permissions

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2026 License: Apache-2.0 Imports: 1 Imported by: 0

README

permissions

Defines builtin permission resources, roles, and permission constants for the user-modules library. Provides an extension API for adding custom resources and roles.

Overview

This package is not a weedbox module — it is a plain Go package that provides data definitions consumed by the rbac module. It defines:

  • Builtin resources: user (with password sub-resource) and auth
  • Builtin roles: admin, user
  • Permission constants: Type-safe strings like permissions.PermUserCreate
  • Standard CRUD actions: Reusable action definitions
  • Merge functions: Combine builtin definitions with custom ones

Builtin Resources

user
Action Permission String Description
create user.create Create a new user
read user.read Read user details
update user.update Update user information
delete user.delete Delete a user
list user.list List users

Sub-resource: password

Action Permission String Description
update user.password.update Update user password
auth
Action Permission String Description
login auth.login User login
logout auth.logout User logout
refresh auth.refresh Refresh token

Builtin Roles

Role Description Permissions
admin Full system access * (wildcard)
user Standard user auth.login, auth.logout, auth.refresh, user.read, user.password.update

Usage

Permission Constants

Use the constants in your API route definitions or permission checks:

import "github.com/weedbox/user-modules/permissions"

// In route registration
router.GET("/users", requirePerm(permissions.PermUserList), listHandler)
router.POST("/user", requirePerm(permissions.PermUserCreate), createHandler)
Standard CRUD Actions

When defining custom resources, use CRUDActions() for convenience:

import (
    "github.com/weedbox/privy"
    "github.com/weedbox/user-modules/permissions"
)

config := privy.ResourceConfig{
    Key:     "product",
    Name:    "Product",
    Actions: permissions.CRUDActions(), // create, read, update, delete, list
}
Extending with Custom Resources

Use MergeResourceConfigs and MergeDefaultRoles to combine builtin definitions with your own:

// Get builtins + your custom resources
allResources := permissions.MergeResourceConfigs(myResourceConfigs)

// Get builtins + your custom roles
allRoles := permissions.MergeDefaultRoles(myRoleConfigs)

These merge functions are used internally by the rbac module when you pass options via rbac.WithResourceConfigs() and rbac.WithDefaultRoles().

Retrieving Builtins Only
// Get only builtin resource configs (user + auth)
resources := permissions.GetBuiltinResourceConfigs()

// Get only builtin roles (admin, user)
roles := permissions.GetBuiltinDefaultRoles()

API Reference

Functions
Function Returns Description
CRUDActions() []privy.Action Standard create/read/update/delete/list actions
GetBuiltinResourceConfigs() []privy.ResourceConfig Builtin user + auth resource definitions
GetBuiltinDefaultRoles() map[string]privy.RoleConfig Builtin admin/user role definitions
MergeResourceConfigs(extra ...[]privy.ResourceConfig) []privy.ResourceConfig Merge builtins with extra resources
MergeDefaultRoles(extra ...map[string]privy.RoleConfig) map[string]privy.RoleConfig Merge builtins with extra roles
Constants

Resource keys:

  • ResourceUser = "user"
  • ResourceAuth = "auth"

Permission strings:

  • PermUserCreate, PermUserRead, PermUserUpdate, PermUserDelete, PermUserList
  • PermUserPasswordUpdate
  • PermAuthLogin, PermAuthLogout, PermAuthRefresh

Action variables:

  • ActionCreate, ActionRead, ActionUpdate, ActionDelete, ActionList

Documentation

Index

Constants

View Source 
const (
	ResourceUser = "user"
	ResourceAuth = "auth"
	ResourceRole = "role"
)

Resource keys

View Source 
const (
	// User permissions
	PermUserCreate         = "user.create"
	PermUserRead           = "user.read"
	PermUserUpdate         = "user.update"
	PermUserDelete         = "user.delete"
	PermUserList           = "user.list"
	PermUserPasswordUpdate = "user.password.update"

	// Role permissions
	PermRoleCreate = "role.create"
	PermRoleRead   = "role.read"
	PermRoleUpdate = "role.update"
	PermRoleDelete = "role.delete"
	PermRoleList   = "role.list"

	// Auth permissions
	PermAuthLogin   = "auth.login"
	PermAuthLogout  = "auth.logout"
	PermAuthRefresh = "auth.refresh"
)

Permission string helpers

Variables

View Source 
var (
	ActionCreate = privy.DefineAction("create", "Create", "Create a new resource")
	ActionRead   = privy.DefineAction("read", "Read", "Read resource details")
	ActionUpdate = privy.DefineAction("update", "Update", "Update an existing resource")
	ActionDelete = privy.DefineAction("delete", "Delete", "Delete a resource")
	ActionList   = privy.DefineAction("list", "List", "List resources")
)

Standard actions for CRUD operations

Functions

func CRUDActions 

func CRUDActions() []privy.Action

CRUDActions returns standard CRUD actions

func GetBuiltinDefaultRoles 

func GetBuiltinDefaultRoles() map[string]privy.RoleConfig

GetBuiltinDefaultRoles returns builtin default role configurations

func GetBuiltinResourceConfigs 

func GetBuiltinResourceConfigs() []privy.ResourceConfig

GetBuiltinResourceConfigs returns builtin resource configurations for user and auth

func MergeDefaultRoles 

func MergeDefaultRoles(extra ...map[string]privy.RoleConfig) map[string]privy.RoleConfig

MergeDefaultRoles merges builtin default roles with extra ones

func MergeResourceConfigs 

func MergeResourceConfigs(extra ...[]privy.ResourceConfig) []privy.ResourceConfig

MergeResourceConfigs merges builtin resource configs with extra ones

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.