Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mikespook/Gorbac
goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.
https://github.com/mikespook/Gorbac
go rbac
Last synced: 3 months ago
JSON representation
goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.
- Host: GitHub
- URL: https://github.com/mikespook/Gorbac
- Owner: mikespook
- License: mit
- Created: 2013-12-26T10:00:41.000Z (about 11 years ago)
- Default Branch: master
- Last Pushed: 2024-07-22T08:19:49.000Z (6 months ago)
- Last Synced: 2024-10-15T22:41:42.107Z (3 months ago)
- Topics: go, rbac
- Language: Go
- Homepage:
- Size: 98.6 KB
- Stars: 1,601
- Watchers: 68
- Forks: 176
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
goRBAC
======[![Build Status](https://travis-ci.org/mikespook/gorbac.png?branch=master)](https://travis-ci.org/mikespook/gorbac)
[![GoDoc](https://godoc.org/github.com/mikespook/gorbac?status.png)](https://godoc.org/github.com/mikespook/gorbac)
[![Coverage Status](https://coveralls.io/repos/github/mikespook/gorbac/badge.svg?branch=master)](https://coveralls.io/github/mikespook/gorbac?branch=master)goRBAC provides a lightweight role-based access control implementation
in Golang.For the purposes of this package:
* an identity has one or more roles.
* a role requests access to a permission.
* a permission is given to a role.Thus, RBAC has the following model:
* many to many relationship between identities and roles.
* many to many relationship between roles and permissions.
* roles can have a parent role (inheriting permissions).Version
=======Currently, goRBAC has two released versions
[Version 1](https://github.com/mikespook/gorbac/tree/v1.dev) is the original design which will only be mantained to fix bugs.
[Version 2](https://github.com/mikespook/gorbac/tree/v2.dev) is the new design which will only be mantained to fix bugs.
and the developing branch is
[The master branch](https://github.com/mikespook/gorbac) will be under development with generic (go 1.18 and higher) and can be changed without notice.
Install
=======Install the package:
> $ go get github.com/mikespook/gorbac
Usage
=====Although you can adjust the RBAC instance anytime and it's absolutely safe, the library is designed for use with two phases:
1. Preparing
2. Checking
Preparing
---------Import the library:
import "github.com/mikespook/gorbac"
Get a new instance of RBAC:
rbac := gorbac.New()
Get some new roles:
rA := gorbac.NewRole("role-a")
rB := gorbac.NewRole("role-b")
rC := gorbac.NewRole("role-c")
rD := gorbac.NewRole("role-d")
rE := gorbac.NewRole("role-e")Get some new permissions:
pA := gorbac.NewPermission("permission-a")
pB := gorbac.NewPermission("permission-b")
pC := gorbac.NewPermission("permission-c")
pD := gorbac.NewPermission("permission-d")
pE := gorbac.NewPermission("permission-e")Add the permissions to roles:
rA.Assign(pA)
rB.Assign(pB)
rC.Assign(pC)
rD.Assign(pD)
rE.Assign(pE)Also, you can implement `gorbac.Role` and `gorbac.Permission` for your own data structure.
After initialization, add the roles to the RBAC instance:
rbac.Add(rA)
rbac.Add(rB)
rbac.Add(rC)
rbac.Add(rD)
rbac.Add(rE)And set the inheritance:
rbac.SetParent("role-a", "role-b")
rbac.SetParents("role-b", []string{"role-c", "role-d"})
rbac.SetParent("role-e", "role-d")Checking
--------Checking the permission is easy:
if rbac.IsGranted("role-a", pA, nil) &&
rbac.IsGranted("role-a", pB, nil) &&
rbac.IsGranted("role-a", pC, nil) &&
rbac.IsGranted("role-a", pD, nil) {
fmt.Println("The role-a has been granted permis-a, b, c and d.")
}And there are some built-in util-functions:
[InherCircle](https://godoc.org/github.com/mikespook/gorbac#InherCircle),
[AnyGranted](https://godoc.org/github.com/mikespook/gorbac#AnyGranted),
[AllGranted](https://godoc.org/github.com/mikespook/gorbac#AllGranted).
Please [open an issue](https://github.com/mikespook/gorbac/issues/new)
for the new built-in requirement.E.g.:
rbac.SetParent("role-c", "role-a")
if err := gorbac.InherCircle(rbac); err != nil {
fmt.Println("A circle inheratance occurred.")
}Persistence
-----------The most asked question is how to persist the goRBAC instance. Please check the post [HOW TO PERSIST GORBAC INSTANCE](https://mikespook.com/2017/04/how-to-persist-gorbac-instance/) for the details.
Authors
=======* Xing Xing [Blog](http://mikespook.com)
[@Twitter](http://twitter.com/mikespook)Open Source - MIT Software License
==================================See LICENSE.