[Question] - Is it possible to enforce with 4 values that has policy with 5 or more fields?

[sujit-baniya]

trafficstars

Want to prioritize this issue? Try:

---

What's your scenario? What do you want to achieve? I've 5 fields in policy (1 field extra with possibility to return this field if policy matches) and I am trying to match first 4 fields and upon enforced, it would return that extra field.

Your model:

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _
g2 = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
???

Your policy:

p, super_admin, *, *, GET, "field1,field2,field3"
p, admin, organizationA:*, *, POST, "field1,field2,field3"

g, bob, admin, organizationA:*
g, alice, super_admin, *

Is there anyway I could use 4 fields in request to match first 4 fields in policy and return the 5th field. I tried with EnforceEx() but it's failing with error panic: invalid policy rule size: expected 4, got 5, rule: [super_admin * * GET field1,field2,field3]

fmt.Println(enforcer.EnforceEx("bob", "organizationA:instituteB", "/blog", "POST"))
fmt.Println(enforcer.EnforceEx("bob", "organizationB:instituteA", "/blog", "POST"))
fmt.Println(enforcer.EnforceEx("alice", "organizationA:instituteA", "/blog", "GET"))

[casbin-bot]

@tangyang9464 @JalinWang

[hsluoyz]

@PokIsemaine

[hsluoyz]

@sujit-baniya you must define 5th element in model like:

[policy_definition]
p = sub, dom, obj, act, element

The error will gone