Open TessilimiTheo opened 4 days ago
Hi for my usage,I need to setup casbin with role hierarchy to avoid duplication beetwen domain.
### Define global user role permissions p, abstract_roles1, devis, read, * p, abstract_roles1, devis, create, * p, abstract_roles2, devis, read, * p, abstract_roles2, organization, read, * p, abstract_roles2, organization, write, * ### Define role inheritance g, roles1, abstract_roles1, tenant1 g, roles1, abstract_roles1, tenant2 g, roles1, abstract_roles1, tenant3 g, roles2, abstract_roles2, tenant1 g, roles2, abstract_roles2, tenant2 g, roles2, abstract_roles2, tenant3 g, super_user, abstract_roles2, * ### Assign users to roles g, michael, roles1, tenant1 g, antoine, roles1, tenant2 g, kevin, roles1, tenant3 g, thomas, roles2, tenant1 g, thomas, roles2, tenant2 g, lucie, roles2, tenant3 g, theo, super_user, *
[request_definition] r = sub, obj, act, dom [policy_definition] p = sub, obj, act, dom, eft [role_definition] g = _, _, _ [policy_effect] e = some(where (p.eft == allow)) && !some(where (p.eft == deny)) [matchers] m = (g(r.sub, p.sub, r.dom) || g(r.sub, p.sub, '*')) && (p.dom == '*' || r.dom == p.dom) && r.obj == p.obj && r.act == p.act
Is this method the best approach, or are there alternative methods available? How can I retrieve all permissions for a user using this library?
Currently, this.enforcer.getImplicitPermissionsForUser() is not functioning as intended.
@nodece @Shivansh-yadav13
Hi for my usage,I need to setup casbin with role hierarchy to avoid duplication beetwen domain.
Example of policies
Example of configuration
Is this method the best approach, or are there alternative methods available? How can I retrieve all permissions for a user using this library?
Currently, this.enforcer.getImplicitPermissionsForUser() is not functioning as intended.