initializer

package

v0.0.10 Latest Latest Go to latest Published: Feb 14, 2026 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aruncs31s/azf

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AddRolePolicy(role, resource, action string) bool
func AssignRoleToUser(user, role string) bool
func CheckPermission(user, resource, action string) bool
func GetCasbinEnforcer() *casbin.Enforcer
func GetRolesForUser(user string) []string
func InitCasbin() error
func InitLocalDB(db *gorm.DB)
func IsCasbinInitialized() bool
func RemoveRoleFromUser(user, role string) bool
func RemoveRolePolicy(role, resource, action string) bool
type Manager
- func NewAndInitManager(tempDB *gorm.DB, casbinEnforcer *casbin.Enforcer, zapLogger *zap.Logger) (*Manager, error)
- func NewManager(db *gorm.DB, enforcer *casbin.Enforcer, l *zap.Logger) *Manager

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	CasbinEnforcer *casbin.Enforcer
)

View Source

var DB *gorm.DB

Functions ¶

func AddRolePolicy ¶

func AddRolePolicy(role, resource, action string) bool

AddRolePolicy adds a new role policy dynamically Example: AddRolePolicy("admin", "/api/v1/admin/staff", "POST")

func AssignRoleToUser ¶

func AssignRoleToUser(user, role string) bool

AssignRoleToUser assigns a role to a user (via their role string) Example: AssignRoleToUser("user123", "staff")

func CheckPermission ¶

func CheckPermission(user, resource, action string) bool

CheckPermission checks if a user has permission to access a resource Returns true if user has permission, false otherwise

func GetCasbinEnforcer ¶

func GetCasbinEnforcer() *casbin.Enforcer

GetCasbinEnforcer safely retrieves the initialized Casbin enforcer Returns nil if not yet initialized

func GetRolesForUser ¶

func GetRolesForUser(user string) []string

GetRolesForUser gets all roles assigned to a user

func InitCasbin ¶

func InitCasbin() error

InitCasbin initializes the Casbin enforcer with RBAC model and policy Thread-safe initialization with idempotency guard. Returns an error when initialization fails instead of terminating the process.

func InitLocalDB ¶

func InitLocalDB(db *gorm.DB)

func IsCasbinInitialized ¶

func IsCasbinInitialized() bool

IsCasbinInitialized checks if Casbin has been initialized

func RemoveRoleFromUser ¶

func RemoveRoleFromUser(user, role string) bool

RemoveRoleFromUser removes a role from a user

func RemoveRolePolicy ¶

func RemoveRolePolicy(role, resource, action string) bool

RemoveRolePolicy removes a role policy dynamically Example: RemoveRolePolicy("admin", "/api/v1/admin/staff", "POST")

Types ¶

type Manager ¶

type Manager struct {
	DB       *gorm.DB
	Enforcer *casbin.Enforcer
	// contains filtered or unexported fields
}

Manager encapsulates initialization state (DB, Casbin enforcer, logger) to avoid package-level globals. It provides thread-safe operations for Casbin and lifecycle control for DB and enforcer.

func NewAndInitManager ¶

func NewAndInitManager(
	tempDB *gorm.DB,
	casbinEnforcer *casbin.Enforcer,
	zapLogger *zap.Logger,
) (*Manager, error)

NewAndInitManager constructs a Manager and initializes DB and Casbin (using defaults). If a pre-existing casbin enforcer is provided it will be used instead of initializing from files.

func NewManager ¶

func NewManager(
	db *gorm.DB,
	enforcer *casbin.Enforcer,
	l *zap.Logger,
) *Manager

NewManager constructs a Manager. Any of the args may be nil to let the Manager initialize them later. - db: optional pre-created *gorm.DB to use (if non-nil the Manager will adopt it) - enforcer: optional pre-created *casbin.Enforcer to use - l: optional *zap.Logger; if nil the Manager will use package shared logger

func (*Manager) AddRolePolicy ¶

func (m *Manager) AddRolePolicy(role, resource, action string) (bool, error)

AddRolePolicy wraps Enforcer.AddPolicy in a safe way.

func (*Manager) AssignRoleToUser ¶

func (m *Manager) AssignRoleToUser(user, role string) (bool, error)

AssignRoleToUser adds a grouping policy (assigns role to user).

func (*Manager) CheckPermission ¶

func (m *Manager) CheckPermission(user, resource, action string) (bool, error)

CheckPermission performs an enforcement check (user, resource, action).

func (*Manager) Close ¶

func (m *Manager) Close() error

Close gracefully releases resources controlled by the Manager (e.g., DB). It will attempt to close the underlying sql.DB if available.

func (*Manager) GetEnforcer ¶

func (m *Manager) GetEnforcer() *casbin.Enforcer

GetEnforcer returns the manager's Casbin enforcer. May be nil if not initialized.

func (*Manager) GetRolesForUser ¶

func (m *Manager) GetRolesForUser(user string) ([]string, error)

GetRolesForUser returns roles assigned to a user.

func (*Manager) InitCasbin ¶

func (m *Manager) InitCasbin(modelPath, policyPath string) error

InitCasbin initializes the casbin enforcer if it does not already exist on the Manager. It accepts optional model and policy paths; if either is empty, defaults from config are used.

func (*Manager) InitLocalDB ¶

func (m *Manager) InitLocalDB(
	tempDB *gorm.DB,
) error

InitLocalDB ensures the Manager has a working *gorm.DB. If a non-nil tempDB is passed, it will be used as-is. Otherwise the Manager attempts to open a file-backed sqlite DB at /tmp/AZF_auth_z.db, falling back to an in-memory DB if the file cannot be created.

func (*Manager) RemoveRoleFromUser ¶

func (m *Manager) RemoveRoleFromUser(user, role string) (bool, error)

RemoveRoleFromUser removes a grouping policy.

func (*Manager) RemoveRolePolicy ¶

func (m *Manager) RemoveRolePolicy(role, resource, action string) (bool, error)

RemoveRolePolicy wraps Enforcer.RemovePolicy in a safe way.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL