• Stars
    star
    1,509
  • Rank 31,076 (Top 0.7 %)
  • Language
    Go
  • License
    MIT License
  • Created almost 11 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.

goRBAC

Build Status GoDoc Coverage Status

goRBAC provides a lightweight role-based access control implementation in Golang.

For the purposes of this package:

* an identity has one or more roles.
* a role requests access to a permission.
* a permission is given to a role.

Thus, RBAC has the following model:

* many to many relationship between identities and roles.
* many to many relationship between roles and permissions.
* roles can have a parent role (inheriting permissions).

Version

Currently, goRBAC has two released versions

Version 1 is the original design which will only be mantained to fix bugs.

Version 2 is the new design which will only be mantained to fix bugs.

and the developing branch is

The master branch will be under development with generic (go 1.18 and higher) and can be changed without notice.

Install

Install the package:

$ go get github.com/mikespook/gorbac

Usage

Although you can adjust the RBAC instance anytime and it's absolutely safe, the library is designed for use with two phases:

  1. Preparing

  2. Checking

Preparing

Import the library:

import "github.com/mikespook/gorbac"

Get a new instance of RBAC:

rbac := gorbac.New()

Get some new roles:

rA := gorbac.NewRole("role-a")
rB := gorbac.NewRole("role-b")
rC := gorbac.NewRole("role-c")
rD := gorbac.NewRole("role-d")
rE := gorbac.NewRole("role-e")

Get some new permissions:

pA := gorbac.NewPermission("permission-a")
pB := gorbac.NewPermission("permission-b")
pC := gorbac.NewPermission("permission-c")
pD := gorbac.NewPermission("permission-d")
pE := gorbac.NewPermission("permission-e")

Add the permissions to roles:

rA.Assign(pA)
rB.Assign(pB)
rC.Assign(pC)
rD.Assign(pD)
rE.Assign(pE)

Also, you can implement gorbac.Role and gorbac.Permission for your own data structure.

After initialization, add the roles to the RBAC instance:

rbac.Add(rA)
rbac.Add(rB)
rbac.Add(rC)
rbac.Add(rD)
rbac.Add(rE)

And set the inheritance:

rbac.SetParent("role-a", "role-b")
rbac.SetParents("role-b", []string{"role-c", "role-d"})
rbac.SetParent("role-e", "role-d")

Checking

Checking the permission is easy:

if rbac.IsGranted("role-a", pA, nil) &&
	rbac.IsGranted("role-a", pB, nil) &&
	rbac.IsGranted("role-a", pC, nil) &&
	rbac.IsGranted("role-a", pD, nil) {
	fmt.Println("The role-a has been granted permis-a, b, c and d.")
}

And there are some built-in util-functions: InherCircle, AnyGranted, AllGranted. Please open an issue for the new built-in requirement.

E.g.:

rbac.SetParent("role-c", "role-a")
if err := gorbac.InherCircle(rbac); err != nil {
	fmt.Println("A circle inheratance occurred.")
}

Persistence

The most asked question is how to persist the goRBAC instance. Please check the post HOW TO PERSIST GORBAC INSTANCE for the details.

Authors

Open Source - MIT Software License

See LICENSE.

More Repositories

1

Learning-Go-zh-cn

δΈ€ζœ¬ε­¦δΉ  Go θ―­θ¨€ηš„ε…θ΄Ήη”΅ε­δΉ¦γ€‚
Go
2,640
star
2

gearman-go

This package is a Gearman API for Golang. It was implemented a native protocol for both worker and client API.
Go
290
star
3

goemphp

This package is built for Embedding PHP into Golang.
Go
217
star
4

gleam

An operation cluster based on MQTT
Go
54
star
5

golib

Go
52
star
6

ghoko

A web application that listens to web-hooks, scripted by Lua and written in Golang.
Go
38
star
7

possum

A micro web library for Go.
Go
19
star
8

wechat

Go
10
star
9

php_doozer

A Doozer extension for PHP
C
10
star
10

wc-api-golang

A Golang wrapper for the WooCommerce API.
Go
7
star
11

php_skynet

PHP Client and Server to Skynet
PHP
6
star
12

beacons

Beacons is a application that handling and passing data between systems, scripted by Lua and written in Golang.
Go
5
star
13

php-yaf-ppa

PHP-Yaf ppa source utils. Build .deb package for Ubuntu
Shell
5
star
14

schego

A lite weight schedule library for Golang
Go
3
star
15

raccoon

A simple web-spider framework driven by Golang and Lua.
Go
3
star
16

gpkg

This command provides a tool for searching and managing as well as querying information about golang packages.
Go
2
star
17

sortmap

SortMap illustrates how to build a sortable map in Golang. Also, this library can be used in a practical project.
Go
1
star
18

sts

STS: Secure Tunnel Server - a configurable and powerful ssh tunnel
Go
1
star
19

qrd

A HTTP service generating QR code
Go
1
star
20

RIP

Rest in peace, my friends. We will miss you.
1
star
21

dgg-ci

DGG-CI is a Docker, Git and Golang continuous integration environment.
Shell
1
star