rbac

package
v2.87.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2024 License: Apache-2.0 Imports: 2 Imported by: 22

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ConditionalRoleManager added in v2.75.0 

type ConditionalRoleManager interface {
	RoleManager

	// AddLinkConditionFunc Add condition function fn for Link userName->roleName,
	// when fn returns true, Link is valid, otherwise invalid
	AddLinkConditionFunc(userName, roleName string, fn LinkConditionFunc)
	// SetLinkConditionFuncParams Sets the parameters of the condition function fn for Link userName->roleName
	SetLinkConditionFuncParams(userName, roleName string, params ...string)
	// AddDomainLinkConditionFunc Add condition function fn for Link userName-> {roleName, domain},
	// when fn returns true, Link is valid, otherwise invalid
	AddDomainLinkConditionFunc(user string, role string, domain string, fn LinkConditionFunc)
	// SetDomainLinkConditionFuncParams Sets the parameters of the condition function fn
	// for Link userName->{roleName, domain}
	SetDomainLinkConditionFuncParams(user string, role string, domain string, params ...string)
}

ConditionalRoleManager provides interface to define the operations for managing roles. Link with conditions is supported.

type ContextRoleManager added in v2.77.1 

type ContextRoleManager interface {
	RoleManager

	// ClearCtx clears all stored data and resets the role manager to the initial state with context.
	ClearCtx(ctx context.Context) error
	// AddLinkCtx adds the inheritance link between two roles. role: name1 and role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	AddLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) error
	// DeleteLinkCtx deletes the inheritance link between two roles. role: name1 and role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	DeleteLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) error
	// HasLinkCtx determines whether a link exists between two roles. role: name1 inherits role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	HasLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) (bool, error)
	// GetRolesCtx gets the roles that a user inherits with context.
	// domain is a prefix to the roles (can be used for other purposes).
	GetRolesCtx(ctx context.Context, name string, domain ...string) ([]string, error)
	// GetUsersCtx gets the users that inherits a role with context.
	// domain is a prefix to the users (can be used for other purposes).
	GetUsersCtx(ctx context.Context, name string, domain ...string) ([]string, error)
	// GetDomainsCtx gets domains that a user has with context.
	GetDomainsCtx(ctx context.Context, name string) ([]string, error)
	// GetAllDomainsCtx gets all domains with context.
	GetAllDomainsCtx(ctx context.Context) ([]string, error)
}

ContextRoleManager provides a context-aware interface to define the operations for managing roles. Prefer this over RoleManager interface for context propagation, which is useful for things like handling request timeouts.

type LinkConditionFunc added in v2.75.0 

type LinkConditionFunc = func(args ...string) (bool, error)

type MatchingFunc added in v2.58.0 

type MatchingFunc func(arg1 string, arg2 string) bool

type RoleManager 

type RoleManager interface {
	// Clear clears all stored data and resets the role manager to the initial state.
	Clear() error
	// AddLink adds the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	AddLink(name1 string, name2 string, domain ...string) error
	// Deprecated: BuildRelationship is no longer required
	BuildRelationship(name1 string, name2 string, domain ...string) error
	// DeleteLink deletes the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	DeleteLink(name1 string, name2 string, domain ...string) error
	// HasLink determines whether a link exists between two roles. role: name1 inherits role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	HasLink(name1 string, name2 string, domain ...string) (bool, error)
	// GetRoles gets the roles that a user inherits.
	// domain is a prefix to the roles (can be used for other purposes).
	GetRoles(name string, domain ...string) ([]string, error)
	// GetUsers gets the users that inherits a role.
	// domain is a prefix to the users (can be used for other purposes).
	GetUsers(name string, domain ...string) ([]string, error)
	// GetDomains gets domains that a user has
	GetDomains(name string) ([]string, error)
	// GetAllDomains gets all domains
	GetAllDomains() ([]string, error)
	// PrintRoles prints all the roles to log.
	PrintRoles() error
	// SetLogger sets role manager's logger.
	SetLogger(logger log.Logger)
	// Match matches the domain with the pattern
	Match(str string, pattern string) bool
	// AddMatchingFunc adds the matching function
	AddMatchingFunc(name string, fn MatchingFunc)
	// AddDomainMatchingFunc adds the domain matching function
	AddDomainMatchingFunc(name string, fn MatchingFunc)
}

RoleManager provides interface to define the operations for managing roles.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.