lbsadmin/Beego
1
0
Fork 0
mirror of https://github.com/astaxie/beego.git synced 2025-07-07 12:20:19 +00:00
Code Issues Releases Activity

update mod

Browse Source
This commit is contained in:
astaxie
2018-11-22 13:08:39 +08:00
parent 2a8d6f943f
commit 55d9b69cd9
28 changed files with 491 additions and 2898 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
vendor/github.com/casbin/casbin/README.md generated vendored
View File

@ -18,11 +18,10 @@ Casbin is a powerful and efficient open-source access control library for Golang
## All the languages supported by Casbin:
- Golang: [Casbin](https://github.com/casbin/casbin) (production-ready)
- Java: [jCasbin](https://github.com/casbin/jcasbin) (production-ready)
- PHP: [PHP-Casbin](https://github.com/sstutz/php-casbin) (experimental)
- Node.js: [node-casbin](https://github.com/casbin/node-casbin) (WIP)
- C++: xCasbin (WIP)
[![golang](https://casbin.org/docs/assets/langs/golang.png)](https://github.com/casbin/casbin) | [![java](https://casbin.org/docs/assets/langs/java.png)](https://github.com/casbin/jcasbin) | [![nodejs](https://casbin.org/docs/assets/langs/nodejs.png)](https://github.com/casbin/node-casbin) | [![php](https://casbin.org/docs/assets/langs/php.png)](https://github.com/php-casbin/php-casbin)
----|----|----|----
[Casbin](https://github.com/casbin/casbin) | [jCasbin](https://github.com/casbin/jcasbin) | [node-Casbin](https://github.com/casbin/node-casbin) | [PHP-Casbin](https://github.com/php-casbin/php-casbin)
production-ready | production-ready | production-ready | production-ready
## Table of contents
@ -81,9 +80,6 @@ e = some(where (p.eft == allow))
[matchers]
m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
# We also support multi-line mode by appending '\' in the end:
# m = r.sub == p.sub && r.obj == p.obj \
# && r.act == p.act
```
An example policy for ACL model is like:
@ -98,6 +94,27 @@ It means:
- alice can read data1
- bob can write data2
We also support multi-line mode by appending '\\' in the end:
```ini
# Matchers
[matchers]
m = r.sub == p.sub && r.obj == p.obj \
&& r.act == p.act
```
Further more, if you are using ABAC, you can try operator `in` like following in Casbin **golang** edition (jCasbin and Node-Casbin are not supported yet):
```ini
# Matchers
[matchers]
m = r.obj == p.obj && r.act == p.act || r.obj in ('data2', 'data3')
```
But you **SHOULD** make sure that the length of the array is **MORE** than **1**, otherwise there will cause it to panic.
For more operators, you may take a look at [govaluate](https://github.com/Knetic/govaluate)
## Features
What Casbin does:
@ -121,7 +138,7 @@ go get github.com/casbin/casbin
## Documentation
For documentation, please see: [Our Wiki](https://github.com/casbin/casbin/wiki)
https://casbin.org/docs/en/overview
## Online editor
@ -129,12 +146,7 @@ You can also use the online editor (http://casbin.org/editor/) to write your Cas
## Tutorials
- [Basic Role-Based HTTP Authorization in Go with Casbin](https://zupzup.org/casbin-http-role-auth) (or [Chinese translation](https://studygolang.com/articles/12323))
- [Policy enforcements on Kubernetes with Banzai Cloud's Pipeline and Casbin](https://banzaicloud.com/blog/policy-enforcement-k8s/)
- [Using Casbin with Beego: 1. Get started and test (in Chinese)](https://blog.csdn.net/hotqin888/article/details/78460385)
- [Using Casbin with Beego: 2. Policy storage (in Chinese)](https://blog.csdn.net/hotqin888/article/details/78571240)
- [Using Casbin with Beego: 3. Policy query (in Chinese)](https://blog.csdn.net/hotqin888/article/details/78992250)
- [Using Casbin with Beego: 4. Policy update (in Chinese)](https://blog.csdn.net/hotqin888/article/details/80032538)
https://casbin.org/docs/en/tutorials
## Get started
@ -189,7 +201,7 @@ In Casbin, the policy storage is implemented as an adapter (aka middleware for C
Adapter | Type | Author | Description
----|------|----|----
[File Adapter (built-in)](https://github.com/casbin/casbin/wiki/Policy-persistence#file-adapter) | File | Casbin | Persistence for [.CSV (Comma-Separated Values)](https://en.wikipedia.org/wiki/Comma-separated_values) files
[File Adapter (built-in)](https://casbin.org/docs/en/policy-storage#file-adapter-built-in) | File | Casbin | Persistence for [.CSV (Comma-Separated Values)](https://en.wikipedia.org/wiki/Comma-separated_values) files
[Filtered File Adapter (built-in)](https://github.com/casbin/casbin#policy-enforcement-at-scale) | File | [@faceless-saint](https://github.com/faceless-saint) | Persistence for [.CSV (Comma-Separated Values)](https://en.wikipedia.org/wiki/Comma-separated_values) files with policy subset loading support
[Xorm Adapter](https://github.com/casbin/xorm-adapter) | ORM | Casbin | MySQL, PostgreSQL, TiDB, SQLite, SQL Server, Oracle are supported by [Xorm](https://github.com/go-xorm/xorm/)
[Gorm Adapter](https://github.com/casbin/gorm-adapter) | ORM | Casbin | MySQL, PostgreSQL, Sqlite3, SQL Server are supported by [Gorm](https://github.com/jinzhu/gorm/)
@ -208,7 +220,7 @@ Adapter | Type | Author | Description
[Minio/AWS S3 Adapter](https://github.com/Soluto/casbin-minio-adapter) | Object storage | [Soluto](https://github.com/Soluto) | Persistence for [Minio](https://github.com/minio/minio) and [Amazon S3](https://aws.amazon.com/s3/)
[Bolt Adapter](https://github.com/wirepair/bolt-adapter) | KV store | [@wirepair](https://github.com/wirepair) | Persistence for [Bolt](https://github.com/boltdb/bolt)
For details of adapters, please refer to the documentation: https://github.com/casbin/casbin/wiki/Policy-persistence
For details of adapters, please refer to the documentation: https://casbin.org/docs/en/policy-storage
## Policy enforcement at scale
@ -311,9 +323,9 @@ Priority | [priority_model.conf](https://github.com/casbin/casbin/blob/master/ex
## How to use Casbin as a service?
- [Go-Simple-API-Gateway](https://github.com/Soontao/go-simple-api-gateway): A simple API gateway written by golang, supports for authentication and authorization
- [Casbin Server](https://github.com/casbin/casbin-server): Casbin as a Service via RESTful, only exposed permission checking API
- [middleware-acl](https://github.com/luk4z7/middleware-acl): RESTful access control middleware based on Casbin
- [Casbin Server](https://github.com/casbin/casbin-server): The official ``Casbin as a Service`` solution based on [gRPC](https://grpc.io/), both Management API and RBAC API are provided.
- [Go-Simple-API-Gateway](https://github.com/Soontao/go-simple-api-gateway): A simple API gateway written by golang, supports for authentication and authorization.
- [middleware-acl](https://github.com/luk4z7/middleware-acl): RESTful access control middleware based on Casbin.
## Our adopters
@ -342,6 +354,7 @@ Priority | [priority_model.conf](https://github.com/casbin/casbin/blob/master/ex
- [Skydive](https://github.com/skydive-project/skydive): An open source real-time network topology and protocols analyzer, via direct integration, see: [model (in code)](https://github.com/skydive-project/skydive/blob/master/config/config.go#L136-L140), [policy rules](https://github.com/skydive-project/skydive/blob/master/rbac/policy.csv)
- [Zenpress](https://github.com/insionng/zenpress): A CMS system written in Golang, via direct integration, see: [model](https://github.com/insionng/zenpress/blob/master/content/config/rbac_model.conf), [policy rules (in Gorm)](https://github.com/insionng/zenpress/blob/master/model/user.go#L53-L77)
- [Argo CD](https://github.com/argoproj/argo-cd): GitOps continuous delivery for Kubernetes, via direct integration, see: [model](https://github.com/argoproj/argo-cd/blob/master/util/rbac/model.conf), [policy rules](https://github.com/argoproj/argo-cd/blob/master/util/rbac/builtin-policy.csv)
- [Muxi Cloud](https://github.com/muxiyun/Mae): PaaS of Muxi Cloud, an easier way to manage Kubernetes cluster, via direct integration, see: [model](https://github.com/muxiyun/Mae/blob/master/conf/casbinmodel.conf), [policy rules (in code)](https://github.com/muxiyun/Mae/blob/master/pkg/casbin/initPolicy.go#L21-L95)
- [EngineerCMS](https://github.com/3xxx/EngineerCMS): A CMS to manage knowledge for engineers, via direct integration, see: [model](https://github.com/3xxx/EngineerCMS/blob/master/conf/rbac_model.conf), [policy rules (in SQLite)](https://github.com/3xxx/EngineerCMS/blob/master/database/engineer.db)
- [Cyber Auth API](https://github.com/CyberlifeCN/cyber-auth-api): A Golang authentication API project, via direct integration, see: [model](https://github.com/CyberlifeCN/cyber-auth-api/blob/master/conf/authz_model.conf), [policy rules](https://github.com/CyberlifeCN/cyber-auth-api/blob/master/conf/authz_policy.csv)
- [IRIS Community](https://github.com/irisnet/iris-community): Website for IRIS Community Activities, via direct integration, see: [model](https://github.com/irisnet/iris-community/blob/master/authz/authz_model.conf), [policy rules](https://github.com/irisnet/iris-community/blob/master/authz/authz_policy.csv)
@ -349,7 +362,7 @@ Priority | [priority_model.conf](https://github.com/casbin/casbin/blob/master/ex
## License
This project is licensed under the [Apache 2.0 license](https://github.com/casbin/casbin/blob/master/LICENSE).
