Documentation
¶
Index ¶
- Variables
- func CreateOptions() ([]string, error)
- func DefaultServiceScopeSet() (map[string]struct{}, error)
- func GetCrudAuthorizationModel() (*openfga.AuthorizationModel, error)
- func GetRolesAuthorizationModel() (*openfga.AuthorizationModel, error)
- func NormalizeScope(scope string) string
- func RelationsForService() ([]string, error)
- func RoleOptions() ([]string, error)
- func ScopeAliases() map[string]string
- func ScopeOptions() (map[string][]string, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // CanView allows read-only access to an object CanView = "can_view" // CanEdit allows read and write access to an object CanEdit = "can_edit" // CanDelete allows deletion of an object CanDelete = "can_delete" )
View Source
var ( // Read is an alias for can_view Read = "read" // Write is an alias for can_edit Write = "write" // Delete is an alias for can_delete Delete = "delete" )
Functions ¶
func CreateOptions ¶
CreateOptions returns objects with verbs that support creation
func DefaultServiceScopeSet ¶
DefaultServiceScopeSet returns the default service scopes as a set
func GetCrudAuthorizationModel ¶
func GetCrudAuthorizationModel() (*openfga.AuthorizationModel, error)
GetAuthorizationModel returns the parsed embedded authorization model
func GetRolesAuthorizationModel ¶
func GetRolesAuthorizationModel() (*openfga.AuthorizationModel, error)
func NormalizeScope ¶
NormalizeScope returns the relation name for a provided scope, handling common aliases Accepts object:verb (e.g., control:write) and simple verbs (read/write/delete)
func RelationsForService ¶
RelationsForService returns relations shaped like can_<verb>_<object> that directly accept service subjects.
func RoleOptions ¶
RoleOptions returns objects with verbs that support roles
func ScopeAliases ¶
ScopeAliases returns a copy of the supported alias mapping
func ScopeOptions ¶
ScopeOptions groups available scopes by object (verb mapped back via alias map)
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.