Documentation
¶
Index ¶
- Constants
- func NewCasbinHandler(next http.Handler, casbinOption *CasbinOption) http.Handler
- type Casbin
- type CasbinConfig
- type CasbinContextKey
- type CasbinHandler
- type CasbinOption
- type CasbinPolicy
- type GobisAdapter
- func (a *GobisAdapter) AddPolicies(policies ...CasbinPolicy)
- func (a *GobisAdapter) AddPoliciesFromRequest(req *http.Request)
- func (a *GobisAdapter) AddPolicy(sec string, ptype string, rule []string) error
- func (a *GobisAdapter) LoadPolicy(model model.Model) error
- func (a *GobisAdapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error
- func (a *GobisAdapter) RemovePolicy(sec string, ptype string, rule []string) error
- func (a GobisAdapter) SavePolicy(model model.Model) error
Constants ¶
View Source
const MODEL_CONF = `` /* 249-byte string literal not displayed */
Variables ¶
This section is empty.
Functions ¶
func NewCasbinHandler ¶
func NewCasbinHandler(next http.Handler, casbinOption *CasbinOption) http.Handler
Types ¶
type CasbinConfig ¶
type CasbinConfig struct {
Casbin *CasbinOption `mapstructure:"casbin" json:"casbin" yaml:"casbin"`
}
type CasbinContextKey ¶
type CasbinContextKey int
const (
PolicyContextKey CasbinContextKey = iota
)
type CasbinHandler ¶
type CasbinHandler struct {
// contains filtered or unexported fields
}
func (CasbinHandler) CheckPermission ¶
CheckPermission checks the user/method/path combination from the request. Returns true (permission granted) or false (permission forbidden)
func (CasbinHandler) ServeHTTP ¶
func (h CasbinHandler) ServeHTTP(w http.ResponseWriter, req *http.Request)
type CasbinOption ¶
type CasbinOption struct {
// Enable casbin access control
Enabled bool `mapstructure:"enabled" json:"enabled" yaml:"enabled"`
// List of policies to load
// middleware will load as role policies all group found by using `ctx.Groups(*http.Request)`
// It will also load policies found in context `casbin.PolicyContextKey` (value should be passed in context should be *[]CasbinPolicy)
Policies []CasbinPolicy `mapstructure:"policies" json:"policies" yaml:"policies"`
// This is a perm conf in casbin format (see: https://github.com/casbin/casbin#examples )
// by default this will be loaded:
/*
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")
*/
PermConf string `mapstructure:"perm_conf" json:"perm_conf" yaml:"perm_conf"`
}
type CasbinPolicy ¶
type CasbinPolicy struct {
// Type of policy, with default config it can be p (target) or g (role)
Type string `mapstructure:"type" json:"type" yaml:"type"`
// Subject of the policy, this can be a username retrieve basic auth or a role name
// For example if use ldap middleware you can use username or a group where the user is member of
Sub string `mapstructure:"sub" json:"sub" yaml:"sub"`
// Object of the policy, with default perm config it will be the following path set in your route
// e.g.: with path = "/app/**" object will be /* to allow everything after /app
Obj string `mapstructure:"obj" json:"obj" yaml:"obj"`
// Operation of the policy, with default config it will be an http method like GET, POST, ... or * for evything
Act string `mapstructure:"act" json:"act" yaml:"act"`
}
type GobisAdapter ¶
type GobisAdapter struct {
// contains filtered or unexported fields
}
func NewGobisAdapter ¶
func NewGobisAdapter() *GobisAdapter
func (*GobisAdapter) AddPolicies ¶
func (a *GobisAdapter) AddPolicies(policies ...CasbinPolicy)
func (*GobisAdapter) AddPoliciesFromRequest ¶
func (a *GobisAdapter) AddPoliciesFromRequest(req *http.Request)
func (*GobisAdapter) AddPolicy ¶
func (a *GobisAdapter) AddPolicy(sec string, ptype string, rule []string) error
func (*GobisAdapter) LoadPolicy ¶
func (a *GobisAdapter) LoadPolicy(model model.Model) error
func (*GobisAdapter) RemoveFilteredPolicy ¶
func (a *GobisAdapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error
RemoveFilteredPolicy removes policy rules that match the filter from the storage.
func (*GobisAdapter) RemovePolicy ¶
func (a *GobisAdapter) RemovePolicy(sec string, ptype string, rule []string) error
RemovePolicy removes a policy rule from the storage.
func (GobisAdapter) SavePolicy ¶
func (a GobisAdapter) SavePolicy(model model.Model) error
Source Files
Click to show internal directories.
Click to hide internal directories.