首頁>編程相關>其他源碼
下載

Koosa

基於角色的訪問控制管理的聲明性快速框架

查看此博客文章以獲取完整說明和更多詳細信息:訪問控制管理與Swift

例子

代碼在行動中
 // Anyone can browse group, if it is public
Visitor.shouldBeAbleTo(BrowseGroup.action).when {
    guard let browseAction = $1 as? BrowseGroup else { return false }
    return browseAction.group.isPublicGroup
}

// Member can browse his groups + public groups
GroupMemberUser.shouldBeAbleTo(BrowseGroup.action).when {
    guard let groupMember = $0 as? GroupMember,
        let browseAction = $1 as? BrowseGroup else { return false }
    return groupMember.groupNumber == browseAction.group.groupNumber
}

// Member can post his groups 
GroupMemberUser.shouldBeAbleTo(PostToGroup.action).when {
    guard let groupMember = $0 as? GroupMember,
        let postAction = $1 as? PostToGroup else { return false }
    return groupMember.groupNumber == postAction.group.groupNumber
}

// Admin class extends Member + ability to delete
GroupAdminUser.shouldBeAbleTo(DeleteGroup.action).when {
    guard let groupAdmin = $0 as? GroupAdmin,
        let deleteAction = $1 as? DeleteGroup else { return false }
    return groupAdmin.groupNumber == deleteAction.group.groupNumber
}

// SuperAdmin can do everything
_ = SuperAdminUser.shouldBeAbleTo(BrowseGroup.action)
_ = SuperAdminUser.shouldBeAbleTo(DeleteGroup.action)
_ = SuperAdminUser.shouldBeAbleTo(PostToGroup.action)

用法:

  1. 首先將您的需求中的每個角色映射到擴展到Protocol Role或擴展其擴展的原始角色的原始角色。請注意,您可以使用ProtoCl繼承來建模角色繼承結構。 
 protocol GroupMember : Role {
    var groupNumber : Int { set get }
}
protocol GroupAdmin : GroupMember { }
  1. 將您的動作建模為符合原始Action的類/strcut。 
 struct BrowseGroup : Action {
    let group : Group
    
    init ( ) {  // required default initializer
        group = Group ( groupNumber : - 1 , isPublicGroup : false ) // default froup
    }
    
    init ( group : Group ) {
        self . group = group
    }
}
  1. 使用角色質量創建具體角色類別。 
 class GroupAdminUser : User , GroupAdmin {
    var groupNumber : Int
    init ( name : String , age : Int , groupNumber : Int ) {
        self . groupNumber = groupNumber
        super . init ( name : name , age : age )
    }
    
    override required init ( ) {
        self . groupNumber = - 1
        super . init ( )
    }
}
  1. 添加政策。 
 GroupMemberUser . shouldBeAbleTo ( BrowseGroup . action ) . when {
    guard let groupMember = $0 as? GroupMember ,
        let browseAction = $1 as? BrowseGroup else { return false }
    return groupMember . groupNumber == browseAction . group . groupNumber
}
GroupAdminUser . shouldBeAbleTo ( DeleteGroup . action ) . when {
    guard let groupAdmin = $0 as? GroupAdminUser ,
        let deleteAction = $1 as? DeleteGroup else {
            return false
    }
    return groupAdmin . groupNumber == deleteAction . group . groupNumber
}
_ = SuperAdminUser . shouldBeAbleTo ( BrowseGroup . action )
  1. 現在,您可以驗證任何用戶是否可以執行任何操作。 
 let member1 = GroupMemberUser ( name : " member1 " , age : 18 , groupNumber : 1 )
let admin2 = GroupAdminUser ( name : " admin2 " , age : 22 , groupNumber : 2 )
let group1 = Group ( groupNumber : 1 , isPublicGroup : false )
let group2 = Group ( groupNumber : 2 , isPublicGroup : false )
member1 . can ( BrowseGroup ( group : group1 ) // true
member1 . can ( BrowseGroup ( group : group2 ) // false
admin2 . can ( BrowseGroup ( group : group1 ) // true: GroupAdmin inherits BrowseGroup permission from GroupMember
admin2 . can ( DeleteGroup ( group : group2 ) // true
admin2 . can ( DeleteGroup ( group : group1 ) // false

安裝

可以使用Cocoapods安裝錦鯉

use_frameworks !
pod ' Koosa '

執照

麻省理工學院

展開
附加信息
相關應用
爲您推薦
相關資訊 全部