Documentation ¶
Overview ¶
Package authz provides handlers to enable ACL, RBAC, ABAC authorization support. Simple Usage:
import( "github.com/W3-Engineers-Ltd/Radiant" "github.com/W3-Engineers-Ltd/Radiant/server/web/filter/authz" "github.com/casbin/casbin" ) func main(){ // mediate the access for every request radiant.InsertFilter("*", radiant.BeforeRouter, authz.NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv"))) radiant.Run() }
Advanced Usage:
func main(){ e := casbin.NewEnforcer("authz_model.conf", "") e.AddRoleForUser("alice", "admin") e.AddPolicy(...) radiant.InsertFilter("*", radiant.BeforeRouter, authz.NewAuthorizer(e)) radiant.Run() }
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuthorizer ¶
func NewAuthorizer(e *casbin.Enforcer) radiant.FilterFunc
NewAuthorizer returns the authorizer. Use a casbin enforcer as input
Types ¶
type BasicAuthorizer ¶
type BasicAuthorizer authz.BasicAuthorizer
BasicAuthorizer stores the casbin handler
func (*BasicAuthorizer) CheckPermission ¶
func (a *BasicAuthorizer) CheckPermission(r *http.Request) bool
CheckPermission checks the user/method/path combination from the request. Returns true (permission granted) or false (permission forbidden)
func (*BasicAuthorizer) GetUserName ¶
func (a *BasicAuthorizer) GetUserName(r *http.Request) string
GetUserName gets the user name from the request. Currently, only HTTP basic authentication is supported
func (*BasicAuthorizer) RequirePermission ¶
func (a *BasicAuthorizer) RequirePermission(w http.ResponseWriter)
RequirePermission returns the 403 Forbidden to the client
Click to show internal directories.
Click to hide internal directories.