casbin

package
v0.0.0-...-987a61a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 21, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ResourceCluster           = "cluster"
	ResourceGlobalEnvironment = "global-environment"
	ResourceEnvironment       = "environment"
	ResourceGit               = "git"
	ResourceDocker            = "docker"
	ResourceMigrate           = "migrate"
	ResourceUser              = "user"
	ResourceNotification      = "notification"
	ResourceTemplate          = "template"
	ResourceTerminal          = "terminal"

	ResourceProjects     = "projects"
	ResourceApplications = "applications"
	ResourceDockerAuto   = "docker-auto"
	ResourceGitAuto      = "git-auto"

	ResourceAutocomplete = "autocomplete"
	ResourceChartGroup   = "chart-group"

	ResourceTeam    = "team"
	ResourceAdmin   = "admin"
	ResourceGlobal  = "global-resource"
	ResourceHelmApp = "helm-app"

	ActionGet     = "get"
	ActionCreate  = "create"
	ActionUpdate  = "update"
	ActionDelete  = "delete"
	ActionSync    = "sync"
	ActionTrigger = "trigger"
	ActionNotify  = "notify"
	ActionExec    = "exec"
)

Variables

This section is empty.

Functions

func Create

func Create() *casbin.Enforcer

func DeleteRoleForUser

func DeleteRoleForUser(user string, role string) bool

func GetAllSubjects

func GetAllSubjects() []string

func GetRolesForUser

func GetRolesForUser(user string) ([]string, error)

func GetUserByRole

func GetUserByRole(role string) ([]string, error)

func LoadPolicy

func LoadPolicy()

func MatchKeyByPart

func MatchKeyByPart(key1 string, key2 string) bool

MatchKeyByPart checks whether values in key1 matches all values of key2(values are obtained by splitting key by "/") For example - key1 = "a/b/c" matches key2 = "a/*/c" but not matches for key2 = "a/*/d"

func MatchKeyByPartFunc

func MatchKeyByPartFunc(args ...interface{}) (interface{}, error)

MatchKeyByPartFunc is the wrapper of our own customised MatchKeyByPart Func

func RemovePoliciesByRoles

func RemovePoliciesByRoles(roles string) bool

Types

type Action

type Action string

type Enforcer

type Enforcer interface {
	Enforce(rvals ...interface{}) bool
	EnforceErr(rvals ...interface{}) error
	EnforceByEmail(rvals ...interface{}) bool
}

type EnforcerImpl

type EnforcerImpl struct {
	*casbin.Enforcer
	*middleware.SessionManager
	// contains filtered or unexported fields
}

Enforcer is a wrapper around an Casbin enforcer that: * is backed by a kubernetes config map * has a predefined RBAC model * supports a built-in policy * supports a user-defined bolicy * supports a custom JWT claims enforce function

func NewEnforcerImpl

func NewEnforcerImpl(
	enforcer *casbin.Enforcer,
	sessionManager *middleware.SessionManager,
	logger *zap.SugaredLogger) *EnforcerImpl

func (*EnforcerImpl) Enforce

func (e *EnforcerImpl) Enforce(rvals ...interface{}) bool

Enforce is a wrapper around casbin.Enforce to additionally enforce a default role and a custom claims function

func (*EnforcerImpl) EnforceByEmail

func (e *EnforcerImpl) EnforceByEmail(rvals ...interface{}) bool

func (*EnforcerImpl) EnforceErr

func (e *EnforcerImpl) EnforceErr(rvals ...interface{}) error

EnforceErr is a convenience helper to wrap a failed enforcement with a detailed error about the request

type Object

type Object string

type Policy

type Policy struct {
	Type PolicyType `json:"type"`
	Sub  Subject    `json:"sub"`
	Res  Resource   `json:"res"`
	Act  Action     `json:"act"`
	Obj  Object     `json:"obj"`
}

func AddPolicy

func AddPolicy(policies []Policy) []Policy

func RemovePolicy

func RemovePolicy(policies []Policy) []Policy

type PolicyType

type PolicyType string

type Resource

type Resource string

type Subject

type Subject string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL