Documentation
¶
Overview ¶
Package query provides the client for querying spicedb
Index ¶
Constants ¶
View Source
const ( // ApplicationPrefix is the prefix for all application IDs owned by permissions-api ApplicationPrefix string = "perm" // RolePrefix is the prefix for roles RolePrefix string = ApplicationPrefix + "rol" )
Variables ¶
View Source
var ( // ErrActionNotAssigned represents an error condition where the subject is not able to complete // the given request. ErrActionNotAssigned = errors.New("the subject does not have permissions to complete this request") // ErrInvalidAction represents an error condition where the action provided is not valid for the provided resource. ErrInvalidAction = errors.New("invalid action for resource") // ErrInvalidReference represents an error condition where a given SpiceDB object reference is for some reason invalid. ErrInvalidReference = errors.New("invalid reference") // ErrInvalidNamespace represents an error when the id prefix is not found in the resource schema ErrInvalidNamespace = errors.New("invalid namespace") // ErrInvalidType represents an error when a resource type is not found in the resource schema ErrInvalidType = errors.New("invalid type") // ErrInvalidRelationship represents an error when no matching relationship was found ErrInvalidRelationship = errors.New("invalid relationship") // ErrRoleNotFound represents an error when no matching role was found on resource ErrRoleNotFound = errors.New("role not found") // ErrRoleHasTooManyResources represents an error which a role has too many resources ErrRoleHasTooManyResources = errors.New("role has too many resources") )
Functions ¶
This section is empty.
Types ¶
type Engine ¶
type Engine interface {
AssignSubjectRole(ctx context.Context, subject types.Resource, role types.Role) error
UnassignSubjectRole(ctx context.Context, subject types.Resource, role types.Role) error
CreateRelationships(ctx context.Context, rels []types.Relationship) error
CreateRole(ctx context.Context, actor, res types.Resource, roleName string, actions []string) (types.Role, error)
UpdateRole(ctx context.Context, actor, roleResource types.Resource, newName string, newActions []string) (types.Role, error)
GetRole(ctx context.Context, roleResource types.Resource) (types.Role, error)
GetRoleResource(ctx context.Context, roleResource types.Resource) (types.Resource, error)
ListAssignments(ctx context.Context, role types.Role) ([]types.Resource, error)
ListRelationshipsFrom(ctx context.Context, resource types.Resource) ([]types.Relationship, error)
ListRelationshipsTo(ctx context.Context, resource types.Resource) ([]types.Relationship, error)
ListRoles(ctx context.Context, resource types.Resource) ([]types.Role, error)
DeleteRelationships(ctx context.Context, relationships ...types.Relationship) error
DeleteRole(ctx context.Context, roleResource types.Resource) error
DeleteResourceRelationships(ctx context.Context, resource types.Resource) error
NewResourceFromID(id gidx.PrefixedID) (types.Resource, error)
GetResourceType(name string) *types.ResourceType
SubjectHasPermission(ctx context.Context, subject types.Resource, action string, resource types.Resource) error
}
Engine represents a client for making permissions queries.
type Option ¶ added in v0.1.4
type Option func(*engine)
Option is a functional option for the engine
func WithLogger ¶ added in v0.1.4
func WithLogger(logger *zap.SugaredLogger) Option
WithLogger sets the logger for the engine
func WithPolicy ¶ added in v0.1.4
WithPolicy sets the policy for the engine
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.