Skip to content

chriswhitcombe/rbac

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

examples/http-simple

examples/http-simple

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

roles.go

roles.go

 
 

roles_test.go

roles_test.go

 
 

Repository files navigation

rbac

Build Status Coverage Status Build Status

-- import "github.com/chriswhitcombe/rbac"

Package rbac is a simple role based access control api for golang http servers.

Overview

There are 3 elements to role based access control, users, roles and resources. This package consists of functions to limit access to resources by role, it does not handle user to role mapping (i.e. how you map from a specific user to their roles).

Usage

RBAC has been modelled in a similar way to the standard http libraries, to instantiate a mapper simply run:

roleMapper := rbac.NewRoleMapper()

You can then add mappings, usually from paths to roles as such:

roleMapper.AddMethodMapping("/admin", "GET", []string{"admin"})
roleMapper.AddMethodMapping("/products", "GET", []string{"admin", "products.list"})
roleMapper.AddMethodMapping("/products", "POST", []string{"admin", "products.create"})

The final step is to lookup a users roles, and validate they are able to access a resource, see the http example for doing this nicely in a http middleware chain:

for _, role := range usersRoles {
  if rm.RoleValid(path, method, role) {
    return true
  }
}

Examples

HTTP-Simple

The http simple example shows the use of RBAC as a http handler with a static user DB, this demonstrates a normal use case of wanting to lock out certain parts of a website based upon user roles.

About

Role based access control for golang

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages