Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
c87c005
commit 5883894
Showing
6 changed files
with
123 additions
and
97 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# TODO: update for main | ||
# actor User {} | ||
|
||
resource Repository { | ||
permissions = ["read", "push", "delete"]; | ||
roles = ["contributor", "maintainer", "admin"]; | ||
|
||
"read" if "contributor"; | ||
"push" if "maintainer"; | ||
"delete" if "admin"; | ||
|
||
"maintainer" if "admin"; | ||
"contributor" if "maintainer"; | ||
} | ||
|
||
has_role(user: User, role_name: String, repository: Repository) if | ||
role in user.Roles and | ||
role matches { Role: role_name, RepoId: repository.Id }; | ||
|
||
allow(actor, action, resource) if | ||
has_permission(actor, action, resource); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
package main | ||
|
||
type Repository struct { | ||
Id int | ||
Name string | ||
} | ||
|
||
var reposDb = []Repository{ | ||
{Id: 0, Name: "gmail"}, {Id: 1, Name: "react"}, {Id: 2, Name: "oso"}, | ||
} | ||
|
||
func GetRepositoryById(id int) Repository { | ||
return reposDb[id] | ||
} | ||
|
||
type RepositoryRole struct { | ||
Role string | ||
RepoId int | ||
} | ||
|
||
type User struct { | ||
Roles []RepositoryRole | ||
} | ||
|
||
var usersDb = map[string]User{ | ||
"larry": { | ||
Roles: []RepositoryRole{ | ||
{Role: "admin", RepoId: 0}, | ||
}, | ||
}, | ||
"anne": { | ||
Roles: []RepositoryRole{ | ||
{Role: "maintainer", RepoId: 1}, | ||
}, | ||
}, | ||
"graham": { | ||
Roles: []RepositoryRole{ | ||
{Role: "contributor", RepoId: 2}, | ||
}, | ||
}, | ||
} | ||
|
||
func GetCurrentUser() User { | ||
return usersDb["larry"] | ||
} |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
package main | ||
|
||
import ( | ||
"fmt" | ||
"reflect" | ||
"strconv" | ||
|
||
"github.com/gofiber/fiber/v2" | ||
"github.com/osohq/go-oso" | ||
) | ||
|
||
func main() { | ||
app := fiber.New() | ||
oso, err := oso.NewOso() | ||
if err != nil { | ||
fmt.Printf("Failed to set up Oso: %v", err) | ||
return | ||
} | ||
|
||
if err := oso.RegisterClass(reflect.TypeOf(Repository{}), nil); err != nil { | ||
fmt.Printf("Failed to start: %s", err) | ||
return | ||
} | ||
if err := oso.RegisterClass(reflect.TypeOf(User{}), nil); err != nil { | ||
fmt.Printf("Failed to start: %s", err) | ||
return | ||
} | ||
if err := oso.LoadFile("main.polar"); err != nil { | ||
fmt.Printf("Failed to start: %s", err) | ||
return | ||
} | ||
|
||
app.Get("/repo/:repoId", func(c *fiber.Ctx) error { | ||
repoId, err := strconv.Atoi(c.Params("repoId")) | ||
if err != nil { | ||
return c.SendStatus(400) | ||
} | ||
repository := | ||
allowed, err := oso.IsAllowed(GetCurrentUser(), "read", GetRepositoryById(repoId)) | ||
if err == nil && allowed { | ||
return c.Status(200).SendString(fmt.Sprintf("<h1>A Repo</h1><p>Welcome to repo %s</p>", repository.Name)) | ||
} else { | ||
return c.Status(404).SendString("<h1>Whoops!</h1><p>That repo was not found</p>") | ||
|
||
} | ||
}) | ||
if err := app.Listen(":5000"); err != nil { | ||
fmt.Printf("Failed to start: %s", err) | ||
} | ||
} |