Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Plan to support domains? #25

Closed
eternaltreesnow opened this issue Jan 27, 2021 · 4 comments · Fixed by #85
Closed

Plan to support domains? #25

eternaltreesnow opened this issue Jan 27, 2021 · 4 comments · Fixed by #85
Assignees
@hsluoyz
Labels
enhancement New feature or request released

Comments

@eternaltreesnow
Copy link

"Domain tenant" is useful in multi-group scenario. However, the API does not support multi-tenant at this stage, like lack of grouping policy, "can" function doesn't support "domain" param.
So I wonder whether the project plans to increase support for domain, or needs some PR support?

This is a demo for multi-tenant domain.

const casbin = require('casbin');
const data = {
    m: `
        [request_definition]
        r = sub, dom, obj, act
        [policy_definition]
        p = sub, dom, obj, act
        [role_definition]
        g = _, _, _
        g2 = _, _, _
        [policy_effect]
        e = some(where (p.eft == allow))
        [matchers]
        m = g(r.sub, p.sub, r.dom) && g2(r.obj, p.obj, r.dom) && r.dom == p.dom && r.act == p.act
    `,
    p: [
        ['p', 'admin', 'domain1', 'data1', 'read'],
        ['p', 'admin', 'domain1', 'data1', 'write'],
        ['p', 'admin', 'domain2', 'data2', 'read'],
        ['p', 'admin', 'domain2', 'data2', 'write'],
        ['p', 'data_group_admin', 'domain2', 'data_group', 'write'],
    ],
    g: [
        ['g', 'alice', 'admin', 'domain1'],
        ['g', 'alice', 'data_group_admin', 'domain2'],
        ['g2', 'data1', 'data_group', 'domain1'],
        ['g2', 'data2', 'data_group', 'domain2'],
    ],
};

const model = casbin.newModelFromString(data.m);
const enforcer = await casbin.newEnforcer(model);

const policies = data.p;
policies.forEach(async (policy) => {
    const policyResult = await enforcer.addNamedPolicy(...policy);
    console.log(`policy: ${policy.join(',')}, policyResult: ${policyResult}`);
});

const roles = data.g;
roles.forEach(async (role) => {
    const roleResult = await enforcer.addNamedGroupingPolicy(...role);
    console.log(`role: ${role.join(',')}, roleResult: ${roleResult}`);
})

const result = await enforcer.enforce('alice', 'domain1', 'data1', 'read');
console.log(`casbin result: ${result}`);
@hsluoyz
Copy link
Member

hsluoyz commented Jan 27, 2021

@eternaltreesnow are you using Casbin.js (this repo) or Node-Casbin (https://github.com/casbin/node-casbin) ?

@hsluoyz hsluoyz self-assigned this Jan 27, 2021
@hsluoyz hsluoyz added the question Further information is requested label Jan 27, 2021
@eternaltreesnow
Copy link
Author

Yeah, I tried Casbin.js but found out that it doesn't support domain. This demo based on Node-Casbin is just to show a usage of domain.

@hsluoyz
Copy link
Member

hsluoyz commented Jan 27, 2021

Can you use https://github.com/casbin/node-casbin ? It also support browser.

@hsluoyz hsluoyz added enhancement New feature or request and removed question Further information is requested labels Feb 10, 2021
@Gabriel-403 Gabriel-403 mentioned this issue Jun 14, 2021
Merged
@github-actions
Copy link

🎉 This issue has been resolved in version 0.4.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@hsluoyz hsluoyz

Labels
enhancement New feature or request released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: support domain at auto mode Gabriel-403/casbin.js
2 participants
@hsluoyz @eternaltreesnow