security

package
v0.8.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2025 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// PrioritySelf indicates access only to data created by the user themselves.
	// This is the most restrictive data scope.
	PrioritySelf = 10

	// PriorityDepartment indicates access to data within the user's department.
	PriorityDepartment = 20

	// PriorityDepartmentAndSub indicates access to data within the user's department and all sub-departments.
	PriorityDepartmentAndSub = 30

	// PriorityOrganization indicates access to data within the user's organization.
	PriorityOrganization = 40

	// PriorityOrganizationAndSub indicates access to data within the user's organization and all sub-organizations.
	PriorityOrganizationAndSub = 50

	// PriorityCustom indicates access to data within the user's custom data scope.
	PriorityCustom = 60

	// PriorityAll indicates unrestricted access to all data.
	// This is the broadest data scope, typically used for system administrators.
	PriorityAll = 10000
)

Data scope priority constants. Higher values indicate broader access permissions. When a user has multiple roles with the same permission token but different data scopes, the framework will select the scope with the highest priority.

Variables

View Source 
var (
	// ErrInvalidAESKeyLength indicates the AES key length is invalid.
	ErrInvalidAESKeyLength = errors.New("invalid AES key length")
	// ErrCannotDeriveIV indicates IV cannot be derived from the key due to insufficient length.
	ErrCannotDeriveIV = errors.New("cannot derive IV")
	// ErrInvalidIVLength indicates the IV length is invalid.
	ErrInvalidIVLength = errors.New("invalid IV length")
	// ErrCreateAESCipherFailed indicates AES cipher creation failed.
	ErrCreateAESCipherFailed = errors.New("failed to create AES cipher")

	// ErrPrivateKeyNil indicates the provided private key is nil.
	ErrPrivateKeyNil = errors.New("private key cannot be nil")
	// ErrCreateRSACipherFailed indicates RSA cipher creation failed.
	ErrCreateRSACipherFailed = errors.New("failed to create RSA cipher")
	// ErrCreateRSACipherFromPEMFailed indicates RSA cipher creation from PEM failed.
	ErrCreateRSACipherFromPEMFailed = errors.New("failed to create RSA cipher from PEM")
	// ErrCreateRSACipherFromHexFailed indicates RSA cipher creation from hex failed.
	ErrCreateRSACipherFromHexFailed = errors.New("failed to create RSA cipher from hex")
	// ErrCreateRSACipherFromBase64Failed indicates RSA cipher creation from base64 failed.
	ErrCreateRSACipherFromBase64Failed = errors.New("failed to create RSA cipher from base64")

	// ErrCreateSM2CipherFailed indicates SM2 cipher creation failed.
	ErrCreateSM2CipherFailed = errors.New("failed to create SM2 cipher")
	// ErrCreateSM2CipherFromPEMFailed indicates SM2 cipher creation from PEM failed.
	ErrCreateSM2CipherFromPEMFailed = errors.New("failed to create SM2 cipher from PEM")
	// ErrCreateSM2CipherFromHexFailed indicates SM2 cipher creation from hex failed.
	ErrCreateSM2CipherFromHexFailed = errors.New("failed to create SM2 cipher from hex")

	// ErrInvalidSM4KeyLength indicates the SM4 key length is invalid.
	ErrInvalidSM4KeyLength = errors.New("invalid SM4 key length")
	// ErrCreateSM4CipherFailed indicates SM4 cipher creation failed.
	ErrCreateSM4CipherFailed = errors.New("failed to create SM4 cipher")
	// ErrCreateSM4CipherFromHexFailed indicates SM4 cipher creation from hex failed.
	ErrCreateSM4CipherFromHexFailed = errors.New("failed to create SM4 cipher from hex")
	// ErrCreateSM4CipherFromBase64Failed indicates SM4 cipher creation from base64 failed.
	ErrCreateSM4CipherFromBase64Failed = errors.New("failed to create SM4 cipher from base64")

	// ErrDecodeJwtSecretFailed indicates decoding Jwt secret failed.
	ErrDecodeJwtSecretFailed = errors.New("failed to decode jwt secret")

	// ErrUserDetailsTypeMustBeStruct indicates user details type must be a struct.
	ErrUserDetailsTypeMustBeStruct = errors.New("user details type must be a struct")
	// ErrExternalAppDetailsTypeMustBeStruct indicates external app details type must be a struct.
	ErrExternalAppDetailsTypeMustBeStruct = errors.New("external app details type must be a struct")

	// ErrQueryNotQueryBuilder is returned when the query does not implement QueryBuilder interface.
	ErrQueryNotQueryBuilder = errors.New("query does not implement QueryBuilder interface")
	// ErrQueryModelNotSet is returned when the query does not have a model set before applying data permission.
	ErrQueryModelNotSet = errors.New("query must call Model() before applying data permission")
)
View Source 
var (
	PrincipalSystem = &Principal{
		Type: PrincipalTypeSystem,
		Id:   constants.OperatorSystem,
		Name: "系统",
	}
	PrincipalAnonymous = NewUser(constants.OperatorAnonymous, "匿名")
)

Functions

func HashPassword 

func HashPassword(password string) (string, error)

HashPassword hashes a password using bcrypt.

func PublishRolePermissionsChangedEvent 

func PublishRolePermissionsChangedEvent(publisher event.Publisher, roles ...string)

PublishRolePermissionsChangedEvent publishes a role permissions changed event via the provided publisher. If no roles are specified, subscribers should interpret the event as affecting all roles.

func SetExternalAppDetailsType 

func SetExternalAppDetailsType[T any]()

func SetUserDetailsType 

func SetUserDetailsType[T any]()

func VerifyPassword 

func VerifyPassword(password, hashedPassword string) bool

VerifyPassword verifies a password against a hashed password using bcrypt.

Types

type AesPasswordDecryptor added in v0.6.0 

type AesPasswordDecryptor struct {
	// contains filtered or unexported fields
}

AesPasswordDecryptor implements PasswordDecryptor using AES encryption. It supports AES-128, AES-192, and AES-256 based on the key length. The encrypted password should be base64-encoded.

func (*AesPasswordDecryptor) Decrypt added in v0.6.0 

func (d *AesPasswordDecryptor) Decrypt(encryptedPassword string) (string, error)

Decrypt decrypts the base64-encoded AES-encrypted password. The encrypted password is expected to be in the format: base64(AES-CBC(plaintext)).

type AllDataScope 

type AllDataScope struct{}

AllDataScope grants access to all data without any restrictions. This is typically used for system administrators or users with full data access.

func (*AllDataScope) Apply 

func (*AllDataScope) Apply(*Principal, orm.SelectQuery) error

func (*AllDataScope) Key 

func (*AllDataScope) Key() string

func (*AllDataScope) Priority 

func (*AllDataScope) Priority() int

func (*AllDataScope) Supports 

func (*AllDataScope) Supports(*Principal, *orm.Table) bool

type AuthManager 

type AuthManager interface {
	// Authenticate attempts to authenticate the provided authentication information.
	// It delegates to the appropriate authenticator based on the authentication type.
	// Returns a Principal if authentication succeeds, or an error if it fails.
	Authenticate(ctx context.Context, authentication Authentication) (*Principal, error)
}

AuthManager is the main entry point for authentication operations. It manages multiple authenticators and provides a unified authentication interface.

type AuthTokens 

type AuthTokens struct {
	AccessToken  string `json:"accessToken"`  // AccessToken is the short-lived access token for Api requests
	RefreshToken string `json:"refreshToken"` // RefreshToken is the long-lived token used to refresh access tokens
}

AuthTokens represents the authentication tokens for a user. It contains both access token and refresh token for token-based authentication.

type Authentication 

type Authentication struct {
	Type        string `json:"type"`        // Type specifies the authentication method (e.g., "password", "jwt", "oauth")
	Principal   string `json:"principal"`   // Principal is the identifier of the entity being authenticated (e.g., username, email)
	Credentials any    `json:"credentials"` // Credentials contains the authentication data (e.g., password, token)
}

Authentication represents the authentication information provided by a client. It contains the authentication type, principal identifier, and credentials.

