client

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 5, 2024 License: Apache-2.0 Imports: 6 Imported by: 1

Documentation

Overview

Package client implements a Go client for casbin-server, and contains an implementation of an API similar to the casbin API.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is a wrapper around proto.CasbinClient, and can be used to create an Enforcer.

func NewClient 

func NewClient(ctx context.Context, address string, opts ...grpc.DialOption) (*Client, error)

NewClient creates and returns a new client for casbin-server.

func (*Client) NewEnforcer 

func (c *Client) NewEnforcer(ctx context.Context, config Config) (*Enforcer, error)

NewEnforcer creates an enforcer via file or DB. File: e := casbin.NewEnforcer("path/to/basic_model.conf", "path/to/basic_policy.csv") MySQL DB: a := mysqladapter.NewDBAdapter("mysql", "mysql_username:mysql_password@tcp(127.0.0.1:3306)/") e := casbin.NewEnforcer("path/to/basic_model.conf", a)

type Config 

type Config struct {
	DriverName              string
	ConnectString           string
	ModelText               string
	DbSpecified             bool
	EnableAcceptJsonRequest bool
}

Config contains data needed to create an enforcer.

type Enforcer 

type Enforcer struct {
	// contains filtered or unexported fields
}

Enforcer is the main interface for authorization enforcement and policy management.

func (*Enforcer) AddGroupingPolicy 

func (e *Enforcer) AddGroupingPolicy(ctx context.Context, params ...interface{}) (bool, error)

AddGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.

func (*Enforcer) AddNamedGroupingPolicy 

func (e *Enforcer) AddNamedGroupingPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

AddNamedGroupingPolicy adds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.

func (*Enforcer) AddNamedPolicy 

func (e *Enforcer) AddNamedPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

AddNamedPolicy adds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.

func (*Enforcer) AddPermissionForUser 

func (e *Enforcer) AddPermissionForUser(ctx context.Context, user string, permission ...string) (bool, error)

AddPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).

func (*Enforcer) AddPolicy 

func (e *Enforcer) AddPolicy(ctx context.Context, params ...interface{}) (bool, error)

AddPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.

func (*Enforcer) AddRoleForUser 

func (e *Enforcer) AddRoleForUser(ctx context.Context, user, role string) (bool, error)

AddRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).

func (*Enforcer) DeletePermission 

func (e *Enforcer) DeletePermission(ctx context.Context, permission ...string) (bool, error)

DeletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).

func (*Enforcer) DeletePermissionForUser 

func (e *Enforcer) DeletePermissionForUser(ctx context.Context, user string, permission ...string) (bool, error)

DeletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).

func (*Enforcer) DeletePermissionsForUser 

func (e *Enforcer) DeletePermissionsForUser(ctx context.Context, user string) (bool, error)

DeletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).

func (*Enforcer) DeleteRole 

func (e *Enforcer) DeleteRole(ctx context.Context, role string) error

DeleteRole deletes a role.

func (*Enforcer) DeleteRoleForUser 

func (e *Enforcer) DeleteRoleForUser(ctx context.Context, user, role string) (bool, error)

DeleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).

func (*Enforcer) DeleteRolesForUser 

func (e *Enforcer) DeleteRolesForUser(ctx context.Context, user string) (bool, error)

DeleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).

func (*Enforcer) DeleteUser 

func (e *Enforcer) DeleteUser(ctx context.Context, user string) (bool, error)

DeleteUser deletes a user. Returns false if the user does not exist (aka not affected).

func (*Enforcer) Enforce 

func (e *Enforcer) Enforce(ctx context.Context, params ...interface{}) (bool, error)

Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).

func (*Enforcer) GetAllActions 

func (e *Enforcer) GetAllActions(ctx context.Context) ([]string, error)

GetAllActions gets the list of actions that show up in the current policy.

func (*Enforcer) GetAllNamedActions 

func (e *Enforcer) GetAllNamedActions(ctx context.Context, ptype string) ([]string, error)

GetAllNamedActions gets the list of actions that show up in the current named policy.

