Documentation ¶
Index ¶
- func NewModel(text ...string) model.Model
- type CachedEnforcer
- type Enforcer
- func (e *Enforcer) AddFunction(name string, function func(args ...interface{}) (interface{}, error))
- func (e *Enforcer) AddGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) AddNamedGroupingPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) AddNamedPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) AddPermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) AddPolicy(params ...interface{}) bool
- func (e *Enforcer) AddPolicySafe(params ...interface{}) (result bool, err error)
- func (e *Enforcer) AddRoleForUser(user string, role string) bool
- func (e *Enforcer) AddRoleForUserInDomain(user string, role string, domain string) bool
- func (e *Enforcer) BuildRoleLinks()
- func (e *Enforcer) ClearPolicy()
- func (e *Enforcer) DeletePermission(permission ...string) bool
- func (e *Enforcer) DeletePermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) DeletePermissionsForUser(user string) bool
- func (e *Enforcer) DeleteRole(role string)
- func (e *Enforcer) DeleteRoleForUser(user string, role string) bool
- func (e *Enforcer) DeleteRoleForUserInDomain(user string, role string, domain string) bool
- func (e *Enforcer) DeleteRolesForUser(user string) bool
- func (e *Enforcer) DeleteUser(user string) bool
- func (e *Enforcer) EnableAutoBuildRoleLinks(autoBuildRoleLinks bool)
- func (e *Enforcer) EnableAutoSave(autoSave bool)
- func (e *Enforcer) EnableEnforce(enable bool)
- func (e *Enforcer) EnableLog(enable bool)
- func (e *Enforcer) Enforce(rvals ...interface{}) bool
- func (e *Enforcer) EnforceSafe(rvals ...interface{}) (result bool, err error)
- func (e *Enforcer) GetAdapter() persist.Adapter
- func (e *Enforcer) GetAllActions() []string
- func (e *Enforcer) GetAllNamedActions(ptype string) []string
- func (e *Enforcer) GetAllNamedObjects(ptype string) []string
- func (e *Enforcer) GetAllNamedRoles(ptype string) []string
- func (e *Enforcer) GetAllNamedSubjects(ptype string) []string
- func (e *Enforcer) GetAllObjects() []string
- func (e *Enforcer) GetAllRoles() []string
- func (e *Enforcer) GetAllSubjects() []string
- func (e *Enforcer) GetFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetFilteredPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *Enforcer) GetGroupingPolicy() [][]string
- func (e *Enforcer) GetImplicitPermissionsForUser(user string) [][]string
- func (e *Enforcer) GetImplicitRolesForUser(name string) []string
- func (e *Enforcer) GetModel() model.Model
- func (e *Enforcer) GetNamedGroupingPolicy(ptype string) [][]string
- func (e *Enforcer) GetNamedPolicy(ptype string) [][]string
- func (e *Enforcer) GetPermissionsForUser(user string) [][]string
- func (e *Enforcer) GetPermissionsForUserInDomain(user string, domain string) [][]string
- func (e *Enforcer) GetPolicy() [][]string
- func (e *Enforcer) GetRolesForUser(name string) []string
- func (e *Enforcer) GetRolesForUserInDomain(name string, domain string) []string
- func (e *Enforcer) GetUsersForRole(name string) []string
- func (e *Enforcer) HasGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) HasNamedGroupingPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) HasNamedPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) HasPermissionForUser(user string, permission ...string) bool
- func (e *Enforcer) HasPolicy(params ...interface{}) bool
- func (e *Enforcer) HasRoleForUser(name string, role string) bool
- func (e *Enforcer) InitWithAdapter(modelPath string, adapter persist.Adapter)
- func (e *Enforcer) InitWithFile(modelPath string, policyPath string)
- func (e *Enforcer) InitWithModelAndAdapter(m model.Model, adapter persist.Adapter)
- func (e *Enforcer) IsFiltered() bool
- func (e *Enforcer) LoadFilteredPolicy(filter interface{}) error
- func (e *Enforcer) LoadModel()
- func (e *Enforcer) LoadModelSafe() (err error)
- func (e *Enforcer) LoadPolicy() error
- func (e *Enforcer) RemoveFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveFilteredPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *Enforcer) RemoveFilteredPolicySafe(fieldIndex int, fieldValues ...string) (result bool, err error)
- func (e *Enforcer) RemoveGroupingPolicy(params ...interface{}) bool
- func (e *Enforcer) RemoveNamedGroupingPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) RemoveNamedPolicy(ptype string, params ...interface{}) bool
- func (e *Enforcer) RemovePolicy(params ...interface{}) bool
- func (e *Enforcer) RemovePolicySafe(params ...interface{}) (result bool, err error)
- func (e *Enforcer) SavePolicy() error
- func (e *Enforcer) SetAdapter(adapter persist.Adapter)
- func (e *Enforcer) SetEffector(eft effect.Effector)
- func (e *Enforcer) SetModel(m model.Model)
- func (e *Enforcer) SetRoleManager(rm rbac.RoleManager)
- func (e *Enforcer) SetWatcher(watcher persist.Watcher)
- type SyncedEnforcer
- func (e *SyncedEnforcer) AddGroupingPolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) AddPermissionForUser(user string, permission ...string) bool
- func (e *SyncedEnforcer) AddPolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) AddRoleForUser(user string, role string) bool
- func (e *SyncedEnforcer) BuildRoleLinks()
- func (e *SyncedEnforcer) ClearPolicy()
- func (e *SyncedEnforcer) DeletePermission(permission ...string) bool
- func (e *SyncedEnforcer) DeletePermissionForUser(user string, permission ...string) bool
- func (e *SyncedEnforcer) DeletePermissionsForUser(user string) bool
- func (e *SyncedEnforcer) DeleteRole(role string)
- func (e *SyncedEnforcer) DeleteRoleForUser(user string, role string) bool
- func (e *SyncedEnforcer) DeleteRolesForUser(user string) bool
- func (e *SyncedEnforcer) DeleteUser(user string) bool
- func (e *SyncedEnforcer) Enforce(rvals ...interface{}) bool
- func (e *SyncedEnforcer) GetAllActions() []string
- func (e *SyncedEnforcer) GetAllObjects() []string
- func (e *SyncedEnforcer) GetAllRoles() []string
- func (e *SyncedEnforcer) GetAllSubjects() []string
- func (e *SyncedEnforcer) GetFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *SyncedEnforcer) GetFilteredPolicy(fieldIndex int, fieldValues ...string) [][]string
- func (e *SyncedEnforcer) GetGroupingPolicy() [][]string
- func (e *SyncedEnforcer) GetPermissionsForUser(user string) [][]string
- func (e *SyncedEnforcer) GetPolicy() [][]string
- func (e *SyncedEnforcer) GetRolesForUser(name string) []string
- func (e *SyncedEnforcer) GetUsersForRole(name string) []string
- func (e *SyncedEnforcer) HasGroupingPolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) HasPermissionForUser(user string, permission ...string) bool
- func (e *SyncedEnforcer) HasPolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) HasRoleForUser(name string, role string) bool
- func (e *SyncedEnforcer) LoadPolicy() error
- func (e *SyncedEnforcer) RemoveFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *SyncedEnforcer) RemoveFilteredPolicy(fieldIndex int, fieldValues ...string) bool
- func (e *SyncedEnforcer) RemoveGroupingPolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) RemovePolicy(params ...interface{}) bool
- func (e *SyncedEnforcer) SavePolicy() error
- func (e *SyncedEnforcer) SetWatcher(watcher persist.Watcher)
- func (e *SyncedEnforcer) StartAutoLoadPolicy(d time.Duration)
- func (e *SyncedEnforcer) StopAutoLoadPolicy()
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CachedEnforcer ¶ added in v1.6.0
type CachedEnforcer struct { *Enforcer // contains filtered or unexported fields }
CachedEnforcer wraps Enforcer and provides decision cache
func NewCachedEnforcer ¶ added in v1.6.0
func NewCachedEnforcer(params ...interface{}) *CachedEnforcer
NewCachedEnforcer creates a cached enforcer via file or DB.
func (*CachedEnforcer) EnableCache ¶ added in v1.6.0
func (e *CachedEnforcer) EnableCache(enableCache bool)
EnableCache determines whether to enable cache on Enforce(). When enableCache is enabled, cached result (true | false) will be returned for previous decisions.
func (*CachedEnforcer) Enforce ¶ added in v1.6.0
func (e *CachedEnforcer) Enforce(rvals ...interface{}) bool
Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act). if rvals is not string , ingore the cache
func (*CachedEnforcer) InvalidateCache ¶ added in v1.6.0
func (e *CachedEnforcer) InvalidateCache()
InvalidateCache deletes all the existing cached decisions.
type Enforcer ¶
type Enforcer struct {
// contains filtered or unexported fields
}
Enforcer is the main interface for authorization enforcement and policy management.
func NewEnforcer ¶
func NewEnforcer(params ...interface{}) *Enforcer
NewEnforcer creates an enforcer via file or DB. File: e := casbin.NewEnforcer("path/to/basic_model.conf", "path/to/basic_policy.csv") MySQL DB: a := mysqladapter.NewDBAdapter("mysql", "mysql_username:mysql_password@tcp(127.0.0.1:3306)/") e := casbin.NewEnforcer("path/to/basic_model.conf", a)
func NewEnforcerSafe ¶
NewEnforcerSafe calls NewEnforcer in a safe way, returns error instead of causing panic.
func (*Enforcer) AddFunction ¶
func (e *Enforcer) AddFunction(name string, function func(args ...interface{}) (interface{}, error))
AddFunction adds a customized function.
func (*Enforcer) AddGroupingPolicy ¶
AddGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddNamedGroupingPolicy ¶ added in v1.1.0
AddNamedGroupingPolicy adds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddNamedPolicy ¶ added in v1.1.0
AddNamedPolicy adds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddPermissionForUser ¶
AddPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).
func (*Enforcer) AddPolicy ¶
AddPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*Enforcer) AddPolicySafe ¶ added in v1.3.0
AddPolicySafe calls AddPolicy in a safe way, returns error instead of causing panic.
func (*Enforcer) AddRoleForUser ¶
AddRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).
func (*Enforcer) AddRoleForUserInDomain ¶
AddRoleForUserInDomain adds a role for a user inside a domain. Returns false if the user already has the role (aka not affected).
func (*Enforcer) BuildRoleLinks ¶ added in v1.1.0
func (e *Enforcer) BuildRoleLinks()
BuildRoleLinks manually rebuild the role inheritance relations.
func (*Enforcer) DeletePermission ¶
DeletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).
func (*Enforcer) DeletePermissionForUser ¶
DeletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).
func (*Enforcer) DeletePermissionsForUser ¶
DeletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).
func (*Enforcer) DeleteRoleForUser ¶
DeleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).
func (*Enforcer) DeleteRoleForUserInDomain ¶
DeleteRoleForUserInDomain deletes a role for a user inside a domain. Returns false if the user does not have the role (aka not affected).
func (*Enforcer) DeleteRolesForUser ¶
DeleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).
func (*Enforcer) DeleteUser ¶
DeleteUser deletes a user. Returns false if the user does not exist (aka not affected).
func (*Enforcer) EnableAutoBuildRoleLinks ¶ added in v1.1.0
EnableAutoBuildRoleLinks controls whether to rebuild the role inheritance relations when a role is added or deleted.
func (*Enforcer) EnableAutoSave ¶
EnableAutoSave controls whether to save a policy rule automatically to the adapter when it is added or removed.
func (*Enforcer) EnableEnforce ¶
EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, all access will be allowed by the Enforce() function.
func (*Enforcer) Enforce ¶
Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
func (*Enforcer) EnforceSafe ¶
EnforceSafe calls Enforce in a safe way, returns error instead of causing panic.
func (*Enforcer) GetAdapter ¶
GetAdapter gets the current adapter.
func (*Enforcer) GetAllActions ¶
GetAllActions gets the list of actions that show up in the current policy.
func (*Enforcer) GetAllNamedActions ¶ added in v1.1.0
GetAllNamedActions gets the list of actions that show up in the current named policy.
func (*Enforcer) GetAllNamedObjects ¶ added in v1.1.0
GetAllNamedObjects gets the list of objects that show up in the current named policy.
func (*Enforcer) GetAllNamedRoles ¶ added in v1.1.0
GetAllNamedRoles gets the list of roles that show up in the current named policy.
func (*Enforcer) GetAllNamedSubjects ¶ added in v1.1.0
GetAllNamedSubjects gets the list of subjects that show up in the current named policy.
func (*Enforcer) GetAllObjects ¶
GetAllObjects gets the list of objects that show up in the current policy.
func (*Enforcer) GetAllRoles ¶
GetAllRoles gets the list of roles that show up in the current policy.
