github.com/aacfactory/fns@v1.2.86-0.20240310083819-80d667fc0a17/docs/permissions.md (about) 1 # Permissions 2 3 --- 4 5 RBAC permission schema. 6 Simply, which role can access which function. 7 It also supports which role can read or write to which resource. 8 9 10 ## Components 11 ### Store 12 `Postgres` and `MYSQL` are supplied by `fns-contrib`, read [doc](https://github.com/aacfactory/fns-contrib/tree/main/permissions/store) for more. 13 14 ## API 15 ### Policy 16 Verify 17 ```go 18 verifyErr := permissions.Verify(ctx, roles...) 19 ``` 20 User bind roles 21 ```go 22 bindErr := permissions.UserBindRoles(ctx, userId, roles...) 23 ``` 24 User unbind roles 25 ```go 26 bindErr := permissions.UserUnbindRoles(ctx, userId, roles...) 27 ``` 28 Get user roles 29 ```go 30 roles, getErr := permissions.GetUserRoles(ctx, userId) 31 ``` 32 User (current user in context) can read resource 33 ```go 34 ok, err := CanReadResource(ctx, resource) 35 ``` 36 User (current user in context) can write resource 37 ```go 38 ok, err := CanWriteResource(ctx, resource) 39 ``` 40 ### Model 41 Get all roles (root role trees) 42 ```go 43 roles, getErr := permissions.GetRoles(ctx) 44 ``` 45 Get role (current role tree) 46 ```go 47 role, getErr := permissions.GetRole(ctx, name) 48 ``` 49 Save role (changing of children will not be saved), 50 ```go 51 saveErr := permissions.SaveRole(ctx, role) 52 ```