type MessageBoard interface {
	// Lurk fetches a page of posts, by page number, lower = newer.
	Lurk(pageNum int) (string, error)
	// Read fetches a single post content.
	Read(id int) (string, error)
	// Post writes a message to the board, returns its id.
	Post(msg string) (int, error)
	// Sticky prevents the message from rolling off, keeps it at the top.
	Sticky(threadId int) error
	// Ban a user for some time.
	Ban(user User, seconds int) error
	// Delete a message.
	Delete(threadId int) error
}

var MessageBoardRoles rbac.RoleMap = rbac.NewRoleMap(LurkerRole, PosterRole, ModeratorRole)

var AccessDenied error = fmt.Errorf("Access denied")

// MessageBoardResource represents the entire message board.
var MessageBoardResource rbac.Resource = rbac.NewResource("message-board:",
	ReadPerm, ListPerm, PostPerm, DeletePerm, StickyPerm, BanPerm)

// mbConn is a connection to the message board service as a certain user.
type mbConn struct {
	*rbac.Access
	AsUser User
}

func (mb *mbConn) Lurk(pageNumber int) (string, error) {
	// Check that the user has list permissions on the message board
示例#2
0
var PassengerRole *characterRole = &characterRole{"passenger", rbac.NewPermissionMap(
	BoardShipPerm{},
)}

var BureaucratRole *characterRole = &characterRole{"bureaucrat", rbac.NewPermissionMap(
	FilePaperworkPerm{},
)}

var DoctorRole *characterRole = &characterRole{"doctor", rbac.NewPermissionMap(
	PerformSurgeryPerm{},
)}

var FuturamaRoles rbac.RoleMap = rbac.NewRoleMap(
	JanitorRole,
	PilotRole,
	PassengerRole,
	BureaucratRole,
	DoctorRole,
	UserRole,
)

type facilitiesResource struct {
	parent *facilitiesResource
	name   string
}

func (_ facilitiesResource) Capabilities() rbac.PermissionMap { return FacilitiesCapabilities }
func (r facilitiesResource) URI() string                      { return r.name }
func (r facilitiesResource) ParentOf() rbac.Resource {
	if r.parent == nil {
		return nil
	}