grim/hgkeeper
Clone
Summary
Browse
Changes
Graph
Move from our custom yaml access setup to casbin
2019-09-09, Gary Kramlich
f82b7c397849
Move from our custom yaml access setup to casbin
package
access
import
(
"path/filepath"
"sync"
"github.com/casbin/casbin"
)
var
(
enforcer
*
casbin
.
Enforcer
enforcerLock
sync
.
Mutex
)
func
accessMatch
(
key1
,
key2
string
)
bool
{
switch
key2
{
case
"deny"
:
return
false
case
"init"
:
return
key1
==
"init"
||
key1
==
"write"
||
key1
==
"read"
case
"write"
:
return
key1
==
"write"
||
key1
==
"read"
case
"read"
:
return
key1
==
"read"
}
return
false
}
func
accessMatchFunc
(
args
...
interface
{})
(
interface
{},
error
)
{
key1
:=
args
[
0
].(
string
)
key2
:=
args
[
1
].(
string
)
return
(
bool
)(
accessMatch
(
key1
,
key2
)),
nil
}
func
refreshEnforcer
(
repoPath
string
)
error
{
enforcerLock
.
Lock
()
defer
enforcerLock
.
Unlock
()
modelFile
:=
filepath
.
Join
(
repoPath
,
modelFilename
)
policyFile
:=
filepath
.
Join
(
repoPath
,
policyFilename
)
e
:=
casbin
.
NewEnforcer
(
modelFile
,
policyFile
)
e
.
AddFunction
(
"access"
,
accessMatchFunc
)
enforcer
=
e
return
nil
}
