Documentation ¶
Index ¶
Constants ¶
const (
DefaultPermissionSeparator = ":"
)
Variables ¶
var OptionsDefault = Options{ Logic: AND, PermissionParser: PermissionParserWithSeparator(DefaultPermissionSeparator), PermissionSeparator: DefaultPermissionSeparator, Unauthorized: func(ctx context.Context, c *app.RequestContext) { c.AbortWithStatus(consts.StatusUnauthorized) }, Forbidden: func(ctx context.Context, c *app.RequestContext) { c.AbortWithStatus(consts.StatusForbidden) }, }
Functions ¶
This section is empty.
Types ¶
type Logic ¶
type Logic int
Logic is the logical operation (AND/OR) used in permission checks in case multiple permissions or roles are specified.
type LookupHandler ¶
type LookupHandler func(ctx context.Context, c *app.RequestContext) string
LookupHandler is used to look up current subject in runtime. If it can not find anything, just return an empty string.
type Middleware ¶
type Middleware struct {
// contains filtered or unexported fields
}
func NewCasbinMiddleware ¶
func NewCasbinMiddleware(modelFile string, adapter interface{}, lookup LookupHandler) (*Middleware, error)
NewCasbinMiddleware returns a new Middleware using Casbin's Enforcer internally.
modelFile is the file path to Casbin model file e.g. path/to/rbac_model.conf. adapter can be a file or a DB adapter. lookup is a function that looks up the current subject in runtime and returns an empty string if nothing found.
func NewCasbinMiddlewareFromEnforcer ¶
func NewCasbinMiddlewareFromEnforcer(e casbin.IEnforcer, lookup LookupHandler) (*Middleware, error)
NewCasbinMiddlewareFromEnforcer creates from given Enforcer.
func (*Middleware) RequiresPermissions ¶
func (m *Middleware) RequiresPermissions(expression string, opts ...Option) app.HandlerFunc
RequiresPermissions tries to find the current subject and determine if the subject has the required permissions according to predefined Casbin policies.
func (*Middleware) RequiresRoles ¶
func (m *Middleware) RequiresRoles(expression string, opts ...Option) app.HandlerFunc
RequiresRoles tries to find the current subject and determine if the subject has the required roles according to predefined Casbin policies.
type Option ¶
type Option struct {
F func(o *Options)
}
Option is the only struct that can be used to set Options.
func WithForbidden ¶
func WithForbidden(f app.HandlerFunc) Option
WithForbidden defines the response body for forbidden responses.
func WithPermissionParser ¶
func WithPermissionParser(pp PermissionParserFunc) Option
WithPermissionParser sets parsing the permission func. Attention: It is only enabled when logic is `AND` or `OR`
func WithPermissionParserSeparator ¶
WithPermissionParserSeparator sets permission parsing separator
func WithUnauthorized ¶
func WithUnauthorized(u app.HandlerFunc) Option
WithUnauthorized defines the response body for unauthorized responses.
type Options ¶
type Options struct { // Logic is the logical operation (AND/OR) used in permission checks // in case multiple permissions or roles are specified. // Optional. Default: AND Logic Logic // PermissionParserFunc is used for parsing the permission // to extract object and action usually // Optional. Default: PermissionParserWithSeparator(":") PermissionParser PermissionParserFunc // PermissionSeparator permission parsing separator PermissionSeparator string // Optional. Default: func(ctx context.Context, c *app.RequestContext) { // c.AbortWithStatus(consts.StatusUnauthorized) // }, Unauthorized app.HandlerFunc // Forbidden defines the response body for forbidden responses. // Optional. Default: func(ctx context.Context, c *app.RequestContext) { // c.AbortWithStatus(consts.StatusForbidden) // }, Forbidden app.HandlerFunc }
func NewOptions ¶
type PermissionParserFunc ¶
PermissionParserFunc is used for parsing the permission to extract object and action usually
func PermissionParserWithSeparator ¶
func PermissionParserWithSeparator(sep string) PermissionParserFunc
PermissionParserWithSeparator is a permission parser with separator.