appeal

package

v0.2.0 Latest Latest Go to latest Published: Jul 5, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/odpf/guardian

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type JobHandler
- func NewJobHandler(as domain.AppealService) *JobHandler
- func (h *JobHandler) RevokeExpiredAccess() error
type Repository
- func NewRepository(db *gorm.DB) *Repository
type Service
- func NewService(appealRepository domain.AppealRepository, ...) *Service

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAppealIDEmptyParam = errors.New("appeal id is required")

	ErrAppealStatusCanceled     = errors.New("appeal already canceled")
	ErrAppealStatusApproved     = errors.New("appeal already approved")
	ErrAppealStatusRejected     = errors.New("appeal already rejected")
	ErrAppealStatusTerminated   = errors.New("appeal already terminated")
	ErrAppealStatusUnrecognized = errors.New("unrecognized appeal status")
	ErrAppealDuplicate          = errors.New("appeal with the same resource and role already exists")

	ErrApprovalDependencyIsPending = errors.New("found previous approval step that is still in pending")
	ErrApprovalStatusApproved      = errors.New("approval already approved")
	ErrApprovalStatusRejected      = errors.New("approval already rejected")
	ErrApprovalStatusSkipped       = errors.New("approval already skipped")
	ErrApprovalStatusUnrecognized  = errors.New("unrecognized approval status")
	ErrApprovalNameNotFound        = errors.New("approval step name not found")

	ErrActionForbidden    = errors.New("user is not allowed to make action on this approval step")
	ErrActionInvalidValue = errors.New("invalid action value")

	ErrProviderTypeNotFound                = errors.New("provider is not registered")
	ErrProviderURNNotFound                 = errors.New("provider with specified urn is not registered")
	ErrResourceTypeNotFound                = errors.New("unable to find matching resource config for specified resource type")
	ErrOptionsExpirationDateOptionNotFound = errors.New("expiration date is required, unable to find expiration date option")
	ErrInvalidRole                         = errors.New("invalid role")
	ErrExpirationDateIsRequired            = errors.New("having permanent access to this resource is not allowed, access duration is required")
	ErrPolicyIDNotFound                    = errors.New("unable to find approval policy for specified id")
	ErrPolicyVersionNotFound               = errors.New("unable to find approval policy for specified version")
	ErrResourceNotFound                    = errors.New("resource not found")
	ErrAppealNotFound                      = errors.New("appeal not found")
	ErrRevokeAppealForbidden               = errors.New("user doesn't have permission to revoke this active access")

	ErrApproverKeyNotRecognized = errors.New("unrecognized approvers key")
	ErrApproverInvalidType      = errors.New("invalid approver type, expected an email or array of email")
)

View Source

var TimeNow = time.Now

Functions ¶

This section is empty.

Types ¶

type JobHandler ¶

type JobHandler struct {
	// contains filtered or unexported fields
}

func NewJobHandler ¶

func NewJobHandler(as domain.AppealService) *JobHandler

func (*JobHandler) RevokeExpiredAccess ¶

func (h *JobHandler) RevokeExpiredAccess() error

type Repository ¶

type Repository struct {
	// contains filtered or unexported fields
}

Repository talks to the store to read or insert data

func NewRepository ¶

func NewRepository(db *gorm.DB) *Repository

NewRepository returns repository struct

func (*Repository) BulkInsert ¶

func (r *Repository) BulkInsert(appeals []*domain.Appeal) error

Create new record to database

func (*Repository) Find ¶

func (r *Repository) Find(filters map[string]interface{}) ([]*domain.Appeal, error)

func (*Repository) GetByID ¶

func (r *Repository) GetByID(id uint) (*domain.Appeal, error)

GetByID returns appeal record by id along with the approvals and the approvers

func (*Repository) Update ¶

func (r *Repository) Update(a *domain.Appeal) error

Update an approval step

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service handling the business logics

func NewService ¶

func NewService(
	appealRepository domain.AppealRepository,
	approvalService domain.ApprovalService,
	resourceService domain.ResourceService,
	providerService domain.ProviderService,
	policyService domain.PolicyService,
	iamService domain.IAMService,
	notifier domain.Notifier,
	logger *zap.Logger,
) *Service

NewService returns service struct

func (*Service) Cancel ¶

func (s *Service) Cancel(id uint) (*domain.Appeal, error)

func (*Service) Create ¶

func (s *Service) Create(appeals []*domain.Appeal) error

Create record

func (*Service) Find ¶

func (s *Service) Find(filters map[string]interface{}) ([]*domain.Appeal, error)

Find appeals by filters

func (*Service) GetByID ¶

func (s *Service) GetByID(id uint) (*domain.Appeal, error)

GetByID returns one record by id

func (*Service) GetPendingApprovals ¶

func (s *Service) GetPendingApprovals(user string) ([]*domain.Approval, error)

func (*Service) MakeAction ¶

func (s *Service) MakeAction(approvalAction domain.ApprovalAction) (*domain.Appeal, error)

Approve an approval step

func (*Service) Revoke ¶

func (s *Service) Revoke(id uint, actor string) (*domain.Appeal, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL