README
¶
acl
| 
| |
A simple acl implementation.
If i miss something or you have something interesting, please be part of this project. Let me know! My contact is at the end.
With support for
-
domain
-
role
-
resource category
-
resource page
-
resource type
-
resource
-
role resource
-
user resource
-
endpoint
-
endpoint resource
-
user endpoint
Endpoints
-
Get categories:
Method: GET
Route: http://localhost:9001/api/v1/acl/domains/app/categories
Response:
[ { "name": "Home Page", "key": "home", "description": "site home page", "active": true, "created_at": "2019-03-28T20:01:23.161Z", "updated_at": "2019-03-28T20:01:23.161Z" }, { "name": "Settings Page", "key": "settings", "description": "site settings page", "active": true, "created_at": "2019-03-28T20:01:50.697Z", "updated_at": "2019-03-28T20:01:50.697Z" } ] -
Get category pages:
Method: GET
Route: http://localhost:9001/api/v1/acl/domains/app/categories/home/pages
Response:
[ { "name": "Banner Page", "key": "banner", "description": "site banner page", "active": true, "created_at": "2019-03-28T20:01:23.161Z", "updated_at": "2019-03-28T20:01:23.161Z" }, { "name": "Promotion Page", "key": "promotion", "description": "site promotion page", "active": true, "created_at": "2019-03-28T20:01:23.161Z", "updated_at": "2019-03-28T20:01:23.161Z" } ] -
Get category page:
Method: GET
Route: http://localhost:9001/api/v1/acl/domains/app/categories/home/pages/promotion
Response:
{ "name": "Promotion Page", "key": "promotion", "description": "site promotion page", "active": true, "created_at": "2019-03-28T20:01:23.161Z", "updated_at": "2019-03-28T20:01:23.161Z" } -
Get page resources:
Method: GET
Route: hhttp://localhost:9001/api/v1/acl/roles/admin/categories/home/pages/promotion/resources
Response:
[ { "name": "Read Access Home", "key": "access.home.read", "resource_category_key": "home", "resource_page_key": "promotion", "resource_type_key": "app", "description": "read access to home page", "active": true, "created_at": "2019-03-28T20:03:29.061Z", "updated_at": "2019-03-28T20:04:12.06Z" }, { "name": "Write Access Home", "key": "access.home.write", "resource_category_key": "home", "resource_page_key": "promotion", "resource_type_key": "app", "description": "write access to home page", "active": true, "created_at": "2019-03-28T20:04:12.054Z", "updated_at": "2019-03-28T20:04:12.054Z" } ] -
Get page resources of a type:
Method: GET
Route: http://localhost:9001/api/v1/acl/roles/admin/pages/promotion/resources/types/app
Response:
[ { "name": "Read Access Home", "key": "access.home.read", "resource_category_key": "home", "resource_page_key": "promotion", "resource_type_key": "app", "description": "read access to home page", "active": true, "created_at": "2019-03-28T20:03:29.061Z", "updated_at": "2019-03-28T20:04:12.06Z" }, { "name": "Write Access Home", "key": "access.home.write", "resource_category_key": "home", "resource_page_key": "promotion", "resource_type_key": "app", "description": "write access to home page", "active": true, "created_at": "2019-03-28T20:04:12.054Z", "updated_at": "2019-03-28T20:04:12.054Z" } ] -
Check endpoint access:
Method: GET
Route: http://localhost:8001/api/v1/acl/roles/admin/resources/types/app?method=GET&endpoint=/api/v1/dummy
Response:
{ "is_allowed": true } -
Check endpoint access by middleware:
Method: GET
Route: http://localhost:8001/api/v1/dummy?domain_key=app&role_key=admin&resource_type_key=app
Response: Status: 204
Dependecy Management
Dependency
Project dependencies are managed using Dep. Read more about Dep.
- Get dependency manager:
go get github.com/joaosoft/dependency - Install dependencies:
dependency get
Go
go get github.com/joaosoft/acl
Configuration
{
"acl": {
"host": "localhost:8001",
"token_key": "banana",
"dbr": {
"db": {
"driver": "postgres",
"datasource": "postgres://user:password@localhost:7000/postgres?sslmode=disable&acl_path=acl"
}
},
"log": {
"level": "info"
},
"migration": {
"path": {
"database": "schema/db/postgres"
},
"db": {
"schema": "acl",
"driver": "postgres",
"datasource": "postgres://user:password@localhost:7000/postgres?sslmode=disable&acl_path=acl"
},
"log": {
"level": "info"
}
}
},
"manager": {
"log": {
"level": "info"
}
}
}
Usage
This examples are available in the project at acl/examples
func main() {
m, err := acl.NewAcl()
if err != nil {
panic(err)
}
if err := m.Start(); err != nil {
panic(err)
}
}
Known issues
Follow me at
Facebook: https://www.facebook.com/joaosoft
LinkedIn: https://www.linkedin.com/in/jo%C3%A3o-ribeiro-b2775438/
If you have something to add, please let me know joaosoft@gmail.com
Documentation
¶
Index ¶
- Variables
- func EncodeString(s string) string
- func Exists(file string) bool
- func GetEnv() string
- func ReadFile(file string, obj interface{}) ([]byte, error)
- func ReadFileLines(file string) ([]string, error)
- func WriteFile(file string, obj interface{}) error
- type Acl
- type AclConfig
- type AclOption
- type Allowed
- type AppConfig
- type Categories
- type Category
- type CheckAclMiddleware
- type CheckEndpointAccessRequest
- type CheckEndpointAccessResponse
- type Controller
- func (c *Controller) CheckEndpointAccessHandler(ctx *web.Context) error
- func (c *Controller) DummyHandler(ctx *web.Context) error
- func (c *Controller) GetResourceCategoriesHandler(ctx *web.Context) error
- func (c *Controller) GetResourceCategoryPageHandler(ctx *web.Context) error
- func (c *Controller) GetResourceCategoryPagesHandler(ctx *web.Context) error
- func (c *Controller) GetResourcesByTypeHandler(ctx *web.Context) error
- func (c *Controller) GetResourcesHandler(ctx *web.Context) error
- func (c *Controller) MiddlewareAcl() web.MiddlewareFunc
- func (c *Controller) RegisterRoutes(w manager.IWeb) error
- type ErrorResponse
- type GetPageResourcesByTypeRequest
- type GetPageResourcesRequest
- type GetResourceCategoriesRequest
- type GetResourceCategoryPageRequest
- type GetResourceCategoryPagesRequest
- type IStorageDB
- type Interactor
- func (i *Interactor) CheckAcl(request *CheckAclMiddleware) (bool, error)
- func (i *Interactor) CheckEndpointAccess(request *CheckEndpointAccessRequest) (bool, error)
- func (i *Interactor) GetPageResources(request *GetPageResourcesRequest) (Resources, error)
- func (i *Interactor) GetResourceCategories(request *GetResourceCategoriesRequest) (Categories, error)
- func (i *Interactor) GetResourceCategoryPage(request *GetResourceCategoryPageRequest) (*Page, error)
- func (i *Interactor) GetResourceCategoryPages(request *GetResourceCategoryPagesRequest) (Pages, error)
- func (i *Interactor) GetResourcesByType(request *GetPageResourcesByTypeRequest) (Resources, error)
- type Page
- type Pages
- type Resource
- type Resources
- type StoragePostgres
- func (storage *StoragePostgres) CheckEndpointAccess(roleKey, resourceTypeKey, method, endpoint, idUser string) (bool, error)
- func (storage *StoragePostgres) GetPageResources(roleKey, resourcePageKey, idUser string) (Resources, error)
- func (storage *StoragePostgres) GetPageResourcesByType(roleKey, resourcePageKey, resourceTypeKey, idUser string) (Resources, error)
- func (storage *StoragePostgres) GetResourceCategories(domainKey string) (Categories, error)
- func (storage *StoragePostgres) GetResourceCategoryPage(domainKey, resourcePageKey string) (*Page, error)
- func (storage *StoragePostgres) GetResourceCategoryPages(domainKey, resourceCategoryKey string) (Pages, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrorGeneric = errors.New(errors.LevelError, int(web.StatusForbidden), "%s") ErrorAclAccessDenied = errors.New(errors.LevelError, int(web.StatusForbidden), "acl access denied") )
Functions ¶
func EncodeString ¶
func ReadFileLines ¶
Types ¶
type AclConfig ¶
type AclConfig struct {
Host string `json:"host"`
Dbr *dbr.DbrConfig `json:"dbr"`
TokenKey string `json:"token_key"`
ExpirationMinutes int64 `json:"expiration_minutes"`
Migration *migration.MigrationConfig `json:"migration"`
Log struct {
Level string `json:"level"`
} `json:"log"`
}
AclConfig ...
