99fc63ddfd
- rbac/: Role type, constants, HasPermission, RoleFromString - blocks/: BlockFunc, BlockMeta, BlockContext, context accessors, BlockRegistry interface - templates/: TemplateFunc, meta types, TemplateRegistry interface - auth/: Claims, PublicClaims, context extractors - content/: Content interface, AuthorProfile/PageInfo/PostInfo types - settings/: Settings interface, map accessor helpers - gating/: AccessRule, AccessResult, EvaluateAccess, Gating interface - crypto/: Crypto interface (Encrypt/Decrypt) - render/: BlockNoteToHTML standalone renderer - video/: ParseEmbedURL, EmbedIframeURL - ai/: ToolDefinition, ToolResult, ToolRegistry interface Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
45 lines
749 B
Go
45 lines
749 B
Go
package rbac
|
|
|
|
type Role string
|
|
|
|
const (
|
|
RoleViewer Role = "viewer"
|
|
RoleAdmin Role = "admin"
|
|
RoleSuperadmin Role = "superadmin"
|
|
RolePublic Role = "public"
|
|
)
|
|
|
|
var RoleHierarchy = map[Role]int{
|
|
RoleViewer: 0,
|
|
RoleAdmin: 1,
|
|
RoleSuperadmin: 2,
|
|
}
|
|
|
|
func HasPermission(userRole Role, requiredRole Role) bool {
|
|
if requiredRole == "" {
|
|
return true
|
|
}
|
|
userLevel, ok := RoleHierarchy[userRole]
|
|
if !ok {
|
|
return false
|
|
}
|
|
requiredLevel, ok := RoleHierarchy[requiredRole]
|
|
if !ok {
|
|
return false
|
|
}
|
|
return userLevel >= requiredLevel
|
|
}
|
|
|
|
func RoleFromString(s string) Role {
|
|
switch s {
|
|
case "viewer":
|
|
return RoleViewer
|
|
case "admin":
|
|
return RoleAdmin
|
|
case "superadmin":
|
|
return RoleSuperadmin
|
|
default:
|
|
return ""
|
|
}
|
|
}
|