Documentation ¶
Index ¶
- type ExaminerFunc
- type Manager
- type ResultSet
- type Role
- func (role *Role) AcquireFrom(roles ...*Role) *Role
- func (role *Role) Grant(rights ...string) *Role
- func (role *Role) Has(right string) bool
- func (role *Role) HasAllOf(rights ...string) bool
- func (role *Role) HasOneOf(rights ...string) bool
- func (role *Role) Revoke(rights ...string) *Role
- func (role *Role) SetExaminer(examiner ExaminerFunc) *Role
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ExaminerFunc ¶
type ExaminerFunc = func(payload interface{}) bool
ExaminerFunc a function to determine whether a role can be added to a `ResultSet`.
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager contains all registered roles.
type ResultSet ¶
func NewResultSet ¶
NewResultSet creates a new `ResultSet` instance
type Role ¶
type Role struct { Id string // contains filtered or unexported fields }
Role contains all necessary information about one set of granted rights.
Each role requires an identifier. It is possible to define multiple roles with the same identifier as long as each manager contains an unique set of identifiers.
func (*Role) AcquireFrom ¶
AcquireFrom grabs the rights from the given roles to add them.
func main() { r1 := NewRole("r1").Grant("right.a") r2 := NewRole("r2").AcquireFrom(r1).Grant("right.b") }
func (*Role) Grant ¶
Grant adds the given right(s) to the role.
func main() { r := NewRole("a") r.Grant("right.a", "right.b") }
Note, that duplications will be ignored.
func (*Role) Has ¶
Has checks that the given right has been granted.
To resolve whether a right is available or not, the function uses a binary search to determine the actual index of the given right(s). Therefore, the array of granted rights is always sorted alphabetically.
func (*Role) HasAllOf ¶
HasAllOf verifies that all specified rights are present.
func main() { r := NewRole("r").Grant("a", "b", "c") r.HasAllOf("a", b", "c") }
func (*Role) HasOneOf ¶
HasOneOf checks that at least one of the given rights has been granted.
func main() { r := NewRole("r") r.Grant("right.a") r.HasOneOf("right.a", "right.b") }
func (*Role) Revoke ¶
Revoke removes the given right(s) from the role.
func main() { r := NewRole("a") r.Grant("right.a", "right.b") r.Revoke("right.a") }
func (*Role) SetExaminer ¶
func (role *Role) SetExaminer(examiner ExaminerFunc) *Role
SetExaminer sets / overwrites the examiner.
The examiner is used to determine whether a role can be added to a `ResultSet`.
type User struct { isAdmin bool } func main() { r := NewRole("admin").Grant("godmode").SetExaminer(func (payload interface{}) bool { user := payload.(User) return user.isAdmin }) rs := NewManager().Register(r).Examine(User{isAdmin: true}) }