Esempio n. 1
0
func (e *engine) Decision(roleName string, res string, perms ...string) bool {
	rootId, _, exist := e.GetRole(roleName, false)
	if !exist {
		return false
	}
	for _, p := range perms {
		pid, exist := e.GetPerm(p, res, false)
		if !exist {
			return false
		}
		f := func(rid int) bool {
			if pms, ok := e.rolePerm[rid]; !ok {
				return false
			} else if i := pms.Search(pid); i < len(pms) && pms[i] == pid {
				return true
			}
			return false
		}
		found := e.searchRoleGraph(rootId, f)
		if !found {
			return false
		}
	}
	return true
}
Esempio n. 2
0
func (e *engine) GrantPerm(roleName, resString string, perms ...string) error {
	rid, _, exist := e.GetRole(roleName, true)
	for _, perm := range perms {
		pid, _ := e.GetPerm(perm, resString, true)
		permIds := e.rolePerm[rid]
		if idx := permIds.Search(pid); idx >= permIds.Len() || permIds[idx] != pid {
			e.rolePerm[rid] = append(e.rolePerm[rid], pid)
			e.rolePerm[rid].Sort()
		}
	}
	if !exist {
		return errs.ErrRoleNotExist
	}
	return nil
}
Esempio n. 3
0
func (e *engine) RevokePerm(roleName string, res string, perms ...string) error {
	rid, _, exist := e.GetRole(roleName, false)
	if !exist {
		return errs.ErrRoleNotExist
	}
	permIds := e.rolePerm[rid]
	for _, permName := range perms {
		if pid, exist := e.GetPerm(permName, res, false); exist {
		RP:
			if i := permIds.Search(pid); i < len(permIds) && permIds[i] == pid { //found
				permIds = append(permIds[:i], permIds[i+1:]...)
				goto RP
			}
		}
	}
	e.rolePerm[rid] = permIds
	return nil
}