README
¶
Documentation
¶
Index ¶
- Constants
- func RBACWithDomain(m *Manager, request ...string) bool
- type Manager
- func (m *Manager) AddPolicies(pRules, gRules [][]string) error
- func (m *Manager) AddPolicy(ptype string, rule []string) error
- func (m *Manager) Close() error
- func (m *Manager) Enforce(request ...string) bool
- func (m *Manager) Filter(rule ...string) Policies
- func (m *Manager) FilterGroups(rule ...string) Policies
- func (m *Manager) FilterWithGroups(policyValueIndex int, groups Policies, groupValueIndex int) Policies
- func (m *Manager) FindExact(rule ...string) []string
- func (m *Manager) GroupingPolicyCount() int
- func (m *Manager) LoadPolicies() error
- func (m *Manager) PolicyCount() int
- func (m *Manager) RemoveFilteredPolicies(pPattern, gPattern []string) error
- func (m *Manager) RemovePolicies(pRules, gRules [][]string) error
- func (m *Manager) RemovePolicy(ptype string, rule []string) error
- type Matcher
- type Option
- func WithDatabase(dbname string) Option
- func WithSkipDatabaseCreate() Option
- func WithSkipTableCreate() Option
- func WithSyncInterval(interval time.Duration) Option
- func WithTableName(tableName string) Option
- func WithTimeout(timeout time.Duration) Option
- func WithZapLogger(logger *zap.Logger) Option
- type Policies
Constants ¶
const ( DefaultTableName = "tulip_rule" DefaultDatabaseName = "tulip" DefaultTimeout = time.Second * 10 DefaultSyncPeriod = time.Second * 60 )
Variables ¶
This section is empty.
Functions ¶
func RBACWithDomain ¶
RBACWithDomain matcher encapsulates the matching logic of the following casbin model:
r = sub, dom, obj, act p = sub, dom, obj, act g = _, _, _ e = some(where (p.eft == allow)) m = (r.sub == p.sub || g(r.sub, p.sub, r.dom)) && r.dom == p.dom && r.obj == p.obj && r.act == p.act
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager manages access control policies.
func NewManager ¶
NewManager creates a new manager with connection conn which must either be a PostgreSQL connection string or an instance of *pgx.ConnConfig from package github.com/jackc/pgx/v4.
func (*Manager) AddPolicies ¶
AddPolicies adds policy rules to the storage.
func (*Manager) FilterGroups ¶
Filter filters grouping policies
func (*Manager) FilterWithGroups ¶
func (*Manager) GroupingPolicyCount ¶
func (*Manager) LoadPolicies ¶
LoadPolicies loads policies from database.
func (*Manager) PolicyCount ¶
func (*Manager) RemoveFilteredPolicies ¶
func (*Manager) RemovePolicies ¶
RemovePolicies removes policy rules from the storage.
type Matcher ¶
Matcher encapsulates the logic of matching a query request against internal policies and grouping polcies.
type Option ¶
type Option func(m *Manager)
func WithDatabase ¶
WithTableName can be used to pass custom database name for Tulip rules
func WithSkipDatabaseCreate ¶
func WithSkipDatabaseCreate() Option
func WithSkipTableCreate ¶
func WithSkipTableCreate() Option
WithSkipTableCreate skips the table creation step when the manager starts If the Tulip rules table does not exist, it will lead to issues when using the manager
func WithSyncInterval ¶
WithSyncInterval specifies a different sync interval for the manager
func WithTableName ¶
WithTableName can be used to pass custom table name for Tulip rules
func WithTimeout ¶
WithTimeout specifies a Postgres connection timeout for the manager
func WithZapLogger ¶
WithZapLogger specifies a logger for the manager
Source Files