73068 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2020 License: Apache-2.0 Imports: 18 Imported by: 11

Documentation

Overview

Package repository provides the wrappers for 'role' related database interactions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RoleScopeFilterByRole 

func RoleScopeFilterByRole(id uuid.UUID) func(db *gorm.DB) *gorm.DB

RoleScopeFilterByRole is a gorm filter by 'role'

func RoleScopeFilterByScope 

func RoleScopeFilterByScope(id uuid.UUID) func(db *gorm.DB) *gorm.DB

RoleScopeFilterByScope is a gorm filter by 'scope_id'

Types

type DefaultRoleMapping 

type DefaultRoleMapping struct {
	gormsupport.Lifecycle

	// This is the primary key value
	DefaultRoleMappingID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key;column:default_role_mapping_id"`
	// The resource type that this role mapping applies to
	ResourceType resourcetype.ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"`
	// The foreign key value for ResourceType
	ResourceTypeID uuid.UUID
	// The role that is being mapped from
	FromRole Role `gorm:"ForeignKey:RoleID;AssociationForeignKey:FromRoleID"`
	// The foreign key value for FromRole
	FromRoleID uuid.UUID
	// The role that is being mapped to
	ToRole Role `gorm:"ForeignKey:RoleID;AssociationForeignKey:ToRoleID"`
	// The foreign key value for ToRole
	ToRoleID uuid.UUID
}

DefaultRoleMapping is used to define a rule for creating role mappings when registering new resources. A role mapping allows an identity with a certain role for the resource to automatically inherit the privileges of another role for certain types of descendent resources. For example, a default role mapping rule that maps from the organization:admin role (FromRole) to the space:admin role (ToRole) for an organization (ResourceType) resource means that any identities that are assigned the admin role for the newly created organization, also inherit the admin role for any space resources that are under that organization.

func (DefaultRoleMapping) GetLastModified 

func (m DefaultRoleMapping) GetLastModified() time.Time

GetLastModified returns the last modification time

func (DefaultRoleMapping) TableName 

func (m DefaultRoleMapping) TableName() string

type DefaultRoleMappingRepository 

type DefaultRoleMappingRepository interface {
	CheckExists(ctx context.Context, ID uuid.UUID) error
	Load(ctx context.Context, ID uuid.UUID) (*DefaultRoleMapping, error)
	Create(ctx context.Context, u *DefaultRoleMapping) error
	Save(ctx context.Context, u *DefaultRoleMapping) error
	List(ctx context.Context) ([]DefaultRoleMapping, error)
	Delete(ctx context.Context, ID uuid.UUID) error
	FindForResourceType(ctx context.Context, resourceTypeID uuid.UUID) ([]DefaultRoleMapping, error)
	FindForResourceTypeAndRoles(ctx context.Context, resourceTypeID, fromRoleId, toRoleId uuid.UUID) (*DefaultRoleMapping, error)
}

DefaultRoleMappingRepository represents the storage interface.

func NewDefaultRoleMappingRepository 

func NewDefaultRoleMappingRepository(db *gorm.DB) DefaultRoleMappingRepository

NewDefaultRoleMappingRepository creates a new storage type.

type GormDefaultRoleMappingRepository 

type GormDefaultRoleMappingRepository struct {
	// contains filtered or unexported fields
}

GormDefaultRoleRepository is the implementation of the storage interface for Role.

func (*GormDefaultRoleMappingRepository) CheckExists 

func (m *GormDefaultRoleMappingRepository) CheckExists(ctx context.Context, id uuid.UUID) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormDefaultRoleMappingRepository) Create 

func (m *GormDefaultRoleMappingRepository) Create(ctx context.Context, u *DefaultRoleMapping) error

Create creates a new record.

func (*GormDefaultRoleMappingRepository) Delete 

func (m *GormDefaultRoleMappingRepository) Delete(ctx context.Context, id uuid.UUID) error

Delete removes a single record.

func (*GormDefaultRoleMappingRepository) FindForResourceType 

func (m *GormDefaultRoleMappingRepository) FindForResourceType(ctx context.Context, resourceTypeID uuid.UUID) ([]DefaultRoleMapping, error)

func (*GormDefaultRoleMappingRepository) FindForResourceTypeAndRoles 

func (m *GormDefaultRoleMappingRepository) FindForResourceTypeAndRoles(ctx context.Context, resourceTypeID, fromRoleId, toRoleId uuid.UUID) (*DefaultRoleMapping, error)

func (*GormDefaultRoleMappingRepository) List 

func (m *GormDefaultRoleMappingRepository) List(ctx context.Context) ([]DefaultRoleMapping, error)