func (*Enforcer) GetAllSubjects ¶
GetAllSubjects gets the list of subjects that show up in the current policy.
func (*Enforcer) GetFilteredGroupingPolicy ¶
GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
func (*Enforcer) GetFilteredNamedGroupingPolicy ¶ added in v1.1.0
func (e *Enforcer) GetFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string
GetFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
func (*Enforcer) GetFilteredNamedPolicy ¶ added in v1.1.0
func (e *Enforcer) GetFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) [][]string
GetFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified.
func (*Enforcer) GetFilteredPolicy ¶
GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
func (*Enforcer) GetGroupingPolicy ¶
GetGroupingPolicy gets all the role inheritance rules in the policy.
func (*Enforcer) GetImplicitPermissionsForUser ¶ added in v1.7.0
GetImplicitPermissionsForUser gets implicit permissions for a user or role. Compared to GetPermissionsForUser(), this function retrieves permissions for inherited roles. For example: p, admin, data1, read p, alice, data2, read g, alice, admin
GetPermissionsForUser("alice") can only get: [["alice", "data2", "read"]]. But GetImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].
func (*Enforcer) GetImplicitRolesForUser ¶ added in v1.7.0
GetImplicitRolesForUser gets implicit roles that a user has. Compared to GetRolesForUser(), this function retrieves indirect roles besides direct roles. For example: g, alice, role:admin g, role:admin, role:user
GetRolesForUser("alice") can only get: ["role:admin"]. But GetImplicitRolesForUser("alice") will get: ["role:admin", "role:user"].
func (*Enforcer) GetNamedGroupingPolicy ¶ added in v1.1.0
GetNamedGroupingPolicy gets all the role inheritance rules in the policy.
func (*Enforcer) GetNamedPolicy ¶ added in v1.1.0
GetNamedPolicy gets all the authorization rules in the named policy.
func (*Enforcer) GetPermissionsForUser ¶
GetPermissionsForUser gets permissions for a user or role.
func (*Enforcer) GetPermissionsForUserInDomain ¶
GetPermissionsForUserInDomain gets permissions for a user or role inside a domain.
func (*Enforcer) GetRolesForUser ¶
GetRolesForUser gets the roles that a user has.
func (*Enforcer) GetRolesForUserInDomain ¶
GetRolesForUserInDomain gets the roles that a user has inside a domain.
func (*Enforcer) GetUsersForRole ¶
GetUsersForRole gets the users that has a role.
func (*Enforcer) HasGroupingPolicy ¶
HasGroupingPolicy determines whether a role inheritance rule exists.
func (*Enforcer) HasNamedGroupingPolicy ¶ added in v1.1.0
HasNamedGroupingPolicy determines whether a named role inheritance rule exists.
func (*Enforcer) HasNamedPolicy ¶ added in v1.1.0
HasNamedPolicy determines whether a named authorization rule exists.
func (*Enforcer) HasPermissionForUser ¶
HasPermissionForUser determines whether a user has a permission.
func (*Enforcer) HasRoleForUser ¶
HasRoleForUser determines whether a user has a role.
func (*Enforcer) InitWithAdapter ¶
InitWithAdapter initializes an enforcer with a database adapter.
func (*Enforcer) InitWithFile ¶
InitWithFile initializes an enforcer with a model file and a policy file.
func (*Enforcer) InitWithModelAndAdapter ¶
InitWithModelAndAdapter initializes an enforcer with a model and a database adapter.
func (*Enforcer) IsFiltered ¶ added in v1.5.0
IsFiltered returns true if the loaded policy has been filtered.
func (*Enforcer) LoadFilteredPolicy ¶ added in v1.5.0
LoadFilteredPolicy reloads a filtered policy from file/database.
func (*Enforcer) LoadModel ¶
func (e *Enforcer) LoadModel()
LoadModel reloads the model from the model CONF file. Because the policy is attached to a model, so the policy is invalidated and needs to be reloaded by calling LoadPolicy().
func (*Enforcer) LoadModelSafe ¶
LoadModelSafe calls LoadModel in a safe way, returns error instead of causing panic.
func (*Enforcer) LoadPolicy ¶
LoadPolicy reloads the policy from file/database.
func (*Enforcer) RemoveFilteredGroupingPolicy ¶
RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.
func (*Enforcer) RemoveFilteredNamedGroupingPolicy ¶ added in v1.1.0
func (e *Enforcer) RemoveFilteredNamedGroupingPolicy(ptype string, fieldIndex int, fieldValues ...string) bool
RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.
func (*Enforcer) RemoveFilteredNamedPolicy ¶ added in v1.1.0
func (e *Enforcer) RemoveFilteredNamedPolicy(ptype string, fieldIndex int, fieldValues ...string) bool
RemoveFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified.
func (*Enforcer) RemoveFilteredPolicy ¶
RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.
func (*Enforcer) RemoveFilteredPolicySafe ¶ added in v1.3.0
func (e *Enforcer) RemoveFilteredPolicySafe(fieldIndex int, fieldValues ...string) (result bool, err error)
RemoveFilteredPolicySafe calls RemoveFilteredPolicy in a safe way, returns error instead of causing panic.
func (*Enforcer) RemoveGroupingPolicy ¶
RemoveGroupingPolicy removes a role inheritance rule from the current policy.
func (*Enforcer) RemoveNamedGroupingPolicy ¶ added in v1.1.0
RemoveNamedGroupingPolicy removes a role inheritance rule from the current named policy.
func (*Enforcer) RemoveNamedPolicy ¶ added in v1.1.0
RemoveNamedPolicy removes an authorization rule from the current named policy.
func (*Enforcer) RemovePolicy ¶
RemovePolicy removes an authorization rule from the current policy.
func (*Enforcer) RemovePolicySafe ¶ added in v1.3.0
RemovePolicySafe calls RemovePolicy in a safe way, returns error instead of causing panic.
func (*Enforcer) SavePolicy ¶
SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.
func (*Enforcer) SetAdapter ¶
SetAdapter sets the current adapter.
func (*Enforcer) SetEffector ¶ added in v1.5.0
SetEffector sets the current effector.
func (*Enforcer) SetRoleManager ¶
func (e *Enforcer) SetRoleManager(rm rbac.RoleManager)
SetRoleManager sets the current role manager.
func (*Enforcer) SetWatcher ¶ added in v1.2.0
SetWatcher sets the current watcher.
type SyncedEnforcer ¶ added in v1.1.0
type SyncedEnforcer struct { *Enforcer // contains filtered or unexported fields }
SyncedEnforcer wraps Enforcer and provides synchronized access
func NewSyncedEnforcer ¶ added in v1.1.0
func NewSyncedEnforcer(params ...interface{}) *SyncedEnforcer
NewSyncedEnforcer creates a synchronized enforcer via file or DB.
func (*SyncedEnforcer) AddGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) AddGroupingPolicy(params ...interface{}) bool
AddGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*SyncedEnforcer) AddPermissionForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) AddPermissionForUser(user string, permission ...string) bool
AddPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).
func (*SyncedEnforcer) AddPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) AddPolicy(params ...interface{}) bool
AddPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
func (*SyncedEnforcer) AddRoleForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) AddRoleForUser(user string, role string) bool
AddRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).
func (*SyncedEnforcer) BuildRoleLinks ¶ added in v1.4.0
func (e *SyncedEnforcer) BuildRoleLinks()
BuildRoleLinks manually rebuild the role inheritance relations.
func (*SyncedEnforcer) ClearPolicy ¶ added in v1.4.0
func (e *SyncedEnforcer) ClearPolicy()
ClearPolicy clears all policy.
func (*SyncedEnforcer) DeletePermission ¶ added in v1.4.0
func (e *SyncedEnforcer) DeletePermission(permission ...string) bool
DeletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).
func (*SyncedEnforcer) DeletePermissionForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) DeletePermissionForUser(user string, permission ...string) bool
DeletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).
func (*SyncedEnforcer) DeletePermissionsForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) DeletePermissionsForUser(user string) bool
DeletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).
func (*SyncedEnforcer) DeleteRole ¶ added in v1.4.0
func (e *SyncedEnforcer) DeleteRole(role string)
DeleteRole deletes a role.
func (*SyncedEnforcer) DeleteRoleForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) DeleteRoleForUser(user string, role string) bool
DeleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).
func (*SyncedEnforcer) DeleteRolesForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) DeleteRolesForUser(user string) bool
DeleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).
func (*SyncedEnforcer) DeleteUser ¶ added in v1.4.0
func (e *SyncedEnforcer) DeleteUser(user string) bool
DeleteUser deletes a user. Returns false if the user does not exist (aka not affected).
func (*SyncedEnforcer) Enforce ¶ added in v1.1.0
func (e *SyncedEnforcer) Enforce(rvals ...interface{}) bool
Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
func (*SyncedEnforcer) GetAllActions ¶ added in v1.1.0
func (e *SyncedEnforcer) GetAllActions() []string
GetAllActions gets the list of actions that show up in the current policy.
func (*SyncedEnforcer) GetAllObjects ¶ added in v1.1.0
func (e *SyncedEnforcer) GetAllObjects() []string
GetAllObjects gets the list of objects that show up in the current policy.
func (*SyncedEnforcer) GetAllRoles ¶ added in v1.1.0
func (e *SyncedEnforcer) GetAllRoles() []string
GetAllRoles gets the list of roles that show up in the current policy.
func (*SyncedEnforcer) GetAllSubjects ¶ added in v1.1.0
func (e *SyncedEnforcer) GetAllSubjects() []string
GetAllSubjects gets the list of subjects that show up in the current policy.
func (*SyncedEnforcer) GetFilteredGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) GetFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) [][]string
GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
func (*SyncedEnforcer) GetFilteredPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) GetFilteredPolicy(fieldIndex int, fieldValues ...string) [][]string
GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
func (*SyncedEnforcer) GetGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) GetGroupingPolicy() [][]string
GetGroupingPolicy gets all the role inheritance rules in the policy.
func (*SyncedEnforcer) GetPermissionsForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) GetPermissionsForUser(user string) [][]string
GetPermissionsForUser gets permissions for a user or role.
func (*SyncedEnforcer) GetPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) GetPolicy() [][]string
GetPolicy gets all the authorization rules in the policy.
func (*SyncedEnforcer) GetRolesForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) GetRolesForUser(name string) []string
GetRolesForUser gets the roles that a user has.
func (*SyncedEnforcer) GetUsersForRole ¶ added in v1.4.0
func (e *SyncedEnforcer) GetUsersForRole(name string) []string
GetUsersForRole gets the users that has a role.
func (*SyncedEnforcer) HasGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) HasGroupingPolicy(params ...interface{}) bool
HasGroupingPolicy determines whether a role inheritance rule exists.
func (*SyncedEnforcer) HasPermissionForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) HasPermissionForUser(user string, permission ...string) bool
HasPermissionForUser determines whether a user has a permission.
func (*SyncedEnforcer) HasPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) HasPolicy(params ...interface{}) bool
HasPolicy determines whether an authorization rule exists.
func (*SyncedEnforcer) HasRoleForUser ¶ added in v1.4.0
func (e *SyncedEnforcer) HasRoleForUser(name string, role string) bool
HasRoleForUser determines whether a user has a role.
func (*SyncedEnforcer) LoadPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) LoadPolicy() error
LoadPolicy reloads the policy from file/database.
func (*SyncedEnforcer) RemoveFilteredGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) RemoveFilteredGroupingPolicy(fieldIndex int, fieldValues ...string) bool
RemoveFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.
func (*SyncedEnforcer) RemoveFilteredPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) RemoveFilteredPolicy(fieldIndex int, fieldValues ...string) bool
RemoveFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.
func (*SyncedEnforcer) RemoveGroupingPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) RemoveGroupingPolicy(params ...interface{}) bool
RemoveGroupingPolicy removes a role inheritance rule from the current policy.
func (*SyncedEnforcer) RemovePolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) RemovePolicy(params ...interface{}) bool
RemovePolicy removes an authorization rule from the current policy.
func (*SyncedEnforcer) SavePolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) SavePolicy() error
SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.
func (*SyncedEnforcer) SetWatcher ¶ added in v1.4.0
func (e *SyncedEnforcer) SetWatcher(watcher persist.Watcher)
SetWatcher sets the current watcher.
func (*SyncedEnforcer) StartAutoLoadPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) StartAutoLoadPolicy(d time.Duration)
StartAutoLoadPolicy starts a go routine that will every specified duration call LoadPolicy
func (*SyncedEnforcer) StopAutoLoadPolicy ¶ added in v1.1.0
func (e *SyncedEnforcer) StopAutoLoadPolicy()
StopAutoLoadPolicy causes the go routine to exit.