BuildAuditEntry builds an AuditEntry from the given parameters.

InConsumableSecretOrder is a scope that orders secrets in the order in which they should be consumed.

IsNotFound determines if an error is a record not found.

IsNullActor returns true if the given Auditable is the null actor.

IsUniqueViolation returns true if the given error corresponds to a "duplicate index" error on the given index.

IsValidationError returns true if the error is a validation error (user error), or false otherwise.

MakeKeyServerStatsDay creates a storage struct from a key-server StatsDay response.

MustTestInstance is NewTestInstance, except it prints errors to stderr and calls os.Exit when finished.

NewGormZapLogger creates a new gorm logger.

NewRealmWithDefaults initializes a new Realm with the default settings populated, and the provided name.

NewSecretResolver makes a new secret resolver using the provided database and secret manager instance.

NewTestInstance creates a new Docker-based database instance.

OnlySystemAdmins returns a scope that restricts the query to system admins.

Paginate is a helper that paginates a gorm query into the given result.

PaginateFn paginates with a custom function for returning results.

ToCIDRList converts the newline-separated and/or comma-separated CIDR list into an array of strings.

Unscoped returns an unscoped database (for finding soft-deleted records and clearing other scopes).

WithAppOS returns a scope that for querying MobileApps by Operating System type.

WithAuditRealmID returns a scope that adds querying for Audit events by realm.

WithAuditTime returns a scope that adds querying for Audit events by time.

WithAuthorizedAppSearch returns a scope that adds querying for API keys by name and preview, case-insensitive.

WithAuthorizedAppType returns a scope that filters by the given type.

WithKeyManager alters the key manager.

WithMobileAppSearch returns a scope that adds querying for mobile apps by name, case-insensitive.

WithoutAuditTest excludes audit entries related to test entries created from SystemTest.

WithoutPermissionSearch searches for memberships which do not have the given permission.

WithPermissionSearch searches for memberships which have the given permission.

WithRealmAutoKeyRotationEnabled filters by realms which have the auto key rotation enabled/disabled depending on the boolean.

WithRealmSearch returns a scope that adds querying for realms by name.

WithSecretManager alters the secret manager.

WithSigningKeyManager alters the signing key manager.

WithUserSearch returns a scope that adds querying for users by email and name, case-insensitive.

MaxPageSize is the maximum allowed page size for a list query.

MFAOptional will not prompt users to enable MFA.

MFAOptionalPrompt will prompt users for MFA on login.

MFARequired will not allow users to proceed without MFA on their account.

MinCodeLength defines the minimum number of digits in a code.

NonceLength is the required length of an associated user-report request.

ApproxTime is a compare helper for clock skew.

ErrMissingActor is the error that is returned when a function that wants an Auditable actor passes nil for the actor.

ErrNoSigningKeyManager is the error returned when the key manager cannot be used as a SigningKeyManager.

ErrValidationFailed is the error returned when validation failed.

NullActor represents system actions that should not write event logs.

System represents the system and actions it has taken.

SystemTest represents the system and actions it has taken.

ValidTestTypes is a map containing the valid test types.

AuditEntry represents an event in the system.

AuthorizedApp represents an application that is authorized to verify verification codes and perform token exchanges.

AuthorizedAppStat represents statistics related to an API key in the database.

BulkPermission represents a bulk permission operation.

CompositeDay represents a single day of composite stats.

Config represents the env var based configuration for database connections.

Database is a handle to the database layer for the Exposure Notifications Verification Server.

DurationSeconds is a custom type for writing and reading a time.Duration to be stored as seconds in the database.

DynamicTranslation stores a per-realm localized string that can be used for user-facing content (currently only user-report webview).

EmailConfig represents and email configuration.

Errorable defines an embeddable struct for managing errors on models.

ExternalIssuerStat represents statistics related to a user in the database.

GormZapLogger is a gorm logger than writes to a zap logger for structured logging.

IssueTokenRequest is used to request the validation of a verification code in order to issue a token.

KeyServerStats represents statistics for a key-server for this realm.

KeyServerStatsDay represents statistics for each day.

LockStatus represents a distributed lock that spaces operations out.

Membership represents a user's membership in a realm.

Realm represents a tenant in the system.

RealmChaffEvent is a record that indicates a realm received a chaff event on the given date.

RealmStat represents statistics related to a user in the database.

RealmUserStat is an interim data structure representing a single date/user statistic.

Secret represents the reference to a secret in an upstream secret manager.

SigningKey represents a reference to a KMS backed signing key version for verification certificate signing.

SMSConfig represents and SMS configuration.

SMSErrorStat represents statistics related to a user in the database.

SMSFromNumber represents a source number which can send SMS messages.

SMSProviderUSerReport is an SMSProviderOption that will utilize a separate from number for user-report if one exists.

SMSSigningKey represents a reference to a KMS backed signing key version for SMS payload signing.

Subject represents the data that is used in the 'sub' field of the token JWT.

TestInstance is a wrapper around the Docker-based database instance.

Token represents an issued "long term" from a validated verification code.

TokenSigningKey represents a collection of references to a KMS-backed signing key version for verification token signing.

User represents a user of the system.

UserReport is used to de-duplicate phone numbers for user-initiated reporting.

UserStat represents a single-date statistic for a user.

VerificationCode represents a verification code in the database.

Auditable represents a resource that can be audited as an actor or actee.

ManagedKey is an interface that allows for a realm to manage signing keys for different purposes.

RealmManagedKey indicates that this key is owned by a realm.

SMSProviderOption specifies options that can be used when requesting SMS providers.

AuthorizedAppStats represents a logical collection of stats for an authorized app.

AuthRequirement represents authentication requirements for the realm.

BulkPermissionAction is the permission action to take.

CompositeStats is an internal type for collecting unifed realm and key server stats.

ExternalIssuerStats is a collection of external issuer stats.

RealmStats represents a logical collection of stats of a realm.

RealmUserStats is a grouping collection of RealmUserStat.

Scope is a type alias to a gorm scope.

SecretType represents a secret type.

SMSErrorStats is a collection of external issuer stats.

TestType is a test type in the database.

UserStats represents a logical collection of stats for a user.

UtilOption is used as optional configuration to the database setup.