rbac

package
v0.0.0-...-9d95335 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 22, 2024 License: MIT Imports: 2 Imported by: 0

README

rbac

forkd from https://github.com/harranali/authority

Role Based Access Control (RBAC) Go package with database persistence

Features

  • Create Roles/Permissions
  • Assign Permissions to Roles/Multiple Roles to Users
  • Check User's Roles/Permissions/Role's Permissions
  • Revoke User's Roles/User's Permissions/ole's permissions
  • List User's Roles/All Roles/All Permissions
  • Delete Roles/Permissions

Test

  1. docker run --name mysql -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 -d mysql:5.7.34
  2. go test

Usage

// initiate the database (using mysql)
dsn := "dbuser:dbpassword@tcp(127.0.0.1:3306)/dbname?charset=utf8mb4&parseTime=True&loc=Local"
db, _ := gorm.Open(mysql.Open(dsn), &gorm.Config{})

// initiate authority
auth := authority.New(authority.Options{ TablesPrefix: "authority_", DB: db })

// create role
err := auth.CreateRole("role-1")

// create permissions
err := auth.NewPerm("permission-1")
err = auth.NewPerm("permission-2")
err = auth.NewPerm("permission-3")

// assign the permissions to the role
err := auth.AssignPerm("role-1", "permission-1", "permission-2", "permission-3")

// assign a role to user (user id = 1) 
err = auth.AssignRole(1, "role-a")

// check if the user have a given role
ok, err := auth.CheckRole(1, "role-a")

// check if a user have a given permission 
ok, err := auth.CheckPerm(1, "permission-d")

// check if a role have a given permission
ok, err := auth.CheckRolePerm("role-a", "permission-a")

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrRoleNotFound       = errors.New("role not found")
	ErrPermNotFound       = errors.New("permission not found")
	ErrDeleteAssignedPerm = errors.New("cannot delete assigned permission")
)

Functions

This section is empty.

Types

type Options 

type Options struct {
	DB           *gorm.DB
	TablesPrefix string
}

Options has the options for initiating the package.

type Perm 

type Perm struct {
	ID   uint
	Name string
}

Perm represents the database model of permissions

func (Perm) TableName 

func (p Perm) TableName() string

TableName sets the table name

type Rbac 

type Rbac struct {
	DB *gorm.DB
}

Rbac helps deal with permissions

func Instance 

func Instance() *Rbac

Instance returns the initiated instance.

func New 

func New(opts Options) *Rbac

New initiates authority.

func (*Rbac) AssignPerms 

func (a *Rbac) AssignPerms(roleName string, permNames ...string) error

AssignPerms assigns a group of permissions to a given role it accepts in the first parameter the role name, it returns an error if there is not matching record of the role name in the database. the second parameter is a slice of strings which represents a group of permissions to be assigned to the role if any of these permissions doesn't have a matching record in the database the operations stops, changes reverted and error is returned in case of success nothing is returned

func (*Rbac) AssignRole 

func (a *Rbac) AssignRole(userID uint, roleName string) error

AssignRole assigns a given role to a user the first parameter is the user id, the second parameter is the role name if the role name doesn't have a matching record in the data base an error is returned if the user have already a role assigned to him an error is returned

func (*Rbac) CheckPerm 

func (a *Rbac) CheckPerm(userID uint, permName string) (bool, error)

CheckPerm checks if a permission is assigned to the role that's assigned to the user. it accepts the user id as the first parameter the permission as the second parameter it returns an error if the permission is not present in the database

func (*Rbac) CheckRole 

func (a *Rbac) CheckRole(userID uint, roleName string) (bool, error)

CheckRole checks if a role is assigned to a user it accepts the user id as the first parameter the role as the second parameter it returns an error if the role is not present in database.

func (*Rbac) CheckRolePerm 

func (a *Rbac) CheckRolePerm(roleName string, permName string) (bool, error)

CheckRolePerm checks if a role has the permission assigned it accepts the role as the first parameter it accepts the permission as the second parameter it returns an error if the role is not present in database it returns an error if the permission is not present in database

func (*Rbac) DeletePerm 

func (a *Rbac) DeletePerm(permName string) error

DeletePerm deletes a given permission if the permission is assigned to a role it returns an error.

func (*Rbac) DeleteRole 

func (a *Rbac) DeleteRole(roleName string) error

DeleteRole deletes a given role if the role is assigned to a user it returns an error

func (*Rbac) GetPerms 

func (a *Rbac) GetPerms() ([]string, error)

GetPerms returns all stored permissions

func (*Rbac) GetRoles 

func (a *Rbac) GetRoles() ([]string, error)

GetRoles returns all stored roles

func (*Rbac) GetUserRoles 

func (a *Rbac) GetUserRoles(userID uint) ([]string, error)

GetUserRoles returns all user assigned roles

func (*Rbac) NewPerm 

func (a *Rbac) NewPerm(permName string) error

NewPerm stores a permission in the database it accepts the permission name.

func (*Rbac) NewRole 

func (a *Rbac) NewRole(roleName string) error

NewRole stores a role in the database it accepts the role name.

func (*Rbac) RevokePerm 

func (a *Rbac) RevokePerm(userID uint, permName string) error

RevokePerm revokes a permission from the user's assigned role it returns an error in case of any

func (*Rbac) RevokeRole 

func (a *Rbac) RevokeRole(userID uint, roleName string) error

RevokeRole revokes a user's role it returns a error in case of any

func (*Rbac) RevokeRolePerm 

func (a *Rbac) RevokeRolePerm(roleName string, permName string) error

RevokeRolePerm revokes a permission from a given role it returns an error in case of any

type Role 

type Role struct {
	ID   uint
	Name string
}

Role represents the database model of roles

func (Role) TableName 

func (r Role) TableName() string

TableName sets the table name

type RolePerm 

type RolePerm struct {
	ID     uint
	RoleID uint
	PermID uint
}

RolePerm stores the relationship between roles and permissions

func (RolePerm) TableName 

func (r RolePerm) TableName() string

TableName sets the table name

type UserRole 

type UserRole struct {
	ID     uint
	UserID uint
	RoleID uint
}

UserRole represents the relationship between users and roles

func (UserRole) TableName 

func (u UserRole) TableName() string

TableName sets the table name

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.