type Authenticator 

type Authenticator interface {
	// Supports checks if this authenticator can handle the given authentication type.
	Supports(authType string) bool
	// Authenticate validates the provided authentication information and returns a Principal.
	// Returns an error if authentication fails or the authenticator doesn't support the type.
	Authenticate(ctx context.Context, authentication Authentication) (*Principal, error)
}

Authenticator defines the interface for authentication providers. Each authenticator supports specific authentication types and validates credentials.

type CachedRolePermissionsLoader 

type CachedRolePermissionsLoader struct {
	// contains filtered or unexported fields
}

CachedRolePermissionsLoader is a decorator that adds caching to a RolePermissionsLoader. It uses the cache system and event bus for automatic cache invalidation.

func (*CachedRolePermissionsLoader) LoadPermissions 

func (c *CachedRolePermissionsLoader) LoadPermissions(ctx context.Context, role string) (map[string]DataScope, error)

LoadPermissions loads permissions for a single role, using cache when available.

type DataPermissionApplier 

type DataPermissionApplier interface {
	// Apply applies data permission filter conditions to the query.
	Apply(query orm.SelectQuery) error
}

DataPermissionApplier applies data permission filtering to queries. Thread Safety: Instances are NOT required to be thread-safe as they are request-scoped.

func NewRequestScopedDataPermApplier 

func NewRequestScopedDataPermApplier(
	principal *Principal,
	dataScope DataScope,
	logger log.Logger,
) DataPermissionApplier

NewRequestScopedDataPermApplier creates a new request-scoped data permission applier. This function is typically called by the data permission middleware for each request.

type DataPermissionResolver 

type DataPermissionResolver interface {
	// ResolveDataScope loads the DataScope instance applicable to the principal.
	ResolveDataScope(ctx context.Context, principal *Principal, permToken string) (DataScope, error)
}

DataPermissionResolver resolves the applicable DataScope instance for a given principal and permission.

type DataScope 

type DataScope interface {
	// Key returns the unique identifier of this data scope.
	Key() string
	// Priority returns the priority level of this data scope.
	// Higher values indicate broader access permissions.
	// When a user has multiple roles with the same permission token but different data scopes,
	// the framework will select the scope with the highest priority.
	Priority() int
	// Supports determines whether this data scope is applicable to the given table structure.
	// It checks if the table has the necessary fields required by this scope.
	Supports(principal *Principal, table *orm.Table) bool
	// Apply applies the data permission filter conditions using the provided SelectQuery.
	// This method should use the SelectQuery to add filtering conditions.
	Apply(principal *Principal, query orm.SelectQuery) error
}

DataScope represents an abstract data permission scope that defines access boundaries. Each DataScope implementation encapsulates a specific data access pattern (e.g., department-level, organization-level). Implementations should be stateless and thread-safe, as they may be shared across multiple requests.

func NewAllDataScope 

func NewAllDataScope() DataScope

NewAllDataScope creates a new AllDataScope instance.

func NewSelfDataScope 

func NewSelfDataScope(createdByColumn string) DataScope

NewSelfDataScope creates a new SelfDataScope instance. The createdByColumn parameter specifies the database column name for the creator. If empty, it defaults to "created_by".

type ExternalAppConfig 

type ExternalAppConfig struct {
	Enabled     bool   `json:"enabled"`     // Enabled indicates whether the external app is enabled
	IpWhitelist string `json:"ipWhitelist"` // IpWhitelist is a comma-separated whitelist (supports IP or CIDR)
}

ExternalAppConfig is an optional details payload for openapi principals. Users can place this config into Principal.Details for extra runtime checks.

type ExternalAppLoader 

type ExternalAppLoader interface {
	// LoadById loads an external application by appId and returns the associated Principal and app secret.
	// If the app does not exist, return (nil, "", nil) and the authenticator will treat it as invalid credentials.
	// If an internal error occurs, return a non-nil error.
	LoadById(ctx context.Context, id string) (*Principal, string, error)
}

ExternalAppLoader defines a strategy for loading external application information by appId. Users should implement this interface and provide it via the fx container. The returned secret should be the shared secret used for HMAC verification.

type Gender added in v0.6.0 

type Gender string

Gender represents the gender of the user. 

const (
	// GenderMale represents the male gender.
	GenderMale Gender = "male"
	// GenderFemale represents the female gender.
	GenderFemale Gender = "female"
	// GenderUnknown represents an unknown gender.
	GenderUnknown Gender = "unknown"
)

type Jwt added in v0.6.0 

type Jwt struct {
	// contains filtered or unexported fields
}

Jwt provides low-level Jwt token operations. It handles token generation, parsing, and validation without business logic.

func NewJwt added in v0.6.0 

func NewJwt(config *JwtConfig) (*Jwt, error)

NewJwt creates a new Jwt instance with the given configuration. Secret expects a hex-encoded string; invalid hex will cause a panic during initialization. Audience will be defaulted when empty.

func (*Jwt) Generate added in v0.6.0 

func (j *Jwt) Generate(claimsBuilder *JwtClaimsBuilder, expires, notBefore time.Duration) (string, error)

Generate creates a Jwt token with the given claims and expires. The expiration is computed as now + expires; iat and nbf are set to now.

func (*Jwt) Parse added in v0.6.0 

func (j *Jwt) Parse(tokenString string) (*JwtClaimsAccessor, error)

Parse parses and validates a Jwt token. It returns a read-only claims accessor which performs safe conversions and never panics.

type JwtClaimsAccessor added in v0.6.0 

type JwtClaimsAccessor struct {
	// contains filtered or unexported fields
}

func NewJwtClaimsAccessor added in v0.6.0 

func NewJwtClaimsAccessor(claims jwt.MapClaims) *JwtClaimsAccessor

NewJwtClaimsAccessor creates a new Jwt claims accessor.

func (*JwtClaimsAccessor) Claim added in v0.6.0 

func (a *JwtClaimsAccessor) Claim(key string) any

Claim returns the claim.

func (*JwtClaimsAccessor) Details added in v0.6.0 

func (a *JwtClaimsAccessor) Details() any

Details returns the details claim.

func (*JwtClaimsAccessor) Id added in v0.6.0 

func (a *JwtClaimsAccessor) Id() string

Id returns the Jwt ID claim. Returns empty string if the claim is missing or not a string.

func (*JwtClaimsAccessor) Roles added in v0.6.0 

func (a *JwtClaimsAccessor) Roles() []string

Roles returns the roles claim. Supports both []string and []any payloads; returns empty slice if absent.

func (*JwtClaimsAccessor) Subject added in v0.6.0 

func (a *JwtClaimsAccessor) Subject() string

Subject returns the subject claim. Returns empty string if the claim is missing or not a string.

func (*JwtClaimsAccessor) Type added in v0.6.0 

func (a *JwtClaimsAccessor) Type() string

Type returns the token type claim. Returns empty string if the claim is missing or not a string.

type JwtClaimsBuilder added in v0.6.0 

type JwtClaimsBuilder struct {
	// contains filtered or unexported fields
}

JwtClaimsBuilder helps build Jwt claims for different token types.

func NewJwtClaimsBuilder added in v0.6.0 

func NewJwtClaimsBuilder() *JwtClaimsBuilder

NewJwtClaimsBuilder creates a new Jwt claims builder.

func (*JwtClaimsBuilder) Claim added in v0.6.0 

func (b *JwtClaimsBuilder) Claim(key string) (any, bool)

Claim returns a custom claim.

func (*JwtClaimsBuilder) Details added in v0.6.0 

func (b *JwtClaimsBuilder) Details() (any, bool)

Details returns the details claim.

func (*JwtClaimsBuilder) Id added in v0.6.0 

func (b *JwtClaimsBuilder) Id() (string, bool)

Id returns the Jwt ID claim.

func (*JwtClaimsBuilder) Roles added in v0.6.0 

func (b *JwtClaimsBuilder) Roles() ([]string, bool)

Roles returns the roles claim.

func (*JwtClaimsBuilder) Subject added in v0.6.0 

func (b *JwtClaimsBuilder) Subject() (string, bool)

Subject returns the subject claim.

func (*JwtClaimsBuilder) Type added in v0.6.0 

func (b *JwtClaimsBuilder) Type() (string, bool)

Type returns the token type claim.

func (*JwtClaimsBuilder) WithClaim added in v0.6.0 

func (b *JwtClaimsBuilder) WithClaim(key string, value any) *JwtClaimsBuilder

func (*JwtClaimsBuilder) WithDetails added in v0.6.0 

func (b *JwtClaimsBuilder) WithDetails(details any) *JwtClaimsBuilder

func (*JwtClaimsBuilder) WithId added in v0.6.0 

func (b *JwtClaimsBuilder) WithId(id string) *JwtClaimsBuilder

func (*JwtClaimsBuilder) WithRoles added in v0.6.0 

func (b *JwtClaimsBuilder) WithRoles(roles []string) *JwtClaimsBuilder

func (*JwtClaimsBuilder) WithSubject added in v0.6.0 

func (b *JwtClaimsBuilder) WithSubject(subject string) *JwtClaimsBuilder

func (*JwtClaimsBuilder) WithType added in v0.6.0 

func (b *JwtClaimsBuilder) WithType(typ string) *JwtClaimsBuilder

type JwtConfig added in v0.6.0 

type JwtConfig struct {
	Secret   string `config:"secret"`   // Secret key for Jwt signing
	Audience string `config:"audience"` // Jwt audience
}

JwtConfig is the configuration for the Jwt token.

type PasswordDecryptor 

type PasswordDecryptor interface {
	// Decrypt decrypts the encrypted password string and returns the plaintext password.
	// The encryptedPassword parameter is typically a base64-encoded or hex-encoded string.
	// Returns an error if decryption fails (e.g., invalid format, wrong key, corrupted data).
	Decrypt(encryptedPassword string) (string, error)
}

PasswordDecryptor defines the interface for decrypting passwords received from clients. Different implementations can support various encryption algorithms (AES, RSA, SM2, SM4, etc.). If no decryptor is provided, passwords are assumed to be plaintext. Users should implement this interface based on their specific encryption requirements.

func NewAesPasswordDecryptor added in v0.6.0 

func NewAesPasswordDecryptor(key, iv []byte) (PasswordDecryptor, error)

NewAesPasswordDecryptor creates a new AES password decryptor. The key length must be 16, 24, or 32 bytes for AES-128, AES-192, or AES-256 respectively. The iv (initialization vector) must be 16 bytes for AES block size. If iv is nil, it will use the first 16 bytes of the key as IV (not recommended for production).

func NewAesPasswordDecryptorFromBase64 added in v0.6.0 

func NewAesPasswordDecryptorFromBase64(keyBase64, ivBase64 string) (PasswordDecryptor, error)

NewAesPasswordDecryptorFromBase64 creates a new AES password decryptor from base64-encoded key and IV.

func NewAesPasswordDecryptorFromHex added in v0.6.0 

func NewAesPasswordDecryptorFromHex(keyHex, ivHex string) (PasswordDecryptor, error)

NewAesPasswordDecryptorFromHex creates a new AES password decryptor from hex-encoded key and IV.

func NewRsaPasswordDecryptor added in v0.6.0 

func NewRsaPasswordDecryptor(privateKey *rsa.PrivateKey) (PasswordDecryptor, error)

NewRsaPasswordDecryptor creates a new RSA password decryptor with the given private key. The privateKey should be in PKCS#1 or PKCS#8 PEM format.

func NewRsaPasswordDecryptorFromBase64 added in v0.6.0 

func NewRsaPasswordDecryptorFromBase64(privateKeyBase64 string) (PasswordDecryptor, error)

NewRsaPasswordDecryptorFromBase64 creates a new RSA password decryptor from base64-encoded private key. The private key can be in PKCS#1 or PKCS#8 DER format.

func NewRsaPasswordDecryptorFromHex added in v0.6.0 

func NewRsaPasswordDecryptorFromHex(privateKeyHex string) (PasswordDecryptor, error)

NewRsaPasswordDecryptorFromHex creates a new RSA password decryptor from hex-encoded private key. The private key can be in PKCS#1 or PKCS#8 DER format.

func NewRsaPasswordDecryptorFromPEM added in v0.6.0 

func NewRsaPasswordDecryptorFromPEM(pemKey []byte) (PasswordDecryptor, error)

NewRsaPasswordDecryptorFromPEM creates a new RSA password decryptor from PEM-encoded private key. The PEM key can be in PKCS#1 (-----BEGIN RSA PRIVATE KEY-----) or PKCS#8 (-----BEGIN PRIVATE KEY-----) format.

func NewSm2PasswordDecryptor added in v0.6.0 

func NewSm2PasswordDecryptor(privateKey *sm2.PrivateKey) (PasswordDecryptor, error)

NewSm2PasswordDecryptor creates a new SM2 password decryptor with the given private key.

func NewSm2PasswordDecryptorFromHex added in v0.6.0 

func NewSm2PasswordDecryptorFromHex(privateKeyHex string) (PasswordDecryptor, error)

NewSm2PasswordDecryptorFromHex creates a new SM2 password decryptor from hex-encoded private key.

func NewSm2PasswordDecryptorFromPEM added in v0.6.0 

func NewSm2PasswordDecryptorFromPEM(pemKey []byte) (PasswordDecryptor, error)

NewSm2PasswordDecryptorFromPEM creates a new SM2 password decryptor from PEM-encoded private key.

func NewSm4PasswordDecryptor added in v0.6.0 

func NewSm4PasswordDecryptor(key, iv []byte, mode ...crypto.Sm4Mode) (PasswordDecryptor, error)

NewSm4PasswordDecryptor creates a new SM4 password decryptor. The key length must be 16 bytes (128 bits). The iv (initialization vector) must be 16 bytes for CBC mode. If iv is nil, it will use the first 16 bytes of the key as IV (not recommended for production). If mode is not specified, defaults to SM4ModeCBC.

func NewSm4PasswordDecryptorFromBase64 added in v0.6.0 

func NewSm4PasswordDecryptorFromBase64(keyBase64, ivBase64 string, mode ...crypto.Sm4Mode) (PasswordDecryptor, error)

NewSm4PasswordDecryptorFromBase64 creates a new SM4 password decryptor from base64-encoded key and IV. If mode is not specified, defaults to SM4ModeCBC.

func NewSm4PasswordDecryptorFromHex added in v0.6.0 

func NewSm4PasswordDecryptorFromHex(keyHex, ivHex string, mode ...crypto.Sm4Mode) (PasswordDecryptor, error)

NewSm4PasswordDecryptorFromHex creates a new SM4 password decryptor from hex-encoded key and IV. If mode is not specified, defaults to SM4ModeCBC.

type PermissionChecker 

type PermissionChecker interface {
	// HasPermission checks if the given principal has the specified permission.
	HasPermission(ctx context.Context, principal *Principal, permToken string) (bool, error)
}

PermissionChecker defines the interface for checking whether a principal has a specific permission. Users should implement this interface and provide it via the fx container. The framework provides a default RBAC implementation, but users can implement custom logic.

type Principal 

type Principal struct {
	Type    PrincipalType `json:"type"`    // Type is the type of the principal.
	Id      string        `json:"id"`      // Id is the id of the user.
	Name    string        `json:"name"`    // Name is the name of the user.
	Roles   []string      `json:"roles"`   // Roles is the roles of the user.
	Details any           `json:"details"` // Details is the details of the user.
}

Principal is the principal of the user.

func NewExternalApp 

func NewExternalApp(id, name string, roles ...string) *Principal

NewExternalApp is the function to create a new external app principal.

func NewUser 

func NewUser(id, name string, roles ...string) *Principal

NewUser is the function to create a new user principal.

func (*Principal) AttemptUnmarshalDetails 

func (p *Principal) AttemptUnmarshalDetails(details any)

AttemptUnmarshalDetails attempts to unmarshal the details into the principal.

func (*Principal) UnmarshalJSON 

func (p *Principal) UnmarshalJSON(data []byte) error

UnmarshalJSON implements custom JSON unmarshaling for Principal. This allows the Details field to be properly deserialized based on the Type field.

