项目简介
TL;DR;
acl is a lightweight acl manager for go.
Features
- Design simple & reusable roles to empower your application.
- Acquire the rights of other roles to build a powerful set of permissions.
- Resolve possible roles by examine them in an unified way.
Example
type User struct {isAdmin bool}func main() {// first of all: create a new manager instance to register all your roles in one placemanager := acl.NewManager()// now you can use `Ensure` to guarantee that the role with the passed identifier is presentuser := manager.Ensure("user").Grant("profile.edit")// use `Grant`, `Revoke` and `AcquireFrom` to extend the right stackeditor := manager.Ensure("editor").Grant("news.list", "news.create", "news.edit").AcquireFrom(user)// you can also use NewRole to create a Role manuallyadmin := acl.NewRole("admin").Grant("news.delete").AcquireFrom(editor)// note, that you have to register the role by yourselfmanager.Register(admin)// to check if a right was granted to a role you can use:var hasAccess boolhasAccess = admin.Has("some.right")// to check if at least one of the expected rights is present:hasAccess = admin.HasOneOf("news.list", "news.create")// ... and finally, to check that all the expected rights are present, use:hasAccess = admin.HasAllOf("news.delete", "news.list")// a role can be extended with an examiner to determine whether a role can be added// to a `ResultSet`admin.SetExaminer(func (payload interface{}) bool {user := payload.(User)return user.isAdmin})// to get a result set you can use the managers `Examine` functionrs := manager.Examine(User{isAdmin: true})// a result set contains "Has", "HasOneOf" and "HasAllOf" as described above and...// `GetRole` to grab specific roles from the result setexpectedRole := rs.GetRole("admin")// you can also check if a role was added to a result set using:if rs.HasRole("admin") {// ...}}
Blueprint
若有收获,就点个赞吧
0 人点赞
