Documentation
¶
Overview ¶
Package regosql converts rego queries into SQL WHERE clauses. This is so the rego queries can be used to filter the results of a SQL query.
Index ¶
- func AIBridgeInterceptionConverter() *sqltypes.VariableConverter
- func AuditLogConverter() *sqltypes.VariableConverter
- func ConnectionLogConverter() *sqltypes.VariableConverter
- func ConvertRegoAst(cfg ConvertConfig, partial *rego.PartialQueries) (sqltypes.BooleanNode, error)
- func DefaultVariableConverter() *sqltypes.VariableConverter
- func NoACLConverter() *sqltypes.VariableConverter
- func TemplateConverter() *sqltypes.VariableConverter
- func UserConverter() *sqltypes.VariableConverter
- func WorkspaceConverter() *sqltypes.VariableConverter
- type ACLMappingVar
- func (g ACLMappingVar) ContainsSQL(cfg *sqltypes.SQLGenerator, other sqltypes.Node) (string, error)
- func (g ACLMappingVar) ConvertVariable(rego ast.Ref) (sqltypes.Node, bool)
- func (g ACLMappingVar) SQLString(cfg *sqltypes.SQLGenerator) string
- func (ACLMappingVar) UseAs() sqltypes.Node
- func (g ACLMappingVar) UsingSubfield(subfield string) ACLMappingVar
- type ConvertConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AIBridgeInterceptionConverter ¶ added in v2.27.0
func AIBridgeInterceptionConverter() *sqltypes.VariableConverter
func AuditLogConverter ¶ added in v2.14.0
func AuditLogConverter() *sqltypes.VariableConverter
func ConnectionLogConverter ¶ added in v2.25.0
func ConnectionLogConverter() *sqltypes.VariableConverter
func ConvertRegoAst ¶
func ConvertRegoAst(cfg ConvertConfig, partial *rego.PartialQueries) (sqltypes.BooleanNode, error)
ConvertRegoAst converts partial rego queries into a single SQL where clause. If the query equates to "true" then the user should have access.
func DefaultVariableConverter ¶
func DefaultVariableConverter() *sqltypes.VariableConverter
func NoACLConverter ¶
func NoACLConverter() *sqltypes.VariableConverter
NoACLConverter should be used when the target SQL table does not contain group or user ACL columns.
func TemplateConverter ¶
func TemplateConverter() *sqltypes.VariableConverter
func UserConverter ¶
func UserConverter() *sqltypes.VariableConverter
func WorkspaceConverter ¶ added in v2.8.0
func WorkspaceConverter() *sqltypes.VariableConverter
Types ¶
type ACLMappingVar ¶ added in v2.26.0
type ACLMappingVar struct {
// SelectSQL is used to `SELECT` the ACL mapping from the table for the
// given resource. ie. if the full query might look like `SELECT group_acl
// FROM things;` then you would want this to be `"group_acl"`.
SelectSQL string
// IndexMatcher handles variable references when indexing into the mapping.
// (ie. `input.object.acl_group_list[input.object.org_owner]`). We need one
// from the local context because the global one might not be correctly
// scoped.
IndexMatcher sqltypes.VariableMatcher
// Used if the action list isn't directly in the ACL entry. For example, in
// the `workspaces.group_acl` and `workspaces.user_acl` columns they're stored
// under a `"permissions"` key.
Subfield string
// StructPath represents the path of the value in rego
// ie. input.object.group_acl -> ["input", "object", "group_acl"]
StructPath []string
// Instance fields
Source sqltypes.RegoSource
GroupNode sqltypes.Node
}
ACLMappingVar is a variable matcher that matches ACL map variables to their SQL storage. Usually the actual backing implementation is a pair of `jsonb` columns named `group_acl` and `user_acl`. Each column contains an object that looks like...
```json
{
"<actor_id>": ["<action>", "<action>"]
}
```
func ACLMappingMatcher ¶ added in v2.26.0
func ACLMappingMatcher(indexMatcher sqltypes.VariableMatcher, selectSQL string, structPath []string) ACLMappingVar
func (ACLMappingVar) ContainsSQL ¶ added in v2.26.0
func (g ACLMappingVar) ContainsSQL(cfg *sqltypes.SQLGenerator, other sqltypes.Node) (string, error)
func (ACLMappingVar) ConvertVariable ¶ added in v2.26.0
func (ACLMappingVar) SQLString ¶ added in v2.26.0
func (g ACLMappingVar) SQLString(cfg *sqltypes.SQLGenerator) string
func (ACLMappingVar) UseAs ¶ added in v2.26.0
func (ACLMappingVar) UseAs() sqltypes.Node
func (ACLMappingVar) UsingSubfield ¶ added in v2.26.0
func (g ACLMappingVar) UsingSubfield(subfield string) ACLMappingVar
type ConvertConfig ¶
type ConvertConfig struct {
// VariableConverter is called each time a var is encountered. This creates
// the SQL ast for the variable. Without this, the SQL generator does not
// know how to convert rego variables into SQL columns.
VariableConverter sqltypes.VariableMatcher
}
ConvertConfig is required to generate SQL from the rego queries.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.