Minimalistic RBAC package for Go applications

Overview

RBAC

MIT License Go Report Card Go Doc

Overview

RBAC is a package that makes it easy to implement Role Based Access Control (RBAC) models in Go applications.

Download

To download this package, run:

go get github.com/zpatrick/rbac

Getting Started

This section will go over some of the basic concepts and an example of how to use rbac in an application. For more advanced usage, please see the examples directory.

  • Action: An action is a string that represents some desired operation. Actions are typically expressed as a verb or a verb-object combination, but it is ultimately up to the user how actions are expressed. Some examples are: "Upvote", "ReadArticle", or "EditComment".
  • Target: A target is a string that represents what the action is trying to operate on. Targets are typically expressed as an object's unique identifier, but it is ultimately up to the user how targets are expressed. An example is passing an articleID as the target for a "ReadArticle" action. Not all actions require a target.
  • Matcher: A matcher is a function that returns a bool representing whether or not the target matches some pre-defined pattern. This repo comes with some builtin matchers: GlobMatch, RegexMatch, and StringMatch. Please see the complex blog example to see how one can implement custom matchers for their applications.
  • Permission: A permission is a function that takes an action and a target, and returns true if and only if the action is allowed on the target. A permission should always allow (as opposed to deny) action(s) to be made on target(s), since nothing is allowed by default.
  • Role: A role is essentially a grouping of permissions. The role.Can function should be used to determine whether or not a role can do an action on a target. A role is only allowed to do something if it has at least one permission that allows it.

Usage

package main

import (
        "fmt"

        "github.com/zpatrick/rbac"
)

func main() {
        roles := []rbac.Role{
                {
                        RoleID: "Adult",
                        Permissions: []rbac.Permission{
                                rbac.NewGlobPermission("watch", "*"),
                        },
                },
                {
                        RoleID: "Teenager",
                        Permissions: []rbac.Permission{
                                rbac.NewGlobPermission("watch", "pg-13"),
                                rbac.NewGlobPermission("watch", "g"),
                        },
                },
                {
                        RoleID: "Child",
                        Permissions: []rbac.Permission{
                                rbac.NewGlobPermission("watch", "g"),
                        },
                },
        }

        for _, role := range roles {
                fmt.Println("Role:", role.RoleID)
                for _, rating := range []string{"g", "pg-13", "r"} {
                        canWatch, _ := role.Can("watch", rating)
                        fmt.Printf("Can watch %s? %t\n", rating, canWatch)
                }
        }
}

Output:

Role: Adult
Can watch g? true
Can watch pg-13? true
Can watch r? true
Role: Teenager
Can watch g? true
Can watch pg-13? true
Can watch r? false
Role: Child
Can watch g? true
Can watch pg-13? false
Can watch r? false

License

This work is published under the MIT license.

Please see the LICENSE file for details.

Owner
Zack Patrick
Zack Patrick
goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.

goRBAC goRBAC provides a lightweight role-based access control implementation in Golang. For the purposes of this package: * an identity has one or mo

Xing 1.3k Jun 26, 2022
Go + Vue开发的管理系统脚手架, 前后端分离, 仅包含项目开发的必需部分, 基于角色的访问控制(RBAC), 分包合理, 精简易于扩展。 后端Go包含了gin、 gorm、 jwt和casbin等的使用, 前端Vue基于vue-element-admin开发

go-web-mini Go + Vue开发的管理系统脚手架, 前后端分离, 仅包含项目开发的必需部分, 基于角色的访问控制(RBAC), 分包合理, 精简易于扩展。 后端Go包含了gin、 gorm、 jwt和casbin等的使用, 前端Vue基于vue-element-admin开发: http

gnimli 65 Jul 4, 2022
YSHOP-GO基于当前流行技术组合的前后端RBAC管理系统:Go1.15.x+Beego2.x+Jwt+Redis+Mysql8+Vue 的前后端分离系统,权限控制采用 RBAC,支持数据字典与数据权限管理,支持动态路由等

YSHOP-GO 后台管理系统 项目简介 YSHOP-GO基于当前流行技术组合的前后端RBAC管理系统:Go1.15.x+Beego2.x+Jwt+Redis+Mysql8+Vue 的前后端分离系统,权限控制采用 RBAC,支持数据字典与数据权限管理,支持动态路由等 体验地址: https://go

null 103 Jun 28, 2022
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

Casbin News: still worry about how to write the correct Casbin policy? Casbin online editor is coming to help! Try it at: https://casbin.org/editor/ C

Casbin 12.3k Jul 4, 2022
RBAC scaffolding based on Gin + Gorm+ Casbin + Wire

Gin Admin 基于 GIN + GORM + CASBIN + WIRE 实现的RBAC权限管理脚手架,目的是提供一套轻量的中后台开发框架,方便、快速的完成业务需求的开发。 特性 遵循 RESTful API 设计规范 & 基于接口的编程规范 基于 GIN 框架,提供了丰富的中间件支持(JWT

Lyric 2k Jul 4, 2022
基于 Echo + Gorm + Casbin + Uber-FX 实现的 RBAC 权限管理脚手架,致力于提供一套尽可能轻量且优雅的中后台解决方案。

Echo-Admin 基于 Echo + Gorm + Casbin + Uber-FX 实现的 RBAC 权限管理脚手架,致力于提供一套尽可能轻量且优雅的中后台解决方案。 English | 简体中文 特性 遵循 RESTful API 设计规范 基于 Echo API 框架,提供了丰富的中间件支

LiuSha 70 Jun 16, 2022
Role Based Access Control (RBAC) with database persistence

Authority Role Based Access Control (RBAC) Go package with database persistence Install First get authority go get github.com/harranali/authority Next

null 224 Jun 22, 2022
Generate K8s RBAC policies based on e2e test runs

rbac-audit Have you ever wondered whether your controller actually needs all the permissions it has granted to it? Wonder no more! This repo contains

Jason Hall 28 Aug 2, 2021
ACL, RBAC, ABAC authorization middleware for KubeSphere

casbin-kubesphere-auth Casbin-kubesphere-auth is a plugin which apply several security authentication check on kubesphere via casbin. This plugin supp

Casbin 4 Jun 9, 2022
Incomplete CRUD/RBAC service meant to be a practice for Go

Incomplete CRUD / RBAC Service in Go The repository name means nothing. But your task is to complete this repository on your own to be a functional CR

Teknologi Umum 5 Nov 9, 2021
A practical RBAC implementation

RBAC This project contains a practical RBAC implementation by Golang. It's actually a demo now. With in-memory storage, no database or file storage ye

Max Xu 0 Dec 1, 2021
Open source RBAC library. Associate users with roles and permissions.

ℹ️ This package is completely open source and works independently from Permify. Associate users with roles and permissions This package allows you to

Permify 97 Jun 28, 2022
Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.

Goth: Multi-Provider Authentication for Go Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applic

Mark Bates 3.7k Jun 27, 2022
Package gorilla/securecookie encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.

securecookie securecookie encodes and decodes authenticated and optionally encrypted cookie values. Secure cookies can't be forged, because their valu

Gorilla Web Toolkit 581 Jun 29, 2022
jwt package for gin go applications

gin-jwt jwt package for gin go applications Usage Download using go module: go get github.com/ennaque/gin-jwt Import it in your code: import gwt "gith

Igor Volkov 2 Apr 21, 2022
The mep-agent module provides proxy services for 3rd applications to MEP.

Mep-Agent Introduction Mep-Agent is a middleware that provides proxy services for third-party apps. It can help apps, which do not implement the ETSI

EdgeGallery 21 Mar 9, 2022
Certificate authority and access plane for SSH, Kubernetes, web applications, and databases

Teleport is an identity-aware, multi-protocol access proxy which understands SSH, HTTPS, Kubernetes API, MySQL and PostgreSQL wire protocols.

Teleport 12.1k Jul 4, 2022
A library for Go client applications that need to perform OAuth authorization against a server

oauth-0.8.0.zip oauth A library for Go client applications that need to perform OAuth authorization against a server, typically GitHub.com. Traditiona

tigressma 1 Oct 13, 2021
This package provides json web token (jwt) middleware for goLang http servers

jwt-auth jwt auth middleware in goLang. If you're interested in using sessions, checkout my sessions library! README Contents: Quickstart Performance

Adam Hanna 217 Jun 7, 2022