README
¶
Roles
Permissions
Roles provide 5 permissions:
`Read`, `Update`, `Create`, `Delete`, `CRUD`
Register role
roles.Register("admin", func(req *http.Request, currentUser qor.CurrentUser) bool {
return currentUser.(*User).Role == "admin"
})
Get matched roles of user
roles.MatchedRoles(httpRequest, user)
Allow
Allow permissions on role, white list pattern
permission := roles.Allow(roles.Read, "admin")
permission.HasPermission(roles.Read, "admin") // true
permission.HasPermission(roles.Create, "admin") // false
You can allow permission in chain
permission := roles.Allow(roles.Read, "admin").Allow(roles.CRUD, "manager")
permission.HasPermission(roles.Read, "admin") // true
permission.HasPermission(roles.Read, "manager") // true
permission.HasPermission(roles.Create, "manager") // true
permission.HasPermission(roles.Update, "manager") // true
permission.HasPermission(roles.Delete, "manager") // true
Deny
Deny permissions on role, black list pattern
permission := roles.Deny(roles.Read, "admin")
permission.HasPermission(roles.Read, "admin") // false
permission.HasPermission(roles.Create, "admin") // true
To deny permission in chain
permission := roles.Deny(roles.Read, "admin").Deny(roles.Delete, "user")
permission.HasPermission(roles.Read, "admin") // false
permission.HasPermission(roles.Delete, "user") // false
Documentation
¶
Index ¶
- Variables
- func MatchedRoles(req *http.Request, currentUser qor.CurrentUser) []string
- func Register(name string, fc func(req *http.Request, currentUser qor.CurrentUser) bool)
- type Permission
- type PermissionMode
- type Role
- func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission
- func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission
- func (role *Role) Get(name string) (func(req *http.Request, currentUser qor.CurrentUser) bool, bool)
- func (role *Role) MatchedRoles(req *http.Request, currentUser qor.CurrentUser) (roles []string)
- func (role *Role) Register(name string, fc func(req *http.Request, currentUser qor.CurrentUser) bool)
Constants ¶
This section is empty.
Variables ¶
View Source
var All = map[string]PermissionMode{"Read": Read, "Update": Update, "Create": Create, "Delete": Delete, "CRUD": CRUD}
Functions ¶
func MatchedRoles ¶
func MatchedRoles(req *http.Request, currentUser qor.CurrentUser) []string
Types ¶
type Permission ¶
type Permission struct {
Role *Role
// contains filtered or unexported fields
}
func Allow ¶
func Allow(mode PermissionMode, roles ...string) *Permission
func Deny ¶
func Deny(mode PermissionMode, roles ...string) *Permission
func NewPermission ¶
func NewPermission() *Permission
func (*Permission) Allow ¶
func (permission *Permission) Allow(mode PermissionMode, roles ...string) *Permission
func (*Permission) Deny ¶
func (permission *Permission) Deny(mode PermissionMode, roles ...string) *Permission
func (*Permission) HasPermission ¶
func (permission *Permission) HasPermission(mode PermissionMode, roles ...string) bool
type PermissionMode ¶
type PermissionMode uint32
const ( Read PermissionMode = 1 << (32 - 1 - iota) Update Create Delete CRUD )
type Role ¶
type Role struct {
// contains filtered or unexported fields
}
func (*Role) Allow ¶
func (role *Role) Allow(mode PermissionMode, roles ...string) *Permission
func (*Role) Deny ¶
func (role *Role) Deny(mode PermissionMode, roles ...string) *Permission
func (*Role) MatchedRoles ¶
Source Files
Click to show internal directories.
Click to hide internal directories.