Casbin

Casbin

  • 문서
  • API
  • 편집기
  • JetBrains Plugin
  • Dashboard
  • Forum
  • OA
  • Trend
  • Cloud
  • 도움말
  • 블로그
  • Languages icon한국어
    • English
    • 中文
    • 번역 참여하기
  • GitHub

›모델

기초

  • 개요(Overview)
  • 시작하기
  • 작동 원리
  • 자습서

모델

  • 지원하는 접근 제어 모델
  • 모델(Model) 문법
  • 함수
  • RBAC
  • RBAC + 도메인
  • ABAC

저장소

  • 모델(Model) 저장
  • 정책(Policy) 저장
  • 정책(Policy) 부분 집합 불러오기

확장 기능

  • 어댑터
  • 감시자
  • Dispatchers
  • 역할(Role) 관리자
  • 미들웨어

API

  • Management API
  • RBAC API

고급 사용법 (Advanced usage)

  • 멀티 스레딩
  • 벤치마크

관리

  • 관리자 포탈
  • Casbin 서비스
  • 로깅 및 오류 처리
  • 온라인 편집기
  • Frontend Usage

자세히

  • Casbin 적용 사례
  • Privacy Policy
  • Terms of Service
Translate

RBAC + 도메인

Role definition with domains tenants

The RBAC roles in Casbin can be global or domain-specific. Domain-specify roles mean that the roles for a user can be different when the user is at different domains/tenants. This is very useful for large systems like a cloud, as the users are usually in different tenants.

The role definition with domains/tenants should be something like:

[role_definition]
g = _, _, _

The 3rd _ means the name of domain/tenant, this part should not be changed. Then the policy can be:

p, admin, tenant1, data1, read
p, admin, tenant2, data2, read

g, alice, admin, tenant1
g, alice, user, tenant2

It means admin role in tenant1 can read data1. And alice has admin role in tenant1, and has user role in tenant2. So she can read data1. However, since alice is not an admin in tenant2, she cannot read data2.

Then in a matcher, you should check the role as below:

[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

Please see the rbac_with_domains_model.conf for examples.

← RBACABAC →
  • Role definition with domains tenants
Casbin
Docs
Getting StartedManagement APIRBAC APIMiddlewares
Community
Who's using Casbin?ForumStack OverflowProject Chat
Casbin          jCasbin
Node-Casbin   PHP-CasbinPyCasbin          Casbin.NETCasbin-CPP        Casbin-RS
Follow @CasbinNews
Copyright © 2021 Casbin contributors.