rbac

package

v0.0.0-...-45da7de Latest Latest Go to latest Published: Mar 25, 2024 License: MIT Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bingoohuang/gg

Links

Open Source Insights

README ¶

rbac

forkd from https://github.com/harranali/authority

Role Based Access Control (RBAC) Go package with database persistence

Features

Create Roles/Permissions
Assign Permissions to Roles/Multiple Roles to Users
Check User's Roles/Permissions/Role's Permissions
Revoke User's Roles/User's Permissions/ole's permissions
List User's Roles/All Roles/All Permissions
Delete Roles/Permissions

Test

docker run --name mysql -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 -d mysql:5.7.34
go test

Usage

// initiate the database (using mysql)
dsn := "dbuser:dbpassword@tcp(127.0.0.1:3306)/dbname?charset=utf8mb4&parseTime=True&loc=Local"
db, _ := gorm.Open(mysql.Open(dsn), &gorm.Config{})

// initiate authority
auth := authority.New(authority.Options{ TablesPrefix: "authority_", DB: db })

// create role
err := auth.CreateRole("role-1")

// create permissions
err := auth.NewPerm("permission-1")
err = auth.NewPerm("permission-2")
err = auth.NewPerm("permission-3")

// assign the permissions to the role
err := auth.AssignPerm("role-1", "permission-1", "permission-2", "permission-3")

// assign a role to user (user id = 1) 
err = auth.AssignRole(1, "role-a")

// check if the user have a given role
ok, err := auth.CheckRole(1, "role-a")

// check if a user have a given permission 
ok, err := auth.CheckPerm(1, "permission-d")

// check if a role have a given permission
ok, err := auth.CheckRolePerm("role-a", "permission-a")

Documentation ¶

Index ¶

Variables
type Options
type Perm
- func (p Perm) TableName() string
type Rbac
- func Instance() *Rbac
- func New(opts Options) *Rbac
type Role
- func (r Role) TableName() string
type RolePerm
- func (r RolePerm) TableName() string
type UserRole
- func (u UserRole) TableName() string

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrRoleNotFound       = errors.New("role not found")
	ErrPermNotFound       = errors.New("permission not found")
	ErrDeleteAssignedPerm = errors.New("cannot delete assigned permission")
)

Functions ¶

This section is empty.

Types ¶

type Options ¶

type Options struct {
	DB           *gorm.DB
	TablesPrefix string
}

Options has the options for initiating the package.

type Perm ¶

type Perm struct {
	ID   uint
	Name string
}

Perm represents the database model of permissions

func (Perm) TableName ¶

func (p Perm) TableName() string

TableName sets the table name

func New ¶

func New(opts Options) *Rbac

New initiates authority.

func (*Rbac) AssignPerms ¶

func (a *Rbac) AssignPerms(roleName string, permNames ...string) error

AssignPerms assigns a group of permissions to a given role it accepts in the first parameter the role name, it returns an error if there is not matching record of the role name in the database. the second parameter is a slice of strings which represents a group of permissions to be assigned to the role if any of these permissions doesn't have a matching record in the database the operations stops, changes reverted and error is returned in case of success nothing is returned

func (*Rbac) AssignRole ¶

func (a *Rbac) AssignRole(userID uint, roleName string) error

AssignRole assigns a given role to a user the first parameter is the user id, the second parameter is the role name if the role name doesn't have a matching record in the data base an error is returned if the user have already a role assigned to him an error is returned

func (*Rbac) CheckPerm ¶

func (a *Rbac) CheckPerm(userID uint, permName string) (bool, error)

CheckPerm checks if a permission is assigned to the role that's assigned to the user. it accepts the user id as the first parameter the permission as the second parameter it returns an error if the permission is not present in the database

func (*Rbac) CheckRole ¶

func (a *Rbac) CheckRole(userID uint, roleName string) (bool, error)

CheckRole checks if a role is assigned to a user it accepts the user id as the first parameter the role as the second parameter it returns an error if the role is not present in database.

func (*Rbac) CheckRolePerm ¶

func (a *Rbac) CheckRolePerm(roleName string, permName string) (bool, error)

CheckRolePerm checks if a role has the permission assigned it accepts the role as the first parameter it accepts the permission as the second parameter it returns an error if the role is not present in database it returns an error if the permission is not present in database

func (*Rbac) DeletePerm ¶

func (a *Rbac) DeletePerm(permName string) error

DeletePerm deletes a given permission if the permission is assigned to a role it returns an error.

func (*Rbac) DeleteRole ¶

func (a *Rbac) DeleteRole(roleName string) error

DeleteRole deletes a given role if the role is assigned to a user it returns an error

func (*Rbac) GetPerms ¶

func (a *Rbac) GetPerms() ([]string, error)

GetPerms returns all stored permissions

func (*Rbac) GetRoles ¶

func (a *Rbac) GetRoles() ([]string, error)

GetRoles returns all stored roles

func (*Rbac) GetUserRoles ¶

func (a *Rbac) GetUserRoles(userID uint) ([]string, error)

GetUserRoles returns all user assigned roles

func (*Rbac) NewPerm ¶

func (a *Rbac) NewPerm(permName string) error

NewPerm stores a permission in the database it accepts the permission name.

func (*Rbac) NewRole ¶

func (a *Rbac) NewRole(roleName string) error

NewRole stores a role in the database it accepts the role name.

func (*Rbac) RevokePerm ¶

func (a *Rbac) RevokePerm(userID uint, permName string) error

RevokePerm revokes a permission from the user's assigned role it returns an error in case of any

func (*Rbac) RevokeRole ¶

func (a *Rbac) RevokeRole(userID uint, roleName string) error

RevokeRole revokes a user's role it returns a error in case of any

func (*Rbac) RevokeRolePerm ¶

func (a *Rbac) RevokeRolePerm(roleName string, permName string) error

RevokeRolePerm revokes a permission from a given role it returns an error in case of any

type Role ¶

type Role struct {
	ID   uint
	Name string
}

Role represents the database model of roles

func (Role) TableName ¶

func (r Role) TableName() string

TableName sets the table name

type RolePerm ¶

type RolePerm struct {
	ID     uint
	RoleID uint
	PermID uint
}

RolePerm stores the relationship between roles and permissions

func (RolePerm) TableName ¶

func (r RolePerm) TableName() string

TableName sets the table name

type UserRole ¶

type UserRole struct {
	ID     uint
	UserID uint
	RoleID uint
}

UserRole represents the relationship between users and roles

func (UserRole) TableName ¶

func (u UserRole) TableName() string

TableName sets the table name

Source Files ¶

View all Source files

rbac.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

rbac

README ¶

rbac

Features

Test

Usage

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Options ¶

type Perm ¶

func (Perm) TableName ¶

type Rbac ¶

func Instance ¶

func New ¶

func (*Rbac) AssignPerms ¶

func (*Rbac) AssignRole ¶

func (*Rbac) CheckPerm ¶

func (*Rbac) CheckRole ¶

func (*Rbac) CheckRolePerm ¶

func (*Rbac) DeletePerm ¶

func (*Rbac) DeleteRole ¶

func (*Rbac) GetPerms ¶

func (*Rbac) GetRoles ¶

func (*Rbac) GetUserRoles ¶

func (*Rbac) NewPerm ¶

func (*Rbac) NewRole ¶

func (*Rbac) RevokePerm ¶

func (*Rbac) RevokeRole ¶

func (*Rbac) RevokeRolePerm ¶

type Role ¶

func (Role) TableName ¶

type RolePerm ¶

func (RolePerm) TableName ¶

type UserRole ¶

func (UserRole) TableName ¶

Source Files ¶