This project is licensed under the [Apache 2.0 license](LICENSE).
## Contact
@ -357,10 +370,3 @@ If you have any issues or feature requests, please contact us. PR is welcomed.
- https://github.com/casbin/casbin/issues
- hsluoyz@gmail.com
- Tencent QQ group: [546057381](//shang.qq.com/wpa/qunwpa?idkey=8ac8b91fc97ace3d383d0035f7aa06f7d670fd8e8d4837347354a31c18fac885)
## Donation
[![Patreon](https://hsluoyz.github.io/donation/patreon.png)](http://www.patreon.com/yangluo)
![Alipay](https://hsluoyz.github.io/donation/donate_alipay.png)
![Wechat](https://hsluoyz.github.io/donation/donate_weixin.png)

61
vendor/github.com/casbin/casbin/enforcer.go generated vendored
View File

@ -19,8 +19,8 @@ import (
"fmt"
"github.com/Knetic/govaluate"
"github.com/casbin/casbin/effect"
"github.com/casbin/casbin/log"
"github.com/casbin/casbin/model"
"github.com/casbin/casbin/persist"
"github.com/casbin/casbin/persist/file-adapter"
@ -53,8 +53,6 @@ type Enforcer struct {
// e := casbin.NewEnforcer("path/to/basic_model.conf", a)
func NewEnforcer(params ...interface{}) *Enforcer {
e := &Enforcer{}
e.rm = defaultrolemanager.NewRoleManager(10)
e.eft = effect.NewDefaultEffector()
parsedParamLen := 0
if len(params) >= 1 {
@ -67,28 +65,28 @@ func NewEnforcer(params ...interface{}) *Enforcer {
}
if len(params)-parsedParamLen == 2 {
switch params[0].(type) {
switch p0 := params[0].(type) {
case string:
switch params[1].(type) {
switch p1 := params[1].(type) {
case string:
e.InitWithFile(params[0].(string), params[1].(string))
e.InitWithFile(p0, p1)
default:
e.InitWithAdapter(params[0].(string), params[1].(persist.Adapter))
e.InitWithAdapter(p0, p1.(persist.Adapter))
}
default:
switch params[1].(type) {
case string:
panic("Invalid parameters for enforcer.")
default:
e.InitWithModelAndAdapter(params[0].(model.Model), params[1].(persist.Adapter))
e.InitWithModelAndAdapter(p0.(model.Model), params[1].(persist.Adapter))
}
}
} else if len(params)-parsedParamLen == 1 {
switch params[0].(type) {
switch p0 := params[0].(type) {
case string:
e.InitWithFile(params[0].(string), "")
e.InitWithFile(p0, "")
default:
e.InitWithModelAndAdapter(params[0].(model.Model), nil)
e.InitWithModelAndAdapter(p0.(model.Model), nil)
}
} else if len(params)-parsedParamLen == 0 {
e.InitWithFile("", "")
@ -116,7 +114,6 @@ func (e *Enforcer) InitWithAdapter(modelPath string, adapter persist.Adapter) {
// InitWithModelAndAdapter initializes an enforcer with a model and a database adapter.
func (e *Enforcer) InitWithModelAndAdapter(m model.Model, adapter persist.Adapter) {
e.adapter = adapter
e.watcher = nil
e.model = m
e.model.PrintModel()
@ -131,6 +128,10 @@ func (e *Enforcer) InitWithModelAndAdapter(m model.Model, adapter persist.Adapte
}
func (e *Enforcer) initialize() {
e.rm = defaultrolemanager.NewRoleManager(10)
e.eft = effect.NewDefaultEffector()
e.watcher = nil
e.enabled = true
e.autoSave = true
e.autoBuildRoleLinks = true
@ -226,9 +227,9 @@ func (e *Enforcer) LoadFilteredPolicy(filter interface{}) error {
var filteredAdapter persist.FilteredAdapter
// Attempt to cast the Adapter as a FilteredAdapter
switch e.adapter.(type) {
switch adapter := e.adapter.(type) {
case persist.FilteredAdapter:
filteredAdapter = e.adapter.(persist.FilteredAdapter)
filteredAdapter = adapter
default:
return errors.New("filtered policies are not supported by this adapter")
}
@ -271,9 +272,9 @@ func (e *Enforcer) EnableEnforce(enable bool) {
e.enabled = enable
}
// EnableLog changes whether to print Casbin log to the standard output.
// EnableLog changes whether Casbin will log messages to the Logger.
func (e *Enforcer) EnableLog(enable bool) {
util.EnableLog = enable
log.GetLogger().EnableLog(enable)
}
// EnableAutoSave controls whether to save a policy rule automatically to the adapter when it is added or removed.
@ -311,7 +312,10 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
}
expString := e.model["m"]["m"].Value
expression, _ := govaluate.NewEvaluableExpressionWithFunctions(expString, functions)
expression, err := govaluate.NewEvaluableExpressionWithFunctions(expString, functions)
if err != nil {
panic(err)
}
var policyEffects []effect.Effect
var matcherResults []float64
@ -320,7 +324,7 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
matcherResults = make([]float64, policyLen)
for i, pvals := range e.model["p"]["p"].Policy {
// util.LogPrint("Policy Rule: ", pvals)
// log.LogPrint("Policy Rule: ", pvals)
parameters := make(map[string]interface{}, 8)
for j, token := range e.model["r"]["r"].Tokens {
@ -331,25 +335,25 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
}
result, err := expression.Evaluate(parameters)
// util.LogPrint("Result: ", result)
// log.LogPrint("Result: ", result)
if err != nil {
policyEffects[i] = effect.Indeterminate
panic(err)
}
switch result.(type) {
switch result := result.(type) {
case bool:
if !result.(bool) {
if !result {
policyEffects[i] = effect.Indeterminate
continue
}
case float64:
if result.(float64) == 0 {
if result == 0 {
policyEffects[i] = effect.Indeterminate
continue
} else {
matcherResults[i] = result.(float64)
matcherResults[i] = result
}
default:
panic(errors.New("matcher result should be bool, int or float"))
@ -385,7 +389,7 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
}
result, err := expression.Evaluate(parameters)
// util.LogPrint("Result: ", result)
// log.LogPrint("Result: ", result)
if err != nil {
policyEffects[0] = effect.Indeterminate
@ -399,16 +403,15 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
}
}
// util.LogPrint("Rule Results: ", policyEffects)
// log.LogPrint("Rule Results: ", policyEffects)
result, err := e.eft.MergeEffects(e.model["e"]["e"].Value, policyEffects, matcherResults)
if err != nil {
panic(err)
}
// only generate the request --> result string if the message
// is going to be logged.
if util.EnableLog {
// Log request.
if log.GetLogger().IsEnabled() {
reqStr := "Request: "
for i, rval := range rvals {
if i != len(rvals)-1 {
@ -418,7 +421,7 @@ func (e *Enforcer) Enforce(rvals ...interface{}) bool {
}
}
reqStr += fmt.Sprintf(" ---> %t", result)
util.LogPrint(reqStr)
log.LogPrint(reqStr)
}
return result

42
vendor/github.com/casbin/casbin/log/default_logger.go generated vendored Normal file
View File

@ -0,0 +1,42 @@
// Copyright 2018 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package log
import "log"
// DefaultLogger is the implementation for a Logger using golang log.
type DefaultLogger struct {
enable bool
}
func (l *DefaultLogger) EnableLog(enable bool) {
l.enable = enable
}
func (l *DefaultLogger) IsEnabled() bool {
return l.enable
}
func (l *DefaultLogger) Print(v ...interface{}) {
if l.enable {
log.Print(v...)
