Documentation
¶
Index ¶
- func CanReadWorkspace(userID uuid.UUID, wsID uuid.UUID) (bool, error)
- func CanWriteWorkspace(userID uuid.UUID, wsID uuid.UUID) (bool, error)
- func GetAllAdminUserIDs() (map[uuid.UUID]bool, error)
- func GetEnforcer() *casbin.Enforcer
- func GetUserWorkspaces(userID uuid.UUID) ([]uuid.UUID, error)
- func GrantWorkspaceAccess(userID uuid.UUID, wsID uuid.UUID, role string) error
- func InitEnforcer(db *gorm.DB, logger *slog.Logger) error
- func IsAdmin(userID uuid.UUID) (bool, error)
- func MakeAdmin(userID uuid.UUID) error
- func RevokeAdmin(userID uuid.UUID) error
- func RevokeWorkspaceAccess(userID uuid.UUID, wsID uuid.UUID) error
- type DefaultProvider
- func (DefaultProvider) CanReadWorkspace(userID, wsID uuid.UUID) (bool, error)
- func (DefaultProvider) CanWriteWorkspace(userID, wsID uuid.UUID) (bool, error)
- func (DefaultProvider) GetAllAdminUserIDs() (map[uuid.UUID]bool, error)
- func (DefaultProvider) GrantWorkspaceAccess(userID, wsID uuid.UUID, role string) error
- func (DefaultProvider) IsAdmin(userID uuid.UUID) (bool, error)
- func (DefaultProvider) MakeAdmin(userID uuid.UUID) error
- func (DefaultProvider) RevokeAdmin(userID uuid.UUID) error
- func (DefaultProvider) RevokeWorkspaceAccess(userID, wsID uuid.UUID) error
- type Provider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CanReadWorkspace ¶
CanReadWorkspace checks if user can read a workspace
func CanWriteWorkspace ¶
CanWriteWorkspace checks if user can write to a workspace
func GetAllAdminUserIDs ¶
GetAllAdminUserIDs returns a set of all user IDs that have admin privileges
func GetEnforcer ¶
GetEnforcer returns the global enforcer instance
func GetUserWorkspaces ¶
GetUserWorkspaces returns all workspace IDs that a user has access to
func GrantWorkspaceAccess ¶
GrantWorkspaceAccess grants access to a workspace
func InitEnforcer ¶
InitEnforcer initializes the Casbin enforcer
func RevokeAdmin ¶
RevokeAdmin removes admin privileges from a user
Types ¶
type DefaultProvider ¶ added in v0.10.3
type DefaultProvider struct{}
DefaultProvider wraps the global Casbin enforcer as an rbac.Provider.
func NewDefaultProvider ¶ added in v0.10.3
func NewDefaultProvider() *DefaultProvider
func (DefaultProvider) CanReadWorkspace ¶ added in v0.10.3
func (DefaultProvider) CanReadWorkspace(userID, wsID uuid.UUID) (bool, error)
func (DefaultProvider) CanWriteWorkspace ¶ added in v0.10.3
func (DefaultProvider) CanWriteWorkspace(userID, wsID uuid.UUID) (bool, error)
func (DefaultProvider) GetAllAdminUserIDs ¶ added in v0.10.3
func (DefaultProvider) GetAllAdminUserIDs() (map[uuid.UUID]bool, error)
func (DefaultProvider) GrantWorkspaceAccess ¶ added in v0.10.3
func (DefaultProvider) GrantWorkspaceAccess(userID, wsID uuid.UUID, role string) error
func (DefaultProvider) IsAdmin ¶ added in v0.10.3
func (DefaultProvider) IsAdmin(userID uuid.UUID) (bool, error)
func (DefaultProvider) MakeAdmin ¶ added in v0.10.3
func (DefaultProvider) MakeAdmin(userID uuid.UUID) error
func (DefaultProvider) RevokeAdmin ¶ added in v0.10.3
func (DefaultProvider) RevokeAdmin(userID uuid.UUID) error
func (DefaultProvider) RevokeWorkspaceAccess ¶ added in v0.10.3
func (DefaultProvider) RevokeWorkspaceAccess(userID, wsID uuid.UUID) error
type Provider ¶ added in v0.10.3
type Provider interface {
CanReadWorkspace(userID, wsID uuid.UUID) (bool, error)
CanWriteWorkspace(userID, wsID uuid.UUID) (bool, error)
IsAdmin(userID uuid.UUID) (bool, error)
GrantWorkspaceAccess(userID, wsID uuid.UUID, role string) error
RevokeWorkspaceAccess(userID, wsID uuid.UUID) error
MakeAdmin(userID uuid.UUID) error
RevokeAdmin(userID uuid.UUID) error
GetAllAdminUserIDs() (map[uuid.UUID]bool, error)
}
Provider abstracts RBAC operations so callers can use dependency injection instead of the global enforcer. This enables per-test isolation and mocking.
Source Files
Click to show internal directories.
Click to hide internal directories.