type Categories ¶
type Categories []*Category
type Category ¶
type Category struct {
Name string `json:"name" db:"name"`
Key string `json:"key" db:"key"`
Description string `json:"description" db:"description"`
ParentResourceCategoryKey *string `json:"parent_resource_category_key,omitempty" db:"parent_resource_category_key"`
Active bool `json:"active" db:"active"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
}
type CheckAclMiddleware ¶
type CheckAclMiddleware struct {
Method string `json:"method" validate:"notzero"`
Endpoint string `json:"endpoint" validate:"notzero"`
Params struct {
RoleKey string `json:"role_key" validate:"notzero"`
ResourceTypeKey string `json:"resource_type_key" validate:"notzero"`
User string `json:"user" validate:"notzero"`
}
}
type CheckEndpointAccessRequest ¶
type CheckEndpointAccessRequest struct {
UrlParams struct {
RoleKey string `json:"role_key" validate:"notzero"`
ResourceTypeKey string `json:"resource_type_key" validate:"notzero"`
}
Params struct {
Method string `json:"method" validate:"notzero"`
Endpoint string `json:"endpoint" validate:"notzero"`
User string `json:"user" validate:"notzero"`
}
}
type CheckEndpointAccessResponse ¶
type CheckEndpointAccessResponse struct {
IsAllowed bool `json:"is_allowed"`
}
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
func NewController ¶
func NewController(config *AclConfig, interactor *Interactor) *Controller
func (*Controller) CheckEndpointAccessHandler ¶
func (c *Controller) CheckEndpointAccessHandler(ctx *web.Context) error
func (*Controller) DummyHandler ¶
func (c *Controller) DummyHandler(ctx *web.Context) error
func (*Controller) GetResourceCategoriesHandler ¶
func (c *Controller) GetResourceCategoriesHandler(ctx *web.Context) error
func (*Controller) GetResourceCategoryPageHandler ¶
func (c *Controller) GetResourceCategoryPageHandler(ctx *web.Context) error
func (*Controller) GetResourceCategoryPagesHandler ¶
func (c *Controller) GetResourceCategoryPagesHandler(ctx *web.Context) error
func (*Controller) GetResourcesByTypeHandler ¶
func (c *Controller) GetResourcesByTypeHandler(ctx *web.Context) error
func (*Controller) GetResourcesHandler ¶
func (c *Controller) GetResourcesHandler(ctx *web.Context) error
func (*Controller) MiddlewareAcl ¶
func (c *Controller) MiddlewareAcl() web.MiddlewareFunc
func (*Controller) RegisterRoutes ¶
func (c *Controller) RegisterRoutes(w manager.IWeb) error
type ErrorResponse ¶
type GetPageResourcesByTypeRequest ¶
type GetPageResourcesByTypeRequest struct {
UrlParams struct {
RoleKey string `json:"role_key" validate:"notzero"`
ResourcePageKey string `json:"resource_page_key" validate:"notzero"`
ResourceTypeKey string `json:"resource_type_key" validate:"notzero"`
}
Params struct {
User string `json:"user" validate:"notzero"`
}
}
type GetPageResourcesRequest ¶
type GetResourceCategoriesRequest ¶
type GetResourceCategoriesRequest struct {
DomainKey string `json:"domain_key" validate:"notzero"`
}
type IStorageDB ¶
type IStorageDB interface {
GetResourceCategories(domainKey string) (Categories, error)
GetResourceCategoryPages(domainKey, resourceCategoryKey string) (Pages, error)
GetResourceCategoryPage(domainKey, resourcePageKey string) (*Page, error)
GetPageResources(roleKey, resourcePageKey, user string) (Resources, error)
GetPageResourcesByType(roleKey, resourcePageKey string, resourceTypeKey, user string) (Resources, error)
CheckEndpointAccess(roleKey, resourceTypeKey, method, endpoint, user string) (isAllowed bool, err error)
}
type Interactor ¶
type Interactor struct {
// contains filtered or unexported fields
}
func NewInteractor ¶
func NewInteractor(config *AclConfig, storageDB IStorageDB) *Interactor
func (*Interactor) CheckAcl ¶
func (i *Interactor) CheckAcl(request *CheckAclMiddleware) (bool, error)
func (*Interactor) CheckEndpointAccess ¶
func (i *Interactor) CheckEndpointAccess(request *CheckEndpointAccessRequest) (bool, error)
func (*Interactor) GetPageResources ¶
func (i *Interactor) GetPageResources(request *GetPageResourcesRequest) (Resources, error)
func (*Interactor) GetResourceCategories ¶
func (i *Interactor) GetResourceCategories(request *GetResourceCategoriesRequest) (Categories, error)
func (*Interactor) GetResourceCategoryPage ¶
func (i *Interactor) GetResourceCategoryPage(request *GetResourceCategoryPageRequest) (*Page, error)
func (*Interactor) GetResourceCategoryPages ¶
func (i *Interactor) GetResourceCategoryPages(request *GetResourceCategoryPagesRequest) (Pages, error)
func (*Interactor) GetResourcesByType ¶
func (i *Interactor) GetResourcesByType(request *GetPageResourcesByTypeRequest) (Resources, error)
type Page ¶
type Page struct {
Name string `json:"name" db:"name"`
Key string `json:"key" db:"key"`
Description string `json:"description" db:"description"`
ParentResourcePageKey *string `json:"parent_resource_page_key,omitempty" db:"parent_resource_page_key"`
Active bool `json:"active" db:"active"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
}
type Resource ¶
type Resource struct {
Name string `json:"name" db:"name"`
Key string `json:"key" db:"key"`
ResourceCategoryKey string `json:"resource_category_key" db:"resource_category_key"`
ResourcePageKey string `json:"resource_page_key" db:"resource_page_key"`
ResourceTypeKey string `json:"resource_type_key" db:"resource_type_key"`
Description string `json:"description" db:"description"`
Active bool `json:"active" db:"active"`
CreatedAt time.Time `json:"created_at" db:"created_at"`
UpdatedAt time.Time `json:"updated_at" db:"updated_at"`
}
type StoragePostgres ¶
type StoragePostgres struct {
// contains filtered or unexported fields
}
func NewStoragePostgres ¶
func NewStoragePostgres(config *AclConfig) (*StoragePostgres, error)
func (*StoragePostgres) CheckEndpointAccess ¶
func (storage *StoragePostgres) CheckEndpointAccess(roleKey, resourceTypeKey, method, endpoint, idUser string) (bool, error)
func (*StoragePostgres) GetPageResources ¶
func (storage *StoragePostgres) GetPageResources(roleKey, resourcePageKey, idUser string) (Resources, error)
func (*StoragePostgres) GetPageResourcesByType ¶
func (storage *StoragePostgres) GetPageResourcesByType(roleKey, resourcePageKey, resourceTypeKey, idUser string) (Resources, error)
func (*StoragePostgres) GetResourceCategories ¶
func (storage *StoragePostgres) GetResourceCategories(domainKey string) (Categories, error)
func (*StoragePostgres) GetResourceCategoryPage ¶
func (storage *StoragePostgres) GetResourceCategoryPage(domainKey, resourcePageKey string) (*Page, error)
func (*StoragePostgres) GetResourceCategoryPages ¶
func (storage *StoragePostgres) GetResourceCategoryPages(domainKey, resourceCategoryKey string) (Pages, error)
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.