Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AuthzCtx - Alp社内共有会

machu
April 22, 2022

AuthzCtx - Alp社内共有会

Alp社内共有会用

machu

April 22, 2022
Tweet

More Decks by machu

Other Decks in Technology

Transcript

  1. Authz 2 0 2 2 / 0 4 / 2

    2 υ ϝ Π ϯ ڞ ༗ ձ M A C H U
  2. 5 ద༻ൣғ͕޿͍ Presenter Controller Repository(DB etc..) UseCase Domain Masking item

    Execute endpoint Filter resource read/write auhorization Execute UseCase Ramification domainLogic Execute domainLogic ֤૚ͰೝՄΛద༻͍ͨ͠৔໘͕͜Ε͚ͩ͋Γ·͢ɻ͜ΕΒΛผʑͷ࢓૊ΈͰ࣮૷ͯ͠͠·͏ͱ ख਺͕ଟ͘ͳΓ͗͢Δ͠ɺ࢓૊Έಉ࢜ͷ੔߹ੑΛઁΔ͜ͱ΋೉͘͠ͳΓ·͢ɻ
  3. 6 ద༻ൣғ͕޿͍ Presenter Controller Repository(DB etc..) UseCase Domain Presenter Controller

    Repository(DB etc..) UseCase Domain Presenter Controller Repository(DB etc..) UseCase Domain Ctx-A Ctx-B Ctx-C ͔͠΋ɺͦͷ૚͕ෳ਺ͷίϯςΩετʹ·͕ͨΓ·͢ɻ ౷ҰతʹऔΓѻ͏ೝՄج൫͕ͳ͍ͱख਺͕૿͑͗͢Δ͠ɺظ଴ͨ͠ڍಈΛಘΔͷ΋อͭͷ΋೉͘͠ͳΓ·͢ɻ ·ͨɺॲཧͷϑϩʔ΋ෳࡶԽ͕ͪ͠Ͱ͢ɻ
  4. 7 ೝՄͷ֓೦͕ᐆດͰɺѻ͍͕೉͍͠ Presenter Controller Repository(DB etc..) UseCase Domain Masking item

    Execute endpoint Filter resource read/write auhorization Execute UseCase Ramification domainLogic Execute domainLogic ͜Ε͚֤ͩ૚ʹ͓͍༷ͯʑͳ࡞༻͕͋ΔͷͰɺͲͷΑ͏ͳ֓೦ͱͯ͠औΓѻ͏͔೉͍͠໰୊͕ ͋Γ·͢ɻ
  5. 8 ϩδοΫͱີʹͳΓ΍͍͢ ୯७ʹॻ͘ͱɺݖݶ͕ଘࡏ͢Δ͔ͷνΣοΫΛ৭ʑͳͱ͜Ζʹ࢓ࠐΉ͜ͱʹͳΓ·͢ `If (Operator.policy. fi nd(_ == CanWriteContract)) ~

    ` ͱ͍ͬͨ۩߹Ͱ͢ɻ ͜Ε͚ͩͳΒ·ͩϚγͰ͕͢ɺ࣮ࡍ͸ `If ( (Operator.policy.exixts(_ == AllAllow) || Operator.policy.exixts(_ == CanWriteContract)) && Operator.policy.exixts(_ != AllDeny)) )` ͳͲɺͲΜͲΜංେԽ͍͖ͯ͠ɺͦΕ͕৭ʑͳͱ͜Ζʹࢄ Β͹ͬͯ͠·͍·͢ɻϑϩϯτʹ·ͰඈͼՐͯ͠ີʹͳΓ·͢ɻ
  6. 1 4 Support,Manage,DecideͱɺEnforceͷ෼཭ͱ͸ ‘XACML Reference Architecture’ ʹ ͋Δ஌ݟͰɺೝՄͷ෼཭ͷ୯ҐΛ͜ͷ4ͭʹ෼͚͍ͯΔ ScalebaseͰ͸ Decide,ManageΛAuthzCtxʹด͡ࠐΊɺAuthzIOͰૢ

    ࡞ͷίϚϯυΛΤϑΣΫτந৅Խ Enforce,Support͸جຊతͳ൑ఆ͸AuthzCtxʹدͤɺ BooleanΛฦ͢͜ͱʹΑͬͯ൒؀ߏ଄Λར༻֤ͯ͠Ctx Ͱͷ൑ఆͱ߹੒ͯ͠൑ఆ͕Ͱ͖ΔΑ͏ʹ͍ͯ͠Δ ※Support͸AuthzCtxܦ༝ʹ͢Δύλʔϯ΋͋ΔͷͰ ࠓޙศརͳํΛબ୒͍ͯ͘͠
  7. 1 8 ೝՄج൫v1ͷΧόʔൣғ Presenter Controller Repository(DB etc..) UseCase Domain Masking

    item Execute endpoint Filter resource read/write auhorization Execute UseCase Ramification domainLogic Execute domainLogic
  8. 1 9 ೝՄج൫v2(ࠓ΍ͬͯΔ΍ͭ)ͷΧόʔൣғ Presenter Controller Repository(DB etc..) UseCase Domain Masking

    item Execute endpoint Filter resource read/write auhorization Execute UseCase Ramification domainLogic Execute domainLogic ※͜͜͸PresenterΛEffʹੵΊ͹Ͱ͖ΔΑ͏ʹͳΔ
  9. 2 1 ͷঢ়ଶͱ͸ දݱ͸Ͱ͖Δ͕ɺہॴతͳݖݶ൑ఆ͕͔ͳ Γͷྔʹͳͬͯ͠·͍ɺӡ༻͕ਏ͍ for { hasViewerPermission <- AuthzIO.requestBoolPolicy[R](

    ActionComposing.Literal( principalId = operatorId.toPrincipalId, action = DashboardAnalysisView, resourceIds = Nil ) ) hasExplorerPermission <- AuthzIO.requestBoolPolicy[R]( ActionComposing.Literal( principalId = operatorId.toPrincipalId, action = DashboardAnalysisExplore, resourceIds = Nil ) ) lookerRole <- fromPpError[R, LookerRole] { if (hasViewerPermission) Right(SimpleViewer) else if (hasExplorerPermission) Right(SimpleExplorer) else Left(PpError.UnauthorizedError()) } …
  10. 3 2 ᶃContractͷRead/WriteʹඞཁͳScopeΛ෇༩ implicit val scopeAllocator: ScopeAllocator[ContractId] = ScopeAllocator.allocate( readScope

    = List(Action.ContractRead), writeScope = List(Action.ContractWrite) ) domain૚ʹ͋ΔɺContractIdͱContractͷίϯύχΦϯΦϒδΣΫτʹscopeAllocatorΛઃఆ͠ ·͢ɻ
  11. 3 3 ᶄContractRepositoryͷγάχνϟʹͯ ฦΓ஋ΛࢦఆͷܕͰғ͏ def findById[R: _authzio: _trantask]( providerId: ProviderId,

    id: ContractId ): Eff[R, ReadAuthzScopeRepoFilter[Option[Contract]]] def store[R: _authzio: _trantask: _clockm: _ppErrorEither]( entity: Contract ): Eff[R, WriteAuthzScope[Contract]] ReadScopeΛར༻͢ΔRepositoryͷϝιου͸ ReadAuthzScopeRepoFilterɺ WriteScopeΛར༻͢Δϝιου͸ɺWriteAuthzScope Ͱғ͍·͢ Repository͸ɺ͜ͷΠϯλʔϑΣʔεʹͳ͍ͬͯͳ͍ͱίϯύΠϧΤϥʔʹ͢Δscala fi xϧʔϧ ΋༻ҙͯ͠ΔͷͰྑ͖λΠϛϯάͰద༻͍͖͍ͯͨ͠ͱࢥ͍ͬͯ·͢ɻ
  12. 3 4 ᶅContractRepositoryImplʹͯ ࢦఆͷܕͰғͬͯฦ͢ // ReadScopeͷ෇༩͸ A => ReadAuthzScopeRepoFilter[A] yield

    ReadAuthzScopeRepoFilter(maybe) // WriteScopeͷ෇༩͸ A => Eff[R, WriteAuthzScope[A]] contract <- fromPpError(stored.toRight(ResourceNotFoundError(resourceName = "contract", identifier = entity.id))) contractWithScope <- WriteAuthzScope(contract) Write͸ɺReadAuthzScopeRepoFilter.apply ͰWriteAuthzScopeͰแΉࡍʹscopeΛ෇༩͍ͯ͠ΔͷͰ A => Eff[R, WriteAuthzScope[A]] ͱͳΔͷͰforࣜ಺Ͱapply͠·͢ɻ Read͸ɺReadAuthzScopeRepoFilter. fi lteredValueͰ஋ΛऔΓग़͢ࡍʹscopeΛ෇༩͍ͯ͠ΔͷͰɺA => ReadAuthzScopeRepoFilter[A]ͱͳΔͷͰyieldͳͲͰapply͠·͢ɻ
  13. 4 0 ݱঢ়͸RepositoryͷΈ͕ͩͲ͜Ͱ΋ੵΊΔ ͠ɺͲ͜ͰੵΜͰ΋ಉ͡StateͰ؅ཧͰ͖Δ Presenter Controller Repository(DB etc..) UseCase Domain

    Set Scope A Set Scope B Set Scope C,D Set Scope E Set Scope F State[List[A,B,C,D,E,F], X] ΋ͪΖΜɺෳ਺ͷRepositoryΛ࢖ͬͯ΋ͦΕͧΕͰඞཁͳScope͕ηοτ͞ΕͨState͕खʹೖΓ ·͢ɻ
  14. 6 7