rbac

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 24, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package rbac

@author: xwc1125

Package rbac

@author: xwc1125

Package rbac

@author: xwc1125

Package rbac

@author: xwc1125

Index

Constants

View Source 
const (
	PrefixUserID  = "u"
	PrefixRoleID  = "r"
	PrefixGroupID = "g"
	PrefixPermID  = "p"
)
View Source 
const (
	RType = "r"
	PType = "p"
	EType = "e"
	MType = "m"
)
View Source 
const (
	TYPE_MODULE  = 1 // 模块
	TYPE_MENU    = 2 // 菜单
	TYPE_OPERATE = 3 // 操作
)
View Source 
const (
	AbleAccessible = RightType(0) // 可访问
	AbleAuthorize  = RightType(1) // 可授权
)

Variables

View Source 
var (
	DefaultDomain = "default"
)
View Source 
var (
	Separator = ":"
)

Functions

func GetGroupKey 

func GetGroupKey(gid int64) string

func GetPermKey 

func GetPermKey(pid int64) string

func GetRoleKey 

func GetRoleKey(rid int64) string

func GetUserKey 

func GetUserKey(uid int64) string

Types

type Adapter 

type Adapter struct {
	// contains filtered or unexported fields
}

Adapter represents the Gorm adapter for policy storage.

func NewAdapter 

func NewAdapter(driverName string, dataSourceName string, params ...interface{}) (*Adapter, error)

NewAdapter is the constructor for Adapter. Params : databaseName,tableName,dbSpecified 

databaseName,{tableName/dbSpecified}
{database/dbSpecified}

databaseName and tableName are user defined. Their default value are "casbin" and "casbin_rule"

dbSpecified is an optional bool parameter. The default value is false. It's up to whether you have specified an existing DB in dataSourceName. If dbSpecified == true, you need to make sure the DB in dataSourceName exists. If dbSpecified == false, the adapter will automatically create a DB named databaseName.

func NewAdapterByDB 

func NewAdapterByDB(db *gorm.DB) (*Adapter, error)

NewAdapterByDB creates gorm-adapter by an existing Gorm instance

func NewAdapterByDBUseTableName 

func NewAdapterByDBUseTableName(db *gorm.DB, prefix string, tableName string) (*Adapter, error)

NewAdapterByDBUseTableName creates gorm-adapter by an existing Gorm instance and the specified table prefix and table name Example: gormadapter.NewAdapterByDBUseTableName(&db, "cms", "casbin") Automatically generate table name like this "cms_casbin"

func NewAdapterByDBWithCustomTable 

func NewAdapterByDBWithCustomTable(db *gorm.DB, t interface{}, tableName ...string) (*Adapter, error)

func NewAdapterByMulDb 

func NewAdapterByMulDb(dbPool DbPool, dbName string, prefix string, tableName string) (*Adapter, error)

func NewFilteredAdapter 

func NewFilteredAdapter(driverName string, dataSourceName string, params ...interface{}) (*Adapter, error)

NewFilteredAdapter is the constructor for FilteredAdapter. Casbin will not automatically call LoadPolicy() for a filtered adapter.

func (*Adapter) AddLogger 

func (a *Adapter) AddLogger(l logger.Interface)

AddLogger adds logger to db

func (*Adapter) AddPolicies 

func (a *Adapter) AddPolicies(sec string, pType string, rules [][]string) error

AddPolicies adds multiple policy rules to the storage.

func (*Adapter) AddPolicy 

func (a *Adapter) AddPolicy(sec string, pType string, rule []string) error

AddPolicy adds a policy rule to the storage.

func (*Adapter) Close 

func (a *Adapter) Close() error

func (*Adapter) IsFiltered 

func (a *Adapter) IsFiltered() bool

IsFiltered returns true if the loaded policy has been filtered.

func (*Adapter) LoadFilteredPolicy 

func (a *Adapter) LoadFilteredPolicy(model model.Model, filter interface{}) error

LoadFilteredPolicy loads only policy rules that match the filter.

func (*Adapter) LoadPolicy 

func (a *Adapter) LoadPolicy(model model.Model) error

LoadPolicy loads policy from database.

func (*Adapter) Open 

func (a *Adapter) Open() error

func (*Adapter) RemoveFilteredPolicy 

func (a *Adapter) RemoveFilteredPolicy(sec string, pType string, fieldIndex int, fieldValues ...string) error

RemoveFilteredPolicy removes policy rules that match the filter from the storage.

func (*Adapter) RemovePolicies 

func (a *Adapter) RemovePolicies(sec string, pType string, rules [][]string) error

RemovePolicies removes multiple policy rules from the storage.

func (*Adapter) RemovePolicy 

func (a *Adapter) RemovePolicy(sec string, pType string, rule []string) error

RemovePolicy removes a policy rule from the storage.

func (*Adapter) SavePolicy 

func (a *Adapter) SavePolicy(model model.Model) error

SavePolicy saves policy to database.

func (*Adapter) UpdateFilteredPolicies 

func (a *Adapter) UpdateFilteredPolicies(sec string, pType string, newPolicies [][]string, fieldIndex int, fieldValues ...string) ([][]string, error)

func (*Adapter) UpdatePolicies 

func (a *Adapter) UpdatePolicies(sec string, pType string, oldRules, newRules [][]string) error

func (*Adapter) UpdatePolicy 

func (a *Adapter) UpdatePolicy(sec string, pType string, oldRule, newPolicy []string) error

UpdatePolicy updates a new policy rule to DB.

type CasbinRule 

type CasbinRule struct {
	ID    uint   `xorm:"pk autoincr notnull" gorm:"primaryKey;autoIncrement"`
	PType string `xorm:"varchar(100) index not null default ''" gorm:"column:p_type;size:100"`
	V0    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
	V1    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
	V2    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
	V3    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
	V4    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
	V5    string `xorm:"varchar(100) index not null default ''" gorm:"size:100"`
}

CasbinRule casbin规则

func (CasbinRule) TableName 

func (CasbinRule) TableName() string

type DbPool 

type DbPool struct {
	// contains filtered or unexported fields
}

func InitDbResolver 

func InitDbResolver(dbArr []gorm.Dialector, dbNames []string) (DbPool, error)

InitDbResolver multiple databases support Example usage: dbPool,err := InitDbResolver([]gorm.Dialector{mysql.Open(dsn),mysql.Open(dsn2)},[]string{"casbin1","casbin2"}) a := initAdapterWithGormInstanceByMulDb(t,dbPool,"casbin1","","casbin_rule1") a = initAdapterWithGormInstanceByMulDb(t,dbPool,"casbin2","","casbin_rule2")/*

type Filter 

type Filter struct {
	PType []string
	V0    []string
	V1    []string
	V2    []string
	V3    []string
	V4    []string
	V5    []string
}

type Logger 

type Logger struct {
	// contains filtered or unexported fields
}

func (*Logger) EnableLog 

func (l *Logger) EnableLog(enable bool)

func (*Logger) IsEnabled 

func (l *Logger) IsEnabled() bool

func (*Logger) LogEnforce 

func (l *Logger) LogEnforce(matcher string, request []interface{}, result bool, explains [][]string)

func (*Logger) LogModel 

func (l *Logger) LogModel(model [][]string)

func (*Logger) LogPolicy 

func (l *Logger) LogPolicy(policy map[string][][]string)

func (*Logger) LogRole 

func (l *Logger) LogRole(roles []string)
type Menu struct {
	MenuId   int64
	Path     string
	Action   string
	MenuType int64
}

type Owner 

type Owner interface {
	OwnerKey() string
}

type OwnerType 

type OwnerType interface {
	GetOwnerTypeKey() string
	GetOwnerTypeValue() string
}

OwnerType 持有者类型

type Permission 

type Permission struct {
	Id           int64       // 资源ID
	Resource     string      // 资源内容
	ResourceType string      // 资源类型
	Action       string      // 操作动作
	RightType    RightType   // 权限类型
	Extra        interface{} // 扩展内容
}

Permission 资源

type RBAC 

type RBAC struct {
	*casbin.SyncedEnforcer
	// contains filtered or unexported fields
}

func NewRbacByGorm 

func NewRbacByGorm(db *gorm.DB, tablePrefix string, tableName string) (*RBAC, error)

NewRbacByGorm 根据gorm初始化casbin

func NewRbacByGormWithModel 

func NewRbacByGormWithModel(rbacModelOrFile string, db *gorm.DB, tablePrefix string, tableName string) (*RBAC, error)

func NewRbacByXorm 

func NewRbacByXorm(db *xorm.Engine, tablePrefix string, tableName string) (*RBAC, error)

NewRbacByXorm 根据xorm初始化casbin

func NewRbacByXormWithModel 

func NewRbacByXormWithModel(rbacModelOrFile string, db *xorm.Engine, tablePrefix string, tableName string) (*RBAC, error)

func (*RBAC) AddPermissionsForOwner 

func (r *RBAC) AddPermissionsForOwner(pType string, owner Owner, permissions []Permission, domain ...string) (bool, error)

AddPermissionsForOwner 给owner设置资源

func (*RBAC) AddProvidersForOwner 

func (r *RBAC) AddProvidersForOwner(pType string, owner Owner, providers []Owner, domain ...string) (bool, error)

AddProvidersForOwner 给Owner添加提供者

func (*RBAC) DeleteAllProvidersForOwner 

func (r *RBAC) DeleteAllProvidersForOwner(pType string, owner Owner, domain ...string) (bool, error)

DeleteAllProvidersForOwner 删除Owner的所有角色

func (*RBAC) DeleteOwner 

func (r *RBAC) DeleteOwner(pType string, owner Owner, domain ...string) (bool, error)

DeleteOwner 删除用户

func (*RBAC) DeleteOwnerLike 

func (r *RBAC) DeleteOwnerLike(pType string, owner Owner, providerPrefix string, domain ...string) (bool, error)

DeleteOwnerLike 删除带前缀为providerPrefix的用户

func (*RBAC) DeletePermissionsForOwner 

func (r *RBAC) DeletePermissionsForOwner(pType string, owner Owner, params []string, domain ...string) (bool, error)

DeletePermissionsForOwner 删除Owner的资源权限[p] policy_definition规则

func (*RBAC) DeletePolicyForOwner 

func (r *RBAC) DeletePolicyForOwner(pType string, owner Owner, domain ...string) (bool, error)

DeletePolicyForOwner 删除用户对应的权限[g] role_definition规则

func (*RBAC) DeleteProviderForOwner 

func (r *RBAC) DeleteProviderForOwner(pType string, owner Owner, provider Owner, domain ...string) (bool, error)

DeleteProviderForOwner 删除Owner的某个角色

func (*RBAC) DeleteProvidersForOwnerLike 

func (r *RBAC) DeleteProvidersForOwnerLike(pType string, owner Owner, providerPrefix string, domain ...string) (bool, error)

DeleteProvidersForOwnerLike 删除带前缀为providerPrefix的provider

func (*RBAC) DeleteResource 

func (r *RBAC) DeleteResource(pType string, perm Permission, params []string, domain ...string) (bool, error)

func (*RBAC) GetAllResourcesByOwner 

func (r *RBAC) GetAllResourcesByOwner(owner Owner, domain ...string) map[string]interface{}

GetAllResourcesByOwner 通过uid获取用户的所有资源[用于解析权限]

func (*RBAC) GetEnforcer 

func (r *RBAC) GetEnforcer() *casbin.SyncedEnforcer

func (*RBAC) GetOwnersForProvider 

func (r *RBAC) GetOwnersForProvider(pType string, provider Owner, domain ...string) ([]string, error)

GetOwnersForProvider 根据rid获取用户集合

func (*RBAC) GetProvidersForOwner 

func (r *RBAC) GetProvidersForOwner(pType string, owner Owner, domain ...string) ([]string, error)

GetProvidersForOwner 根据Owner获取提供者

func (*RBAC) HasPermission 

func (r *RBAC) HasPermission(owner Owner, path string, method string, extra []string, domain ...string) (bool, error)

HasPermission 检查用户是否有权限【middleware中调用】

func (*RBAC) HasPermission2 

func (r *RBAC) HasPermission2(subject string, resource string, action string, extra []string, domain ...string) (bool, error)

func (*RBAC) HasProviderForOwner 

func (r *RBAC) HasProviderForOwner(pType string, owner Owner, provider Owner, domain ...string) (bool, error)

HasProviderForOwner 判断Owner是否拥有角色

type RightType 

type RightType int64

RightType 权限类型

type RoleDefine 

type RoleDefine struct {
	Sub string `json:"sub"` // 访问资源的用户/角色
	Dom string `json:"dom"` // 域/域租户
	Obj string `json:"obj"` // 要访问的资源/路径
	Act string `json:"act"` // 对资源访问的操作/动作
	Suf string `json:"suf"` // 附加资源
}

RoleDefine 角色定义

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.