README
¶
chakra
chakra allows you to easily add resource/operation based access control to https://github.com/pressly/chi
You can define any access control rules you want as a middleware - chakra will make sure they are checked.
Forcing security as you code with minimum overhead
chakra will:
- build resource routes (identifiers) for your access checks
- inject access control right before the last handlers in chain - not optional
- not let you run your code without providing access control function - it will panic
- not let you create new router without providing the next part of resource route or explicitly telling it to use parent one - it will panic
It's not airtight - you can still escape the added security, but it requires more effort than being secure. You can write a buggy access control function too - it can't help with that - but at least you won't forget to use it.
How to use it?
Almost exactly the same way you'd use chi
chi without access control
r := chi.NewRouter()
r.Mount("/api", func(r chi.Router){
r = chi.NewRouter()
r.Post("/endpoint1", handler1)
...
})
chakra - chi with access control
chakra.SetAC(myAccessControlRules) // you only do this once
r := chakra.NewRouter(chakra.UseParentRoute)
r.Mount("/api", func(r chi.Router){
r = chakra.NewRouter("secure_api")
r.Post("/endpoint1", handler1)
...
})
And you are DONE! - myAccessControlRules will be called right before handler1 to check permissions to POST to {"secure_api", "endpoint1"} resource
Examples
Example access control function
Credits
- Peter Kieltyka for https://github.com/pressly/chi
- Pressly
TODO
- More examples
- A lot of unit tests (and then some!)
Contributions are always welcome - fork it, do your thing, open a pull request!
License
Copyright (c) 2015 Maciej Lisiewski
Licensed under MIT License
Documentation
¶
Index ¶
- Constants
- func Route(part string) func(chi.Handler) chi.Handler
- func SetAC(fn func(chi.Handler) chi.Handler)
- type Mux
- func (r *Mux) Connect(pattern string, handlers ...interface{})
- func (r *Mux) Delete(pattern string, handlers ...interface{})
- func (r *Mux) Get(pattern string, handlers ...interface{})
- func (r *Mux) Group(fn func(r chi.Router)) chi.Router
- func (r *Mux) Handle(pattern string, handlers ...interface{})
- func (r *Mux) Head(pattern string, handlers ...interface{})
- func (r *Mux) Mount(path string, handlers ...interface{})
- func (r *Mux) Options(pattern string, handlers ...interface{})
- func (r *Mux) Patch(pattern string, handlers ...interface{})
- func (r *Mux) Post(pattern string, handlers ...interface{})
- func (r *Mux) Put(pattern string, handlers ...interface{})
- func (r *Mux) Route(pattern string, fn func(r chi.Router)) chi.Router
- func (r *Mux) Trace(pattern string, handlers ...interface{})
- func (r *Mux) Use(middlewares ...interface{})
Constants ¶
const UseParentRoute = "#"
UseParentRoute passed as route to NewRouter results in nothing being added to acl.route on subrouter creation - parent route is used instead
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Mux ¶
Mux implements chi.Router and makes access control with chi a bit easier
func NewRouter ¶
NewRouter creates new chakra Mux and appends its route to acl.route, unless the passed route is chakra.UseParentRoute.
func (*Mux) Connect ¶
Connect is a wrapper of chi.Connect for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Delete ¶
Delete is a wrapper of chi.Delete for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Get ¶
Get is a wrapper of chi.Get for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Group ¶
Group is a wrapper of chi.Group for chakra.Mux. It works exactly the same as the underlying chi method
func (*Mux) Handle ¶
Handle is a wrapper of chi.Handle for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Head ¶
Head is a wrapper of chi.Head for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Mount ¶
Mount is a wrapper of chi.Mount for chakra.Mux. It works exactly the same as the underlying chi method
func (*Mux) Options ¶
Options is a wrapper of chi.Options for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Patch ¶
Patch is a wrapper of chi.Patch for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Post ¶
Post is a wrapper of chi.Post for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Put ¶
Put a wrapper of chi.Put for chakra.Mux. It appends the pattern passed to it to acl.route and injects access control middleware as penultimate one - just before handler(s)
func (*Mux) Route ¶
Route is a wrapper of chi.Route for chakra.Mux. It works exactly the same as the underlying chi method
Source Files
Directories