List returns all default role mappings

func (*GormDefaultRoleMappingRepository) Load 

func (m *GormDefaultRoleMappingRepository) Load(ctx context.Context, id uuid.UUID) (*DefaultRoleMapping, error)

Load returns a single RoleMapping as a Database Model

func (*GormDefaultRoleMappingRepository) Save 

func (m *GormDefaultRoleMappingRepository) Save(ctx context.Context, model *DefaultRoleMapping) error

Save modifies a single record

func (*GormDefaultRoleMappingRepository) TableName 

func (m *GormDefaultRoleMappingRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type GormIdentityRoleRepository 

type GormIdentityRoleRepository struct {
	// contains filtered or unexported fields
}

GormIdentityRoleRepository is the implementation of the storage interface for IdentityRole.

func (*GormIdentityRoleRepository) CheckExists 

func (m *GormIdentityRoleRepository) CheckExists(ctx context.Context, id string) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormIdentityRoleRepository) Create 

func (m *GormIdentityRoleRepository) Create(ctx context.Context, u *IdentityRole) error

Create creates a new record.

func (*GormIdentityRoleRepository) Delete 

func (m *GormIdentityRoleRepository) Delete(ctx context.Context, id uuid.UUID) error

Delete removes a single record.

func (*GormIdentityRoleRepository) DeleteForIdentityAndResource 

func (m *GormIdentityRoleRepository) DeleteForIdentityAndResource(ctx context.Context, resourceID string, identityID uuid.UUID) error

DeleteForIdentityAndResource deletes all IdentityRoles for the specified identity and resource NotFoundError returned if no identity roles found to delete

func (*GormIdentityRoleRepository) DeleteForResource 

func (m *GormIdentityRoleRepository) DeleteForResource(ctx context.Context, resourceID string) error

DeleteForResource deletes all identity roles for the given resource ID No error is returned if no identity role found

func (*GormIdentityRoleRepository) FindIdentityRolesByIdentityAndResource 

func (m *GormIdentityRoleRepository) FindIdentityRolesByIdentityAndResource(ctx context.Context, resourceID string, identityID uuid.UUID) ([]IdentityRole, error)

FindIdentityRolesByIdentityAndResource returns all identity roles by identity ID and resource ID

func (*GormIdentityRoleRepository) FindIdentityRolesByResource 

func (m *GormIdentityRoleRepository) FindIdentityRolesByResource(ctx context.Context, resourceID string, includeParenResources bool) ([]IdentityRole, error)

FindIdentityRolesByResource returns an array of IdentityRole for the specified resource

func (*GormIdentityRoleRepository) FindIdentityRolesByResourceAndRoleName 

func (m *GormIdentityRoleRepository) FindIdentityRolesByResourceAndRoleName(ctx context.Context, resourceID string, roleName string, includeParenResources bool) ([]IdentityRole, error)

FindIdentityRolesByResourceAndRoleName returns an array of IdentityRole objects that match the specified resource and role name

func (*GormIdentityRoleRepository) FindIdentityRolesForIdentity 

func (m *GormIdentityRoleRepository) FindIdentityRolesForIdentity(ctx context.Context, identityID uuid.UUID, resourceType *string) ([]authorization.IdentityAssociation, error)

FindIdentityRolesForIdentity returns an IdentityAssociations describing the roles which the specified Identity has, optionally for a specified resource type

func (*GormIdentityRoleRepository) FindPermissions 

func (m *GormIdentityRoleRepository) FindPermissions(ctx context.Context, identityID uuid.UUID, resourceID string, scopeName string) ([]IdentityRole, error)

FindPermissions returns an IdentityRole array containing entries that match the specified identity, resource and scope

func (*GormIdentityRoleRepository) FindScopesByIdentityAndResource 

func (m *GormIdentityRoleRepository) FindScopesByIdentityAndResource(ctx context.Context, identityID uuid.UUID, resourceID string) ([]string, error)

FindScopesByIdentityAndResource returns all scopes for the specified identity and resource, both assigned directly and also those indirectly inherited via memberships, resource hierarchy and role mappings.

func (*GormIdentityRoleRepository) FlagPrivilegeCacheStaleForIdentityRoleChange 

func (m *GormIdentityRoleRepository) FlagPrivilegeCacheStaleForIdentityRoleChange(ctx context.Context, identityID uuid.UUID, resourceID string) error

FlagStaleForIdentityRoleChange executes two update queries; the first sets the stale flag to true for all privilege cache records where the identity ID is equal to, or a descendent of (via memberships) the specified identity ID, and the resourceID is equal to, or a descendent of (via the resource hierarchy) the specified resource ID. The second query updates the token table, setting the STALE flag of the token STATUS field to true, for all token records that are mapped to the corresponding privilege cache records in the first query, via the many-to-many TOKEN_PRIVILEGE table

func (*GormIdentityRoleRepository) List 

func (m *GormIdentityRoleRepository) List(ctx context.Context) ([]IdentityRole, error)

List returns all identity roles

func (*GormIdentityRoleRepository) Load 

func (m *GormIdentityRoleRepository) Load(ctx context.Context, id uuid.UUID) (*IdentityRole, error)

Load returns a single IdentityRole as a Database Model This is more for use internally, and probably not what you want in your controllers

func (*GormIdentityRoleRepository) Save 

func (m *GormIdentityRoleRepository) Save(ctx context.Context, model *IdentityRole) error

Save modifies a single record

func (*GormIdentityRoleRepository) TableName 

func (m *GormIdentityRoleRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type GormRoleMappingRepository 

type GormRoleMappingRepository struct {
	// contains filtered or unexported fields
}

GormRoleRepository is the implementation of the storage interface for Role.

func (*GormRoleMappingRepository) CheckExists 

func (m *GormRoleMappingRepository) CheckExists(ctx context.Context, id uuid.UUID) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormRoleMappingRepository) Create 

func (m *GormRoleMappingRepository) Create(ctx context.Context, u *RoleMapping) error

Create creates a new record.

func (*GormRoleMappingRepository) Delete 

func (m *GormRoleMappingRepository) Delete(ctx context.Context, id uuid.UUID) error

Delete removes a single record.

func (*GormRoleMappingRepository) DeleteForResource 

func (m *GormRoleMappingRepository) DeleteForResource(ctx context.Context, resourceID string) error

DeleteForResource deletes all role mappings for the given resource ID No error is returned if no role mappings found

func (*GormRoleMappingRepository) FindForResource 

func (m *GormRoleMappingRepository) FindForResource(ctx context.Context, resourceID string) ([]RoleMapping, error)

func (*GormRoleMappingRepository) List 

func (m *GormRoleMappingRepository) List(ctx context.Context) ([]RoleMapping, error)

List returns all role mappings

func (*GormRoleMappingRepository) Load 

func (m *GormRoleMappingRepository) Load(ctx context.Context, id uuid.UUID) (*RoleMapping, error)

Load returns a single RoleMapping as a Database Model

func (*GormRoleMappingRepository) Save 

func (m *GormRoleMappingRepository) Save(ctx context.Context, model *RoleMapping) error

Save modifies a single record

func (*GormRoleMappingRepository) TableName 

func (m *GormRoleMappingRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type GormRoleRepository 

type GormRoleRepository struct {
	// contains filtered or unexported fields
}

GormRoleRepository is the implementation of the storage interface for Role.

func (*GormRoleRepository) AddScope 

func (m *GormRoleRepository) AddScope(ctx context.Context, u *Role, s *resourcetype.ResourceTypeScope) error

func (*GormRoleRepository) CheckExists 

func (m *GormRoleRepository) CheckExists(ctx context.Context, id string) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormRoleRepository) Create 

func (m *GormRoleRepository) Create(ctx context.Context, u *Role) error

Create creates a new record.

func (*GormRoleRepository) Delete 

func (m *GormRoleRepository) Delete(ctx context.Context, id uuid.UUID) error

Delete removes a single record.

func (*GormRoleRepository) FindRolesByResourceType 

func (m *GormRoleRepository) FindRolesByResourceType(ctx context.Context, resourceType string) ([]role.RoleDescriptor, error)

func (*GormRoleRepository) List 

func (m *GormRoleRepository) List(ctx context.Context) ([]Role, error)

List returns all roles

func (*GormRoleRepository) ListScopes 

func (m *GormRoleRepository) ListScopes(ctx context.Context, u *Role) ([]resourcetype.ResourceTypeScope, error)

func (*GormRoleRepository) Load 

func (m *GormRoleRepository) Load(ctx context.Context, id uuid.UUID) (*Role, error)

Load returns a single Role as a Database Model This is more for use internally, and probably not what you want in your controllers

func (*GormRoleRepository) Lookup 

func (m *GormRoleRepository) Lookup(ctx context.Context, name string, resourceType string) (*Role, error)

func (*GormRoleRepository) Save 

func (m *GormRoleRepository) Save(ctx context.Context, model *Role) error

Save modifies a single record

func (*GormRoleRepository) TableName 

func (m *GormRoleRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type GormRoleScopeRepository 

type GormRoleScopeRepository struct {
	// contains filtered or unexported fields
}

GormRoleScopeRepository is the implementation of the storage interface for RoleScope.

func (*GormRoleScopeRepository) Create 

func (m *GormRoleScopeRepository) Create(ctx context.Context, roleScope *RoleScope) error

Create creates a new RoleScope

func (*GormRoleScopeRepository) LoadByRole 

func (m *GormRoleScopeRepository) LoadByRole(ctx context.Context, ID uuid.UUID) ([]RoleScope, error)

LoadByRole loads a 'role & scope assocation' by the role ID

func (*GormRoleScopeRepository) LoadByScope 

func (m *GormRoleScopeRepository) LoadByScope(ctx context.Context, ID uuid.UUID) ([]RoleScope, error)

LoadByScope loads a 'role & scope assocation' by the scope ID

func (*GormRoleScopeRepository) Query 

func (m *GormRoleScopeRepository) Query(funcs ...func(*gorm.DB) *gorm.DB) ([]RoleScope, error)

Query expose an open ended Query model

func (*GormRoleScopeRepository) TableName 

func (m *GormRoleScopeRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type IdentityRole 

type IdentityRole struct {
	gormsupport.Lifecycle

	// This is the primary key value
	IdentityRoleID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key;column:identity_role_id"`
	// The identity to which the role is assigned
	IdentityID uuid.UUID        `gorm:"type:uuid"`
	Identity   account.Identity `gorm:"foreignkey:IdentityID;association_foreignkey:ID"`
	// The resource to which the role is applied
	ResourceID string
	Resource   resource.Resource `gorm:"foreignkey:ResourceID;association_foreignkey:ResourceID"`
	// The role that is assigned
	RoleID uuid.UUID `gorm:"type:uuid"`
	Role   Role      `gorm:"foreignkey:RoleID;association_foreignkey:RoleID"`
}

func (IdentityRole) GetLastModified 

func (m IdentityRole) GetLastModified() time.Time

GetLastModified returns the last modification time

func (IdentityRole) TableName 

func (m IdentityRole) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type IdentityRoleRepository 

type IdentityRoleRepository interface {
	base.Exister
	Load(ctx context.Context, ID uuid.UUID) (*IdentityRole, error)
	Create(ctx context.Context, u *IdentityRole) error
	Save(ctx context.Context, u *IdentityRole) error
	List(ctx context.Context) ([]IdentityRole, error)
	Delete(ctx context.Context, ID uuid.UUID) error
	DeleteForResource(ctx context.Context, resourceID string) error
	DeleteForIdentityAndResource(ctx context.Context, resourceID string, identityID uuid.UUID) error
	FindPermissions(ctx context.Context, identityID uuid.UUID, resourceID string, scopeName string) ([]IdentityRole, error)
	FindIdentityRolesForIdentity(ctx context.Context, identityID uuid.UUID, resourceType *string) ([]authorization.IdentityAssociation, error)
	FindIdentityRolesByResourceAndRoleName(ctx context.Context, resourceID string, roleName string, includeParenResources bool) ([]IdentityRole, error)
	FindIdentityRolesByResource(ctx context.Context, resourceID string, includeParenResources bool) ([]IdentityRole, error)
	FindIdentityRolesByIdentityAndResource(ctx context.Context, resourceID string, identityID uuid.UUID) ([]IdentityRole, error)
	FindScopesByIdentityAndResource(ctx context.Context, identityID uuid.UUID, resourceID string) ([]string, error)
	FlagPrivilegeCacheStaleForIdentityRoleChange(ctx context.Context, identityID uuid.UUID, resourceID string) error
}

IdentityRoleRepository represents the storage interface.

func NewIdentityRoleRepository 

func NewIdentityRoleRepository(db *gorm.DB) IdentityRoleRepository

NewIdentityRoleRepository creates a new storage type.

type Role 

type Role struct {
	gormsupport.Lifecycle

	// This is the primary key value
	RoleID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key;column:role_id"`
	// The resource type that this role applies to
	ResourceType resourcetype.ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"`
	// The foreign key value for ResourceType
	ResourceTypeID uuid.UUID
	// The name of this role
	Name string
}

func (Role) TableName 

func (m Role) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type RoleMapping 

type RoleMapping struct {
	gormsupport.Lifecycle

	// This is the primary key value
	RoleMappingID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key;column:role_mapping_id"`
	// The resource that this role mapping applies to
	Resource resource.Resource `gorm:"ForeignKey:ResourceID;AssociationForeignKey:ResourceID"`
	// The foreign key value for Resource
	ResourceID string
	// The role that is being mapped from
	FromRole Role `gorm:"ForeignKey:RoleID;AssociationForeignKey:FromRoleID"`
	// The foreign key value for FromRole
	FromRoleID uuid.UUID
	// The role that is being mapped to
	ToRole Role `gorm:"ForeignKey:RoleID;AssociationForeignKey:ToRoleID"`
	// The foreign key value for ToRole
	ToRoleID uuid.UUID
}

RoleMapping is used to define a role mapping, allowing an identity with a certain role for the resource to automatically inherit the privileges of another role for certain types of descendent resources. For example, a role mapping for an organization resource that maps from the organization:admin role (FromRole) to the space:admin role (ToRole) means that any identities that are assigned the admin role for the organization also inherit the admin role for any space resources that are under that organization.

func (RoleMapping) GetLastModified 

func (m RoleMapping) GetLastModified() time.Time

GetLastModified returns the last modification time

func (RoleMapping) TableName 

func (m RoleMapping) TableName() string

type RoleMappingRepository 

type RoleMappingRepository interface {
	CheckExists(ctx context.Context, id uuid.UUID) error
	Load(ctx context.Context, ID uuid.UUID) (*RoleMapping, error)
	Create(ctx context.Context, u *RoleMapping) error
	Save(ctx context.Context, u *RoleMapping) error
	List(ctx context.Context) ([]RoleMapping, error)
	Delete(ctx context.Context, ID uuid.UUID) error
	DeleteForResource(ctx context.Context, resourceID string) error
	FindForResource(ctx context.Context, resourceID string) ([]RoleMapping, error)
}

RoleMappingRepository represents the storage interface.

func NewRoleMappingRepository 

func NewRoleMappingRepository(db *gorm.DB) RoleMappingRepository

NewRoleRepository creates a new storage type.

type RoleRepository 

type RoleRepository interface {
	CheckExists(ctx context.Context, id string) error
	Load(ctx context.Context, ID uuid.UUID) (*Role, error)
	Create(ctx context.Context, u *Role) error
	Save(ctx context.Context, u *Role) error
	List(ctx context.Context) ([]Role, error)
	Delete(ctx context.Context, ID uuid.UUID) error

	Lookup(ctx context.Context, name string, resourceType string) (*Role, error)
	ListScopes(ctx context.Context, u *Role) ([]resourcetype.ResourceTypeScope, error)
	AddScope(ctx context.Context, u *Role, s *resourcetype.ResourceTypeScope) error

	FindRolesByResourceType(ctx context.Context, resourceType string) ([]role.RoleDescriptor, error)
}

RoleRepository represents the storage interface.

func NewRoleRepository 

func NewRoleRepository(db *gorm.DB) RoleRepository

NewRoleRepository creates a new storage type.

type RoleScope 

type RoleScope struct {
	gormsupport.Lifecycle

	// The associated scope
	ResourceTypeScope resourcetype.ResourceTypeScope `gorm:"ForeignKey:ResourceTypeScopeID"`

	// The foreign key value for ResourceTypeScopeID
	ResourceTypeScopeID uuid.UUID `gorm:"primary_key;column:scope_id" sql:"type:uuid"`

	// The associated role
	Role Role `gorm:"ForeignKey:RoleID"`

	// The foreign key value for RoleID
	RoleID uuid.UUID `gorm:"primary_key;column:role_id" sql:"type:uuid"`
}

RoleScope defines the association between a resource type's scope(s) and a resource type's role.

func (RoleScope) GetLastModified 

func (m RoleScope) GetLastModified() time.Time

GetLastModified returns the last modification time

func (RoleScope) TableName 

func (m RoleScope) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type RoleScopeRepository 

type RoleScopeRepository interface {
	LoadByScope(ctx context.Context, ID uuid.UUID) ([]RoleScope, error)
	LoadByRole(ctx context.Context, ID uuid.UUID) ([]RoleScope, error)
	Create(ctx context.Context, roleScope *RoleScope) error
	Query(funcs ...func(*gorm.DB) *gorm.DB) ([]RoleScope, error)
}

RoleScopeRepository represents the storage interface.

func NewRoleScopeRepository 

func NewRoleScopeRepository(db *gorm.DB) RoleScopeRepository

NewRoleScopeRepository creates a new storage type.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.