README
¶
Caskin
Caskin is a multi-domain rbac library for Golang projects. It develops base on caskin
Introduction
Example
Documentation
- Configuration to configure caskin instance and dictionary.
- Design for the details of design.
- API for the details of caskin service method.
Getting Started
Define the dictionary configuration file
Create a new file for example named caskin.toml to define
feature,
backend,
frontend,
package,
creator_object,
creator_role,
creator_policy.
feature = [
{name = "feature"},
]
backend = [
{path = "api/feature", method = "GET"},
{path = "api/feature", method = "POST"},
]
frontend = [
{name = "feature", type = "menu"},
]
package = [
{key = "feature", backend = [["api/feature", "GET"], ["api/feature", "POST"]], frontend = [["feature", "menu"]]},
]
creator_object = [
{name = "role_root", type = "role"},
]
creator_role = [
{name = "admin"},
{name = "member"},
]
creator_policy = [
{role = "admin", object = "role_root", action = ["read", "write", "manage"]},
{role = "admin", object = "github.com/awatercolorpen/caskin::feature", action = ["read"]},
{role = "member", object = "role_root", action = ["read"]},
]
To make use of caskin in golang
Register user-role-object-domain instance.
It should implement the interface of caskin.User, caskin.Role, caskin.Object, caskin.Domain generally.
Or use the example implementation in github.com/awatercolorpen/caskin/example for the prototype.
import "github.com/awatercolorpen/caskin"
import "github.com/awatercolorpen/caskin/example"
// register instance type
caskin.Register[*example.User, *example.Role, *example.Object, *example.Domain]()
Create a new caskin service instance.
import "github.com/awatercolorpen/caskin"
// set db option
dbOption := &caskin.DBOption{
DSN: "./sqlite.db",
Type: "sqlite",
}
// set dictionary option
dictionaryOption := &caskin.DictionaryOption{
Dsn: "caskin.toml",
}
// build service option
option := &caskin.Options{
Dictionary: dictionaryOption,
DB: dbOption,
}
// create a new service instance
service, err := caskin.New(option)
Initialize first domain, and add first superadmin.
domain := &example.Domain{Name: "school-1"}
superadmin := &example.User{Email: "superadmin@qq.com"}
// create domain
err := service.CreateDomain(domain)
// reset domain by the creator setting from caskin.toml
err := service.ResetDomain(domain)
// reset domain by the feature setting from caskin.toml
err := service.ResetFeature(domain)
// add a user to caskin
err := service.CreateUser(superadmin)
// set a user as superadmin
err := service.AddSuperadmin(p.Superadmin)
To manage the authorization business
Use the caskin.Service's API to control on authorization management.
// authorization business: delete one role
err := service.DeleteRole(operatorUser, workingOnDomain, toDeleteRole))
Use the caskin.CurrentService interface.
currentService := service.SetCurrent(operatorUser, workingOnDomain)
License
See the License File.
Documentation
¶
Index ¶
- Constants
- Variables
- func CasbinModel() (model.Model, error)
- func Check[T any](e IEnforcer, u User, d Domain, one T, action Action) bool
- func Diff[T constraints.Ordered](source, target []T) (add, remove []T)
- func Filter[T any](e IEnforcer, u User, d Domain, action Action, source []T) []T
- func GetByID[T any](db MetaDB, id []uint64) ([]T, error)
- func ID[E idInterface](in []E) []uint64
- func IDMap[E idInterface](in []E) map[uint64]E
- func NewObjectDeleter(children ObjectChildrenGetFunc, delete ObjectDeleteFunc) *objectDeleter
- func NewObjectDirectory(in []*Directory) *objectDirectory
- func NewObjectUpdater(parentGet ObjectParentGetFunc, parentAdd ObjectParentAddFunc, ...) *objectUpdater
- func Register[U User, R Role, O Object, D Domain]()
- func SetWatcher(e casbin.IEnforcer, option *WatcherOption) error
- type Action
- type Backend
- type CountDirectoryItem
- type CreatorObject
- type CreatorPolicy
- type CreatorRole
- type DBOption
- type DictionaryOption
- type Directory
- type DirectoryRequest
- type DirectoryResponse
- type DirectorySearchType
- type Domain
- type EdgeSorter
- type Factory
- type Feature
- type Frontend
- type IBaseService
- type ICreatorDictionary
- type ICurrentService
- type IDictionary
- type IDirectory
- type IDirectoryService
- type IEnforcer
- type IFeatureDictionary
- type IFeatureService
- type IService
- type InheritanceEdge
- type InheritanceGraph
- type MetaDB
- type NamedObject
- func (o *NamedObject) Decode(code string) error
- func (o *NamedObject) Encode() string
- func (o *NamedObject) GetDomainID() uint64
- func (o *NamedObject) GetID() uint64
- func (o *NamedObject) GetObjectType() string
- func (o *NamedObject) GetParentID() uint64
- func (o *NamedObject) SetDomainID(uint64)
- func (o *NamedObject) SetID(uint64)
- func (o *NamedObject) SetParentID(uint64)
- type Object
- type ObjectChildrenGetFunc
- type ObjectData
- type ObjectDeleteFunc
- type ObjectParentAddFunc
- type ObjectParentDelFunc
- type ObjectParentGetFunc
- type ObjectType
- type Option
- type Options
- type Package
- type Policy
- type Role
- type SampleSuperadminDomain
- type SampleSuperadminRole
- func (s *SampleSuperadminRole) Decode(code string) error
- func (s *SampleSuperadminRole) Encode() string
- func (s *SampleSuperadminRole) GetDomainID() uint64
- func (s *SampleSuperadminRole) GetID() uint64
- func (s *SampleSuperadminRole) GetObjectID() uint64
- func (s *SampleSuperadminRole) SetDomainID(uint64)
- func (s *SampleSuperadminRole) SetID(uint64)
- func (s *SampleSuperadminRole) SetObjectID(uint64)
- type UpsertType
- type User
- type UserRolePair
- type WatcherOption
Constants ¶
View Source
const ( ObjectPType = "g2" SuperadminRole = "superadmin" SuperadminDomain = "superdomain" )
Variables ¶
View Source
var ( ErrNil = fmt.Errorf("nil data") ErrEmptyID = fmt.Errorf("empty id") ErrAlreadyExists = fmt.Errorf("already exists") ErrNotExists = fmt.Errorf("not exists") ErrInValidObject = fmt.Errorf("invalid object") ErrInValidObjectType = fmt.Errorf("invalid object type") ErrCantChangeObjectType = fmt.Errorf("can't change object type") ErrCantOperateRootObject = fmt.Errorf("can't operate root object") ErrParentCanNotBeItself = fmt.Errorf("parent id can't be it self id") ErrParentToDescendant = fmt.Errorf("can't change parent to descendant") ErrInValidRequest = fmt.Errorf("invalid request") ErrNoReadPermission = fmt.Errorf("no read permission") ErrNoWritePermission = fmt.Errorf("no write permission") ErrNoManagePermission = fmt.Errorf("no manage permission") ErrNoBackendPermission = fmt.Errorf("no backend api permission") ErrIsNotSuperadmin = fmt.Errorf("is not superadmin") ErrInValidCurrent = fmt.Errorf("invalid current api") )
View Source
var ( DefaultSuperadminRoleName = "superadmin_role" DefaultSuperadminDomainName = "superadmin_domain" )
View Source
var CasbinModelText string
View Source
var (
DefaultFeatureRootName = "github.com/awatercolorpen/caskin::feature"
)
Functions ¶
func CasbinModel ¶
func Diff ¶
func Diff[T constraints.Ordered](source, target []T) (add, remove []T)
Diff do diff source, target list to get add, remove list
func NewObjectDeleter ¶ added in v0.1.0
func NewObjectDeleter(children ObjectChildrenGetFunc, delete ObjectDeleteFunc) *objectDeleter
func NewObjectDirectory ¶ added in v0.1.0
func NewObjectDirectory(in []*Directory) *objectDirectory
func NewObjectUpdater ¶ added in v0.1.0
func NewObjectUpdater( parentGet ObjectParentGetFunc, parentAdd ObjectParentAddFunc, parentDel ObjectParentDelFunc) *objectUpdater
func SetWatcher ¶ added in v0.2.0
func SetWatcher(e casbin.IEnforcer, option *WatcherOption) error
Types ¶
type Backend ¶ added in v0.1.0
type Backend struct {
Path string `json:"path" toml:"path"`
Method string `json:"method" toml:"method"`
Description string `json:"description" toml:"description"`
Group string `json:"group" toml:"group"`
}
Backend it is for backend API
type CountDirectoryItem ¶ added in v0.1.0
type CreatorObject ¶ added in v0.1.0
type CreatorObject struct {
Name string `json:"name" toml:"name"`
Type string `json:"type" toml:"type"`
Description string `json:"description" toml:"description"`
}
func (*CreatorObject) ToObject ¶ added in v0.1.0
func (c *CreatorObject) ToObject() Object
type CreatorPolicy ¶ added in v0.1.0
type CreatorRole ¶ added in v0.1.0
type CreatorRole struct {
Name string `json:"name" toml:"name"`
Description string `json:"description" toml:"description"`
}
func (*CreatorRole) ToRole ¶ added in v0.1.0
func (c *CreatorRole) ToRole() Role
type DictionaryOption ¶ added in v0.1.0
type DirectoryRequest ¶ added in v0.1.0
type DirectoryRequest struct {
To uint64 `json:"to,omitempty"`
ID []uint64 `json:"id,omitempty"`
Type string `json:"type,omitempty"`
Policy string `json:"policy,omitempty"`
SearchType string `json:"search_type,omitempty"`
CountDirectory func([]uint64) (map[uint64]uint64, error)
ActionDirectory func([]uint64) error
}
type DirectoryResponse ¶ added in v0.1.0
type DirectorySearchType ¶ added in v0.1.0
type DirectorySearchType = string
const ( DirectorySearchAll DirectorySearchType = "all" DirectorySearchTop DirectorySearchType = "top" )
type Domain ¶
type Domain interface {
// contains filtered or unexported methods
}
func GetSuperadminDomain ¶ added in v0.1.0
func GetSuperadminDomain() Domain
type EdgeSorter ¶ added in v0.1.0
type EdgeSorter[T constraints.Ordered] map[T]int
func NewEdgeSorter ¶ added in v0.1.0
func NewEdgeSorter[T constraints.Ordered](order []T) EdgeSorter[T]
func (EdgeSorter[T]) LeafFirstSort ¶ added in v0.1.0
func (e EdgeSorter[T]) LeafFirstSort(edges []*InheritanceEdge[T])
func (EdgeSorter[T]) RootFirstSort ¶ added in v0.1.0
func (e EdgeSorter[T]) RootFirstSort(edges []*InheritanceEdge[T])
type Factory ¶ added in v0.1.0
type Factory interface {
User(string) (User, error)
Role(string) (Role, error)
Object(string) (Object, error)
Domain(string) (Domain, error)
NewUser() User
NewRole() Role
NewObject() Object
NewDomain() Domain
MetadataDB(db *gorm.DB) MetaDB
}
func DefaultFactory ¶ added in v0.1.0
func DefaultFactory() Factory
type Feature ¶ added in v0.1.0
type Feature struct {
Name string `json:"name" toml:"name"`
Description string `json:"description" toml:"description"`
Group string `json:"group" toml:"group"`
}
Feature it is a package of Backend and Frontend
type Frontend ¶ added in v0.1.0
type Frontend struct {
Name string `json:"name" toml:"name"`
Type string `json:"type" toml:"type"`
Description string `json:"description" toml:"description"`
Group string `json:"group" toml:"group"`
}
Frontend it is for frontend web component
type IBaseService ¶ added in v0.1.0
type IBaseService interface {
// AddSuperadmin adds a superadmin user
AddSuperadmin(User) error
// DeleteSuperadmin deletes a superadmin user
DeleteSuperadmin(User) error
// GetSuperadmin gets all superadmin users
GetSuperadmin() ([]User, error)
// CreateUser creates a new user
CreateUser(User) error
// RecoverUser recovers a deleted user
RecoverUser(User) error
// DeleteUser deletes a user
DeleteUser(User) error
// UpdateUser updates a user
UpdateUser(User) error
// CreateDomain creates a new domain
CreateDomain(Domain) error
// RecoverDomain recovers a deleted domain
RecoverDomain(Domain) error
// DeleteDomain deletes a domain
DeleteDomain(Domain) error
// UpdateDomain updates a domain
UpdateDomain(Domain) error
// GetDomain gets all domains
GetDomain() ([]Domain, error)
// ResetDomain resets a domain to its initial state
ResetDomain(Domain) error
// CreateObject creates a new object in a domain
CreateObject(User, Domain, Object) error
// RecoverObject recovers a deleted object in a domain
RecoverObject(User, Domain, Object) error
// DeleteObject deletes an object in a domain
DeleteObject(User, Domain, Object) error
// UpdateObject updates an object in a domain
UpdateObject(User, Domain, Object) error
// GetObject gets all objects in a domain that the user can perform an action on
GetObject(User, Domain, Action, ...ObjectType) ([]Object, error)
// GetObjectHierarchyLevel gets the hierarchy level of an object in a domain
GetObjectHierarchyLevel(user User, domain Domain, object Object) (int, error)
// CreateRole creates a new role in a domain
CreateRole(User, Domain, Role) error
// RecoverRole recovers a deleted role in a domain
RecoverRole(User, Domain, Role) error
// DeleteRole deletes a role in a domain
DeleteRole(User, Domain, Role) error
// UpdateRole updates a role in a domain
UpdateRole(User, Domain, Role) error
// GetRole gets all roles in a domain
GetRole(User, Domain) ([]Role, error)
// AddUserRole adds user-role pairs in a domain
AddUserRole(User, Domain, []*UserRolePair) error
// RemoveUserRole removes user-role pairs in a domain
RemoveUserRole(User, Domain, []*UserRolePair) error
// AddRoleG adds a role inheritance relation in a domain
AddRoleG(User, Domain, Role, Role) error
// RemoveRoleG removes a role inheritance relation in a domain
RemoveRoleG(User, Domain, Role, Role) error
// GetUserByDomain gets all users in a domain
GetUserByDomain(Domain) ([]User, error)
// GetDomainByUser gets all domains that a user belongs to
GetDomainByUser(User) ([]Domain, error)
// GetUserRole gets all user-role pairs in a domain
GetUserRole(User, Domain) ([]*UserRolePair, error)
// GetUserRoleByUser gets all user-role pairs in a domain for a specific user
GetUserRoleByUser(User, Domain, User) ([]*UserRolePair, error)
// GetUserRoleByRole gets all user-role pairs in a domain for a specific role
GetUserRoleByRole(User, Domain, Role) ([]*UserRolePair, error)
// ModifyUserRolePerUser modifies the user-role pairs in a domain for a specific user
ModifyUserRolePerUser(User, Domain, User, []*UserRolePair) error
// ModifyUserRolePerRole modifies the user-role pairs in a domain for a specific role
ModifyUserRolePerRole(User, Domain, Role, []*UserRolePair) error
// GetPolicy gets all policies in a domain
GetPolicy(User, Domain) ([]*Policy, error)
// GetPolicyByRole gets all policies in a domain for a specific role
GetPolicyByRole(User, Domain, Role) ([]*Policy, error)
// ModifyPolicyPerRole modifies the policies in a domain for a specific role
ModifyPolicyPerRole(User, Domain, Role, []*Policy) error
// CreateObjectData creates a new object data in a domain with an object type
CreateObjectData(User, Domain, ObjectData, ObjectType) error
// RecoverObjectData recovers a deleted object data in a domain
RecoverObjectData(User, Domain, ObjectData) error
// DeleteObjectData deletes an object data in a domain
DeleteObjectData(User, Domain, ObjectData) error
// UpdateObjectData updates an object data in a domain with an object type
UpdateObjectData(User, Domain, ObjectData, ObjectType) error
// CheckCreateObjectData checks if the user can create an object data in a domain with an object type
CheckCreateObjectData(User, Domain, ObjectData, ObjectType) error
// CheckRecoverObjectData checks if the user can recover an object data in a domain
CheckRecoverObjectData(User, Domain, ObjectData) error
// CheckDeleteObjectData checks if the user can delete an object data in a domain
CheckDeleteObjectData(User, Domain, ObjectData) error
// CheckWriteObjectData checks if the user can write an object data in a domain with an object type
CheckWriteObjectData(User, Domain, ObjectData, ObjectType) error
// CheckUpdateObjectData checks if the user can update an object data in a domain with an object type
CheckUpdateObjectData(User, Domain, ObjectData, ObjectType) error
// CheckModifyObjectData checks if the user can modify an object data in a domain
CheckModifyObjectData(User, Domain, ObjectData) error
// CheckGetObjectData checks if the user can get an object data in a domain
CheckGetObjectData(User, Domain, ObjectData) error
}
IBaseService is the interface that defines the basic CRUD operations for users, domains, objects and roles
type ICreatorDictionary ¶ added in v0.1.0
type ICreatorDictionary interface {
GetCreatorObject() ([]*CreatorObject, error)
GetCreatorRole() ([]*CreatorRole, error)
GetCreatorPolicy() ([]*CreatorPolicy, error)
}
type ICurrentService ¶ added in v0.1.0
type ICurrentService interface {
// SetCurrent sets the current user and domain for the service and returns a new service instance
SetCurrent(User, Domain) IService
// CreateObjectDataWithCurrent creates a new object data in the current domain with an object type
CreateObjectDataWithCurrent(ObjectData, ObjectType) error
// RecoverObjectDataWithCurrent recovers a deleted object data in the current domain
RecoverObjectDataWithCurrent(ObjectData) error
// DeleteObjectDataWithCurrent deletes an object data in the current domain
DeleteObjectDataWithCurrent(ObjectData) error
// UpdateObjectDataWithCurrent updates an object data in the current domain with an object type
UpdateObjectDataWithCurrent(ObjectData, ObjectType) error
// CheckCreateObjectDataWithCurrent checks if the current user can create an object data in the current domain with an object type
CheckCreateObjectDataWithCurrent(ObjectData, ObjectType) error
// CheckRecoverObjectDataWithCurrent checks if the current user can recover an object data in the current domain
CheckRecoverObjectDataWithCurrent(ObjectData) error
// CheckDeleteObjectDataWithCurrent checks if the current user can delete an object data in the current domain
CheckDeleteObjectDataWithCurrent(ObjectData) error
// CheckWriteObjectDataWithCurrent checks if the current user can write an object data in the current domain with an object type
CheckWriteObjectDataWithCurrent(ObjectData, ObjectType) error
// CheckUpdateObjectDataWithCurrent checks if the current user can update an object data in the current domain with an object type
CheckUpdateObjectDataWithCurrent(ObjectData, ObjectType) error
// CheckModifyObjectDataWithCurrent checks if the current user can modify an object data in the current domain
CheckModifyObjectDataWithCurrent(ObjectData) error
// CheckGetObjectDataWithCurrent checks if the current user can get an object data in the current domain
CheckGetObjectDataWithCurrent(ObjectData) error
}
ICurrentService is the interface that defines the current user-related operations
type IDictionary ¶ added in v0.1.0
type IDictionary interface {
IFeatureDictionary
ICreatorDictionary
}
func NewDictionary ¶ added in v0.1.0
func NewDictionary(option *DictionaryOption) (IDictionary, error)
type IDirectory ¶ added in v0.1.0
type IDirectory interface {
Search(uint64, DirectorySearchType) []*Directory
}
type IDirectoryService ¶ added in v0.1.0
type IDirectoryService interface {
// CreateDirectory creates a new directory for an object in a domain
CreateDirectory(User, Domain, Object) error
// UpdateDirectory updates an existing directory for an object in a domain
UpdateDirectory(User, Domain, Object) error
// DeleteDirectory deletes a directory and its subdirectories in a domain based on a request
DeleteDirectory(User, Domain, *DirectoryRequest) error
// GetDirectory gets all directories and their subdirectories in a domain based on a request
GetDirectory(User, Domain, *DirectoryRequest) ([]*Directory, error)
// MoveDirectory moves a directory and its subdirectories to another directory in a domain based on a request and returns the updated directory structure
MoveDirectory(User, Domain, *DirectoryRequest) (*DirectoryResponse, error)
// MoveItem moves an object data to another directory in a domain based on a request and returns the updated directory structure
MoveItem(User, Domain, ObjectData, *DirectoryRequest) (*DirectoryResponse, error)
// CopyItem copies an object data to another directory in a domain based on a request and returns the updated directory structure
CopyItem(User, Domain, ObjectData, *DirectoryRequest) (*DirectoryResponse, error)
}
IDirectoryService is the interface that defines the directory-related operations for objects and object data
type IEnforcer ¶
type IEnforcer interface {
Enforce(User, Object, Domain, Action) (bool, error)
EnforceRole(son Role, parent Role, domain Domain) (bool, error)
EnforceObject(son Object, parent Object, domain Domain) (bool, error)
IsSuperadmin(User) (bool, error)
GetDomainsIncludeUser(User) []Domain
GetRolesForUserInDomain(User, Domain) []Role
GetUsersForRoleInDomain(Role, Domain) []User
GetParentsForRoleInDomain(Role, Domain) []Role
GetChildrenForRoleInDomain(Role, Domain) []Role
GetParentsForObjectInDomain(Object, Domain) []Object
GetChildrenForObjectInDomain(Object, Domain) []Object
GetPoliciesForRoleInDomain(Role, Domain) []*Policy
GetPoliciesForObjectInDomain(Object, Domain) []*Policy
RemoveUserInDomain(User, Domain) error
RemoveRoleInDomain(Role, Domain) error
RemoveObjectInDomain(Object, Domain) error
AddPolicyInDomain(Role, Object, Domain, Action) error
RemovePolicyInDomain(Role, Object, Domain, Action) error
AddRoleForUserInDomain(User, Role, Domain) error
RemoveRoleForUserInDomain(User, Role, Domain) error
AddParentForRoleInDomain(Role, Role, Domain) error
RemoveParentForRoleInDomain(Role, Role, Domain) error
AddParentForObjectInDomain(Object, Object, Domain) error
RemoveParentForObjectInDomain(Object, Object, Domain) error
GetUsersInDomain(Domain) []User
GetRolesInDomain(Domain) []Role
GetObjectsInDomain(Domain) []Object
GetPoliciesInDomain(Domain) []*Policy
RemoveUsersInDomain(Domain) error
}
func NewEnforcer ¶
type IFeatureDictionary ¶ added in v0.1.0
type IFeatureDictionary interface {
GetFeature() ([]*Feature, error)
GetBackend() ([]*Backend, error)
GetFrontend() ([]*Frontend, error)
GetFeatureByKey(key string) (*Feature, error)
GetBackendByKey(key string) (*Backend, error)
GetFrontendByKey(key string) (*Frontend, error)
GetPackage() ([]*Package, error)
}
type IFeatureService ¶ added in v0.1.0
type IFeatureService interface {
// AuthBackend authenticates a user for a backend in a domain
AuthBackend(User, Domain, *Backend) error
// AuthFrontend authenticates a user for frontends in a domain
AuthFrontend(User, Domain) []*Frontend
// GetFeature gets all features in a domain
GetFeature(User, Domain) ([]*Feature, error)
// GetFeaturePolicy gets all feature policies in a domain
GetFeaturePolicy(User, Domain) ([]*Policy, error)
// GetFeaturePolicyByRole gets all feature policies in a domain for a specific role
GetFeaturePolicyByRole(User, Domain, Role) ([]*Policy, error)
// ModifyFeaturePolicyPerRole modifies the feature policies in a domain for a specific role
ModifyFeaturePolicyPerRole(User, Domain, Role, []*Policy) error
// ResetFeature resets the features in a domain to their initial state
ResetFeature(Domain) error
}
IFeatureService is the interface that defines the feature-related operations for backends, frontends and policies
type IService ¶ added in v0.1.0
type IService interface {
IBaseService // basic CRUD operations for users, domains, objects and roles
IDirectoryService // directory-related operations for objects and object data
IFeatureService // feature-related operations for backends, frontends and policies
ICurrentService // current user-related operations
}
IService is the interface that defines all the methods for caskin service
type InheritanceEdge ¶ added in v0.1.0
type InheritanceEdge[T constraints.Ordered] struct { U T `json:"u"` V T `json:"v"` }
InheritanceEdge x is node, y is adjacency
func (*InheritanceEdge[T]) Decode ¶ added in v0.1.0
func (i *InheritanceEdge[T]) Decode(in string) error
func (*InheritanceEdge[T]) Encode ¶ added in v0.1.0
func (i *InheritanceEdge[T]) Encode(u, v T) string
type InheritanceGraph ¶ added in v0.1.0
type InheritanceGraph[T constraints.Ordered] map[T][]T
func MergeInheritanceGraph ¶ added in v0.1.0
func MergeInheritanceGraph[T constraints.Ordered](graphs ...InheritanceGraph[T]) InheritanceGraph[T]
func (InheritanceGraph[T]) Sort ¶ added in v0.1.0
func (g InheritanceGraph[T]) Sort() InheritanceGraph[T]
func (InheritanceGraph[T]) TopSort ¶ added in v0.1.0
func (g InheritanceGraph[T]) TopSort() []T
type MetaDB ¶
type MetaDB interface {
Create(any) error
Recover(any) error
Update(any) error
UpsertType(any) UpsertType
Take(any) error
TakeUnscoped(any) error
Find(any, ...any) error
DeleteByID(any, uint64) error
GetUserByID([]uint64) ([]User, error)
GetRoleInDomain(Domain) ([]Role, error)
GetRoleByID([]uint64) ([]Role, error)
GetObjectInDomain(Domain, ...ObjectType) ([]Object, error)
GetObjectByID([]uint64) ([]Object, error)
GetDomainByID([]uint64) ([]Domain, error)
GetAllDomain() ([]Domain, error)
}
type NamedObject ¶ added in v0.1.0
type NamedObject struct {
Name string `json:"name"`
}
NamedObject build in Object for name encode/decode
func (*NamedObject) Decode ¶ added in v0.1.0
func (o *NamedObject) Decode(code string) error
func (*NamedObject) Encode ¶ added in v0.1.0
func (o *NamedObject) Encode() string
func (*NamedObject) GetDomainID ¶ added in v0.1.0
func (o *NamedObject) GetDomainID() uint64
func (*NamedObject) GetID ¶ added in v0.1.0
func (o *NamedObject) GetID() uint64
func (*NamedObject) GetObjectType ¶ added in v0.1.0
func (o *NamedObject) GetObjectType() string
func (*NamedObject) GetParentID ¶ added in v0.1.0
func (o *NamedObject) GetParentID() uint64
func (*NamedObject) SetDomainID ¶ added in v0.1.0
func (o *NamedObject) SetDomainID(uint64)
func (*NamedObject) SetID ¶ added in v0.1.0
func (o *NamedObject) SetID(uint64)
func (*NamedObject) SetParentID ¶ added in v0.1.0
func (o *NamedObject) SetParentID(uint64)
type Object ¶
type Object interface {
GetObjectType() string
// contains filtered or unexported methods
}
type ObjectChildrenGetFunc ¶ added in v0.1.0
type ObjectData ¶
type ObjectDeleteFunc ¶ added in v0.1.0
type ObjectParentAddFunc ¶ added in v0.1.0
type ObjectParentDelFunc ¶ added in v0.1.0
type ObjectParentGetFunc ¶ added in v0.1.0
type Options ¶
type Options struct {
// default caskin option
DefaultSuperadminDomainName string `json:"default_superadmin_domain_name"`
DefaultSuperadminRoleName string `json:"default_superadmin_role_name"`
Dictionary *DictionaryOption `json:"dictionary"`
DB *DBOption `json:"db"`
Watcher *WatcherOption `json:"watcher"`
}
Options configuration for caskin
type Package ¶ added in v0.1.0
type Policy ¶
type Policy struct {
Role Role `json:"role"`
Object Object `json:"object"`
Domain Domain `json:"domain"`
Action Action `json:"action"`
}
Policy tuple of role-object-domain-action
func DiffPolicy ¶
DiffPolicy diff policy source, target list to get add, remove list
type Role ¶
type Role interface {
ObjectData
// contains filtered or unexported methods
}
func GetSuperadminRole ¶ added in v0.1.0
func GetSuperadminRole() Role
type SampleSuperadminDomain ¶ added in v0.1.0
func (*SampleSuperadminDomain) Decode ¶ added in v0.1.0
func (s *SampleSuperadminDomain) Decode(code string) error
func (*SampleSuperadminDomain) Encode ¶ added in v0.1.0
func (s *SampleSuperadminDomain) Encode() string
func (*SampleSuperadminDomain) GetID ¶ added in v0.1.0
func (s *SampleSuperadminDomain) GetID() uint64
func (*SampleSuperadminDomain) SetID ¶ added in v0.1.0
func (s *SampleSuperadminDomain) SetID(uint64)
type SampleSuperadminRole ¶
func (*SampleSuperadminRole) Decode ¶
func (s *SampleSuperadminRole) Decode(code string) error
func (*SampleSuperadminRole) Encode ¶
func (s *SampleSuperadminRole) Encode() string
func (*SampleSuperadminRole) GetDomainID ¶
func (s *SampleSuperadminRole) GetDomainID() uint64
func (*SampleSuperadminRole) GetID ¶
func (s *SampleSuperadminRole) GetID() uint64
func (*SampleSuperadminRole) GetObjectID ¶ added in v0.1.0
func (s *SampleSuperadminRole) GetObjectID() uint64
func (*SampleSuperadminRole) SetDomainID ¶
func (s *SampleSuperadminRole) SetDomainID(uint64)
func (*SampleSuperadminRole) SetID ¶
func (s *SampleSuperadminRole) SetID(uint64)
func (*SampleSuperadminRole) SetObjectID ¶
func (s *SampleSuperadminRole) SetObjectID(uint64)
type UpsertType ¶
type UpsertType string
const ( UpsertTypeCreate UpsertType = "create" UpsertTypeRecover UpsertType = "recover" UpsertTypeUpdate UpsertType = "update" )
type UserRolePair ¶
UserRolePair pair of user and role
Source Files
¶
- casbin.go
- constant.go
- dictionary.go
- dictionary_adaptor.go
- dictionary_model.go
- error.go
- inheritance.go
- metadata.go
- metadata_database.go
- metadata_imp.go
- object_deleter.go
- object_directory.go
- object_updater.go
- options.go
- register.go
- schema.go
- schema_buildin.go
- schema_private.go
- server.go
- server_check.go
- server_current.go
- server_directory.go
- server_domain.go
- server_domain_reset.go
- server_feature.go
- server_feature_reset.go
- server_object.go
- server_object_data.go
- server_policy.go
- server_role.go
- server_role_g.go
- server_superadmin.go
- server_user.go
- server_user_domain.go
- server_user_role.go
- service.go
Directories
Click to show internal directories.
Click to hide internal directories.