build-in function 'keyMatcher2' is now working.

unchai commented 3 years ago

model.conf

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub, r.dom) && keyMatch2(r.dom, p.dom) && r.obj == p.obj && r.act == p.act

policy.csv

p, admin, domain1, data1, read
p, admin, domain1, data1, write
p, admin, domain2, data2, read
p, admin, domain2, data2, write

g, alice, admin, *
g, bob, admin, domain2

Java code with spring-boot

System.out.println(enforcer.getRolesForUserInDomain("alice", "domain1"));
System.out.println(enforcer.getRolesForUserInDomain("alice", "domain2"));
System.out.println(enforcer.getRolesForUserInDomain("alice", "*"));
System.out.println(enforcer.getRolesForUserInDomain("alice", "do*"));

Result

2021-06-03 13:10:32.123 ERROR 92356 --- [r-http-kqueue-2] org.casbin.jcasbin                       : error: name does not exist
[]
2021-06-03 13:10:32.123 ERROR 92356 --- [r-http-kqueue-2] org.casbin.jcasbin                       : error: name does not exist
[]
[admin]
2021-06-03 13:10:32.123 ERROR 92356 --- [r-http-kqueue-2] org.casbin.jcasbin                       : error: name does not exist
[]

How can i use domain with pattern matching?

hsluoyz commented 3 years ago

@shink @shy1st

shink commented 3 years ago

I had the same problem :( I will do it.

shink commented 3 years ago

@hsluoyz @unchai

Should the correct result be like this?

System.out.println(enforcer.getRolesForUserInDomain("alice", "domain1"));    // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "domain2"));     // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "*"));     // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "do*"));     // [admin]

If so, I think you can use domain with pattern matching in the following way.

enforcer.setRoleManager(new DefaultRoleManager(10, null, BuiltInFunctions::keyMatch));
enforcer.loadPolicy();

System.out.println(enforcer.getRolesForUserInDomain("alice", "domain1"));    // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "domain2"));     // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "*"));     // [admin]
System.out.println(enforcer.getRolesForUserInDomain("alice", "do*"));     // [admin]

Looking forward to your suggestions.

hsluoyz commented 3 years ago

Closed as resolved.

casbin / jcasbin

build-in function 'keyMatcher2' is now working. #196

model.conf

policy.csv

Java code with spring-boot

Result