sqlc

package
v0.0.0-...-3df5aab Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 25, 2025 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrBatchAlreadyClosed = errors.New("batch already closed")
)

Functions

This section is empty.

Types

type CreateBackupCodesBatchResults 

type CreateBackupCodesBatchResults struct {
	// contains filtered or unexported fields
}

func (*CreateBackupCodesBatchResults) Close 

func (b *CreateBackupCodesBatchResults) Close() error

func (*CreateBackupCodesBatchResults) Exec 

func (b *CreateBackupCodesBatchResults) Exec(f func(int, error))

type CreateBackupCodesParams 

type CreateBackupCodesParams struct {
	UserID   uuid.UUID `json:"user_id"`
	CodeHash string    `json:"code_hash"`
}

type CreateMFASettingsParams 

type CreateMFASettingsParams struct {
	UserID     uuid.UUID `json:"user_id"`
	TotpSecret string    `json:"totp_secret"`
}

type CreateOIDCLinkParams 

type CreateOIDCLinkParams struct {
	UserID           uuid.UUID `json:"user_id"`
	OidcProviderID   uuid.UUID `json:"oidc_provider_id"`
	ProviderUserID   string    `json:"provider_user_id"`
	ProviderEmail    string    `json:"provider_email"`
	ProviderMetadata []byte    `json:"provider_metadata"`
}

type CreateOIDCProviderParams 

type CreateOIDCProviderParams struct {
	TenantID                 uuid.UUID                  `json:"tenant_id"`
	ProviderName             string                     `json:"provider_name"`
	IssuerUrl                string                     `json:"issuer_url"`
	ClientID                 string                     `json:"client_id"`
	ClientSecret             string                     `json:"client_secret"`
	Scopes                   []string                   `json:"scopes"`
	Enabled                  bool                       `json:"enabled"`
	AllowedDomains           []string                   `json:"allowed_domains"`
	AutoCreateUsers          bool                       `json:"auto_create_users"`
	RequireEmailVerification bool                       `json:"require_email_verification"`
	RegistrationAccessToken  string                     `json:"registration_access_token"`
	RegistrationClientUri    string                     `json:"registration_client_uri"`
	ClientIDIssuedAt         *time.Time                 `json:"client_id_issued_at"`
	ClientSecretExpiresAt    *time.Time                 `json:"client_secret_expires_at"`
	RegistrationMethod       sdk.OIDCRegistrationMethod `json:"registration_method"`
}

type CreateOIDCSessionParams 

type CreateOIDCSessionParams struct {
	State          string                `json:"state"`
	CodeVerifier   string                `json:"code_verifier"`
	OidcProviderID *uuid.UUID            `json:"oidc_provider_id"`
	ProviderType   *sdk.OIDCProviderType `json:"provider_type"`
	RedirectUri    string                `json:"redirect_uri"`
	TenantID       *uuid.UUID            `json:"tenant_id"`
	ExpiresAt      time.Time             `json:"expires_at"`
}

type CreatePasswordResetTokenParams 

type CreatePasswordResetTokenParams struct {
	UserID    uuid.UUID `json:"user_id"`
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
}

type CreateRefreshTokenParams 

type CreateRefreshTokenParams struct {
	UserID    uuid.UUID `json:"user_id"`
	TenantID  uuid.UUID `json:"tenant_id"`
	TokenHash string    `json:"token_hash"`
	FamilyID  uuid.UUID `json:"family_id"`
	UserAgent string    `json:"user_agent"`
	IpAddress string    `json:"ip_address"`
	ExpiresAt time.Time `json:"expires_at"`
}

type CreateRoleParams 

type CreateRoleParams struct {
	TenantID    uuid.UUID `json:"tenant_id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type CreateRoleRow 

type CreateRoleRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type CreateTrustedDeviceParams 

type CreateTrustedDeviceParams struct {
	UserID    uuid.UUID `json:"user_id"`
	TenantID  uuid.UUID `json:"tenant_id"`
	TokenHash string    `json:"token_hash"`
	UserAgent string    `json:"user_agent"`
	IpAddress string    `json:"ip_address"`
	ExpiresAt time.Time `json:"expires_at"`
}

type CreateUserParams 

type CreateUserParams struct {
	TenantID     uuid.UUID      `json:"tenant_id"`
	Email        string         `json:"email"`
	PasswordHash string         `json:"password_hash"`
	FirstName    string         `json:"first_name"`
	LastName     string         `json:"last_name"`
	Status       iam.UserStatus `json:"status"`
}

type CreateVerificationTokenParams 

type CreateVerificationTokenParams struct {
	UserID    uuid.UUID `json:"user_id"`
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
}

type DBTX 

type DBTX interface {
	Exec(context.Context, string, ...interface{}) (pgconn.CommandTag, error)
	Query(context.Context, string, ...interface{}) (pgx.Rows, error)
	QueryRow(context.Context, string, ...interface{}) pgx.Row
	SendBatch(context.Context, *pgx.Batch) pgx.BatchResults
}

type DeleteOIDCLinkParams 

type DeleteOIDCLinkParams struct {
	UserID         uuid.UUID `json:"user_id"`
	OidcProviderID uuid.UUID `json:"oidc_provider_id"`
}

type GetDirectPermissionsRow 

type GetDirectPermissionsRow struct {
	ID          uuid.UUID            `json:"id"`
	Name        string               `json:"name"`
	Description string               `json:"description"`
	Effect      sdk.PermissionEffect `json:"effect"`
}

type GetOIDCLinkByProviderParams 

type GetOIDCLinkByProviderParams struct {
	OidcProviderID uuid.UUID `json:"oidc_provider_id"`
	ProviderUserID string    `json:"provider_user_id"`
}

type GetOIDCLinkByUserParams 

type GetOIDCLinkByUserParams struct {
	UserID         uuid.UUID `json:"user_id"`
	OidcProviderID uuid.UUID `json:"oidc_provider_id"`
}

type GetRecentFailedAttemptsParams 

type GetRecentFailedAttemptsParams struct {
	Email       string    `json:"email"`
	AttemptedAt time.Time `json:"attempted_at"`
}

type GetRoleByIDRow 

type GetRoleByIDRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type GetRolePermissionsRow 

type GetRolePermissionsRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	AssignedAt  time.Time `json:"assigned_at"`
}

type GetUserPermissionsRow 

type GetUserPermissionsRow struct {
	ID          uuid.UUID            `json:"id"`
	Name        string               `json:"name"`
	Description string               `json:"description"`
	Effect      sdk.PermissionEffect `json:"effect"`
}

type GetUserRolesRow 

type GetUserRolesRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type InsertDirectPermissionsParams 

type InsertDirectPermissionsParams struct {
	UserID        uuid.UUID   `json:"user_id"`
	PermissionIds []uuid.UUID `json:"permission_ids"`
	Effects       []string    `json:"effects"`
}

type InsertLoginAttemptParams 

type InsertLoginAttemptParams struct {
	Email       string     `json:"email"`
	UserID      *uuid.UUID `json:"user_id"`
	IpAddress   string     `json:"ip_address"`
	LockedUntil *time.Time `json:"locked_until"`
}

type InsertRolePermissionsParams 

type InsertRolePermissionsParams struct {
	RoleID        uuid.UUID   `json:"role_id"`
	PermissionIds []uuid.UUID `json:"permission_ids"`
}

type InsertUserRolesParams 

type InsertUserRolesParams struct {
	UserID  uuid.UUID   `json:"user_id"`
	RoleIds []uuid.UUID `json:"role_ids"`
}

type ListRolesRow 

type ListRolesRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type LoginAttempt 

type LoginAttempt struct {
	ID          uuid.UUID  `json:"id"`
	Email       string     `json:"email"`
	UserID      *uuid.UUID `json:"user_id"`
	IpAddress   string     `json:"ip_address"`
	LockedUntil *time.Time `json:"locked_until"`
	AttemptedAt time.Time  `json:"attempted_at"`
	CreatedAt   time.Time  `json:"created_at"`
}

type MfaBackupCode 

type MfaBackupCode struct {
	ID        uuid.UUID  `json:"id"`
	UserID    uuid.UUID  `json:"user_id"`
	CodeHash  string     `json:"code_hash"`
	Used      bool       `json:"used"`
	UsedAt    *time.Time `json:"used_at"`
	CreatedAt time.Time  `json:"created_at"`
}

type MfaSetting 

type MfaSetting struct {
	UserID         uuid.UUID  `json:"user_id"`
	TotpSecret     string     `json:"totp_secret"`
	LastUsedWindow *int64     `json:"last_used_window"`
	CreatedAt      time.Time  `json:"created_at"`
	VerifiedAt     *time.Time `json:"verified_at"`
	LastUsedAt     *time.Time `json:"last_used_at"`
}

type NullOidcProviderType 

type NullOidcProviderType struct {
	OidcProviderType OidcProviderType `json:"oidc_provider_type"`
	Valid            bool             `json:"valid"` // Valid is true if OidcProviderType is not NULL
}

func (*NullOidcProviderType) Scan 

func (ns *NullOidcProviderType) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullOidcProviderType) Value 

func (ns NullOidcProviderType) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullOidcRegistrationMethod 

type NullOidcRegistrationMethod struct {
	OidcRegistrationMethod OidcRegistrationMethod `json:"oidc_registration_method"`
	Valid                  bool                   `json:"valid"` // Valid is true if OidcRegistrationMethod is not NULL
}

func (*NullOidcRegistrationMethod) Scan 

func (ns *NullOidcRegistrationMethod) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullOidcRegistrationMethod) Value 

func (ns NullOidcRegistrationMethod) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullPermissionEffect 

type NullPermissionEffect struct {
	PermissionEffect PermissionEffect `json:"permission_effect"`
	Valid            bool             `json:"valid"` // Valid is true if PermissionEffect is not NULL
}

func (*NullPermissionEffect) Scan 

func (ns *NullPermissionEffect) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullPermissionEffect) Value 

func (ns NullPermissionEffect) Value() (driver.Value, error)

Value implements the driver Valuer interface.

type NullUserStatus 

type NullUserStatus struct {
	UserStatus UserStatus `json:"user_status"`
	Valid      bool       `json:"valid"` // Valid is true if UserStatus is not NULL
}

func (*NullUserStatus) Scan 

func (ns *NullUserStatus) Scan(value interface{}) error

Scan implements the Scanner interface.

func (NullUserStatus) Value 

func (ns NullUserStatus) Value() (driver.Value, error)

Value implements the driver Valuer interface. 

type OidcLink struct {
	ID               uuid.UUID  `json:"id"`
	UserID           uuid.UUID  `json:"user_id"`
	OidcProviderID   uuid.UUID  `json:"oidc_provider_id"`
	ProviderUserID   string     `json:"provider_user_id"`
	ProviderEmail    string     `json:"provider_email"`
	ProviderMetadata []byte     `json:"provider_metadata"`
	LinkedAt         time.Time  `json:"linked_at"`
	LastUsedAt       *time.Time `json:"last_used_at"`
}

type OidcProvider 

type OidcProvider struct {
	ID                       uuid.UUID                  `json:"id"`
	TenantID                 uuid.UUID                  `json:"tenant_id"`
	ProviderName             string                     `json:"provider_name"`
	IssuerUrl                string                     `json:"issuer_url"`
	ClientID                 string                     `json:"client_id"`
	ClientSecret             string                     `json:"client_secret"`
	Scopes                   []string                   `json:"scopes"`
	Enabled                  bool                       `json:"enabled"`
	AllowedDomains           []string                   `json:"allowed_domains"`
	AutoCreateUsers          bool                       `json:"auto_create_users"`
	RequireEmailVerification bool                       `json:"require_email_verification"`
	RegistrationAccessToken  string                     `json:"registration_access_token"`
	RegistrationClientUri    string                     `json:"registration_client_uri"`
	ClientIDIssuedAt         *time.Time                 `json:"client_id_issued_at"`
	ClientSecretExpiresAt    *time.Time                 `json:"client_secret_expires_at"`
	RegistrationMethod       sdk.OIDCRegistrationMethod `json:"registration_method"`
	CreatedAt                time.Time                  `json:"created_at"`
	UpdatedAt                time.Time                  `json:"updated_at"`
}

type OidcProviderType 

type OidcProviderType string
const (
	OidcProviderTypeGoogle    OidcProviderType = "google"
	OidcProviderTypeMicrosoft OidcProviderType = "microsoft"
	OidcProviderTypeGithub    OidcProviderType = "github"
	OidcProviderTypeOkta      OidcProviderType = "okta"
)