}
}
func (l *DefaultLogger) Printf(format string, v ...interface{}) {
if l.enable {
log.Printf(format, v...)
}
}

23
vendor/github.com/casbin/casbin/util/log_util.go → vendor/github.com/casbin/casbin/log/log_util.go generated vendored
View File

@ -12,23 +12,26 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package util
package log
import "log"
var logger Logger = &DefaultLogger{}
// EnableLog controls whether to print log to console.
var EnableLog = true
// SetLogger sets the current logger.
func SetLogger(l Logger) {
logger = l
}
// GetLogger returns the current logger.
func GetLogger() Logger {
return logger
}
// LogPrint prints the log.
func LogPrint(v ...interface{}) {
if EnableLog {
log.Print(v...)
}
logger.Print(v...)
}
// LogPrintf prints the log with the format.
func LogPrintf(format string, v ...interface{}) {
if EnableLog {
log.Printf(format, v...)
}
logger.Printf(format, v...)
}

30
vendor/github.com/casbin/casbin/log/logger.go generated vendored Normal file
View File

@ -0,0 +1,30 @@
// Copyright 2018 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package log
// Logger is the logging interface implementation.
type Logger interface {
//EnableLog controls whether print the message.
EnableLog(bool)
//IsEnabled returns if logger is enabled.
IsEnabled() bool
//Print formats using the default formats for its operands and logs the message.
Print(...interface{})
//Printf formats according to a format specifier and logs the message.
Printf(string, ...interface{})
}

4
vendor/github.com/casbin/casbin/model/assertion.go generated vendored
View File

@ -18,8 +18,8 @@ import (
"errors"
"strings"
"github.com/casbin/casbin/log"
"github.com/casbin/casbin/rbac"
"github.com/casbin/casbin/util"
)
// Assertion represents an expression in a section of the model.
@ -55,6 +55,6 @@ func (ast *Assertion) buildRoleLinks(rm rbac.RoleManager) {
}
}
util.LogPrint("Role links for: " + ast.Key)
log.LogPrint("Role links for: " + ast.Key)
ast.RM.PrintRoles()
}

5
vendor/github.com/casbin/casbin/model/model.go generated vendored
View File

@ -19,6 +19,7 @@ import (
"strings"
"github.com/casbin/casbin/config"
"github.com/casbin/casbin/log"
"github.com/casbin/casbin/util"
)
@ -120,10 +121,10 @@ func (model Model) LoadModelFromText(text string) {
// PrintModel prints the model to the log.
func (model Model) PrintModel() {
util.LogPrint("Model:")
log.LogPrint("Model:")
for k, v := range model {
for i, j := range v {
util.LogPrintf("%s.%s: %s", k, i, j.Value)
log.LogPrintf("%s.%s: %s", k, i, j.Value)
}
}
}

8
vendor/github.com/casbin/casbin/model/policy.go generated vendored
View File

@ -15,6 +15,7 @@
package model
import (
"github.com/casbin/casbin/log"
"github.com/casbin/casbin/rbac"
"github.com/casbin/casbin/util"
)
@ -28,13 +29,13 @@ func (model Model) BuildRoleLinks(rm rbac.RoleManager) {
// PrintPolicy prints the policy to log.
func (model Model) PrintPolicy() {
util.LogPrint("Policy:")
log.LogPrint("Policy:")
for key, ast := range model["p"] {
util.LogPrint(key, ": ", ast.Value, ": ", ast.Policy)
log.LogPrint(key, ": ", ast.Value, ": ", ast.Policy)
}
for key, ast := range model["g"] {
util.LogPrint(key, ": ", ast.Value, ": ", ast.Policy)
log.LogPrint(key, ": ", ast.Value, ": ", ast.Policy)
}
}
@ -140,7 +141,6 @@ func (model Model) GetValuesForFieldInPolicy(sec string, ptype string, fieldInde
}
util.ArrayRemoveDuplicates(&values)
// sort.Strings(values)
return values
}

6
vendor/github.com/casbin/casbin/rbac/default-role-manager/role_manager.go generated vendored
View File

@ -18,8 +18,8 @@ import (
"errors"
"sync"
"github.com/casbin/casbin/log"
"github.com/casbin/casbin/rbac"
"github.com/casbin/casbin/util"
)
// RoleManager provides a default implementation for the RoleManager interface
@ -123,7 +123,7 @@ func (rm *RoleManager) GetRoles(name string, domain ...string) ([]string, error)
}
if !rm.hasRole(name) {
return nil, errors.New("error: name does not exist")
return []string{}, nil
}
roles := rm.createRole(name).getRoles()
@ -166,7 +166,7 @@ func (rm *RoleManager) PrintRoles() error {
}
return true
})
util.LogPrint(line)
log.LogPrint(line)
return nil
}

57
vendor/github.com/casbin/casbin/rbac_api.go generated vendored
View File

@ -125,3 +125,60 @@ func (e *Enforcer) HasPermissionForUser(user string, permission ...string) bool
return e.HasPolicy(params...)
