rbac

package
v1.0.1139 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 2, 2026 License: Apache-2.0 Imports: 21 Imported by: 10

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DefaultModel string

Functions

func AddCustomFunctions added in v1.0.840 

func AddCustomFunctions(enforcer addableEnforcer)

func AddRoleForUser 

func AddRoleForUser(user string, role ...string) error

func Check 

func Check(ctx context.Context, subject, object, action string) bool

func CheckContext added in v1.0.841 

func CheckContext(ctx context.Context, object, action string) bool

func DeleteAllRolesForUser 

func DeleteAllRolesForUser(user string) error

func DeleteRole 

func DeleteRole(role string) (bool, error)

func DeleteRoleForUser 

func DeleteRoleForUser(user string, role string) error

func Enforcer 

func Enforcer() *casbin.SyncedCachedEnforcer

func GetActionFromHttpMethod 

func GetActionFromHttpMethod(method string) string

func GetObjectByTable 

func GetObjectByTable(resource string) string

func HasPermission added in v1.0.841 

func HasPermission(ctx context.Context, subject string, attr *models.ABACAttribute, action string) bool

func Init 

func Init(ctx context.Context, superUserIDs []string, adapters ...Adapter) error

func PermsForUser 

func PermsForUser(user string) ([]policy.Permission, error)

func ReloadPolicy 

func ReloadPolicy() error

func RolesForUser 

func RolesForUser(user string) ([]string, error)

func Stop 

func Stop()

Types

type Adapter added in v1.0.840 

type Adapter func(ctx context.Context, main *gormadapter.Adapter) persist.Adapter

type NamespacedNameIDSelector added in v1.0.1074 

type NamespacedNameIDSelector struct {
	ID        string `json:"id,omitempty"`
	Namespace string `json:"namespace,omitempty"`
	Name      string `json:"name,omitempty"`
}

type Selectors added in v1.0.840 

type Selectors struct {
	Playbooks   []types.ResourceSelector `json:"playbooks,omitempty"`
	Connections []types.ResourceSelector `json:"connections,omitempty"`
	Configs     []types.ResourceSelector `json:"configs,omitempty"`
	Components  []types.ResourceSelector `json:"components,omitempty"`
	Views       []ViewRef                `json:"views,omitempty"`
}

Selectors represents the object_selector from a permission and specifies resource selectors for multiple resource types used in ABAC authorization.

For authorization to succeed, all specified resource type selectors must match the corresponding resources in the ABACAttribute. If a selector is specified for a resource type but the attribute lacks that resource, authorization fails. If an attribute provides a resource but no selector exists for that type, the permission is considered non-restrictive for that resource (authorized).

type ViewRef added in v1.0.1074 

type ViewRef NamespacedNameIDSelector

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.