Overview

Casbin is an efficient, open-source access control library designed to enforce authorization through support for multiple access control models.

Implementing rule-based access control is straightforward: define subjects, objects, and permitted actions in a policy file using any format that suits your requirements. This pattern remains consistent throughout all Casbin implementations. Through the model file, developers and administrators maintain full authority over authorization logic, including layout, execution flow, and conditional requirements. To validate incoming requests against your defined policy and model files, Casbin provides an Enforcer component.

ภาษาที่รองรับโดย Casbin

Casbin offers native support across multiple programming languages, enabling seamless integration into diverse projects and workflows:

Casbin	jCasbin	node-Casbin	PHP-Casbin
พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต

PyCasbin	Casbin.NET	Casbin-CPP	Casbin-RS
พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต	พร้อมใช้งานในการผลิต

ชุดคุณสมบัติสำหรับภาษาต่างๆ

Our goal is feature parity across all language implementations, though we haven't achieved complete uniformity yet.

คุณสมบัติ	Go	Java	Node.js	PHP	Python	C#	Delphi	Rust	C++	Lua	Dart	Elixir
Enforcement	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅
RBAC	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅
ABAC	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅
Scaling ABAC (eval())	✅	✅	✅	✅	✅	✅	❌	✅	✅	✅	✅	✅
Adapter	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	❌
Management API	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅
RBAC API	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅
Batch API	✅	✅	✅	✅	✅	✅	❌	✅	✅	✅	❌	❌
Filtered Adapter	✅	✅	✅	✅	✅	✅	❌	✅	✅	✅	❌	❌
Watcher	✅	✅	✅	✅	✅	✅	✅	✅	✅	✅	❌	❌
Role Manager	✅	✅	✅	✅	✅	✅	❌	✅	✅	✅	✅	❌
Multi-Threading	✅	✅	✅	❌	✅	❌	❌	✅	❌	❌	❌	❌
'in' of matcher	✅	✅	✅	✅	✅	❌	✅	❌	❌	❌	✅	✅

Note - A checkmark (✅) for Watcher or Role Manager indicates that the interface exists in the core library, not necessarily that an implementation is available.

Casbin เป็นไลบรารีการอนุญาตที่สามารถใช้ในกระบวนการที่เราต้องการให้ object หรือเอนทิตี้ถูกเข้าถึงโดยผู้ใช้เฉพาะหรือ subject

Casbin serves as an authorization library for scenarios requiring controlled access to resources. In typical usage, a subject (user or service) requests access to an object (resource or entity) to perform an action (such as read, write, or delete). Developers define these actions according to their application needs. This represents the "standard" or classic { subject, object, action } authorization flow that Casbin handles most commonly.

Beyond this standard model, Casbin accommodates complex authorization scenarios by supporting roles (RBAC), attributes (ABAC), and other advanced patterns.

บังคับใช้นโยบายในรูปแบบคลาสสิก { subject, object, action } หรือรูปแบบที่กำหนดเองตามที่คุณกำหนด

1. Applies policy enforcement in the classic { subject, object, action } format or any custom format you define, supporting both allow and deny authorizations.
2. Manages storage for the access control model and associated policies.
3. Handles user-role and role-role relationships (the role hierarchy concept in RBAC).
4. Recognizes built-in superusers such as root or administrator who have unrestricted access without requiring explicit permission rules.
5. Supplies various built-in operators for pattern matching in rules—for instance, keyMatch matches resource key /foo/bar to pattern /foo*.

สิ่งที่ Casbin ไม่ทำ NOT Do

1. User authentication (validating username and password credentials during login)
2. User or role list management

Most applications already manage their own user accounts, roles, and credentials. Casbin wasn't designed as a password storage system—it focuses solely on authorization. That said, Casbin does maintain user-role associations when operating in RBAC mode.