UNPKG

sqlauthz

Version:

Declarative permission management for PostgreSQL

github.com/cfeenstra67/sqlauthz

cfeenstra67/sqlauthz

60 lines (59 loc) 2.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import { Oso } from "oso"; import { SQLEntities } from "./backend.js"; import { Value } from "./clause.js"; import { LiteralsContext } from "./oso.js"; import { Permission, SQLActor } from "./sql.js"; export interface ConvertPermissionSuccess<P extends Permission = Permission> { type: "success"; permissions: P[]; } export interface ConvertPermissionError { type: "error"; errors: string[]; } export type ConvertPermissionResult<P extends Permission = Permission> = ConvertPermissionSuccess<P> | ConvertPermissionError; export interface ConvertPermissionArgs { result: Map<string, unknown>; entities: SQLEntities; allowAnyActor?: boolean; strictFields?: boolean; debug?: boolean; literals: Map<string, Value>; } export declare function convertPermission({ result, entities, allowAnyActor, strictFields, debug, literals, }: ConvertPermissionArgs): ConvertPermissionResult; export interface ParsePermissionsArgs { oso: Oso; entities: SQLEntities; allowAnyActor?: boolean; strictFields?: boolean; debug?: boolean; literalsContext: LiteralsContext; } export declare function parsePermissions({ oso, entities, allowAnyActor, strictFields, debug, literalsContext, }: ParsePermissionsArgs): Promise<ConvertPermissionResult>; export declare function deduplicatePermissions(permissions: Permission[]): Permission[]; export interface UserRevokePolicyAll { type: "all"; } export interface UserRevokePolicyReferenced { type: "referenced"; } export interface UserRevokePolicyExplicit { type: "users"; users: string[]; } export type UserRevokePolicy = UserRevokePolicyAll | UserRevokePolicyReferenced | UserRevokePolicyExplicit; export interface GetRevokeActorsArgs { userRevokePolicy?: UserRevokePolicy; permissions: Permission[]; entities: SQLEntities; } export interface GetRevokeActorsSuccessResult { type: "success"; users: SQLActor[]; } export interface GetRevokeActorsErrorResult { type: "error"; errors: string[]; } export type GetRevokeActorsResult = GetRevokeActorsSuccessResult | GetRevokeActorsErrorResult; export declare function getRevokeActors({ userRevokePolicy, permissions, entities, }: GetRevokeActorsArgs): GetRevokeActorsResult;