The highest tagged major version is v2.

sessionrolemanager

package module

v1.0.0 Latest Latest Go to latest Published: Feb 10, 2018 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/casbin/session-role-manager

Links

Open Source Insights

README ¶

Session Role Manager

Session Role Manager is the Session-based role manager for Casbin. With this library, Casbin can load session-based role hierarchy (user-role mapping) from Casbin policy or save role hierarchy to it. The session is only active in the specified time range.

Installation

go get github.com/casbin/session-role-manager

Simple Example

package main

import (
	"github.com/casbin/casbin"
	"github.com/casbin/casbin/file-adapter"
	"github.com/casbin/session-role-manager"
)

func main() {
	// NewEnforcer(modelPath, policyPath) automatically uses the default
	// role manager when loading policy. So if we want to use a custom
	// role manager, and this role manager relies on Casbin policy,
	// we should manually set the role manager before loading policy.
	e := casbin.NewEnforcer("examples/rbac_model_with_sessions.conf")

	// Manually set an adapter.
	a := fileadapter.NewAdapter("examples/rbac_policy_with_sessions.csv")
	e.SetAdapter(a)

	// Use our role manager.
	rm := sessionrolemanager.NewRoleManager(10)
	e.SetRoleManager(rm)

	// If our role manager relies on Casbin policy (like reading "g"
	// policy rules), then we have to set the role manager before loading
	// policy.
	//
	// Otherwise, we can set the role manager at any time, because role
	// manager has nothing to do with the adapter.
	e.LoadPolicy()
	
	// Check the permission.
	// the 4th arg is the querying time in UNIX time format.
	e.Enforce("alice", "data1", "read", "1508503308708987131")
}

Getting Help

Casbin

License

This project is under Apache 2.0 License. See the LICENSE file for the full license text.

Documentation ¶

Index ¶

func NewRoleManager(maxHierarchyLevel int) rbac.RoleManager
type RoleManager
type Session
type SessionRole

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewRoleManager ¶

func NewRoleManager(maxHierarchyLevel int) rbac.RoleManager

NewRoleManager is the constructor for creating an instance of the SessionRoleManager implementation.

Types ¶

type RoleManager ¶

type RoleManager struct {
	// contains filtered or unexported fields
}

func (*RoleManager) AddLink ¶

func (rm *RoleManager) AddLink(name1 string, name2 string, timeRange ...string) error

AddLink adds the inheritance link between role: name1 and role: name2. aka role: name1 inherits role: name2. timeRange is the time range when the role inheritance link is active.

func (*RoleManager) Clear ¶

func (rm *RoleManager) Clear() error

Clear clears all stored data and resets the role manager to the initial state.

func (*RoleManager) DeleteLink ¶

func (rm *RoleManager) DeleteLink(name1 string, name2 string, unused ...string) error

DeleteLink deletes the inheritance link between role: name1 and role: name2. aka role: name1 does not inherit role: name2 any more. unused is not used.

func (*RoleManager) GetRoles ¶

func (rm *RoleManager) GetRoles(name string, currentTime ...string) ([]string, error)

GetRoles gets the roles that a subject inherits. currentTime is the querying time for the role inheritance link.

func (*RoleManager) GetUsers ¶

func (rm *RoleManager) GetUsers(name string, currentTime ...string) ([]string, error)

GetUsers gets the users that inherits a subject. currentTime is the querying time for the role inheritance link.

func (*RoleManager) HasLink ¶

func (rm *RoleManager) HasLink(name1 string, name2 string, requestTime ...string) (bool, error)

HasLink determines whether role: name1 inherits role: name2. requestTime is the querying time for the role inheritance link.

func (*RoleManager) PrintRoles ¶

func (rm *RoleManager) PrintRoles() error

PrintRoles prints all the roles to log.

type Session ¶

type Session struct {
	// contains filtered or unexported fields
}

Session represents the activation of a role inheritance for a specified time. A role inheritance is always bound to its temporal validity. As soon as a session loses its validity, the corresponding role inheritance becomes invalid too.

type SessionRole ¶

type SessionRole struct {
	// contains filtered or unexported fields
}

SessionRole is a modified version of the default role. A SessionRole not only has a name, but also a list of sessions.

Source Files ¶

View all Source files

role_manager.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL