Documentation ¶
Index ¶
- Constants
- Variables
- func HasRole(req *http.Request, user interface{}, roles ...string) bool
- func Register(descriptor ...*Descriptor)
- func Remove(name string)
- func Reset()
- type Checker
- type Descriptor
- type DescriptorSlice
- func (this DescriptorSlice) Each(cb func(descriptor *Descriptor))
- func (this DescriptorSlice) Filter(cb func(descriptor *Descriptor) (include bool)) (result DescriptorSlice)
- func (this DescriptorSlice) Intersection(names []string) DescriptorSlice
- func (this DescriptorSlice) Names() (result []string)
- type LocalRoleExtender
- type Perm
- type Permission
- func (permission *Permission) Allow(mode PermissionMode, roles ...string) *Permission
- func (permission *Permission) AllowAny(roles ...string) *Permission
- func (permission *Permission) Concat(newPermission *Permission) *Permission
- func (permission *Permission) Deny(mode PermissionMode, roles ...string) *Permission
- func (permission *Permission) DenyAnother(mode PermissionMode, roles ...string) *Permission
- func (permission Permission) HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) (perm Perm)
- func (permission Permission) HasPermissionS(ctx context.Context, mode PermissionMode, roles ...string) Perm
- type PermissionMode
- type Permissioner
- type Role
- func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission
- func (role *Role) AllowAny(roles ...string) *Permission
- func (role Role) Copy() *Role
- func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission
- func (role *Role) DenyAnother(mode PermissionMode, roles ...string) *Permission
- func (role *Role) Descriptors() (desciptors DescriptorSlice)
- func (role *Role) Get(name string) (descriptor *Descriptor, ok bool)
- func (role *Role) HasRole(req *http.Request, user interface{}, roles ...string) bool
- func (role *Role) MatchedRoles(req *http.Request, user interface{}) (roles Roles)
- func (role *Role) NewPermission() *Permission
- func (role *Role) Register(descriptor ...*Descriptor)
- func (role *Role) Remove(name string)
- func (role *Role) Reset()
- func (role *Role) Roles() (roles Roles)
- type RoleHaver
- type Roler
- type Roles
- func (this *Roles) Append(name ...string)
- func (this Roles) Copy() (roles Roles)
- func (this Roles) Descriptors() (descriptors DescriptorSlice)
- func (this Roles) Each(cb func(mode string))
- func (this Roles) Filter(cb func(mode string) (include bool)) (roles Roles)
- func (this Roles) Has(name string) (ok bool)
- func (this Roles) Interfaces() (result []interface{})
- func (this Roles) Intersection(names []string) (roles Roles)
- func (this Roles) Labels(ctx i18nmod.Context) (labels []string)
- func (this Roles) Len() int
- func (this *Roles) Merge(roles Roles)
- func (this Roles) String() string
- func (this Roles) Strings() (result []string)
Constants ¶
const ( // Anyone is a role for any one Anyone = "*" Visitor = "visitor" )
Variables ¶
var ErrPermissionDenied = errors.New("permission denied")
ErrPermissionDenied no permission error
var Global = &Role{}
Global global role instance
Functions ¶
Types ¶
type Descriptor ¶
func GetVisitor ¶
func GetVisitor() *Descriptor
func NewDescriptor ¶
func NewDescriptor(name string, checker Checker, label ...string) *Descriptor
func (Descriptor) GetID ¶
func (this Descriptor) GetID() aorm.ID
type DescriptorSlice ¶
type DescriptorSlice []*Descriptor
func (DescriptorSlice) Each ¶
func (this DescriptorSlice) Each(cb func(descriptor *Descriptor))
func (DescriptorSlice) Filter ¶
func (this DescriptorSlice) Filter(cb func(descriptor *Descriptor) (include bool)) (result DescriptorSlice)
func (DescriptorSlice) Intersection ¶
func (this DescriptorSlice) Intersection(names []string) DescriptorSlice
func (DescriptorSlice) Names ¶
func (this DescriptorSlice) Names() (result []string)
type LocalRoleExtender ¶
type LocalRoleExtender interface {
ExtendLocalRoles(role ...string)
}
LocalRoleExtender Local role extender interface
type Permission ¶
type Permission struct { Role *Role AllowedAny map[string]bool AllowedRoles map[PermissionMode][]string DeniedRoles map[PermissionMode][]string DaniedAnotherRoles map[PermissionMode][]string }
Permission a struct contains permission definitions
func Allow ¶
func Allow(mode PermissionMode, roles ...string) *Permission
Allow allows permission mode for roles
func AllowAny ¶
func AllowAny(roles ...string) *Permission
DenyAny deny any roles for permission mode
func Deny ¶
func Deny(mode PermissionMode, roles ...string) *Permission
Deny deny permission mode for roles
func DenyAnother ¶
func DenyAnother(mode PermissionMode, roles ...string) *Permission
DenyAnother deny another roles for permission mode
func NewPermission ¶
func NewPermission() *Permission
NewPermission initialize a new permission for default role
func (*Permission) Allow ¶
func (permission *Permission) Allow(mode PermissionMode, roles ...string) *Permission
Allow allows permission mode for roles
func (*Permission) AllowAny ¶
func (permission *Permission) AllowAny(roles ...string) *Permission
DenyAnother deny any roles for permission mode
func (*Permission) Concat ¶
func (permission *Permission) Concat(newPermission *Permission) *Permission
Concat concat two permissions into a new one
func (*Permission) Deny ¶
func (permission *Permission) Deny(mode PermissionMode, roles ...string) *Permission
Deny deny permission mode for roles
func (*Permission) DenyAnother ¶
func (permission *Permission) DenyAnother(mode PermissionMode, roles ...string) *Permission
DenyAnother deny another roles for permission mode
func (Permission) HasPermission ¶
func (permission Permission) HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) (perm Perm)
func (Permission) HasPermissionS ¶
func (permission Permission) HasPermissionS(ctx context.Context, mode PermissionMode, roles ...string) Perm
HasPermissionS check roles strings has permission for mode or not
type PermissionMode ¶
type PermissionMode string
PermissionMode permission mode
const ( // Create predefined permission mode, create permission Create PermissionMode = "create" // Read predefined permission mode, read permission Read PermissionMode = "read" // Update predefined permission mode, update permission Update PermissionMode = "update" // Delete predefined permission mode, deleted permission Delete PermissionMode = "delete" // CRUD predefined permission mode, create+read+update+delete permission CRUD PermissionMode = "crud" NONE PermissionMode = "" )
type Permissioner ¶
type Permissioner interface { // HasPermissionE check has permission for permissioners or not and return error HasPermission(ctx context.Context, mode PermissionMode, roles ...interface{}) Perm }
Permissioner permissioner interface
func Permissioners ¶
func Permissioners(ps ...Permissioner) Permissioner
Permissioners slice of permissioner
type Role ¶
type Role struct {
// contains filtered or unexported fields
}
Role is a struct contains all roles descriptors
func (*Role) Allow ¶
func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission
Allow allows permission mode for roles
func (*Role) AllowAny ¶
func (role *Role) AllowAny(roles ...string) *Permission
DenyAny deny all roles for permission mode
func (*Role) Deny ¶
func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission
Deny deny permission mode for roles
func (*Role) DenyAnother ¶
func (role *Role) DenyAnother(mode PermissionMode, roles ...string) *Permission
DenyAnother deny another roles for permission mode
func (*Role) Descriptors ¶
func (role *Role) Descriptors() (desciptors DescriptorSlice)
DescriptorSlice return slice of descriptors
func (*Role) Get ¶
func (role *Role) Get(name string) (descriptor *Descriptor, ok bool)
Get role defination
func (*Role) MatchedRoles ¶
MatchedRoles return defined roles from user
func (*Role) NewPermission ¶
func (role *Role) NewPermission() *Permission
NewPermission initialize permission
func (*Role) Register ¶
func (role *Role) Register(descriptor ...*Descriptor)
Register register role with conditions
type Roles ¶
type Roles struct {
// contains filtered or unexported fields
}
func MatchedRoles ¶
MatchedRoles return defined roles from user
func (Roles) Descriptors ¶
func (this Roles) Descriptors() (descriptors DescriptorSlice)
func (Roles) Interfaces ¶
func (this Roles) Interfaces() (result []interface{})