permission

package
v0.1.1-beta.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2023 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package permission implements all the permission data malipulating and generic access matching.

Index

Examples

Constants

View Source 
const (
	AccessFull      = 1
	AccessNo        = 0
	AccessWithLimit = 2
)

Variables

This section is empty.

Functions

func AssignToUser 

func AssignToUser(ctx context.Context, roleID int, userID int) error

AssignToUser assigns a role to a user

func CanCreate 

func CanCreate(ctx context.Context, parent contenttype.ContentTyper, contenttype string, fields []string, userId int) bool

support keys: contenttype, id(parent locaton id), under, parent author(include "self")

func CanDelete 

func CanDelete(ctx context.Context, content contenttype.ContentTyper, userId int) bool

support keys: contenttype, id(locaton id), under, author(include "self")

func CanRead 

func CanRead(ctx context.Context, userID int, content contenttype.ContentTyper) bool

If the use can read the content support keys: contenttype, id(locaton id), under, author(include "self")

func CanUpdate 

func CanUpdate(ctx context.Context, content contenttype.ContentTyper, fields []string, userId int) bool

support keys: contenttype, id(locaton id), under, author(include "self")

func GetListCondition 

func GetListCondition(ctx context.Context, userID int, contentType string, parent contenttype.ContentTyper) db.Condition

add condition from permission. so if matched with limit, add that limit to condition if matches with a empty limit(if there is), return empty(meaning no limit) if doesn't match, return a False condition(no result in query)

func GetPolicyDefinition 

func GetPolicyDefinition() map[string]PolicyList

func GetPolicyLocation 

func GetPolicyLocation(id int) contenttype.Location

func GetRoles 

func GetRoles() []string

func GetUpdateFields 

func GetUpdateFields(ctx context.Context, content contenttype.ContentTyper, userId int) ([]string, error)

func GetUserAccess 

func GetUserAccess(ctx context.Context, userID int, operation string) (AccessType, []AccessLimit, error)

Get user's limits. empty result means no access - not no limit, while a empty limit(empty map) in the slice means no limit(can do anything) return access list, access type, error if accessType is AccessWithLimit, there must be valid values in the access list

func HasAccessTo 

func HasAccessTo(ctx context.Context, userID int, operation string, targetData ...MatchData) bool

If the user has acccess given data(targetData here) If realData is empty, just check if the user has given operation(can be full access or partly access to that operation)

Example 
currentData := map[string]interface{}{"contenttype": "folder"}

//2 is a member
result := HasAccessTo(context.Background(), 2, "content/read", currentData)
fmt.Println(result)

Output:

true

func InitPolicyContext 

func InitPolicyContext(ctx context.Context, userID int) (context.Context, error)

InitPolicyContext cache the policies into provided context

func LoadPolicies 

func LoadPolicies() error

func RemoveAssignment 

func RemoveAssignment(ctx context.Context, userID int, role string) error

RemoveAssignment removes a user from role assignment

Types

type AccessLimit 

type AccessLimit map[string]interface{}

func AccessMatched 

func AccessMatched(ctx context.Context, userID int, operation string, targetData ...MatchData) (bool, AccessLimit)

if it returns true, also it return the matched limit, false doesn't return limit. also full access doesn't return

func GetLimitsFromPolicy 

func GetLimitsFromPolicy(policyList []Policy, operation string) []AccessLimit

GetLimitsFromPolicy gets all limits from a policies

type AccessType 

type AccessType int

type MatchData 

type MatchData map[string]interface{}

type Policy 

type Policy struct {
	Operation []string    `json:"operation"`
	LimitedTo AccessLimit `json:"limited_to"` //todo: use a type Limitations/Limits?
}

func GetRolePolicies 

func GetRolePolicies(ctx context.Context, role string) []Policy

GetRolePolicies returns policies of role ids

func GetUserPolicies 

func GetUserPolicies(ctx context.Context, userID int) ([]Policy, error)

GetUserPolicies returns policies of a user, if it's already cached in the context, return it. todo: Will be a powerful to support variables in policies. eg:under:"{role.under}", contenttype: "role.contenttypes" todo: Support field condition, eg: {"contenttype": "article","field_category": "news"} - policy that a user can read article whose category is news.

type PolicyList 

type PolicyList []Policy

Policy collection. For merge Policy list, use []Policy

type Role 

type Role struct {
	ID         int            `boil:"id" json:"id" toml:"id" yaml:"id"`
	Identifier string         `boil:"identifier" json:"identifier" toml:"identifier" yaml:"identifier"`
	Parameters fieldtypes.Map `boil:"parameters" json:"parameters" toml:"parameters" yaml:"parameters"`
}

type UserRole 

type UserRole struct {
	ID     int `boil:"id" json:"id" toml:"id" yaml:"id"`
	UserID int `boil:"user_id" json:"user_id" toml:"user_id" yaml:"user_id"`
	RoleID int `boil:"role_id" json:"role_id" toml:"role_id" yaml:"role_id"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.