Documentation ¶
Index ¶
- Constants
- type ConditionalResultStatus
- type ConnectedObjectsCommand
- type ConnectedObjectsRequest
- type ConnectedObjectsResult
- type CreateStoreCommand
- type DeleteStoreCommand
- type ExpandQuery
- type GetStoreQuery
- type ListObjectsQuery
- type ListObjectsResult
- type ListStoresQuery
- type ReadAssertionsQuery
- type ReadAuthorizationModelQuery
- type ReadAuthorizationModelsQuery
- type ReadChangesQuery
- type ReadQuery
- type UserRef
- type UserRefObject
- type UserRefObjectRelation
- type UserRefTypedWildcard
- type WriteAssertionsCommand
- type WriteAuthorizationModelCommand
- type WriteCommand
Constants ¶
const (
IndirectWriteErrorReason = "Attempting to write directly to an indirect only relationship"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConditionalResultStatus ¶ added in v1.2.0
type ConditionalResultStatus int
const ( RequiresFurtherEvalStatus ConditionalResultStatus = iota NoFurtherEvalStatus )
type ConnectedObjectsCommand ¶
type ConnectedObjectsCommand struct { Datastore storage.RelationshipTupleReader Typesystem *typesystem.TypeSystem ResolveNodeLimit uint32 // Limit limits the results yielded by the ConnectedObjects API. Limit uint32 }
func (*ConnectedObjectsCommand) StreamedConnectedObjects ¶
func (c *ConnectedObjectsCommand) StreamedConnectedObjects( ctx context.Context, req *ConnectedObjectsRequest, resultChan chan<- *ConnectedObjectsResult, ) error
StreamedConnectedObjects yields all the objects of the provided objectType that the given user has a specific relation with. The results will be limited by the request limit. If a 0 limit is provided then all objects of the provided objectType will be returned.
type ConnectedObjectsRequest ¶
type ConnectedObjectsRequest struct { StoreID string Typesystem *typesystem.TypeSystem ObjectType string Relation string User isUserRef ContextualTuples []*openfgapb.TupleKey }
type ConnectedObjectsResult ¶ added in v1.2.0
type ConnectedObjectsResult struct { Object string ResultStatus ConditionalResultStatus }
type CreateStoreCommand ¶
type CreateStoreCommand struct {
// contains filtered or unexported fields
}
func NewCreateStoreCommand ¶
func NewCreateStoreCommand( storesBackend storage.StoresBackend, logger logger.Logger, ) *CreateStoreCommand
func (*CreateStoreCommand) Execute ¶
func (s *CreateStoreCommand) Execute(ctx context.Context, req *openfgapb.CreateStoreRequest) (*openfgapb.CreateStoreResponse, error)
type DeleteStoreCommand ¶
type DeleteStoreCommand struct {
// contains filtered or unexported fields
}
func NewDeleteStoreCommand ¶
func NewDeleteStoreCommand( storesBackend storage.StoresBackend, logger logger.Logger, ) *DeleteStoreCommand
func (*DeleteStoreCommand) Execute ¶
func (s *DeleteStoreCommand) Execute(ctx context.Context, req *openfgapb.DeleteStoreRequest) (*openfgapb.DeleteStoreResponse, error)
type ExpandQuery ¶
type ExpandQuery struct {
// contains filtered or unexported fields
}
ExpandQuery resolves a target TupleKey into a UsersetTree by expanding type definitions.
func NewExpandQuery ¶
func NewExpandQuery(datastore storage.OpenFGADatastore, logger logger.Logger) *ExpandQuery
NewExpandQuery creates a new ExpandQuery using the supplied backends for retrieving data.
func (*ExpandQuery) Execute ¶
func (q *ExpandQuery) Execute(ctx context.Context, req *openfgapb.ExpandRequest) (*openfgapb.ExpandResponse, error)
type GetStoreQuery ¶
type GetStoreQuery struct {
// contains filtered or unexported fields
}
func NewGetStoreQuery ¶
func NewGetStoreQuery(storesBackend storage.StoresBackend, logger logger.Logger) *GetStoreQuery
func (*GetStoreQuery) Execute ¶
func (q *GetStoreQuery) Execute(ctx context.Context, req *openfgapb.GetStoreRequest) (*openfgapb.GetStoreResponse, error)
type ListObjectsQuery ¶
type ListObjectsQuery struct { Datastore storage.RelationshipTupleReader Logger logger.Logger ListObjectsDeadline time.Duration ListObjectsMaxResults uint32 ResolveNodeLimit uint32 ConnectedObjects func(ctx context.Context, req *ConnectedObjectsRequest, results chan<- *ConnectedObjectsResult) error CheckResolver graph.CheckResolver OptimizeIntersectionExclusion bool }
func (*ListObjectsQuery) Execute ¶
func (q *ListObjectsQuery) Execute( ctx context.Context, req *openfgapb.ListObjectsRequest, ) (*openfgapb.ListObjectsResponse, error)
Execute the ListObjectsQuery, returning a list of object IDs up to a maximum of q.ListObjectsMaxResults or until q.ListObjectsDeadline is hit, whichever happens first.
func (*ListObjectsQuery) ExecuteStreamed ¶
func (q *ListObjectsQuery) ExecuteStreamed( ctx context.Context, req *openfgapb.StreamedListObjectsRequest, srv openfgapb.OpenFGAService_StreamedListObjectsServer, ) error
ExecuteStreamed executes the ListObjectsQuery, returning a stream of object IDs. It ignores the value of q.ListObjectsMaxResults and returns all available results until q.ListObjectsDeadline is hit
type ListObjectsResult ¶ added in v1.1.1
type ListStoresQuery ¶
type ListStoresQuery struct {
// contains filtered or unexported fields
}
func NewListStoresQuery ¶
func NewListStoresQuery(storesBackend storage.StoresBackend, logger logger.Logger, encoder encoder.Encoder) *ListStoresQuery
func (*ListStoresQuery) Execute ¶
func (q *ListStoresQuery) Execute(ctx context.Context, req *openfgapb.ListStoresRequest) (*openfgapb.ListStoresResponse, error)
type ReadAssertionsQuery ¶
type ReadAssertionsQuery struct {
// contains filtered or unexported fields
}
func NewReadAssertionsQuery ¶
func NewReadAssertionsQuery(backend storage.AssertionsBackend, logger logger.Logger) *ReadAssertionsQuery
func (*ReadAssertionsQuery) Execute ¶
func (q *ReadAssertionsQuery) Execute(ctx context.Context, store, authorizationModelID string) (*openfgapb.ReadAssertionsResponse, error)
type ReadAuthorizationModelQuery ¶
type ReadAuthorizationModelQuery struct {
// contains filtered or unexported fields
}
ReadAuthorizationModelQuery retrieves a single type definition from a storage backend.
func NewReadAuthorizationModelQuery ¶
func NewReadAuthorizationModelQuery(backend storage.AuthorizationModelReadBackend, logger logger.Logger) *ReadAuthorizationModelQuery
func (*ReadAuthorizationModelQuery) Execute ¶
func (q *ReadAuthorizationModelQuery) Execute(ctx context.Context, req *openfgapb.ReadAuthorizationModelRequest) (*openfgapb.ReadAuthorizationModelResponse, error)
type ReadAuthorizationModelsQuery ¶
type ReadAuthorizationModelsQuery struct {
// contains filtered or unexported fields
}
func NewReadAuthorizationModelsQuery ¶
func NewReadAuthorizationModelsQuery(backend storage.AuthorizationModelReadBackend, logger logger.Logger, encoder encoder.Encoder) *ReadAuthorizationModelsQuery
func (*ReadAuthorizationModelsQuery) Execute ¶
func (q *ReadAuthorizationModelsQuery) Execute(ctx context.Context, req *openfgapb.ReadAuthorizationModelsRequest) (*openfgapb.ReadAuthorizationModelsResponse, error)
type ReadChangesQuery ¶
type ReadChangesQuery struct {
// contains filtered or unexported fields
}
func NewReadChangesQuery ¶
func NewReadChangesQuery(backend storage.ChangelogBackend, logger logger.Logger, encoder encoder.Encoder, horizonOffset int) *ReadChangesQuery
NewReadChangesQuery creates a ReadChangesQuery with specified `ChangelogBackend` and `typeDefinitionReadBackend` to use for storage
func (*ReadChangesQuery) Execute ¶
func (q *ReadChangesQuery) Execute(ctx context.Context, req *openfgapb.ReadChangesRequest) (*openfgapb.ReadChangesResponse, error)
Execute the ReadChangesQuery, returning paginated `openfga.TupleChange`(s) and a possibly non-empty continuation token.
type ReadQuery ¶
type ReadQuery struct {
// contains filtered or unexported fields
}
A ReadQuery can be used to read one or many tuplesets Each tupleset specifies keys of a set of relation tuples. The set can include a single tuple key, or all tuples with a given object ID or userset in a type, optionally constrained by a relation name.
func NewReadQuery ¶
func NewReadQuery(datastore storage.OpenFGADatastore, logger logger.Logger, encoder encoder.Encoder) *ReadQuery
NewReadQuery creates a ReadQuery using the provided OpenFGA datastore implementation.
func (*ReadQuery) Execute ¶
func (q *ReadQuery) Execute(ctx context.Context, req *openfgapb.ReadRequest) (*openfgapb.ReadResponse, error)
Execute the ReadQuery, returning paginated `openfga.Tuple`(s) that match the tuple. Return all tuples if the tuple is nil or empty.
type UserRef ¶
type UserRef struct { // Types that are assignable to Ref // *UserRef_Object // *UserRef_TypedWildcard // *UserRef_ObjectRelation Ref isUserRef }
type UserRefObject ¶
func (*UserRefObject) GetObjectType ¶
func (u *UserRefObject) GetObjectType() string
func (*UserRefObject) String ¶ added in v0.3.5
func (u *UserRefObject) String() string
type UserRefObjectRelation ¶
type UserRefObjectRelation struct {
ObjectRelation *openfgapb.ObjectRelation
}
func (*UserRefObjectRelation) GetObjectType ¶
func (u *UserRefObjectRelation) GetObjectType() string
func (*UserRefObjectRelation) String ¶ added in v0.3.5
func (u *UserRefObjectRelation) String() string
type UserRefTypedWildcard ¶
type UserRefTypedWildcard struct {
Type string
}
func (*UserRefTypedWildcard) GetObjectType ¶
func (u *UserRefTypedWildcard) GetObjectType() string
func (*UserRefTypedWildcard) String ¶ added in v0.3.5
func (u *UserRefTypedWildcard) String() string
type WriteAssertionsCommand ¶
type WriteAssertionsCommand struct {
// contains filtered or unexported fields
}
func NewWriteAssertionsCommand ¶
func NewWriteAssertionsCommand( datastore storage.OpenFGADatastore, logger logger.Logger, ) *WriteAssertionsCommand
func (*WriteAssertionsCommand) Execute ¶
func (w *WriteAssertionsCommand) Execute(ctx context.Context, req *openfgapb.WriteAssertionsRequest) (*openfgapb.WriteAssertionsResponse, error)
type WriteAuthorizationModelCommand ¶
type WriteAuthorizationModelCommand struct {
// contains filtered or unexported fields
}
WriteAuthorizationModelCommand performs updates of the store authorization model.
func NewWriteAuthorizationModelCommand ¶
func NewWriteAuthorizationModelCommand( backend storage.TypeDefinitionWriteBackend, logger logger.Logger, ) *WriteAuthorizationModelCommand
func (*WriteAuthorizationModelCommand) Execute ¶
func (w *WriteAuthorizationModelCommand) Execute(ctx context.Context, req *openfgapb.WriteAuthorizationModelRequest) (*openfgapb.WriteAuthorizationModelResponse, error)
Execute the command using the supplied request.
type WriteCommand ¶
type WriteCommand struct {
// contains filtered or unexported fields
}
WriteCommand is used to Write and Delete tuples. Instances may be safely shared by multiple goroutines.
func NewWriteCommand ¶
func NewWriteCommand(datastore storage.OpenFGADatastore, logger logger.Logger) *WriteCommand
NewWriteCommand creates a WriteCommand with specified storage.TupleBackend to use for storage.
func (*WriteCommand) Execute ¶
func (c *WriteCommand) Execute(ctx context.Context, req *openfgapb.WriteRequest) (*openfgapb.WriteResponse, error)
Execute deletes and writes the specified tuples. Deletes are applied first, then writes.