tulip

package module

v0.0.0-...-4a7533d Latest Latest Go to latest Published: Oct 15, 2021 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Tulip

A high-performance replacement for Casbin that works solely with Postgres using PGX. It maintains a front-end cache of all policies and keep up-to-date with Postgres via notifications and periodic sync.

Documentation ¶

Index ¶

Constants
func RBACWithDomain(m *Manager, request ...string) bool
type Manager
- func NewManager(conn interface{}, matcher Matcher, opts ...Option) (*Manager, error)
type Matcher
type Option
type Policies

Constants ¶

View Source

const (
	DefaultTableName    = "tulip_rule"
	DefaultDatabaseName = "tulip"
	DefaultTimeout      = time.Second * 10
	DefaultSyncPeriod   = time.Second * 60
)

Variables ¶

This section is empty.

Functions ¶

func RBACWithDomain ¶

func RBACWithDomain(m *Manager, request ...string) bool

RBACWithDomain matcher encapsulates the matching logic of the following casbin model:

r = sub, dom, obj, act
p = sub, dom, obj, act
g = _, _, _
e = some(where (p.eft == allow))
m = (r.sub == p.sub || g(r.sub, p.sub, r.dom)) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

Types ¶

type Manager ¶

type Manager struct {
	// contains filtered or unexported fields
}

Manager manages access control policies.

func NewManager ¶

func NewManager(conn interface{}, matcher Matcher, opts ...Option) (*Manager, error)

NewManager creates a new manager with connection conn which must either be a PostgreSQL connection string or an instance of *pgx.ConnConfig from package github.com/jackc/pgx/v4.

func (*Manager) AddPolicies ¶

func (m *Manager) AddPolicies(pRules, gRules [][]string) error

AddPolicies adds policy rules to the storage.

func (*Manager) AddPolicy ¶

func (m *Manager) AddPolicy(ptype string, rule []string) error

AddPolicy adds a policy rule to the storage.

func (*Manager) Close ¶

func (m *Manager) Close() error

Close closes all connections and stops all goroutines

func (*Manager) Enforce ¶

func (m *Manager) Enforce(request ...string) bool

func (*Manager) Filter ¶

func (m *Manager) Filter(rule ...string) Policies

Filter filters policies

func (*Manager) FilterGroups ¶

func (m *Manager) FilterGroups(rule ...string) Policies

Filter filters grouping policies

func (*Manager) FilterWithGroups ¶

func (m *Manager) FilterWithGroups(policyValueIndex int, groups Policies, groupValueIndex int) Policies

func (*Manager) FindExact ¶

func (m *Manager) FindExact(rule ...string) []string

FindExact finds the policy that match this rule exactly

func (*Manager) GroupingPolicyCount ¶

func (m *Manager) GroupingPolicyCount() int

func (*Manager) LoadPolicies ¶

func (m *Manager) LoadPolicies() error

LoadPolicies loads policies from database.

func (*Manager) PolicyCount ¶

func (m *Manager) PolicyCount() int

func (*Manager) RemoveFilteredPolicies ¶

func (m *Manager) RemoveFilteredPolicies(pPattern, gPattern []string) error

func (*Manager) RemovePolicies ¶

func (m *Manager) RemovePolicies(pRules, gRules [][]string) error

RemovePolicies removes policy rules from the storage.

func (*Manager) RemovePolicy ¶

func (m *Manager) RemovePolicy(ptype string, rule []string) error

RemovePolicy removes a policy rule from the storage.

type Matcher ¶

type Matcher func(m *Manager, request ...string) bool

Matcher encapsulates the logic of matching a query request against internal policies and grouping polcies.

type Option ¶

type Option func(m *Manager)

func WithDatabase ¶

func WithDatabase(dbname string) Option

WithTableName can be used to pass custom database name for Tulip rules

func WithSkipDatabaseCreate ¶

func WithSkipDatabaseCreate() Option

func WithSkipTableCreate ¶

func WithSkipTableCreate() Option

WithSkipTableCreate skips the table creation step when the manager starts If the Tulip rules table does not exist, it will lead to issues when using the manager

func WithSyncInterval ¶

func WithSyncInterval(interval time.Duration) Option

WithSyncInterval specifies a different sync interval for the manager

func WithTableName ¶

func WithTableName(tableName string) Option

WithTableName can be used to pass custom table name for Tulip rules

func WithTimeout ¶

func WithTimeout(timeout time.Duration) Option

WithTimeout specifies a Postgres connection timeout for the manager

func WithZapLogger ¶

func WithZapLogger(logger *zap.Logger) Option

WithZapLogger specifies a logger for the manager

type Policies ¶

type Policies [][]string

Policies represents a list of sortable policies

func (Policies) Filter ¶

func (p Policies) Filter(rule ...string) Policies

func (Policies) Find ¶

func (p Policies) Find(rule []string) []string

func (*Policies) Insert ¶

func (p *Policies) Insert(rule []string)

func (Policies) Len ¶

func (p Policies) Len() int

func (Policies) Less ¶

func (p Policies) Less(i, j int) bool

func (*Policies) Remove ¶

func (p *Policies) Remove(rule []string)

func (Policies) Swap ¶

func (p Policies) Swap(i, j int)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL