rbac

package
v2.100.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2025 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ConditionalRoleManager 

type ConditionalRoleManager interface {
	RoleManager

	// AddLinkConditionFunc Add condition function fn for Link userName->roleName,
	// when fn returns true, Link is valid, otherwise invalid
	AddLinkConditionFunc(userName, roleName string, fn LinkConditionFunc)
	// SetLinkConditionFuncParams Sets the parameters of the condition function fn for Link userName->roleName
	SetLinkConditionFuncParams(userName, roleName string, params ...string)
	// AddDomainLinkConditionFunc Add condition function fn for Link userName-> {roleName, domain},
	// when fn returns true, Link is valid, otherwise invalid
	AddDomainLinkConditionFunc(user string, role string, domain string, fn LinkConditionFunc)
	// SetDomainLinkConditionFuncParams Sets the parameters of the condition function fn
	// for Link userName->{roleName, domain}
	SetDomainLinkConditionFuncParams(user string, role string, domain string, params ...string)
}

ConditionalRoleManager provides interface to define the operations for managing roles. Link with conditions is supported.

type ContextRoleManager 

type ContextRoleManager interface {
	RoleManager

	// ClearCtx clears all stored data and resets the role manager to the initial state with context.
	ClearCtx(ctx context.Context) error
	// AddLinkCtx adds the inheritance link between two roles. role: name1 and role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	AddLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) error
	// DeleteLinkCtx deletes the inheritance link between two roles. role: name1 and role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	DeleteLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) error
	// HasLinkCtx determines whether a link exists between two roles. role: name1 inherits role: name2 with context.
	// domain is a prefix to the roles (can be used for other purposes).
	HasLinkCtx(ctx context.Context, name1 string, name2 string, domain ...string) (bool, error)
	// GetRolesCtx gets the roles that a user inherits with context.
	// domain is a prefix to the roles (can be used for other purposes).
	GetRolesCtx(ctx context.Context, name string, domain ...string) ([]string, error)
	// GetUsersCtx gets the users that inherits a role with context.
	// domain is a prefix to the users (can be used for other purposes).
	GetUsersCtx(ctx context.Context, name string, domain ...string) ([]string, error)
	// GetDomainsCtx gets domains that a user has with context.
	GetDomainsCtx(ctx context.Context, name string) ([]string, error)
	// GetAllDomainsCtx gets all domains with context.
	GetAllDomainsCtx(ctx context.Context) ([]string, error)
}

ContextRoleManager provides a context-aware interface to define the operations for managing roles. Prefer this over RoleManager interface for context propagation, which is useful for things like handling request timeouts.

type LinkConditionFunc 

type LinkConditionFunc = func(args ...string) (bool, error)

type MatchingFunc 

type MatchingFunc func(arg1 string, arg2 string) bool

type RoleManager 

type RoleManager interface {
	// Clear clears all stored data and resets the role manager to the initial state.
	Clear() error
	// AddLink adds the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	AddLink(name1 string, name2 string, domain ...string) error
	// Deprecated: BuildRelationship is no longer required
	BuildRelationship(name1 string, name2 string, domain ...string) error
	// DeleteLink deletes the inheritance link between two roles. role: name1 and role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	DeleteLink(name1 string, name2 string, domain ...string) error
	// HasLink determines whether a link exists between two roles. role: name1 inherits role: name2.
	// domain is a prefix to the roles (can be used for other purposes).
	HasLink(name1 string, name2 string, domain ...string) (bool, error)
	// GetRoles gets the roles that a user inherits.
	// domain is a prefix to the roles (can be used for other purposes).
	GetRoles(name string, domain ...string) ([]string, error)
	// GetUsers gets the users that inherits a role.
	// domain is a prefix to the users (can be used for other purposes).
	GetUsers(name string, domain ...string) ([]string, error)
	// GetDomains gets domains that a user has
	GetDomains(name string) ([]string, error)
	// GetAllDomains gets all domains
	GetAllDomains() ([]string, error)
	// PrintRoles prints all the roles to log.
	PrintRoles() error
	// SetLogger sets role manager's logger.
	SetLogger(logger log.Logger)
	// Match matches the domain with the pattern
	Match(str string, pattern string) bool
	// AddMatchingFunc adds the matching function
	AddMatchingFunc(name string, fn MatchingFunc)
	// AddDomainMatchingFunc adds the domain matching function
	AddDomainMatchingFunc(name string, fn MatchingFunc)
}

RoleManager provides interface to define the operations for managing roles.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.