search

casbin / node-casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and Browser
https://casbin.org
Apache License 2.0
2.58k stars 215 forks source link

enforcer.addGroupingPolicy #277

Closed Murthybhat closed 3 years ago

Murthybhat commented 3 years ago

I am trying to do a basic authorization by adding a policy and a grouping policy. However the api to addGroupingPolicy does not seem to work for me. Can someone help if there is an issue or am I doing something wrong.

casbin version : 5.7.1

// For Node.js:
const { newEnforcer } = require('casbin');
const sub = 'alice';
const obj = 'data';
const act = 'read'; 

async function run() {
    const enforcer = await newEnforcer('./examples/basic_model.conf');

    const p = ['group1', 'data', 'read']
    var added = await enforcer.addPolicy(...p)
    console.log('Is Policy added = ', added);

    const g = ['alice', 'group1']
    var gpAdded = await enforcer.addGroupingPolicy(...g)
    // const gpAdded = await enforcer.addNamedGroupingPolicy('g', 'alice', 'group1');
    console.log('Is GroupingPolicy added = ', gpAdded);

    const allPolicies = await enforcer.getPolicy()
    console.log('All Policies : ', allPolicies);

   // authorize alice
    var res = await enforcer.enforce(sub, obj, act);
    if (res) {
        // permit alice to read data1
        console.log('Access granted');
    } else {
        console.log('Access denied');
        // deny the request, show an error
    }
}

run();
shink commented 3 years ago

@Murthybhat Are you using jcasbin?

hsluoyz commented 3 years ago

No. I will move it to Node-Casbin

hsluoyz commented 3 years ago

@Zxilly

Zxilly commented 3 years ago

working on this

Zxilly commented 3 years ago

@Murthybhat You should not use ./examples/basic_model.conf. Since it didn't include a so-called g section, which will make RBAC works. You should use rbac_model.conf , which include

[role_definition]
g = _, _
hsluoyz commented 3 years ago

Closed as resolved.