accesssvc

package
v0.15.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2024 License: AGPL-3.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNoMatchingGroup is returned during creating a request if the user is not in the correct group,
	// based on the Access Rule the request relates to.
	ErrNoMatchingGroup = errors.New("user was not in a matching group for the access rule")

	// ErrRuleNotFound is returned if we can't find the Access Rule associated with a request.
	ErrRuleNotFound = errors.New("access rule not found")

	// ErrUserNotAuthorized is returned if the user isn't allowed to complete an action,
	// like reviewing a request.
	ErrUserNotAuthorized = errors.New("user is not authorized to perform this action")

	// ErrRequestCannotBeCancelled is returned if the request is not in the pending status
	ErrRequestCannotBeCancelled = errors.New("only pending requests can be cancelled")

	// ErrRequestOverlapsExistingGrant is returned if the request overlaps an existing grant
	ErrRequestOverlapsExistingGrant = errors.New("this request overlaps an existing grant")
)

Functions

This section is empty.

Types

type AHClient 

type AHClient interface {
	ahTypes.ClientWithResponsesInterface
}

type AccessRuleService 

type AccessRuleService interface {
	RequestArguments(ctx context.Context, accessRuleTarget rule.Target) (map[string]types.RequestArgument, error)
}

AccessRuleService can create and get rules

type AddReviewOpts 

type AddReviewOpts struct {
	ReviewerID      string
	ReviewerEmail   string
	ReviewerIsAdmin bool
	Reviewers       []access.Reviewer
	Decision        access.Decision
	// Comment is optional on a review
	Comment *string
	// OverrideTimings are optional overrides for the request timings
	OverrideTiming *access.Timing
	Request        access.Request
	AccessRule     rule.AccessRule
}

type AddReviewResult 

type AddReviewResult struct {
	// The updated request, after the review is complete.
	Request access.Request
}

type CacheService 

type CacheService interface {
	RefreshCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
	LoadCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
}

type CancelRequestOpts 

type CancelRequestOpts struct {
	CancellerID string
	RequestID   string
}

type CreateFavoriteOpts 

type CreateFavoriteOpts struct {
	User   identity.User
	Create types.CreateFavoriteRequest
}

type CreateRequest 

type CreateRequest struct {
	AccessRuleId string
	Reason       *string
	Timing       types.RequestTiming
	With         map[string]string
}

type CreateRequestResult 

type CreateRequestResult struct {
	Request   access.Request
	Reviewers []access.Reviewer
}

type CreateRequests 

type CreateRequests struct {
	AccessRuleId string
	Reason       *string
	Timing       types.RequestTiming
	With         *types.CreateRequestWithSubRequest
}

type CreateRequestsOpts 

type CreateRequestsOpts struct {
	User   identity.User
	Create CreateRequests
}

type EventPutter 

type EventPutter interface {
	Put(ctx context.Context, detail gevent.EventTyper) error
}

type InvalidStatusError 

type InvalidStatusError struct {
	Status access.Status
}

InvalidStatusError is returned if a user tries to review a request which wasn't PENDING.

func (InvalidStatusError) Error 

func (e InvalidStatusError) Error() string

type Service 

type Service struct {
	Clock       clock.Clock
	DB          ddb.Storage
	EventPutter EventPutter
	Cache       CacheService
	AHClient    AHClient
	Rules       AccessRuleService
	Workflow    Workflow
}

Service holds business logic relating to Access Requests.

func (*Service) AddReviewAndGrantAccess 

func (s *Service) AddReviewAndGrantAccess(ctx context.Context, opts AddReviewOpts) (*AddReviewResult, error)

AddReviewAndGrantAccess reviews a Request. It updates the status of the Request depending on the review decision. If the review approves access, access is granted.

func (*Service) CancelRequest 

func (s *Service) CancelRequest(ctx context.Context, opts CancelRequestOpts) error

CancelRequest cancels a request if it is in pending status. Returns an error if the request is invalid.

func (*Service) CreateFavorite 

func (s *Service) CreateFavorite(ctx context.Context, in CreateFavoriteOpts) (*access.Favorite, error)

CreateRequest creates a new request and saves it in the database. Returns an error if the request is invalid.

func (*Service) CreateRequests 

func (s *Service) CreateRequests(ctx context.Context, in CreateRequestsOpts) ([]CreateRequestResult, error)

CreateRequests splits the multi request into invividual request after checking for some basic validation errors individual requests may fail, these will be returned via a multi error and any requests which were successful will be returned as well so be sure to check both teh error and the response

func (*Service) UpdateFavorite 

func (s *Service) UpdateFavorite(ctx context.Context, in UpdateFavoriteOpts) (*access.Favorite, error)

UpdateFavorite validates the input then updates the favorite

type UpdateFavoriteOpts 

type UpdateFavoriteOpts struct {
	User     identity.User
	Favorite access.Favorite
	Update   types.CreateFavoriteRequest
}

type Workflow added in v0.15.0 

type Workflow interface {
	Grant(ctx context.Context, request access.Request, accessRule rule.AccessRule) (*access.Grant, error)
}

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.