Skip to content
This repository has been archived by the owner on Mar 21, 2019. It is now read-only.

tango-contrib/rbac

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

rbac Build Status

Rbac is a rbac middleware for Tango, it's based on https://github.com/mikespook/gorbac.

Installation

go get github.com/tango-contrib/rbac

Simple Example

package main

import (
	"github.com/lunny/tango"
	"github.com/mikespook/gorbac"
	"github.com/tango-contrib/rbac"
	"github.com/tango-contrib/session"
)

type LoginAction struct {
	session.Session
	rbac.Manager
}

func (l *LoginAction) Post() {
	l.SetRBACRole("writer")
}

type RBACPermAction struct {
	rbac.Perm `write`
}

func (a *RBACPermAction) Get() string {
	return "You have write permission"
}

func main() {
	t := tango.Classic()

	// init session middleware to store roles
	sessions := session.New()
	t.Use(sessions)

	// init rbac middleware
	goRBAC := gorbac.New()
	rA := gorbac.NewStdRole("writer")
	pA := gorbac.NewStdPermission("write")
	rA.Assign(pA)
	goRBAC.Add(rA)

	t.Use(rbac.RBAC(goRBAC, sessions))

	// define the routers
	t.Post("/login", new(LoginAction))
	t.Any("/perm_write", new(RBACPermAction))
	t.Run()
}
  • If you want to give difference perm for GET and POST, then you can give a tag
type Action struct {
	Perm `GET:"read" POST:"write"`
}
type Action struct {
	Role `GET:"reader" POST:"writer"`
}
  • If you want to dynamic perm, you can use rbac.PermTager and rbac.RolesTager interfaces.
type Action struct {
}

func (a *Action) PermTag() string {
	return `GET:"read" POST:"write"`
}
type Action struct {
}

func (a *Action) RolesTag() string {
	return `GET:"reader" POST:"writer"`
}

Getting Help

License

This project is under BSD License. See the LICENSE file for the full license text.