func (*OidcProviderType) Scan 

func (e *OidcProviderType) Scan(src interface{}) error

type OidcRegistrationMethod 

type OidcRegistrationMethod string
const (
	OidcRegistrationMethodManual  OidcRegistrationMethod = "manual"
	OidcRegistrationMethodDynamic OidcRegistrationMethod = "dynamic"
)

func (*OidcRegistrationMethod) Scan 

func (e *OidcRegistrationMethod) Scan(src interface{}) error

type OidcSession 

type OidcSession struct {
	ID             uuid.UUID             `json:"id"`
	State          string                `json:"state"`
	CodeVerifier   string                `json:"code_verifier"`
	OidcProviderID *uuid.UUID            `json:"oidc_provider_id"`
	ProviderType   *sdk.OIDCProviderType `json:"provider_type"`
	RedirectUri    string                `json:"redirect_uri"`
	TenantID       *uuid.UUID            `json:"tenant_id"`
	CreatedAt      time.Time             `json:"created_at"`
	ExpiresAt      time.Time             `json:"expires_at"`
}

type PasswordResetToken 

type PasswordResetToken struct {
	UserID    uuid.UUID `json:"user_id"`
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
	CreatedAt time.Time `json:"created_at"`
}

type Permission 

type Permission struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	CreatedAt   time.Time `json:"created_at"`
}

type PermissionEffect 

type PermissionEffect string
const (
	PermissionEffectAllow PermissionEffect = "allow"
	PermissionEffectDeny  PermissionEffect = "deny"
)

func (*PermissionEffect) Scan 

func (e *PermissionEffect) Scan(src interface{}) error

type Queries 

type Queries struct {
	// contains filtered or unexported fields
}

func New 

func New(db DBTX) *Queries

func (*Queries) CountUnusedBackupCodes 

func (q *Queries) CountUnusedBackupCodes(ctx context.Context, userID uuid.UUID) (int64, error)

func (*Queries) CreateBackupCodes 

func (q *Queries) CreateBackupCodes(ctx context.Context, arg []CreateBackupCodesParams) *CreateBackupCodesBatchResults

func (*Queries) CreateMFASettings 

func (q *Queries) CreateMFASettings(ctx context.Context, arg CreateMFASettingsParams) (MfaSetting, error)
func (q *Queries) CreateOIDCLink(ctx context.Context, arg CreateOIDCLinkParams) (OidcLink, error)

func (*Queries) CreateOIDCProvider 

func (q *Queries) CreateOIDCProvider(ctx context.Context, arg CreateOIDCProviderParams) (OidcProvider, error)

func (*Queries) CreateOIDCSession 

func (q *Queries) CreateOIDCSession(ctx context.Context, arg CreateOIDCSessionParams) (OidcSession, error)

func (*Queries) CreatePasswordResetToken 

func (q *Queries) CreatePasswordResetToken(ctx context.Context, arg CreatePasswordResetTokenParams) (PasswordResetToken, error)

func (*Queries) CreateRefreshToken 

func (q *Queries) CreateRefreshToken(ctx context.Context, arg CreateRefreshTokenParams) (RefreshToken, error)

func (*Queries) CreateRole 

func (q *Queries) CreateRole(ctx context.Context, arg CreateRoleParams) (CreateRoleRow, error)

func (*Queries) CreateTenant 

func (q *Queries) CreateTenant(ctx context.Context, id uuid.UUID) (Tenant, error)

func (*Queries) CreateTrustedDevice 

func (q *Queries) CreateTrustedDevice(ctx context.Context, arg CreateTrustedDeviceParams) (TrustedDevice, error)

func (*Queries) CreateUser 

func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, error)

func (*Queries) CreateVerificationToken 

func (q *Queries) CreateVerificationToken(ctx context.Context, arg CreateVerificationTokenParams) (VerificationToken, error)

func (*Queries) DeleteAllDirectPermissions 

func (q *Queries) DeleteAllDirectPermissions(ctx context.Context, userID uuid.UUID) error

Replace all direct permissions for a user (used for bulk updates) Note: This should be called in a transaction with InsertDirectPermissions

func (*Queries) DeleteAllRolePermissions 

func (q *Queries) DeleteAllRolePermissions(ctx context.Context, roleID uuid.UUID) error

Replace all permissions for a role (used for bulk updates) First delete all existing permissions, then insert new ones Note: This should be called in a transaction with InsertRolePermissions

func (*Queries) DeleteAllUserRoles 

func (q *Queries) DeleteAllUserRoles(ctx context.Context, userID uuid.UUID) error

Replace all roles for a user (used for bulk updates) Note: This should be called in a transaction with InsertUserRoles

func (*Queries) DeleteBackupCodesByUserID 

func (q *Queries) DeleteBackupCodesByUserID(ctx context.Context, userID uuid.UUID) error

func (*Queries) DeleteExpiredOIDCSessions 

func (q *Queries) DeleteExpiredOIDCSessions(ctx context.Context) error

func (*Queries) DeleteExpiredPasswordResetTokens 

func (q *Queries) DeleteExpiredPasswordResetTokens(ctx context.Context) error

func (*Queries) DeleteExpiredRefreshTokens 

func (q *Queries) DeleteExpiredRefreshTokens(ctx context.Context) error

func (*Queries) DeleteExpiredTrustedDevices 

func (q *Queries) DeleteExpiredTrustedDevices(ctx context.Context) error

func (*Queries) DeleteExpiredVerificationTokens 

func (q *Queries) DeleteExpiredVerificationTokens(ctx context.Context) error

func (*Queries) DeleteLoginAttempts 

func (q *Queries) DeleteLoginAttempts(ctx context.Context, userID *uuid.UUID) error

Delete all login attempts for a user after successful login Failed attempts are no longer relevant once the user has authenticated

func (*Queries) DeleteMFASettings 

func (q *Queries) DeleteMFASettings(ctx context.Context, userID uuid.UUID) error
func (q *Queries) DeleteOIDCLink(ctx context.Context, arg DeleteOIDCLinkParams) error

func (*Queries) DeleteOIDCProvider 

func (q *Queries) DeleteOIDCProvider(ctx context.Context, id uuid.UUID) error

func (*Queries) DeleteOIDCSession 

func (q *Queries) DeleteOIDCSession(ctx context.Context, id uuid.UUID) error

func (*Queries) DeleteOldUnverifiedUsers 

func (q *Queries) DeleteOldUnverifiedUsers(ctx context.Context, days int32) error

func (*Queries) DeletePasswordResetToken 

func (q *Queries) DeletePasswordResetToken(ctx context.Context, userID uuid.UUID) error

func (*Queries) DeleteRole 

func (q *Queries) DeleteRole(ctx context.Context, id uuid.UUID) error

func (*Queries) DeleteTenant 

func (q *Queries) DeleteTenant(ctx context.Context, id uuid.UUID) error

func (*Queries) DeleteUser 

func (q *Queries) DeleteUser(ctx context.Context, id uuid.UUID) error

func (*Queries) DeleteVerificationToken 

func (q *Queries) DeleteVerificationToken(ctx context.Context, userID uuid.UUID) error

func (*Queries) GetDirectPermissions 

func (q *Queries) GetDirectPermissions(ctx context.Context, userID uuid.UUID) ([]GetDirectPermissionsRow, error)

Get direct permissions assigned to user (not from roles)

func (*Queries) GetMFASettingsByUserID 

func (q *Queries) GetMFASettingsByUserID(ctx context.Context, userID uuid.UUID) (MfaSetting, error)

func (*Queries) GetMostRecentLockout 

func (q *Queries) GetMostRecentLockout(ctx context.Context, email string) (*time.Time, error)

Gets the most recent non-null locked_until for checking active lockouts

func (*Queries) GetOIDCLinkByProvider 

func (q *Queries) GetOIDCLinkByProvider(ctx context.Context, arg GetOIDCLinkByProviderParams) (OidcLink, error)

func (*Queries) GetOIDCLinkByUser 

func (q *Queries) GetOIDCLinkByUser(ctx context.Context, arg GetOIDCLinkByUserParams) (OidcLink, error)

func (*Queries) GetOIDCProvider 

func (q *Queries) GetOIDCProvider(ctx context.Context, id uuid.UUID) (OidcProvider, error)

func (*Queries) GetOIDCProvidersByDomain 

func (q *Queries) GetOIDCProvidersByDomain(ctx context.Context, domain string) ([]OidcProvider, error)

Find all OAuth providers configured for an email domain (cross-tenant, for SSO discovery) This query bypasses RLS to search across all tenants

func (*Queries) GetOIDCSessionByState 

func (q *Queries) GetOIDCSessionByState(ctx context.Context, state string) (OidcSession, error)

func (*Queries) GetPasswordResetToken 

func (q *Queries) GetPasswordResetToken(ctx context.Context, token string) (PasswordResetToken, error)

func (*Queries) GetPermissionByID 

func (q *Queries) GetPermissionByID(ctx context.Context, id uuid.UUID) (Permission, error)

func (*Queries) GetRecentFailedAttempts 

func (q *Queries) GetRecentFailedAttempts(ctx context.Context, arg GetRecentFailedAttemptsParams) (int64, error)

func (*Queries) GetRefreshTokenByHash 

func (q *Queries) GetRefreshTokenByHash(ctx context.Context, tokenHash string) (RefreshToken, error)

func (*Queries) GetRefreshTokenByHashIncludingRevoked 

func (q *Queries) GetRefreshTokenByHashIncludingRevoked(ctx context.Context, tokenHash string) (RefreshToken, error)

Used for token rotation reuse detection - returns token even if revoked

func (*Queries) GetRoleByID 

func (q *Queries) GetRoleByID(ctx context.Context, id uuid.UUID) (GetRoleByIDRow, error)

func (*Queries) GetRolePermissions 

func (q *Queries) GetRolePermissions(ctx context.Context, roleID uuid.UUID) ([]GetRolePermissionsRow, error)

func (*Queries) GetTenant 

func (q *Queries) GetTenant(ctx context.Context, id uuid.UUID) (Tenant, error)

func (*Queries) GetTrustedDeviceByTokenHash 

func (q *Queries) GetTrustedDeviceByTokenHash(ctx context.Context, tokenHash string) (TrustedDevice, error)

func (*Queries) GetUnusedBackupCodesByUserID 

func (q *Queries) GetUnusedBackupCodesByUserID(ctx context.Context, userID uuid.UUID) ([]MfaBackupCode, error)

func (*Queries) GetUser 

func (q *Queries) GetUser(ctx context.Context, id uuid.UUID) (User, error)

func (*Queries) GetUserByEmail 

func (q *Queries) GetUserByEmail(ctx context.Context, email string) (User, error)

func (*Queries) GetUserPermissions 

func (q *Queries) GetUserPermissions(ctx context.Context, userID uuid.UUID) ([]GetUserPermissionsRow, error)

Get all permissions for a user (from roles + direct permissions) Includes effect from direct permissions for deny logic

func (*Queries) GetUserRoles 

func (q *Queries) GetUserRoles(ctx context.Context, userID uuid.UUID) ([]GetUserRolesRow, error)

func (*Queries) GetVerificationToken 

func (q *Queries) GetVerificationToken(ctx context.Context, token string) (VerificationToken, error)

func (*Queries) InsertDirectPermissions 

func (q *Queries) InsertDirectPermissions(ctx context.Context, arg InsertDirectPermissionsParams) error

Insert multiple direct permissions for a user (called after SetDirectPermissions in transaction) Parameters: user_id, permission_ids array, effects array (strings cast to permission_effect)

func (*Queries) InsertLoginAttempt 

func (q *Queries) InsertLoginAttempt(ctx context.Context, arg InsertLoginAttemptParams) (LoginAttempt, error)

func (*Queries) InsertRolePermissions 

func (q *Queries) InsertRolePermissions(ctx context.Context, arg InsertRolePermissionsParams) error

Insert multiple permissions for a role (called after SetRolePermissions in transaction)

func (*Queries) InsertUserRoles 

func (q *Queries) InsertUserRoles(ctx context.Context, arg InsertUserRolesParams) error

Insert multiple roles for a user (called after SetUserRoles in transaction) Parameters: user_id, role_ids array

func (*Queries) ListOIDCLinksByUser 

func (q *Queries) ListOIDCLinksByUser(ctx context.Context, userID uuid.UUID) ([]OidcLink, error)

func (*Queries) ListOIDCProviders 

func (q *Queries) ListOIDCProviders(ctx context.Context, tenantID uuid.UUID) ([]OidcProvider, error)

func (*Queries) ListPermissions 

func (q *Queries) ListPermissions(ctx context.Context) ([]Permission, error)

func (*Queries) ListRoles 

func (q *Queries) ListRoles(ctx context.Context) ([]ListRolesRow, error)

func (*Queries) ListUserRefreshTokens 

func (q *Queries) ListUserRefreshTokens(ctx context.Context, userID uuid.UUID) ([]RefreshToken, error)

func (*Queries) MarkBackupCodeUsed 

func (q *Queries) MarkBackupCodeUsed(ctx context.Context, id uuid.UUID) error

func (*Queries) RevokeAllUserRefreshTokens 

func (q *Queries) RevokeAllUserRefreshTokens(ctx context.Context, userID uuid.UUID) error

func (*Queries) RevokeAllUserTrustedDevices 

func (q *Queries) RevokeAllUserTrustedDevices(ctx context.Context, userID uuid.UUID) error

func (*Queries) RevokeRefreshToken 

func (q *Queries) RevokeRefreshToken(ctx context.Context, id uuid.UUID) error

func (*Queries) RevokeRefreshTokenByHash 

func (q *Queries) RevokeRefreshTokenByHash(ctx context.Context, tokenHash string) error

func (*Queries) RevokeRefreshTokenFamily 

func (q *Queries) RevokeRefreshTokenFamily(ctx context.Context, familyID uuid.UUID) error

Revokes all tokens in a family (used when token reuse is detected)

func (*Queries) UpdateLastLogin 

func (q *Queries) UpdateLastLogin(ctx context.Context, id uuid.UUID) error

func (*Queries) UpdateMFASettings 

func (q *Queries) UpdateMFASettings(ctx context.Context, arg UpdateMFASettingsParams) error

func (*Queries) UpdateOIDCLinkLastUsed 

func (q *Queries) UpdateOIDCLinkLastUsed(ctx context.Context, id uuid.UUID) error

func (*Queries) UpdateOIDCProvider 

func (q *Queries) UpdateOIDCProvider(ctx context.Context, arg UpdateOIDCProviderParams) (OidcProvider, error)

Allows updating configuration and credentials

func (*Queries) UpdateRefreshTokenLastUsed 

func (q *Queries) UpdateRefreshTokenLastUsed(ctx context.Context, id uuid.UUID) error

func (*Queries) UpdateRole 

func (q *Queries) UpdateRole(ctx context.Context, arg UpdateRoleParams) (UpdateRoleRow, error)

func (*Queries) UpdateTrustedDeviceLastUsed 

func (q *Queries) UpdateTrustedDeviceLastUsed(ctx context.Context, arg UpdateTrustedDeviceLastUsedParams) error

func (*Queries) UpdateUser 

func (q *Queries) UpdateUser(ctx context.Context, arg UpdateUserParams) (User, error)

func (*Queries) WithTx 

func (q *Queries) WithTx(tx pgx.Tx) *Queries

type RefreshToken 

type RefreshToken struct {
	ID         uuid.UUID  `json:"id"`
	UserID     uuid.UUID  `json:"user_id"`
	TenantID   uuid.UUID  `json:"tenant_id"`
	TokenHash  string     `json:"token_hash"`
	FamilyID   uuid.UUID  `json:"family_id"`
	UserAgent  string     `json:"user_agent"`
	IpAddress  string     `json:"ip_address"`
	CreatedAt  time.Time  `json:"created_at"`
	LastUsedAt time.Time  `json:"last_used_at"`
	ExpiresAt  time.Time  `json:"expires_at"`
	RevokedAt  *time.Time `json:"revoked_at"`
}

type Role 

type Role struct {
	ID          uuid.UUID `json:"id"`
	TenantID    uuid.UUID `json:"tenant_id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
	CreatedAt   time.Time `json:"created_at"`
	UpdatedAt   time.Time `json:"updated_at"`
}

type RolePermission 

type RolePermission struct {
	RoleID       uuid.UUID `json:"role_id"`
	PermissionID uuid.UUID `json:"permission_id"`
	CreatedAt    time.Time `json:"created_at"`
}

type Tenant 

type Tenant struct {
	ID        uuid.UUID `json:"id"`
	CreatedAt time.Time `json:"created_at"`
	UpdatedAt time.Time `json:"updated_at"`
}

type TrustedDevice 

type TrustedDevice struct {
	ID         uuid.UUID  `json:"id"`
	UserID     uuid.UUID  `json:"user_id"`
	TenantID   uuid.UUID  `json:"tenant_id"`
	TokenHash  string     `json:"token_hash"`
	UserAgent  string     `json:"user_agent"`
	IpAddress  string     `json:"ip_address"`
	CreatedAt  time.Time  `json:"created_at"`
	LastUsedAt time.Time  `json:"last_used_at"`
	ExpiresAt  time.Time  `json:"expires_at"`
	RevokedAt  *time.Time `json:"revoked_at"`
}

type UpdateMFASettingsParams 

type UpdateMFASettingsParams struct {
	UserID         uuid.UUID  `json:"user_id"`
	LastUsedWindow *int64     `json:"last_used_window"`
	VerifiedAt     *time.Time `json:"verified_at"`
	LastUsedAt     *time.Time `json:"last_used_at"`
}

type UpdateOIDCProviderParams 

type UpdateOIDCProviderParams struct {
	ProviderName             *string   `json:"provider_name"`
	ClientSecret             *string   `json:"client_secret"`
	Scopes                   []string  `json:"scopes"`
	Enabled                  *bool     `json:"enabled"`
	AllowedDomains           []string  `json:"allowed_domains"`
	AutoCreateUsers          *bool     `json:"auto_create_users"`
	RequireEmailVerification *bool     `json:"require_email_verification"`
	ID                       uuid.UUID `json:"id"`
}

type UpdateRoleParams 

type UpdateRoleParams struct {
	Name        *string   `json:"name"`
	Description *string   `json:"description"`
	MfaRequired *bool     `json:"mfa_required"`
	ID          uuid.UUID `json:"id"`
}

type UpdateRoleRow 

type UpdateRoleRow struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
	MfaRequired bool      `json:"mfa_required"`
}

type UpdateTrustedDeviceLastUsedParams 

type UpdateTrustedDeviceLastUsedParams struct {
	ID        uuid.UUID `json:"id"`
	ExpiresAt time.Time `json:"expires_at"`
	IpAddress string    `json:"ip_address"`
}

type UpdateUserParams 

type UpdateUserParams struct {
	PasswordHash *string         `json:"password_hash"`
	Status       *iam.UserStatus `json:"status"`
	ID           uuid.UUID       `json:"id"`
}

type User 

type User struct {
	ID           uuid.UUID      `json:"id"`
	TenantID     uuid.UUID      `json:"tenant_id"`
	Email        string         `json:"email"`
	PasswordHash string         `json:"password_hash"`
	FirstName    string         `json:"first_name"`
	LastName     string         `json:"last_name"`
	Status       iam.UserStatus `json:"status"`
	CreatedAt    time.Time      `json:"created_at"`
	UpdatedAt    time.Time      `json:"updated_at"`
	LastLoginAt  *time.Time     `json:"last_login_at"`
}

type UserPermission 

type UserPermission struct {
	UserID       uuid.UUID            `json:"user_id"`
	PermissionID uuid.UUID            `json:"permission_id"`
	Effect       sdk.PermissionEffect `json:"effect"`
}

type UserRole 

type UserRole struct {
	UserID uuid.UUID `json:"user_id"`
	RoleID uuid.UUID `json:"role_id"`
}

type UserStatus 

type UserStatus string
const (
	UserStatusUnverified UserStatus = "unverified"
	UserStatusActive     UserStatus = "active"
	UserStatusSuspended  UserStatus = "suspended"
	UserStatusInactive   UserStatus = "inactive"
)

func (*UserStatus) Scan 

func (e *UserStatus) Scan(src interface{}) error

type VerificationToken 

type VerificationToken struct {
	UserID    uuid.UUID `json:"user_id"`
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
	CreatedAt time.Time `json:"created_at"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.