service backend

api/pkg/auth/management/permission.go

@@ -0,0 +1,27 @@
+package management
+
+import (
+	"context"
+
+	"github.com/tech/sendico/pkg/model"
+	"go.mongodb.org/mongo-driver/bson/primitive"
+)
+
+type Permission interface {
+	// Grant a permission to a role with an optional object scope and specified effect.
+	// Use primitive.NilObjectID for 'any' objectRef.
+	GrantToRole(ctx context.Context, policy *model.RolePolicy) error
+
+	// Revoke a permission from a role with an optional object scope and specified effect.
+	// Use primitive.NilObjectID for 'any' objectRef.
+	RevokeFromRole(ctx context.Context, policy *model.RolePolicy) error
+
+	// Retrieve all policies assigned to a specific role, including scope and effects.
+	GetPolicies(
+		ctx context.Context,
+		roleRef primitive.ObjectID,
+	) ([]model.RolePolicy, error)
+
+	// Persist any changes made to permissions.
+	Save() error
+}