rbac

package
v0.0.0-...-9dee9fb Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AWSIAMProvider 

type AWSIAMProvider struct {
	// contains filtered or unexported fields
}

AWSIAMProvider is a stub for AWS IAM policy evaluation. It defines the interface shape; the full AWS SDK integration is left for when the AWS dependency is added.

func NewAWSIAMProvider 

func NewAWSIAMProvider(region, roleARN string) *AWSIAMProvider

NewAWSIAMProvider creates an AWSIAMProvider for the given region and role ARN.

func (*AWSIAMProvider) CheckPermission 

func (a *AWSIAMProvider) CheckPermission(_ context.Context, _, _, _ string) (bool, error)

CheckPermission evaluates an IAM policy for the given subject/resource/action.

func (*AWSIAMProvider) ListPermissions 

func (a *AWSIAMProvider) ListPermissions(_ context.Context, _ string) ([]auth.Permission, error)

ListPermissions lists IAM permissions for the subject.

func (*AWSIAMProvider) Name 

func (a *AWSIAMProvider) Name() string

Name returns the provider identifier.

func (*AWSIAMProvider) SyncRoles 

func (a *AWSIAMProvider) SyncRoles(_ context.Context, _ []auth.RoleDefinition) error

SyncRoles pushes role definitions to AWS IAM.

type BuiltinProvider 

type BuiltinProvider struct {
	// contains filtered or unexported fields
}

BuiltinProvider wraps the existing PolicyEngine to implement PermissionProvider.

func NewBuiltinProvider 

func NewBuiltinProvider(engine *coreRBAC.PolicyEngine) *BuiltinProvider

NewBuiltinProvider creates a BuiltinProvider backed by the given PolicyEngine.

func (*BuiltinProvider) CheckPermission 

func (b *BuiltinProvider) CheckPermission(_ context.Context, subject, resource, action string) (bool, error)

CheckPermission maps the PermissionProvider interface to PolicyEngine.Allowed. The subject is treated as a role name.

func (*BuiltinProvider) ListPermissions 

func (b *BuiltinProvider) ListPermissions(_ context.Context, subject string) ([]auth.Permission, error)

ListPermissions returns all permissions for the given role.

func (*BuiltinProvider) Name 

func (b *BuiltinProvider) Name() string

Name returns the provider identifier.

func (*BuiltinProvider) SyncRoles 

func (b *BuiltinProvider) SyncRoles(_ context.Context, roles []auth.RoleDefinition) error

SyncRoles registers role definitions in the underlying PolicyEngine. This allows dynamic role creation beyond the 4 built-in roles.

type PermitProvider 

type PermitProvider struct {
	// contains filtered or unexported fields
}

PermitProvider is a stub for permit.io integration. It defines the interface shape; the full SDK integration is left for when the permit.io dependency is added.

func NewPermitProvider 

func NewPermitProvider(apiKey, endpoint string) *PermitProvider

NewPermitProvider creates a PermitProvider with the given API key and endpoint.

func (*PermitProvider) CheckPermission 

func (p *PermitProvider) CheckPermission(_ context.Context, _, _, _ string) (bool, error)

CheckPermission calls the permit.io PDP to evaluate access.

func (*PermitProvider) ListPermissions 

func (p *PermitProvider) ListPermissions(_ context.Context, _ string) ([]auth.Permission, error)

ListPermissions retrieves permissions from permit.io for the subject.

func (*PermitProvider) Name 

func (p *PermitProvider) Name() string

Name returns the provider identifier.

func (*PermitProvider) SyncRoles 

func (p *PermitProvider) SyncRoles(_ context.Context, _ []auth.RoleDefinition) error

SyncRoles pushes role definitions to permit.io.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.