Documentation ¶
Index ¶
- func NewModel(params ...interface{}) model.Model
- type Effect
- type Enforcer
- func (e *Enforcer) AddFunction(name string, function func(args ...interface{}) (interface{}, error))
- func (e *Enforcer) AddGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) AddPermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) AddPolicy(params ...interface{}) bool
- func (e *Enforcer) AddRoleForUser(user string, role string) bool
- func (e *Enforcer) AddRoleForUserInDomain(user string, role string, domain string) bool
- func (e *Enforcer) ClearPolicy()
- func (e *Enforcer) DeletePermission(permission ...string) bool
- func (e *Enforcer) DeletePermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) DeletePermissionsForUser(user string) bool
- func (e *Enforcer) DeleteRole(role string)
- func (e *Enforcer) DeleteRoleForUser(user string, role string) bool
- func (e *Enforcer) DeleteRoleForUserInDomain(user string, role string, domain string) bool
- func (e *Enforcer) DeleteRolesForUser(user string) bool
- func (e *Enforcer) DeleteUser(user string) bool
- func (e *Enforcer) EnableAutoSave(autoSave bool)
- func (e *Enforcer) EnableEnforce(enable bool)
- func (e *Enforcer) EnableLog(enable bool)
- func (e *Enforcer) Enforce(rvals ...interface{}) bool
- func (e *Enforcer) EnforceSafe(rvals ...interface{}) (result bool, err error)
- func (e *Enforcer) GetAdapter() persist.Adapter
- func (e *Enforcer) GetAllActions() []string
- func (e *Enforcer) GetAllObjects() []string
- func (e *Enforcer) GetAllRoles() []string
- func (e *Enforcer) GetAllSubjects() []string
- func (e *Enforcer) GetFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetFilteredPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetGroupingPolicy() [][]string
- func (e *Enforcer) GetModel() model.Model
- func (e *Enforcer) GetPermissionsForUser(user string) [][]string
- func (e *Enforcer) GetPermissionsForUserInDomain(user string, domain string) [][]string
- func (e *Enforcer) GetPolicy() [][]string
- func (e *Enforcer) GetRolesForUser(name string) []string
- func (e *Enforcer) GetRolesForUserInDomain(name string, domain string) []string
- func (e *Enforcer) GetUsersForRole(name string) []string
- func (e *Enforcer) HasGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) HasPermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) HasPolicy(params ...interface{}) bool
- func (e *Enforcer) HasRoleForUser(name string, role string) bool
- func (e *Enforcer) InitWithAdapter(modelPath string, adapter persist.Adapter)
- func (e *Enforcer) InitWithFile(modelPath string, policyPath string)
- func (e *Enforcer) InitWithModelAndAdapter(m model.Model, adapter persist.Adapter)
- func (e *Enforcer) LoadModel()
- func (e *Enforcer) LoadModelSafe() (err error)
- func (e *Enforcer) LoadPolicy() error
- func (e *Enforcer) RemoveFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveFilteredPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) RemovePolicy(params ...interface{}) bool
- func (e *Enforcer) SavePolicy() error
- func (e *Enforcer) SetAdapter(adapter persist.Adapter)
- func (e *Enforcer) SetModel(model model.Model)
- func (e *Enforcer) SetRoleManager(rmc rbac.RoleManagerConstructor)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Enforcer ¶
type Enforcer struct {
// contains filtered or unexported fields
}
Enforcer is the main interface for authorization enforcement and policy management.
func NewEnforcer ¶ added in v0.0.5
func NewEnforcer(params ...interface{}) *Enforcer
NewEnforcer creates an enforcer via file or DB. File: e := casbin.NewEnforcer("path/to/basic_model.conf", "path/to/basic_policy.conf") MySQL DB: a := mysqladapter.NewDBAdapter("mysql", "mysql_username:mysql_password@tcp(127.0.0.1:3306)/") e := casbin.NewEnforcer("path/to/basic_model.conf", a)
func NewEnforcerSafe ¶ added in v0.3.0
NewEnforcerSafe calls NewEnforcer in a safe way, returns error instead of causing panic.
func (*Enforcer) AddFunction ¶ added in v0.0.6
func (e *Enforcer) AddFunction(name string, function func(args ...interface{}) (interface{}, error))
AddFunction adds a customized function.
func (*Enforcer) AddGroupingPolicy ¶ added in v0.0.2
AddGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddPermissionForUser ¶ added in v0.0.5
AddPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).
func (*Enforcer) AddPolicy ¶ added in v0.0.2
AddPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddRoleForUser ¶ added in v0.0.5
AddRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).
func (*Enforcer) AddRoleForUserInDomain ¶ added in v1.0.0
AddRoleForUserInDomain adds a role for a user inside a domain. Returns false if the user already has the role (aka not affected).
func (*Enforcer) ClearPolicy ¶ added in v0.0.5
func (e *Enforcer) ClearPolicy()
ClearPolicy clears all policy.
func (*Enforcer) DeletePermission ¶ added in v0.0.5
DeletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).
func (*Enforcer) DeletePermissionForUser ¶ added in v0.6.0
DeletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).
func (*Enforcer) DeletePermissionsForUser ¶ added in v0.0.5
DeletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).
func (*Enforcer) DeleteRole ¶ added in v0.0.5
DeleteRole deletes a role.
func (*Enforcer) DeleteRoleForUser ¶ added in v0.6.0
DeleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).
func (*Enforcer) DeleteRoleForUserInDomain ¶ added in v1.0.0
DeleteRoleForUserInDomain deletes a role for a user inside a domain. Returns false if the user does not have the role (aka not affected).
func (*Enforcer) DeleteRolesForUser ¶ added in v0.0.5
DeleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).
func (*Enforcer) DeleteUser ¶ added in v0.0.5
DeleteUser deletes a user. Returns false if the user does not exist (aka not affected).
func (*Enforcer) EnableAutoSave ¶ added in v0.10.0
EnableAutoSave controls whether to save a policy rule automatically to the adapter when it is added or removed.
func (*Enforcer) EnableEnforce ¶ added in v0.10.0
EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, all access will be allowed by the Enforce() function.
func (*Enforcer) EnableLog ¶ added in v0.6.0
EnableLog changes whether to print Casbin log to the standard output.
func (*Enforcer) Enforce ¶ added in v0.0.2
Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
func (*Enforcer) EnforceSafe ¶ added in v0.3.0
EnforceSafe calls Enforce in a safe way, returns error instead of causing panic.
func (*Enforcer) GetAdapter ¶ added in v0.8.0
GetAdapter gets the current adapter.
func (*Enforcer) GetAllActions ¶ added in v0.0.2
GetAllActions gets the list of actions that show up in the current policy.
func (*Enforcer) GetAllObjects ¶ added in v0.0.2
GetAllObjects gets the list of objects that show up in the current policy.
func (*Enforcer) GetAllRoles ¶ added in v0.0.2
GetAllRoles gets the list of roles that show up in the current policy.
func (*Enforcer) GetAllSubjects ¶ added in v0.0.2
GetAllSubjects gets the list of subjects that show up in the current policy.
func (*Enforcer) GetFilteredGroupingPolicy ¶ added in v0.9.0
GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
func (*Enforcer) GetFilteredPolicy ¶ added in v0.0.2
GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
func (*Enforcer) GetGroupingPolicy ¶ added in v0.0.2
GetGroupingPolicy gets all the role inheritance rules in the policy.
func (*Enforcer) GetPermissionsForUser ¶ added in v0.0.5
GetPermissionsForUser gets permissions for a user or role.
func (*Enforcer) GetPermissionsForUserInDomain ¶ added in v1.0.0
GetPermissionsForUserInDomain gets permissions for a user or role inside a domain.
func (*Enforcer) GetPolicy ¶ added in v0.0.2
GetPolicy gets all the authorization rules in the policy.
func (*Enforcer) GetRolesForUser ¶ added in v0.0.5
GetRolesForUser gets the roles that a user has.
func (*Enforcer) GetRolesForUserInDomain ¶ added in v1.0.0
GetRolesForUserInDomain gets the roles that a user has inside a domain.
func (*Enforcer) GetUsersForRole ¶ added in v0.7.0
GetUsersForRole gets the users that has a role.
func (*Enforcer) HasGroupingPolicy ¶ added in v0.6.0
HasGroupingPolicy determines whether a role inheritance rule exists.
func (*Enforcer) HasPermissionForUser ¶ added in v0.6.0
HasPermissionForUser determines whether a user has a permission.
func (*Enforcer) HasPolicy ¶ added in v0.6.0
HasPolicy determines whether an authorization rule exists.
func (*Enforcer) HasRoleForUser ¶ added in v0.6.0
HasRoleForUser determines whether a user has a role.
func (*Enforcer) InitWithAdapter ¶ added in v0.0.5
InitWithAdapter initializes an enforcer with a database adapter.
func (*Enforcer) InitWithFile ¶ added in v0.0.5
InitWithFile initializes an enforcer with a model file and a policy file.
func (*Enforcer) InitWithModelAndAdapter ¶ added in v0.8.0
InitWithModelAndAdapter initializes an enforcer with a model and a database adapter.
func (*Enforcer) LoadModel ¶ added in v0.0.5
func (e *Enforcer) LoadModel()
LoadModel reloads the model from the model CONF file. Because the policy is attached to a model, so the policy is invalidated and needs to be reloaded by calling LoadPolicy().
func (*Enforcer) LoadModelSafe ¶ added in v0.3.0
LoadModelSafe calls LoadModel in a safe way, returns error instead of causing panic.
func (*Enforcer) LoadPolicy ¶ added in v0.0.2
LoadPolicy reloads the policy from file/database.
func (*Enforcer) RemoveFilteredGroupingPolicy ¶ added in v0.0.5
RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.
func (*Enforcer) RemoveFilteredPolicy ¶ added in v0.0.5
RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.
func (*Enforcer) RemoveGroupingPolicy ¶ added in v0.0.2
RemoveGroupingPolicy removes a role inheritance rule from the current policy.
func (*Enforcer) RemovePolicy ¶ added in v0.0.2
RemovePolicy removes an authorization rule from the current policy.
func (*Enforcer) SavePolicy ¶ added in v0.0.2
SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.
func (*Enforcer) SetAdapter ¶ added in v0.8.0
SetAdapter sets the current adapter.
func (*Enforcer) SetRoleManager ¶ added in v1.0.0
func (e *Enforcer) SetRoleManager(rmc rbac.RoleManagerConstructor)
SetRoleManager sets the constructor function for creating a RoleManager.