Documentation
¶
Index ¶
- Constants
- func ParseConditionRuleAst(condition ConditionInfo) (conditionparser.Expression, error)
- func ParseExpressionAst(expression string) (conditionparser.Expression, error)
- func SerializeExpression(ast conditionparser.Expression) string
- type AttributeMap
- type ConditionInfo
- type ConditionMapper
- type NameMapper
Constants ¶
View Source
const ( AAllow string = "allow" ADeny string = "deny" AAudit string = "audit" )
Variables ¶
This section is empty.
Functions ¶
func ParseConditionRuleAst ¶
func ParseConditionRuleAst(condition ConditionInfo) (conditionparser.Expression, error)
ParseConditionRuleAst is used by mapping providers to get the IDQL condition rule AST tree
func ParseExpressionAst ¶
func ParseExpressionAst(expression string) (conditionparser.Expression, error)
func SerializeExpression ¶
func SerializeExpression(ast conditionparser.Expression) string
SerializeExpression walks the AST and emits the condition in string form. It preserves precedence over the normal idqlCondition.String() method
Types ¶
type AttributeMap ¶
type AttributeMap struct {
// contains filtered or unexported fields
}
func NewNameMapper ¶
func NewNameMapper(attributeMap map[string]string) *AttributeMap
NewNameMapper is called by a condition mapTool provider to instantiate an attribute name translator using interface NameMapper
func (*AttributeMap) GetHexaFilterAttributePath ¶
func (n *AttributeMap) GetHexaFilterAttributePath(provName string) string
func (*AttributeMap) GetProviderAttributeName ¶
func (n *AttributeMap) GetProviderAttributeName(hexaName string) string
type ConditionInfo ¶
type ConditionInfo struct {
Rule string `json:"Rule,omitempty" validate:"required"` // in RFC7644 idqlCondition form
Action string `json:"Action,omitempty"` // allow/deny/audit default is allow
}
func (*ConditionInfo) Equals ¶ added in v0.6.1
func (c *ConditionInfo) Equals(compare *ConditionInfo) bool
Equals performs an AST level compare to test filters are equivalent. NOTE: does not test equivalent attribute expressions at this time e.g. level < 5 vs. not(level >= 5) will return as unequal though logically equal. So while a true is always correct, some equivalent expressions will report false
type ConditionMapper ¶
type ConditionMapper interface {
/*
MapConditionToProvider takes an IDQL Condition expression and converts it to a string
usable the target provider. For example from RFC7644, Section-3.4.2.2 to Google Common Expression Language
*/
MapConditionToProvider(condition ConditionInfo) interface{}
/*
MapProviderToCondition take a string expression from a platform policy and converts it to RFC7644: Section-3.4.2.2.
*/
MapProviderToCondition(expression string) (ConditionInfo, error)
}
type NameMapper ¶
type NameMapper interface {
// GetProviderAttributeName returns a simple string representation of the mapped attribute name (usually in name[.sub-attribute] form).
GetProviderAttributeName(hexaName string) string
// GetHexaFilterAttributePath returns a filterAttributePath which is used to build a SCIM Filter AST
GetHexaFilterAttributePath(provName string) string
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.