DeforaNetworks/corteza
3
0
Fork 0
Code Activity

Prepare RBAC processing utils

Browse Source
This commit is contained in:
Tomaž Jerman
2023-02-19 10:56:55 +01:00
parent 7ed70a374f
commit acc256badf
7 changed files with 1196 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
server/pkg/envoyx/rbac_references_automation.gen.go generated Normal file
View File

@@ -0,0 +1,24 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"github.com/cortezaproject/corteza/server/automation/types"
)
// AutomationWorkflowRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func AutomationWorkflowRbacReferences(workflow string) (res *Ref, pp []*Ref, err error) {
if workflow != "*" {
res = &Ref{ResourceType: types.WorkflowResourceType, Identifiers: MakeIdentifiers(workflow)}
}
return
}

110
server/pkg/envoyx/rbac_references_compose.gen.go generated Normal file
View File

@@ -0,0 +1,110 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"github.com/cortezaproject/corteza/server/compose/types"
)
// ComposeChartRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposeChartRbacReferences(namespaceID string, chart string) (res *Ref, pp []*Ref, err error) {
if namespaceID != "*" {
pp = append(pp, &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespaceID)})
}
if chart != "*" {
res = &Ref{ResourceType: types.ChartResourceType, Identifiers: MakeIdentifiers(chart)}
}
return
}
// ComposeModuleRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposeModuleRbacReferences(namespaceID string, module string) (res *Ref, pp []*Ref, err error) {
if namespaceID != "*" {
pp = append(pp, &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespaceID)})
}
if module != "*" {
res = &Ref{ResourceType: types.ModuleResourceType, Identifiers: MakeIdentifiers(module)}
}
return
}
// ComposeModuleFieldRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposeModuleFieldRbacReferences(namespaceID string, moduleID string, moduleField string) (res *Ref, pp []*Ref, err error) {
if namespaceID != "*" {
pp = append(pp, &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespaceID)})
}
if moduleID != "*" {
pp = append(pp, &Ref{ResourceType: types.ModuleResourceType, Identifiers: MakeIdentifiers(moduleID)})
}
if moduleField != "*" {
res = &Ref{ResourceType: types.ModuleFieldResourceType, Identifiers: MakeIdentifiers(moduleField)}
}
return
}
// ComposeNamespaceRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposeNamespaceRbacReferences(namespace string) (res *Ref, pp []*Ref, err error) {
if namespace != "*" {
res = &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespace)}
}
return
}
// ComposePageRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposePageRbacReferences(namespaceID string, page string) (res *Ref, pp []*Ref, err error) {
if namespaceID != "*" {
pp = append(pp, &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespaceID)})
}
if page != "*" {
res = &Ref{ResourceType: types.PageResourceType, Identifiers: MakeIdentifiers(page)}
}
return
}
// ComposeRecordRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ComposeRecordRbacReferences(namespaceID string, moduleID string, record string) (res *Ref, pp []*Ref, err error) {
if namespaceID != "*" {
pp = append(pp, &Ref{ResourceType: types.NamespaceResourceType, Identifiers: MakeIdentifiers(namespaceID)})
}
if moduleID != "*" {
pp = append(pp, &Ref{ResourceType: types.ModuleResourceType, Identifiers: MakeIdentifiers(moduleID)})
}
if record != "*" {
res = &Ref{ResourceType: types.RecordResourceType, Identifiers: MakeIdentifiers(record)}
}
return
}

56
server/pkg/envoyx/rbac_references_federation.gen.go generated Normal file
View File

@@ -0,0 +1,56 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"github.com/cortezaproject/corteza/server/federation/types"
)
// FederationNodeRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func FederationNodeRbacReferences(node string) (res *Ref, pp []*Ref, err error) {
if node != "*" {
res = &Ref{ResourceType: types.NodeResourceType, Identifiers: MakeIdentifiers(node)}
}
return
}
// FederationExposedModuleRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func FederationExposedModuleRbacReferences(nodeID string, exposedModule string) (res *Ref, pp []*Ref, err error) {
if nodeID != "*" {
pp = append(pp, &Ref{ResourceType: types.NodeResourceType, Identifiers: MakeIdentifiers(nodeID)})
}
if exposedModule != "*" {
res = &Ref{ResourceType: types.ExposedModuleResourceType, Identifiers: MakeIdentifiers(exposedModule)}
}
return
}
// FederationSharedModuleRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func FederationSharedModuleRbacReferences(nodeID string, sharedModule string) (res *Ref, pp []*Ref, err error) {
if nodeID != "*" {
pp = append(pp, &Ref{ResourceType: types.NodeResourceType, Identifiers: MakeIdentifiers(nodeID)})
}
if sharedModule != "*" {
res = &Ref{ResourceType: types.SharedModuleResourceType, Identifiers: MakeIdentifiers(sharedModule)}
}
return
}

141
server/pkg/envoyx/rbac_references_system.gen.go generated Normal file
View File

@@ -0,0 +1,141 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"github.com/cortezaproject/corteza/server/system/types"
)
// SystemApplicationRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemApplicationRbacReferences(application string) (res *Ref, pp []*Ref, err error) {
if application != "*" {
res = &Ref{ResourceType: types.ApplicationResourceType, Identifiers: MakeIdentifiers(application)}
}
return
}
// SystemApigwRouteRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemApigwRouteRbacReferences(apigwRoute string) (res *Ref, pp []*Ref, err error) {
if apigwRoute != "*" {
res = &Ref{ResourceType: types.ApigwRouteResourceType, Identifiers: MakeIdentifiers(apigwRoute)}
}
return
}
// SystemAuthClientRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemAuthClientRbacReferences(authClient string) (res *Ref, pp []*Ref, err error) {
if authClient != "*" {
res = &Ref{ResourceType: types.AuthClientResourceType, Identifiers: MakeIdentifiers(authClient)}
}
return
}
// SystemDataPrivacyRequestRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemDataPrivacyRequestRbacReferences(dataPrivacyRequest string) (res *Ref, pp []*Ref, err error) {
if dataPrivacyRequest != "*" {
res = &Ref{ResourceType: types.DataPrivacyRequestResourceType, Identifiers: MakeIdentifiers(dataPrivacyRequest)}
}
return
}
// SystemQueueRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemQueueRbacReferences(queue string) (res *Ref, pp []*Ref, err error) {
if queue != "*" {
res = &Ref{ResourceType: types.QueueResourceType, Identifiers: MakeIdentifiers(queue)}
}
return
}
// SystemReportRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemReportRbacReferences(report string) (res *Ref, pp []*Ref, err error) {
if report != "*" {
res = &Ref{ResourceType: types.ReportResourceType, Identifiers: MakeIdentifiers(report)}
}
return
}
// SystemRoleRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemRoleRbacReferences(role string) (res *Ref, pp []*Ref, err error) {
if role != "*" {
res = &Ref{ResourceType: types.RoleResourceType, Identifiers: MakeIdentifiers(role)}
}
return
}
// SystemTemplateRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemTemplateRbacReferences(template string) (res *Ref, pp []*Ref, err error) {
if template != "*" {
res = &Ref{ResourceType: types.TemplateResourceType, Identifiers: MakeIdentifiers(template)}
}
return
}
// SystemUserRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemUserRbacReferences(user string) (res *Ref, pp []*Ref, err error) {
if user != "*" {
res = &Ref{ResourceType: types.UserResourceType, Identifiers: MakeIdentifiers(user)}
}
return
}
// SystemDalConnectionRbacReferences generates RBAC references
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func SystemDalConnectionRbacReferences(dalConnection string) (res *Ref, pp []*Ref, err error) {
if dalConnection != "*" {
res = &Ref{ResourceType: types.DalConnectionResourceType, Identifiers: MakeIdentifiers(dalConnection)}
}
return
}

272
server/pkg/envoyx/rbac_rules_parse.gen.go generated Normal file
View File

@@ -0,0 +1,272 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"fmt"
"strings"
automationTypes "github.com/cortezaproject/corteza/server/automation/types"
composeTypes "github.com/cortezaproject/corteza/server/compose/types"
federationTypes "github.com/cortezaproject/corteza/server/federation/types"
systemTypes "github.com/cortezaproject/corteza/server/system/types"
)
// Parse generates resource setting logic for each resource
//
// Resources with "envoy: false" are skipped
//
// This function is auto-generated
func ParseRule(res string) (string, *Ref, []*Ref, error) {
if res == "" {
return "", nil, nil, fmt.Errorf("empty resource")
}
sp := "/"
res = strings.TrimSpace(res)
res = strings.TrimRight(res, sp)
rr := strings.Split(res, sp)
// only service defined (corteza::system, corteza::compose, ...)
if len(rr) == 1 {
return res, nil, nil, nil
}
// full thing
resourceType, path := rr[0], rr[1:]
for p := 1; p < len(path); p++ {
if path[p] != "*" && path[p-1] == "*" {
return "", nil, nil, fmt.Errorf("invalid path wildcard combination for '%s'", res)
}
}
// make the resource provide the slice of parent resources we should nest under
switch resourceType {
case systemTypes.ApplicationResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemApplicationRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.ApigwRouteResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemApigwRouteRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.AuthClientResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemAuthClientRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.DataPrivacyRequestResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemDataPrivacyRequestRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.QueueResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemQueueRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.ReportResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemReportRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.RoleResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemRoleRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.TemplateResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemTemplateRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.UserResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemUserRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case systemTypes.DalConnectionResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := SystemDalConnectionRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case composeTypes.ChartResourceType:
if len(path) != 2 {
return "", nil, nil, fmt.Errorf("expecting 2 reference components in path, got %d", len(path))
}
ref, pp, err := ComposeChartRbacReferences(
path[0],
path[1],
)
return resourceType, ref, pp, err
case composeTypes.ModuleResourceType:
if len(path) != 2 {
return "", nil, nil, fmt.Errorf("expecting 2 reference components in path, got %d", len(path))
}
ref, pp, err := ComposeModuleRbacReferences(
path[0],
path[1],
)
return resourceType, ref, pp, err
case composeTypes.ModuleFieldResourceType:
if len(path) != 3 {
return "", nil, nil, fmt.Errorf("expecting 3 reference components in path, got %d", len(path))
}
ref, pp, err := ComposeModuleFieldRbacReferences(
path[0],
path[1],
path[2],
)
return resourceType, ref, pp, err
case composeTypes.NamespaceResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := ComposeNamespaceRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case composeTypes.PageResourceType:
if len(path) != 2 {
return "", nil, nil, fmt.Errorf("expecting 2 reference components in path, got %d", len(path))
}
ref, pp, err := ComposePageRbacReferences(
path[0],
path[1],
)
return resourceType, ref, pp, err
case composeTypes.RecordResourceType:
if len(path) != 3 {
return "", nil, nil, fmt.Errorf("expecting 3 reference components in path, got %d", len(path))
}
ref, pp, err := ComposeRecordRbacReferences(
path[0],
path[1],
path[2],
)
return resourceType, ref, pp, err
case automationTypes.WorkflowResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := AutomationWorkflowRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case federationTypes.NodeResourceType:
if len(path) != 1 {
return "", nil, nil, fmt.Errorf("expecting 1 reference components in path, got %d", len(path))
}
ref, pp, err := FederationNodeRbacReferences(
path[0],
)
return resourceType, ref, pp, err
case federationTypes.ExposedModuleResourceType:
if len(path) != 2 {
return "", nil, nil, fmt.Errorf("expecting 2 reference components in path, got %d", len(path))
}
ref, pp, err := FederationExposedModuleRbacReferences(
path[0],
path[1],
)
return resourceType, ref, pp, err
case federationTypes.SharedModuleResourceType:
if len(path) != 2 {
return "", nil, nil, fmt.Errorf("expecting 2 reference components in path, got %d", len(path))
}
ref, pp, err := FederationSharedModuleRbacReferences(
path[0],
path[1],
)
return resourceType, ref, pp, err
case systemTypes.ComponentResourceType:
if len(path) != 0 {
return "", nil, nil, fmt.Errorf("expecting 0 reference components in path, got %d", len(path))
}
// Component resource, no path
return resourceType, nil, nil, nil
case composeTypes.ComponentResourceType:
if len(path) != 0 {
return "", nil, nil, fmt.Errorf("expecting 0 reference components in path, got %d", len(path))
}
// Component resource, no path
return resourceType, nil, nil, nil
case automationTypes.ComponentResourceType:
if len(path) != 0 {
return "", nil, nil, fmt.Errorf("expecting 0 reference components in path, got %d", len(path))
}
// Component resource, no path
return resourceType, nil, nil, nil
case federationTypes.ComponentResourceType:
if len(path) != 0 {
return "", nil, nil, fmt.Errorf("expecting 0 reference components in path, got %d", len(path))
}
// Component resource, no path
return resourceType, nil, nil, nil
}
// return unhandled resource as-is
return resourceType, nil, nil, nil
}

128
server/pkg/envoyx/rbacutils.go Normal file
View File

@@ -0,0 +1,128 @@
package envoyx
import (
"fmt"
"strings"
"github.com/cortezaproject/corteza/server/pkg/rbac"
"github.com/cortezaproject/corteza/server/system/types"
)
type (
rbacer interface {
RbacResource() string
}
)
func RBACRulesForNodes(rr rbac.RuleSet, nn ...*Node) (rules NodeSet, err error) {
rules = make(NodeSet, 0, len(rr)/2)
dups := make(map[uint64]map[string]map[string]bool)
for _, n := range nn {
c, ok := n.Resource.(rbacer)
if !ok {
continue
}
// Split up the path of this resource
//
// @todo move over to those generated functions
resPath := splitResourcePath(c.RbacResource())
// Find all of the rules that fall under this resource
for _, r := range rr {
if r.RoleID == 0 {
// Can't exist; skip to avoid edge cases
continue
}
// Split up the path of the rule
//
// @todo move over to that generated function
rulePath := splitResourcePath(r.Resource)
if !isPathSubset(rulePath, resPath) {
// Mismatch; skip
continue
}
// Check if this rule has already been seen
if dups[r.RoleID] != nil && dups[r.RoleID][r.Resource] != nil && dups[r.RoleID][r.Resource][r.Operation] {
continue
}
// Parse the path so we can process it further
_, res, path, err := ParseRule(r.Resource)
if err != nil {
return nil, err
}
// Get the refs
rf := make(map[string]Ref, 2)
for i, ref := range append(path, res) {
// Whenever you'd use a wildcard, it will produce a nil so it
// needs to be skipped
if ref == nil {
continue
}
ref.Scope = n.Scope
// @todo make the thing not a pointer
rf[fmt.Sprintf("Resource.%d", i)] = *ref
}
// Ref to the rule
rf["RoleID"] = Ref{
ResourceType: types.RoleResourceType,
Identifiers: MakeIdentifiers(r.RoleID),
}
rules = append(rules, &Node{
Resource: r,
ResourceType: rbac.RuleResourceType,
References: rf,
Scope: n.Scope,
})
// Update the dup checking index
if dups[r.RoleID] == nil {
dups[r.RoleID] = make(map[string]map[string]bool)
}
if dups[r.RoleID][r.Resource] == nil {
dups[r.RoleID][r.Resource] = make(map[string]bool)
}
dups[r.RoleID][r.Resource][r.Resource] = true
}
}
return
}
func splitResourcePath(p string) []string {
return strings.Split(p, "/")[1:]
}
func isPathSubset(rulePath, resPath []string) bool {
if len(rulePath) == 0 && len(resPath) == 0 {
return true
}
// The lengths must match since missing bits are replaced with wildcards
if len(rulePath) != len(resPath) {
return false
}
for i := 0; i < len(resPath); i++ {
if rulePath[i] == "*" {
// Rule matches everything from now on; if we got this far, we're good
return true
}
if rulePath[i] != resPath[i] {
return false
}
}
return true
}

