Rene Nochebuena
0864f031a1
Foundational identity and permission types for role-based access control — bit-set PermissionMask, immutable Identity value type, and PermissionProvider interface. What's included: - `Identity` value type with NewIdentity / WithTenant constructors and SetInContext / FromContext context helpers - `Permission` (int64 bit position) and `PermissionMask` (int64 bit-set) with O(1) Has and non-mutating Grant - `PermissionProvider` interface for DB-backed ResolveMask(ctx, uid, resource) resolution Tested-via: todo-api POC integration Reviewed-against: docs/adr/
20 lines
592 B
Go
20 lines
592 B
Go
package rbac_test
|
|
|
|
import "code.nochebuena.dev/go/rbac"
|
|
|
|
// Compile-time contract verification.
|
|
//
|
|
// These assertions are zero-cost at runtime. A build failure here means a
|
|
// method was removed or its signature changed — a breaking change.
|
|
|
|
// Identity must support immutable enrichment returning a value (not pointer).
|
|
var _ interface {
|
|
WithTenant(string) rbac.Identity
|
|
} = rbac.Identity{}
|
|
|
|
// PermissionMask must expose Has and Grant with the correct typed signatures.
|
|
var _ interface {
|
|
Has(rbac.Permission) bool
|
|
Grant(rbac.Permission) rbac.PermissionMask
|
|
} = rbac.PermissionMask(0)
|