Documentation
¶
Index ¶
- func Equals(a, b types.Value) bool
- func GreaterThan(a, b types.Value) bool
- func GreaterThanOrEqualTo(a, b types.Value) bool
- func In(a, b types.Value) bool
- func LessThan(a, b types.Value) bool
- func LessThanOrEqualTo(a, b types.Value) bool
- func NotEquals(a, b types.Value) bool
- func ParseExpression(expr string) (a, b string, o Operator, m CollectionOperationModifier, err error)
- type CollectionOperationModifier
- type EvaluationEnvironment
- type Expression
- type LogicalOperator
- type Operator
- type Permission
- type Rule
- type RuleTokens
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GreaterThan ¶
func GreaterThanOrEqualTo ¶
func LessThanOrEqualTo ¶
func ParseExpression ¶
func ParseExpression(expr string) (a, b string, o Operator, m CollectionOperationModifier, err error)
Types ¶
type CollectionOperationModifier ¶
type CollectionOperationModifier int
const ( CollOne CollectionOperationModifier = iota CollAny CollAll )
type EvaluationEnvironment ¶
type EvaluationEnvironment map[string]interface{}
type Expression ¶
type Expression struct {
A, B types.Value
Operator Operator
Modifier CollectionOperationModifier
Condition LogicalOperator
}
Expression describes a single. Condition should be Undefined for the first element, but defined for each subsequent element.
func (Expression) Evaluate ¶
func (e Expression) Evaluate(env EvaluationEnvironment) bool
type Permission ¶
type Permission struct {
Name string
Condition LogicalOperator
}
type Rule ¶
type Rule struct {
Command string
Conditions []Expression
Permissions []Permission
}
func Parse ¶
func Parse(rt RuleTokens) (Rule, error)
func TokenizeAndParse ¶
TokenizeAndParse is a helper function that wraps the Tokenize and Parse functions. It accepts a raw Gort rule of the form "COMMAND [when CONDITION (and|or)]? [allow|must have PERMISSION (and|or)]", and returns a RuleTokens value. A parsing error will produce a non-nil error. The RuleTokens' Command value should always be non-empty; Conditions and Permissions can both be empty (but non-nil). Empty Conditions always match the command. Empty Permissions indicating the use of the "allow" keyword and always pass.
func (Rule) Allowed ¶
Allowed returns true iff the user has all required permissions (or the rule is an "allow" rule).
func (Rule) Matches ¶
func (r Rule) Matches(env EvaluationEnvironment) bool
Matches returns true iff the Rule's stated conditions evaluate to true.
type RuleTokens ¶
RuleTokens represents a tokenized Gort rule of the form "COMMAND [when CONDITION (and|or)]? [allow|must have PERMISSION (and|or)]".
func Tokenize ¶
func Tokenize(s string) (RuleTokens, error)
Tokenize accepts a raw Gort rule of the form "COMMAND [when CONDITION (and|or)]? [allow|must have PERMISSION (and|or)]", and returns a RuleTokens value. A parsing error will produce a non-nil error. The RuleTokens' Command value should always be non-empty; Conditions and Permissions can both be empty (but non-nil). Empty Conditions always match the command. Empty Permissions indicating the use of the "allow" keyword and always pass.
Source Files