acl

package

v0.0.0-...-4f45e5f Latest Latest Go to latest Published: Nov 20, 2024 License: BSD-2-Clause Imports: 4 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rveen/golib

Links

Open Source Insights

README ¶

Simple access control library

See the API documentation.

Configuration file format

There are two sections. The rules section has the format

who resource operation allow/deny

The groups section creates groups of people, or groups of groups:

group subgroup subgroup ...

Where subgroup can be a user.

# A comment
[rules]
* * * -
* /static *
purchasing /dept/purchasing *

[groups]
purchasing john alice bob

All rules are checked, in the same order as written.

Paths (resources) refer to one or several consecutive path elements, not parts of them. For example:

* /static *

allows all people to access the URLs "/static" and "/static/*", but not "/static2". There is no support for wildcards or partial path elements.

In absence of rules, the default is to allow anything to all.

Documentation ¶

Overview ¶

Acl implements a simple role based access control

Configuration file format:

# A comment [rules] * * * - # deny all to all, to start with purchasing /purchasing/* * +

[groups] name group1 group2 ...

All rules are checked in order.

Index ¶

type ACL
- func New(filename string) (*ACL, error)
type Rule

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ACL ¶

type ACL struct {
	// contains filtered or unexported fields
}

ACL contains rules and groups for implementing an access control list

func New ¶

func New(filename string) (*ACL, error)

New creates a new Acl object, either from a configuration file, or empty if an empty string is given as argument.

func (*ACL) AddGroup ¶

func (acl *ACL) AddGroup(sub, group string)

func (*ACL) AddRule ¶

func (acl *ACL) AddRule(sub, obj, op string, pol bool)

func (*ACL) Enforce ¶

func (acl *ACL) Enforce(sub, obj, op string) bool

Enforce checks the ACL for a specific resource and user, and returns true if access is granted.

func (*ACL) InGroup ¶

func (acl *ACL) InGroup(sub, group string) bool

InGroup checks whether the first argument is part of the group given as second argument

func (*ACL) Reload ¶

func (acl *ACL) Reload() error

Reload is meant to be called by a file watcher that monitors the ACL definition file for changes.

type Rule ¶

type Rule struct {
	Subject   string
	Object    string
	Operation string
	Polarity  bool
	Prefix    bool
}

Source Files ¶

View all Source files

acl.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL