Skip to content

Instantly share code, notes, and snippets.

@kmesiab

kmesiab/simple-authy-ish-enforcement.go

Created October 31, 2024 04:30
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save kmesiab/e4dc0c6f2f07d081435d526ff59ac9f9 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save kmesiab/e4dc0c6f2f07d081435d526ff59ac9f9 to your computer and use it in GitHub Desktop.
Download ZIP
Using go-policy-enforcer as a roles and permissions "guard"
Raw
simple-authy-ish-enforcement.go
package main
import (
"fmt"
pe "github.com/kmesiab/go-policy-enforcer"
)
type user struct {
IsLoggedIn bool
Roles []string
}
var mustBeAdminRule = pe.Rule{
Field: "Roles",
Operator: "in",
Value: "admin",
}
var mustBeLoggedInRule = pe.Rule{
Field: "IsLoggedIn",
Operator: "==",
Value: true,
}
var canEditUserPolicy = pe.Policy{
Rules: []pe.Rule{
mustBeLoggedInRule,
mustBeAdminRule,
},
}
func main() {
guest := user{IsLoggedIn: false}
admin := user{IsLoggedIn: false, Roles: []string{"admin"}}
loggedInAdmin := user{IsLoggedIn: true, Roles: []string{"admin"}}
enforcer := pe.NewPolicyEnforcer(&[]pe.Policy{canEditUserPolicy})
if enforcer.Enforce(guest) {
fmt.Println("Guest can edit user")
} else {
fmt.Println("Guest cannot edit user")
}
if enforcer.Enforce(admin) {
fmt.Println("Logged out Admin can edit user")
} else {
fmt.Println("Logged out Admin cannot edit user")
}
if enforcer.Enforce(loggedInAdmin) {
fmt.Println("Logged in admin can edit user")
} else {
fmt.Println("Logged in admin cannot edit user")
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment