casbin-权限管理 - GO - 程序员开发

TOP

casbin-权限管理(二)

2018-11-20 12:08:17 【大中小】浏览:1554次

ERROR: quyuan can not read asse") } if e.Enforce("quyuan", "asse", "write") { log.Println("quyuan can write asse") } else { log.Fatal("ERROR: quyuan can not write asse") } // zhuangjia if e.Enforce("wenyin", "project", "read") { log.Fatal("ERROR: wenyin can read project") } else { log.Println("wenyin can not read project") } if e.Enforce("wenyin", "project", "write") { log.Println("wenyin can write project") } else { log.Fatal("ERROR: wenyin can not write project") } if e.Enforce("wenyin", "asse", "read") { log.Fatal("ERROR: wenyin can read asse") } else { log.Println("wenyin can not read asse") } if e.Enforce("wenyin", "asse", "write") { log.Println("wenyin can write asse") } else { log.Fatal("ERROR: wenyin can not write asse") } // shangshang if e.Enforce("shangshang", "project", "read") { log.Println("shangshang can read project") } else { log.Fatal("ERROR: shangshang can not read project") } if e.Enforce("shangshang", "project", "write") { log.Fatal("ERROR: shangshang can write project") } else { log.Println("shangshang can not write project") } if e.Enforce("shangshang", "asse", "read") { log.Println("shangshang can read asse") } else { log.Fatal("ERROR: shangshang can not read asse") } if e.Enforce("shangshang", "asse", "write") { log.Fatal("ERROR: shangshang can write asse") } else { log.Println("shangshang can not write asse") } }

多租户示例

定义 model file

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

定义 policy file

p, superAdmin, gy, project, read
p, superAdmin, gy, project, write
p, superAdmin, jn, project, read
p, superAdmin, jn, project, write
p, admin, gy, project, read
p, admin, gy, project, write
p, admin, jn, asse, read
p, admin, jn, asse, write
p, zhuangjia, jn, project, write
p, zhuangjia, gy, asse, write

g, quyuan, admin, gy
g, quyuan, admin, jn
g, wenyin, zhuangjia, gy
g, shangshang, zhuangjia, jn

测试代码

package tenants

import (
  "fmt"
  "log"

  "github.com/casbin/casbin"
)

// TestTenants test tenants
func TestTenants() {
  e := casbin.NewEnforcer("tenants/tenants.conf", "tenants/tenants.csv")

  fmt.Printf("RBAC TENANTS test start\n") // output for debug

  // superAdmin
  if e.Enforce("superAdmin", "gy", "project", "read") {
    log.Println("superAdmin can read project in gy")
  } else {
    log.Fatal("ERROR: superAdmin can not read project in gy")
  }

  if e.Enforce("superAdmin", "gy", "project", "write") {
    log.Println("superAdmin can write project in gy")
  } else

首页上一页 1 2 3 4 下一页尾页 2/4/4
【大中小】【打印】【繁体】【投稿】【收藏】【推荐】【举报】【评论】【关闭】【返回顶部】

上一篇：Qt的内存管理机制	下一篇：Go基础系列：channel入门