access_provider

package
v0.64.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 16 Imported by: 3

Documentation

Index

Constants

View Source 
const (
	AccessProviderSyncService_CliVersionInformation_FullMethodName = "/access_provider.AccessProviderSyncService/CliVersionInformation"
	AccessProviderSyncService_SyncFromTarget_FullMethodName        = "/access_provider.AccessProviderSyncService/SyncFromTarget"
	AccessProviderSyncService_SyncToTarget_FullMethodName          = "/access_provider.AccessProviderSyncService/SyncToTarget"
	AccessProviderSyncService_SyncConfig_FullMethodName            = "/access_provider.AccessProviderSyncService/SyncConfig"
)
View Source 
const (
	/*
		The list of default access provider types
	*/
	Role   = "role"
	AclSet = "aclSet"
	Policy = "policy"
)
View Source 
const AccessSyncerName = "accessSyncer"

AccessSyncerName constant should not be used directly when implementing plugins. It's the registration name for the data access syncer plugin, used by the CLI and the cli-plugin-base library (RegisterPlugins function) to register the plugins.

Variables

View Source 
var AccessProviderSyncService_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "access_provider.AccessProviderSyncService",
	HandlerType: (*AccessProviderSyncServiceServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CliVersionInformation",
			Handler:    _AccessProviderSyncService_CliVersionInformation_Handler,
		},
		{
			MethodName: "SyncFromTarget",
			Handler:    _AccessProviderSyncService_SyncFromTarget_Handler,
		},
		{
			MethodName: "SyncToTarget",
			Handler:    _AccessProviderSyncService_SyncToTarget_Handler,
		},
		{
			MethodName: "SyncConfig",
			Handler:    _AccessProviderSyncService_SyncConfig_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "access_provider/access_provider.proto",
}

AccessProviderSyncService_ServiceDesc is the grpc.ServiceDesc for AccessProviderSyncService service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var File_access_provider_access_provider_proto protoreflect.FileDescriptor
View Source 
var MinimalCliVersion = semver.MustParse("0.47.0-dev1")

Functions

func RegisterAccessProviderSyncServiceServer added in v0.32.0 

func RegisterAccessProviderSyncServiceServer(s grpc.ServiceRegistrar, srv AccessProviderSyncServiceServer)

func WithSupportPartialSync added in v0.30.0 

func WithSupportPartialSync() func(config *AccessSyncConfig)

Types

type AccessProviderSyncServiceClient added in v0.32.0 

type AccessProviderSyncServiceClient interface {
	CliVersionInformation(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*version.CliBuildInformation, error)
	SyncFromTarget(ctx context.Context, in *AccessSyncFromTarget, opts ...grpc.CallOption) (*AccessSyncResult, error)
	SyncToTarget(ctx context.Context, in *AccessSyncToTarget, opts ...grpc.CallOption) (*AccessSyncResult, error)
	SyncConfig(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*AccessSyncConfig, error)
}

AccessProviderSyncServiceClient is the client API for AccessProviderSyncService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewAccessProviderSyncServiceClient added in v0.32.0 

func NewAccessProviderSyncServiceClient(cc grpc.ClientConnInterface) AccessProviderSyncServiceClient

type AccessProviderSyncServiceServer added in v0.32.0 

type AccessProviderSyncServiceServer interface {
	CliVersionInformation(context.Context, *emptypb.Empty) (*version.CliBuildInformation, error)
	SyncFromTarget(context.Context, *AccessSyncFromTarget) (*AccessSyncResult, error)
	SyncToTarget(context.Context, *AccessSyncToTarget) (*AccessSyncResult, error)
	SyncConfig(context.Context, *emptypb.Empty) (*AccessSyncConfig, error)
	// contains filtered or unexported methods
}

AccessProviderSyncServiceServer is the server API for AccessProviderSyncService service. All implementations must embed UnimplementedAccessProviderSyncServiceServer for forward compatibility

type AccessSyncConfig added in v0.15.0 

type AccessSyncConfig struct {

	// SupportPartialSync if true, syncing only out of sync access providers is allowed
	SupportPartialSync bool `protobuf:"varint,1,opt,name=support_partial_sync,json=supportPartialSync,proto3" json:"support_partial_sync,omitempty"`
	// contains filtered or unexported fields
}

AccessSyncConfig gives us information on how the CLI can sync access providers

func (*AccessSyncConfig) Descriptor deprecated added in v0.32.0 

func (*AccessSyncConfig) Descriptor() ([]byte, []int)

Deprecated: Use AccessSyncConfig.ProtoReflect.Descriptor instead.

func (*AccessSyncConfig) GetSupportPartialSync added in v0.32.0 

func (x *AccessSyncConfig) GetSupportPartialSync() bool

func (*AccessSyncConfig) ProtoMessage added in v0.32.0 

func (*AccessSyncConfig) ProtoMessage()

func (*AccessSyncConfig) ProtoReflect added in v0.32.0 

func (x *AccessSyncConfig) ProtoReflect() protoreflect.Message

func (*AccessSyncConfig) Reset added in v0.32.0 

func (x *AccessSyncConfig) Reset()

func (*AccessSyncConfig) String added in v0.32.0 

func (x *AccessSyncConfig) String() string

type AccessSyncFromTarget added in v0.20.0 

type AccessSyncFromTarget struct {
	ConfigMap *config.ConfigMap `protobuf:"bytes,1,opt,name=config_map,json=configMap,proto3" json:"config_map,omitempty"`
	// TargetFile points to the file where the plugin needs to export the access control naming.
	TargetFile                    string   `protobuf:"bytes,2,opt,name=target_file,json=targetFile,proto3" json:"target_file,omitempty"`
	Prefix                        string   `protobuf:"bytes,3,opt,name=prefix,proto3" json:"prefix,omitempty"`
	LockAllWho                    bool     `protobuf:"varint,4,opt,name=lock_all_who,json=lockAllWho,proto3" json:"lock_all_who,omitempty"`
	LockAllWhat                   bool     `protobuf:"varint,5,opt,name=lock_all_what,json=lockAllWhat,proto3" json:"lock_all_what,omitempty"`
	LockAllNames                  bool     `protobuf:"varint,6,opt,name=lock_all_names,json=lockAllNames,proto3" json:"lock_all_names,omitempty"`
	LockAllDelete                 bool     `protobuf:"varint,7,opt,name=lock_all_delete,json=lockAllDelete,proto3" json:"lock_all_delete,omitempty"`
	LockAllInheritance            bool     `protobuf:"varint,8,opt,name=lock_all_inheritance,json=lockAllInheritance,proto3" json:"lock_all_inheritance,omitempty"`
	MakeNotInternalizable         []string `` /* 126-byte string literal not displayed */
	LockAllOwners                 bool     `protobuf:"varint,10,opt,name=lock_all_owners,json=lockAllOwners,proto3" json:"lock_all_owners,omitempty"`
	LockWhoByName                 []string `protobuf:"bytes,11,rep,name=lock_who_by_name,json=lockWhoByName,proto3" json:"lock_who_by_name,omitempty"`
	LockWhoByTag                  []string `protobuf:"bytes,12,rep,name=lock_who_by_tag,json=lockWhoByTag,proto3" json:"lock_who_by_tag,omitempty"`
	LockWhoWhenIncomplete         bool     `` /* 130-byte string literal not displayed */
	LockWhatByName                []string `protobuf:"bytes,14,rep,name=lock_what_by_name,json=lockWhatByName,proto3" json:"lock_what_by_name,omitempty"`
	LockWhatByTag                 []string `protobuf:"bytes,15,rep,name=lock_what_by_tag,json=lockWhatByTag,proto3" json:"lock_what_by_tag,omitempty"`
	LockWhatWhenIncomplete        bool     `` /* 133-byte string literal not displayed */
	LockInheritanceByName         []string `` /* 129-byte string literal not displayed */
	LockInheritanceByTag          []string `` /* 126-byte string literal not displayed */
	LockInheritanceWhenIncomplete bool     `` /* 154-byte string literal not displayed */
	FullyLockAll                  bool     `protobuf:"varint,20,opt,name=fully_lock_all,json=fullyLockAll,proto3" json:"fully_lock_all,omitempty"`
	FullyLockByName               []string `protobuf:"bytes,21,rep,name=fully_lock_by_name,json=fullyLockByName,proto3" json:"fully_lock_by_name,omitempty"`
	FullyLockByTag                []string `protobuf:"bytes,22,rep,name=fully_lock_by_tag,json=fullyLockByTag,proto3" json:"fully_lock_by_tag,omitempty"`
	FullyLockWhenIncomplete       bool     `` /* 136-byte string literal not displayed */
	LockNamesByName               []string `protobuf:"bytes,24,rep,name=lock_names_by_name,json=lockNamesByName,proto3" json:"lock_names_by_name,omitempty"`
	LockNamesByTag                []string `protobuf:"bytes,25,rep,name=lock_names_by_tag,json=lockNamesByTag,proto3" json:"lock_names_by_tag,omitempty"`
	LockNamesWhenIncomplete       bool     `` /* 136-byte string literal not displayed */
	LockDeleteByName              []string `protobuf:"bytes,27,rep,name=lock_delete_by_name,json=lockDeleteByName,proto3" json:"lock_delete_by_name,omitempty"`
	LockDeleteByTag               []string `protobuf:"bytes,28,rep,name=lock_delete_by_tag,json=lockDeleteByTag,proto3" json:"lock_delete_by_tag,omitempty"`
	LockDeleteWhenIncomplete      bool     `` /* 139-byte string literal not displayed */
	// contains filtered or unexported fields
}

