The project also includes an RBAC implementation, including a basic role dashboard build with HTML DSL. Sample actors and roles are created at runtime.
The RBAC (Role-Based Access Control) mechanism is implemented through a Kotlin DSL, leveraging custom extensions and plugins to secure routes.
The withRbac function is designed to apply RBAC security to Ktor routes. It takes three parameters: an RBAC Scope, an RBAC Access Level, and a lambda function containing the route definitions. Usage example:
routing {
withRbac(scope = RbacScope.SOME_SCOPE, accessLevel = RbacAccessLevel.FULL) {
get("/some-endpoint") {
// endpoint logic here
}
// It is allowed to include more endpoints under the same scope and access level.
}
}In this context, the withRbac function acts as a wrapper around routes, applying RBAC checks based on the specified scope and access level. It ensures that only Actors with appropriate permissions can access the routes enclosed within its block.
Within the withRbac function, there's a conditional that checks whether RBAC is enabled. If RBAC is active, it calls rbacAuthorizedRoute, applying the specified RBAC settings to the routes defined in the build block. If RBAC is not enabled, it applies the route definitions without RBAC checks, allowing unrestricted access.
The rbacAuthorizedRoute function is the core of the RBAC implementation. It creates a new route node marked with the required RBAC constraints,
and installs the RbacPlugin onto the newly created route. The RbacPlugin is configured with the RBAC settings (scope and accessLevel)
provided to rbacAuthorizedRoute. The plugin's role is to intercept incoming requests to the route and perform RBAC checks,
ensuring that only Actors with the required permissions can proceed.
When a request hits an RBAC-protected route, the RbacPlugin evaluates the Actor's permissions against the required access level for the associated scope. If the Actor has sufficient permissions, the request is allowed to proceed to the route's handling logic, defined within the request build block. If the Actor lacks the necessary permissions, the request is denied.
Through this implementation, the application effectively integrates RBAC into its routing system, leveraging Ktor's extensibility to provide a flexible and secure mechanism for controlling access to different parts of the application.
Field Level access control is partially implemented. Each RBAC scope rule has a fieldRules map that can be used to define which fields must be managed, for example, should be anonymized. For such, the target class must inherit from BaseRbac, and call the anonymize function accordingly based on the defined field rules, for example, before returning the instance to a client.