大家好,欢迎来到IT知识分享网。
Casbin之ABAC
1.model.conf文件
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[matchers]
m = r.sub.Hour >= 9 && r.sub.Hour < 18 || r.sub.Name == r.obj.Owner
[policy_effect]
e = some(where (p.eft == allow))
2.Policy.conf文件
注意:虽然不需要Policy.conf文件,但是还是得在model.conf定义
[policy_definition]
p = sub, obj, act与
[policy_effect]
e = some(where (p.eft == allow))
这两个都不能少
3.main
package main
import (
"fmt"
"github.com/casbin/casbin/v2"
"log"
)
type Object struct {
Name string
Owner string
}
type Subject struct {
Name string
Hour int
}
func check(e *casbin.Enforcer, sub Subject, obj Object, act string) {
ok, _ := e.Enforce(sub, obj, act)
if ok {
fmt.Printf("%s CAN %s %s at %d:00\n", sub.Name, act, obj.Name, sub.Hour)
} else {
fmt.Printf("%s CANNOT %s %s at %d:00\n", sub.Name, act, obj.Name, sub.Hour)
}
}
func main() {
e, err := casbin.NewEnforcer("./casbin/model.conf")
if err != nil {
log.Fatalf("NewEnforecer failed:%v\n", err)
}
o := Object{
"data", "dajun"}
s1 := Subject{
"dajun", 10}
check(e, s1, o, "read")
s2 := Subject{
"lizi", 10}
check(e, s2, o, "read")
s3 := Subject{
"dajun", 20}
check(e, s3, o, "read")
s4 := Subject{
"lizi", 20}
check(e, s4, o, "read")
}
4.输出及结构
5.讲解
免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://yundeesoft.com/24860.html