README
¶
说明
GIN + ENT/SQLX + CASBIN + WIRE + I18N
为了保持系统精简性(目前数据库处理只使用SQLX), 暂时移除了ENT相关的内容, 结构暂时保留
Documentation
¶
Index ¶
- Variables
- func AudienceMatchFunc(args ...interface{}) (interface{}, error)
- func ConvertMapToArray(data *map[string]map[string][]string) *[][]string
- func CustomMatchFunc(args ...interface{}) (interface{}, error)
- func DomainMatch(key1 string, key2 string) bool
- func DomainMatchFunc(args ...interface{}) (interface{}, error)
- func HasPrefixFunc(args ...interface{}) (interface{}, error)
- func HasSuffixFunc(args ...interface{}) (interface{}, error)
- func MethodMatchFunc(args ...interface{}) (interface{}, error)
- type Adapter
- func (a *Adapter) AddPolicies(sec string, ptype string, rules [][]string) (err error)
- func (a *Adapter) AddPolicy(sec string, ptype string, rule []string) (err error)
- func (a *Adapter) LoadPolicy(m model.Model) error
- func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (err error)
- func (a *Adapter) RemovePolicies(sec string, ptype string, rules [][]string) (err error)
- func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) (err error)
- func (a *Adapter) SavePolicy(model model.Model) (err error)
- type Auther
- func (a *Auther) AuthCasbinMiddlewareByOrigin(c res.Context, conf config.Casbin, ...)
- func (a *Auther) ClearEnforcer(force bool, org string)
- func (a *Auther) GetEnforcer(c res.Context, user auth.UserInfo, svc, org string) (*casbin.SyncedEnforcer, error)
- func (a *Auther) GetEnforcer2(c res.Context, user auth.UserInfo, cached *Enforcer, svc, org, key, ver string) (*casbin.SyncedEnforcer, error)
- func (a *Auther) GetUserRole(c res.Context, user auth.UserInfo, svc, org string) (role string, err error)
- func (a *Auther) IsPassPermission(c res.Context, user auth.UserInfo, svc, org string) (bool, error)
- func (a *Auther) UseAuthBasicMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
- func (a *Auther) UseAuthCasbinMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
- func (a *Auther) UseAuthCasbinMiddlewareByOrigin(xget func(res.Context, string) (string, error), skippers ...res.SkipperFunc) res.HandlerFunc
- type Enforcer
- type Implor
- type Object
- type Policy
- type Rule
- type Subject
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // PolicyModel casbin使用的对比模型 PolicyModel = `` /* 233-byte string literal not displayed */ // DefaultMatcher casbin使用的对比模型 DefaultMatcher = `` /* 204-byte string literal not displayed */ )
View Source
var ( // CachedExpireAt 缓存定时器刷新时间 CachedExpireAt = 4 * time.Minute // EnforcerCheckAt 引擎检测版本时间 EnforcerCheckAt = 2 * time.Minute // EnforcerExpireAt 引擎标记过期时间 EnforcerExpireAt = 8 * time.Minute // ServiceCodeExpireAt 服务缓存过期时间 ServiceCodeExpireAt = 2 * time.Minute // ServiceTenantExpireAt 租户缓存过期时间 ServiceTenantExpireAt = 2 * time.Minute )
View Source
var ( // SvcRoleKey 角色配置 SvcRoleKey = "X-Request-Svc-%s-Role" // "X-Request-Svc-[service name]-Role" // SysRoleKey 系统平台角色 SysRoleKey = "X-Request-Sys-Role" // SvcPublic 公共服务 SvcPublic = "pub-" // RolePrefix 角色 RolePrefix = "r:" // UserPrefix 用户 UserPrefix = "u:" // PolicyPrefix 策略 PolicyPrefix = "p:" // ActionPrefix 策略 ActionPrefix = "a:" // SourcePrefix 策略 SourcePrefix = "s:" )
Functions ¶
func AudienceMatchFunc ¶
func AudienceMatchFunc(args ...interface{}) (interface{}, error)
AudienceMatchFunc func
func ConvertMapToArray ¶
ConvertMapToArray ...
func CustomMatchFunc ¶
func CustomMatchFunc(args ...interface{}) (interface{}, error)
CustomMatchFunc func
func DomainMatchFunc ¶
func DomainMatchFunc(args ...interface{}) (interface{}, error)
DomainMatchFunc func
func HasPrefixFunc ¶
func HasPrefixFunc(args ...interface{}) (interface{}, error)
HasPrefixFunc func
func HasSuffixFunc ¶
func HasSuffixFunc(args ...interface{}) (interface{}, error)
HasSuffixFunc func
func MethodMatchFunc ¶
func MethodMatchFunc(args ...interface{}) (interface{}, error)
MethodMatchFunc func
Types ¶
type Adapter ¶
type Adapter struct {
DB2 *sqlx.DB // database
Tbl string //table name
Mid int64 // model id
Ver string // model ver
Enable bool // 是否启用适配器
}
Adapter 适配器
func NewCasbinAdapter ¶
NewCasbinAdapter is the constructor for Adapter with existed connection
func (*Adapter) AddPolicies ¶
AddPolicies adds policy rules to the storage. This is part of the Auto-Save feature.
func (*Adapter) LoadPolicy ¶
LoadPolicy loads policy from database.
func (*Adapter) RemoveFilteredPolicy ¶
func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (err error)
RemoveFilteredPolicy removes policy rules that match the filter from the storage.
func (*Adapter) RemovePolicies ¶
RemovePolicies removes policy rules from the storage. This is part of the Auto-Save feature.
func (*Adapter) RemovePolicy ¶
RemovePolicy removes a policy rule from the storage.
type Auther ¶
type Auther struct {
Implor Implor
CachedEnforcer map[string]*Enforcer // 验证器
CachedExpireAt time.Time // 刷新时间
Mutex sync.RWMutex // 同步锁
}
Auther 权限管理
func (*Auther) AuthCasbinMiddlewareByOrigin ¶
func (a *Auther) AuthCasbinMiddlewareByOrigin(c res.Context, conf config.Casbin, xget func(res.Context, string) (string, error))
UseAuthCasbinMiddlewareByOrigin 用户授权中间件
func (*Auther) ClearEnforcer ¶
ClearEnforcer 清理缓存 缓存全部情况后, 引擎立即完成刷新操作
func (*Auther) GetEnforcer ¶
func (a *Auther) GetEnforcer(c res.Context, user auth.UserInfo, svc, org string) (*casbin.SyncedEnforcer, error)
GetEnforcer 获取验证控制器
func (*Auther) GetEnforcer2 ¶
func (a *Auther) GetEnforcer2(c res.Context, user auth.UserInfo, cached *Enforcer, svc, org, key, ver string) (*casbin.SyncedEnforcer, error)
GetEnforcer2 获取验证控制器
func (*Auther) GetUserRole ¶
func (a *Auther) GetUserRole(c res.Context, user auth.UserInfo, svc, org string) (role string, err error)
GetUserRole 获取验证控制器
func (*Auther) IsPassPermission ¶
IsPassPermission 跳过权限判断 确定管理员身份, 这里是否担心管理员身份被篡改?如果签名密钥泄漏, 会发生签名篡改问题, 所以需要保密服务器签名密钥
func (*Auther) UseAuthBasicMiddleware ¶
func (a *Auther) UseAuthBasicMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
UseAuthBasicMiddleware 用户授权中间件, 只判定登录权限
func (*Auther) UseAuthCasbinMiddleware ¶
func (a *Auther) UseAuthCasbinMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
UseAuthCasbinMiddleware 用户授权中间件
type Enforcer ¶
type Enforcer struct {
Enforcer *casbin.SyncedEnforcer // 验证器
ExpireAt time.Time // 过期时间
CheckAt time.Time // 刷新时间
Version string // 验证版本
Mutex sync.RWMutex // 同步锁
Check bool
}
Enforcer 验证器
type Implor ¶
type Implor interface {
GetAuther() auth.Auther
GetStorer() res.Storer
GetTable() string
GetSqlx2() *sqlx.DB
GetSuperUserCode() string
GetPlatformCode() string
UpdateModelEnable(mid int64) error
GetClientIP(ctx res.Context) string
GetClientUA(ctx res.Context) string
QueryPolicies(ctx res.Context, org, ver string) (*Policy, error)
QueryServiceCode(ctx res.Context, user auth.UserInfo, host, path, org string) (string, int64, error)
CheckTenantService(ctx res.Context, user auth.UserInfo, org, svc string, sid int64) (bool, error)
SetHeader(ctx res.Context, key, value string)
SetUserInfo(ctx res.Context, usr auth.UserInfo)
ResError(ctx res.Context, err *res.ErrorModel)
FixError(ctx res.Context, status int, err error, fun func()) bool
}
Implor 外部需要实现的接口
type Policy ¶
type Policy struct {
Mid int64
Ver string
New bool // 重新构建
ModelText string // 模型声明
Grouping map[string]map[string]bool // 角色声明
Policies map[string]map[string][]string // 策略声明
Version string // 策略版本
}
Policy 策略
type Rule ¶
type Rule struct {
Mid int64 `db:"mid"`
Ver string `db:"ver"`
PT string `db:"p_type"`
V0 sql.NullString `db:"v0"`
V1 sql.NullString `db:"v1"`
V2 sql.NullString `db:"v2"`
V3 sql.NullString `db:"v3"`
V4 sql.NullString `db:"v4"`
V5 sql.NullString `db:"v5"`
V6 sql.NullString `db:"v6"`
V7 sql.NullString `db:"v7"`
V8 sql.NullString `db:"v8"`
V9 sql.NullString `db:"v9"`
CT sql.NullTime `db:"created_at"`
}
Rule ...
Source Files
Click to show internal directories.
Click to hide internal directories.