func (*Principal) WithRoles 

func (p *Principal) WithRoles(roles ...string) *Principal

WithRoles adds roles to the principal.

type PrincipalType 

type PrincipalType string

PrincipalType is the type of the principal. 

const (
	PrincipalTypeUser        PrincipalType = "user"                   // PrincipalTypeUser is the type of the user.
	PrincipalTypeExternalApp PrincipalType = "external_app"           // PrincipalTypeExternalApp is the type of the external app.
	PrincipalTypeSystem      PrincipalType = constants.OperatorSystem // PrincipalTypeSystem is the type of the system.
)

type RequestScopedDataPermApplier 

type RequestScopedDataPermApplier struct {
	// contains filtered or unexported fields
}

RequestScopedDataPermApplier is the default implementation of DataPermissionApplier. It applies data permission filtering using a single DataScope instance.

IMPORTANT: This struct is request-scoped and should NOT be stored beyond request lifecycle.

func (*RequestScopedDataPermApplier) Apply 

func (a *RequestScopedDataPermApplier) Apply(query orm.SelectQuery) error

Apply implements security.DataPermissionApplier.Apply.

type RolePermissionsChangedEvent 

type RolePermissionsChangedEvent struct {
	event.BaseEvent

	Roles []string `json:"roles"` // Affected role names (empty means all roles)
}

RolePermissionsChangedEvent is published when role permissions are modified.

type RolePermissionsLoader 

type RolePermissionsLoader interface {
	// LoadPermissions loads all permissions associated with the given role.
	// Returns a map of permission token to DataScope, allowing O(1) permission checks.
	LoadPermissions(ctx context.Context, role string) (map[string]DataScope, error)
}

RolePermissionsLoader defines a strategy for loading all permissions associated with a role. It returns a map where keys are permission tokens and values are their corresponding data scopes. This interface is used by the RBAC PermissionChecker and DataPermissionResolver implementations. Users should implement this interface to define how role permissions are loaded.

func NewCachedRolePermissionsLoader 

func NewCachedRolePermissionsLoader(
	loader RolePermissionsLoader,
	eventBus event.Subscriber,
) RolePermissionsLoader

NewCachedRolePermissionsLoader creates a new cached role permissions loader. It automatically subscribes to role permissions change events to invalidate cache.

type RsaPasswordDecryptor added in v0.6.0 

type RsaPasswordDecryptor struct {
	// contains filtered or unexported fields
}

RsaPasswordDecryptor implements PasswordDecryptor using RSA encryption. It uses RSA-OAEP with SHA-256 for decryption. The encrypted password should be base64-encoded.

func (*RsaPasswordDecryptor) Decrypt added in v0.6.0 

func (d *RsaPasswordDecryptor) Decrypt(encryptedPassword string) (string, error)

Decrypt decrypts the base64-encoded RSA-encrypted password using OAEP with SHA-256. The encrypted password is expected to be in the format: base64(RSA-OAEP(plaintext)).

type SelfDataScope 

type SelfDataScope struct {
	// contains filtered or unexported fields
}

SelfDataScope restricts access to data created by the user themselves. This is commonly used for personal data access where users can only see their own records.

func (*SelfDataScope) Apply 

func (s *SelfDataScope) Apply(principal *Principal, query orm.SelectQuery) error

func (*SelfDataScope) Key 

func (*SelfDataScope) Key() string

func (*SelfDataScope) Priority 

func (*SelfDataScope) Priority() int

func (*SelfDataScope) Supports 

func (s *SelfDataScope) Supports(_ *Principal, table *orm.Table) bool

type Sm2PasswordDecryptor added in v0.6.0 

type Sm2PasswordDecryptor struct {
	// contains filtered or unexported fields
}

Sm2PasswordDecryptor implements PasswordDecryptor using SM2 encryption (国密算法). The encrypted password should be base64-encoded.

func (*Sm2PasswordDecryptor) Decrypt added in v0.6.0 

func (d *Sm2PasswordDecryptor) Decrypt(encryptedPassword string) (string, error)

