Casbin: a new authorization library that supports ACL, RBAC, ABAC

I find a powerful and efficient open-source access control library casbin

support various access control models, awesome

2 Likes

Tried it already?

Yes,I think it is easier to use,

RBAC example

/** @var Casbin $casbin */
$casbin = Yii::get('casbin');
$sub = 'alice'; // the user that wants to access a resource.
$obj = 'data1'; // the resource that is going to be accessed.
$act = 'read'; // the operation that the user performs on the resource.

$enforcer = $casbin->getEnforcer();
// give user "alice1" the "read" permission for "data1" resource
$enforcer->addPermissionForUser('alice1', 'data1', 'read');
// give role "group_admin" the "read" permission for "data1" resource
$enforcer->addPermissionForUser('group_admin', 'data1', 'read');
// assigning role to user
$enforcer->addRoleForUser('alice', 'group_admin');

// access check
$result = $enforcer->enforce($sub, $obj, $act);

I created a demo project, you can try it out https://github.com/jk2K/yii-casbin-demo

php-casbin is a port of casbin, https://github.com/casbin/casbin have 3500 star

Do you have to make the calls to add permissions on every call? Or does it save this information in a database or something?

-John

don’t need to call every time, I am just demonstrating how the api should be used

In casbin, the policy storage is implemented as an adapter, casbin user can use an adapter to load policy rules from a storage(aka database), see more

database example

Hi! What does mean ptype and v0-v5?

they are reserved fields that support multiple access control model,

for RBAC model
, v0 is user or role
v1 is resource
v2 is permission

ptype is type: policy_definition or role_definition

Thanks! For ABAC model what does mean?