roles

package module

v0.0.0-...-b1c31fd Latest Latest Go to latest Published: Sep 4, 2020 License: MIT Imports: 7 Imported by: 16

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ecletus/roles

Links

Open Source Insights

README ¶

Roles

Roles is an authorization library for Golang.

Documentation

https://doc.getqor.com/plugins/roles.html

License

Released under the MIT License.

Documentation ¶

Index ¶

Constants
Variables
func HasRole(req *http.Request, user interface{}, roles ...string) bool
func Register(descriptor ...*Descriptor)
func Remove(name string)
func Reset()
type Checker
type Descriptor
- func Get(name string) (*Descriptor, bool)
- func GetVisitor() *Descriptor
- func MustGet(name string) (d *Descriptor)
- func NewDescriptor(name string, checker Checker, label ...string) *Descriptor
- func (this Descriptor) GetID() aorm.ID
- func (this Descriptor) Translate(ctx i18nmod.Context) string
type DescriptorSlice
- func Descriptors() DescriptorSlice
- func (this DescriptorSlice) Each(cb func(descriptor *Descriptor))
- func (this DescriptorSlice) Filter(cb func(descriptor *Descriptor) (include bool)) (result DescriptorSlice)
- func (this DescriptorSlice) Intersection(names []string) DescriptorSlice
- func (this DescriptorSlice) Names() (result []string)
type LocalRoleExtender
type Perm
- func (p Perm) Allow() bool
- func (p Perm) Deny() bool
- func (p Perm) Ok(defaul bool) (ok bool)
- func (Perm) ParseBool(v bool) Perm
type Permission
- func Allow(mode PermissionMode, roles ...string) *Permission
- func AllowAny(roles ...string) *Permission
- func Deny(mode PermissionMode, roles ...string) *Permission
- func DenyAnother(mode PermissionMode, roles ...string) *Permission
- func NewPermission() *Permission
- func (permission *Permission) Allow(mode PermissionMode, roles ...string) *Permission
- func (permission *Permission) AllowAny(roles ...string) *Permission
- func (permission *Permission) Concat(newPermission *Permission) *Permission
- func (permission *Permission) Deny(mode PermissionMode, roles ...string) *Permission
- func (permission *Permission) DenyAnother(mode PermissionMode, roles ...string) *Permission
- func (permission Permission) HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) (perm Perm)
- func (permission Permission) HasPermissionS(ctx context.Context, mode PermissionMode, roles ...string) Perm
type PermissionMode
type Permissioner
- func Permissioners(ps ...Permissioner) Permissioner
type Role
- func New() *Role
- func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission
- func (role *Role) AllowAny(roles ...string) *Permission
- func (role Role) Copy() *Role
- func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission
- func (role *Role) DenyAnother(mode PermissionMode, roles ...string) *Permission
- func (role *Role) Descriptors() (desciptors DescriptorSlice)
- func (role *Role) Get(name string) (descriptor *Descriptor, ok bool)
- func (role *Role) HasRole(req *http.Request, user interface{}, roles ...string) bool
- func (role *Role) MatchedRoles(req *http.Request, user interface{}) (roles Roles)
- func (role *Role) NewPermission() *Permission
- func (role *Role) Register(descriptor ...*Descriptor)
- func (role *Role) Remove(name string)
- func (role *Role) Reset()
- func (role *Role) Roles() (roles Roles)
type RoleHaver
type Roler
type Roles
- func MatchedRoles(req *http.Request, user interface{}) Roles
- func NewRoles(roles ...string) (r Roles)
- func (this *Roles) Append(name ...string)
- func (this Roles) Copy() (roles Roles)
- func (this Roles) Descriptors() (descriptors DescriptorSlice)
- func (this Roles) Each(cb func(mode string))
- func (this Roles) Filter(cb func(mode string) (include bool)) (roles Roles)
- func (this Roles) Has(name string) (ok bool)
- func (this Roles) Interfaces() (result []interface{})
- func (this Roles) Intersection(names []string) (roles Roles)
- func (this Roles) Labels(ctx i18nmod.Context) (labels []string)
- func (this Roles) Len() int
- func (this *Roles) Merge(roles Roles)
- func (this Roles) String() string
- func (this Roles) Strings() (result []string)

Constants ¶

View Source

const (
	// Anyone is a role for any one
	Anyone  = "*"
	Visitor = "visitor"
)

