pretty sure this is overly complicated for what we need
This commit is contained in:
Tit Petric
@@ -1,47 +1,52 @@
|
||||
package rbac
|
||||
|
||||
// Permissions is a stateful object (Session, User, Roles, Resource)
|
||||
type Permissions interface {
|
||||
// Permissions is a stateful object
|
||||
type Permissions interface /* for Session, User, Roles, Resource */ {
|
||||
// Scoped for [Resource]
|
||||
Grant(permission string) error
|
||||
Revoke(permission string) error
|
||||
|
||||
// User may modify own permissions (ie, "enter moderator view", "exit moderator view" or similar scenario);
|
||||
GrantAuthorize(permission string) error
|
||||
RevokeAuthorize(permission string) error
|
||||
|
||||
// List active permissions
|
||||
List() ([]string, error)
|
||||
|
||||
// List authorized permissions
|
||||
ListAuthorized() ([]string, error)
|
||||
|
||||
// Check permission of stateful object (Session, User, Roles)
|
||||
CheckAccess(permission string) (bool, error)
|
||||
}
|
||||
|
||||
// Roles is a stateful object (Session, User)
|
||||
type Roles interface {
|
||||
Create(role string) error
|
||||
// Roles is a stateful object
|
||||
type Roles interface /* for Session, User */ {
|
||||
// Scoped to User
|
||||
Add(role string) error
|
||||
Delete(role string) error
|
||||
|
||||
// Scoped to Session, User
|
||||
List() ([]string, error)
|
||||
ListAuthorized() ([]string, error)
|
||||
|
||||
// Scoped to Session
|
||||
GrantRole(role string) error
|
||||
RevokeRole(role string) error
|
||||
|
||||
// Permissions are scoped to [Session, User]
|
||||
Permissions(role string) Permissions
|
||||
}
|
||||
|
||||
// Session object holds session state (Create, Load)
|
||||
type Session interface {
|
||||
// Unscoped functions
|
||||
Create(userID string, roles ...string) error
|
||||
Load(sessionID string) error
|
||||
|
||||
Delete() error
|
||||
User() (string, error)
|
||||
|
||||
// User returns User scoped object with global roles/permissions
|
||||
User() (User, error)
|
||||
|
||||
// Roles and Permissions return session scoped objects
|
||||
Roles() Roles
|
||||
Permissions() Permissions
|
||||
}
|
||||
|
||||
// Resource
|
||||
// Resource is a static object
|
||||
type Resource interface {
|
||||
Load(resource string) error
|
||||
Create(resource string) error
|
||||
Delete(resource string) error
|
||||
|
||||
@@ -49,11 +54,13 @@ type Resource interface {
|
||||
UserPermissions(resource string, user string) Permissions
|
||||
}
|
||||
|
||||
// User is a static object
|
||||
// Users is a static object
|
||||
type User interface {
|
||||
Load(user string) error
|
||||
Create(user string) error
|
||||
Delete(user string) error
|
||||
|
||||
// Roles and Permissions return User scoped objects
|
||||
Roles(user string) Roles
|
||||
Permissions(user string) Roles
|
||||
Permissions(user string) Permissions
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user