DEV Community

loading...

Role Based Access Control (RBAC) Go package with database persistence

harranali
Full Stack Developer
・3 min read

Authority is a Golang package that lets you manage roles and permissions, it stores the information in database using gorm, once you create roles and their permissions you can assign them to the users of your app using their IDs.

Features:

Here is a list of all the features of the package

  • Create Roles
  • Create Permissions
  • Assign Permissions to Roles
  • Assign Multiple Roles to Users
  • Check User's Roles
  • Check User's Permissions
  • Check Role's Permissions
  • Revoke User's Roles
  • Revoke User's Permissions
  • Revoke Role's permissions
  • List User's Roles
  • List All Roles
  • List All Permissions
  • Delete Roles
  • Delete Permissions

Install

Here is how you can install the package

go get github.com/harranali/authority
Enter fullscreen mode Exit fullscreen mode

Install the database driver

Authority uses gorm to work with the database, that's why you need to install gorm database driver of the database system that you intend to use, here is how you can install each driver

# mysql 
go get gorm.io/driver/mysql 

# or postgres
go get gorm.io/driver/postgres

# or sqlite
go get gorm.io/driver/sqlite

# or sqlserver
go get gorm.io/driver/sqlserver

# or clickhouse
go get gorm.io/driver/clickhouse
Enter fullscreen mode Exit fullscreen mode

Initializing the package

Authority creates 4 database tables to store the roles, permissions and their relationships, to initialize authority you need to pass two parameters, the first one is the prefix of the table names, the second one is an instance of gorm, here is how you can initiate the package

// initiate the database (using mysql)
dsn := "dbuser:dbpassword@tcp(127.0.0.1:3306)/dbname?charset=utf8mb4&parseTime=True&loc=Local"
db, _ := gorm.Open(mysql.Open(dsn), &gorm.Config{})

// initiate authority
auth := authority.New(authority.Options{
    TablesPrefix: "authority_",
    DB:           db,
})
Enter fullscreen mode Exit fullscreen mode

Migrating the database tables

The package uses gorm auto migration, so there is no need to migrate or manage the database tables since it's taken care of for you automatically

Using the package

Here are some of the operation that you can perform with the package, to see all the operation please refer to the authority docs

Creating roles

Here is how you can create and store roles in the database

err := auth.CreateRole("role-1")
err = auth.CreateRole("role-2")
Enter fullscreen mode Exit fullscreen mode

Creating permissions

Here is how you can create and store permissions in the database

err := auth.CreatePermission("permission-1")
err = auth.CreatePermission("permission-2")
err = auth.CreatePermission("permission-3")
Enter fullscreen mode Exit fullscreen mode

Assigning permissions to roles

Here is how you can assign a group of permissions to a given role

err := auth.AssignPermissions("role-1", []string{
    "permission-1",
    "permission-2",
    "permission-3",
})
Enter fullscreen mode Exit fullscreen mode

Assigning roles to users

Here is how you can assign a role to a user, you can simply pass the user ID as the first parameter and the role as the second parameter

err = auth.AssignRole(1, "role-a") # 1 is the user id
Enter fullscreen mode Exit fullscreen mode

Checking if a user have a given role

Here is how you can check if a given user has a particular role, the first argument is the user ID, the second one is the role

ok, err := auth.CheckRole(1, "role-a") # 1 is the user id
Enter fullscreen mode Exit fullscreen mode

Checking if a user have a given permission

Here is how you can check if a given user has a particular permission, the first parameter is the user ID, the second one is the permission

ok, err := auth.CheckPermission(1, "permission-d") # 1 is the user id
Enter fullscreen mode Exit fullscreen mode

Checking role's permissions

Here is how you can check if a given role has a particular permission

ok, err := auth.CheckRolePermission("role-a", "permission-a")
Enter fullscreen mode Exit fullscreen mode

Revoke user's role

here is how you can revoke roles assigned to users

err = auth.RevokeRole(1, "role-a")
Enter fullscreen mode Exit fullscreen mode

Retrieve user's roles

here is how you can get the list of roles assigned to a given user

roles, err := auth.GetUserRoles(1)
Enter fullscreen mode Exit fullscreen mode

To see the rest of functionalities please check authority's docs.

Discussion (0)