Categorygithub.com/RedeployAB/casbin-blob-adapter

modulepackage

0.1.1

Repository: https://github.com/redeployab/casbin-blob-adapter.git

Documentation: pkg.go.dev

# README

casbin-blob-adapter

Azure Blob Storage adapter for casbin.

Casbin adapter implementation for Azure Blob Storage.

Installation
Example usage
Constructor functions

Installation

go get github.com/RedeployAB/casbin-blob-adapter

Example usage

This example uses azcore.TokenCredential as credentials for the adapter. See Constructor functions below for other options.

package main

import (
    "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
    blobadapter "github.com/RedeployAB/casbin-blob-adapter"
    "github.com/casbin/casbin/v2"
)

func main() {
    // Create credentials for Azure Blob Storage (service principal, managed identity, az cli).
    cred, err := azidentity.NewDefaultAzureCredential(nil)
    if err != nil {
        // Handle error.
    }

    // Create the adapter for Azure Blob Storage. Provide account (storage account name),
    // container name, blob name and credentials. If the container and blob does not exist,
    // they will be created.
    a, err := blobadapter.NewAdapter("account", "container", "policy.csv", cred)
    if err != nil {
        // Handle error.
    }

    e, err := casbin.NewEnforcer("rbac_with_domains_model.conf", a)
    if err != nil {
        // Handle error.
    }

    // Load the policy from the specified blob in Azure Blob Storage manually.
    // NOTE: Like all implicit and explicit adapters the policies is loaded
    // automatically when calling NewEnforcer. This method can be used at
    // runtime to reload policy.
    if err := e.LoadPolicy(); err != nil {
        // Handle error.
    }

    // Check the permission.
    ok, err := e.Enforce("alice", "domain1", "data1", "read")
    if err != nil {
        // Handle error.
    }

    // Modify policy.
    // e.AddPolicy(...)
    // e.RemovePolicy(...)

    // Save policy back to the blob in Azure Blob Storage.
    if err := e.SavePolicy(); err != nil {
        // Handle error.
    }
}

Constructor functions

NewAdapter(account string, container string, blob string, cred azcore.TokenCredential, options ...Option) (*Adapter, error)

Uses azcore.TokenCredential. See azidentity for more options on creating credentials.

cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
    // Handle error.
}

a, err := blobadapter.NewAdapter("account", "container", "policy.csv", cred)
if err != nil {
    // Handle error.
}

NewAdapterFromConnectionString(connectionString string, container string, blob string, options ...Option) (*Adapter, error)

Uses a connection string for an Azure Storage account.

a, err := blobadapter.NewAdapterFromConnectionString("connectionstring", "container", "policy.csv")
if err != nil {
    // Handle error.
}

NewAdapterFromSharedKeyCredential(account string, key string, container string, blob string, options ...Option) (*Adapter, error)

Uses storage account name and key for an Azure Storage account.

a, err := blobadapter.NewAdapterFromSharedKeyCredential("account", "key", "container", "policy.csv")
if err != nil {
    // Handle error.
}

# Functions

NewAdapter

NewAdapter returns a new adapter with the given account, container, blob and credentials.

NewAdapterFromConnectionString

NewAdapterFromConnectionString returns a new adapter with the given connection string, container and blob.

NewAdapterFromSharedKeyCredential

NewAdapterFromSharedKeyCredential returns a new adapter with the given account, key, container and blob.

WithTimeout

WithTimeout sets the timeout on the adapter.

# Variables

ErrBlobDoesNotExist

ErrBlobDoesNotExist is returned when the blob does not exist.

ErrContainerDoesNotExist

ErrContainerDoesNotExist is returned when the container does not exist.

ErrInvalidAccount

ErrInvalidAccount is returned when the account is invalid.

ErrInvalidBlob

ErrInvalidBlob is returned when the blob is invalid.

ErrInvalidConnectionString

ErrInvalidConnectionString is returned when the connection string is invalid.

ErrInvalidContainer

ErrInvalidContainer is returned when the container is invalid.

ErrInvalidCredential

ErrInvalidCredential is returned when the credentials are invald.

ErrInvalidKey

ErrInvalidKey is returned when the key is invalid.

# Structs

Adapter

Adapter is an Azure Blob Storage adapter for casbin.

# Type aliases

Option

Option is a function that sets options on the adapter.