casbin

package module

v0.0.0-...-7dcf3ec Latest Latest Go to latest Published: Apr 8, 2021 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/suisrc/casbin.zgo

Links

Open Source Insights

README ¶

说明

GIN + ENT/SQLX + CASBIN + WIRE + I18N

为了保持系统精简性(目前数据库处理只使用SQLX)，暂时移除了ENT相关的内容, 结构暂时保留

Documentation ¶

Index ¶

Variables
func AudienceMatchFunc(args ...interface{}) (interface{}, error)
func ConvertMapToArray(data *map[string]map[string][]string) *[][]string
func CustomMatchFunc(args ...interface{}) (interface{}, error)
func DomainMatch(key1 string, key2 string) bool
func DomainMatchFunc(args ...interface{}) (interface{}, error)
func HasPrefixFunc(args ...interface{}) (interface{}, error)
func HasSuffixFunc(args ...interface{}) (interface{}, error)
func MethodMatchFunc(args ...interface{}) (interface{}, error)
type Adapter
- func NewCasbinAdapter(db2 *sqlx.DB, tbl string, mid int64, ver string) *Adapter
- func (a *Adapter) AddPolicies(sec string, ptype string, rules [][]string) (err error)
- func (a *Adapter) AddPolicy(sec string, ptype string, rule []string) (err error)
- func (a *Adapter) LoadPolicy(m model.Model) error
- func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (err error)
- func (a *Adapter) RemovePolicies(sec string, ptype string, rules [][]string) (err error)
- func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) (err error)
- func (a *Adapter) SavePolicy(model model.Model) (err error)
type Auther
- func (a *Auther) AuthCasbinMiddlewareByOrigin(c res.Context, conf config.Casbin, ...)
- func (a *Auther) ClearEnforcer(force bool, org string)
- func (a *Auther) GetEnforcer(c res.Context, user auth.UserInfo, svc, org string) (*casbin.SyncedEnforcer, error)
- func (a *Auther) GetEnforcer2(c res.Context, user auth.UserInfo, cached *Enforcer, svc, org, key, ver string) (*casbin.SyncedEnforcer, error)
- func (a *Auther) GetUserRole(c res.Context, user auth.UserInfo, svc, org string) (role string, err error)
- func (a *Auther) IsPassPermission(c res.Context, user auth.UserInfo, svc, org string) (bool, error)
- func (a *Auther) UseAuthBasicMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
- func (a *Auther) UseAuthCasbinMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc
- func (a *Auther) UseAuthCasbinMiddlewareByOrigin(xget func(res.Context, string) (string, error), skippers ...res.SkipperFunc) res.HandlerFunc
type Enforcer
type Implor
type Object
type Policy
- func (a *Policy) GetGrouping() *[][]string
- func (a *Policy) GetPolicies() *[][]string
type Rule
type Subject

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// PolicyModel casbin使用的对比模型
	PolicyModel = `` /* 233-byte string literal not displayed */

	// DefaultMatcher casbin使用的对比模型
	DefaultMatcher = `` /* 204-byte string literal not displayed */
)

View Source

var (
	// CachedExpireAt 缓存定时器刷新时间
	CachedExpireAt = 4 * time.Minute
	// EnforcerCheckAt 引擎检测版本时间
	EnforcerCheckAt = 2 * time.Minute
	// EnforcerExpireAt 引擎标记过期时间
	EnforcerExpireAt = 8 * time.Minute
	// ServiceCodeExpireAt 服务缓存过期时间
	ServiceCodeExpireAt = 2 * time.Minute
	// ServiceTenantExpireAt 租户缓存过期时间
	ServiceTenantExpireAt = 2 * time.Minute
)

View Source

var (
	// SvcRoleKey 角色配置
	SvcRoleKey = "X-Request-Svc-%s-Role" // "X-Request-Svc-[service name]-Role"
	// SysRoleKey 系统平台角色
	SysRoleKey = "X-Request-Sys-Role"
	// SvcPublic 公共服务
	SvcPublic = "pub-"
	// RolePrefix 角色
	RolePrefix = "r:"
	// UserPrefix 用户
	UserPrefix = "u:"
	// PolicyPrefix 策略
	PolicyPrefix = "p:"
	// ActionPrefix 策略
	ActionPrefix = "a:"
	// SourcePrefix 策略
	SourcePrefix = "s:"
)

Functions ¶

func AudienceMatchFunc ¶

func AudienceMatchFunc(args ...interface{}) (interface{}, error)

AudienceMatchFunc func

func ConvertMapToArray ¶

func ConvertMapToArray(data *map[string]map[string][]string) *[][]string

ConvertMapToArray ...

func CustomMatchFunc ¶

func CustomMatchFunc(args ...interface{}) (interface{}, error)

CustomMatchFunc func

func DomainMatch ¶

func DomainMatch(key1 string, key2 string) bool

DomainMatch func

func DomainMatchFunc ¶

func DomainMatchFunc(args ...interface{}) (interface{}, error)

DomainMatchFunc func

func HasPrefixFunc ¶

func HasPrefixFunc(args ...interface{}) (interface{}, error)

HasPrefixFunc func

func HasSuffixFunc ¶

func HasSuffixFunc(args ...interface{}) (interface{}, error)

HasSuffixFunc func

func MethodMatchFunc ¶

func MethodMatchFunc(args ...interface{}) (interface{}, error)

MethodMatchFunc func

Types ¶

type Adapter ¶

type Adapter struct {
	DB2    *sqlx.DB // database
	Tbl    string   //table name
	Mid    int64    // model id
	Ver    string   // model ver
	Enable bool     // 是否启用适配器
}

Adapter 适配器

func NewCasbinAdapter ¶

func NewCasbinAdapter(db2 *sqlx.DB, tbl string, mid int64, ver string) *Adapter

NewCasbinAdapter is the constructor for Adapter with existed connection

func (*Adapter) AddPolicies ¶

func (a *Adapter) AddPolicies(sec string, ptype string, rules [][]string) (err error)

AddPolicies adds policy rules to the storage. This is part of the Auto-Save feature.

func (*Adapter) AddPolicy ¶

func (a *Adapter) AddPolicy(sec string, ptype string, rule []string) (err error)

AddPolicy adds a policy rule to the storage.

func (*Adapter) LoadPolicy ¶

func (a *Adapter) LoadPolicy(m model.Model) error

LoadPolicy loads policy from database.

func (*Adapter) RemoveFilteredPolicy ¶

func (a *Adapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (err error)

RemoveFilteredPolicy removes policy rules that match the filter from the storage.

func (*Adapter) RemovePolicies ¶

func (a *Adapter) RemovePolicies(sec string, ptype string, rules [][]string) (err error)

RemovePolicies removes policy rules from the storage. This is part of the Auto-Save feature.

func (*Adapter) RemovePolicy ¶

func (a *Adapter) RemovePolicy(sec string, ptype string, rule []string) (err error)

RemovePolicy removes a policy rule from the storage.

func (*Adapter) SavePolicy ¶

func (a *Adapter) SavePolicy(model model.Model) (err error)

SavePolicy saves policy to database.

type Auther ¶

type Auther struct {
	Implor         Implor
	CachedEnforcer map[string]*Enforcer // 验证器
	CachedExpireAt time.Time            // 刷新时间
	Mutex          sync.RWMutex         // 同步锁
}

Auther 权限管理

func (*Auther) AuthCasbinMiddlewareByOrigin ¶

func (a *Auther) AuthCasbinMiddlewareByOrigin(c res.Context, conf config.Casbin, xget func(res.Context, string) (string, error))

UseAuthCasbinMiddlewareByOrigin 用户授权中间件

func (*Auther) ClearEnforcer ¶

func (a *Auther) ClearEnforcer(force bool, org string)

ClearEnforcer 清理缓存缓存全部情况后，引擎立即完成刷新操作

func (*Auther) GetEnforcer ¶

func (a *Auther) GetEnforcer(c res.Context, user auth.UserInfo, svc, org string) (*casbin.SyncedEnforcer, error)

GetEnforcer 获取验证控制器

func (*Auther) GetEnforcer2 ¶

func (a *Auther) GetEnforcer2(c res.Context, user auth.UserInfo, cached *Enforcer, svc, org, key, ver string) (*casbin.SyncedEnforcer, error)

GetEnforcer2 获取验证控制器

func (*Auther) GetUserRole ¶

func (a *Auther) GetUserRole(c res.Context, user auth.UserInfo, svc, org string) (role string, err error)

GetUserRole 获取验证控制器

func (*Auther) IsPassPermission ¶

func (a *Auther) IsPassPermission(c res.Context, user auth.UserInfo, svc, org string) (bool, error)

IsPassPermission 跳过权限判断确定管理员身份，这里是否担心管理员身份被篡改？如果签名密钥泄漏，会发生签名篡改问题，所以需要保密服务器签名密钥

func (*Auther) UseAuthBasicMiddleware ¶

func (a *Auther) UseAuthBasicMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc

UseAuthBasicMiddleware 用户授权中间件, 只判定登录权限

func (*Auther) UseAuthCasbinMiddleware ¶

func (a *Auther) UseAuthCasbinMiddleware(skippers ...res.SkipperFunc) res.HandlerFunc

UseAuthCasbinMiddleware 用户授权中间件

func (*Auther) UseAuthCasbinMiddlewareByOrigin ¶

func (a *Auther) UseAuthCasbinMiddlewareByOrigin(xget func(res.Context, string) (string, error), skippers ...res.SkipperFunc) res.HandlerFunc

UseAuthCasbinMiddlewareByOrigin 用户授权中间件

type Enforcer ¶

type Enforcer struct {
	Enforcer *casbin.SyncedEnforcer // 验证器
	ExpireAt time.Time              // 过期时间
	CheckAt  time.Time              // 刷新时间
	Version  string                 // 验证版本
	Mutex    sync.RWMutex           // 同步锁
	Check    bool
}

Enforcer 验证器

type Implor ¶

type Implor interface {
	GetAuther() auth.Auther
	GetStorer() res.Storer
	GetTable() string
	GetSqlx2() *sqlx.DB
	GetSuperUserCode() string
	GetPlatformCode() string
	UpdateModelEnable(mid int64) error
	GetClientIP(ctx res.Context) string
	GetClientUA(ctx res.Context) string
	QueryPolicies(ctx res.Context, org, ver string) (*Policy, error)
	QueryServiceCode(ctx res.Context, user auth.UserInfo, host, path, org string) (string, int64, error)
	CheckTenantService(ctx res.Context, user auth.UserInfo, org, svc string, sid int64) (bool, error)

	SetHeader(ctx res.Context, key, value string)
	SetUserInfo(ctx res.Context, usr auth.UserInfo)
	ResError(ctx res.Context, err *res.ErrorModel)
	FixError(ctx res.Context, status int, err error, fun func()) bool
}

Implor 外部需要实现的接口

type Object ¶

type Object struct {
	Svc    string
	Host   string
	Path   string
	Method string
}

Object subject

type Policy ¶

type Policy struct {
	Mid       int64
	Ver       string
	New       bool                           // 重新构建
	ModelText string                         // 模型声明
	Grouping  map[string]map[string]bool     // 角色声明
	Policies  map[string]map[string][]string // 策略声明
	Version   string                         // 策略版本
}

Policy 策略

func (*Policy) GetGrouping ¶

func (a *Policy) GetGrouping() *[][]string

GetGrouping ...

func (*Policy) GetPolicies ¶

func (a *Policy) GetPolicies() *[][]string

GetPolicies ...

type Rule ¶

type Rule struct {
	Mid int64          `db:"mid"`
	Ver string         `db:"ver"`
	PT  string         `db:"p_type"`
	V0  sql.NullString `db:"v0"`
	V1  sql.NullString `db:"v1"`
	V2  sql.NullString `db:"v2"`
	V3  sql.NullString `db:"v3"`
	V4  sql.NullString `db:"v4"`
	V5  sql.NullString `db:"v5"`
	V6  sql.NullString `db:"v6"`
	V7  sql.NullString `db:"v7"`
	V8  sql.NullString `db:"v8"`
	V9  sql.NullString `db:"v9"`
	CT  sql.NullTime   `db:"created_at"`
}

Rule ...

type Subject ¶

type Subject struct {
	//UsrID    int
	//AccID    int
	Role   string
	Acc1   string
	Acc2   string
	Usr    string
	Org    string
	OrgUsr string
	Iss    string
	Aud    string
	Agent  string
	Scope  string
	Cip    string
	Cua    string
}

Subject subject

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL