hsluoyz
commented
6 years ago For me, it is OK. Please try this configuration and see if the result is correct.
Closed jtktam closed 6 years ago
hsluoyz
commented
6 years ago For me, it is OK. Please try this configuration and see if the result is correct.
jtktam
commented
6 years ago never mind.. I think I finally understand how to do it.. I will post an update soon
jtktam
commented
6 years ago String expString = ((Assertion)((Map)this.model.model.get("m")).get("m")).value;(g(r_sub, p_sub) || r_sub == r_obj.owner) && keyMatch(r_obj, p_obj) && regexMatch(r_act, p_act)
Expression expression = AviatorEvaluator.compile(expString);expression var_0 name = "r_sub" var_1 name = "p_sub" var_2 name = "r_obj.owner" var_3 name = "r_obj" var_4 name = "p_obj" var_5 name = "r_act" var_6 name = "p_act" var_7 rm name = "g" var_8 Class has no fields var_9 Class has no fields varNames = size = 6 0 = "r_sub" 1 = "p_sub" 2 = "r_obj" 3 = "p_obj" 4 = "r_act" 5 = "p_act" varFullNames = size = 7 0 = "r_sub" 1 = "p_sub" 2 = "r_obj.owner" 3 = "r_obj" 4 = "p_obj" 5 = "r_act" 6 = "p_act" expression = null
Object result = expression.execute(parameters);parameters = size = 6 0 = "r_sub" -> "guest" 1 = "p_act" -> "*" 2 = "r_act" -> "GET" 3 = "p_sub" -> "guest" 4 = "r_obj" -> 5 = "p_obj" -> "/swagger-ui.html"
at this point i get an exception:
com.googlecode.aviator.exception.ExpressionRuntimeException: Execute expression error
hsluoyz
commented
6 years ago It seems that your r_obj is an instance of a class, as you used its owner member. So in keyMatch(r_obj, p_obj), you should also use a string member of it instead of itself. For example use keyMatch(r_obj.name, p_obj).
jtktam
commented
6 years ago that was the part that was missing.. thanks for the help!
Hi,
I want to use the abac part of jcasbin to secure my restful endpoints.
I want to be able to define groups and write a matcher that will combine group permissions and user permissions
is this correct syntax?
thanks!