Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BasePermission ¶
func BasePermission(h HasPermer) func(perm string) ElementFunc
BasePermission returns a generator to create simple Elements that only check one permission.
Types ¶
type Datastore ¶
type Datastore interface { GetMany([]string) map[string]json.RawMessage GetAll() map[string]json.RawMessage }
Datastore gives the restricter the full.
type Element ¶
type Element interface {
Restrict(int, json.RawMessage) (json.RawMessage, error)
}
Element knows how to restrict one element. TODO: Find a better name.
type ElementFunc ¶
type ElementFunc func(int, json.RawMessage) (json.RawMessage, error)
ElementFunc converts a simple element restricter func to a element restricter.
var ForAll ElementFunc = func(_ int, data json.RawMessage) (json.RawMessage, error) { return data, nil }
ForAll gets read access for everybody.
func (ElementFunc) Restrict ¶
func (f ElementFunc) Restrict(u int, data json.RawMessage) (json.RawMessage, error)
Restrict calls the ElementFunc.
type HasPermer ¶
type HasPermer interface { HasPerm(uid int, perm string) bool IsSuperadmin(uid int) bool InGroups(uid int, groups []int) bool UserRequired(uid int) []string Get(collection string, id int, v interface{}) error ConfigValue(key string, v interface{}) error }
HasPermer tells if a user has a specific perm.
type Restricter ¶
type Restricter struct {
// contains filtered or unexported fields
}
Restricter can restrict some data for an user.
func New ¶
func New(datastore Datastore, elements map[string]Element) *Restricter
New initializes a Restricter.
func (*Restricter) Restrict ¶
func (r *Restricter) Restrict(uid int, data map[string]json.RawMessage)
Restrict changes the data for the given user. If the user is now allowed to see an element at all, it is replaced with nil.
Click to show internal directories.
Click to hide internal directories.