github.com/litesolutions/justifay-api@v1.0.0-2.0.20220707114139-46f28a909481/model/role.go (about) 1 package model 2 3 import ( 4 "context" 5 6 uuid "github.com/google/uuid" 7 ) 8 9 // AccessRole represents access role type 10 type AccessRole int32 11 12 const ( 13 // SuperAdminRole has all permissions and can assign admins 14 SuperAdminRole AccessRole = iota + 1 // 1 15 16 // AdminRole has admin permissions across all tenants, except the ability to assign other Admins 17 AdminRole // 2 18 19 // TenantAdminRole has admin permissions over other users in their tenant. 20 TenantAdminRole // 3 21 22 // LabelRole is a like an artist user, but can manage their artists content. 23 LabelRole // 4 24 25 // ArtistRole is a like a standard user, but can have multiple personas and the ability to upload 26 ArtistRole // 5 27 28 // UserRole is a standard user 29 UserRole // 6 30 ) 31 32 // RBACService represents role-based access control service interface 33 type RBACService interface { 34 EnforceRole(context.Context, AccessRole) bool 35 EnforceUser(context.Context, uuid.UUID) bool 36 EnforceTenant(context.Context, uuid.UUID) bool 37 EnforceTenantAdmin(context.Context, int32) bool 38 EnforceTenantAndRole(context.Context, AccessRole, int32) bool 39 IsLowerRole(context.Context, AccessRole) bool 40 } 41 42 // Role entity 43 // type Role struct { 44 // Id int `json:"id"` 45 // Name string `json:"name"` 46 // } 47 48 // Role is a one of roles user can have 49 type Role struct { 50 ID int32 `bun:"type:,unique"` 51 Name string `bun:"type:varchar(50),unique,notnull"` 52 Description string `bun:"type:varchar(200),notnull"` 53 IsDefault bool `bun:"default:false"` 54 }