rbac

package

v1.1.0 Latest Latest Go to latest Published: May 8, 2022 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/abichinger/fastac

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenerateGFunction(rm IRoleManager) govaluate.ExpressionFunction
type DomainManager
- func NewDomainManager(maxHierarchyLevel int) *DomainManager
type IDefaultRoleManager
type IRoleManager
type Role
- func (r *Role) String() string
type RoleManager
- func NewRoleManager(maxHierarchyLevel int) *RoleManager
type RolePolicy
- func NewRolePolicy(rm IRoleManager) *RolePolicy

Constants ¶

View Source

const REDUNDANT_ROLE = "redundant_role"

Variables ¶

This section is empty.

Functions ¶

func GenerateGFunction ¶

func GenerateGFunction(rm IRoleManager) govaluate.ExpressionFunction

GenerateGFunction is the factory method of the g(_, _) function.

Types ¶

type DomainManager ¶

type DomainManager struct {
	// contains filtered or unexported fields
}

func NewDomainManager ¶

func NewDomainManager(maxHierarchyLevel int) *DomainManager

NewDomainManager is the constructor for creating an instance of the default DomainManager implementation.

func (*DomainManager) AddLink ¶

func (dm *DomainManager) AddLink(name1 string, name2 string, domains ...string) (bool, error)

AddLink adds the inheritance link between role: name1 and role: name2. aka role: name1 inherits role: name2.

func (*DomainManager) Clear ¶

func (dm *DomainManager) Clear() error

Clear clears all stored data and resets the role manager to the initial state.

func (*DomainManager) DeleteLink ¶

func (dm *DomainManager) DeleteLink(name1 string, name2 string, domains ...string) (bool, error)

DeleteLink deletes the inheritance link between role: name1 and role: name2. aka role: name1 does not inherit role: name2 any more.

func (*DomainManager) GetAllDomains ¶

func (dm *DomainManager) GetAllDomains() ([]string, error)

GetAllDomains gets all domains

func (*DomainManager) GetDomains ¶

func (dm *DomainManager) GetDomains(name string) ([]string, error)

GetDomains gets domains that a user has

func (*DomainManager) GetRoles ¶

func (dm *DomainManager) GetRoles(name string, domains ...string) ([]string, error)

GetRoles gets the roles that a subject inherits.

func (*DomainManager) GetUsers ¶

func (dm *DomainManager) GetUsers(name string, domains ...string) ([]string, error)

GetUsers gets the users of a role.

func (*DomainManager) HasLink ¶

func (dm *DomainManager) HasLink(name1 string, name2 string, domains ...string) (bool, error)

HasLink determines whether role: name1 inherits role: name2.

func (*DomainManager) Range ¶

func (dm *DomainManager) Range(fn func(name1, name2 string, domain ...string) bool)

func (*DomainManager) SetDomainMatcher ¶

func (dm *DomainManager) SetDomainMatcher(matcher util.IMatcher)

SetDomainMatcher support use domain pattern in g

func (*DomainManager) SetMatcher ¶

func (dm *DomainManager) SetMatcher(matcher util.IMatcher)

type IDefaultRoleManager ¶ added in v1.1.0

type IDefaultRoleManager interface {
	IRoleManager

	SetMatcher(fn util.IMatcher)
	SetDomainMatcher(fn util.IMatcher)
}

type IRoleManager ¶

type IRoleManager interface {
	// Clear clears all stored data and resets the role manager to the initial state.
	Clear() error
	// AddLink adds the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	AddLink(name1 string, name2 string, domain ...string) (bool, error)
	// DeleteLink deletes the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	DeleteLink(name1 string, name2 string, domain ...string) (bool, error)
	// HasLink determines whether a link exists between two roles. role: name1 inherits role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	HasLink(name1 string, name2 string, domain ...string) (bool, error)
	// GetRoles gets the roles that a user inherits.
	// domain is a prefix to the roles (can be used for other purposes).
	GetRoles(name string, domain ...string) ([]string, error)
	// GetUsers gets the users that inherits a role.
	// domain is a prefix to the users (can be used for other purposes).
	GetUsers(name string, domain ...string) ([]string, error)

	Range(fn func(name1, name2 string, domain ...string) bool)
}

RoleManager provides interface to define the operations for managing roles.

type Role ¶

type Role struct {
	// contains filtered or unexported fields
}

Role represents the data structure for a role in RBAC.

func (*Role) String ¶

func (r *Role) String() string

type RoleManager ¶

type RoleManager struct {
	// contains filtered or unexported fields
}

RoleManager provides a default implementation for the RoleManager interface

func NewRoleManager ¶

func NewRoleManager(maxHierarchyLevel int) *RoleManager

NewRoleManager is the constructor for creating an instance of the default RoleManager implementation.

func (*RoleManager) AddLink ¶

func (rm *RoleManager) AddLink(name1 string, name2 string, domains ...string) (bool, error)

AddLink adds the inheritance link between role: name1 and role: name2. aka role: name1 inherits role: name2.

func (*RoleManager) Clear ¶

func (rm *RoleManager) Clear() error

Clear clears all stored data and resets the role manager to the initial state.

func (*RoleManager) DeleteLink ¶

func (rm *RoleManager) DeleteLink(name1 string, name2 string, domains ...string) (bool, error)

DeleteLink deletes the inheritance link between role: name1 and role: name2. aka role: name1 does not inherit role: name2 any more.

func (*RoleManager) GetAllDomains ¶

func (rm *RoleManager) GetAllDomains() ([]string, error)

GetAllDomains gets all domains

func (*RoleManager) GetDomains ¶

func (rm *RoleManager) GetDomains(name string) ([]string, error)

GetDomains gets domains that a user has

func (*RoleManager) GetRoles ¶

func (rm *RoleManager) GetRoles(name string, domains ...string) ([]string, error)

GetRoles gets the roles that a user inherits.

func (*RoleManager) GetUsers ¶

func (rm *RoleManager) GetUsers(name string, domain ...string) ([]string, error)

GetUsers gets the users of a role. domain is an unreferenced parameter here, may be used in other implementations.

func (*RoleManager) HasLink ¶

func (rm *RoleManager) HasLink(name1 string, name2 string, domains ...string) (bool, error)

HasLink determines whether role: name1 inherits role: name2.

func (*RoleManager) Range ¶

func (rm *RoleManager) Range(fn func(name1, name2 string, domain ...string) bool)

func (*RoleManager) SetDomainMatcher ¶

func (rm *RoleManager) SetDomainMatcher(matcher util.IMatcher)

SetDomainMatcher support use domain pattern in g

func (*RoleManager) SetMatcher ¶

func (rm *RoleManager) SetMatcher(matcher util.IMatcher)

SetMatcher support use pattern in g

type RolePolicy ¶

type RolePolicy struct {
	*em.Emitter
	// contains filtered or unexported fields
}

func NewRolePolicy ¶

func NewRolePolicy(rm IRoleManager) *RolePolicy

func (*RolePolicy) AddRule ¶

func (p *RolePolicy) AddRule(rule []string) (bool, error)

func (*RolePolicy) Clear ¶

func (p *RolePolicy) Clear() error

func (*RolePolicy) GetDistinct ¶

func (p *RolePolicy) GetDistinct(columns []int) ([][]string, error)

func (*RolePolicy) GetRoleManager ¶

func (p *RolePolicy) GetRoleManager() IRoleManager

func (*RolePolicy) Range ¶

func (p *RolePolicy) Range(fn func(rule []string) bool)

func (*RolePolicy) RemoveRule ¶

func (p *RolePolicy) RemoveRule(rule []string) (bool, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL