1 // Package acl is an interface for implementing arbitrary access control lists.
2 package acl
3 4 import (
5 "next.orly.dev/pkg/nostr/encoders/event"
6 "next.orly.dev/pkg/interfaces/typer"
7 )
8 9 const (
10 None = "none"
11 // Read means read only
12 Read = "read"
13 // Write means read and write
14 Write = "write"
15 // Admin means read, write, import/export and arbitrary delete
16 Admin = "admin"
17 // Owner means read, write, import/export, arbitrary delete and wipe
18 Owner = "owner"
19 )
20 21 type I interface {
22 Configure(cfg ...any) (err error)
23 // GetAccessLevel returns the access level string for a given pubkey.
24 GetAccessLevel(pub []byte, address string) (level string)
25 // GetACLInfo returns the name and a description of the ACL, which should
26 // explain briefly how it works, and then a long text of documentation of
27 // the ACL's rules and configuration (in asciidoc or markdown).
28 GetACLInfo() (name, description, documentation string)
29 // Syncer is a worker thread that does things in the background like syncing
30 // with other relays on admin relay lists using subscriptions for all events
31 // that arrive elsewhere relevant to the ACL scheme.
32 Syncer()
33 typer.T
34 }
35 36 // PolicyChecker is an optional interface that ACL implementations can implement
37 // to provide custom event policy checking beyond basic access level checks.
38 type PolicyChecker interface {
39 CheckPolicy(ev *event.E) (allowed bool, err error)
40 }
41 42 // Registry is the interface for the ACL registry that manages ACL implementations.
43 // This interface enables dependency injection instead of relying on a global singleton.
44 type Registry interface {
45 // GetMode returns the currently active ACL mode name.
46 GetMode() string
47 48 // SetMode sets the active ACL mode.
49 SetMode(mode string)
50 51 // GetActiveACL returns the currently active ACL implementation.
52 GetActiveACL() I
53 54 // GetACLByType returns the ACL implementation with the given type name.
55 GetACLByType(typ string) I
56 57 // ACLs returns all registered ACL implementations.
58 ACLs() []I
59 60 // ListRegisteredACLs returns the type names of all registered ACLs.
61 ListRegisteredACLs() []string
62 63 // Register adds an ACL implementation to the registry.
64 Register(i I)
65 66 // Configure configures the active ACL.
67 Configure(cfg ...any) error
68 69 // GetAccessLevel returns the access level for a pubkey using the active ACL.
70 GetAccessLevel(pub []byte, address string) string
71 72 // CheckPolicy checks if an event is allowed by the active ACL.
73 CheckPolicy(ev *event.E) (bool, error)
74 75 // Type returns the type of the active ACL.
76 Type() string
77 }
78