Comments (5)
casbin-bot
commented on June 3, 2024
@smrpn @hackerchai @PsiACE @GopherJ
from casbin-rs.
hsluoyz
commented on June 3, 2024
@adeelfareed can you give a detailed example?
from casbin-rs.
adeelfareed
commented on June 3, 2024
@hsluoyz Please take a look, I have added an example.
from casbin-rs.
valkum
commented on June 3, 2024
We have a
pub trait RbacApiEx: RbacApi {
/// Gets implicit users for a role
fn get_implicit_users_for_role(&mut self, role: &str, domain: Option<&str>) -> Vec<String> {
let mut res: HashSet<String> = HashSet::new();
let mut q: Vec<String> = vec![role.to_owned()];
while !q.is_empty() {
let name = q.swap_remove(0);
let users = self.get_role_manager().write().get_users(&name, domain);
for r in users.into_iter() {
if res.insert(r.to_owned()) {
q.push(r);
}
}
}
res.into_iter().collect()
}
/// Gets implicit resources for a user
fn get_implicit_resources_for_user(
&mut self,
user: &str,
domain: Option<&str>,
) -> Vec<Vec<String>> {
let permissions = self.get_implicit_permissions_for_user(user, domain);
let mut result = Vec::new();
for permission in permissions {
// This resource is directly accessible by the user.
if permission[0] == user {
result.push(permission.clone());
continue;
}
// Now handle the implicit permissions
// First collect all rules that are implicitly accessible (v0) by the role (v1)
// The result is a Vec of Vecs which contain all v0 entries that are accessible by v1.
// The target v1 can be in v1 to v5 of the direct permissions
let t = permission
.iter()
.skip(1)
.map(|token| {
let mut tokens = self.get_implicit_users_for_role(token, domain);
tokens.push(token.clone());
tokens
})
.collect::<Vec<_>>();
// Extend each rule in result_local.
let mut result_local = vec![vec![user.to_string()]];
let tokens_length = permission.len();
for i in 0..tokens_length - 1 {
let mut n = Vec::new();
for tokens in &t[i] {
for policy in &result_local {
let mut t = policy.clone();
t.push(tokens.clone());
n.push(t);
}
}
result_local = n;
}
result.extend(result_local.into_iter());
}
result
}
}
impl<T: RbacApi> RbacApiEx for T {}
from casbin-rs.
hsluoyz
commented on June 3, 2024
from casbin-rs.
Related Issues (20)
- get_all_actions get_all_objects HOT 1
- Improve the auth capability for Tensorbase HOT 4
- Fix the CI error HOT 2
- Multithreaded environment: RwLock needed around Enforcer with sqlx-adapter? HOT 6
- Question: how to preload policy from file, then use db-backed adapter? HOT 12
- keyMatch2 and keyMatch3 can loop indefinitely HOT 7
- How to dynamically add a policy to a lazy static environment HOT 3
- Getting a error while setting up rust-basin-example in local environment HOT 8
- Benchmark workflow doesnโt work well HOT 1
- Support frontend WASM authorization via Casbin-RS HOT 2
- Enforcer shouldn't load full policy when loading a filtered adapter HOT 3
- Casbin Io Error HOT 2
- How is performance of the Rhai engine in Casbin? HOT 1
- does casbin-rs support mysql adapter? HOT 1
- rust multiple section types example HOT 1
- Question About ABAC Usage And Debug HOT 4
- Nightly (2024-02-06) Fails to Build due to old dependency on ahash 0.7.7 HOT 3
- macos m1 build error HOT 3
- Make a Casbin authorization middleware for Salvo
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from casbin-rs.