}
// GetImplicitRolesForUser gets implicit roles that a user has.
// Compared to GetRolesForUser(), this function retrieves indirect roles besides direct roles.
// For example:
// g, alice, role:admin
// g, role:admin, role:user
//
// GetRolesForUser("alice") can only get: ["role:admin"].
// But GetImplicitRolesForUser("alice") will get: ["role:admin", "role:user"].
func (e *Enforcer) GetImplicitRolesForUser(name string) []string {
res := []string{}
roleSet := make(map[string]bool)
roleSet[name] = true
q := make([]string, 0)
q = append(q, name)
for len(q) > 0 {
name := q[0]
q = q[1:]
roles, err := e.rm.GetRoles(name)
if err != nil {
panic(err)
}
for _, r := range roles {
if _, ok := roleSet[r]; !ok {
res = append(res, r)
q = append(q, r)
roleSet[r] = true
}
}
}
return res
}
// GetImplicitPermissionsForUser gets implicit permissions for a user or role.
// Compared to GetPermissionsForUser(), this function retrieves permissions for inherited roles.
// For example:
// p, admin, data1, read
// p, alice, data2, read
// g, alice, admin
//
// GetPermissionsForUser("alice") can only get: [["alice", "data2", "read"]].
// But GetImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].
func (e *Enforcer) GetImplicitPermissionsForUser(user string) [][]string {
roles := e.GetImplicitRolesForUser(user)
roles = append([]string{user}, roles...)
res := [][]string{}
for _, role := range roles {
permissions := e.GetPermissionsForUser(role)
res = append(res, permissions...)
}
return res
}

10
vendor/github.com/casbin/casbin/util/builtin_operators.go generated vendored
View File

@ -41,7 +41,7 @@ func KeyMatchFunc(args ...interface{}) (interface{}, error) {
name1 := args[0].(string)
name2 := args[1].(string)
return (bool)(KeyMatch(name1, name2)), nil
return bool(KeyMatch(name1, name2)), nil
}
// KeyMatch2 determines whether key1 matches the pattern of key2 (similar to RESTful path), key2 can contain a *.
@ -66,7 +66,7 @@ func KeyMatch2Func(args ...interface{}) (interface{}, error) {
name1 := args[0].(string)
name2 := args[1].(string)
return (bool)(KeyMatch2(name1, name2)), nil
return bool(KeyMatch2(name1, name2)), nil
}
// KeyMatch3 determines whether key1 matches the pattern of key2 (similar to RESTful path), key2 can contain a *.
@ -91,7 +91,7 @@ func KeyMatch3Func(args ...interface{}) (interface{}, error) {
name1 := args[0].(string)
name2 := args[1].(string)
return (bool)(KeyMatch3(name1, name2)), nil
return bool(KeyMatch3(name1, name2)), nil
}
// RegexMatch determines whether key1 matches the pattern of key2 in regular expression.
@ -108,7 +108,7 @@ func RegexMatchFunc(args ...interface{}) (interface{}, error) {
name1 := args[0].(string)
name2 := args[1].(string)
return (bool)(RegexMatch(name1, name2)), nil
return bool(RegexMatch(name1, name2)), nil
}
// IPMatch determines whether IP address ip1 matches the pattern of IP address ip2, ip2 can be an IP address or a CIDR pattern.
@ -137,7 +137,7 @@ func IPMatchFunc(args ...interface{}) (interface{}, error) {
ip1 := args[0].(string)
ip2 := args[1].(string)
return (bool)(IPMatch(ip1, ip2)), nil
return bool(IPMatch(ip1, ip2)), nil
}
// GenerateGFunction is the factory method of the g(_, _) function.