casbin

package
v0.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 29, 2025 License: Apache-2.0 Imports: 18 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SetAuthorizer 

func SetAuthorizer(cnf *conf.Configuration, opts ...Option) error

SetAuthorizer set the default authorizer for security package.

Types

type Authorizer 

type Authorizer struct {
	Enforcer casbin.IEnforcer
	Watcher  persist.Watcher
	Adapter  persist.Adapter
	// contains filtered or unexported fields
}

Authorizer is an Authorizer feature base on casbin.

func NewAuthorizer 

func NewAuthorizer(cnf *conf.Configuration, opts ...Option) (au *Authorizer, err error)

NewAuthorizer 根据配置创建验证器. Configuration example:

authz: 

autoSave: false
expireTime: 1h
watcherOptions:
  options:
    addr: "localhost:6379"
    channel: "/casbin"
model: /path/to/model.conf
policy: /path/to/policy.csv
cache:
  size: 1000
  ttl:  1m

. autoSave in watcher callback should be false. but set false will cause casbin main nodes lost save data. we will improve in the future.current use database unique index to avoid duplicate data.

expireTime if set for casbin.CachedEnforcer, if not set will use normal casbin.Enforcer.

cache node is for independent cache usding for cached the Authorizer itself. cache.ttl default 1 minute.

func (*Authorizer) BaseEnforcer 

func (au *Authorizer) BaseEnforcer() casbin.IEnforcer

BaseEnforcer returns the base enforcer. casbin api is not broadcasting to enforcer interface. so need to use base enforcer.

func (*Authorizer) Eval 

func (au *Authorizer) Eval(ctx context.Context, args *security.EvalArgs) (pass bool, err error)

Eval checks if the user has permission to do an operation on a resource. tenant will be used as domain.

func (*Authorizer) Prepare 

func (au *Authorizer) Prepare(ctx context.Context, kind security.ArnKind, arnParts ...string) (*security.EvalArgs, error)

func (*Authorizer) QueryAllowedResourceConditions 

func (au *Authorizer) QueryAllowedResourceConditions(ctx context.Context, args *security.EvalArgs) (conditions []string, err error)

QueryAllowedResourceConditions returns the allowed resource conditions for the user in domain. if the user don't have any permission, return nil. A ResourceCondition's operation should be use `data`.

type Option 

type Option func(*Authorizer)

func WithAdapter added in v0.4.1 

func WithAdapter(pa persist.Adapter) Option

func WithCache added in v0.4.2 

func WithCache(cache cache.Cache) Option

WithCache add cache to authorizer.

func WithEnforcer added in v0.4.1 

func WithEnforcer(e casbin.IEnforcer) Option

func WithWatcher added in v0.4.1 

func WithWatcher(w persist.Watcher) Option

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.