einherjar/contracts
2
0
Fork 0
Code Issues Pull Requests Packages Releases 1 Activity
Files
098a2098f87169a2cf8a21f9204dd0e0bae19dd2
contracts/security/permission_provider.go
Rene Nochebuena 098a2098f8 feat(contracts): initial implementation (v1.0.0) 
Introduces code.nochebuena.dev/einherjar/contracts — the zero-dependency
foundation of the Einherjar framework. Defines the interfaces and minimal
types consumed by every starter. Zero external dependencies. Zero Einherjar
dependencies. Nothing is above it in the dependency graph.

lifecycle:
- Component — OnInit, OnStart, OnStop three-phase lifecycle hooks

observability:
- Level (LevelCritical=0, LevelDegraded); zero value is the safe default
- Checkable — HealthCheck, Name, Priority
- Identifiable — ModulePath, ModuleVersion; implemented by all starters to
  surface module identity and version in the startup banner

logging:
- Logger — Debug, Info, Warn, Error, With, WithContext

errs:
- CodedError — ErrorCode() string; satisfied by core/xerrors.Err
- ContextualError — ErrorContext() map[string]any; satisfied by core/xerrors.Err

security:
- Identity value type — UID, TenantID, DisplayName, Email; NewIdentity, WithTenant
- Permission (int64), MaxPermission=62, PermissionMask — Has, Grant
- PermissionProvider — ResolveMask(ctx, uid, resource) (PermissionMask, error)
- SecurityBag value type — immutable request-scoped security context; carries
  Identity and arbitrary typed attributes (hardware IDs, grant codes, etc.);
  With copies the attribute map on every call to preserve receiver-invariant behaviour
- NewSecurityBag, Identity, WithIdentity, Get, With
- SetBagInContext / BagFromContext — full bag context storage
- SetInContext / FromContext — backed by SecurityBag; all four cross-function
  combinations (SetInContext+BagFromContext, SetBagInContext+FromContext) are valid

One file per type; CT-6 enforced by compliance test AST walk.
2026-05-29 15:43:08 +00:00

19 lines
819 B
Go
Raw Blame History

package security
import "context"
// PermissionProvider resolves the permission mask for a user on a given resource.
//
// Implementations may call FromContext to retrieve the Identity (and its TenantID)
// when multi-tenancy is required — there is no need to thread tenantID as an
// explicit parameter since it is already in the context.
//
// The resource string identifies what is being accessed (e.g. "orders",
// "invoices"). Its meaning is defined by the application domain.
type PermissionProvider interface {
// ResolveMask returns the PermissionMask for uid on resource.
// A zero mask means no permissions are granted. Callers check individual
// bits with PermissionMask.Has using domain-defined Permission constants.
ResolveMask(ctx context.Context, uid, resource string) (PermissionMask, error)
}
Reference in New Issue View Git Blame Copy Permalink