postgres

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2026 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var InitialSchema string

Functions

func MapTenantRole 

func MapTenantRole(roleName string) string

MapTenantRole maps internal tenant role names to seeded RBAC role IDs

Types

type AccessTokenRepository 

type AccessTokenRepository struct {
	// contains filtered or unexported fields
}

AccessTokenRepository implements client.AccessTokenRepository

func NewAccessTokenRepository 

func NewAccessTokenRepository(db *DB) *AccessTokenRepository

NewAccessTokenRepository creates a new access token repository

func (*AccessTokenRepository) Create 

func (r *AccessTokenRepository) Create(t *client.AccessToken) error

Create creates a new access token

func (*AccessTokenRepository) DeleteExpired 

func (r *AccessTokenRepository) DeleteExpired() error

DeleteExpired deletes all expired access tokens

func (*AccessTokenRepository) GetByTokenHash 

func (r *AccessTokenRepository) GetByTokenHash(tokenHash string) (*client.AccessToken, error)

GetByTokenHash retrieves an access token

func (*AccessTokenRepository) Revoke 

func (r *AccessTokenRepository) Revoke(tokenHash string) error

Revoke revokes an access token

type AssignmentRepository 

type AssignmentRepository struct {
	// contains filtered or unexported fields
}

AssignmentRepository implements role.AssignmentRepository

func NewAssignmentRepository 

func NewAssignmentRepository(db *DB) *AssignmentRepository

NewAssignmentRepository creates a new assignment repository

func (*AssignmentRepository) CheckExists 

func (r *AssignmentRepository) CheckExists(ctx context.Context, roleID string, scope role.Scope, scopeContextID *string) (bool, error)

CheckExists checks if a specific assignment exists

func (*AssignmentRepository) DeleteByContextID 

func (r *AssignmentRepository) DeleteByContextID(ctx context.Context, scope role.Scope, contextID string) error

DeleteByContextID removes all assignments for a specific scope and context

func (*AssignmentRepository) Grant 

func (r *AssignmentRepository) Grant(ctx context.Context, a *role.Assignment) error

Grant assigns a role to a user

func (*AssignmentRepository) ListByRole 

func (r *AssignmentRepository) ListByRole(ctx context.Context, roleID string, scope role.Scope, scopeContextID *string) ([]string, error)

ListByRole retrieves all users assigned a specific role at a scope

func (*AssignmentRepository) ListForUser 

func (r *AssignmentRepository) ListForUser(ctx context.Context, userID string) ([]*role.Assignment, error)

ListForUser retrieves all assignments for a user

func (*AssignmentRepository) Revoke 

func (r *AssignmentRepository) Revoke(ctx context.Context, userID, roleID string, scope role.Scope, scopeContextID *string) error

Revoke removes a role assignment

type AuditRepository 

type AuditRepository struct {
	// contains filtered or unexported fields
}

AuditRepository implements audit.Repository

func NewAuditRepository 

func NewAuditRepository(db *DB) *AuditRepository

NewAuditRepository creates a new audit repository

func (*AuditRepository) List 

func (r *AuditRepository) List(ctx context.Context, filter audit.Filter) ([]audit.Event, int, error)

List retrieves events matching filter

func (*AuditRepository) Log 

func (r *AuditRepository) Log(ctx context.Context, event audit.Event) error

Log persists an event

type AuthorizationCodeRepository 

type AuthorizationCodeRepository struct {
	// contains filtered or unexported fields
}

AuthorizationCodeRepository implements client.AuthorizationCodeRepository

func NewAuthorizationCodeRepository 

func NewAuthorizationCodeRepository(db *DB) *AuthorizationCodeRepository

NewAuthorizationCodeRepository creates a new authorization code repository

func (*AuthorizationCodeRepository) Create 

func (r *AuthorizationCodeRepository) Create(c *client.AuthorizationCode) error

Create creates a new authorization code

func (*AuthorizationCodeRepository) Delete 

func (r *AuthorizationCodeRepository) Delete(code string) error

Delete deletes an authorization code

func (*AuthorizationCodeRepository) DeleteExpired 

func (r *AuthorizationCodeRepository) DeleteExpired() error

DeleteExpired deletes all expired authorization codes

func (*AuthorizationCodeRepository) GetByCode 

func (r *AuthorizationCodeRepository) GetByCode(codeStr string) (*client.AuthorizationCode, error)

GetByCode retrieves an authorization code

func (*AuthorizationCodeRepository) MarkAsUsed 

func (r *AuthorizationCodeRepository) MarkAsUsed(code string) error

MarkAsUsed marks the code as used

type ClientRepository 

type ClientRepository struct {
	// contains filtered or unexported fields
}

ClientRepository implements client.ClientRepository

func NewClientRepository 

func NewClientRepository(db *DB) *ClientRepository

NewClientRepository creates a new client repository

func (*ClientRepository) Create 

func (r *ClientRepository) Create(ctx context.Context, c *client.Client) error

Create creates a new OAuth2 client

func (*ClientRepository) Delete 

func (r *ClientRepository) Delete(ctx context.Context, tenantID string, id string) error

Delete soft-deletes a client by tenant_id and internal ID

func (*ClientRepository) DeleteByTenantID 

func (r *ClientRepository) DeleteByTenantID(ctx context.Context, tenantID string) error

DeleteByTenantID soft-deletes all clients belonging to a tenant

func (*ClientRepository) GetByClientID 

func (r *ClientRepository) GetByClientID(ctx context.Context, tenantID string, clientID string) (*client.Client, error)

GetByClientID retrieves a client by client_id and tenant_id

func (*ClientRepository) GetByID 

func (r *ClientRepository) GetByID(ctx context.Context, tenantID string, id string) (*client.Client, error)

GetByID retrieves a client by tenant_id and internal ID

func (*ClientRepository) ListByOwner 

func (r *ClientRepository) ListByOwner(ctx context.Context, ownerID string) ([]*client.Client, error)

ListByOwner retrieves all clients for an owner

func (*ClientRepository) ListByTenant 

func (r *ClientRepository) ListByTenant(ctx context.Context, tenantID string) ([]*client.Client, error)

ListByTenant retrieves all clients for a tenant

func (*ClientRepository) Update 

func (r *ClientRepository) Update(ctx context.Context, c *client.Client) error

Update updates client information

type Config 

type Config struct {
	Host         string
	Port         string
	User         string
	Password     string
	Database     string
	SSLMode      string
	MaxOpenConns int
	MaxIdleConns int
}

Config holds database configuration.

Purpose: Structured configuration for establishing database connectivity. Domain: Platform (Infrastructure)

type DB 

type DB struct {
	// contains filtered or unexported fields
}

DB wraps the PostgreSQL connection pool.

Purpose: Primary handle for PostgreSQL database interactions. Domain: Platform (Infrastructure)

func New 

func New(ctx context.Context, cfg Config) (*DB, error)

New creates a new database connection.

Purpose: Factory for the primary database handle using structured config. Domain: Platform (Infrastructure) Audited: No Errors: Connectivity and configuration errors

func Open 

func Open(ctx context.Context, dsn string) (*DB, error)

Open creates a new database connection from a connection string

func SetupTestDB 

func SetupTestDB(t *testing.T) (*DB, func())

SetupTestDB creates a connection to the test database and runs migrations.

func (*DB) Close 

func (db *DB) Close()

Close closes the database connection

func (*DB) Migrate 

func (db *DB) Migrate(ctx context.Context, script string) error

Migrate runs a SQL script.

Purpose: Execution of schema migrations or raw DDL. Domain: Platform (Infrastructure) Audited: No Errors: SQL execution errors

func (*DB) Pool 

func (db *DB) Pool() *pgxpool.Pool

Pool returns the underlying connection pool

type MembershipRepository 

type MembershipRepository struct {
	// contains filtered or unexported fields
}

MembershipRepository implements tenant.MembershipRepository

func NewMembershipRepository 

func NewMembershipRepository(db *DB) *MembershipRepository

NewMembershipRepository creates a new membership repository

func (*MembershipRepository) AddMember 

func (r *MembershipRepository) AddMember(ctx context.Context, m *tenant.Membership) error