Decrypt decrypts the base64-encoded SM2-encrypted password. The encrypted password is expected to be in the format: base64(SM2(plaintext)).

type Sm4PasswordDecryptor added in v0.6.0 

type Sm4PasswordDecryptor struct {
	// contains filtered or unexported fields
}

Sm4PasswordDecryptor implements PasswordDecryptor using SM4 encryption (国密算法). It supports SM4-CBC and SM4-ECB modes. The encrypted password should be base64-encoded.

func (*Sm4PasswordDecryptor) Decrypt added in v0.6.0 

func (d *Sm4PasswordDecryptor) Decrypt(encryptedPassword string) (string, error)

Decrypt decrypts the base64-encoded SM4-encrypted password. The encrypted password is expected to be in the format: base64(SM4-CBC/ECB(plaintext)).

type TokenGenerator 

type TokenGenerator interface {
	// Generate creates authentication tokens for the given principal.
	// Returns both access and refresh tokens, or an error if generation fails.
	Generate(principal *Principal) (*AuthTokens, error)
}

TokenGenerator defines the interface for generating authentication tokens. Different implementations can support various token types (Jwt, opaque tokens, etc.).

type UserInfo added in v0.6.0 

type UserInfo struct {
	// Id of the user
	Id string `json:"id"`
	// Name of the user
	Name string `json:"name"`
	// Gender of the user
	Gender Gender `json:"gender"`
	// Avatar URL of the user (optional)
	Avatar null.String `json:"avatar"`
	// Authorized permission tokens
	PermTokens []string `json:"permTokens"`
	// Authorized menus
	Menus []UserMenu `json:"menus"`
}

UserInfo represents detailed information about the authenticated user.

type UserInfoLoader added in v0.6.0 

type UserInfoLoader interface {
	// LoadUserInfo loads detailed information for the authenticated user.
	// The params parameter contains additional request parameters from the API request.
	// Returns UserInfo or an error if loading fails.
	LoadUserInfo(ctx context.Context, principal *Principal, params map[string]any) (*UserInfo, error)
}

UserInfoLoader defines a strategy for loading detailed user information. Users of the framework should implement this interface and provide it via the fx container. This interface is used by the auth resource to load user info when requested.

type UserLoader 

type UserLoader interface {
	// LoadByUsername loads a user by username and returns the associated Principal and password hash.
	// If the username does not exist, return (nil, "", nil) and the authenticator will treat it as invalid credentials.
	// If an internal error occurs, return a non-nil error.
	LoadByUsername(ctx context.Context, username string) (*Principal, string, error)
	// LoadById loads a user by id and returns the associated Principal.
	// If the user does not exist, return nil.
	// If an internal error occurs, return a non-nil error.
	LoadById(ctx context.Context, id string) (*Principal, error)
}

UserLoader defines a strategy for loading user information by username. Users of the framework should implement this interface and provide it via the fx container. The returned passwordHash should be the hashed password stored in the system.

type UserMenu added in v0.6.0 

type UserMenu struct {
	// Type of the menu
	Type UserMenuType `json:"type"`
	// Path of the menu
	Path string `json:"path"`
	// Name of the menu
	Name string `json:"name"`
	// Icon of the menu (optional)
	Icon null.String `json:"icon"`
	// Meta of the menu (optional)
	Meta map[string]any `json:"metadata"`
	// Children of the menu (optional)
	Children []UserMenu `json:"children"`
}

UserMenu represents a menu item in the user's navigation.

type UserMenuType added in v0.6.0 

type UserMenuType string

UserMenuType represents the type of the menu. 

const (
	// UserMenuTypeDirectory represents a directory menu type.
	UserMenuTypeDirectory UserMenuType = "directory"
	// UserMenuTypeMenu represents a menu type.
	UserMenuTypeMenu UserMenuType = "menu"
	// UserMenuTypeView represents a view menu type.
	UserMenuTypeView UserMenuType = "view"
	// UserMenuTypeDashboard represents a dashboard menu type.
	UserMenuTypeDashboard UserMenuType = "dashboard"
	// UserMenuTypeReport represents a report menu type.
	UserMenuTypeReport UserMenuType = "report"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.