CasbinExtension

package module
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 26, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

README

CasbinExtension

This project adds the following features to date:

  • new "synced" Enforcer called EnhancedEnforcer
  • new Watcher which allows to enter updates directly into the enforcer (EnhancedEnforcer).

Important

This project is still in an early status. It is strongly recommended not to use this in a productive project.

Installation

go get github.com/VadimSokow/CasbinExtension

TODO

  • add documentation as code comments
  • add go tests to determine the correct functionality
  • add examples

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ControlledAdapter 

type ControlledAdapter struct {
	// contains filtered or unexported fields
}

func NewControlledAdapter 

func NewControlledAdapter(adapter persist.Adapter, allowWrite bool) *ControlledAdapter

func (*ControlledAdapter) AddPolicies 

func (c *ControlledAdapter) AddPolicies(sec string, ptype string, rules [][]string) error

func (*ControlledAdapter) AddPolicy 

func (c *ControlledAdapter) AddPolicy(sec string, ptype string, rule []string) error

func (*ControlledAdapter) IsFiltered 

func (c *ControlledAdapter) IsFiltered() bool

func (*ControlledAdapter) LoadFilteredPolicy 

func (c *ControlledAdapter) LoadFilteredPolicy(model model.Model, filter interface{}) error

func (*ControlledAdapter) LoadPolicy 

func (c *ControlledAdapter) LoadPolicy(model model.Model) error

func (*ControlledAdapter) RemoveFilteredPolicy 

func (c *ControlledAdapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error

func (*ControlledAdapter) RemovePolicies 

func (c *ControlledAdapter) RemovePolicies(sec string, ptype string, rules [][]string) error

func (*ControlledAdapter) RemovePolicy 

func (c *ControlledAdapter) RemovePolicy(sec string, ptype string, rule []string) error

func (*ControlledAdapter) SavePolicy 

func (c *ControlledAdapter) SavePolicy(model model.Model) error

func (*ControlledAdapter) UpdateFilteredPolicies 

func (c *ControlledAdapter) UpdateFilteredPolicies(sec string, ptype string, newPolicies [][]string, fieldIndex int, fieldValues ...string) ([][]string, error)

func (*ControlledAdapter) UpdatePolicies 

func (c *ControlledAdapter) UpdatePolicies(sec string, ptype string, oldRules, newRules [][]string) error

func (*ControlledAdapter) UpdatePolicy 

func (c *ControlledAdapter) UpdatePolicy(sec string, ptype string, oldRule, newPolicy []string) error

type EnhancedEnforcer 

type EnhancedEnforcer struct {
	*casbin.Enforcer
	// contains filtered or unexported fields
}

func NewEnhancedEnforcer 

func NewEnhancedEnforcer(params ...interface{}) (*EnhancedEnforcer, error)

NewEnhancedEnforcer creates a synchronized enforcer via file or DB.

func (*EnhancedEnforcer) AddFunction 

func (e *EnhancedEnforcer) AddFunction(name string, function govaluate.ExpressionFunction)

AddFunction adds a customized function.

func (*EnhancedEnforcer) AddGroupingPolicies 

func (e *EnhancedEnforcer) AddGroupingPolicies(rules [][]string) (bool, error)

AddGroupingPolicies adds role inheritance rulea to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise, the function returns true for the corresponding policy rule by adding the new rule.

func (*EnhancedEnforcer) AddGroupingPolicy 

func (e *EnhancedEnforcer) AddGroupingPolicy(params ...interface{}) (bool, error)

AddGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise, the function returns true by adding the new rule.

func (*EnhancedEnforcer) AddNamedGroupingPolicies 

func (e *EnhancedEnforcer) AddNamedGroupingPolicies(ptype string, rules [][]string) (bool, error)

AddNamedGroupingPolicies adds named role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise, the function returns true for the corresponding policy rule by adding the new rule.

func (*EnhancedEnforcer) AddNamedGroupingPolicy 

func (e *EnhancedEnforcer) AddNamedGroupingPolicy(ptype string, params ...interface{}) (bool, error)

AddNamedGroupingPolicy adds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise, the function returns true by adding the new rule.

func (*EnhancedEnforcer) AddNamedPolicies 

func (e *EnhancedEnforcer) AddNamedPolicies(ptype string, rules [][]string) (bool, error)

AddNamedPolicies adds authorization rules to the current named policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise, the function returns true for the corresponding by adding the new rule.

func (*EnhancedEnforcer) AddNamedPolicy 

func (e *EnhancedEnforcer) AddNamedPolicy(ptype string, params ...interface{}) (bool, error)

AddNamedPolicy adds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise, the function returns true by adding the new rule.

func (*EnhancedEnforcer) AddPolicies 

func (e *EnhancedEnforcer) AddPolicies(rules [][]string) (bool, error)

AddPolicies adds authorization rules to the current policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise, the function returns true for the corresponding rule by adding the new rule.

func (*EnhancedEnforcer) AddPolicy 

func (e *EnhancedEnforcer) AddPolicy(params ...interface{}) (bool, error)

AddPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise, the function returns true by adding the new rule.

func (*EnhancedEnforcer) BatchEnforce 

func (e *EnhancedEnforcer) BatchEnforce(requests [][]interface{}) ([]bool, error)

BatchEnforce enforce in batches

func (*EnhancedEnforcer) BatchEnforceWithMatcher 

func (e *EnhancedEnforcer) BatchEnforceWithMatcher(matcher string, requests [][]interface{}) ([]bool, error)

BatchEnforceWithMatcher enforce with matcher in batches 

func (e *EnhancedEnforcer) BuildRoleLinks() error

BuildRoleLinks manually rebuild the role inheritance relations.

func (*EnhancedEnforcer) ClearPolicy 

func (e *EnhancedEnforcer) ClearPolicy()

ClearPolicy clears all policy.

func (*EnhancedEnforcer) Enforce 

func (e *EnhancedEnforcer) Enforce(rvals ...interface{}) (bool, error)

Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).

func (*EnhancedEnforcer) EnforceEx 

func (e *EnhancedEnforcer) EnforceEx(rvals ...interface{}) (bool, []string, error)

EnforceEx explain enforcement by informing matched rules

func (*EnhancedEnforcer) EnforceExWithMatcher 

func (e *EnhancedEnforcer) EnforceExWithMatcher(matcher string, rvals ...interface{}) (bool, []string, error)

EnforceExWithMatcher use a custom matcher and explain enforcement by informing matched rules

func (*EnhancedEnforcer) EnforceWithMatcher 

func (e *EnhancedEnforcer) EnforceWithMatcher(matcher string, rvals ...interface{}) (bool, error)

EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".

func (*EnhancedEnforcer) GetAllActions 

func (e *EnhancedEnforcer) GetAllActions() []string

GetAllActions gets the list of actions that show up in the current policy.

func (*EnhancedEnforcer) GetAllNamedActions 

func (e *EnhancedEnforcer) GetAllNamedActions(ptype string) []string

GetAllNamedActions gets the list of actions that show up in the current named policy.

func (*EnhancedEnforcer) GetAllNamedObjects 

func (e *EnhancedEnforcer) GetAllNamedObjects(ptype string) []string

GetAllNamedObjects gets the list of objects that show up in the current named policy.

func (*EnhancedEnforcer) GetAllNamedRoles 

func (e *EnhancedEnforcer) GetAllNamedRoles(ptype string) []string

GetAllNamedRoles gets the list of roles that show up in the current named policy.

func (*EnhancedEnforcer) GetAllNamedSubjects 

func (e *EnhancedEnforcer) GetAllNamedSubjects(ptype string) []string

GetAllNamedSubjects gets the list of subjects that show up in the current named policy.

func (*EnhancedEnforcer) GetAllObjects 

func (e *EnhancedEnforcer) GetAllObjects() []string

GetAllObjects gets the list of objects that show up in the current policy.

func (*EnhancedEnforcer) GetAllRoles 

func (e *EnhancedEnforcer) GetAllRoles() []string

GetAllRoles gets the list of roles that show up in the current policy.

func (*EnhancedEnforcer) GetAllSubjects 

func (e *EnhancedEnforcer) GetAllSubjects() []string

GetAllSubjects gets the list of subjects that show up in the current policy.

func (*EnhancedEnforcer) GetFilteredGroupingPolicy 

func (e *EnhancedEnforcer) GetFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) [][]string

GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.

func (*EnhancedEnforcer) GetFilteredNamedGroupingPolicy 

func (e *EnhancedEnforcer) GetFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string

GetFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.

func (*EnhancedEnforcer) GetFilteredNamedPolicy 

func (e *EnhancedEnforcer) GetFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string

GetFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified.

func (*EnhancedEnforcer) GetFilteredPolicy 

func (e *EnhancedEnforcer) GetFilteredPolicy(fieldIndex int, fieldValues ...string) [][]string

GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.

func (*EnhancedEnforcer) GetGroupingPolicy 

func (e *EnhancedEnforcer) GetGroupingPolicy() [][]string

GetGroupingPolicy gets all the role inheritance rules in the policy.

func (*EnhancedEnforcer) GetNamedGroupingPolicy 

func (e *EnhancedEnforcer) GetNamedGroupingPolicy(ptype string) [][]string

GetNamedGroupingPolicy gets all the role inheritance rules in the policy.

func (*EnhancedEnforcer) GetNamedPolicy 

func (e *EnhancedEnforcer) GetNamedPolicy(ptype string) [][]string

GetNamedPolicy gets all the authorization rules in the named policy.

func (*EnhancedEnforcer) GetPolicy 

func (e *EnhancedEnforcer) GetPolicy() [][]string

GetPolicy gets all the authorization rules in the policy.

func (*EnhancedEnforcer) HasGroupingPolicy 

func (e *EnhancedEnforcer) HasGroupingPolicy(params ...interface{}) bool

HasGroupingPolicy determines whether a role inheritance rule exists.

func (*EnhancedEnforcer) HasNamedGroupingPolicy 

func (e *EnhancedEnforcer) HasNamedGroupingPolicy(ptype string, params ...interface{}) bool

HasNamedGroupingPolicy determines whether a named role inheritance rule exists.

func (*EnhancedEnforcer) HasNamedPolicy 

func (e *EnhancedEnforcer) HasNamedPolicy(ptype string, params ...interface{}) bool

HasNamedPolicy determines whether a named authorization rule exists.

func (*EnhancedEnforcer) HasPolicy 

func (e *EnhancedEnforcer) HasPolicy(params ...interface{}) bool

HasPolicy determines whether an authorization rule exists.

func (*EnhancedEnforcer) LoadFilteredPolicy 

func (e *EnhancedEnforcer) LoadFilteredPolicy(filter interface{}) error

LoadFilteredPolicy reloads a filtered policy from file/database.

func (*EnhancedEnforcer) LoadIncrementalFilteredPolicy 

func (e *EnhancedEnforcer) LoadIncrementalFilteredPolicy(filter interface{}) error

LoadIncrementalFilteredPolicy reloads a filtered policy from file/database.

func (*EnhancedEnforcer) LoadModel 

func (e *EnhancedEnforcer) LoadModel() error

LoadModel reloads the model from the model CONF file.

func (*EnhancedEnforcer) LoadPolicy 

func (e *EnhancedEnforcer) LoadPolicy() error

LoadPolicy reloads the policy from file/database.

func (*EnhancedEnforcer) RemoveFilteredGroupingPolicy 

func (e *EnhancedEnforcer) RemoveFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) (bool, error)

RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.

func (*EnhancedEnforcer) RemoveFilteredNamedGroupingPolicy 

func (e *EnhancedEnforcer) RemoveFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) (bool, error)

RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.

func (*EnhancedEnforcer) RemoveFilteredNamedPolicy 

func (e *EnhancedEnforcer) RemoveFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) (bool, error)

RemoveFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified.

func (*EnhancedEnforcer) RemoveFilteredPolicy 

func (e *EnhancedEnforcer) RemoveFilteredPolicy(fieldIndex int, fieldValues ...string) (bool, error)

RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.

func (*EnhancedEnforcer) RemoveGroupingPolicies 

func (e *EnhancedEnforcer) RemoveGroupingPolicies(rules [][]string) (bool, error)

RemoveGroupingPolicies removes role inheritance rules from the current policy.

func (*EnhancedEnforcer) RemoveGroupingPolicy 

func (e *EnhancedEnforcer) RemoveGroupingPolicy(params ...interface{}) (bool, error)

RemoveGroupingPolicy removes a role inheritance rule from the current policy.

func (*EnhancedEnforcer) RemoveNamedGroupingPolicies 

func (e *EnhancedEnforcer) RemoveNamedGroupingPolicies(ptype string, rules [][]string) (bool, error)

RemoveNamedGroupingPolicies removes role inheritance rules from the current named policy.

func (*EnhancedEnforcer) RemoveNamedGroupingPolicy 

func (e *EnhancedEnforcer) RemoveNamedGroupingPolicy(ptype string, params ...interface{}) (bool, error)

RemoveNamedGroupingPolicy removes a role inheritance rule from the current named policy.

func (*EnhancedEnforcer) RemoveNamedPolicies 

func (e *EnhancedEnforcer) RemoveNamedPolicies(ptype string, rules [][]string) (bool, error)

RemoveNamedPolicies removes authorization rules from the current named policy.

func (*EnhancedEnforcer) RemoveNamedPolicy 

func (e *EnhancedEnforcer) RemoveNamedPolicy(ptype string, params ...interface{}) (bool, error)

RemoveNamedPolicy removes an authorization rule from the current named policy.

func (*EnhancedEnforcer) RemovePolicies 

func (e *EnhancedEnforcer) RemovePolicies(rules [][]string) (bool, error)

RemovePolicies removes authorization rules from the current policy.

func (*EnhancedEnforcer) RemovePolicy 

func (e *EnhancedEnforcer) RemovePolicy(params ...interface{}) (bool, error)

RemovePolicy removes an authorization rule from the current policy.

func (*EnhancedEnforcer) SavePolicy 

func (e *EnhancedEnforcer) SavePolicy() error

SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.

func (*EnhancedEnforcer) SetWatcher 

func (e *EnhancedEnforcer) SetWatcher(watcher WatcherEnhanced) error

func (*EnhancedEnforcer) UpdateFilteredNamedPolicies 

func (e *EnhancedEnforcer) UpdateFilteredNamedPolicies(ptype string, newPolicies [][]string, fieldIndex int, fieldValues ...string) (bool, error)

func (*EnhancedEnforcer) UpdateFilteredPolicies 

func (e *EnhancedEnforcer) UpdateFilteredPolicies(newPolicies [][]string, fieldIndex int, fieldValues ...string) (bool, error)

func (*EnhancedEnforcer) UpdateGroupingPolicies 

func (e *EnhancedEnforcer) UpdateGroupingPolicies(oldRules [][]string, newRules [][]string) (bool, error)

func (*EnhancedEnforcer) UpdateGroupingPolicy 

func (e *EnhancedEnforcer) UpdateGroupingPolicy(oldRule []string, newRule []string) (bool, error)

func (*EnhancedEnforcer) UpdateNamedGroupingPolicies 

func (e *EnhancedEnforcer) UpdateNamedGroupingPolicies(ptype string, oldRules [][]string, newRules [][]string) (bool, error)

func (*EnhancedEnforcer) UpdateNamedGroupingPolicy 

func (e *EnhancedEnforcer) UpdateNamedGroupingPolicy(ptype string, oldRule []string, newRule []string) (bool, error)

func (*EnhancedEnforcer) UpdateNamedPolicies 

func (e *EnhancedEnforcer) UpdateNamedPolicies(ptype string, p1 [][]string, p2 [][]string) (bool, error)

func (*EnhancedEnforcer) UpdateNamedPolicy 

func (e *EnhancedEnforcer) UpdateNamedPolicy(ptype string, p1 []string, p2 []string) (bool, error)

func (*EnhancedEnforcer) UpdatePolicies 

func (e *EnhancedEnforcer) UpdatePolicies(oldPolices [][]string, newPolicies [][]string) (bool, error)

UpdatePolicies updates authorization rules from the current policies.

func (*EnhancedEnforcer) UpdatePolicy 

func (e *EnhancedEnforcer) UpdatePolicy(oldPolicy []string, newPolicy []string) (bool, error)

UpdatePolicy updates an authorization rule from the current policy.

type WatcherEnhanced 

type WatcherEnhanced interface {
	// UpdateForAddPolicy calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.AddPolicy()
	UpdateForAddPolicy(sec, ptype string, params ...string) error
	// UpdateForRemovePolicy calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.RemovePolicy()
	UpdateForRemovePolicy(sec, ptype string, params ...string) error
	// UpdateForRemoveFilteredPolicy calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.RemoveFilteredNamedGroupingPolicy()
	UpdateForRemoveFilteredPolicy(sec, ptype string, fieldIndex int, fieldValues ...string) error
	// UpdateForSavePolicy calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.RemoveFilteredNamedGroupingPolicy()
	UpdateForSavePolicy(model model.Model) error
	// UpdateForAddPolicies calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.AddPolicies()
	UpdateForAddPolicies(sec string, ptype string, rules ...[]string) error
	// UpdateForRemovePolicies calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.RemovePolicies()
	UpdateForRemovePolicies(sec string, ptype string, rules ...[]string) error
	// UpdateForUpdatePolicy calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.UpdatePolicy()
	UpdateForUpdatePolicy(sec string, ptype string, oldRule, newRule []string) error
	// UpdateForUpdatePolicies calls the update callback of other instances to synchronize their policy.
	// It is called after Enforcer.UpdatePolicies()
	UpdateForUpdatePolicies(sec string, ptype string, oldRules, newRules [][]string) error
	// UpdateForUpdateFilteredPolicies calls the update callback of other instances to synchronize their policy.
	UpdateForUpdateFilteredPolicies(sec string, ptype string, newPolicies [][]string, fieldIndex int, fieldValues ...string) error

	// SetUpdateCallbackForAddPolicy sets the callback function that the watcher will call
	SetUpdateCallbackForAddPolicy(func(sec, ptype string, params ...string) error) error
	// SetUpdateCallbackForRemovePolicy sets the callback function that the watcher will call
	SetUpdateCallbackForRemovePolicy(func(sec, ptype string, params ...string) error) error
	// SetUpdateCallbackForRemoveFilteredPolicy sets the callback function that the watcher will call
	SetUpdateCallbackForRemoveFilteredPolicy(func(sec, ptype string, fieldIndex int, fieldValues ...string) error) error
	// SetUpdateCallbackForAddPolicies sets the callback function that the watcher will call
	SetUpdateCallbackForAddPolicies(func(sec string, ptype string, rules ...[]string) error) error
	// SetUpdateCallbackForRemovePolicies sets the callback function that the watcher will call
	SetUpdateCallbackForRemovePolicies(func(sec string, ptype string, rules ...[]string) error) error
	// SetUpdateCallbackForUpdatePolicy sets the callback function that the watcher will call
	SetUpdateCallbackForUpdatePolicy(func(oldRule, newRule []string) error) error
	// SetUpdateCallbackForUpdatePolicies sets the callback function that the watcher will call
	SetUpdateCallbackForUpdatePolicies(func(oldRules, newRules [][]string) error) error
	// SetUpdateCallbackForUpdateFilteredPolicies sets the callback function that the watcher will call
	SetUpdateCallbackForUpdateFilteredPolicies(func(sec string, ptype string, newPolicies [][]string, fieldIndex int, fieldValues ...string) error) error

	// Close stops and releases the watcher, the callback function will not be called anymore.
	Close()
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.