Documentation
¶
Overview ¶
Package pol offers a role based permission system with a rules based implementation.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Action ¶
type Action struct {
Op
// Top is the topic and most commonly a model name. Special events should use custom topics.
// Topic names must not contain white space or '*' characters.
Top string
}
Action is described by an operation and a topic.
type Op ¶
type Op uint
Op describes an operation as a bitset with bits for read, write, execute and delete. These operations map to qry reads and event commands new, mod, del for dom model topics. Custom topics are free to have another interpretation but usually only use the X op.
type Perm ¶
type Perm int
Perm represents either a role association or a permitted or denied operation. Role associations have the value 0, denied op is -op and permitted op is itself.
func (Perm) MarshalText ¶
func (*Perm) UnmarshalText ¶
type Policy ¶
type Policy interface {
// Police permits role to execute the given actions or returns an error.
// Role names must not contain white space or '*' characters.
Police(role string, acts ...Action) error
}
Policy is an interface for a simple permissions checker.
type Rule ¶
Rule is a simple source structure to build up a policy.
func (Rule) MarshalText ¶
func (*Rule) UnmarshalText ¶
type RulePolicy ¶
type RulePolicy struct {
// contains filtered or unexported fields
}
RulePolicy is a Policy based on a set of rules and supports group roles and wildcards. The implementation is not thread safe for writes. Either lock access or build anew and swap out.
func ReadRulePolicy ¶
func ReadRulePolicy(r io.Reader) (*RulePolicy, error)
ReadRulePolicy reads rules from r and creates and returns a new policy or an error.
func (*RulePolicy) Add ¶
func (p *RulePolicy) Add(rs ...Rule) error
Add adds rules to the policy or returns an error.
Source Files