casbin

package
v0.3.24 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 7, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ResourceCluster           = "cluster"
	ResourceGlobalEnvironment = "global-environment"
	ResourceEnvironment       = "environment"
	ResourceGit               = "git"
	ResourceDocker            = "docker"
	ResourceMigrate           = "migrate"
	ResourceUser              = "user"
	ResourceNotification      = "notification"
	ResourceTemplate          = "template"
	ResourceTerminal          = "terminal"

	ResourceProjects     = "projects"
	ResourceApplications = "applications"
	ResourceDockerAuto   = "docker-auto"
	ResourceGitAuto      = "git-auto"

	ResourceAutocomplete = "autocomplete"
	ResourceChartGroup   = "chart-group"

	ResourceTeam    = "team"
	ResourceAdmin   = "admin"
	ResourceGlobal  = "global-resource"
	ResourceHelmApp = "helm-app"

	ActionGet     = "get"
	ActionCreate  = "create"
	ActionUpdate  = "update"
	ActionDelete  = "delete"
	ActionSync    = "sync"
	ActionTrigger = "trigger"
	ActionNotify  = "notify"
	ActionExec    = "exec"
)

Variables

This section is empty.

Functions

func Create

func Create() *casbin.Enforcer

func DeleteRoleForUser

func DeleteRoleForUser(user string, role string) bool

func GetAllSubjects

func GetAllSubjects() []string

func GetRolesForUser

func GetRolesForUser(user string) ([]string, error)

func GetUserByRole

func GetUserByRole(role string) ([]string, error)

func LoadPolicy

func LoadPolicy()

func MatchKeyByPart added in v0.3.15

func MatchKeyByPart(key1 string, key2 string) bool

MatchKeyByPart checks whether values in key1 matches all values of key2(values are obtained by splitting key by "/") For example - key1 = "a/b/c" matches key2 = "a/*/c" but not matches for key2 = "a/*/d"

func MatchKeyByPartFunc added in v0.3.15

func MatchKeyByPartFunc(args ...interface{}) (interface{}, error)

MatchKeyByPartFunc is the wrapper of our own customised MatchKeyByPart Func

func RemovePoliciesByRoles added in v0.3.15

func RemovePoliciesByRoles(roles string) bool

Types

type Action

type Action string

type Enforcer

type Enforcer interface {
	Enforce(rvals ...interface{}) bool
	EnforceErr(rvals ...interface{}) error
	EnforceByEmail(rvals ...interface{}) bool
}

type EnforcerImpl

type EnforcerImpl struct {
	*casbin.Enforcer
	*middleware.SessionManager
	// contains filtered or unexported fields
}

Enforcer is a wrapper around an Casbin enforcer that: * is backed by a kubernetes config map * has a predefined RBAC model * supports a built-in policy * supports a user-defined bolicy * supports a custom JWT claims enforce function

func NewEnforcerImpl

func NewEnforcerImpl(
	enforcer *casbin.Enforcer,
	sessionManager *middleware.SessionManager,
	logger *zap.SugaredLogger) *EnforcerImpl

func (*EnforcerImpl) Enforce

func (e *EnforcerImpl) Enforce(rvals ...interface{}) bool

Enforce is a wrapper around casbin.Enforce to additionally enforce a default role and a custom claims function

func (*EnforcerImpl) EnforceByEmail

func (e *EnforcerImpl) EnforceByEmail(rvals ...interface{}) bool

func (*EnforcerImpl) EnforceErr

func (e *EnforcerImpl) EnforceErr(rvals ...interface{}) error

EnforceErr is a convenience helper to wrap a failed enforcement with a detailed error about the request

type Object

type Object string

type Policy

type Policy struct {
	Type PolicyType `json:"type"`
	Sub  Subject    `json:"sub"`
	Res  Resource   `json:"res"`
	Act  Action     `json:"act"`
	Obj  Object     `json:"obj"`
}

func AddPolicy

func AddPolicy(policies []Policy) []Policy

func RemovePolicy

func RemovePolicy(policies []Policy) []Policy

type PolicyType

type PolicyType string

type Resource

type Resource string

type Subject

type Subject string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL