adapter

package module
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 28, 2024 License: MIT Imports: 13 Imported by: 0

README

Casbin Go Cloud Development kit based Adapter

Go Reference Go Report Card Coverage Status Build Release FOSSA Status

Casbin Adapter built on top of gocloud.dev.

Installation

go get github.com/bartventer/casbin-go-cloud-adapter

Usage

Configuration is slightly different for each provider as it needs to get different settings from environment. You can read more about URLs and configuration here: https://gocloud.dev/concepts/urls/.

Supported providers:

You can view provider configuration examples here: https://github.com/google/go-cloud/tree/master/docstore.

Google Cloud Firestore

Firestore URLs provide the project and collection, as well as the field that holds the document name (e.g. firestore://projects/my-project/databases/(default)/documents/my-collection?name_field=userID).

casbin-go-cloud-adapter will use Application Default Credentials; if you have authenticated via gcloud auth application-default login, it will use those credentials. See Application Default Credentials to learn about authentication alternatives, including using environment variables.

import (
	"context"
	cloudadapter "github.com/bartventer/casbin-go-cloud-adapter"
	// Enable Firestore driver
	_ "github.com/bartventer/casbin-go-cloud-adapter/drivers/gcpfirestore"
	
	"github.com/casbin/casbin/v2"
)

func main() {
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	url := "firestore://projects/casbin-project/databases/(default)/documents/casbin_rule?name_field=id"
	a, err := cloudadapter.New(ctx, url)
	if err != nil {
		panic(err)
	}

	e, err := casbin.NewEnforcer("examples/rbac_model.conf", a)
	if err != nil {
		panic(err)
	}

	// Load the policy from DB.
	e.LoadPolicy()

	// Check the permission.
	e.Enforce("alice", "data1", "read")

	// Modify the policy.
	// e.AddPolicy(...)
	// e.RemovePolicy(...)

	// Save the policy back to DB.
	e.SavePolicy()
}
Amazon DynamoDB

DynamoDB URLs provide the table, partition key field and optionally the sort key field for the collection (e.g. dynamodb://my-table?partition_key=name).

casbin-go-cloud-adapter will create a default AWS Session with the SharedConfigEnable option enabled; if you have authenticated with the AWS CLI, it will use those credentials. See AWS Session to learn about authentication alternatives, including using environment variables.

import (
	"context"
	cloudadapter "github.com/bartventer/casbin-go-cloud-adapter"
	// Enable DynamoDB driver
	_ "github.com/bartventer/casbin-go-cloud-adapter/drivers/awsdynamodb"
	
	"github.com/casbin/casbin/v2"
)	

func main() {
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	url := "dynamodb://casbin_test?partition_key=id"
	a, err := cloudadapter.New(ctx, url)
	if err != nil {
		panic(err)
	}

	e, err := casbin.NewEnforcer("examples/rbac_model.conf", a)
	if err != nil {
		panic(err)
	}

	// Load the policy from DB.
	e.LoadPolicy()

	// Check the permission.
	e.Enforce("alice", "data1", "read")

	// Modify the policy.
	// e.AddPolicy(...)
	// e.RemovePolicy(...)

	// Save the policy back to DB.
	e.SavePolicy()
}
Azure Cosmos DB

Azure Cosmos DB is compatible with the MongoDB API. You can use the mongodocstore package to connect to Cosmos DB. You must create an Azure Cosmos account and get the MongoDB connection string.

When you use MongoDB URLs to connect to Cosmos DB, specify the Mongo server URL by setting the MONGO_SERVER_URL environment variable to the connection string. See the MongoDB section for more details and examples on how to use the package.

MongoDB

MongoDB URLs provide the database and collection, and optionally the field that holds the document ID (e.g. mongo://my-db/my-collection?id_field=userID). Specify the Mongo server URL by setting the MONGO_SERVER_URL environment variable.

import (
	"context"
	cloudadapter "github.com/bartventer/casbin-go-cloud-adapter"
	// Enable MongoDB driver
	_ "github.com/bartventer/casbin-go-cloud-adapter/drivers/mongodocstore"
	
	"github.com/casbin/casbin/v2"
)

func main() {
	// Set the MONGO_SERVER_URL environment variable to the MongoDB connection string.
	os.Setenv("MONGO_SERVER_URL", "mongodb://localhost:27017")
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	url := "mongo://casbin_test/casbin_rule?id_field=id"
	a, err := cloudadapter.New(ctx, url)
	if err != nil {
		panic(err)
	}

	e, err := casbin.NewEnforcer("examples/rbac_model.conf", a)
	if err != nil {
		panic(err)
	}

	// Load the policy from DB.
	e.LoadPolicy()

	// Check the permission.
	e.Enforce("alice", "data1", "read")

	// Modify the policy.
	// e.AddPolicy(...)
	// e.RemovePolicy(...)

	// Save the policy back to DB.
	e.SavePolicy()
}
In Memory

URLs for the in-memory store have a mem: scheme. The URL host is used as the the collection name, and the URL path is used as the name of the document field to use as a primary key (e.g. mem://collection/keyField).

import (
	"context"
	cloudadapter "github.com/bartventer/casbin-go-cloud-adapter"
	// Enable in-memory driver
	_ "github.com/bartventer/casbin-go-cloud-adapter/drivers/memdocstore"
	
	"github.com/casbin/casbin/v2"
)

func main() {
	ctx, cancel := context.WithCancel(context.Background())
	defer cancel()
	url := "mem://casbin_rule/id"
	a, err := cloudadapter.New(ctx, url)
	if err != nil {
		panic(err)
	}

	e, err := casbin.NewEnforcer("examples/rbac_model.conf", a)
	if err != nil {
		panic(err)
	}

	// Load the policy from DB.
	e.LoadPolicy()

	// Check the permission.
	e.Enforce("alice", "data1", "read")

	// Modify the policy.
	// e.AddPolicy(...)
	// e.RemovePolicy(...)

	// Save the policy back to DB.
	e.SavePolicy()
}

About Go Cloud Dev

Portable Cloud APIs in Go. Strives to implement these APIs for the leading Cloud providers: AWS, GCP and Azure, as well as provide a local (on-prem) implementation such as MongoDB, In-Memory, etc.

Using the Go CDK you can write your application code once using these idiomatic APIs, test locally using the local versions, and then deploy to a cloud provider with only minimal setup-time changes.

Further Reading

  • Go CDK: For more information on the Go CDK
  • Go CDK Docstore: For more information on the Go CDK Docstore package

License

This project is licensed under the MIT License - see the LICENSE file for details.

FOSSA Status

Documentation

Index

Constants

View Source
const (
	// EqualOp is the operator for equality.
	EqualOp = driver.EqualOp
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Adapter added in v1.3.1

type Adapter interface {
	// BatchAdapter is the interface for Casbin adapters with multiple add and remove policy functions.
	persist.BatchAdapter
	// FilteredAdapter is the interface for Casbin adapters with policy filtering feature.
	persist.FilteredAdapter
	// UpdatableAdapter is the interface for Casbin adapters with auto-save feature.
	persist.UpdatableAdapter
}

Adapter is the interface for Casbin adapters supporting batch, filtered and auto-save features.

func New

func New(ctx context.Context, url string) (Adapter, error)

New is the constructor for Adapter.

func NewFilteredAdapter

func NewFilteredAdapter(ctx context.Context, url string) (Adapter, error)

NewFilteredAdapter is the constructor for FilteredAdapter. Casbin will not automatically call LoadPolicy() for a filtered adapter.

func NewWithOption

func NewWithOption(ctx context.Context, config *Config) (Adapter, error)

NewWithOption is the constructor for Adapter with option.

type CasbinRule

type CasbinRule struct {
	PType string `docstore:"ptype"`
	V0    string `docstore:"v0"`
	V1    string `docstore:"v1,omitempty"`
	V2    string `docstore:"v2,omitempty"`
	V3    string `docstore:"v3,omitempty"`
	V4    string `docstore:"v4,omitempty"`
	V5    string `docstore:"v5,omitempty"`
	ID    string `docstore:"id"`
}

CasbinRule represents a rule in Casbin.

type Config added in v1.0.1

type Config struct {
	Timeout    time.Duration // the timeout for any operations on the adapter
	IsFiltered bool          // whether the adapter is filtered
	URL        string        // the driver url (e.g. mongodb://localhost:27017)
}

Config is the configuration for Adapter.

type Filter

type Filter = driver.Filter

Filter represents a filter to be used in a query.

Directories

Path Synopsis
drivers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL