func (e *engine) SetRoleType(roleName string, rbacType int) error {
if id, ok := e.roleMap[roleName]; ok {
e.Lock()
defer e.Unlock()
e.storage[id].sType = rbacType
return nil
} else {
return errs.ErrRoleNotExist
}
}
func (e *engine) GetRole(roleName string, create bool) (int, int, bool) {
if id, ok := e.roleMap[roleName]; ok {
return id, e.storage[id].sType, true
} else if !create {
return -1, -1, false
} else {
e.Lock()
defer e.Unlock()
nid := e.nextSerial()
e.roleMap[roleName] = nid
e.storage[nid] = &storlet{ROLE, roleName, ""}
return nid, ROLE, false
}
}
func (e *engine) DropRole(roleName string) error {
e.Lock()
defer e.Unlock()
rid, _, exist := e.GetRole(roleName, false)
if !exist {
return errs.ErrRoleNotExist
}
delete(e.roleMap, roleName)
delete(e.roleGraph, rid)
delete(e.storage, rid)
for k, v := range e.roleGraph {
if idx := v.Search(rid); idx < v.Len() && v[idx] == rid {
e.roleGraph[k] = append(v[:idx], v[idx+1:]...)
}
}
return nil
}
func (e *engine) GetPerm(permName, resString string, create bool) (id int, exist bool) {
if id, ok := e.permMap[permName][resString]; ok {
return id, true
} else if !create {
return -1, false
} else {
e.Lock()
defer e.Unlock()
id := e.nextSerial()
if _, ok := e.permMap[permName]; !ok {
e.permMap[permName] = make(map[string]int)
}
e.permMap[permName][resString] = id
e.storage[id] = &storlet{PERM, permName, resString}
return id, false
}
}
func (e *engine) DropPerm(permName, resString string) error {
if _, ok := e.permMap[permName]; !ok {
return errs.ErrPermNotExist
} else if id, ok := e.permMap[permName][resString]; !ok {
return errs.ErrPermNotExist
} else {
e.Lock()
defer e.Unlock()
delete(e.permMap[permName], resString)
delete(e.storage, id)
for rid, permIds := range e.rolePerm {
D:
if i := permIds.Search(id); i < len(permIds) && permIds[i] == id { //found
permIds = append(permIds[:i], permIds[i+1:]...)
goto D
}
e.rolePerm[rid] = permIds
}
}
return nil
}