I find a powerful and efficient open-source access control library casbin
support various access control models, awesome
I find a powerful and efficient open-source access control library casbin
support various access control models, awesome
Tried it already?
Yes,I think it is easier to use,
RBAC example
/** @var Casbin $casbin */
$casbin = Yii::get('casbin');
$sub = 'alice'; // the user that wants to access a resource.
$obj = 'data1'; // the resource that is going to be accessed.
$act = 'read'; // the operation that the user performs on the resource.
$enforcer = $casbin->getEnforcer();
// give user "alice1" the "read" permission for "data1" resource
$enforcer->addPermissionForUser('alice1', 'data1', 'read');
// give role "group_admin" the "read" permission for "data1" resource
$enforcer->addPermissionForUser('group_admin', 'data1', 'read');
// assigning role to user
$enforcer->addRoleForUser('alice', 'group_admin');
// access check
$result = $enforcer->enforce($sub, $obj, $act);
I created a demo project, you can try it out https://github.com/jk2K/yii-casbin-demo
php-casbin is a port of casbin, https://github.com/casbin/casbin have 3500 star
Do you have to make the calls to add permissions on every call? Or does it save this information in a database or something?
-John
don’t need to call every time, I am just demonstrating how the api should be used
In casbin, the policy storage is implemented as an adapter, casbin user can use an adapter to load policy rules from a storage(aka database), see more
database example
Hi! What does mean ptype and v0-v5?
they are reserved fields that support multiple access control model,
for RBAC model
, v0 is user or role
v1 is resource
v2 is permission
ptype is type: policy_definition or role_definition
Thanks! For ABAC model what does mean?