// Shows how to add/check/remove permissions for a n entity (resource) of a user or a group entity func Example_acl() { entityManager := initEntityManager() fmt.Println("ExampleShowACLAddCheckRemovePermissions") fmt.Printf("User: %q, permission %q is: %v\n", userName1, canUsePermission, acl.CheckUserPermission(entityManager, userName1, resourceName, acl.Permission(canUsePermission))) data, _ := entityManager.GetPropertyAttachedToEntity(resourceName, stc.AclPropertyName) a, ok := data.(*acl.Acl) if ok == false { fmt.Println("Error: can't get property", stc.AclPropertyName, "attached to resource", resourceName) return } a.AddPermissionToResource(entityManager, userName1, acl.Permission(canUsePermission)) fmt.Printf("User: %q, permission %q is: %v\n", userName1, canUsePermission, acl.CheckUserPermission(entityManager, userName1, resourceName, acl.Permission(canUsePermission))) a.AddPermissionToResource(entityManager, groupName, acl.Permission(supportPermission)) a.AddPermissionToResource(entityManager, groupName, acl.Permission(canUsePermission)) a.AddPermissionToResource(entityManager, stc.AclAllEntryName, acl.Permission(allPermission)) a.AddPermissionToResource(entityManager, userInGroupName1, acl.Permission(usersPermission)) permissions, _ := acl.GetUserPermissions(entityManager, userInGroupName1, resourceName) fmt.Printf("All the permissions for user: %q, on resource %q are: %q\n", userInGroupName1, resourceName, permissions) permissions, _ = acl.GetUserPermissions(entityManager, groupName, resourceName) fmt.Printf("All the permissions for group %q on resource %q are: %q\n", groupName, resourceName, permissions) a.RemovePermissionFromEntity(groupName, acl.Permission(canUsePermission)) fmt.Printf("After remove permission: %q from group %q\n", canUsePermission, groupName) fmt.Printf("User: %q, permission %q is: %v\n", userInGroupName1, canUsePermission, acl.CheckUserPermission(entityManager, userInGroupName1, resourceName, acl.Permission(canUsePermission))) fmt.Printf("All the permissions are: %q\n", a.GetAllPermissions()) }
// Test estGetAllPermissionsOfEntity // Add a set of permissions to resource for a given users list and verify that the respobse is as expected func Test_getAllPermissionsOfEntity(t *testing.T) { initState() generateAcl() baseUrl := fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[getAllPermissionsOfEntityCommand]), entityToken, userName1, resourceToken, resourceName1) url := fmt.Sprintf("%v/%v", resourcePath, baseUrl) data, _ := acl.GetUserPermissions(stRestful.UsersList, userName1, resourceName1) res := []string{} for p, _ := range data { res = append(res, string(p)) } exeCommandCheckRes(t, cr.GET_STR, url, http.StatusOK, "", res) }
func (a aclRestful) restGetAllPermissionsOfEntity(request *restful.Request, response *restful.Response) { userName := request.PathParameter(entityNameParam) resourceName := request.PathParameter(resourceNameParam) res, err := acl.GetUserPermissions(a.st.UsersList, userName, resourceName) if err != nil { a.setError(response, http.StatusNotFound, err) return } data := []string{} for name, _ := range res { data = append(data, string(name)) } response.WriteHeader(http.StatusOK) response.WriteEntity(data) }