gorm-adapter
gorm-adapter copied to clipboard
casbin
Loading multiple policy types.
Currently making an RBAC setup for a project. I am using the gorm filtered adapter to make sure that i will not have to implement it at another point due to there being a lot of policies and suddenly a large codebase.
I am a little bit puzzled however. Is there no way to specify for an example that i want to load the following in a single filter?
- All p policies regarding "someDomain"
- All g policies regarding "someDomain" (Essentially all users within the domain)
- All g2 policies regarding "objects::someDomain" (Get all obj groups assigned to some domain)
Or would i have to write my way out of it using the LoadIncrementalFilteredPolicy function going through all the filters?
It seams that the filter type is way different from the fileadapter filter type
My config is currently looking like this
[request_definition]
r = sub, dom, obj, act
[policy_definition]
p = sub, dom, obj, act
[role_definition]
g = _, _, _
g2 = _, _
g3 = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub, r.dom) && g3(r.dom, p.dom) && (g2(r.obj, p.obj) || (regexMatch(r.obj, p.obj))) && regexMatch(r.act, p.act)
I am a little bit puzzled however. Is there no way to specify for an example that i want to load the following in a single filter?
- All p policies regarding "someDomain"
- All g policies regarding "someDomain" (Essentially all users within the domain)
- All g2 policies regarding "objects::someDomain" (Get all obj groups assigned to some domain)
Or would i have to write my way out of it using the
LoadIncrementalFilteredPolicyfunction going through all the filters?
@Mikkelhost Sorry but currently the answer is "yes"'😢 But I think it needs to be supported. I'll try to make a PR in days.