Variables ¶

View Source

var ErrPermissionDenied = errors.New("permission denied")

ErrPermissionDenied no permission error

View Source

var Global = &Role{}

Global global role instance

Functions ¶

func HasRole ¶

func HasRole(req *http.Request, user interface{}, roles ...string) bool

HasRole check if current user has role

func Register ¶

func Register(descriptor ...*Descriptor)

Register register role with conditions

func Remove ¶

func Remove(name string)

Remove role definition from global role instance

func Reset ¶

func Reset()

Reset role definitions from global role instance

Types ¶

type Checker ¶

type Checker func(req *http.Request, user interface{}) bool

Checker check current request match this role or not

type Descriptor ¶

type Descriptor struct {
	Name    string
	Label   string
	Checker Checker
}

func Get ¶

func Get(name string) (*Descriptor, bool)

Get role defination

func GetVisitor ¶

func GetVisitor() *Descriptor

func MustGet ¶

func MustGet(name string) (d *Descriptor)

MustGet role defination

func NewDescriptor ¶

func NewDescriptor(name string, checker Checker, label ...string) *Descriptor

func (Descriptor) GetID ¶

func (this Descriptor) GetID() aorm.ID

func (Descriptor) Translate ¶

func (this Descriptor) Translate(ctx i18nmod.Context) string

type DescriptorSlice ¶

type DescriptorSlice []*Descriptor

func Descriptors ¶

func Descriptors() DescriptorSlice

Register register role with conditions

func (DescriptorSlice) Each ¶

func (this DescriptorSlice) Each(cb func(descriptor *Descriptor))

func (DescriptorSlice) Filter ¶

func (this DescriptorSlice) Filter(cb func(descriptor *Descriptor) (include bool)) (result DescriptorSlice)

func (DescriptorSlice) Intersection ¶

func (this DescriptorSlice) Intersection(names []string) DescriptorSlice

func (DescriptorSlice) Names ¶

func (this DescriptorSlice) Names() (result []string)

type LocalRoleExtender ¶

type LocalRoleExtender interface {
	ExtendLocalRoles(role ...string)
}

LocalRoleExtender Local role extender interface

type Perm ¶

type Perm uint8

const (
	UNDEF Perm = iota
	ALLOW
	DENY
)

func (Perm) Allow ¶

func (p Perm) Allow() bool

func (Perm) Deny ¶

func (p Perm) Deny() bool

func (Perm) Ok ¶

func (p Perm) Ok(defaul bool) (ok bool)

func (Perm) ParseBool ¶

func (Perm) ParseBool(v bool) Perm

type Permission ¶

type Permission struct {
	Role               *Role
	AllowedAny         map[string]bool
	AllowedRoles       map[PermissionMode][]string
	DeniedRoles        map[PermissionMode][]string
	DaniedAnotherRoles map[PermissionMode][]string
}

Permission a struct contains permission definitions

func Allow ¶

func Allow(mode PermissionMode, roles ...string) *Permission

Allow allows permission mode for roles

func AllowAny ¶

func AllowAny(roles ...string) *Permission

DenyAny deny any roles for permission mode

func Deny ¶

func Deny(mode PermissionMode, roles ...string) *Permission

Deny deny permission mode for roles

func DenyAnother ¶

func DenyAnother(mode PermissionMode, roles ...string) *Permission

DenyAnother deny another roles for permission mode

func NewPermission ¶

func NewPermission() *Permission

NewPermission initialize a new permission for default role

func (*Permission) Allow ¶

func (permission *Permission) Allow(mode PermissionMode, roles ...string) *Permission

Allow allows permission mode for roles

func (*Permission) AllowAny ¶

func (permission *Permission) AllowAny(roles ...string) *Permission

DenyAnother deny any roles for permission mode

func (*Permission) Concat ¶

func (permission *Permission) Concat(newPermission *Permission) *Permission

Concat concat two permissions into a new one

func (*Permission) Deny ¶

func (permission *Permission) Deny(mode PermissionMode, roles ...string) *Permission

Deny deny permission mode for roles

func (*Permission) DenyAnother ¶

func (permission *Permission) DenyAnother(mode PermissionMode, roles ...string) *Permission

DenyAnother deny another roles for permission mode

func (Permission) HasPermission ¶

func (permission Permission) HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) (perm Perm)

func (Permission) HasPermissionS ¶

func (permission Permission) HasPermissionS(ctx context.Context, mode PermissionMode, roles ...string) Perm

HasPermissionS check roles strings has permission for mode or not

type PermissionMode ¶

type PermissionMode string

PermissionMode permission mode

const (
	// Create predefined permission mode, create permission
	Create PermissionMode = "create"
	// Read predefined permission mode, read permission
	Read PermissionMode = "read"
	// Update predefined permission mode, update permission
	Update PermissionMode = "update"
	// Delete predefined permission mode, deleted permission
	Delete PermissionMode = "delete"
	// CRUD predefined permission mode, create+read+update+delete permission
	CRUD PermissionMode = "crud"
	NONE PermissionMode = ""
)

type Permissioner ¶

type Permissioner interface {
	// HasPermissionE check has permission for permissioners or not and return error
	HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) Perm
}

Permissioner permissioner interface

func Permissioners ¶

func Permissioners(ps ...Permissioner) Permissioner

Permissioners slice of permissioner

type Role ¶

type Role struct {
	// contains filtered or unexported fields
}

Role is a struct contains all roles descriptors

func New ¶

func New() *Role

New initialize a new `Role`

func (*Role) Allow ¶

func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission

Allow allows permission mode for roles

func (*Role) AllowAny ¶

func (role *Role) AllowAny(roles ...string) *Permission

DenyAny deny all roles for permission mode

func (Role) Copy ¶

func (role Role) Copy() *Role

Copy Copy this role

func (*Role) Deny ¶

func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission

Deny deny permission mode for roles

func (*Role) DenyAnother ¶

func (role *Role) DenyAnother(mode PermissionMode, roles ...string) *Permission

DenyAnother deny another roles for permission mode

func (*Role) Descriptors ¶

func (role *Role) Descriptors() (desciptors DescriptorSlice)

DescriptorSlice return slice of descriptors

func (*Role) Get ¶

func (role *Role) Get(name string) (descriptor *Descriptor, ok bool)

Get role defination

func (*Role) HasRole ¶

func (role *Role) HasRole(req *http.Request, user interface{}, roles ...string) bool

HasRole check if current user has role

func (*Role) MatchedRoles ¶

func (role *Role) MatchedRoles(req *http.Request, user interface{}) (roles Roles)

MatchedRoles return defined roles from user

func (*Role) NewPermission ¶

func (role *Role) NewPermission() *Permission

NewPermission initialize permission

func (*Role) Register ¶

func (role *Role) Register(descriptor ...*Descriptor)

Register register role with conditions

func (*Role) Remove ¶

func (role *Role) Remove(name string)

Remove role descriptor

func (*Role) Reset ¶

func (role *Role) Reset()

Reset role descriptors

func (*Role) Roles ¶

func (role *Role) Roles() (roles Roles)

Roles return roles names

type RoleHaver ¶

type RoleHaver interface {
	HasRole(name string) bool
}

type Roler ¶

type Roler interface {
	GetRoles() []string
}

Roler Roler interface

type Roles ¶

type Roles struct {
	// contains filtered or unexported fields
}

func MatchedRoles ¶

func MatchedRoles(req *http.Request, user interface{}) Roles

MatchedRoles return defined roles from user

func NewRoles ¶

func NewRoles(roles ...string) (r Roles)

func (*Roles) Append ¶

func (this *Roles) Append(name ...string)

func (Roles) Copy ¶

func (this Roles) Copy() (roles Roles)

func (Roles) Descriptors ¶

func (this Roles) Descriptors() (descriptors DescriptorSlice)

func (Roles) Each ¶

func (this Roles) Each(cb func(mode string))

func (Roles) Filter ¶

func (this Roles) Filter(cb func(mode string) (include bool)) (roles Roles)

func (Roles) Has ¶

func (this Roles) Has(name string) (ok bool)

func (Roles) Interfaces ¶

func (this Roles) Interfaces() (result []interface{})

func (Roles) Intersection ¶

func (this Roles) Intersection(names []string) (roles Roles)

func (Roles) Labels ¶

func (this Roles) Labels(ctx i18nmod.Context) (labels []string)

func (Roles) Len ¶

func (this Roles) Len() int

func (*Roles) Merge ¶

func (this *Roles) Merge(roles Roles)

func (Roles) String ¶

func (this Roles) String() string

func (Roles) Strings ¶

func (this Roles) Strings() (result []string)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL