Casbin

Casbin

  • 문서
  • API
  • 편집기
  • JetBrains Plugin
  • Casdoor
  • Forum
  • OA
  • Trend
  • Cloud
  • 도움말
  • 블로그
  • Languages icon한국어
    • English
    • 中文
    • 번역 참여하기
  • GitHub

›API

기초

  • 개요(Overview)
  • 시작하기
  • 작동 원리
  • 자습서

모델

  • 지원하는 접근 제어 모델
  • 모델(Model) 문법
  • 함수
  • RBAC
  • RBAC + 도메인
  • ABAC

저장소

  • 모델(Model) 저장
  • 정책(Policy) 저장
  • 정책(Policy) 부분 집합 불러오기

확장 기능

  • 어댑터
  • 감시자
  • Dispatchers
  • 역할(Role) 관리자
  • 미들웨어

API

  • Management API
  • RBAC API

고급 사용법 (Advanced usage)

  • 멀티 스레딩
  • 벤치마크
  • Performance Optimization

관리

  • 관리자 포탈
  • Casbin 서비스
  • 로깅 및 오류 처리
  • 온라인 편집기
  • Frontend Usage

자세히

  • Casbin 적용 사례
  • Privacy Policy
  • Terms of Service
Translate

RBAC API

A more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

Reference

global variable e is Enforcer instance.

Go
Node.js
PHP
.NET
Rust
e, err := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")
const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_policy.csv')
$e = new Enforcer('examples/rbac_model.conf', 'examples/rbac_policy.csv');
var e = new Enforcer("path/to/model.conf", "path/to/policy.csv");
let mut e = Enforcer::new("examples/rbac_model.conf", "examples/rbac_policy.csv").await?;

GetRolesForUser()

GetRolesForUser gets the roles that a user has.

For example:

Go
Node.js
PHP
.NET
Rust
res := e.GetRolesForUser("alice")
const res = await e.getRolesForUser('alice')
$res = $e->getRolesForUser("alice");
var res = e.GetRolesForUser("alice");
let roles = e.get_roles_for_user("alice", None); // No domain

GetUsersForRole()

GetUsersForRole gets the users that has a role.

For example:

Go
Node.js
PHP
.NET
Rust
res := e.GetUsersForRole("data1_admin")
const res = await e.getUsersForRole('data1_admin')
$res = $e->getUsersForRole("data1_admin");
var res = e.GetUsersForRole("data1_admin");
let users = e.get_users_for_role("data1_admin", None); // No domain

HasRoleForUser()

HasRoleForUser determines whether a user has a role.

For example:

Go
Node.js
PHP
.NET
Rust
res := e.HasRoleForUser("alice", "data1_admin")
const res = await e.hasRoleForUser('alice', 'data1_admin')
$res = $e->hasRoleForUser("alice", "data1_admin");
var res = e.HasRoleForUser("alice", "data1_admin");
let has = e.has_role_for_user("alice", "data1_admin", None); // No domain

AddRoleForUser()

AddRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.AddRoleForUser("alice", "data2_admin")
await e.addRoleForUser('alice', 'data2_admin')
$e->addRoleForUser("alice", "data2_admin");
var added = e.AddRoleForUser("alice", "data2_admin");
or
var added = await e.AddRoleForUserAsync("alice", "data2_admin");
let added = e.add_role_for_user("alice", "data2_admin", None).await?; // No domain

AddRolesForUser()

AddRolesForUser adds multiple roles for a user. Returns false if the user already has one of these roles (aka not affected).

For example:

Rust
let roles = vec!["data1_admin".to_owned(), "data2_admin".to_owned()];
let all_added = e.add_roles_for_user("alice", roles, None).await?; // No domain

DeleteRoleForUser()

DeleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeleteRoleForUser("alice", "data1_admin")
await e.deleteRoleForUser('alice', 'data1_admin')
$e->deleteRoleForUser("alice", "data1_admin");
var deleted = e.DeleteRoleForUser("alice", "data1_admin");
or
var deleted = await e.DeleteRoleForUser("alice", "data1_admin");
let deleted = e.delete_role_for_user("alice", "data1_admin", None).await?; // No domain

DeleteRolesForUser()

DeleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeleteRolesForUser("alice")
await e.deleteRolesForUser('alice')
$e->deleteRolesForUser("alice");
var deletedAtLeastOne = e.DeleteRolesForUser("alice");
or
var deletedAtLeastOne = await e.DeleteRolesForUserAsync("alice");
let deleted_at_least_one = e.delete_roles_for_user("alice", None).await?; // No domain

DeleteUser()

DeleteUser deletes a user. Returns false if the user does not exist (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeleteUser("alice")
await e.deleteUser('alice')
$e->deleteUser("alice");
var deleted = e.DeleteUser("alice");
or
var deleted = await e.DeleteUserAsync("alice");
let deleted = e.delete_user("alice").await?;

DeleteRole()

DeleteRole deletes a role.

For example:

Go
Node.js
PHP
.NET
Rust
e.DeleteRole("data2_admin")
await e.deleteRole("data2_admin")
$e->deleteRole("data2_admin");
var deleted = e.DeleteRole("data2_admin");
or
var deleted = await e.DeleteRoleAsync("data2_admin");
let deleted = e.delete_role("data2_admin").await?;

DeletePermission()

DeletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeletePermission("read")
await e.deletePermission('read')
$e->deletePermission("read");
var deleted = e.DeletePermission("read");
or
var deleted = await e.DeletePermissionAsync("read");
let deleted = e.delete_permission(vec!["read".to_owned()]).await?;

AddPermissionForUser()

AddPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.AddPermissionForUser("bob", "read")
await e.addPermissionForUser('bob', 'read')
$e->addPermissionForUser("bob", "read");
var added = e.AddPermissionForUser("bob", "read");
or
var added = await e.AddPermissionForUserAsync("bob", "read");
let added = e.add_permission_for_user("bob", vec!["read".to_owned()]).await?;

AddPermissionsForUser()

AddPermissionsForUser adds multiple permissions for a user or role. Returns false if the user or role already has one of the permissions (aka not affected).

For example:

Rust
let permissions = vec![
vec!["data1".to_owned(), "read".to_owned()],
vec!["data2".to_owned(), "write".to_owned()],
];

let all_added = e.add_permissions_for_user("bob", permissions).await?;

DeletePermissionForUser()

DeletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeletePermissionForUser("bob", "read")
await e.deletePermissionForUser("bob", "read")
$e->deletePermissionForUser("bob", "read");
var deleted = e.DeletePermissionForUser("bob", "read");
or
var deleted = await e.DeletePermissionForUserAsync("bob", "read");
let deleted = e.delete_permission_for_user("bob", vec!["read".to_owned()]).await?;

DeletePermissionsForUser()

DeletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).

For example:

Go
Node.js
PHP
.NET
Rust
e.DeletePermissionsForUser("bob")
await e.deletePermissionsForUser('bob')
$e->deletePermissionsForUser("bob");
var deletedAtLeastOne = e.DeletePermissionsForUser("bob");
or
var deletedAtLeastOne = await e.DeletePermissionsForUserAsync("bob");
let deleted_at_least_one = e.delete_permissions_for_user("bob").await?;

GetPermissionsForUser()

GetPermissionsForUser gets permissions for a user or role.

For example:

Go
Node.js
PHP
.NET
e.GetPermissionsForUser("bob")
await e.getPermissionsForUser('bob')
$e->getPermissionsForUser("bob");
var permissions = e.GetPermissionsForUser("bob");

HasPermissionForUser()

HasPermissionForUser determines whether a user has a permission.

For example:

Go
Node.js
PHP
.NET
Rust
e.HasPermissionForUser("alice", []string{"read"})
await e.hasPermissionForUser('alice', 'read')
$e->hasPermissionForUser("alice", []string{"read"});
var has = e.HasPermissionForUser("bob", "read");
let has = e.has_permission_for_user("alice", vec!["data1".to_owned(), "read".to_owned()]);

GetImplicitRolesForUser()

GetImplicitRolesForUser gets implicit roles that a user has. Compared to GetRolesForUser(), this function retrieves indirect roles besides direct roles.

For example:
g, alice, role:admin
g, role:admin, role:user

GetRolesForUser("alice") can only get: ["role:admin"].
But GetImplicitRolesForUser("alice") will get: ["role:admin", "role:user"].

For example:

Go
Node.js
PHP
.NET
Rust
e.GetImplicitRolesForUser("alice")
await e.getImplicitRolesForUser("alice")
$e->getImplicitRolesForUser("alice");
var implicitRoles = e.GetImplicitRolesForUser("alice");
e.get_implicit_roles_for_user("alice", None); // No domain

GetImplicitPermissionsForUser()

GetImplicitPermissionsForUser gets implicit permissions for a user or role.
Compared to GetPermissionsForUser(), this function retrieves permissions for inherited roles.

For example:
p, admin, data1, read
p, alice, data2, read
g, alice, admin

GetPermissionsForUser("alice") can only get: [["alice", "data2", "read"]].
But GetImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].

For example:

Go
Node.js
PHP
.NET
Rust
e.GetImplicitPermissionsForUser("alice")
await e.getImplicitPermissionsForUser("alice")
$e->getImplicitPermissionsForUser("alice");
var implicitPermissions = e.GetImplicitPermissionsForUser("alice");
e.get_implicit_permissions_for_user("alice", None); // No domain
← Management API멀티 스레딩 →
  • Reference
    • GetRolesForUser()
    • GetUsersForRole()
    • HasRoleForUser()
    • AddRoleForUser()
    • AddRolesForUser()
    • DeleteRoleForUser()
    • DeleteRolesForUser()
    • DeleteUser()
    • DeleteRole()
    • DeletePermission()
    • AddPermissionForUser()
    • AddPermissionsForUser()
    • DeletePermissionForUser()
    • DeletePermissionsForUser()
    • GetPermissionsForUser()
    • HasPermissionForUser()
    • GetImplicitRolesForUser()
    • GetImplicitPermissionsForUser()
Casbin
Docs
Getting StartedManagement APIRBAC APIMiddlewares
Community
Who's using Casbin?ForumStack OverflowProject Chat
Casbin          jCasbin
Node-Casbin   PHP-CasbinPyCasbin          Casbin.NETCasbin-CPP        Casbin-RS
Follow @CasbinNews
Copyright © 2021 Casbin contributors.