Open schattinga opened 7 months ago
``Note: Role managment like https://dev.to/bensonmacharia/role-based-access-control-in-golang-with-jwt-go-ijn https://github.com/Permify/go-role/
User has Role Role can read and/or write
Possible Roles
Possible Permissions
Category visibility are assinged directly to role
package main
import "fmt"
// const (
// canRead = 1 << iota
// canWrite
// )
// func main() {
// fmt.Printf("canRead: %b\n", canRead)
// fmt.Printf("canWrite: %b\n", canWrite)
// var admin byte = canRead | canWrite
// var user byte = canRead
// fmt.Printf("admin can read? %v\n", admin & canRead == canRead)
// fmt.Printf("user can read? %v\n", user & canRead == canRead)
// fmt.Printf("admin can write? %v\n", admin & canWrite == canWrite)
// fmt.Printf("user can write? %v\n", user & canWrite == canWrite)
// }
type Role struct {
Name string
Permissions uint
}
type UserCategory struct {
UserID string
CategoryID string
canRead bool
}
const (
full = 0xF
canReadArticles = 1 << iota
canWriteArticles
canReadCategories
canWriteCategories
canReadUsers
canWriteUsers
)
func main() {
adminRole := Role{Name: "admin", Permissions: uint(full)}
userRole := Role{Name: "User", Permissions: uint(canReadArticles)}
fmt.Printf("admin can read articles? %v\n", adminRole.Permissions & canReadArticles == canReadArticles)
fmt.Printf("dumbUser can read articles? %v\n", userRole.Permissions & canReadArticles == canReadArticles)
fmt.Printf("admin can write articles? %v\n", adminRole.Permissions & canWriteArticles == canWriteArticles)
fmt.Printf("dumbUser can write articles? %v\n", userRole.Permissions & canWriteArticles == canWriteArticles)
fmt.Printf("admin can read users? %v\n", adminRole.Permissions & canReadUsers == canReadUsers)
fmt.Printf("dumbUser can read users? %v\n", userRole.Permissions & canReadUsers == canReadUsers)
fmt.Printf("admin can write users? %v\n", adminRole.Permissions & canWriteUsers == canWriteUsers)
fmt.Printf("dumbUser can write users? %v\n", userRole.Permissions & canWriteUsers == canWriteUsers)
}
Wie schon geschrieben für gewisse Benutzer Kategorien ein und ausblenden! Dh. im Backend Berechtigung für die Angezeigten Kategorien vergeben!