Casbin之ABAC「终于解决」

Casbin之ABAC「终于解决」Casbin之ABAC

大家好,欢迎来到IT知识分享网。

Casbin之ABAC

1.model.conf文件

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[matchers]
m = r.sub.Hour >= 9 && r.sub.Hour < 18 || r.sub.Name == r.obj.Owner

[policy_effect]
e = some(where (p.eft == allow))

2.Policy.conf文件

注意:虽然不需要Policy.conf文件,但是还是得在model.conf定义
[policy_definition]
p = sub, obj, act与
[policy_effect]
e = some(where (p.eft == allow))
这两个都不能少

image-20220216180922569

3.main

package main

import (
	"fmt"
	"github.com/casbin/casbin/v2"
	"log"
)

type Object struct { 
   
	Name  string
	Owner string
}

type Subject struct { 
   
	Name string
	Hour int
}

func check(e *casbin.Enforcer, sub Subject, obj Object, act string) { 
   
	ok, _ := e.Enforce(sub, obj, act)
	if ok { 
   
		fmt.Printf("%s CAN %s %s at %d:00\n", sub.Name, act, obj.Name, sub.Hour)
	} else { 
   
		fmt.Printf("%s CANNOT %s %s at %d:00\n", sub.Name, act, obj.Name, sub.Hour)
	}
}

func main() { 
   
	e, err := casbin.NewEnforcer("./casbin/model.conf")
	if err != nil { 
   
		log.Fatalf("NewEnforecer failed:%v\n", err)
	}

	o := Object{ 
   "data", "dajun"}
	s1 := Subject{ 
   "dajun", 10}
	check(e, s1, o, "read")

	s2 := Subject{ 
   "lizi", 10}
	check(e, s2, o, "read")

	s3 := Subject{ 
   "dajun", 20}
	check(e, s3, o, "read")

	s4 := Subject{ 
   "lizi", 20}
	check(e, s4, o, "read")
}

4.输出及结构

image-20220216181411004

image-20220216181402855

image-20220216181521665

image-20220216185010955

5.讲解

image-20220216180749733

免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://yundeesoft.com/24860.html

(0)

相关推荐

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

关注微信