Skip to content

TropicolX/golang-abac-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
cmd/server
cmd/server
 
 
internal
internal
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Golang ABAC Demo

This repository demonstrates the implementation of Attribute-Based Access Control (ABAC) in a Golang-based document management system using Permify.

Table of Contents

Introduction

The Golang ABAC Demo is an internal document management system that illustrates how ABAC can provide granular and dynamic access control based on various attributes such as user roles, department, document classification, and more. The backend is built with Golang, and Permify is used to manage ABAC policies and evaluations.

Features

  • User authentication and authorization
  • Document upload, view, edit, and delete functionalities
  • Granular access control using ABAC with Permify
  • Middleware for access checks
  • Logging of all requests

Setup

Prerequisites

  • Go 1.16+
  • Docker

Installation

  1. Clone the repository

    git clone https://github.com/TropicolX/golang-abac-demo.git
cd golang-abac-demo

  2. Set up Permify

    Run the Permify Docker container:

    docker run -p 3476:3476 -p 3478:3478  ghcr.io/permify/permify serve

  3. Install Go dependencies

    go mod tidy

Running the Application

  1. Start the server

    go run cmd/server/main.go

  2. Verify the setup

    Access the API endpoints using a tool like Postman or cURL.

API Endpoints

  • POST /login: User login
  • POST /api/documents: Upload a document
  • GET /api/documents/{id}: View a document
  • PUT /api/documents/{id}: Edit a document
  • DELETE /api/documents/{id}: Delete a document

Example Requests

Login

curl -X POST http://localhost:8080/login \
  -H "Content-Type: application/json" \
  -d '{
        "username": "user",
        "password": "password"
      }'

Upload Document

curl -X POST http://localhost:8080/api/documents \
  -H "Authorization: Bearer <your-token>" \
  -H "Content-Type: application/json" \
  -d '{
        "title": "Sample Document",
        "content": "This is a sample document.",
        "classification": "internal",
        "department": "IT"
      }'

View Document

curl -X GET http://localhost:8080/api/documents/<document-id> \
  -H "Authorization: Bearer <your-token>"

Edit Document

curl -X PUT http://localhost:8080/api/documents/<document-id> \
  -H "Authorization: Bearer <your-token>" \
  -H "Content-Type: application/json" \
  -d '{
        "title": "Updated Document Title",
        "content": "Updated content."
      }'

Delete Document

curl -X DELETE http://localhost:8080/api/documents/<document-id> \
  -H "Authorization: Bearer <your-token>"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages