abac

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 7, 2025 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func And 

func And(conditions ...func(ctx context.Context, user *auth.User, resource, action string) bool) func(ctx context.Context, user *auth.User, resource, action string) bool

And 组合多个条件,全部满足返回true

func HasAllRoles 

func HasAllRoles(roles ...string) func(ctx context.Context, user *auth.User, resource, action string) bool

HasAllRoles 检查用户是否拥有所有角色

func HasAnyRole 

func HasAnyRole(roles ...string) func(ctx context.Context, user *auth.User, resource, action string) bool

HasAnyRole 检查用户是否拥有任一角色

func HasPermission 

func HasPermission(permission string) func(ctx context.Context, user *auth.User, resource, action string) bool

HasPermission 检查用户是否拥有权限

func HasRole 

func HasRole(role string) func(ctx context.Context, user *auth.User, resource, action string) bool

HasRole 检查用户是否拥有某个角色

func IsOwner 

func IsOwner(resourceIDExtractor func(string) string) func(ctx context.Context, user *auth.User, resource, action string) bool

IsOwner 检查用户是否为资源所有者

func Not 

func Not(condition func(ctx context.Context, user *auth.User, resource, action string) bool) func(ctx context.Context, user *auth.User, resource, action string) bool

Not 取反条件

func Or 

func Or(conditions ...func(ctx context.Context, user *auth.User, resource, action string) bool) func(ctx context.Context, user *auth.User, resource, action string) bool

Or 组合多个条件,任一满足返回true

func ResourceBelongsToSameGroup 

func ResourceBelongsToSameGroup(userGroupKey, resourceGroupExtractor func(string) string) func(ctx context.Context, user *auth.User, resource, action string) bool

ResourceBelongsToSameGroup 检查资源是否属于相同组

Types

type ABACAuthorizer 

type ABACAuthorizer struct {
	// contains filtered or unexported fields
}

ABACAuthorizer 基于属性的访问控制授权器

func NewABACAuthorizer 

func NewABACAuthorizer(opts ...ABACOption) *ABACAuthorizer

NewABACAuthorizer 创建新的ABAC授权器

func (*ABACAuthorizer) AddPolicies 

func (a *ABACAuthorizer) AddPolicies(policies ...Policy)

AddPolicies 批量添加策略

func (*ABACAuthorizer) AddPolicy 

func (a *ABACAuthorizer) AddPolicy(policy Policy)

AddPolicy 添加策略

func (*ABACAuthorizer) Authorize 

func (a *ABACAuthorizer) Authorize(ctx context.Context, user *auth.User, resource string, action string) (bool, error)

Authorize 检查用户是否有权限执行特定操作

func (*ABACAuthorizer) ClearPolicies 

func (a *ABACAuthorizer) ClearPolicies()

ClearPolicies 清除所有策略

func (*ABACAuthorizer) RemovePolicy 

func (a *ABACAuthorizer) RemovePolicy(name string)

RemovePolicy 移除策略

type ABACOption 

type ABACOption func(a *ABACAuthorizer)

ABACOption 授权器选项

func WithWildcardChar 

func WithWildcardChar(char string) ABACOption

WithWildcardChar 设置通配符

type Policy 

type Policy struct {
	// Name 策略名称
	Name string

	// Resource 资源名称或模式
	Resource string

	// Action 操作名称或模式
	Action string

	// Condition 条件函数,返回true表示满足
	Condition func(ctx context.Context, user *auth.User, resource, action string) bool
}

Policy 表示访问策略规则

type PolicyBuilder 

type PolicyBuilder struct {
	// contains filtered or unexported fields
}

PolicyBuilder 策略构建器

func NewPolicyBuilder 

func NewPolicyBuilder(name string) *PolicyBuilder

NewPolicyBuilder 创建新的策略构建器

func (*PolicyBuilder) Build 

func (b *PolicyBuilder) Build() Policy

Build 构建策略

func (*PolicyBuilder) ForAction 

func (b *PolicyBuilder) ForAction(action string) *PolicyBuilder

ForAction 设置操作

func (*PolicyBuilder) ForResource 

func (b *PolicyBuilder) ForResource(resource string) *PolicyBuilder

ForResource 设置资源

func (*PolicyBuilder) WithCondition 

func (b *PolicyBuilder) WithCondition(condition func(ctx context.Context, user *auth.User, resource, action string) bool) *PolicyBuilder

WithCondition 设置条件

type SimpleABACProvider 

type SimpleABACProvider struct {
	// contains filtered or unexported fields
}

SimpleABACProvider 简单的ABAC提供器

func NewSimpleABACProvider 

func NewSimpleABACProvider() *SimpleABACProvider

NewSimpleABACProvider 创建新的简单ABAC提供器

func (*SimpleABACProvider) AddPolicy 

func (p *SimpleABACProvider) AddPolicy(policy Policy) *SimpleABACProvider

AddPolicy 添加策略

func (*SimpleABACProvider) Build 

func (p *SimpleABACProvider) Build() *ABACAuthorizer

Build 构建授权器

func (*SimpleABACProvider) DefaultPolicies 

func (p *SimpleABACProvider) DefaultPolicies() *SimpleABACProvider

DefaultPolicies 添加默认策略

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.