AddMember inserts a new membership record

func (*MembershipRepository) CheckMembership 

func (r *MembershipRepository) CheckMembership(ctx context.Context, tenantID, userID string) (bool, error)

CheckMembership checks if a user is a member of a tenant

func (*MembershipRepository) DeleteByTenantID 

func (r *MembershipRepository) DeleteByTenantID(ctx context.Context, tenantID string) error

DeleteByTenantID removes all memberships for a tenant

func (*MembershipRepository) ListMembers 

func (r *MembershipRepository) ListMembers(ctx context.Context, tenantID string) ([]*tenant.Membership, error)

ListMembers retrieves all memberships for a tenant

func (*MembershipRepository) RemoveMember 

func (r *MembershipRepository) RemoveMember(ctx context.Context, tenantID, userID string) error

RemoveMember removes a specific membership record

type PolicyAssignmentRepository 

type PolicyAssignmentRepository struct {
	// contains filtered or unexported fields
}

PolicyAssignmentRepository implements policy.AssignmentRepository

func NewPolicyAssignmentRepository 

func NewPolicyAssignmentRepository(db *DB) *PolicyAssignmentRepository

func (*PolicyAssignmentRepository) CheckExists 

func (pr *PolicyAssignmentRepository) CheckExists(ctx context.Context, roleID string, scope policy.Scope, scopeContextID *string) (bool, error)

func (*PolicyAssignmentRepository) DeleteByContextID 

func (pr *PolicyAssignmentRepository) DeleteByContextID(ctx context.Context, scope policy.Scope, contextID string) error

func (*PolicyAssignmentRepository) Grant 

func (pr *PolicyAssignmentRepository) Grant(ctx context.Context, a *policy.Assignment) error

func (*PolicyAssignmentRepository) ListByRole 

func (pr *PolicyAssignmentRepository) ListByRole(ctx context.Context, roleID string, scope policy.Scope, scopeContextID *string) ([]string, error)

func (*PolicyAssignmentRepository) ListForUser 

func (pr *PolicyAssignmentRepository) ListForUser(ctx context.Context, userID string) ([]*policy.Assignment, error)

func (*PolicyAssignmentRepository) Revoke 

func (pr *PolicyAssignmentRepository) Revoke(ctx context.Context, userID, roleID string, scope policy.Scope, scopeContextID *string) error

type PolicyProjectRepository 

type PolicyProjectRepository struct {
	// contains filtered or unexported fields
}

func (*PolicyProjectRepository) Create 

func (pr *PolicyProjectRepository) Create(ctx context.Context, p *policy.Project) error

type ProjectRepository 

type ProjectRepository struct {
	// contains filtered or unexported fields
}

ProjectRepository implements project.ProjectRepository and policy.ProjectRepository

func NewProjectRepository 

func NewProjectRepository(db *DB) *ProjectRepository

NewProjectRepository creates a new project repository

func (*ProjectRepository) Create 

func (r *ProjectRepository) Create(ctx context.Context, p *project.Project) error

Create creates a new project

func (*ProjectRepository) CreatePolicy 

func (r *ProjectRepository) CreatePolicy(ctx context.Context, p *policy.Project) error

func (*ProjectRepository) Delete 

func (r *ProjectRepository) Delete(ctx context.Context, id string) error

Delete soft-deletes a project

func (*ProjectRepository) GetByID 

func (r *ProjectRepository) GetByID(ctx context.Context, id string) (*project.Project, error)

GetByID retrieves a project by ID

func (*ProjectRepository) GetByIDPolicy 

func (r *ProjectRepository) GetByIDPolicy(ctx context.Context, id string) (*policy.Project, error)

func (*ProjectRepository) GetByName 

func (r *ProjectRepository) GetByName(ctx context.Context, name string) (*project.Project, error)

GetByName retrieves a project by name

func (*ProjectRepository) ListByOwner 

func (r *ProjectRepository) ListByOwner(ctx context.Context, ownerID string) ([]*project.Project, error)

ListByOwner retrieves all projects owned by a user

func (*ProjectRepository) ListByUser 

func (r *ProjectRepository) ListByUser(ctx context.Context, userID string) ([]*project.Project, error)

ListByUser retrieves all projects a user has access to

func (*ProjectRepository) Update 

func (r *ProjectRepository) Update(ctx context.Context, p *project.Project) error

Update updates project information

type RefreshTokenRepository 

type RefreshTokenRepository struct {
	// contains filtered or unexported fields
}

RefreshTokenRepository implements client.RefreshTokenRepository

func NewRefreshTokenRepository 

func NewRefreshTokenRepository(db *DB) *RefreshTokenRepository

NewRefreshTokenRepository creates a new refresh token repository

func (*RefreshTokenRepository) Create 

func (r *RefreshTokenRepository) Create(t *client.RefreshToken) error

Create creates a new refresh token

func (*RefreshTokenRepository) DeleteExpired 

func (r *RefreshTokenRepository) DeleteExpired() error

DeleteExpired deletes all expired refresh tokens

func (*RefreshTokenRepository) GetByTokenHash 

func (r *RefreshTokenRepository) GetByTokenHash(tokenHash string) (*client.RefreshToken, error)

GetByTokenHash retrieves a refresh token

func (*RefreshTokenRepository) Revoke 

func (r *RefreshTokenRepository) Revoke(tokenHash string) error

Revoke revokes a refresh token

type RoleRepository 

type RoleRepository struct {
	// contains filtered or unexported fields
}

RoleRepository implements role.RoleRepository and policy.RoleRepository

func NewRoleRepository 

func NewRoleRepository(db *DB) *RoleRepository

NewRoleRepository creates a new role repository

func (*RoleRepository) Create 

func (r *RoleRepository) Create(ctx context.Context, ro *role.Role) error

Create creates a new role

func (*RoleRepository) Delete 

func (r *RoleRepository) Delete(ctx context.Context, id string) error

Delete deletes a role

func (*RoleRepository) GetByID 

func (r *RoleRepository) GetByID(ctx context.Context, id string) (*role.Role, error)

GetByID retrieves a role by ID

func (*RoleRepository) GetByName 

func (r *RoleRepository) GetByName(ctx context.Context, name string, scope role.Scope) (*role.Role, error)

GetByName retrieves a role by name and scope

func (*RoleRepository) List 

func (r *RoleRepository) List(ctx context.Context, scope *role.Scope) ([]*role.Role, error)

List retrieves all roles, optionally filtered by scope

func (*RoleRepository) Update 

func (r *RoleRepository) Update(ctx context.Context, ro *role.Role) error

Update updates role information

type SessionRepository 

type SessionRepository struct {
	// contains filtered or unexported fields
}

SessionRepository implements session.Repository

func NewSessionRepository 

func NewSessionRepository(db *DB) *SessionRepository

NewSessionRepository creates a new session repository

func (*SessionRepository) Create 

func (r *SessionRepository) Create(ctx context.Context, sess *session.Session) error

Create creates a new session

func (*SessionRepository) Delete 

func (r *SessionRepository) Delete(ctx context.Context, sessionID string) error

Delete deletes a session

func (*SessionRepository) DeleteByUserID 

func (r *SessionRepository) DeleteByUserID(ctx context.Context, userID string) error

DeleteByUserID deletes all sessions for a user

func (*SessionRepository) DeleteExpired 

func (r *SessionRepository) DeleteExpired(ctx context.Context) error

DeleteExpired deletes all expired sessions

func (*SessionRepository) Get 

func (r *SessionRepository) Get(ctx context.Context, sessionID string) (*session.Session, error)

Get retrieves a session by ID

func (*SessionRepository) Update 

func (r *SessionRepository) Update(ctx context.Context, sess *session.Session) error

Update updates session last seen time

type TenantRepository 

type TenantRepository struct {
	// contains filtered or unexported fields
}

TenantRepository implements tenant.Repository

func NewTenantRepository 

func NewTenantRepository(db *DB) *TenantRepository

NewTenantRepository creates a new tenant repository

func (*TenantRepository) Create 

func (r *TenantRepository) Create(ctx context.Context, t *tenant.Tenant) error

Create creates a new tenant

func (*TenantRepository) Delete 

func (r *TenantRepository) Delete(ctx context.Context, id string) error

Delete soft-deletes a tenant

func (*TenantRepository) GetByID 

func (r *TenantRepository) GetByID(ctx context.Context, id string) (*tenant.Tenant, error)

GetByID retrieves a tenant by ID

func (*TenantRepository) GetByName 

func (r *TenantRepository) GetByName(ctx context.Context, name string) (*tenant.Tenant, error)

GetByName retrieves a tenant by name

func (*TenantRepository) List 

func (r *TenantRepository) List(ctx context.Context, limit, offset int) ([]*tenant.Tenant, error)

List lists tenants

func (*TenantRepository) Update 

func (r *TenantRepository) Update(ctx context.Context, t *tenant.Tenant) error

Update updates a tenant

type TenantRoleRepository 

type TenantRoleRepository struct {
	// contains filtered or unexported fields
}

TenantRoleRepository implements tenant.RoleRepository

func NewTenantRoleRepository 

func NewTenantRoleRepository(db *DB) *TenantRoleRepository

NewTenantRoleRepository creates a new tenant role repository

func (*TenantRoleRepository) AssignRole 

func (r *TenantRoleRepository) AssignRole(ctx context.Context, tenantID, userID, roleName, grantedBy string) error

AssignRole assigns a role to a user in a tenant

func (*TenantRoleRepository) DeleteByTenantID 

func (r *TenantRoleRepository) DeleteByTenantID(ctx context.Context, tenantID string) error

DeleteByTenantID removes all role assignments for a specific tenant

func (*TenantRoleRepository) GetTenantUsers 

func (r *TenantRoleRepository) GetTenantUsers(ctx context.Context, tenantID string) ([]*tenant.TenantUserRole, error)

GetTenantUsers retrieves all users with roles in a tenant

func (*TenantRoleRepository) GetUserRoles 

func (r *TenantRoleRepository) GetUserRoles(ctx context.Context, tenantID, userID string) ([]*tenant.TenantUserRole, error)

GetUserRoles retrieves all roles a user has in a tenant

func (*TenantRoleRepository) RevokeRole 

func (r *TenantRoleRepository) RevokeRole(ctx context.Context, tenantID, userID, roleName string) error

RevokeRole revokes a role from a user in a tenant

type UserRepository 

type UserRepository struct {
	// contains filtered or unexported fields
}

UserRepository implements user.UserRepository.

Purpose: PostgreSQL implementation of user identity persistence. Domain: Identity (Infrastructure)

func NewUserRepository 

func NewUserRepository(db *DB) *UserRepository

NewUserRepository creates a new user repository.

Purpose: Constructor for the user persistence layer. Domain: Identity (Infrastructure) Audited: No Errors: None

func (*UserRepository) AddCredentials 

func (r *UserRepository) AddCredentials(ctx context.Context, c *user.Credentials) error

AddCredentials adds credentials for a user

func (*UserRepository) Create 

func (r *UserRepository) Create(ctx context.Context, u *user.User) error

Create creates a new user identity.

Purpose: Persists a new user record to the database. Domain: Identity (Infrastructure) Audited: No Errors: System errors

func (*UserRepository) Delete 

func (r *UserRepository) Delete(ctx context.Context, id string) error

Delete soft-deletes a user

func (*UserRepository) GetByHash 

func (r *UserRepository) GetByHash(ctx context.Context, hash string) (*user.User, error)

GetByHash retrieves a user by their global email hash

func (*UserRepository) GetByID 

func (r *UserRepository) GetByID(ctx context.Context, id string) (*user.User, error)

GetByID retrieves a user by ID

func (*UserRepository) GetCredentials 

func (r *UserRepository) GetCredentials(ctx context.Context, userID string) (*user.Credentials, error)

GetCredentials retrieves user credentials

func (*UserRepository) Update 

func (r *UserRepository) Update(ctx context.Context, u *user.User) error

Update updates user information

func (*UserRepository) UpdateLockout 

func (r *UserRepository) UpdateLockout(ctx context.Context, userID string, failedAttempts int, lockedUntil *time.Time) error

UpdateLockout updates user lockout status

func (*UserRepository) UpdatePassword 

func (r *UserRepository) UpdatePassword(ctx context.Context, userID string, passwordHash string) error

UpdatePassword updates user password

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.