Documentation ¶
Index ¶
- Constants
- type AccessControl
- func (ac *AccessControl) AddRules(info IAccessInfo) *GrantsType
- func (ac *AccessControl) Can(info IQueryInfo) (resc bool)
- func (ac *AccessControl) CanAnd(info IQueryInfo) (can bool, err error)
- func (ac *AccessControl) CanHandler(info interface{}, handler func(info interface{}) (bool, error)) (can bool, err error)
- func (ac *AccessControl) CanOr(info IQueryInfo) (can bool, err error)
- func (ac *AccessControl) CheckMap(info IQueryInfo) bool
- func (ac *AccessControl) EnsureMap(info IAccessInfo) *AccessControl
- func (ac *AccessControl) GetGrants() GrantsType
- func (ac *AccessControl) GetRules(info IQueryInfo) RulesType
- func (ac *AccessControl) Grant(grantsType2 GrantsType) *GrantsType
- func (ac *AccessControl) SetGrant(info IAccessInfo) *GrantsType
- func (ac *AccessControl) SetGrants(infos ...IAccessInfo) *GrantsType
- type ActionGrantsType
- type ActionType
- type ContextType
- type DefaultContext
- type GrantsType
- type IAccessInfo
- func (a *IAccessInfo) Set(info IAccessInfo) *IAccessInfo
- func (a *IAccessInfo) SetAction(action ActionType) *IAccessInfo
- func (a *IAccessInfo) SetResource(resource ResourceType) *IAccessInfo
- func (a *IAccessInfo) SetRule(rule RulesType) *IAccessInfo
- func (a *IAccessInfo) SetSubject(subject SubjectType) *IAccessInfo
- type IQueryInfo
- type ResourceEntity
- type ResourceGrantsType
- func (r ResourceGrantsType) CreateAny(rule RulesType, resources ...ResourceType) ResourceGrantsType
- func (r ResourceGrantsType) EnsureResourceGrants(resource ResourceType)
- func (r ResourceGrantsType) Extend(ac AccessControl, subject SubjectType) ResourceGrantsType
- func (r ResourceGrantsType) GetResource(resource ResourceType) ActionGrantsType
- func (r ResourceGrantsType) Resource(resource ResourceType) ActionGrantsType
- type ResourceType
- type RuleType
- type RulesType
- type SubjectEntity
- type SubjectType
Examples ¶
Constants ¶
const ( ActionCreate = "create" ActionRead = "read" ActionUpdate = "update" ActionDelete = "delete" )
const ( ActionCreateAny = "create:any" ActionCreateOwn = "create:own" ActionReadAny = "read:any" ActionReadOwn = "read:own" ActionUpdateAny = "update:any" ActionUpdateOwn = "update:own" ActionDeleteAny = "delete:any" ActionDeleteOwn = "delete:own" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessControl ¶
type AccessControl struct {
Grants GrantsType
}
func (*AccessControl) AddRules ¶
func (ac *AccessControl) AddRules(info IAccessInfo) *GrantsType
AddRules append rules to subject
func (*AccessControl) Can ¶
func (ac *AccessControl) Can(info IQueryInfo) (resc bool)
Can check related rule
execute authorize handler get result
use goroutine
Example ¶
var ac AccessControl ac.AddRules(IAccessInfo{ Subject: "foo", Action: ActionUpdate, Resource: "bar", Rules: RulesType{MyRule{ S: "dili", R: "dala", }}, }) res := ac.Can(IQueryInfo{ Subject: "foo", Action: ActionUpdate, Resource: "bar", }) if res { fmt.Println("pass") } else { fmt.Println("deny") }
Output: dala pass
func (*AccessControl) CanAnd ¶
func (ac *AccessControl) CanAnd(info IQueryInfo) (can bool, err error)
CanAnd check related rule
execute authorize handler get result
logic: and(if any rule failed, can = false)
func (*AccessControl) CanHandler ¶
func (ac *AccessControl) CanHandler(info interface{}, handler func(info interface{}) (bool, error)) (can bool, err error)
CanHandler check related rule
execute authorize handler get result
logic: or(if any rule passed, can = true)
func (*AccessControl) CanOr ¶
func (ac *AccessControl) CanOr(info IQueryInfo) (can bool, err error)
CanOr check related rule
execute authorize handler get result
logic: or(if any rule passed, can = true)
func (*AccessControl) CheckMap ¶
func (ac *AccessControl) CheckMap(info IQueryInfo) bool
EnsureMap check if the map to visit nil, if nil, make new one
func (*AccessControl) EnsureMap ¶
func (ac *AccessControl) EnsureMap(info IAccessInfo) *AccessControl
EnsureMap check if the map to visit nil, if nil, make new one
func (*AccessControl) GetGrants ¶
func (ac *AccessControl) GetGrants() GrantsType
GetGrants get all grants within a controller
Example ¶
var foo AccessControl foo.Grant(GrantsType{"account": ResourceGrantsType{"book": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has user role"}}}}, "role": ResourceGrantsType{"project": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has primer user role"}}}}, }) fmt.Println(foo.GetGrants())
Output: map[account:map[book:map[create:[{has user role}]]] role:map[project:map[create:[{has primer user role}]]]]
func (*AccessControl) GetRules ¶
func (ac *AccessControl) GetRules(info IQueryInfo) RulesType
GetRules get rules to subject
func (*AccessControl) Grant ¶
func (ac *AccessControl) Grant(grantsType2 GrantsType) *GrantsType
Example ¶
var ac AccessControl ac.Grant(GrantsType{}) fmt.Println(ac) grants := ac.Grants grants["test"] = ResourceGrantsType{} fmt.Println(ac)
Output: {map[]} {map[test:map[]]}
func (*AccessControl) SetGrant ¶
func (ac *AccessControl) SetGrant(info IAccessInfo) *GrantsType
SetGrant set one info for ac
Example ¶
var ac AccessControl ac.Grants = make(GrantsType) var info IAccessInfo info = IAccessInfo{ Subject: "sub", Action: "act", Resource: "res", Rules: RulesType{FooRule{tips: "1"}, FooRule{tips: "2"}, FooRule{tips: "3"}}, } res, err := json.Marshal(ac) if err != nil { log.Fatal(err) } else { os.Stdout.Write(res) } //encoding.TextMarshaler() ac.SetGrant(info) res, err = json.Marshal(ac) if err != nil { log.Fatal(err) } else { os.Stdout.Write(res) } fmt.Println(ac)
Output: {"Grants":{}}{"Grants":{"sub":{"res":{"act":[{},{},{}]}}}}{map[sub:map[res:map[act:[{1} {2} {3}]]]]}
func (*AccessControl) SetGrants ¶
func (ac *AccessControl) SetGrants(infos ...IAccessInfo) *GrantsType
SetGrants set multi infos for ac
type ActionGrantsType ¶
type ActionGrantsType map[ActionType]RulesType
func (ActionGrantsType) Action ¶
func (a ActionGrantsType) Action(action ActionType) RulesType
Action get all rules of a certain action
func (ActionGrantsType) GetAction ¶
func (a ActionGrantsType) GetAction(action ActionType) RulesType
GetAction get all rules of a certain action
Example ¶
var foo AccessControl var subject1 = SubjectType("account") foo.Grant(GrantsType{"account": ResourceGrantsType{"book": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has user role"}}}}, "role": ResourceGrantsType{"project": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has primer user role"}}}}, }) fmt.Println(foo.GetGrants().GetSubject(subject1).GetResource("book").GetAction(ActionDelete)) fmt.Println(foo.GetGrants().GetSubject(subject1).GetResource("book").GetAction(ActionCreate))
Output: [] [{has user role}]
type ActionType ¶
type ActionType string
func (ActionType) IsZero ¶
func (aT ActionType) IsZero() bool
IsZero check whether a variable of ResourceType is zero
type ContextType ¶
type ContextType interface {
Value(key interface{}) interface{}
}
type DefaultContext ¶
type DefaultContext map[string]interface{}
func (*DefaultContext) Deadline ¶
func (c *DefaultContext) Deadline() (deadline time.Time, ok bool)
Deadline always returns that there is no deadline (ok==false),
func (*DefaultContext) Done ¶
func (c *DefaultContext) Done() <-chan struct{}
Done always returns nil (chan which will wait forever),
func (*DefaultContext) Err ¶
func (c *DefaultContext) Err() error
Err always returns nil, maybe you want to use Request.Context().Err() instead.
func (DefaultContext) Value ¶
func (c DefaultContext) Value(key interface{}) interface{}
Value will return value for the key in context
type GrantsType ¶
type GrantsType map[SubjectType]ResourceGrantsType
func (GrantsType) GetSubject ¶
func (g GrantsType) GetSubject(subject SubjectType) ResourceGrantsType
GetSubject get grants of a certain subject
Example ¶
var foo AccessControl var subject1 = SubjectType("account") foo.Grant(GrantsType{"account": ResourceGrantsType{"book": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has user role"}}}}, "role": ResourceGrantsType{"project": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has primer user role"}}}}, }) fmt.Println(foo.GetGrants().GetSubject(subject1))
Output: map[book:map[create:[{has user role}]]]
func (GrantsType) Subject ¶
func (g GrantsType) Subject(subject SubjectType) ResourceGrantsType
Subject get grants of a certain subject
type IAccessInfo ¶
type IAccessInfo struct { Subject SubjectType `json:"subject,omitempty" example:"user"` Action ActionType `json:"action,omitempty" example:"delete"` Resource ResourceType `json:"resource,omitempty" example:"blog"` Rules RulesType `json:"rules"` }
func (*IAccessInfo) Set ¶
func (a *IAccessInfo) Set(info IAccessInfo) *IAccessInfo
func (*IAccessInfo) SetAction ¶
func (a *IAccessInfo) SetAction(action ActionType) *IAccessInfo
func (*IAccessInfo) SetResource ¶
func (a *IAccessInfo) SetResource(resource ResourceType) *IAccessInfo
func (*IAccessInfo) SetRule ¶
func (a *IAccessInfo) SetRule(rule RulesType) *IAccessInfo
func (*IAccessInfo) SetSubject ¶
func (a *IAccessInfo) SetSubject(subject SubjectType) *IAccessInfo
type IQueryInfo ¶
type IQueryInfo struct { Subject SubjectType `json:"subject,omitempty" example:"user"` Action ActionType `json:"action,omitempty" example:"delete"` Resource ResourceType `json:"resource,omitempty" example:"blog"` Context ContextType `json:"context,omitempty" example:"blog"` }
type ResourceEntity ¶
type ResourceEntity interface{}
type ResourceGrantsType ¶
type ResourceGrantsType map[ResourceType]ActionGrantsType
func (ResourceGrantsType) CreateAny ¶
func (r ResourceGrantsType) CreateAny(rule RulesType, resources ...ResourceType) ResourceGrantsType
CreateAny
func (ResourceGrantsType) EnsureResourceGrants ¶
func (r ResourceGrantsType) EnsureResourceGrants(resource ResourceType)
func (ResourceGrantsType) Extend ¶
func (r ResourceGrantsType) Extend(ac AccessControl, subject SubjectType) ResourceGrantsType
Extend extend resourceGrants to ac
Example ¶
var ac = AccessControl{} ac.Grants = make(GrantsType) ac.Grants.Subject("foo").CreateAny(RulesType{}, "bar", "foo").Extend(ac, "bar") fmt.Println(ac)
Output: {map[bar:map[bar:map[create:any:[]] foo:map[create:any:[]]] foo:map[bar:map[create:any:[]] foo:map[create:any:[]]]]}
func (ResourceGrantsType) GetResource ¶
func (r ResourceGrantsType) GetResource(resource ResourceType) ActionGrantsType
GetResource get grants of a certain resource
Example ¶
var foo AccessControl var subject1 = SubjectType("account") foo.Grant(GrantsType{"account": ResourceGrantsType{"book": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has user role"}}}}, "role": ResourceGrantsType{"project": ActionGrantsType{ActionCreate: RulesType{FooRule{tips: "has primer user role"}}}}, }) fmt.Println(foo.GetGrants().GetSubject(subject1).GetResource("book"))
Output: map[create:[{has user role}]]
func (ResourceGrantsType) Resource ¶
func (r ResourceGrantsType) Resource(resource ResourceType) ActionGrantsType
Resource get grants of a certain resource
type ResourceType ¶
type ResourceType string
func (ResourceType) IsZero ¶
func (rT ResourceType) IsZero() bool
IsZero check whether a variable of ResourceType is zero
type RuleType ¶
type RuleType interface { JudgeRule() (bool, error) ProcessContext(ctx ContextType) }
type SubjectEntity ¶
type SubjectEntity interface{}
type SubjectType ¶
type SubjectType string
func (SubjectType) IsZero ¶
func (sT SubjectType) IsZero() bool
IsZero check whether a variable of SubjectType is zero