gauthfun

command module

v0.0.0-...-6450484 Latest Latest Go to latest Published: Sep 4, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/authfun/gauthfun

Links

Open Source Insights

README ¶

gauthfun

RBAC system with tenants and patterns.

How to use

Download package

go mod tidy

Modiy config.toml

[service]
port = 8080

[mysql]
user = "{user}"
password = "{password}"
host = "{host}"
port = 3306
db_name = "{db_name}"

Start the process

go run main.go

Basic Design

Policy template

p, sub, dom, obj, act
Group template

g, user, role, dom

g, member, group, dom
Feature holds obj, it should be a policy, like:

p, feature, *, menu, * # all domains with all acts

p, feature, dom, menu, * # specific domain with all acts

p, feature, dom, /api/item, GET # specific domain with specific act
Feature inherits feature, it should be a relation or group, like:

g, feature, parent-feature, * # all domains

g, feature, parent-feature, dom # specific domain
Role inherits role, it should be a relation or group, like:

g, role, parent-role, * # all domains

g, role, parent-role, dom # specific domain
Role has features, it should be a relation or group, like:

g, role, feature, * # all domains

g, role, feature, dom # specific domain
User has roles, it should be a relation or group, like:

g, user, role, * # all domains

g, user, role, dom # specific domain
User in organizations, it should be a relation or group, like:

g, user, org, * # all domains

g, user, org, dom # specific domain
Organization binds roles, it should be a relation or group, like:

g, org, role, * # all domains

g, org, role, dom # specific domain

Permission chain

A user has a role, the role has a feature, the feature holds an obj, then the user could access the obj.

# cross domain
p, feature, *, menu, *
p, feature, *, /api/items, GET
g, role, feature, *
g, user, role, *

user, dom, menu, * -> true
user, dom, /api/items, GET -> true  
user, *, menu, * -> true
user, *, /api/items, GET -> true  

# specific domain
p, feature, dom, menu, *
p, feature, dom, /api/items, GET
g, role, feature, dom
g, user, role, dom

user, dom, menu, * -> true
user, dom, /api/items, GET -> true  
user, *, menu, * -> false
user, *, /api/items, GET -> false
user, dom1, menu, * -> false
user, dom1, /api/items, GET -> false

A user in an organization, the organization binds a role, the role has a feature, the feature holds an obj, then the user could access the obj.

# cross domain
p, feature, *, menu, *
p, feature, *, /api/items, GET
g, role, feature, *
g, org, role, *
g, user, org, *

user, dom, menu, * -> true
user, dom, /api/items, GET -> true  
user, *, menu, * -> true
user, *, /api/items, GET -> true  

# specific domain
p, feature, dom, menu, *
p, feature, dom, /api/items, GET
g, role, feature, dom
g, org, role, dom
g, user, org, dom  

user, dom, menu, * -> true
user, dom, /api/items, GET -> true  
user, *, menu, * -> false
user, *, /api/items, GET -> false
user, dom1, menu, * -> false
user, dom1, /api/items, GET -> false

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
casbin
config
consts
database
docs Package docs GENERATED BY THE COMMAND ABOVE; DO NOT EDIT This file was generated by swaggo/swag	Package docs GENERATED BY THE COMMAND ABOVE; DO NOT EDIT This file was generated by swaggo/swag
model
router
schema
service
util

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL