repository

package
v0.0.0-...-2d73068 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2020 License: Apache-2.0 Imports: 19 Imported by: 19

Documentation

Overview

Package repository provides the wrappers for 'user' and 'identity' related database interactions.

Index

Constants

View Source 
const (
	// DefaultFeatureLevel the default feature level for users: `released`, which means that they don't have access to preproduction/unreleased features.
	DefaultFeatureLevel = "released" // the default value, which is also the default DB column value
)
View Source 
const (
	// DefaultIDP is the name of the main authentication / identity provider
	// TODO update the value to something other than "kc" - requires db migration
	DefaultIDP = "kc"
)

Variables

This section is empty.

Functions

func IdentityFilterByID 

func IdentityFilterByID(identityID uuid.UUID) func(db *gorm.DB) *gorm.DB

IdentityFilterByID is a gorm filter for Identity ID.

func IdentityFilterByProfileURL 

func IdentityFilterByProfileURL(profileURL string) func(db *gorm.DB) *gorm.DB

IdentityFilterByProfileURL is a gorm filter by 'profile_url'

func IdentityFilterByProviderType 

func IdentityFilterByProviderType(providerType string) func(db *gorm.DB) *gorm.DB

IdentityFilterByProviderType is a gorm filter by 'provider_type'

func IdentityFilterByUserID 

func IdentityFilterByUserID(userID uuid.UUID) func(db *gorm.DB) *gorm.DB

IdentityFilterByUserID is a gorm filter for a Belongs To relationship.

func IdentityFilterByUsername 

func IdentityFilterByUsername(username string) func(db *gorm.DB) *gorm.DB

IdentityFilterByUsername is a gorm filter by 'username'

func IdentityWithUser 

func IdentityWithUser() func(db *gorm.DB) *gorm.DB

IdentityWithUser is a gorm filter for preloading the User relationship.

func UserFilterByEmail 

func UserFilterByEmail(email string) func(db *gorm.DB) *gorm.DB

UserFilterByEmail is a gorm filter for User ID.

func UserFilterByEmailPrivacy 

func UserFilterByEmailPrivacy(privateEmails bool) func(db *gorm.DB) *gorm.DB

UserFilterByEmailPrivacy is to be used to filter only public or only private emails

func UserFilterByID 

func UserFilterByID(userID uuid.UUID) func(db *gorm.DB) *gorm.DB

UserFilterByID is a gorm filter for User ID.

func VerificationCodeFilterByCode 

func VerificationCodeFilterByCode(code string) func(db *gorm.DB) *gorm.DB

VerificationCodeFilterByCode is a gorm filter for a Belongs To relationship.

func VerificationCodeFilterByUserID 

func VerificationCodeFilterByUserID(userID uuid.UUID) func(db *gorm.DB) *gorm.DB

VerificationCodeFilterByUserID is a gorm filter for a Belongs To relationship.

func VerificationCodeWithUser 

func VerificationCodeWithUser() func(db *gorm.DB) *gorm.DB

VerificationCodeWithUser is a gorm filter for preloading the user relationship.

Types

type GormIdentityRepository 

type GormIdentityRepository struct {
	// contains filtered or unexported fields
}

GormIdentityRepository is the implementation of the storage interface for Identity.

func NewIdentityRepository 

func NewIdentityRepository(db *gorm.DB) *GormIdentityRepository

NewIdentityRepository creates a new storage type.

func (*GormIdentityRepository) AddMember 

func (m *GormIdentityRepository) AddMember(ctx context.Context, identityID uuid.UUID, memberID uuid.UUID) error

func (*GormIdentityRepository) BumpDeactivationSchedule 

func (m *GormIdentityRepository) BumpDeactivationSchedule(ctx context.Context, identityID uuid.UUID, scheduledTime time.Time) error

func (*GormIdentityRepository) CheckExists 

func (m *GormIdentityRepository) CheckExists(ctx context.Context, id string) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormIdentityRepository) Create 

func (m *GormIdentityRepository) Create(ctx context.Context, model *Identity) error

Create creates a new record.

func (*GormIdentityRepository) Delete 

func (m *GormIdentityRepository) Delete(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) error

Delete removes a single record. argument funcs can be used to add conditions dynamically to current database connection

func (*GormIdentityRepository) DeleteForResource 

func (m *GormIdentityRepository) DeleteForResource(ctx context.Context, resourceID string) error

func (*GormIdentityRepository) FindIdentitiesByResourceTypeWithParentResource 

func (m *GormIdentityRepository) FindIdentitiesByResourceTypeWithParentResource(ctx context.Context, resourceTypeID uuid.UUID, parentResourceID string) ([]Identity, error)

FindIdentitiesWithParentResource returns an array of Identity objects for which their corresponding resource is a child of the specified parent resource

func (*GormIdentityRepository) FindIdentityMemberships 

func (m *GormIdentityRepository) FindIdentityMemberships(ctx context.Context, identityID uuid.UUID, resourceType *string) ([]authorization.IdentityAssociation, error)

FindIdentityMemberships returns an array of Identity objects with the (optionally) specified resource type in which the specified Identity is a member

func (*GormIdentityRepository) First 

func (m *GormIdentityRepository) First(funcs ...func(*gorm.DB) *gorm.DB) (*Identity, error)

First returns the first Identity element that matches the given criteria

func (*GormIdentityRepository) FlagPrivilegeCacheStaleForMembershipChange 

func (m *GormIdentityRepository) FlagPrivilegeCacheStaleForMembershipChange(ctx context.Context, memberID uuid.UUID, memberOf uuid.UUID) error

FlagStaleForMembershipChange executes two update queries; the first sets the stale flag to true for all privilege cache records where the identity ID is equal to, or a descendent of (via memberships) the specified member ID, and the resourceID is contained in a set of resources for which there is an IDENTITY_ROLE record for the resource, or any of its descendent resources, and the IDENTITY_ROLE's identity is in the identity ancestor hierarchy specified by the memberOf parameter.

The second query updates the token table, setting the STALE flag of the token STATUS field to true, for all token records that are mapped to the corresponding privilege cache records in the first query, via the many-to-many TOKEN_PRIVILEGE table

func (*GormIdentityRepository) IsValid 

func (m *GormIdentityRepository) IsValid(ctx context.Context, id uuid.UUID) bool

IsValid returns true if the identity exists

func (*GormIdentityRepository) List 

func (m *GormIdentityRepository) List(ctx context.Context) ([]Identity, error)

List return all user identities

func (*GormIdentityRepository) ListIdentitiesToDeactivate 

func (m *GormIdentityRepository) ListIdentitiesToDeactivate(ctx context.Context, lastActivity, notification time.Time, whitelist []string, limit int) ([]Identity, error)

ListIdentitiesToDeactivate return identities whose last activity is older than the given one, and for whom there is a `deactivation_notification` value and who were not previously banned. The result size is limited to the given number of identities (ordered by last activity) if limit is a negative value (eg: '-1'), it is ignored

func (*GormIdentityRepository) ListIdentitiesToNotifyForDeactivation 

func (m *GormIdentityRepository) ListIdentitiesToNotifyForDeactivation(ctx context.Context, lastActivity time.Time, whitelist []string, limit int) ([]Identity, error)

ListIdentitiesToNotifyForDeactivation return identities whose last activity is older than the given one. The result size is limited to the given number of identities (ordered by last activity) if limit is a negative value (eg: '-1'), it is ignored

func (*GormIdentityRepository) Load 

func (m *GormIdentityRepository) Load(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) (*Identity, error)

Load returns a single Identity as a Database Model This is more for use internally, and probably not what you want in your controllers arguments funcs can be used to add conditions dynamically to current database connection

func (*GormIdentityRepository) LoadWithUser 

func (m *GormIdentityRepository) LoadWithUser(ctx context.Context, id uuid.UUID) (*Identity, error)

LoadWithUser loads an identity and the associated User Returns NotFoundError if either identity or user is not found

func (*GormIdentityRepository) Lookup 

func (m *GormIdentityRepository) Lookup(ctx context.Context, username, profileURL, providerType string) (*Identity, error)

Lookup looks for an existing identity with the given `profileURL` or creates a new one

func (*GormIdentityRepository) Query 

func (m *GormIdentityRepository) Query(funcs ...func(*gorm.DB) *gorm.DB) ([]Identity, error)

Query expose an open ended Query model

func (*GormIdentityRepository) RemoveMember 

func (m *GormIdentityRepository) RemoveMember(ctx context.Context, memberOf uuid.UUID, memberID uuid.UUID) error

RemoveMember removes an existing membership with the specified memberOf and memberID values

func (*GormIdentityRepository) Save 

func (m *GormIdentityRepository) Save(ctx context.Context, model *Identity) error

Save modifies a single record.

func (*GormIdentityRepository) Search 

func (m *GormIdentityRepository) Search(ctx context.Context, q string, start int, limit int) ([]Identity, int, error)

Search searches for Identities where FullName like %q% or users.email like %q% (but ignores private emails) or users.username like %q%

func (*GormIdentityRepository) TableName 

func (m *GormIdentityRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

func (*GormIdentityRepository) TouchLastActive 

func (m *GormIdentityRepository) TouchLastActive(ctx context.Context, identityID uuid.UUID) error

TouchLastActive is intended to be a lightweight method that updates the last active column for a specified identity to the current timestamp. Also, it resets the `deactivation_notification` timestamp so we can send another deactivation notification to the user if she is once again inactive in the future.

type GormUserRepository 

type GormUserRepository struct {
	// contains filtered or unexported fields
}

GormUserRepository is the implementation of the storage interface for User.

func (*GormUserRepository) CheckExists 

func (m *GormUserRepository) CheckExists(ctx context.Context, id string) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormUserRepository) Create 

func (m *GormUserRepository) Create(ctx context.Context, u *User) error

Create creates a new record.

func (*GormUserRepository) Delete 

func (m *GormUserRepository) Delete(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) error

Delete removes a single record. arguments funcs can be used to add conditions dynamically to current database connection

func (*GormUserRepository) List 

func (m *GormUserRepository) List(ctx context.Context) ([]User, error)

List return all users

func (*GormUserRepository) Load 

func (m *GormUserRepository) Load(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) (*User, error)

Load returns a single User as a Database Model This is more for use internally, and probably not what you want in your controllers arguments funcs can be used to add conditions dynamically to current database connection

func (*GormUserRepository) Query 

func (m *GormUserRepository) Query(funcs ...func(*gorm.DB) *gorm.DB) ([]User, error)

Query expose an open ended Query model

func (*GormUserRepository) Save 

func (m *GormUserRepository) Save(ctx context.Context, model *User) error

Save modifies a single record

func (*GormUserRepository) TableName 

func (m *GormUserRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type GormVerificationCodeRepository 

type GormVerificationCodeRepository struct {
	// contains filtered or unexported fields
}

GormVerificationCodeRepository is the implementation of the storage interface for VerificationCode.

func NewVerificationCodeRepository 

func NewVerificationCodeRepository(db *gorm.DB) *GormVerificationCodeRepository

NewVerificationCodeRepository creates a new storage type.

func (*GormVerificationCodeRepository) CheckExists 

func (m *GormVerificationCodeRepository) CheckExists(ctx context.Context, id string) error

CheckExists returns nil if the given ID exists otherwise returns an error

func (*GormVerificationCodeRepository) Create 

func (m *GormVerificationCodeRepository) Create(ctx context.Context, model *VerificationCode) error

Create creates a new record.

func (*GormVerificationCodeRepository) Delete 

func (m *GormVerificationCodeRepository) Delete(ctx context.Context, id uuid.UUID) error

Delete removes a single record. This is a hard delete!

func (*GormVerificationCodeRepository) Load 

func (m *GormVerificationCodeRepository) Load(ctx context.Context, id uuid.UUID) (*VerificationCode, error)

Load returns a single VerificationCode as a Database Model This is more for use internally, and probably not what you want in your controllers

func (*GormVerificationCodeRepository) LoadByCode 

func (m *GormVerificationCodeRepository) LoadByCode(ctx context.Context, code string) ([]VerificationCode, error)

LoadByCode loads result by filtering with respect to the verificate code.

func (*GormVerificationCodeRepository) Query 

func (m *GormVerificationCodeRepository) Query(funcs ...func(*gorm.DB) *gorm.DB) ([]VerificationCode, error)

Query expose an open ended Query model

func (*GormVerificationCodeRepository) Save 

func (m *GormVerificationCodeRepository) Save(ctx context.Context, model *VerificationCode) error

Save modifies a single record.

func (*GormVerificationCodeRepository) TableName 

func (m *GormVerificationCodeRepository) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type Identity 

type Identity struct {
	gormsupport.Lifecycle
	// This is the ID PK field. For identities provided by Keycloak this ID equals to the Keycloak. For other types of IDP (github, oso, etc) this ID is generated automatically
	ID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key"`
	// The username of the Identity
	Username string
	// Whether username has been updated.
	RegistrationCompleted bool `gorm:"column:registration_completed"`
	// ProviderType The type of provider, such as "keycloak", "github", "oso", etc
	ProviderType string `gorm:"column:provider_type"`
	// the URL of the profile on the remote work item service
	ProfileURL *string `gorm:"column:profile_url"`
	// Link to User
	UserID NullUUID `sql:"type:uuid"`
	User   User
	// Link to Resource
	IdentityResourceID sql.NullString
	IdentityResource   resource.Resource `gorm:"foreignkey:IdentityResourceID;association_foreignkey:ResourceID"`
	// Timestamp of the identity's last activity
	LastActive *time.Time
	// Timestamp of deactivation notification
	DeactivationNotification *time.Time `gorm:"column:deactivation_notification"`
	// Time of scheduled deactivation
	DeactivationScheduled *time.Time `gorm:"column:deactivation_scheduled"`
}

Identity describes a federated identity provided by Identity Provider (IDP) such as Keycloak, GitHub, OSO, etc. One User account can have many Identities

func (Identity) GetETagData 

func (m Identity) GetETagData() []interface{}

GetETagData returns the field values to use to generate the ETag

func (Identity) GetLastModified 

func (m Identity) GetLastModified() time.Time

GetLastModified returns the last modification time

func (Identity) IsUser 

func (m Identity) IsUser() bool

func (Identity) TableName 

func (m Identity) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type IdentityRepository 

type IdentityRepository interface {
	base.Exister
	Load(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) (*Identity, error)
	LoadWithUser(ctx context.Context, id uuid.UUID) (*Identity, error)
	Create(ctx context.Context, identity *Identity) error
	Lookup(ctx context.Context, username, profileURL, providerType string) (*Identity, error)
	Save(ctx context.Context, identity *Identity) error
	Delete(ctx context.Context, id uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) error
	DeleteForResource(ctx context.Context, resourceID string) error
	Query(funcs ...func(*gorm.DB) *gorm.DB) ([]Identity, error)
	List(ctx context.Context) ([]Identity, error)
	ListIdentitiesToNotifyForDeactivation(ctx context.Context, lastActivity time.Time, whitelist []string, limit int) ([]Identity, error)
	ListIdentitiesToDeactivate(ctx context.Context, lastActivity, notification time.Time, whitelist []string, limit int) ([]Identity, error)
	IsValid(context.Context, uuid.UUID) bool
	Search(ctx context.Context, q string, start int, limit int) ([]Identity, int, error)
	FindIdentityMemberships(ctx context.Context, identityID uuid.UUID, resourceType *string) ([]authorization.IdentityAssociation, error)
	FindIdentitiesByResourceTypeWithParentResource(ctx context.Context, resourceTypeID uuid.UUID, parentResourceID string) ([]Identity, error)
	AddMember(ctx context.Context, identityID uuid.UUID, memberID uuid.UUID) error
	RemoveMember(ctx context.Context, memberOf uuid.UUID, memberID uuid.UUID) error
	FlagPrivilegeCacheStaleForMembershipChange(ctx context.Context, memberID uuid.UUID, memberOf uuid.UUID) error
	TouchLastActive(ctx context.Context, identityID uuid.UUID) error
	BumpDeactivationSchedule(ctx context.Context, identityID uuid.UUID, scheduledTime time.Time) error
}

IdentityRepository represents the storage interface.

type Membership 

type Membership struct {
	MemberID uuid.UUID `sql:"type:uuid" gorm:"primary_key"`
	MemberOf uuid.UUID `sql:"type:uuid" gorm:"primary_key"`
}

func (Membership) TableName 

func (m Membership) TableName() string

type NullUUID 

type NullUUID struct {
	UUID  uuid.UUID
	Valid bool
}

NullUUID can be used with the standard sql package to represent a UUID value that can be NULL in the database

func (*NullUUID) Scan 

func (u *NullUUID) Scan(src interface{}) error

Scan implements the sql.Scanner interface.

func (NullUUID) Value 

func (u NullUUID) Value() (driver.Value, error)

Value implements the driver.Valuer interface.

type User 

type User struct {
	gormsupport.Lifecycle
	ID            uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key"` // This is the ID PK field
	Email         string    `sql:"unique_index"`
	EmailPrivate  bool
	EmailVerified bool   // The verification status of the updated email.
	FullName      string // The fullname of the User
	ImageURL      string // The image URL for the User
	Bio           string // The bio of the User
	URL           string // The URL of the User
	Company       string // The (optional) Company of the User
	FeatureLevel  string // the level of features that the user opted in (to access unreleased features). Defaults to `released` so no non-released feature is enabled for the user.
	Cluster       string // The OpenShift cluster allocated to the user.
	// Whether the user has been banned
	Deprovisioned      bool                       `gorm:"column:deprovisioned"` // for backward compatibility
	Banned             bool                       `gorm:"column:banned"`
	Active             bool                       `gorm:"column:active"`
	Identities         []Identity                 // has many Identities from different IDPs
	ContextInformation account.ContextInformation `sql:"type:jsonb"` // context information of the user activity
}

User describes a User account. A few identities can be associated with one user account

func (User) GetETagData 

func (m User) GetETagData() []interface{}

GetETagData returns the field values to use to generate the ETag

func (User) GetLastModified 

func (m User) GetLastModified() time.Time

GetLastModified returns the last modification time

func (User) TableName 

func (m User) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type UserRepository 

type UserRepository interface {
	repository.Exister
	Load(ctx context.Context, ID uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) (*User, error)
	Create(ctx context.Context, u *User) error
	Save(ctx context.Context, u *User) error
	List(ctx context.Context) ([]User, error)
	Delete(ctx context.Context, ID uuid.UUID, funcs ...func(*gorm.DB) *gorm.DB) error
	Query(funcs ...func(*gorm.DB) *gorm.DB) ([]User, error)
}

UserRepository represents the storage interface.

func NewUserRepository 

func NewUserRepository(db *gorm.DB) UserRepository

NewUserRepository creates a new storage type.

type VerificationCode 

type VerificationCode struct {
	gormsupport.Lifecycle
	ID     uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key"` // This is the ID PK field
	User   User
	UserID uuid.UUID `sql:"type:uuid"`

	Code string
}

func (VerificationCode) TableName 

func (m VerificationCode) TableName() string

TableName overrides the table name settings in Gorm to force a specific table name in the database.

type VerificationCodeRepository 

type VerificationCodeRepository interface {
	repository.Exister
	Load(ctx context.Context, id uuid.UUID) (*VerificationCode, error)
	LoadByCode(ctx context.Context, code string) ([]VerificationCode, error)
	Create(ctx context.Context, VerificationCode *VerificationCode) error
	Save(ctx context.Context, VerificationCode *VerificationCode) error
	Delete(ctx context.Context, id uuid.UUID) error
	Query(funcs ...func(*gorm.DB) *gorm.DB) ([]VerificationCode, error)
}

VerificationCodeRepository represents the storage interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.