Documentation
¶
Index ¶
- Constants
- type BatchCheckPermissionResult
- type CheckPermissionResult
- type CheckPermissionResultWithError
- type Engine
- func (e *Engine) BatchCheck(ctx context.Context, tuples []*ketoapi.RelationTuple, maxDepth int) ([]checkgroup.Result, error)
- func (e *Engine) CheckIsMember(ctx context.Context, r *relationTuple, restDepth int) (bool, error)
- func (e *Engine) CheckRelationTuple(ctx context.Context, r *relationTuple, restDepth int) (res checkgroup.Result)
- type EngineDependencies
- type EngineOpt
- type EngineProvider
- type Handler
- func (h *Handler) BatchCheck(ctx context.Context, req *rts.BatchCheckRequest) (*rts.BatchCheckResponse, error)
- func (h *Handler) Check(ctx context.Context, req *rts.CheckRequest) (*rts.CheckResponse, error)
- func (h *Handler) RegisterReadGRPC(s *grpc.Server)
- func (h *Handler) RegisterReadRoutes(r *x.ReadRouter)
Constants ¶
const ( RouteBase = "/relation-tuples/check" OpenAPIRouteBase = RouteBase + "/openapi" BatchRoute = "/relation-tuples/batch/check" )
const WildcardRelation = "..."
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BatchCheckPermissionResult ¶
type BatchCheckPermissionResult struct {
// An array of check results. The order aligns with the input order.
//
// required: true
Results []*CheckPermissionResultWithError `json:"results"`
}
Batch Check Permission Result
swagger:model batchCheckPermissionResult
type CheckPermissionResult ¶
type CheckPermissionResult struct {
// whether the relation tuple is allowed
//
// required: true
Allowed bool `json:"allowed"`
}
Check Permission Result
The content of the allowed field is mirrored in the HTTP status code.
swagger:model checkPermissionResult
type CheckPermissionResultWithError ¶
type CheckPermissionResultWithError struct {
// whether the relation tuple is allowed
//
// required: true
Allowed bool `json:"allowed"`
// any error generated while checking the relation tuple
//
// required: false
Error string `json:"error,omitempty"`
}
Check Permission Result With Error
swagger:model checkPermissionResultWithError
type Engine ¶
type Engine struct {
// contains filtered or unexported fields
}
func NewEngine ¶
func NewEngine(d EngineDependencies, opts ...EngineOpt) *Engine
func (*Engine) BatchCheck ¶
func (e *Engine) BatchCheck(ctx context.Context, tuples []*ketoapi.RelationTuple, maxDepth int) ([]checkgroup.Result, error)
BatchCheck makes parallelized check requests for tuples. The check results are returned as slice, where the result index matches the tuple index of the incoming tuples array.
func (*Engine) CheckIsMember ¶
CheckIsMember checks if the relation tuple's subject has the relation on the object in the namespace either directly or indirectly and returns a boolean result.
func (*Engine) CheckRelationTuple ¶
func (e *Engine) CheckRelationTuple(ctx context.Context, r *relationTuple, restDepth int) (res checkgroup.Result)
CheckRelationTuple checks if the relation tuple's subject has the relation on the object in the namespace either directly or indirectly and returns a check result.
type EngineDependencies ¶
type EngineDependencies interface {
relationtuple.ManagerProvider
relationtuple.MapperProvider
persistence.Provider
config.Provider
x.LoggerProvider
x.TracingProvider
x.NetworkIDProvider
}
type EngineProvider ¶
type EngineProvider interface {
PermissionEngine() *Engine
}
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
func NewHandler ¶
func NewHandler(d handlerDependencies) *Handler
func (*Handler) BatchCheck ¶
func (h *Handler) BatchCheck(ctx context.Context, req *rts.BatchCheckRequest) (*rts.BatchCheckResponse, error)
BatchCheck is the gRPC entry point for checking batches of tuples
func (*Handler) Check ¶
func (h *Handler) Check(ctx context.Context, req *rts.CheckRequest) (*rts.CheckResponse, error)
func (*Handler) RegisterReadGRPC ¶
func (*Handler) RegisterReadRoutes ¶
func (h *Handler) RegisterReadRoutes(r *x.ReadRouter)
Source Files
Directories