Documentation
¶
Index ¶
- Constants
- Variables
- func BuildCommonConfig(config *RunbookRepositoryConfig) (*commonRunbooks.Config, error)
- func CountAccessRequestRules(db *gorm.DB, orgID uuid.UUID) (int64, error)
- func CreateAccessRequestRule(db *gorm.DB, accessRequestRules *AccessRequestRule) error
- func CreateAgent(orgID, name, mode, secretKeyHash string) error
- func CreateAgentOrgKey(orgID, name, mode, key, secretKeyHash string) error
- func CreateAudit(orgID, event, createdBy string, metadata map[string]any) error
- func CreateConnectionTag(obj *ConnectionTag) error
- func CreateDBRoleJob(obj *DBRole) error
- func CreateGuardRailRules(rule *GuardRailRules) error
- func CreateJiraIssueTemplates(issue *JiraIssueTemplate) error
- func CreateLogin(login *Login) error
- func CreateReview(rev *Review, input string) error
- func CreateRunbookConfigurationEntry(db *gorm.DB, orgID, repositoryKey string, newConfig *RunbookRepositoryConfig) error
- func CreateServerSharedSigningKey(encB64Key string) error
- func CreateServiceAccount(sa *ServiceAccount) error
- func CreateUser(user User) error
- func CreateUserGroupWithoutUser(orgID string, name string) error
- func DeleteAccessRequestRuleByName(db *gorm.DB, name string, orgID uuid.UUID) error
- func DeleteAgentByNameOrID(orgID, nameOrID string) error
- func DeleteConnection(orgID, name string) error
- func DeleteDataMaskingRule(orgID, ruleID string) error
- func DeleteGuardRailRules(orgID, ruleID string) error
- func DeleteJiraIssueTemplates(orgID, id string) error
- func DeletePlugin(db *gorm.DB, plugin *Plugin) error
- func DeletePluginConnection(orgID, pluginName, connID string) error
- func DeleteResource(db *gorm.DB, orgID, name string) error
- func DeleteRunbookConfigurationByOrgID(db *gorm.DB, orgID string) error
- func DeleteRunbookConfigurationEntry(db *gorm.DB, orgID, id string) error
- func DeleteRunbookRule(db *gorm.DB, orgID, ruleID string) error
- func DeleteUser(orgID, subject string) error
- func DeleteUserGroup(orgID string, name string) error
- func GetDataMaskingEntityTypes(orgID, connID string) (json.RawMessage, error)
- func GetJiraIssueTemplatesByID(orgID, id string) (*JiraIssueTemplate, *JiraIntegration, error)
- func GetSessionJiraIssueByID(orgID, sid string) (string, error)
- func GetSharedSigningKey() (string, error)
- func IncrementSessionAnalyzedMetrics(db *gorm.DB, sessionID string, analyzedMetrics map[string]int64) error
- func IncrementSessionMaskedMetrics(db *gorm.DB, sessionID string, maskedMetrics map[string]int64) error
- func InitDatabaseConnection() error
- func InsertUserGroups(userGroups []UserGroup) error
- func IsFeatureAskAiEnabled(orgID string) (bool, error)
- func IsUserAllowedToRunRunbook(orgId, connection, runbookRepository, runbookName string, userGroups []string) (bool, error)
- func ListConnectionsNameForRunbooks(db *gorm.DB, orgID string) ([]string, error)
- func ListReviews(orgID string) (*[]Review, error)
- func RotateAgentSecretKey(orgID, nameOrID, secretKeyHash string) error
- func SetSessionMetricsEndedAt(db *gorm.DB, sessionID string) error
- func UpdateAccessRequestRule(db *gorm.DB, accessRequestRules *AccessRequestRule) error
- func UpdateAgentStatus(orgID, agentID string, status AgentStatusType, metadata map[string]string) error
- func UpdateAllAgentsToOffline() error
- func UpdateConnectionStatusByName(orgID, connectionName, status string) error
- func UpdateConnectionTagValue(orgID, id, val string) error
- func UpdateGuardRailRules(r *GuardRailRules) error
- func UpdateJiraIssueTemplates(issue *JiraIssueTemplate) error
- func UpdateLoginOutcome(stateID, outcome string) error
- func UpdateOrgLicense(orgID string, licenseDataJSON []byte) error
- func UpdateReview(rev *Review) error
- func UpdateReviewStatus(orgID, id string, status ReviewStatusType) error
- func UpdateRunbookConfigurationEntry(db *gorm.DB, orgID, repositoryKey string, newConfig *RunbookRepositoryConfig) error
- func UpdateServiceAccount(sa *ServiceAccount) error
- func UpdateSessionAnalyzerMetrics(orgID, sid string, metrics map[string]int64) error
- func UpdateSessionEventStream(sess SessionDone) error
- func UpdateSessionInput(orgID, sid, blobInput string) error
- func UpdateSessionIntegrationMetadata(orgID, sid string, metadata map[string]any) error
- func UpdateSessionMetadata(orgID, userEmail, sid string, metadata map[string]any) error
- func UpdateUser(user *User) error
- func UpdateUserAndUserGroups(user *User, userGroups []UserGroup) error
- func UpsertBatchConnectionTags(items []ConnectionTag) error
- func UpsertBatchConnections(db *gorm.DB, connections []*Connection) error
- func UpsertEnvVar(db *gorm.DB, env *EnvVar) error
- func UpsertGuardRailRuleWithConnections(rule *GuardRailRules, connectionIDs []string, isNew bool) error
- func UpsertPlugin(plugin *Plugin) error
- func UpsertProxyManagerState(obj *ProxyManagerState) error
- func UpsertResource(db *gorm.DB, resource *Resources, updateDependentTables bool) error
- func UpsertRunbookConfiguration(db *gorm.DB, runbooks *Runbooks) error
- func UpsertRunbookRule(db *gorm.DB, rule *RunbookRules) error
- func UpsertSession(sess Session) error
- func UpsertUserToken(db *gorm.DB, userID string, token string) error
- func UpsertUserV2(user *UserV2) error
- type AWSDBRoleSpec
- type AccessRequestRule
- func GetAccessRequestRuleByName(db *gorm.DB, name string, orgID uuid.UUID) (*AccessRequestRule, error)
- func GetAccessRequestRuleByResourceNameAndAccessType(db *gorm.DB, orgID uuid.UUID, resourceName, accessType string) (*AccessRequestRule, error)
- func GetAccessRequestRuleByResourceNamesAndAccessType(db *gorm.DB, orgID uuid.UUID, resourceName []string, accessType string) (*AccessRequestRule, error)
- func GetConnectionAccessRequestRules(db *gorm.DB, orgID uuid.UUID, connectionName string) ([]AccessRequestRule, error)
- func ListAccessRequestRules(db *gorm.DB, orgID uuid.UUID, opts AccessRequestRulesFilterOption) ([]AccessRequestRule, int64, error)
- type AccessRequestRulesFilterOption
- type Agent
- type AgentStatusType
- type Audit
- type Blob
- type BlobInputType
- type CmdbType
- type Connection
- func GetBareConnectionByNameOrID(ctx UserContext, nameOrID string, tx *gorm.DB) (*Connection, error)
- func GetConnectionByNameOrID(ctx UserContext, nameOrID string) (*Connection, error)
- func GetResourceConnections(db *gorm.DB, orgID, resourceName string) ([]Connection, error)
- func ListConnections(ctx UserContext, opts ConnectionFilterOption) ([]Connection, error)
- func ListConnectionsPaginated(orgID string, userGroups []string, opts ConnectionPaginationOption) ([]Connection, int64, error)
- func SearchConnectionsBySimilarity(orgID string, userGroups []string, searchTerm string) ([]Connection, error)
- func UpsertConnection(ctx UserContext, c *Connection) (*Connection, error)
- type ConnectionCredentials
- func CreateConnectionCredentials(db *ConnectionCredentials) (*ConnectionCredentials, error)
- func GetConnectionByTypeAndID(connectionType, id string) (*ConnectionCredentials, error)
- func GetConnectionCredentialsByID(orgID, id string) (*ConnectionCredentials, error)
- func GetValidConnectionCredentialsBySecretKey(connectionTypes []string, secretKeyHash string) (*ConnectionCredentials, error)
- type ConnectionFilterOption
- type ConnectionGuardRailRules
- type ConnectionJiraIssueTemplateTypes
- type ConnectionPaginationOption
- type ConnectionTag
- type Context
- type CustomEntityTypesEntry
- type CustomEntityTypesList
- type DBRole
- type DBRoleStatus
- type DBRoleStatusResult
- type DBRoleStatusResultCredentialsInfo
- type DataMaskingRule
- type DataMaskingRuleConnection
- type EnvVar
- type EnvVars
- type ErrNotFoundGuardRailRules
- type GuardRailConnection
- type GuardRailRules
- type HookStatus
- type HttpProxyServerConfig
- type JiraIntegration
- type JiraIntegrationStatus
- type JiraIssueTemplate
- type Login
- type MappingType
- type Organization
- func CreateOrgGetOrganization(name string, licenseDataJSON []byte) (*Organization, bool, error)
- func CreateOrganization(name string, licenseDataJSON []byte) (*Organization, error)
- func GetOrganizationByNameOrID(nameOrID string) (*Organization, error)
- func ListAllOrganizations() ([]Organization, error)
- type Plugin
- type PluginConnection
- type PostgresServerConfig
- type PromptType
- type ProxyManagerState
- type ProxyManagerStatusType
- type RDPServerConfig
- type ResourceFilterOption
- type Resources
- type Review
- type ReviewGroups
- type ReviewJit
- type ReviewStatusType
- type ReviewTimeWindow
- type ReviewType
- type RunbookRepositoryConfig
- type RunbookRuleFile
- type RunbookRuleFiles
- type RunbookRules
- type Runbooks
- type SSHServerConfig
- type ServerAuthConfig
- type ServerAuthOidcConfig
- type ServerAuthSamlConfig
- type ServerMiscConfig
- type ServiceAccount
- type Session
- type SessionDone
- type SessionList
- type SessionMetrics
- type SessionMetricsAggregatedResult
- type SessionMetricsFilter
- type SessionMetricsQueryResult
- type SessionOption
- type SessionReport
- type SessionReportItem
- type SessionReview
- type SupportedEntityTypesEntry
- type SupportedEntityTypesList
- type User
- func GetInvitedUserByEmail(email string) (*User, error)
- func GetUserByEmail(email string) (*User, error)
- func GetUserByEmailAndOrg(email, orgID string) (*User, error)
- func GetUserByOrgIDAndSlackID(orgID, slackID string) (*User, error)
- func GetUserBySubjectAndOrg(subject, orgID string) (*User, error)
- func ListUsers(orgID string) ([]User, error)
- type UserContext
- type UserGroup
- type UserToken
- type UserV2
Constants ¶
View Source
const ( FeatureAskAiEnabled string = "feature-ask-ai-enabled" FeatureAskAiDisabled string = "feature-ask-ai-disabled" )
View Source
const ( ConnectionStatusOnline string = "online" ConnectionStatusOffline string = "offline" )
View Source
const ( ReviewStatusPending ReviewStatusType = "PENDING" ReviewStatusApproved ReviewStatusType = "APPROVED" ReviewStatusRejected ReviewStatusType = "REJECTED" ReviewStatusRevoked ReviewStatusType = "REVOKED" ReviewStatusProcessing ReviewStatusType = "PROCESSING" ReviewStatusExecuted ReviewStatusType = "EXECUTED" ReviewStatusUnknown ReviewStatusType = "UNKNOWN" ReviewTypeJit ReviewType = "jit" ReviewTypeOneTime ReviewType = "onetime" )
View Source
const BlobFormatWireProtoType string = "wire-proto"
indicates the blob is stored in database wire protocol
Variables ¶
View Source
var ( ErrNotFound = fmt.Errorf("resource not found") ErrAlreadyExists = fmt.Errorf("resource already exists") )
View Source
var DB *gorm.DB
This makes the DB generally available to the application This is safe to access from multiple goroutines
Functions ¶
func BuildCommonConfig ¶
func BuildCommonConfig(config *RunbookRepositoryConfig) (*commonRunbooks.Config, error)
func CountAccessRequestRules ¶
func CreateAccessRequestRule ¶
func CreateAccessRequestRule(db *gorm.DB, accessRequestRules *AccessRequestRule) error
func CreateAgent ¶
func CreateAgentOrgKey ¶
func CreateConnectionTag ¶
func CreateConnectionTag(obj *ConnectionTag) error
func CreateDBRoleJob ¶
func CreateGuardRailRules ¶
func CreateGuardRailRules(rule *GuardRailRules) error
func CreateJiraIssueTemplates ¶
func CreateJiraIssueTemplates(issue *JiraIssueTemplate) error
func CreateLogin ¶
func CreateReview ¶
Create the review object, when input is not empty it generates a blob id and save the input as well.
func CreateRunbookConfigurationEntry ¶
func CreateRunbookConfigurationEntry(db *gorm.DB, orgID, repositoryKey string, newConfig *RunbookRepositoryConfig) error
CreateRunbookConfigurationEntry creates a single runbook repository configuration entry In case the resource doesn't exists, it creates a new one with the new entry
func CreateServiceAccount ¶
func CreateServiceAccount(sa *ServiceAccount) error
func CreateUser ¶
func CreateUserGroupWithoutUser ¶
CreateUserGroupWithoutUser creates a group entry without binding it to any user
func DeleteAgentByNameOrID ¶
func DeleteConnection ¶
func DeleteDataMaskingRule ¶
func DeleteGuardRailRules ¶
func DeletePluginConnection ¶
func DeleteRunbookConfigurationEntry ¶
DeleteRunbookConfigurationEntry deletes an existing runbook repository configuration entry
func DeleteUser ¶
func DeleteUserGroup ¶
DeleteUserGroup deletes all instances of a group from an organization
func GetDataMaskingEntityTypes ¶
func GetDataMaskingEntityTypes(orgID, connID string) (json.RawMessage, error)
func GetJiraIssueTemplatesByID ¶
func GetJiraIssueTemplatesByID(orgID, id string) (*JiraIssueTemplate, *JiraIntegration, error)
func GetSessionJiraIssueByID ¶
func GetSharedSigningKey ¶
func InitDatabaseConnection ¶
func InitDatabaseConnection() error
func InsertUserGroups ¶
func IsFeatureAskAiEnabled ¶
func ListReviews ¶
func RotateAgentSecretKey ¶
func UpdateAccessRequestRule ¶
func UpdateAccessRequestRule(db *gorm.DB, accessRequestRules *AccessRequestRule) error
func UpdateAgentStatus ¶
func UpdateAgentStatus(orgID, agentID string, status AgentStatusType, metadata map[string]string) error
update the status of all agents and connections associated with it
func UpdateAllAgentsToOffline ¶
func UpdateAllAgentsToOffline() error
update all agent resource and connections to offline status
func UpdateGuardRailRules ¶
func UpdateGuardRailRules(r *GuardRailRules) error
func UpdateJiraIssueTemplates ¶
func UpdateJiraIssueTemplates(issue *JiraIssueTemplate) error
func UpdateLoginOutcome ¶
func UpdateOrgLicense ¶
func UpdateReview ¶
update the review resource, it updates the session status when the review status is approved, rejected or revoked
func UpdateReviewStatus ¶
func UpdateReviewStatus(orgID, id string, status ReviewStatusType) error
func UpdateRunbookConfigurationEntry ¶
func UpdateRunbookConfigurationEntry(db *gorm.DB, orgID, repositoryKey string, newConfig *RunbookRepositoryConfig) error
UpdateRunbookConfigurationEntry updates an existing runbook repository configuration entry
func UpdateServiceAccount ¶
func UpdateServiceAccount(sa *ServiceAccount) error
func UpdateSessionEventStream ¶
func UpdateSessionEventStream(sess SessionDone) error
UpdateSessionEventStream updates a session partially
func UpdateSessionInput ¶
func UpdateSessionMetadata ¶
func UpdateUser ¶
func UpdateUserAndUserGroups ¶
func UpsertBatchConnectionTags ¶
func UpsertBatchConnectionTags(items []ConnectionTag) error
UpsertBatchConnectionTags create connection tags in batch
func UpsertBatchConnections ¶
func UpsertBatchConnections(db *gorm.DB, connections []*Connection) error
UpsertBatchConnections updates or creates multiple connections and enable the default plugins for each connection
func UpsertGuardRailRuleWithConnections ¶
func UpsertGuardRailRuleWithConnections(rule *GuardRailRules, connectionIDs []string, isNew bool) error
UpsertGuardRailRuleWithConnections creates or updates a guardrail rule and its connections in a single transaction
func UpsertPlugin ¶
func UpsertProxyManagerState ¶
func UpsertProxyManagerState(obj *ProxyManagerState) error
func UpsertResource ¶
func UpsertRunbookRule ¶
func UpsertRunbookRule(db *gorm.DB, rule *RunbookRules) error
func UpsertSession ¶
UpsertSession updates or create all attributes of a session with exception of session streams
func UpsertUserV2 ¶
Types ¶
type AWSDBRoleSpec ¶
type AccessRequestRule ¶
type AccessRequestRule struct {
ID uuid.UUID `gorm:"type:uuid;default:gen_random_uuid();primaryKey"`
OrgID uuid.UUID `gorm:"column:org_id;index:idx_access_request_rules_org_name,unique"`
Name string `gorm:"column:name;index:idx_access_request_rules_org_name,unique"`
Description *string `gorm:"column:description"`
AccessType string `gorm:"column:access_type"`
ConnectionNames pq.StringArray `gorm:"column:connection_names;type:text[]"`
ApprovalRequiredGroups pq.StringArray `gorm:"column:approval_required_groups;type:text[]"`
AllGroupsMustApprove bool `gorm:"column:all_groups_must_approve;default:false"`
ReviewersGroups pq.StringArray `gorm:"column:reviewers_groups;type:text[]"`
ForceApprovalGroups pq.StringArray `gorm:"column:force_approval_groups;type:text[]"`
AccessMaxDuration *int `gorm:"column:access_max_duration"`
MinApprovals *int `gorm:"column:min_approvals"`
CreatedAt time.Time `gorm:"column:created_at;autoCreateTime"`
UpdatedAt time.Time `gorm:"column:updated_at;autoUpdateTime"`
}
func ListAccessRequestRules ¶
func ListAccessRequestRules(db *gorm.DB, orgID uuid.UUID, opts AccessRequestRulesFilterOption) ([]AccessRequestRule, int64, error)
func (AccessRequestRule) TableName ¶
func (m AccessRequestRule) TableName() string
type Agent ¶
type Agent struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
Name string `gorm:"column:name"`
Mode string `gorm:"column:mode"`
Key string `gorm:"column:key"`
KeyHash string `gorm:"column:key_hash"`
Status string `gorm:"column:status"`
Metadata map[string]string `gorm:"column:metadata;serializer:json"`
UpdatedAt *string `gorm:"column:updated_at"`
}
func GetAgentByNameOrID ¶
func GetAgentByToken ¶
type AgentStatusType ¶
type AgentStatusType string
var ( AgentStatusConnected AgentStatusType = "CONNECTED" AgentStatusDisconnected AgentStatusType = "DISCONNECTED" )
type Blob ¶
type Blob struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
BlobStream json.RawMessage `gorm:"column:blob_stream"`
Type string `gorm:"column:type"`
BlobFormat *string `gorm:"column:format"`
}
func (Blob) IsWireProtocol ¶
Report if the blob is stored as database wire protocol format
type BlobInputType ¶
type BlobInputType string
func (*BlobInputType) Scan ¶
func (b *BlobInputType) Scan(value any) error
type Connection ¶
type Connection struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
ResourceName string `gorm:"column:resource_name"`
AgentID sql.NullString `gorm:"column:agent_id"`
Name string `gorm:"column:name"`
Command pq.StringArray `gorm:"column:command;type:text[]"`
Type string `gorm:"column:type"`
SubType sql.NullString `gorm:"column:subtype"`
Status string `gorm:"column:status"`
ManagedBy sql.NullString `gorm:"column:managed_by"`
Tags pq.StringArray `gorm:"column:_tags;type:text[]"`
AccessModeRunbooks string `gorm:"column:access_mode_runbooks"`
AccessModeExec string `gorm:"column:access_mode_exec"`
AccessModeConnect string `gorm:"column:access_mode_connect"`
AccessSchema string `gorm:"column:access_schema"`
JiraIssueTemplateID sql.NullString `gorm:"column:jira_issue_template_id"`
// Access control
ForceApproveGroups pq.StringArray `gorm:"column:force_approve_groups;type:text[]"`
AccessMaxDuration *int `gorm:"column:access_max_duration"`
MinReviewApprovals *int `gorm:"column:min_review_approvals"`
// Read Only fields
RedactEnabled bool `gorm:"column:redact_enabled;->"`
Reviewers pq.StringArray `gorm:"column:reviewers;type:text[];->"`
RedactTypes pq.StringArray `gorm:"column:redact_types;type:text[];->"`
AgentMode string `gorm:"column:agent_mode;->"`
AgentName string `gorm:"column:agent_name;->"`
JiraTransitionNameOnClose sql.NullString `gorm:"column:issue_transition_name_on_close;->"`
Envs map[string]string `gorm:"column:envs;serializer:json;->"`
GuardRailRules pq.StringArray `gorm:"column:guardrail_rules;type:text[];->"`
ConnectionTags map[string]string `gorm:"column:connection_tags;serializer:json;->"`
}
func GetBareConnectionByNameOrID ¶
func GetBareConnectionByNameOrID(ctx UserContext, nameOrID string, tx *gorm.DB) (*Connection, error)
GetBareConnectionByNameOrID retrieves a connection by name or ID without resource envs, etc.
func GetConnectionByNameOrID ¶
func GetConnectionByNameOrID(ctx UserContext, nameOrID string) (*Connection, error)
GetConnectionByNameOrID retrieves a connection by name or ID. It also checks if the user has access to the connection based on the access control plugin.
func GetResourceConnections ¶
func GetResourceConnections(db *gorm.DB, orgID, resourceName string) ([]Connection, error)
func ListConnections ¶
func ListConnections(ctx UserContext, opts ConnectionFilterOption) ([]Connection, error)
ListConnections retrieves a list of connections based on the provided filter options. It applies access control rules based on the user's groups and the access control plugin.
func ListConnectionsPaginated ¶
func ListConnectionsPaginated(orgID string, userGroups []string, opts ConnectionPaginationOption) ([]Connection, int64, error)
ListConnectionsPaginated retrieves a paginated list of connections based on the provided filter options.
func SearchConnectionsBySimilarity ¶
func SearchConnectionsBySimilarity(orgID string, userGroups []string, searchTerm string) ([]Connection, error)
SearchBySimilarity searches connections by name, type, or subtype using a case-insensitive search.
func UpsertConnection ¶
func UpsertConnection(ctx UserContext, c *Connection) (*Connection, error)
func (Connection) AsSecrets ¶
func (c Connection) AsSecrets() map[string]any
type ConnectionCredentials ¶
type ConnectionCredentials struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
UserSubject string `gorm:"column:user_subject"`
ConnectionName string `gorm:"column:connection_name"`
ConnectionType string `gorm:"column:connection_type"`
SecretKeyHash string `gorm:"column:secret_key_hash"`
CreatedAt time.Time `gorm:"column:created_at"`
ExpireAt time.Time `gorm:"column:expire_at"`
}
func CreateConnectionCredentials ¶
func CreateConnectionCredentials(db *ConnectionCredentials) (*ConnectionCredentials, error)
func GetConnectionByTypeAndID ¶
func GetConnectionByTypeAndID(connectionType, id string) (*ConnectionCredentials, error)
GetConnectionByTypeAndID retrieves a connection credential by its type and ID
func GetConnectionCredentialsByID ¶
func GetConnectionCredentialsByID(orgID, id string) (*ConnectionCredentials, error)
func GetValidConnectionCredentialsBySecretKey ¶
func GetValidConnectionCredentialsBySecretKey(connectionTypes []string, secretKeyHash string) (*ConnectionCredentials, error)
GetValidConnectionCredentialsBySecretKey retrieves a valid connection credential by its secret key hash. if a user has a valid connection credential, it could be used to connect in the requested resource
type ConnectionFilterOption ¶
type ConnectionFilterOption struct {
Name string
Type string
SubType string
ManagedBy string
AgentID string
Tags []string
TagSelector string
Search string
ConnectionIDs []string
ResourceName string
}
ConnectionOption each attribute set applies an AND operator logic
func (ConnectionFilterOption) GetSearchPattern ¶
func (o ConnectionFilterOption) GetSearchPattern() string
func (ConnectionFilterOption) GetTagsAsArray ¶
func (o ConnectionFilterOption) GetTagsAsArray() any
func (ConnectionFilterOption) ParseTagSelectorQuery ¶
func (o ConnectionFilterOption) ParseTagSelectorQuery() (selectorJsonData string, err error)
type ConnectionGuardRailRules ¶
type ConnectionGuardRailRules struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
Name string `gorm:"column:name"`
// Read Only Fields
GuardRailInputRules []byte `gorm:"column:guardrail_input_rules;->"`
GuardRailOutputRules []byte `gorm:"column:guardrail_output_rules;->"`
}
func GetConnectionGuardRailRules ¶
func GetConnectionGuardRailRules(orgID, name string) (*ConnectionGuardRailRules, error)
GetConnectionGuardRailRules retrieves the guard rail rules associated with a connection. It does not enforce access control rules
type ConnectionPaginationOption ¶
type ConnectionPaginationOption struct {
ConnectionFilterOption
Page int
PageSize int
}
type ConnectionTag ¶
type ConnectionTag struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Key string `gorm:"column:key"`
Value string `gorm:"column:value"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func GetConnectionTagByID ¶
func GetConnectionTagByID(orgID, id string) (*ConnectionTag, error)
func ListConnectionTags ¶
func ListConnectionTags(orgID string) ([]ConnectionTag, error)
type Context ¶
type Context struct {
OrgID string `gorm:"column:org_id"`
OrgName string `gorm:"column:org_name"`
OrgLicenseData json.RawMessage `gorm:"column:org_license_data"`
UserID string `gorm:"column:user_id"`
UserSubject string `gorm:"column:user_subject"`
UserEmail string `gorm:"column:user_email"`
UserName string `gorm:"column:user_name"`
UserStatus string `gorm:"column:user_status"`
UserSlackID string `gorm:"column:user_slack_id"`
UserPicture string `gorm:"column:user_picture"`
UserHashedPassword *string `gorm:"column:user_hashed_password"`
UserGroups pq.StringArray `gorm:"column:user_groups;type:text[]"`
}
func GetUserContext ¶
GetUserContext retrieves user context data based on the subject claim or OIDC information.
After access token verification, it's safe to obtain user context using only the subject attribute.
This method queries both the users and service accounts tables to retrieve the existing user context information.
func (*Context) GetLicenseType ¶
func (*Context) GetUserGroups ¶
type CustomEntityTypesEntry ¶
type CustomEntityTypesList ¶
type CustomEntityTypesList []CustomEntityTypesEntry
type DBRole ¶
type DBRole struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
CreatedAt time.Time `gorm:"column:created_at"`
CompletedAt *time.Time `gorm:"column:completed_at"`
StatusMap map[string]any `gorm:"column:status;serializer:json"`
HookStatusMap map[string]any `gorm:"column:hook_status;serializer:json"`
SpecMap map[string]any `gorm:"column:spec;serializer:json"` // Don't export it, having a lowercase it will serialize properly?
Status *DBRoleStatus `gorm:"-"`
HookStatus *HookStatus `gorm:"-"`
Spec *AWSDBRoleSpec `gorm:"-"`
}
func GetDBRoleJobByID ¶
func ListDBRoleJobs ¶
func UpdateDBRoleJob ¶
type DBRoleStatus ¶
type DBRoleStatus struct {
Phase string `json:"phase"`
Message string `json:"message"`
Result []DBRoleStatusResult `json:"result"`
}
type DBRoleStatusResult ¶
type DataMaskingRule ¶
type DataMaskingRule struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Name string `gorm:"column:name"`
Description string `gorm:"column:description"`
SupportedEntityTypes SupportedEntityTypesList `gorm:"column:supported_entity_types;serializer:json"`
CustomEntityTypes CustomEntityTypesList `gorm:"column:custom_entity_types;serializer:json"`
ScoreThreshold *float64 `gorm:"column:score_threshold"`
ConnectionIDs pq.StringArray `gorm:"column:connection_ids;type:text[];->"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func CreateDataMaskingRule ¶
func CreateDataMaskingRule(rule *DataMaskingRule) (*DataMaskingRule, error)
func GetDataMaskingRuleByID ¶
func GetDataMaskingRuleByID(orgID, ruleID string) (*DataMaskingRule, error)
func ListDataMaskingRules ¶
func ListDataMaskingRules(orgID string) ([]DataMaskingRule, error)
func UpdateDataMaskingRule ¶
func UpdateDataMaskingRule(rule *DataMaskingRule) (*DataMaskingRule, error)
type DataMaskingRuleConnection ¶
type DataMaskingRuleConnection struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
RuleID string `gorm:"column:rule_id"`
ConnectionID string `gorm:"column:connection_id"`
Status string `gorm:"column:status"`
}
func UpdateDataMaskingRuleConnection ¶
func UpdateDataMaskingRuleConnection(orgID, connectionID string, items []DataMaskingRuleConnection) ([]DataMaskingRuleConnection, error)
type EnvVar ¶
type EnvVar struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
Envs map[string]string `gorm:"column:envs;serializer:json"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func GetEnvVarByID ¶
type ErrNotFoundGuardRailRules ¶
type ErrNotFoundGuardRailRules struct {
// contains filtered or unexported fields
}
func (*ErrNotFoundGuardRailRules) Error ¶
func (e *ErrNotFoundGuardRailRules) Error() string
type GuardRailConnection ¶
type GuardRailRules ¶
type GuardRailRules struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
Name string `gorm:"column:name"`
Description string `gorm:"column:description"`
Input map[string]any `gorm:"column:input;serializer:json"`
Output map[string]any `gorm:"column:output;serializer:json"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
ConnectionIDs []string `gorm:"-"` // Not stored in DB, populated from join query
}
func GetGuardRailRules ¶
func GetGuardRailRules(orgID, ruleID string) (*GuardRailRules, error)
func ListGuardRailRules ¶
func ListGuardRailRules(orgID string) ([]*GuardRailRules, error)
type HookStatus ¶
type HttpProxyServerConfig ¶
type HttpProxyServerConfig struct {
ListenAddress string `json:"listen_address"`
}
type JiraIntegration ¶
type JiraIntegration struct {
ID string `json:"id"`
OrgID string `json:"org_id"`
URL string `json:"url"`
User string `json:"user"`
APIToken string `json:"api_token"`
Status JiraIntegrationStatus `json:"status"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func CreateJiraIntegration ¶
func CreateJiraIntegration(orgID string, jiraIntegration *JiraIntegration) (*JiraIntegration, error)
func GetJiraIntegration ¶
func GetJiraIntegration(orgID string) (*JiraIntegration, error)
func UpdateJiraIntegration ¶
func UpdateJiraIntegration(orgID string, newObj *JiraIntegration) (*JiraIntegration, error)
func (JiraIntegration) IsActive ¶
func (j JiraIntegration) IsActive() bool
type JiraIntegrationStatus ¶
type JiraIntegrationStatus string
const ( JiraIntegrationStatusActive JiraIntegrationStatus = "enabled" JiraIntegrationStatusInactive JiraIntegrationStatus = "disabled" )
type JiraIssueTemplate ¶
type JiraIssueTemplate struct {
OrgID string `gorm:"column:org_id"`
ID string `gorm:"column:id"`
JiraIntegrationID string `gorm:"column:jira_integration_id"`
Name string `gorm:"column:name"`
Description string `gorm:"column:description"`
ProjectKey string `gorm:"column:project_key"`
RequestTypeID string `gorm:"column:request_type_id"`
IssueTransitionNameOnClose string `gorm:"column:issue_transition_name_on_close"`
MappingTypes map[string]any `gorm:"column:mapping_types;serializer:json"`
PromptTypes map[string]any `gorm:"column:prompt_types;serializer:json"`
CmdbTypes map[string]any `gorm:"column:cmdb_types;serializer:json"`
ConnectionIDs pq.StringArray `gorm:"column:connection_ids;type:text[];->"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func ListJiraIssueTemplates ¶
func ListJiraIssueTemplates(orgID string) ([]*JiraIssueTemplate, error)
func (*JiraIssueTemplate) DecodeMappingTypes ¶
func (t *JiraIssueTemplate) DecodeMappingTypes() (map[string]MappingType, map[string]PromptType, map[string]CmdbType, error)
type Login ¶
type Login struct {
ID string `gorm:"column:id"`
Redirect string `gorm:"column:redirect"`
Outcome string `gorm:"column:outcome"`
SlackID string `gorm:"column:slack_id"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func GetLoginByState ¶
GetLoginByState retrieves a login record by its state ID
type MappingType ¶
type Organization ¶
type Organization struct {
ID string `gorm:"column:id"`
Name string `gorm:"column:name"`
CreatedAt time.Time `gorm:"column:created_at"`
LicenseData json.RawMessage `gorm:"column:license_data"`
TotalUsers int64 `gorm:"column:total_users;->"`
}
func CreateOrgGetOrganization ¶
func CreateOrgGetOrganization(name string, licenseDataJSON []byte) (*Organization, bool, error)
func CreateOrganization ¶
func CreateOrganization(name string, licenseDataJSON []byte) (*Organization, error)
func GetOrganizationByNameOrID ¶
func GetOrganizationByNameOrID(nameOrID string) (*Organization, error)
func ListAllOrganizations ¶
func ListAllOrganizations() ([]Organization, error)
type Plugin ¶
type Plugin struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Name string `gorm:"column:name"`
Connections []*PluginConnection `gorm:"column:plugin_connections;serializer:json;->"`
EnvVars map[string]string `gorm:"column:envvars;serializer:json;->"`
}
func GetPluginByName ¶
func ListPlugins ¶
func (*Plugin) GetEnvVars ¶
type PluginConnection ¶
type PluginConnection struct {
ID string `gorm:"column:id" json:"id"`
OrgID string `gorm:"column:org_id" json:"org_id"`
PluginID string `gorm:"column:plugin_id" json:"plugin_id"`
ConnectionID string `gorm:"column:connection_id" json:"connection_id"`
ConnectionName string `gorm:"column:connection_name;->" json:"connection_name"`
Enabled bool `gorm:"column:enabled" json:"enabled"`
Config pq.StringArray `gorm:"column:config;type:text[]" json:"config"`
CreatedAt time.Time `gorm:"column:created_at" json:"created_at"`
UpdatedAt time.Time `gorm:"column:updated_at" json:"updated_at"`
}
func GetPluginConnection ¶
func GetPluginConnection(orgID, pluginName, connID string) (*PluginConnection, error)
func UpsertPluginConnection ¶
func UpsertPluginConnection(orgID, pluginName, connID string, config pq.StringArray) (*PluginConnection, error)
UpsertPluginConnection updates an existing plugin connection by the plugin ID and connection ID.
type PostgresServerConfig ¶
type PostgresServerConfig struct {
ListenAddress string `json:"listen_address"`
}
type PromptType ¶
type ProxyManagerState ¶
type ProxyManagerState struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Status ProxyManagerStatusType `gorm:"column:status"`
RequestConnectionName string `gorm:"column:connection"`
RequestPort string `gorm:"column:port"`
RequestAccessDurationSec int `gorm:"column:access_duration"`
ClientMetadata map[string]string `gorm:"column:metadata;serializer:json"`
ConnectedAt time.Time `gorm:"connected_at"`
}
func GetProxyManagerStateByID ¶
func GetProxyManagerStateByID(orgID, id string) (*ProxyManagerState, error)
type ProxyManagerStatusType ¶
type ProxyManagerStatusType string
const ( // ProxyManagerStatusReady indicates the grpc client is ready to subscribe to a new connection ProxyManagerStatusReady ProxyManagerStatusType = "ready" // ProxyManagerStatusConnected indicates the client has opened a new session ProxyManagerStatusConnected ProxyManagerStatusType = "connected" // ProxyManagerStatusDisconnected indicates the grpc client has disconnected ProxyManagerStatusDisconnected ProxyManagerStatusType = "disconnected" )
type RDPServerConfig ¶
type RDPServerConfig struct {
ListenAddress string `json:"listen_address"`
}
type ResourceFilterOption ¶
type Resources ¶
type Resources struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Name string `gorm:"column:name"`
Type string `gorm:"column:type"`
SubType sql.NullString `gorm:"column:subtype"`
AgentID sql.NullString `gorm:"column:agent_id"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
// read-only fields from related tables
Envs map[string]string `gorm:"column:envs;serializer:json;->"`
}
func GetResourceByName ¶
type Review ¶
type Review struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
SessionID string `gorm:"column:session_id"`
Type ReviewType `gorm:"column:type"`
Status ReviewStatusType `gorm:"column:status"`
ConnectionName string `gorm:"column:connection_name"`
ConnectionID sql.NullString `gorm:"column:connection_id"`
BlobInputID sql.NullString `gorm:"column:blob_input_id"`
InputEnvVars map[string]string `gorm:"column:input_env_vars;serializer:json"`
InputClientArgs pq.StringArray `gorm:"column:input_client_args;type:text[]"`
AccessDurationSec int64 `gorm:"column:access_duration_sec"`
OwnerID string `gorm:"column:owner_id"`
OwnerEmail string `gorm:"column:owner_email"`
OwnerName *string `gorm:"column:owner_name"`
OwnerSlackID *string `gorm:"column:owner_slack_id"`
ReviewGroups []ReviewGroups `gorm:"column:review_groups;serializer:json;->"`
AccessRequestRuleName *string `gorm:"column:access_request_rule_name"`
ForceApprovalGroups pq.StringArray `gorm:"column:force_approval_groups;type:text[]"`
MinApprovals *int `gorm:"column:min_approvals"`
CreatedAt time.Time `gorm:"column:created_at"`
RevokedAt *time.Time `gorm:"column:revoked_at"`
TimeWindow *ReviewTimeWindow `gorm:"column:time_window;serializer:json;"`
}
func GetReviewByIdOrSid ¶
func (*Review) GetBlobInput ¶
GetBlobInput returns the input if the blob input id is set
type ReviewGroups ¶
type ReviewGroups struct {
ID string `json:"id"`
OrgID string `json:"org_id"`
ReviewID string `json:"review_id"`
GroupName string `json:"group_name"`
Status ReviewStatusType `json:"status"`
OwnerID *string `json:"owner_id"`
OwnerEmail *string `json:"owner_email"`
OwnerName *string `json:"owner_name"`
OwnerSlackID *string `json:"owner_slack_id"`
ReviewedAt *time.Time `json:"reviewed_at"`
ForcedReview bool `json:"forced_review"`
}
type ReviewJit ¶
type ReviewJit struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
SessionID string `gorm:"column:session_id"`
Type string `gorm:"column:type"`
AccessDurationSec int64 `gorm:"column:access_duration_sec"`
OwnerEmail string `gorm:"column:owner_email"`
CreatedAt time.Time `gorm:"column:created_at"`
RevokedAt *time.Time `gorm:"column:revoked_at"`
}
func GetApprovedReviewJit ¶
Lookup for the latest review jit approved
type ReviewStatusType ¶
type ReviewStatusType string
func (ReviewStatusType) Str ¶
func (t ReviewStatusType) Str() string
type ReviewTimeWindow ¶
type ReviewType ¶
type ReviewType string
type RunbookRepositoryConfig ¶
type RunbookRepositoryConfig struct {
GitUrl string `json:"git_url"`
GitUser string `json:"git_user"`
GitPassword string `json:"git_password"`
SSHKey string `json:"ssh_key"`
SSHUser string `json:"ssh_user"`
SSHKeyPass string `json:"ssh_key_pass"`
SSHKnownHosts string `json:"ssh_known_hosts"`
GitHookTTL int `json:"git_hook_config_ttl"`
GitBranch string `json:"git_branch"`
}
type RunbookRuleFile ¶
type RunbookRuleFiles ¶
type RunbookRuleFiles []RunbookRuleFile
func (*RunbookRuleFiles) Scan ¶
func (r *RunbookRuleFiles) Scan(value any) error
type RunbookRules ¶
type RunbookRules struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Name string `gorm:"column:name"`
Description sql.NullString `gorm:"column:description"`
UserGroups pq.StringArray `gorm:"column:user_groups;type:text[]"`
Connections pq.StringArray `gorm:"column:connections;type:text[]"`
Runbooks RunbookRuleFiles `gorm:"column:runbooks;type:jsonb;serializer:json"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func GetRunbookRuleByID ¶
func GetRunbookRuleByID(db *gorm.DB, orgID, ruleID string) (*RunbookRules, error)
func GetRunbookRules ¶
type Runbooks ¶
type Runbooks struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
RepositoryConfigs map[string]RunbookRepositoryConfig `gorm:"column:repository_configs;serializer:json"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
type SSHServerConfig ¶
type ServerAuthConfig ¶
type ServerAuthConfig struct {
OrgID string `gorm:"column:org_id"`
AuthMethod *string `gorm:"column:auth_method"`
OidcConfig *ServerAuthOidcConfig `gorm:"column:oidc_config;serializer:json"`
SamlConfig *ServerAuthSamlConfig `gorm:"column:saml_config;serializer:json"`
ProviderName *string `gorm:"column:provider_name"`
ApiKey *string `gorm:"column:api_key"`
RolloutApiKey *string `gorm:"column:rollout_api_key"`
WebappUsersManagement *string `gorm:"column:webapp_users_management"`
AdminRoleName *string `gorm:"column:admin_role_name"`
AuditorRoleName *string `gorm:"column:auditor_role_name"`
ProductAnalytics *string `gorm:"column:product_analytics;->"`
GrpcServerURL *string `gorm:"column:grpc_server_url;->"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func GetServerAuthConfig ¶
func GetServerAuthConfig() (*ServerAuthConfig, error)
func UpdateServerAuthConfig ¶
func UpdateServerAuthConfig(newObj *ServerAuthConfig) (*ServerAuthConfig, error)
Create or update the server auth config. If the config already exists, it will be updated with the new values. The api_key attribute is optional, if not provided it will not be updated or created
Updating roles performs a global update on the user_groups table to change the previous role names to the new ones.
type ServerAuthOidcConfig ¶
type ServerAuthSamlConfig ¶
type ServerMiscConfig ¶
type ServerMiscConfig struct {
ProductAnalytics *string `gorm:"column:product_analytics"`
GrpcServerURL *string `gorm:"column:grpc_server_url"`
PostgresServerConfig *PostgresServerConfig `gorm:"column:postgres_server_config;serializer:json"`
SSHServerConfig *SSHServerConfig `gorm:"column:ssh_server_config;serializer:json"`
RDPServerConfig *RDPServerConfig `gorm:"column:rdp_server_config;serializer:json"`
HttpProxyServerConfig *HttpProxyServerConfig `gorm:"column:http_proxy_server_config;serializer:json"`
}
func GetServerMiscConfig ¶
func GetServerMiscConfig() (*ServerMiscConfig, error)
func UpsertServerMiscConfig ¶
func UpsertServerMiscConfig(newObj *ServerMiscConfig) (*ServerMiscConfig, error)
type ServiceAccount ¶
type ServiceAccount struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Subject string `gorm:"column:subject"`
Name string `gorm:"column:name"`
Groups pq.StringArray `gorm:"column:groups;type:text[];->"`
Status string `gorm:"column:status"`
CreatedAt time.Time `gorm:"column:created_at"`
UpdatedAt time.Time `gorm:"column:updated_at"`
}
func ListServiceAccounts ¶
func ListServiceAccounts(orgID string) ([]ServiceAccount, error)
type Session ¶
type Session struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Connection string `gorm:"column:connection"`
ResourceName string `gorm:"column:resource_name;->"`
ConnectionType string `gorm:"column:connection_type"`
ConnectionSubtype string `gorm:"column:connection_subtype"`
ConnectionTags map[string]string `gorm:"column:connection_tags;serializer:json"`
Verb string `gorm:"column:verb"`
Labels map[string]string `gorm:"column:labels;serializer:json"`
Metadata map[string]any `gorm:"column:metadata;serializer:json"`
IntegrationsMetadata map[string]any `gorm:"column:integrations_metadata;serializer:json"`
Metrics map[string]any `gorm:"column:metrics;serializer:json"`
BlobInputID sql.NullString `gorm:"column:blob_input_id"`
BlobInput BlobInputType `gorm:"-"`
BlobInputSize int64 `gorm:"column:blob_input_size;->"`
BlobStream *Blob `gorm:"-"`
BlobStreamSize int64 `gorm:"column:blob_stream_size;->"`
UserID string `gorm:"column:user_id"`
UserName string `gorm:"column:user_name"`
UserEmail string `gorm:"column:user_email"`
Status string `gorm:"column:status"`
ExitCode *int `gorm:"column:exit_code"`
Review *SessionReview `gorm:"column:review;->"`
SessionBatchID *string `gorm:"column:session_batch_id"`
CreatedAt time.Time `gorm:"column:created_at"`
EndSession *time.Time `gorm:"column:ended_at"`
}
func GetSessionByID ¶
func (*Session) GetBlobInput ¶
func (s *Session) GetBlobInput() (BlobInputType, error)
func (*Session) GetBlobStream ¶
GetBlobStream retrieves the blob stream associated with the session It returns nil if the session does not have a blob stream associated with it.
type SessionDone ¶
type SessionList ¶
func ListSessions ¶
func ListSessions(orgID string, userId string, isAuditorOrAdmin bool, opt SessionOption) (*SessionList, error)
type SessionMetrics ¶
type SessionMetrics struct {
ID string `gorm:"column:id;->"`
OrgID string `gorm:"column:org_id"`
SessionID string `gorm:"column:session_id"`
InfoType string `gorm:"column:info_type"`
CountMasked int64 `gorm:"column:count_masked"`
CountAnalyzed int64 `gorm:"column:count_analyzed"`
ConnectionType string `gorm:"column:connection_type"`
ConnectionSubtype sql.NullString `gorm:"column:connection_subtype"`
SessionCreatedAt time.Time `gorm:"column:session_created_at"`
SessionEndedAt *time.Time `gorm:"column:session_ended_at"`
}
type SessionMetricsAggregatedResult ¶
type SessionMetricsAggregatedResult struct {
TotalSessions int64 `gorm:"column:total_sessions"`
UniqueInfoTypes int64 `gorm:"column:unique_info_types"`
TotalMasked int64 `gorm:"column:total_masked"`
TotalAnalyzed int64 `gorm:"column:total_analyzed"`
SessionsWithMasking int64 `gorm:"column:sessions_with_masking"`
AvgSessionDurationSec *float64 `gorm:"column:avg_session_duration_sec"`
}
func GetSessionMetricsAggregated ¶
func GetSessionMetricsAggregated(orgID string, filter SessionMetricsFilter) (*SessionMetricsAggregatedResult, error)
type SessionMetricsFilter ¶
type SessionMetricsFilter struct {
// Resource filters
ConnectionTypes []string `form:"connection_type"`
ConnectionSubtypes []string `form:"connection_subtype"`
ConnectionNames []string `form:"connection_name"`
// Data type filters (Presidio entity types)
InfoTypes []string `form:"info_type"`
// Masked/unmasked differentiation
OnlyMasked bool `form:"only_masked"`
OnlyUnmasked bool `form:"only_unmasked"`
// Date filters
StartDate *time.Time `form:"start_date" time_format:"2006-01-02"`
EndDate *time.Time `form:"end_date" time_format:"2006-01-02"`
// Session filters
SessionIDs []string `form:"session_id"`
SessionStartDate *time.Time `form:"session_start_date" time_format:"2006-01-02"`
SessionEndDate *time.Time `form:"session_end_date" time_format:"2006-01-02"`
MinDurationSec *int `form:"min_duration_sec"`
MaxDurationSec *int `form:"max_duration_sec"`
IncludeOpenSessions bool `form:"include_open_sessions"`
// Logic operator (AND/OR)
LogicOperator string `form:"logic_operator"` // "and" or "or", default "and"
// Pagination
Page int `form:"page"`
Limit int `form:"limit"`
}
SessionMetricsFilter represents the filter parameters for querying session metrics
type SessionMetricsQueryResult ¶
type SessionMetricsQueryResult struct {
SessionID string `gorm:"column:session_id"`
OrgID string `gorm:"column:org_id"`
ConnectionType string `gorm:"column:connection_type"`
ConnectionSubtype *string `gorm:"column:connection_subtype"`
ConnectionName string `gorm:"column:connection_name"`
InfoType string `gorm:"column:info_type"`
CountMasked int64 `gorm:"column:count_masked"`
CountAnalyzed int64 `gorm:"column:count_analyzed"`
IsMasked bool `gorm:"column:is_masked"`
SessionCreatedAt time.Time `gorm:"column:session_created_at"`
SessionEndedAt *time.Time `gorm:"column:session_ended_at"`
SessionDurationSec *int `gorm:"column:session_duration_sec"`
}
func GetSessionMetrics ¶
func GetSessionMetrics(orgID string, filter SessionMetricsFilter) ([]SessionMetricsQueryResult, *openapi.Pagination, error)
type SessionOption ¶
type SessionOption struct {
User string
ConnectionType string
ConnectionName string
ReviewStatus string
ReviewApproverEmail *string
BatchID *string
JiraIssueKey []string
StartDate sql.NullString
EndDate sql.NullString
Offset int
Limit int
}
func NewSessionOption ¶
func NewSessionOption() SessionOption
type SessionReport ¶
type SessionReport struct {
Items []SessionReportItem `gorm:"column:items"`
TotalRedactCount int64 `gorm:"column:total_redact_count"`
TotalTransformedBytes int64 `gorm:"column:total_transformed_bytes"`
}
func GetSessionReport ¶
func GetSessionReport(orgID string, opts map[string]any) (*SessionReport, error)
type SessionReportItem ¶
type SessionReview ¶
type SessionReview struct {
ID string `json:"id"`
SessionID string `json:"session_id"`
Type string `json:"type"`
Status string `json:"status"`
CreatedAt time.Time `json:"created_at"`
RevokedAt *time.Time `json:"revoked_at"`
AccessDurationSec int64 `json:"access_duration_sec"`
ReviewGroups []ReviewGroups `json:"review_groups" gorm:"review_groups;serializer:json"`
TimeWindow *ReviewTimeWindow `json:"time_window" gorm:"time_window;serializer:json;"`
AccessRequestRuleName *string `json:"access_request_rule_name"`
ForceApprovalGroups pq.StringArray `json:"force_approval_groups" gorm:"force_approval_groups;serializer:json;"`
MinApprovals *int `json:"min_approvals"`
}
func (*SessionReview) Scan ¶
func (r *SessionReview) Scan(value any) error
type SupportedEntityTypesList ¶
type SupportedEntityTypesList []SupportedEntityTypesEntry
func (*SupportedEntityTypesList) Scan ¶
func (r *SupportedEntityTypesList) Scan(value any) error
type User ¶
type User struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Subject string `gorm:"column:subject"`
Name string `gorm:"column:name"`
Picture string `gorm:"column:picture"`
Email string `gorm:"column:email"`
Verified bool `gorm:"column:verified"`
Status string `gorm:"column:status"`
SlackID string `gorm:"column:slack_id"`
HashedPassword string `gorm:"column:hashed_password"`
}
func GetInvitedUserByEmail ¶
func GetUserByEmail ¶
func GetUserByEmailAndOrg ¶
func GetUserBySubjectAndOrg ¶
type UserContext ¶
type UserContext interface {
GetUserID() string
GetOrgID() string
IsAdmin() bool
GetUserGroups() []string
}
func NewAdminContext ¶
func NewAdminContext(orgID string) UserContext
NewAdminContext creates a new UserContext with admin privileges. It should when a component needs to perform actions that require admin access.
type UserGroup ¶
type UserGroup struct {
OrgID string
UserID string
ServiceAccountId sql.NullString
Name string
}
func GetUserGroupsByOrgID ¶
func GetUserGroupsByUserID ¶
type UserV2 ¶
type UserV2 struct {
ID string `gorm:"column:id"`
OrgID string `gorm:"column:org_id"`
Subject string `gorm:"column:subject"`
Email string `gorm:"column:email"`
Name string `gorm:"column:name"`
Verified bool `gorm:"column:verified"`
Status string `gorm:"column:status"`
Groups pq.StringArray `gorm:"column:groups;type:text[];->"`
SlackID *string `gorm:"column:slack_id"`
Picture *string `gorm:"column:picture"`
HashedPassword *string `gorm:"column:hashed_password"`
}
func GetUserByEmailV2 ¶
Source Files
¶
- access_request_rules.go
- agents.go
- audit.go
- connection_credentials.go
- connection_tags.go
- connections.go
- database.go
- datamasking.go
- dbroles.go
- envvars.go
- errors.go
- guadrails.go
- jira.go
- jira_issue_templates.go
- login.go
- orgs.go
- plugin_connections.go
- plugins.go
- proxymanager.go
- resources.go
- reviews.go
- runbooks.go
- server_auth_config.go
- server_misc_config.go
- serviceaccount.go
- session.go
- session_metrics.go
- session_reports.go
- user_context.go
- user_groups.go
- user_tokens.go
- users.go
- usersv2.go
Directories
Click to show internal directories.
Click to hide internal directories.