package guardian
Install
Dune Dependency
Authors
Maintainers
Sources
md5=46f14b1dac8c7b7a1521c15555465dde
sha512=c9e7edab3f72a8764a37328c75001f9b7fbcedb1b68ecf95daf53fed4f7a46e9ce1ebc9d5fa9ad46d25f759857a95e7000173eef808aa0459339637a66e945f1
README.md.html
Guardian
Generic framework for roles and permissions to be used in our projects
Limitations and Notes
Supported Database: Implementation with MariaDb (Sqlite only for testing)
Context (
ctx
): Allows to have multiple database pools (See next section)
Setup with MariaDB backend (MultiPools)
let open Guardian_backend.Pools in
let module MariaConfig = struct
include DefaultConfig
let database =
MultiPools
[ "pool-one", "mariadb://root@database:3306/dev"
; "pool-two", "mariadb://root@database:3306/test"
]
;;
end
in
let module MariaDb = Guardian_backend.MariaDb.Make (Role) (Make (MariaConfig))
let%lwt () = Lwt_list.iter (fun pool -> MariaDb.migrate ~ctx:["pool", pool] ()) ["pool-one"; "pool-two"]
(** NOTE: To integrate migrations into your applications migration state see
e.g. function 'MariaDB.find_migrations *)
Usage
The test
directory shows an example implementation of how guardian can be used.
role.ml
: Definition of actors and targetsrole.mli
: Signature of the defined actors and targetsguard.ml
: Create the guardian servicearticle.ml
: Definition of the article targethacker.ml
: Definition of the hacker actoruser.ml
: Definition of the user actor and targetmain.ml
: implementation of all test cases
Example usage:
module Guard = Guardian.Make (Role.Actor) (Role.Target)
let thomas = "Thomas", Guard.Uuid.Actor.create ()
let mike = "Mike", Guard.Uuid.Actor.create ()
let thomas_article = Article.make "Foo" "Bar" thomas
let mike_article = Article.make "Hello" "World" mike
let example_rule = `Actor (snd mike), `Update, `Target thomas_article.uuid
let initialize_authorizables_and_rules ?ctx =
(* Note: As a user can be an actor and a target, both need to be initialized *)
let* (_: [> `User ] MariaDb.authorizable) = User.to_authorizable ?ctx thomas in
let* (_: [> `User ] MariaDb.authorizable) = User.to_authorizable ?ctx mike in
let* (_: [> `User ] MariaDb.authorizable_target) = UserTarget.to_authorizable ?ctx thomas in
let* (_: [> `User ] MariaDb.authorizable_target) = UserTarget.to_authorizable ?ctx mike in
let* (_: [> `Article ] MariaDb.authorizable_target) = Article.to_authorizable ?ctx thomas_article in
let* (_: [> `Article ] MariaDb.authorizable_target) = Article.to_authorizable ?ctx mike_article in
let* () = MariaDb.Actor.save_rule ?ctx example_role in
Lwt.return_unit
(* let mike Update the title of thomas article -> returns a (Article.t, string) Lwt_result.t *)
let update_title = Article.update_title ?ctx mike thomas_article "Updated Title"
Development
A guide how to setup the project with devcontainers can be found here.
Commands
Most used commands can be found in the following list. For the full list of commands, checkout the Makefile
.
make build
- to build the projectmake build-watch
- to build and watch the projectmake test
- to run all tests. This requires a running MariaDB instance (sqlite will be created).
Release to production
In order to deploy to production:
edit
dune-project
and update version(version 0.0.0)
build the project
dune build
or editpool.opam
and update versionversion: "0.0.0"
commit
tag commit and push
create github and opam release