90 lines
2.5 KiB
Go
90 lines
2.5 KiB
Go
package authorization
|
|
|
|
// import (
|
|
// "netina/database"
|
|
|
|
// "github.com/casbin/casbin/v2"
|
|
// gormadapter "github.com/casbin/gorm-adapter/v3"
|
|
// )
|
|
|
|
// func enf(){
|
|
|
|
// db := database.Db()
|
|
|
|
// adapter, err := gormadapter.NewAdapterByDB(db)
|
|
// if err != nil {
|
|
// panic("failed to create adapter")
|
|
// }
|
|
|
|
// // Define Casbin model in code
|
|
// modelText := `
|
|
// [request_definition]
|
|
// r = sub, obj, act
|
|
|
|
// [policy_definition]
|
|
// p = sub, obj, act
|
|
|
|
// [role_definition]
|
|
// g = _, _
|
|
|
|
// [policy_effect]
|
|
// e = some(where (p.eft == allow))
|
|
|
|
// [matchers]
|
|
// m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
|
|
// `
|
|
|
|
// // Initialize Casbin enforcer with model text and adapter
|
|
// m := casbin.NewEnforceContext(modelText)
|
|
// enforcer, err := casbin.NewEnforcer(m, adapter)
|
|
// if err != nil {
|
|
// panic("failed to create enforcer")
|
|
// }
|
|
|
|
// // Load policies from DB
|
|
// enforcer.LoadPolicy()
|
|
|
|
// // Define policies
|
|
// definePolicies(enforcer)
|
|
|
|
// // Save policies to DB
|
|
// enforcer.SavePolicy()
|
|
|
|
// }
|
|
|
|
// // Define policies for admin and user roles
|
|
// func definePolicies(enforcer *casbin.Enforcer) {
|
|
// // Admin policies (full access)
|
|
// enforcer.AddPolicy("admin", "/user/*", "GET")
|
|
// enforcer.AddPolicy("admin", "/user/*", "POST")
|
|
// enforcer.AddPolicy("admin", "/user/*", "PUT")
|
|
// enforcer.AddPolicy("admin", "/user/*", "DELETE")
|
|
|
|
// enforcer.AddPolicy("admin", "/owner/*", "GET")
|
|
// enforcer.AddPolicy("admin", "/owner/*", "POST")
|
|
// enforcer.AddPolicy("admin", "/owner/*", "PUT")
|
|
// enforcer.AddPolicy("admin", "/owner/*", "DELETE")
|
|
|
|
// enforcer.AddPolicy("admin", "/license/*", "GET")
|
|
// enforcer.AddPolicy("admin", "/license/*", "POST")
|
|
// enforcer.AddPolicy("admin", "/license/*", "PUT")
|
|
// enforcer.AddPolicy("admin", "/license/*", "DELETE")
|
|
|
|
// enforcer.AddPolicy("admin", "/plan/*", "GET")
|
|
// enforcer.AddPolicy("admin", "/plan/*", "POST")
|
|
// enforcer.AddPolicy("admin", "/plan/*", "PUT")
|
|
// enforcer.AddPolicy("admin", "/plan/*", "DELETE")
|
|
|
|
// enforcer.AddPolicy("admin", "/store/*", "GET")
|
|
// enforcer.AddPolicy("admin", "/store/*", "POST")
|
|
// enforcer.AddPolicy("admin", "/store/*", "PUT")
|
|
// enforcer.AddPolicy("admin", "/store/*", "DELETE")
|
|
|
|
// // User policies (limited access)
|
|
// enforcer.AddPolicy("user", "/owner/*", "GET")
|
|
// enforcer.AddPolicy("user", "/store/*", "GET")
|
|
// enforcer.AddPolicy("user", "/plan/*", "GET")
|
|
// enforcer.AddPolicy("user", "/license/*", "GET")
|
|
// }
|
|
|