// Shows how to add/check/remove permissions for a n entity (resource) of a user or a group entity
func Example_acl() {
	entityManager := initEntityManager()
	fmt.Println("ExampleShowACLAddCheckRemovePermissions")
	fmt.Printf("User: %q, permission %q is: %v\n", userName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userName1, resourceName, acl.Permission(canUsePermission)))
	data, _ := entityManager.GetPropertyAttachedToEntity(resourceName, stc.AclPropertyName)
	a, ok := data.(*acl.Acl)
	if ok == false {
		fmt.Println("Error: can't get property", stc.AclPropertyName, "attached to resource", resourceName)
		return
	}
	a.AddPermissionToResource(entityManager, userName1, acl.Permission(canUsePermission))
	fmt.Printf("User: %q, permission %q is: %v\n", userName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userName1, resourceName, acl.Permission(canUsePermission)))
	a.AddPermissionToResource(entityManager, groupName, acl.Permission(supportPermission))
	a.AddPermissionToResource(entityManager, groupName, acl.Permission(canUsePermission))
	a.AddPermissionToResource(entityManager, stc.AclAllEntryName, acl.Permission(allPermission))
	a.AddPermissionToResource(entityManager, userInGroupName1, acl.Permission(usersPermission))
	permissions, _ := acl.GetUserPermissions(entityManager, userInGroupName1, resourceName)
	fmt.Printf("All the permissions for user: %q, on resource %q are: %q\n",
		userInGroupName1, resourceName, permissions)
	permissions, _ = acl.GetUserPermissions(entityManager, groupName, resourceName)
	fmt.Printf("All the permissions for group %q on resource %q are: %q\n", groupName, resourceName, permissions)
	a.RemovePermissionFromEntity(groupName, acl.Permission(canUsePermission))
	fmt.Printf("After remove permission: %q from group %q\n", canUsePermission, groupName)
	fmt.Printf("User: %q, permission %q is: %v\n", userInGroupName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userInGroupName1, resourceName, acl.Permission(canUsePermission)))
	fmt.Printf("All the permissions are: %q\n", a.GetAllPermissions())
}
// Test estGetAllPermissionsOfEntity
// Add a set of permissions to resource for a given users list and verify that the respobse is as expected
func Test_getAllPermissionsOfEntity(t *testing.T) {
	initState()
	generateAcl()
	baseUrl := fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[getAllPermissionsOfEntityCommand]), entityToken, userName1, resourceToken, resourceName1)
	url := fmt.Sprintf("%v/%v", resourcePath, baseUrl)
	data, _ := acl.GetUserPermissions(stRestful.UsersList, userName1, resourceName1)
	res := []string{}
	for p, _ := range data {
		res = append(res, string(p))
	}
	exeCommandCheckRes(t, cr.GET_STR, url, http.StatusOK, "", res)
}
Example #3
0
func (a aclRestful) restGetAllPermissionsOfEntity(request *restful.Request, response *restful.Response) {
	userName := request.PathParameter(entityNameParam)
	resourceName := request.PathParameter(resourceNameParam)
	res, err := acl.GetUserPermissions(a.st.UsersList, userName, resourceName)
	if err != nil {
		a.setError(response, http.StatusNotFound, err)
		return
	}
	data := []string{}
	for name, _ := range res {
		data = append(data, string(name))
	}
	response.WriteHeader(http.StatusOK)
	response.WriteEntity(data)
}