Добавление rback

2022-07-30 18:53:46 +10:00 · 2022-07-30 18:53:46 +10:00 · 8223d7d0e9
commit 8223d7d0e9
parent 0452b5b83c
1 changed files with 211 additions and 0 deletions
--- a/rbac.go
+++ b/rbac.go
@ -0,0 +1,211 @@
+package rbac
+
+const (
+	SubNull    Subject  = ""
+	AtrDefault Atribute = "*"
+)
+
+type Subject string
+type Object string
+type Action string
+type Atribute string
+
+// Filter defines the filtering
+type RbacList struct {
+	P []RbacRuleP
+	G []RbacRuleG
+}
+
+type RbacRule struct {
+	P RbacRuleP
+	G RbacRuleG
+}
+
+// CasbinRule is the model for casbin rule
+type RbacRuleP struct {
+	Sub Subject
+	Obj Object
+	Act Action
+	Atr Atribute
+}
+
+// CasbinRule is the model for casbin rule
+type RbacRuleG struct {
+	Sub1 Subject
+	Sub2 Subject
+}
+
+// Initialize policy enforce
+func NewRbacRule() *RbacList {
+	rbac := new(RbacList)
+
+	return rbac
+}
+
+//Add policy in table P (policy)
+func (r *RbacList) AddDefP(sub Subject, obj Object, act Action, atr ...Atribute) {
+
+	rb := NewRbacRuleP(sub.String(), obj, act, atr...)
+
+	rr := RbacRuleP{
+		Sub: rb.P.Sub,
+		Obj: rb.P.Obj,
+		Act: rb.P.Act,
+		Atr: rb.P.Atr,
+	}
+
+	r.P = append(r.P, rr)
+}
+
+//Add policy in table P (policy)
+func (r *RbacList) AddDefG(sub1 Subject, sub2 Subject) {
+
+	rr := RbacRuleG{
+		Sub1: Subject(sub1),
+		Sub2: sub2,
+	}
+
+	r.G = append(r.G, rr)
+}
+
+func (r *RbacRuleP) String() string {
+
+	return r.Sub.String() + ", " + r.Obj.String() + ", " + r.Act.String() + ", " + r.Atr.String()
+
+}
+
+func (r *RbacRuleG) String() string {
+
+	return r.Sub1.String() + ", " + r.Sub2.String()
+
+}
+
+// Converted EnforcesPolicy To String
+func (r *RbacList) String() string {
+	var str string
+
+	if len(r.P) > 0 {
+		for _, p := range r.P {
+			str = str + p.String() + "\n"
+
+		}
+	}
+
+	if len(r.G) > 0 {
+		for _, g := range r.G {
+			str = str + g.String() + "\n"
+
+		}
+	}
+	return str
+}
+
+func (s Subject) String() string {
+
+	b := []byte(s)
+
+	return string(b)
+}
+
+func (o Object) String() string {
+
+	b := []byte(o)
+
+	return string(b)
+}
+
+func (a Action) String() string {
+
+	b := []byte(a)
+
+	return string(b)
+}
+
+func (a Atribute) String() string {
+
+	b := []byte(a)
+
+	return string(b)
+}
+
+func NewSubject(login string) Subject {
+
+	s := Subject(login)
+	return s
+}
+
+func NewRbacRuleP(police string, obj Object, act Action, atr ...Atribute) RbacRule {
+	var rule RbacRule
+	var atrList Atribute
+	if len(atr) == 0 {
+		atrList = AtrDefault
+	} else {
+		atrList = atr[0]
+	}
+	rule.G.Sub1 = SubNull
+	rule.P.Sub = NewSubject(police)
+	rule.P.Obj = obj
+	rule.P.Act = act
+	rule.P.Atr = atrList
+	return rule
+}
+
+func NewRbacRuleG(login string, sub Subject) RbacRule {
+	var rule RbacRule
+	rule.P.Sub = SubNull
+	rule.G.Sub1 = NewSubject(login)
+	rule.G.Sub2 = sub
+	return rule
+}
+
+// Enforced
+func (r *RbacList) Enforce(login string, obj Object, act Action) *Atribute {
+
+	// Detected policy list for login
+	for _, enf := range r.P {
+		if login == enf.Sub.String() && enf.Obj == obj && enf.Act == act {
+			return &enf.Atr
+		}
+	}
+
+	// Detected policy list for group
+	var listP []RbacRuleP
+
+	listG := listEnforce(login, r)
+
+	for _, lG := range listG {
+		for _, rdbP := range r.P {
+			if lG == rdbP.Sub || login == rdbP.Sub.String() {
+				listP = append(listP, rdbP)
+			}
+		}
+	}
+
+	for _, enf := range listP {
+		if enf.Obj == obj && enf.Act == act {
+			return &enf.Atr
+		}
+	}
+
+	return nil
+}
+
+// List Enforced for iterated
+func listEnforce(login string, rules *RbacList) []Subject {
+	var listG []Subject
+
+	for _, rdbG := range rules.G {
+		if login == rdbG.Sub1.String() {
+			listG = append(listG, rdbG.Sub2)
+		}
+	}
+
+	for _, listFull := range listG {
+		if login != listFull.String() {
+			lG := listEnforce(listFull.String(), rules)
+			listG = append(listG, lG...)
+		}
+	}
+
+	return listG
+}