Documentation
¶
Overview ¶
Package regosql converts rego queries into SQL WHERE clauses. This is so the rego queries can be used to filter the results of a SQL query.
Index ¶
- func AuditLogConverter() *sqltypes.VariableConverter
- func ConnectionLogConverter() *sqltypes.VariableConverter
- func ConvertRegoAst(cfg ConvertConfig, partial *rego.PartialQueries) (sqltypes.BooleanNode, error)
- func DefaultVariableConverter() *sqltypes.VariableConverter
- func NoACLConverter() *sqltypes.VariableConverter
- func TemplateConverter() *sqltypes.VariableConverter
- func UserConverter() *sqltypes.VariableConverter
- func WorkspaceConverter() *sqltypes.VariableConverter
- type ACLMappingVar
- func (g ACLMappingVar) ContainsSQL(cfg *sqltypes.SQLGenerator, other sqltypes.Node) (string, error)
- func (g ACLMappingVar) ConvertVariable(rego ast.Ref) (sqltypes.Node, bool)
- func (g ACLMappingVar) SQLString(cfg *sqltypes.SQLGenerator) string
- func (ACLMappingVar) UseAs() sqltypes.Node
- func (g ACLMappingVar) UsingSubfield(subfield string) ACLMappingVar
- type ConvertConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuditLogConverter ¶ added in v2.14.0
func AuditLogConverter() *sqltypes.VariableConverter
func ConnectionLogConverter ¶ added in v2.25.0
func ConnectionLogConverter() *sqltypes.VariableConverter
func ConvertRegoAst ¶
func ConvertRegoAst(cfg ConvertConfig, partial *rego.PartialQueries) (sqltypes.BooleanNode, error)
ConvertRegoAst converts partial rego queries into a single SQL where clause. If the query equates to "true" then the user should have access.
func DefaultVariableConverter ¶
func DefaultVariableConverter() *sqltypes.VariableConverter
func NoACLConverter ¶
func NoACLConverter() *sqltypes.VariableConverter
NoACLConverter should be used when the target SQL table does not contain group or user ACL columns.
func TemplateConverter ¶
func TemplateConverter() *sqltypes.VariableConverter
func UserConverter ¶
func UserConverter() *sqltypes.VariableConverter
func WorkspaceConverter ¶ added in v2.8.0
func WorkspaceConverter() *sqltypes.VariableConverter
Types ¶
type ACLMappingVar ¶ added in v2.26.0
type ACLMappingVar struct { // SelectSQL is used to `SELECT` the ACL mapping from the table for the // given resource. ie. if the full query might look like `SELECT group_acl // FROM things;` then you would want this to be `"group_acl"`. SelectSQL string // IndexMatcher handles variable references when indexing into the mapping. // (ie. `input.object.acl_group_list[input.object.org_owner]`). We need one // from the local context because the global one might not be correctly // scoped. IndexMatcher sqltypes.VariableMatcher // Used if the action list isn't directly in the ACL entry. For example, in // the `workspaces.group_acl` and `workspaces.user_acl` columns they're stored // under a `"permissions"` key. Subfield string // StructPath represents the path of the value in rego // ie. input.object.group_acl -> ["input", "object", "group_acl"] StructPath []string // Instance fields Source sqltypes.RegoSource GroupNode sqltypes.Node }
ACLMappingVar is a variable matcher that matches ACL map variables to their SQL storage. Usually the actual backing implementation is a pair of `jsonb` columns named `group_acl` and `user_acl`. Each column contains an object that looks like...
```json
{ "<actor_id>": ["<action>", "<action>"] }
```
func ACLMappingMatcher ¶ added in v2.26.0
func ACLMappingMatcher(indexMatcher sqltypes.VariableMatcher, selectSQL string, structPath []string) ACLMappingVar
func (ACLMappingVar) ContainsSQL ¶ added in v2.26.0
func (g ACLMappingVar) ContainsSQL(cfg *sqltypes.SQLGenerator, other sqltypes.Node) (string, error)
func (ACLMappingVar) ConvertVariable ¶ added in v2.26.0
func (ACLMappingVar) SQLString ¶ added in v2.26.0
func (g ACLMappingVar) SQLString(cfg *sqltypes.SQLGenerator) string
func (ACLMappingVar) UseAs ¶ added in v2.26.0
func (ACLMappingVar) UseAs() sqltypes.Node
func (ACLMappingVar) UsingSubfield ¶ added in v2.26.0
func (g ACLMappingVar) UsingSubfield(subfield string) ACLMappingVar
type ConvertConfig ¶
type ConvertConfig struct { // VariableConverter is called each time a var is encountered. This creates // the SQL ast for the variable. Without this, the SQL generator does not // know how to convert rego variables into SQL columns. VariableConverter sqltypes.VariableMatcher }
ConvertConfig is required to generate SQL from the rego queries.