-
Notifications
You must be signed in to change notification settings - Fork 4
/
rbac.go
45 lines (35 loc) · 993 Bytes
/
rbac.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
package rbac
import "net/http"
// Interface of an RBAC backend
type Interface interface {
Match(role string, user *User) bool
MatchRequest(role string, req *http.Request, validationCrt []byte) (authn, authz bool)
}
// User describes a user for the simple RBAC backend
type User struct {
Name string
Groups []string
}
var (
// Default interface used for default matchers.
Default Interface
// DefaultValidationCertificate used for default matchers.
DefaultValidationCertificate []byte
)
// SetDefaults sets everything up for default matchers.
func SetDefaults(iface Interface, validationCrt []byte) {
Default = iface
DefaultValidationCertificate = validationCrt
}
func Match(role string, user *User) bool {
if Default == nil {
return false
}
return Default.Match(role, user)
}
func MatchRequest(role string, req *http.Request) (authn, authz bool) {
if Default == nil {
return false, false
}
return Default.MatchRequest(role, req, DefaultValidationCertificate)
}