Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Golang backend ( CasbinJsGetPermissionForUser ) not working with casbin.js ( react ) #66

Closed
Kliton opened this issue May 12, 2021 · 5 comments · Fixed by #85
Closed

Golang backend ( CasbinJsGetPermissionForUser ) not working with casbin.js ( react ) #66

Kliton opened this issue May 12, 2021 · 5 comments · Fixed by #85
Assignees
@hsluoyz
Labels
bug Something isn't working released

Comments

@Kliton
Copy link

Kliton commented May 12, 2021

The problem is that CasbinJsGetPermissionForUser on backend reeturns this:

{
    "m": "[request_definition]\nr = sub, dom, obj, act\n[policy_definition]\np = sub, dom, obj, act\n[role_definition]\ng = _, _, _\n[policy_effect]\ne = some(where (p.eft == allow))\n[matchers]\nm = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act\n",
    "p": [
        [
            "p",
            "admin",
            "default",
            "users",
            "read"
        ],
        [
            "p",
            "admin",
            "default",
            "users",
            "write"
        ]
    ]
}

My policies are

p, admin, default, users, read
p, admin, default, users, write

g, demo1, admin, default

My model is:

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

On frontend side ( react with casbin.js )
I'm doing this:

const authorizer = new casbinjs.Authorizer("manual");
/* other code... */
authorizer.setPermission(responseFromCasbinJsGetPermissionForUser);


 let can = await authorizer.can('read', 'users'); // -> Return FALSE, which is wrong

Why is not working?
@hsluoyz
Copy link
Member

hsluoyz commented May 13, 2021

@closetool @Zxilly plz do this together.

@hsluoyz hsluoyz self-assigned this May 13, 2021
@hsluoyz hsluoyz added the bug Something isn't working label May 13, 2021
@Zxilly
Copy link
Contributor

Zxilly commented May 13, 2021

@Kliton As for now, casbin.js is a wrapper of node-casbin. You can use node-casbin directly.

@Kliton
Copy link
Author

Kliton commented May 13, 2021

Ok i will try

@MRGUOKING
Copy link
Member

MRGUOKING commented Jun 8, 2021
edited
Loading

@Kliton I have saw the Official documents and source code of casbin.js. If you want to use "manual" model. your permission style should like this

{
    "read": ['data1', 'data2'],
    "write": ['data1']
}

if you use "auto" model ,you should write like this

// Set your backend casbin service url
const authorizer = new casbinjs.Authorizer('auto', {endpoint: 'http://Domain_name/casbin/api'});

// When the identity shifts, reset the user. Casbin.js will automatically fetch the permission from the endpoint.
await authorizer.setUser("Tom");

so you can use the 'auto' model when get restult from backend
you can see the official document casbin.js

This's my understanding. If there is any mistake ,please correct it

@Gabriel-403 Gabriel-403 mentioned this issue Jun 14, 2021
Merged
@hsluoyz hsluoyz removed this from Casbin.js Easy Tasks in Casbin Easy Tasks for Beginners/Student Applicants Jun 15, 2021
@github-actions
Copy link

🎉 This issue has been resolved in version 0.4.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsluoyz hsluoyz

Labels
bug Something isn't working released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: support domain at auto mode Gabriel-403/casbin.js
4 participants
@hsluoyz @Kliton @Zxilly @MRGUOKING