465
server/pkg/envoyx/util_rbac.gen.go generated Normal file
View File

@@ -0,0 +1,465 @@
package envoyx
// This file is auto-generated.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
//
import (
"strings"
)
// SplitResourceIdentifier takes an identifier string and splices it into path
// identifiers as defined by the resource
func SplitResourceIdentifier(ref string) (out map[string]Ref) {
out = make(map[string]Ref, 3)
ref = strings.TrimRight(ref, "/")
pp := strings.Split(ref, "/")
rt := pp[0]
pp = pp[1:]
gRef := func(pp []string, i int) string {
if pp[i] == "*" {
return ""
}
return pp[i]
}
switch rt {
case "corteza::system:apigwFilter":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:apigw-filter",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:apigwRoute":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:apigw-route",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:application":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:application",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:attachment":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:attachment",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:authClient":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:auth-client",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:authConfirmedClient":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:auth-confirmed-client",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:authOa2token":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:auth-oa2token",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:authSession":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:auth-session",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:credential":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:credential",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:dalConnection":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:dal-connection",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:dalSensitivityLevel":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:dal-sensitivity-level",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:dataPrivacyRequest":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:data-privacy-request",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:dataPrivacyRequestComment":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:data-privacy-request-comment",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:queue":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:queue",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:queueMessage":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:queue-message",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:reminder":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:reminder",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:report":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:report",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:resourceTranslation":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:resource-translation",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:role":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:role",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:roleMember":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:role-member",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:settingValue":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:settings",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:template":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:template",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::system:user":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::system:user",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::compose:attachment":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::compose:attachment",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::compose:chart":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::compose:chart",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
case "corteza::compose:module":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::compose:module",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
case "corteza::compose:moduleField":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
if gRef(pp, 2) == "" {
return
}
out["2"] = Ref{
ResourceType: "corteza::compose:module-field",
Identifiers: MakeIdentifiers(gRef(pp, 2)),
}
case "corteza::compose:namespace":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::compose:namespace",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::compose:page":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::compose:page",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
case "corteza::compose:record":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
if gRef(pp, 2) == "" {
return
}
out["2"] = Ref{
ResourceType: "corteza::compose:record",
Identifiers: MakeIdentifiers(gRef(pp, 2)),
}
case "corteza::compose:recordRevision":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::compose:record-revision",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::automation:session":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::automation:session",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::automation:trigger":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::automation:trigger",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::automation:workflow":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::automation:workflow",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::federation:exposedModule":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::federation:exposed-module",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
case "corteza::federation:moduleMapping":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::federation:module-mapping",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
case "corteza::federation:node":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::federation:node",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::federation:nodeSync":
if gRef(pp, 0) == "" {
return
}
out["0"] = Ref{
ResourceType: "corteza::federation:node-sync",
Identifiers: MakeIdentifiers(gRef(pp, 0)),
}
case "corteza::federation:sharedModule":
if gRef(pp, 0) == "" {
return
}
if gRef(pp, 1) == "" {
return
}
out["1"] = Ref{
ResourceType: "corteza::federation:shared-module",
Identifiers: MakeIdentifiers(gRef(pp, 1)),
}
}
return
}