Feat: allow overwriting casbin configuration

[josecelano]

This is an unstable feature. You can overwrite casbin configuration to change permissions for roles: guest, registered and admin.

You can do it by adding this new section to the TOML config file:

[unstable.auth.casbin]
model = """
[request_definition]
r = role, action

[policy_definition]
p = role, action

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = r.role == p.role && r.action == p.action
"""

policy = """
admin, GetAboutPage
admin, GetLicensePage
admin, AddCategory
admin, DeleteCategory
admin, GetCategories
admin, GetImageByUrl
admin, GetSettings
admin, GetSettingsSecret
admin, GetPublicSettings
admin, AddTag
admin, DeleteTag
admin, GetTags
admin, AddTorrent
admin, GetTorrent
admin, DeleteTorrent
admin, GetTorrentInfo
admin, GenerateTorrentInfoListing
admin, GetCanonicalInfoHash
admin, ChangePassword
admin, BanUser
registered, GetAboutPage
registered, GetLicensePage
registered, GetCategories
registered, GetImageByUrl
registered, GetPublicSettings
registered, GetTags
registered, AddTorrent
registered, GetTorrent
registered, GetTorrentInfo
registered, GenerateTorrentInfoListing
registered, GetCanonicalInfoHash
registered, ChangePassword
guest, GetAboutPage
guest, GetLicensePage
guest, GetCategories
guest, GetPublicSettings
guest, GetTags
guest, GetTorrent
guest, GetTorrentInfo
guest, GenerateTorrentInfoListing
guest, GetCanonicalInfoHash
"""

For example, if you want to force users to log in to see the torrent list, you can remove the following line from the policy:

guest, GenerateTorrentInfoListing

NOTICE: This is an unstable feature. It will panic with wrong casbin configuration, invalid roles, etcetera.

[josecelano]

ACK c1a5c25fd57446f9cf5ea1fd92a15f26e8eed4ec