opa

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2023 License: Apache-2.0 Imports: 12 Imported by: 1

Documentation

Overview

Package opa provides a high-level client for using embedded Rego policies with OPA

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Modules 

func Modules(modules ...Module) func(r *rego.Rego)

func NewOptimizedQuery 

func NewOptimizedQuery(
	ctx context.Context, query string, options ...func(r *rego.Rego),
) (rego.PartialResult, error)

func NewPartialEvalQuery 

func NewPartialEvalQuery(
	ctx context.Context, query string, unknowns []string, options ...func(r *rego.Rego),
) (rego.PreparedPartialQuery, error)

func ParseExpression 

func ParseExpression(
	expr *ast.Expr, dbName string,
) (selection selectionExpression, err error)

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(entryPackage string, options ...func(r *rego.Rego)) (*Client, error)

func (*Client) EvalAllow 

func (c *Client) EvalAllow(
	ctx context.Context, input map[string]interface{},
) (allow bool, err error)

func (*Client) EvalAllowContextual 

func (c *Client) EvalAllowContextual(
	ctx context.Context, input map[string]interface{},
) (allow bool, remainingQueries []ast.Body, err error)

func (*Client) EvalError 

func (c *Client) EvalError(
	ctx context.Context, input map[string]interface{},
) (authzErr error, evalErr error)

type ExistsConjunction 

type ExistsConjunction []ExistsExpression

func ParseQuery 

func ParseQuery(
	query ast.Body, dbName string,
) (conjunction ExistsConjunction, err error)

func (ExistsConjunction) NamedParams 

func (c ExistsConjunction) NamedParams() map[string]interface{}

func (ExistsConjunction) String 

func (c ExistsConjunction) String() string

type ExistsConjunctionDisjunction 

type ExistsConjunctionDisjunction []ExistsConjunction

func ParseQueries 

func ParseQueries(
	queries []ast.Body, dbName string,
) (disjunction ExistsConjunctionDisjunction, err error)

func (ExistsConjunctionDisjunction) NamedParams 

func (d ExistsConjunctionDisjunction) NamedParams() map[string]interface{}

func (ExistsConjunctionDisjunction) String 

func (d ExistsConjunctionDisjunction) String() string

type ExistsDNFStatement 

type ExistsDNFStatement struct {
	// A select statement in disjunctive normal form
	Disjunction ExistsConjunctionDisjunction
	ResultName  string
}

func (ExistsDNFStatement) NamedParams 

func (s ExistsDNFStatement) NamedParams() map[string]interface{}

func (ExistsDNFStatement) String 

func (s ExistsDNFStatement) String() string

type ExistsExpression 

type ExistsExpression struct {
	Selection SelectionStatement
}

func (ExistsExpression) NamedParams 

func (s ExistsExpression) NamedParams() map[string]interface{}

func (ExistsExpression) String 

func (s ExistsExpression) String() string

type Input 

type Input struct {
	Resource  Resource
	Operation Operation
	Subject   Subject
	Context   interface{}
}

func (Input) Map 

func (i Input) Map() map[string]interface{}

type Module 

type Module struct {
	Filename string
	Contents string
}

func CollectModules 

func CollectModules(modules ...[]Module) (collected []Module)

func FSModules 

func FSModules(fsys fs.FS, filePrefix string) ([]Module, error)

func RegoModules 

func RegoModules() []Module

func (Module) WriteFile 

func (m Module) WriteFile(parent string, perm os.FileMode) (n int, err error)

type Operation 

type Operation struct {
	Method string
	Params interface{}
}

func NewOperation 

func NewOperation(method string, params interface{}) Operation

func (Operation) Map 

func (o Operation) Map() map[string]interface{}

type Resource 

type Resource struct {
	URI       string
	ParsedURI *url.URL
}

func NewResource 

func NewResource(uri string) Resource

func (Resource) Map 

func (r Resource) Map() map[string]interface{}

type SQLiteTranspiler 

type SQLiteTranspiler struct {
	DBName string
}

func NewSQLiteTranspiler 

func NewSQLiteTranspiler(dbName string) SQLiteTranspiler

func (SQLiteTranspiler) Parse 

func (t SQLiteTranspiler) Parse(queries []ast.Body) (statement ExistsDNFStatement, err error)

type SelectionStatement 

type SelectionStatement struct {
	Table            string
	Columns          string
	WhereConjunction []WhereClause
}

func (SelectionStatement) NamedParams 

func (s SelectionStatement) NamedParams() map[string]interface{}

func (SelectionStatement) String 

func (s SelectionStatement) String() string

type Statement 

type Statement interface {
	String() string
	NamedParams() map[string]interface{}
}

type Subject 

type Subject struct {
	Identity      string
	Authenticated bool
	Metadata      interface{}
}

func NewSubject 

func NewSubject(identity string, authenticated bool) Subject

func (Subject) Map 

func (s Subject) Map() map[string]interface{}

type WhereClause 

type WhereClause struct {
	ID       string
	Column   string // LHS
	Operator string
	Value    interface{} // RHS
}

func (WhereClause) NamedParams 

func (c WhereClause) NamedParams() map[string]interface{}

func (WhereClause) ParamName 

func (c WhereClause) ParamName() string

func (WhereClause) String 

func (c WhereClause) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.