[Question] Condition Role Manager can support pattern domain For user -> role link #1354
Comments
casbin-bot
added this to Casbin Easy Tasks
in Casbin Easy Tasks for Beginners/Student Applicants
|
@ll9160 what do you do, what did you expect, what did you get |
|
Here is my implementation: gormadapter.TurnOffAutoMigrate(db)
a, err := gormadapter.NewAdapterByDBWithCustomTable(db, &model.CasbinRule{}, "casbin_rule")
if err != nil {
log.Panicf("new adapter error: %+v", err)
}
m, err := casbin_model.NewModelFromString(`
[request_definition]
r = sub, dom, obj, act
[policy_definition]
p = sub, dom, obj, act, eft
[role_definition]
g = _, _, _, (_, _)
[policy_effect]
e = some(where (p.eft == allow)) && !some(where (p.eft == deny))
[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && (r.obj == p.obj || p.obj == '*') && (r.act == p.act || p.act == '*')
`)
if err != nil {
log.Panicf("new model error: %+v", err)
}
e, err := casbin.NewEnforcer(m, a)
if err != nil {
log.Panicf("new enforcer error: %+v", err)
}
e.AddNamedDomainMatchingFunc("g", "keyMatch2", util.KeyMatch2)
e.AddNamedDomainLinkConditionFunc("g", "alice", "data2_admin", "domain1", util.TimeMatchFunc)
ok, err := e.Enforce("alice", "domain1", "/", "GET")
if err != nil {
log.Panicf("enforce error: %+v", err)
}
fmt.Println("result: ", ok)The policy is define from first comment and there should be true, i always get false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Want to prioritize this issue? Try:
What's your scenario? What do you want to achieve?
I have temporary role and assign it some domain that I will use pattern to replace, below model
and policy will failure to enforce, if i change pattern domain to static domain, it will pass, I have
no idea, can you help me to solve it?
Your model:
Your policy:
Your request(s):
The text was updated successfully, but these errors were encountered: