diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-24 17:58:01 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-24 17:58:01 -0600 |
| commit | 72296119fc9755774719f8f625ad03e0e0ec457a (patch) | |
| tree | ed236ddee12a20fb55b7cfecf13f62d3a000dcb5 /vendor/github.com/authzed/zed/pkg/backupformat/encoder.go | |
| parent | a920a8cfe415858bb2777371a77018599ffed23f (diff) | |
| parent | eaa1bd3b8e12934aed06413d75e7482ac58d805a (diff) | |
Merge branch 'the-spice-must-flow' into 'main'
Add SpiceDB Authorization
See merge request gitlab-org/software-supply-chain-security/authorization/sparkled!19
Diffstat (limited to 'vendor/github.com/authzed/zed/pkg/backupformat/encoder.go')
| -rw-r--r-- | vendor/github.com/authzed/zed/pkg/backupformat/encoder.go | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/vendor/github.com/authzed/zed/pkg/backupformat/encoder.go b/vendor/github.com/authzed/zed/pkg/backupformat/encoder.go new file mode 100644 index 0000000..f591ee7 --- /dev/null +++ b/vendor/github.com/authzed/zed/pkg/backupformat/encoder.go @@ -0,0 +1,91 @@ +package backupformat + +import ( + "errors" + "fmt" + "io" + + "github.com/hamba/avro/v2/ocf" + "google.golang.org/protobuf/proto" + + v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" +) + +func NewEncoderForExisting(w io.Writer) (*Encoder, error) { + avroSchema, err := avroSchemaV1() + if err != nil { + return nil, fmt.Errorf("unable to create avro schema: %w", err) + } + + enc, err := ocf.NewEncoder(avroSchema, w, ocf.WithCodec(ocf.Snappy)) + if err != nil { + return nil, fmt.Errorf("unable to create encoder: %w", err) + } + + return &Encoder{enc}, nil +} + +func NewEncoder(w io.Writer, schema string, token *v1.ZedToken) (*Encoder, error) { + avroSchema, err := avroSchemaV1() + if err != nil { + return nil, fmt.Errorf("unable to create avro schema: %w", err) + } + + if token == nil { + return nil, errors.New("missing expected token") + } + + md := map[string][]byte{ + metadataKeyZT: []byte(token.Token), + } + + enc, err := ocf.NewEncoder(avroSchema, w, ocf.WithCodec(ocf.Snappy), ocf.WithMetadata(md)) + if err != nil { + return nil, fmt.Errorf("unable to create encoder: %w", err) + } + + if err := enc.Encode(SchemaV1{ + SchemaText: schema, + }); err != nil { + return nil, fmt.Errorf("unable to encode SpiceDB schema object: %w", err) + } + + return &Encoder{enc}, nil +} + +type Encoder struct { + enc *ocf.Encoder +} + +func (e *Encoder) Append(rel *v1.Relationship) error { + var toEncode RelationshipV1 + + toEncode.ObjectType = rel.Resource.ObjectType + toEncode.ObjectID = rel.Resource.ObjectId + toEncode.Relation = rel.Relation + toEncode.SubjectObjectType = rel.Subject.Object.ObjectType + toEncode.SubjectObjectID = rel.Subject.Object.ObjectId + toEncode.SubjectRelation = rel.Subject.OptionalRelation + if rel.OptionalCaveat != nil { + contextBytes, err := proto.Marshal(rel.OptionalCaveat.Context) + if err != nil { + return fmt.Errorf("error marshaling caveat context: %w", err) + } + + toEncode.CaveatName = rel.OptionalCaveat.CaveatName + toEncode.CaveatContext = contextBytes + } + + if err := e.enc.Encode(toEncode); err != nil { + return fmt.Errorf("unable to encode relationship: %w", err) + } + + return nil +} + +func (e *Encoder) Close() error { + if err := e.enc.Flush(); err != nil { + return fmt.Errorf("unable to flush encoder: %w", err) + } + return nil +} |