claude/mattermost-community-enterprise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
302a074c8e
mattermost-community-enterp.../public/model/access_request.go
Claude ec1f89217a Merge: Complete Mattermost Server with Community Enterprise 
Full Mattermost server source with integrated Community Enterprise features.
Includes vendor directory for offline/air-gapped builds.

Structure:
- enterprise-impl/: Enterprise feature implementations
- enterprise-community/: Init files that register implementations
- enterprise/: Bridge imports (community_imports.go)
- vendor/: All dependencies for offline builds

Build (online):
  go build ./cmd/mattermost

Build (offline/air-gapped):
  go build -mod=vendor ./cmd/mattermost

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-17 23:59:07 +09:00

76 lines
2.9 KiB
Go
Raw Blame History

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See LICENSE.txt for license information.
package model
// Subject represents the user or a virtual entity for which the Authorization
// API is called.
type Subject struct {
// ID is the unique identifier of the Subject.
// it can be a user ID, bot ID, etc and it is scoped to the Type.
ID string `json:"id"`
// Type specifies the type of the Subject, eg. user, bot, etc.
Type string `json:"type"`
// Attributes are the key-value pairs assicuated with the subject.
// An attribute may be single-valued or multi-valued and can be a primitive type
// (string, boolean, number) or a complex type like a JSON object or array.
Attributes map[string]any `json:"attributes"`
}
type SubjectSearchOptions struct {
Term string `json:"term"`
TeamID string `json:"team_id"`
// Query and Args should be generated within the Access Control Service
// and passed here wrt database driver
Query string `json:"query"`
Args []any `json:"args"`
Limit int `json:"limit"`
Cursor SubjectCursor `json:"cursor"`
AllowInactive bool `json:"allow_inactive"`
IgnoreCount bool `json:"ignore_count"`
// ExcludeChannelMembers is used to exclude members from the search results
// specifically used when syncing channel members
ExcludeChannelMembers string `json:"exclude_members"`
// SubjectID is used to filter search results to a specific user ID
// This is particularly useful for validation queries where we only need to check
// if a specific user matches an expression, rather than fetching all matching users
SubjectID string `json:"subject_id"`
}
type SubjectCursor struct {
TargetID string `json:"target_id"`
}
// Resource is the target of an access request.
type Resource struct {
// ID is the unique identifier of the Resource.
// It can be a channel ID, post ID, etc and it is scoped to the Type.
ID string `json:"id"`
// Type specifies the type of the Resource, eg. channel, post, etc.
Type string `json:"type"`
}
// AccessRequest represents the input to the Policy Decision Point (PDP).
// It contains the Subject, Resource, Action and optional Context attributes.
type AccessRequest struct {
Subject Subject `json:"subject"`
Resource Resource `json:"resource"`
Action string `json:"action"`
Context map[string]any `json:"context,omitempty"`
}
// The PDP evaluates the request and returns an AccessDecision.
// The Decision field is a boolean indicating whether the request is allowed or not.
type AccessDecision struct {
Decision bool `json:"decision"`
Context map[string]any `json:"context,omitempty"`
}
type QueryExpressionParams struct {
Expression string `json:"expression"`
Term string `json:"term"`
Limit int `json:"limit"`
After string `json:"after"`
ChannelId string `json:"channelId,omitempty"`
}
Reference in New Issue View Git Blame Copy Permalink