Documentation ¶
Index ¶
Constants ¶
View Source
const ( // collection name ResourceBlog = "blog" ResourceAccount = "accounts" ResourceGroup = "group" )
View Source
const ( RuleAllowOwn = "allowOwn" RuleAccessFilter = "accessFilter" )
View Source
const ( RoleOwner = "owner" RoleAdmin = "admin" RoleMember = "member" RoleReader = "reader" )
Variables ¶
View Source
var Ctrl = abac.AccessControl{}
Functions ¶
This section is empty.
Types ¶
type AccessFilter ¶
type AccessFilter struct { VisitorID primitive.ObjectID `json:"visitor_id" bson:"visitor_id"` GroupID primitive.ObjectID `json:"group_id" bson:"group_id"` RoleList [][]string `json:"role_list,omitempty" example:"'admin':xxxxx 'write':xxxxx" bson:"role_map,omitempty"` }
func (*AccessFilter) JudgeRule ¶
func (a *AccessFilter) JudgeRule() (bool, error)
JudgeRule 判断id是否在manager的某个role(s)之内, 第一层,逻辑“或”,满足其中一个role的组合即可 第二层,逻辑“与”,必须满足列表内的所有role
func (*AccessFilter) ProcessContext ¶
func (a *AccessFilter) ProcessContext(ctx abac.ContextType)
type AllowOwn ¶
type AllowOwn struct { UserInfo dto.LoginUserInfo ID primitive.ObjectID `json:"id"` Filter model.Filter Resource string }
func (*AllowOwn) ProcessContext ¶
func (r *AllowOwn) ProcessContext(ctx abac.ContextType)
Click to show internal directories.
Click to hide internal directories.