~evanj/cms

973057649c947968242d798704dbfeb3111d0b05 — Evan M Jones 9 months ago 4acbe35
WIP(rbac): Initial model comment for RBAC feat.
A internal/m/role/role.go => internal/m/role/role.go +134 -0
@@ 0,0 1,134 @@
package role

type Role struct {
	Name         string
	capabilities map[Capability]bool
}

func (r Role) Has(test Capability) bool {
	_, ok := r.capabilities[test]
	return ok
}

type Capability int

const (
	SpaceGet Capability = iota
	SpaceCreate
	SpaceUpdate
	SpaceDelete
	InviteGet
	InviteCreate
	InviteUpdate
	InviteDelete
	ContentTypeGet
	ContentTypeCreate
	ContentTypeUpdate
	ContentTypeDelete
	HookGet
	HookCreate
	HookUpdate
	HookDelete
	ContentGet
	ContentCreate
	ContentUpdate
	ContentDelete
)

var (
	Admin = Role{"Admin", map[Capability]bool{
		SpaceGet:          true,
		SpaceCreate:       true,
		SpaceUpdate:       true,
		SpaceDelete:       true,
		InviteGet:         true,
		InviteCreate:      true,
		InviteUpdate:      true,
		InviteDelete:      true,
		ContentTypeGet:    true,
		ContentTypeCreate: true,
		ContentTypeUpdate: true,
		ContentTypeDelete: true,
		HookGet:           true,
		HookCreate:        true,
		HookUpdate:        true,
		HookDelete:        true,
		ContentGet:        true,
		ContentCreate:     true,
		ContentUpdate:     true,
		ContentDelete:     true,
	}}

	Developer = Role{"Developer", map[Capability]bool{
		SpaceGet:          true,
		InviteGet:         true,
		InviteCreate:      true,
		InviteUpdate:      true,
		ContentTypeGet:    true,
		ContentTypeCreate: true,
		ContentTypeUpdate: true,
		HookGet:           true,
		HookCreate:        true,
		HookUpdate:        true,
		ContentGet:        true,
		ContentCreate:     true,
		ContentUpdate:     true,
	}}

	Editor = Role{"Editor", map[Capability]bool{
		SpaceGet:          true,
		SpaceUpdate:       true,
		InviteGet:         true,
		InviteCreate:      true,
		InviteUpdate:      true,
		InviteDelete:      true,
		ContentTypeGet:    true,
		ContentTypeCreate: true,
		ContentTypeUpdate: true,
		ContentTypeDelete: true,
		HookGet:           true,
		HookCreate:        true,
		HookUpdate:        true,
		HookDelete:        true,
		ContentGet:        true,
		ContentCreate:     true,
		ContentUpdate:     true,
		ContentDelete:     true,
	}}

	Author = Role{"Author", map[Capability]bool{
		SpaceGet:          true,
		InviteGet:         true,
		InviteCreate:      true,
		InviteUpdate:      true,
		ContentTypeGet:    true,
		ContentTypeCreate: true,
		ContentTypeUpdate: true,
		HookGet:           true,
		HookCreate:        true,
		HookUpdate:        true,
		ContentGet:        true,
		ContentCreate:     true,
		ContentUpdate:     true,
	}}

	Contributor = Role{"Contributor", map[Capability]bool{
		SpaceGet:          true,
		InviteGet:         true,
		InviteUpdate:      true,
		ContentTypeGet:    true,
		ContentTypeUpdate: true,
		HookGet:           true,
		HookUpdate:        true,
		ContentGet:        true,
		ContentUpdate:     true,
	}}

	Reader = Role{"Reader", map[Capability]bool{
		SpaceGet:       true,
		InviteGet:      true,
		ContentTypeGet: true,
		HookGet:        true,
		ContentGet:     true,
	}}
)

A internal/m/role/role_test.go => internal/m/role/role_test.go +1 -0
@@ 0,0 1,1 @@
package role_test

A internal/s/rbac/rbac.go => internal/s/rbac/rbac.go +13 -0
@@ 0,0 1,13 @@
package rbac

import (
	"log"

	"git.sr.ht/~evanj/cms/internal/s/rl"
)

type RBAC struct {
	rl.RL
	log *log.Logger
	db  rl.RL // Or DB or Cache, depends on DI order in main.
}

A internal/s/rbac/rbac_test.go => internal/s/rbac/rbac_test.go +1 -0
@@ 0,0 1,1 @@
package rbac_test