Documentation ¶
Index ¶
- Constants
- type Assertion
- type AssertionMap
- type FunctionMap
- type Model
- func (model Model) AddDef(sec string, key string, value string) bool
- func (model Model) AddPolicies(sec string, ptype string, rules [][]string)
- func (model Model) AddPolicy(sec string, ptype string, rule []string)
- func (model Model) BuildIncrementalRoleLinks(rm rbac.RoleManager, op PolicyOp, sec string, ptype string, rules [][]string) error
- func (model Model) BuildRoleLinks(rm rbac.RoleManager) error
- func (model Model) ClearPolicy()
- func (model Model) GetFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) [][]string
- func (model Model) GetPolicy(sec string, ptype string) [][]string
- func (model Model) GetValuesForFieldInPolicy(sec string, ptype string, fieldIndex int) []string
- func (model Model) GetValuesForFieldInPolicyAllTypes(sec string, fieldIndex int) []string
- func (model Model) HasPolicies(sec string, ptype string, rules [][]string) bool
- func (model Model) HasPolicy(sec string, ptype string, rule []string) bool
- func (model Model) LoadModel(path string) error
- func (model Model) LoadModelFromText(text string) error
- func (model Model) PrintModel()
- func (model Model) PrintPolicy()
- func (model Model) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (bool, [][]string)
- func (model Model) RemovePolicies(sec string, ptype string, rules [][]string) bool
- func (model Model) RemovePolicy(sec string, ptype string, rule []string) bool
- type PolicyOp
Constants ¶
const DefaultSep = ","
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Assertion ¶
type Assertion struct { Key string Value string Tokens []string Policy [][]string PolicyMap map[string]int RM rbac.RoleManager }
Assertion represents an expression in a section of the model. For example: r = sub, obj, act
type AssertionMap ¶
AssertionMap is the collection of assertions, can be "r", "p", "g", "e", "m".
type FunctionMap ¶
type FunctionMap struct {
// contains filtered or unexported fields
}
FunctionMap represents the collection of Function.
func LoadFunctionMap ¶
func LoadFunctionMap() FunctionMap
LoadFunctionMap loads an initial function map.
func (*FunctionMap) AddFunction ¶
func (fm *FunctionMap) AddFunction(name string, function govaluate.ExpressionFunction)
AddFunction adds an expression function.
func (*FunctionMap) GetFunctions ¶
func (fm *FunctionMap) GetFunctions() map[string]govaluate.ExpressionFunction
GetFunctions return a map with all the functions
type Model ¶
type Model map[string]AssertionMap
Model represents the whole access control model.
func NewModelFromFile ¶
NewModelFromFile creates a model from a .CONF file.
func NewModelFromString ¶
NewModelFromString creates a model from a string which contains model text.
func (Model) AddPolicies ¶
AddPolicies adds policy rules to the model.
func (Model) BuildIncrementalRoleLinks ¶
func (model Model) BuildIncrementalRoleLinks(rm rbac.RoleManager, op PolicyOp, sec string, ptype string, rules [][]string) error
BuildIncrementalRoleLinks provides incremental build the role inheritance relations.
func (Model) BuildRoleLinks ¶
func (model Model) BuildRoleLinks(rm rbac.RoleManager) error
BuildRoleLinks initializes the roles in RBAC.
func (Model) GetFilteredPolicy ¶
func (model Model) GetFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) [][]string
GetFilteredPolicy gets rules based on field filters from a policy.
func (Model) GetValuesForFieldInPolicy ¶
GetValuesForFieldInPolicy gets all values for a field for all rules in a policy, duplicated values are removed.
func (Model) GetValuesForFieldInPolicyAllTypes ¶
GetValuesForFieldInPolicyAllTypes gets all values for a field for all rules in a policy of all ptypes, duplicated values are removed.
func (Model) HasPolicies ¶
HasPolicies determines whether a model has any of the specified policies. If one is found we return false.
func (Model) LoadModelFromText ¶
LoadModelFromText loads the model from the text.
func (Model) RemoveFilteredPolicy ¶
func (model Model) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (bool, [][]string)
RemoveFilteredPolicy removes policy rules based on field filters from the model.
func (Model) RemovePolicies ¶
RemovePolicies removes policy rules from the model.