beego-authz, you can control who can access what resource via which method for your Beego app.
Modify the Casbin model: authz_model.conf and policy: authz_policy.csv as you want. You may need to learn Casbin's basics to know how to edit these files. The policy means that the user
alice can access
POST. The similar way applies to user
cathy has the role
dataset1_admin, which is permitted to access any resources under
/dataset1/ with any action. For more advanced usage of Casbin (like database support, policy language grammar, etc), please refer to Casbin: https://github.com/casbin/casbin
Insert the Casbin authorizer as a Beego filter.
beego.InsertFilter("*", beego.BeforeRouter, authz.NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")))
Make sure you already have an authentication mechanism, so you know who is accessing, like a username. Modify the GetUserName() method to let Casbin know the current authenticated username.
This project is under Apache 2.0 License. See the LICENSE file for the full license text.