-
Release v1.0.0 Stable
Rene Nochebuena released this
2026-05-07 22:51:01 -06:00 | 1 commits to main since this releasev1.0.0
code.nochebuena.dev/go/rbacOverview
rbacv1.0.0 commits the foundational identity and permission API as stable.
TheIdentityvalue type,PermissionMaskbit-set, context helpers, and
PermissionProviderinterface are unchanged from v0.9.0 and are now
production-validated acrosshttpauth,httpauth-firebase, andhttpauth-jwt.What Changed Since v0.9.0
New:
MaxPermissionconstantconst MaxPermission Permission = 62Makes the valid bit range explicit. Applications can use it in validation and
the constant is now referenced in thePermissiontype godoc alongside the
boundary behavior ofHasandGrant.Documentation: audit logging policy
PermissionProvidergodoc now documents that audit logging of permission checks
is out of scope for this package. Log denials and grants inside PermissionProvider
implementations or in the middleware layer that calls them.Full API (stable)
Permission int64— bit position (0–MaxPermission). Applications define their
own constants.HasandGrantsilently ignore values outside the valid range.MaxPermission Permission = 62— highest valid bit position.PermissionMask int64— resolved bit-set for a user on a resource.Has(p Permission) bool— O(1) check; returns false for out-of-rangepGrant(p Permission) PermissionMask— returns a new mask with bit set; receiver unchanged
Identity— value type carryingUID,TenantID,DisplayName,Email.NewIdentity(uid, displayName, email string) Identity(Identity).WithTenant(id string) Identity— returns copy; receiver unchanged
SetInContext(ctx, Identity) context.ContextFromContext(ctx) (Identity, bool)PermissionProviderinterface —ResolveMask(ctx, uid, resource string) (PermissionMask, error)Migration from v0.9.0
No breaking changes. The only addition is the
MaxPermissionconstant.go get code.nochebuena.dev/go/rbac@v1.0.0Downloads