Search Apps Documentation Source Content File Folder Download Copy Actions Download

types.gno

1.05 Kb · 38 lines
 1package rbac
 2
 3type Permission struct {
 4	Name        string
 5	Description string
 6}
 7
 8type AssignmentContext struct {
 9	EntityID               string
10	User                   address
11	RoleName               string
12	CurrentRoleAssignments int
13	UserRoleCount          int
14}
15
16// AssignmentCheck is trusted policy code supplied by the RBAC owner.
17// It is stored internally and is never returned through Role views.
18type AssignmentCheck func(AssignmentContext) bool
19
20// RoleSpec is the input type for creating or updating roles.
21// AssignmentCheck may close over owner state, so role mutation must be
22// restricted by the owning realm that stores RBAC.
23type RoleSpec struct {
24	Name            string
25	Description     string
26	PermissionNames []string
27	Metadata        map[string]string
28	AssignmentCheck AssignmentCheck
29}
30
31// Role is a public read model. It intentionally excludes AssignmentCheck
32// so stored callback capabilities are not exposed to callers.
33type Role struct {
34	Name            string
35	Description     string
36	PermissionNames []string
37	Metadata        map[string]string
38}