rbac

package module

v1.3.0 Latest Latest Go to latest Published: May 27, 2024 License: Apache-2.0 Imports: 13 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aacfactory/fns-contrib

Links

Open Source Insights

README ¶

RBAC

rbac service and enforcer for permissions.

Install

go get github.com/aacfactory/fns-contrib/permissions/rbac

Usage

Deploy service

app.Deploy(rbac.New(store))
app.Deploy(permissions.New(rbac.Enforcer()))

Enable cache.
Note: when enabled, then modify role will not update cache.

permissions:
  cache:
    enable: true
    ttl: "1h0m0s"

Store

Implement rbac.Store or use sql.

Functions

Bind
Unbind
Bounds
Get role
List roles
Save role
Remove role

Documentation ¶

Index ¶

Variables
func Bind(ctx context.Context, param BindParam) (err error)
func Enforcer() permissions.Enforcer
func New(store Store) services.Service
func Remove(ctx context.Context, id string, cascade bool) (err error)
func Save(ctx context.Context, role Role) (err error)
func Unbind(ctx context.Context, param UnbindParam) (err error)
type BindParam
type CacheConfig
type CacheParam
- func (param CacheParam) CacheKey(_ context.Context) (key []byte, err error)
type Config
type Policy
type Role
- func Get(ctx context.Context, id string) (v Role, err error)
- func (role *Role) CheckPolicy(object string, action string) (ok bool)
- func (role *Role) Contains(target Role) (ok bool)
- func (role *Role) Ids() (ids []string)
- func (role *Role) Mount(target Role) (ok bool)
type Roles
- func Bounds(ctx context.Context, account authorizations.Id) (v Roles, err error)
- func List(ctx context.Context) (v Roles, err error)
- func (roles Roles) Add(role Role) (v Roles)
- func (roles Roles) CheckPolicy(object string, action string) (ok bool)
- func (roles Roles) Get(id string) (role Role, has bool)
- func (roles Roles) Len() int
- func (roles Roles) Less(i, j int) bool
- func (roles Roles) Remove(role Role) (v Roles)
- func (roles Roles) Swap(i, j int)
type Store
type UnbindParam

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrRoleNofFound             = errors.Warning("rbac: role was not found")
	ErrCantRemoveHasChildrenRow = errors.Warning("rbac: can not remove role which has children")
)

Functions ¶

func Bind ¶

func Bind(ctx context.Context, param BindParam) (err error)

func Enforcer ¶

func Enforcer() permissions.Enforcer

func New ¶ added in v1.2.1

func New(store Store) services.Service

func Remove ¶

func Remove(ctx context.Context, id string, cascade bool) (err error)

func Save ¶

func Save(ctx context.Context, role Role) (err error)

func Unbind ¶ added in v1.2.1

func Unbind(ctx context.Context, param UnbindParam) (err error)

Types ¶

type BindParam ¶

type BindParam struct {
	Account authorizations.Id `json:"account" avro:"account"`
	Roles   Roles             `json:"roles" avro:"roles"`
}

type CacheConfig ¶ added in v1.2.50

type CacheConfig struct {
	Enable bool          `json:"enable"`
	TTL    time.Duration `json:"ttl"`
}

type CacheParam ¶ added in v1.2.50

type CacheParam struct {
	Account authorizations.Id
}

func (CacheParam) CacheKey ¶ added in v1.2.50

func (param CacheParam) CacheKey(_ context.Context) (key []byte, err error)

type Config ¶ added in v1.2.50

type Config struct {
	Cache CacheConfig `json:"cache"`
}

type Policy ¶

type Policy struct {
	Object string `json:"object" avro:"object"`
	Action string `json:"action" avro:"action"`
}

type Role ¶

type Role struct {
	Id          string   `json:"id" tree:"ParentId+Children" avro:"id"`
	Name        string   `json:"name" avro:"name"`
	Description string   `json:"description" avro:"description"`
	ParentId    string   `json:"parentId" avro:"parentId"`
	Children    Roles    `json:"children" avro:"children"`
	Policies    []Policy `json:"policies" avro:"policies"`
}

func Get ¶

func Get(ctx context.Context, id string) (v Role, err error)

func (*Role) CheckPolicy ¶

func (role *Role) CheckPolicy(object string, action string) (ok bool)

func (*Role) Contains ¶ added in v1.2.1

func (role *Role) Contains(target Role) (ok bool)

func (*Role) Ids ¶ added in v1.2.1

func (role *Role) Ids() (ids []string)

func (*Role) Mount ¶ added in v1.2.1

func (role *Role) Mount(target Role) (ok bool)

type Roles ¶

type Roles []Role

func Bounds ¶

func Bounds(ctx context.Context, account authorizations.Id) (v Roles, err error)

func List ¶

func List(ctx context.Context) (v Roles, err error)

func (Roles) Add ¶ added in v1.2.1

func (roles Roles) Add(role Role) (v Roles)

func (Roles) CheckPolicy ¶

func (roles Roles) CheckPolicy(object string, action string) (ok bool)

func (Roles) Get ¶ added in v1.2.1

func (roles Roles) Get(id string) (role Role, has bool)

func (Roles) Len ¶

func (roles Roles) Len() int

func (Roles) Less ¶

func (roles Roles) Less(i, j int) bool

func (Roles) Remove ¶ added in v1.2.1

func (roles Roles) Remove(role Role) (v Roles)

func (Roles) Swap ¶

func (roles Roles) Swap(i, j int)

type Store ¶

type Store interface {
	services.Component
	Role(ctx context.Context, id string) (role Role, has bool, err error)
	Roles(ctx context.Context) (roles Roles, err error)
	SaveRole(ctx context.Context, role Role) (err error)
	RemoveRole(ctx context.Context, role Role) (err error)
	Bind(ctx context.Context, account authorizations.Id, roles []Role) (err error)
	Unbind(ctx context.Context, account authorizations.Id, roles []Role) (err error)
	Bounds(ctx context.Context, account authorizations.Id) (roles Roles, err error)
}

type UnbindParam ¶ added in v1.2.1

type UnbindParam struct {
	Account authorizations.Id `json:"account" avro:"account"`
	Roles   Roles             `json:"roles" avro:"roles"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
redis module
sql module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL