Policy Storage
In Casbin, the policy storage is implemented as an adapter.
Loading policy from a .CSV file
This is the most common way to use Casbin. It is easy to understand for beginners and convenient for sharing when you ask the Casbin team for help.
The content of the .CSV file examples/rbac_policy.csv is as follows:
p, alice, data1, read
p, bob, data2, write
p, data2_admin, data2, read
p, data2_admin, data2, write
g, alice, data2_admin
If your file contains commas, you should wrap them in double quotes. For example:
p, alice, "data1,data2", read --correct
p, alice, data1,data2, read --incorrect (the whole phrase "data1,data2" should be wrapped in double quotes)
If your file contains commas and double quotes, you should enclose the field in double quotes and double any embedded double quotes.
p, alice, data, "r.act in (""get"", ""post"")" --correct
p, alice, data, "r.act in ("get", "post")" --incorrect (you should use "" to escape "")
Related issue: casbin#886
Adapter API
| Method | Type | Description |
|---|---|---|
| LoadPolicy() | basic | Load all policy rules from the storage |
| SavePolicy() | basic | Save all policy rules to the storage |
| AddPolicy() | optional | Add a policy rule to the storage |
| RemovePolicy() | optional | Remove a policy rule from the storage |
| RemoveFilteredPolicy() | optional | Remove policy rules that match the filter from the storage |
Database Storage Format
Your policy file
p, data2_admin, data2, read
p, data2_admin, data2, write
g, alice, admin
Corresponding database structure (such as MySQL)
| id | ptype | v0 | v1 | v2 | v3 | v4 | v5 |
|---|---|---|---|---|---|---|---|
| 1 | p | data2_admin | data2 | read | |||
| 2 | p | data2_admin | data2 | write | |||
| 3 | g | alice | admin |
Meaning of each column
id: The primary key in the database. It does not exist as part of thecasbin policy. The way it is generated depends on the specific adapter.ptype: It corresponds top,g,g2, etc.v0-v5: The column names have no specific meaning and correspond to the values in thepolicy csvfrom left to right. The number of columns depends on how many you define yourself. In theory, there can be an infinite number of columns, but generally only 6 columns are implemented in the adapter. If this is not enough for you, please submit an issue to the corresponding adapter repository.
Adapter Details
For more details about the use of the adapter API and database table structure design, please visit: /docs/adapters