README
¶
rbac
a Role and Resource Based Access Control implementation in golang
Installation
go get github.com/jacexh/rbac
Example
rbac := NewRBAC()
qa := NewSimpleRole("qa")
deployment := NewSimpleResource("deployment")
qa.Grant(deployment, PermissionGet, PermissionUpdate)
rbac.RegisterRole(qa)
rbac.Permit(qa, deployment.ID(), PermissionGet)
Documentation
¶
Index ¶
- type Permission
- type RBAC
- type Resource
- type ResourceID
- type Role
- type RoleID
- type SimpleResource
- type SimpleRole
- func (role *SimpleRole) Deny(rid ResourceID, permissions ...Permission)
- func (role *SimpleRole) Grant(res Resource, permissions ...Permission) error
- func (role *SimpleRole) ID() RoleID
- func (role *SimpleRole) Permissions() map[ResourceID][]Permission
- func (role *SimpleRole) Permit(res ResourceID, per Permission) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Permission ¶
type Permission string
Permission ...
const ( // PermissionAny build-in permission PermissionAny Permission = "*" // PermissionCreate build-in permission PermissionCreate Permission = "create" // PermissionUpdate build-in permission PermissionUpdate Permission = "update" // PermissionGet build-in permission PermissionGet Permission = "get" // PermissionDelete build-in permission PermissionDelete Permission = "delete" )
type RBAC ¶
type RBAC struct {
RoleImpl func(RoleID) Role
ResourceImpl func(ResourceID) Resource
// contains filtered or unexported fields
}
RBAC Role&&Role Based Access Control Model
func (*RBAC) MarshalJSON ¶
MarshalJSON implement of json.Marshaller
func (*RBAC) Permit ¶
func (rbac *RBAC) Permit(rid RoleID, resID ResourceID, perm Permission) (bool, error)
Permit retrue ture or false that this role got the permission of resource
func (*RBAC) RegisterRole ¶
RegisterRole add new role to rbac
func (*RBAC) UnmarshalJSON ¶
UnmarshalJSON implement of json.Unmarshaller
type Resource ¶
type Resource interface {
ID() ResourceID
}
Resource resource interface
func NewSimpleResource ¶
func NewSimpleResource(id ResourceID) Resource
NewSimpleResource factory method of SimpleResource
type Role ¶
type Role interface {
ID() RoleID
Grant(Resource, ...Permission) error
Deny(ResourceID, ...Permission)
Permissions() map[ResourceID][]Permission
Permit(ResourceID, Permission) bool
}
Role role interface
type SimpleResource ¶
type SimpleResource struct {
// contains filtered or unexported fields
}
SimpleResource a simple resource implement of Resource interface
type SimpleRole ¶
type SimpleRole struct {
// contains filtered or unexported fields
}
SimpleRole a simple role implement of Role interface
func (*SimpleRole) Deny ¶
func (role *SimpleRole) Deny(rid ResourceID, permissions ...Permission)
Deny remove these permissions from the resource
func (*SimpleRole) Grant ¶
func (role *SimpleRole) Grant(res Resource, permissions ...Permission) error
Grant grant these permissions to the resource
func (*SimpleRole) Permissions ¶
func (role *SimpleRole) Permissions() map[ResourceID][]Permission
Permissions return all permissions granted to the role
func (*SimpleRole) Permit ¶
func (role *SimpleRole) Permit(res ResourceID, per Permission) bool
Permit check if role granted the permission of resource
Source Files