func (*Enforcer) GetAllNamedObjects 

func (e *Enforcer) GetAllNamedObjects(ctx context.Context, ptype string) ([]string, error)

GetAllNamedObjects gets the list of objects that show up in the current named policy.

func (*Enforcer) GetAllNamedRoles 

func (e *Enforcer) GetAllNamedRoles(ctx context.Context, ptype string) ([]string, error)

GetAllNamedRoles gets the list of roles that show up in the current named policy.

func (*Enforcer) GetAllNamedSubjects 

func (e *Enforcer) GetAllNamedSubjects(ctx context.Context, ptype string) ([]string, error)

GetAllNamedSubjects gets the list of subjects that show up in the current named policy.

func (*Enforcer) GetAllObjects 

func (e *Enforcer) GetAllObjects(ctx context.Context) ([]string, error)

GetAllObjects gets the list of objects that show up in the current policy.

func (*Enforcer) GetAllRoles 

func (e *Enforcer) GetAllRoles(ctx context.Context) ([]string, error)

GetAllRoles gets the list of roles that show up in the current policy.

func (*Enforcer) GetAllSubjects 

func (e *Enforcer) GetAllSubjects(ctx context.Context) ([]string, error)

GetAllSubjects gets the list of subjects that show up in the current policy.

func (*Enforcer) GetFilteredGroupingPolicy 

func (e *Enforcer) GetFilteredGroupingPolicy(ctx context.Context, fieldIndex int32, fieldValues ...string) ([][]string, error)

GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.

func (*Enforcer) GetFilteredNamedGroupingPolicy 

func (e *Enforcer) GetFilteredNamedGroupingPolicy(ctx context.Context, ptype string, fieldIndex int32, fieldValues ...string) ([][]string, error)

GetFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.

func (*Enforcer) GetFilteredNamedPolicy 

func (e *Enforcer) GetFilteredNamedPolicy(ctx context.Context, ptype string, fieldIndex int32, fieldValues ...string) ([][]string, error)

GetFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified.

func (*Enforcer) GetFilteredPolicy 

func (e *Enforcer) GetFilteredPolicy(ctx context.Context, fieldIndex int32, fieldValues ...string) ([][]string, error)

GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.

func (*Enforcer) GetGroupingPolicy 

func (e *Enforcer) GetGroupingPolicy(ctx context.Context) ([][]string, error)

GetGroupingPolicy gets all the role inheritance rules in the policy.

func (*Enforcer) GetImplicitPermissionsForUser 

func (e *Enforcer) GetImplicitPermissionsForUser(ctx context.Context, user string, domain ...string) ([][]string, error)

GetImplicitPermissionsForUser gets implicit permissions for a user or role. Compared to GetPermissionsForUser(), this function retrieves permissions for inherited roles. For example: p, admin, data1, read p, alice, data2, read g, alice, admin

GetPermissionsForUser("alice") can only get: [["alice", "data2", "read"]]. But GetImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].

func (*Enforcer) GetImplicitRolesForUser 

func (e *Enforcer) GetImplicitRolesForUser(ctx context.Context, name string, domain ...string) ([]string, error)

GetImplicitRolesForUser gets implicit roles that a user has. Compared to GetRolesForUser(), this function retrieves indirect roles besides direct roles. For example: g, alice, role:admin g, role:admin, role:user

GetRolesForUser("alice") can only get: ["role:admin"]. But GetImplicitRolesForUser("alice") will get: ["role:admin", "role:user"].

func (*Enforcer) GetNamedGroupingPolicy 

func (e *Enforcer) GetNamedGroupingPolicy(ctx context.Context, ptype string) ([][]string, error)

GetNamedGroupingPolicy gets all the role inheritance rules in the policy.

func (*Enforcer) GetNamedPolicy 

func (e *Enforcer) GetNamedPolicy(ctx context.Context, ptype string) ([][]string, error)

GetNamedPolicy gets all the authorization rules in the named policy.

func (*Enforcer) GetPermissionsForUser 

func (e *Enforcer) GetPermissionsForUser(ctx context.Context, user string) ([][]string, error)

GetPermissionsForUser gets permissions for a user or role.

func (*Enforcer) GetPolicy 

func (e *Enforcer) GetPolicy(ctx context.Context) ([][]string, error)

GetPolicy gets all the authorization rules in the policy.

func (*Enforcer) GetRolesForUser 

func (e *Enforcer) GetRolesForUser(ctx context.Context, name string) ([]string, error)

GetRolesForUser gets the roles that a user has.

func (*Enforcer) GetUsersForRole 

func (e *Enforcer) GetUsersForRole(ctx context.Context, name string) ([]string, error)

GetUsersForRole gets the users that has a role.

func (*Enforcer) HasGroupingPolicy 

func (e *Enforcer) HasGroupingPolicy(ctx context.Context, params ...interface{}) (bool, error)

HasGroupingPolicy determines whether a role inheritance rule exists.

func (*Enforcer) HasNamedGroupingPolicy 

func (e *Enforcer) HasNamedGroupingPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

HasNamedGroupingPolicy determines whether a named role inheritance rule exists.

func (*Enforcer) HasNamedPolicy 

func (e *Enforcer) HasNamedPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

HasNamedPolicy determines whether a named authorization rule exists.

func (*Enforcer) HasPermissionForUser 

func (e *Enforcer) HasPermissionForUser(ctx context.Context, user string, permission ...string) (bool, error)

HasPermissionForUser determines whether a user has a permission.

func (*Enforcer) HasPolicy 

func (e *Enforcer) HasPolicy(ctx context.Context, params ...interface{}) (bool, error)

HasPolicy determines whether an authorization rule exists.

func (*Enforcer) HasRoleForUser 

func (e *Enforcer) HasRoleForUser(ctx context.Context, user, role string) (bool, error)

HasRoleForUser determines whether a user has a role.

func (*Enforcer) LoadPolicy 

func (e *Enforcer) LoadPolicy(ctx context.Context) error

LoadPolicy reloads the policy from file/database.

func (*Enforcer) RemoveFilteredGroupingPolicy 

func (e *Enforcer) RemoveFilteredGroupingPolicy(ctx context.Context, fieldIndex int32, fieldValues ...string) (bool, error)

RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.

func (*Enforcer) RemoveFilteredNamedGroupingPolicy 

func (e *Enforcer) RemoveFilteredNamedGroupingPolicy(ctx context.Context, ptype string, fieldIndex int32, fieldValues ...string) (bool, error)

RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.

func (*Enforcer) RemoveFilteredNamedPolicy 

func (e *Enforcer) RemoveFilteredNamedPolicy(ctx context.Context, ptype string, fieldIndex int32, fieldValues ...string) (bool, error)

RemoveFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified.

func (*Enforcer) RemoveFilteredPolicy 

func (e *Enforcer) RemoveFilteredPolicy(ctx context.Context, fieldIndex int32, fieldValues ...string) (bool, error)

RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.

func (*Enforcer) RemoveGroupingPolicy 

func (e *Enforcer) RemoveGroupingPolicy(ctx context.Context, params ...interface{}) (bool, error)

RemoveGroupingPolicy removes a role inheritance rule from the current policy.

func (*Enforcer) RemoveNamedGroupingPolicy 

func (e *Enforcer) RemoveNamedGroupingPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

RemoveNamedGroupingPolicy removes a role inheritance rule from the current named policy.

func (*Enforcer) RemoveNamedPolicy 

func (e *Enforcer) RemoveNamedPolicy(ctx context.Context, ptype string, params ...interface{}) (bool, error)

RemoveNamedPolicy removes an authorization rule from the current named policy.

func (*Enforcer) RemovePolicy 

func (e *Enforcer) RemovePolicy(ctx context.Context, params ...interface{}) (bool, error)

RemovePolicy removes an authorization rule from the current policy.

func (*Enforcer) SavePolicy 

func (e *Enforcer) SavePolicy(ctx context.Context) error

SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.