AccessSyncFromTarget contains all necessary configuration parameters to import Data from Raito into DS

func (*AccessSyncFromTarget) Descriptor deprecated added in v0.32.0 

func (*AccessSyncFromTarget) Descriptor() ([]byte, []int)

Deprecated: Use AccessSyncFromTarget.ProtoReflect.Descriptor instead.

func (*AccessSyncFromTarget) GetConfigMap added in v0.32.0 

func (x *AccessSyncFromTarget) GetConfigMap() *config.ConfigMap

func (*AccessSyncFromTarget) GetFullyLockAll added in v0.64.0 

func (x *AccessSyncFromTarget) GetFullyLockAll() bool

func (*AccessSyncFromTarget) GetFullyLockByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetFullyLockByName() []string

func (*AccessSyncFromTarget) GetFullyLockByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetFullyLockByTag() []string

func (*AccessSyncFromTarget) GetFullyLockWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetFullyLockWhenIncomplete() bool

func (*AccessSyncFromTarget) GetLockAllDelete added in v0.34.0 

func (x *AccessSyncFromTarget) GetLockAllDelete() bool

func (*AccessSyncFromTarget) GetLockAllInheritance added in v0.53.0 

func (x *AccessSyncFromTarget) GetLockAllInheritance() bool

func (*AccessSyncFromTarget) GetLockAllNames added in v0.34.0 

func (x *AccessSyncFromTarget) GetLockAllNames() bool

func (*AccessSyncFromTarget) GetLockAllOwners added in v0.61.0 

func (x *AccessSyncFromTarget) GetLockAllOwners() bool

func (*AccessSyncFromTarget) GetLockAllWhat added in v0.34.0 

func (x *AccessSyncFromTarget) GetLockAllWhat() bool

func (*AccessSyncFromTarget) GetLockAllWho added in v0.34.0 

func (x *AccessSyncFromTarget) GetLockAllWho() bool

func (*AccessSyncFromTarget) GetLockDeleteByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockDeleteByName() []string

func (*AccessSyncFromTarget) GetLockDeleteByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockDeleteByTag() []string

func (*AccessSyncFromTarget) GetLockDeleteWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockDeleteWhenIncomplete() bool

func (*AccessSyncFromTarget) GetLockInheritanceByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockInheritanceByName() []string

func (*AccessSyncFromTarget) GetLockInheritanceByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockInheritanceByTag() []string

func (*AccessSyncFromTarget) GetLockInheritanceWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockInheritanceWhenIncomplete() bool

func (*AccessSyncFromTarget) GetLockNamesByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockNamesByName() []string

func (*AccessSyncFromTarget) GetLockNamesByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockNamesByTag() []string

func (*AccessSyncFromTarget) GetLockNamesWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockNamesWhenIncomplete() bool

func (*AccessSyncFromTarget) GetLockWhatByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhatByName() []string

func (*AccessSyncFromTarget) GetLockWhatByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhatByTag() []string

func (*AccessSyncFromTarget) GetLockWhatWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhatWhenIncomplete() bool

func (*AccessSyncFromTarget) GetLockWhoByName added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhoByName() []string

func (*AccessSyncFromTarget) GetLockWhoByTag added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhoByTag() []string

func (*AccessSyncFromTarget) GetLockWhoWhenIncomplete added in v0.64.0 

func (x *AccessSyncFromTarget) GetLockWhoWhenIncomplete() bool

func (*AccessSyncFromTarget) GetMakeNotInternalizable added in v0.59.0 

func (x *AccessSyncFromTarget) GetMakeNotInternalizable() []string

func (*AccessSyncFromTarget) GetPrefix added in v0.32.0 

func (x *AccessSyncFromTarget) GetPrefix() string

func (*AccessSyncFromTarget) GetTargetFile added in v0.32.0 

func (x *AccessSyncFromTarget) GetTargetFile() string

func (*AccessSyncFromTarget) ProtoMessage added in v0.32.0 

func (*AccessSyncFromTarget) ProtoMessage()

func (*AccessSyncFromTarget) ProtoReflect added in v0.32.0 

func (x *AccessSyncFromTarget) ProtoReflect() protoreflect.Message

func (*AccessSyncFromTarget) Reset added in v0.32.0 

func (x *AccessSyncFromTarget) Reset()

func (*AccessSyncFromTarget) String added in v0.32.0 

func (x *AccessSyncFromTarget) String() string

type AccessSyncResult added in v0.15.0 

type AccessSyncResult struct {

	// Deprecated: Marked as deprecated in access_provider/access_provider.proto.
	Error               *error1.ErrorResult `protobuf:"bytes,1,opt,name=error,proto3" json:"error,omitempty"`
	AccessProviderCount int32               `protobuf:"varint,2,opt,name=access_provider_count,json=accessProviderCount,proto3" json:"access_provider_count,omitempty"`
	// contains filtered or unexported fields
}

AccessSyncResult represents the result from the data access sync process. A potential error is also modeled in here so specific errors remain intact when passed over RPC.

func (*AccessSyncResult) Descriptor deprecated added in v0.32.0 

func (*AccessSyncResult) Descriptor() ([]byte, []int)

Deprecated: Use AccessSyncResult.ProtoReflect.Descriptor instead.

func (*AccessSyncResult) GetAccessProviderCount added in v0.37.0 

func (x *AccessSyncResult) GetAccessProviderCount() int32

func (*AccessSyncResult) GetError deprecated added in v0.32.0 

func (x *AccessSyncResult) GetError() *error1.ErrorResult

Deprecated: Marked as deprecated in access_provider/access_provider.proto.

func (*AccessSyncResult) ProtoMessage added in v0.32.0 

func (*AccessSyncResult) ProtoMessage()

func (*AccessSyncResult) ProtoReflect added in v0.32.0 

func (x *AccessSyncResult) ProtoReflect() protoreflect.Message

func (*AccessSyncResult) Reset added in v0.32.0 

func (x *AccessSyncResult) Reset()

func (*AccessSyncResult) String added in v0.32.0 

func (x *AccessSyncResult) String() string

type AccessSyncToTarget added in v0.20.0 

type AccessSyncToTarget struct {
	ConfigMap *config.ConfigMap `protobuf:"bytes,1,opt,name=config_map,json=configMap,proto3" json:"config_map,omitempty"`
	// SourceFile points to the file containing the access controls that need to be pushed to the data source.
	SourceFile string `protobuf:"bytes,2,opt,name=source_file,json=sourceFile,proto3" json:"source_file,omitempty"`
	// FeedbackTargetFile points to the file where the plugin needs to export the access controls feedback to.
	FeedbackTargetFile string `protobuf:"bytes,3,opt,name=feedback_target_file,json=feedbackTargetFile,proto3" json:"feedback_target_file,omitempty"`
	Prefix             string `protobuf:"bytes,4,opt,name=prefix,proto3" json:"prefix,omitempty"`
	Test               string `protobuf:"bytes,5,opt,name=test,proto3" json:"test,omitempty"`
	// contains filtered or unexported fields
}

AccessSyncToTarget contains all necessary configuration parameters to export Data from Raito into DS

func (*AccessSyncToTarget) Descriptor deprecated added in v0.32.0 

func (*AccessSyncToTarget) Descriptor() ([]byte, []int)

Deprecated: Use AccessSyncToTarget.ProtoReflect.Descriptor instead.

func (*AccessSyncToTarget) GetConfigMap added in v0.32.0 

func (x *AccessSyncToTarget) GetConfigMap() *config.ConfigMap

func (*AccessSyncToTarget) GetFeedbackTargetFile added in v0.32.0 

func (x *AccessSyncToTarget) GetFeedbackTargetFile() string

func (*AccessSyncToTarget) GetPrefix added in v0.32.0 

func (x *AccessSyncToTarget) GetPrefix() string

func (*AccessSyncToTarget) GetSourceFile added in v0.32.0 

func (x *AccessSyncToTarget) GetSourceFile() string

func (*AccessSyncToTarget) GetTest added in v0.32.0 

func (x *AccessSyncToTarget) GetTest() string

func (*AccessSyncToTarget) ProtoMessage added in v0.32.0 

func (*AccessSyncToTarget) ProtoMessage()

func (*AccessSyncToTarget) ProtoReflect added in v0.32.0 

func (x *AccessSyncToTarget) ProtoReflect() protoreflect.Message

func (*AccessSyncToTarget) Reset added in v0.32.0 

func (x *AccessSyncToTarget) Reset()

func (*AccessSyncToTarget) String added in v0.32.0 

func (x *AccessSyncToTarget) String() string

type AccessSyncer added in v0.15.0 

type AccessSyncer interface {
	version.CliVersionHandler

	SyncFromTarget(ctx context.Context, config *AccessSyncFromTarget) (*AccessSyncResult, error)
	SyncToTarget(ctx context.Context, config *AccessSyncToTarget) (*AccessSyncResult, error)

	SyncConfig(ctx context.Context) (*AccessSyncConfig, error)
}

AccessSyncer interface needs to be implemented by any plugin that wants to sync access controls between Raito and the data source. This sync can be in the 2 directions or in just 1 depending on the parameters set in AccessSyncConfig.

type AccessSyncerPlugin added in v0.15.0 

type AccessSyncerPlugin struct {
	plugin.Plugin

	Impl AccessSyncer
}

AccessSyncerPlugin is used on the server (CLI) and client (plugin) side to integrate with the plugin system. A plugin should not be using this directly, but instead depend on the cli-plugin-base library to register the plugins.

func (AccessSyncerPlugin) GRPCClient added in v0.32.0 

func (AccessSyncerPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (interface{}, error)

func (AccessSyncerPlugin) GRPCServer added in v0.32.0 

func (p AccessSyncerPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error

type AccessSyncerVersionHandler added in v0.33.0 

type AccessSyncerVersionHandler struct {
}

func (*AccessSyncerVersionHandler) CliVersionInformation added in v0.33.0 

func (h *AccessSyncerVersionHandler) CliVersionInformation(ctx context.Context) (*version.CliBuildInformation, error)

type UnimplementedAccessProviderSyncServiceServer added in v0.32.0 

type UnimplementedAccessProviderSyncServiceServer struct {
}

UnimplementedAccessProviderSyncServiceServer must be embedded to have forward compatible implementations.

func (UnimplementedAccessProviderSyncServiceServer) CliVersionInformation added in v0.33.0 

func (UnimplementedAccessProviderSyncServiceServer) CliVersionInformation(context.Context, *emptypb.Empty) (*version.CliBuildInformation, error)

func (UnimplementedAccessProviderSyncServiceServer) SyncConfig added in v0.32.0 

func (UnimplementedAccessProviderSyncServiceServer) SyncConfig(context.Context, *emptypb.Empty) (*AccessSyncConfig, error)

func (UnimplementedAccessProviderSyncServiceServer) SyncFromTarget added in v0.32.0 

func (UnimplementedAccessProviderSyncServiceServer) SyncFromTarget(context.Context, *AccessSyncFromTarget) (*AccessSyncResult, error)

func (UnimplementedAccessProviderSyncServiceServer) SyncToTarget added in v0.32.0 

func (UnimplementedAccessProviderSyncServiceServer) SyncToTarget(context.Context, *AccessSyncToTarget) (*AccessSyncResult, error)

type UnsafeAccessProviderSyncServiceServer added in v0.32.0 

type UnsafeAccessProviderSyncServiceServer interface {
	// contains filtered or unexported methods
}

UnsafeAccessProviderSyncServiceServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to AccessProviderSyncServiceServer will result in compilation errors.

Source Files

View all Source files

Directories

Path Synopsis
Package sync_from_target provides the tooling to build the file to export access providers from the data source to be imported into Raito.
 Package sync_from_target provides the tooling to build the file to export access providers from the data source to be imported into Raito.
mocks
mocks
naming_hint

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.