roles bug

[dfang]

发现文档中的3, 并不准确

If even one (1) Allow mapping exists, then only roles on that list will be allowed through.

permission := roles.Allow(roles.Read, "admin")
// permission := roles.Allow(roles.Read, "admin").Deny(roles.Read, "operator")
fmt.Println(permission.HasPermission(roles.Read, "operator"))

// only admin can see products management menu and crud on products
Admin.AddMenu(&admin.Menu{Name: "Product Management", Priority: 1, Permission: permission})
product := Admin.AddResource(&products.Product{}, &admin.Config{Menu: []string{"Product Management"}, Permission: permission})

fmt 输出的是false 但是用operator角色的账号登录能看到Product Management这个菜单 所有角色都通过roles.Register 注册过

建议permission判断这一块使用casbin来判断