Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] role cross reference is it harmless? #1088

Closed
HimawariSunFlower opened this issue Aug 25, 2022 · 4 comments
Closed

[Question] role cross reference is it harmless? #1088

HimawariSunFlower opened this issue Aug 25, 2022 · 4 comments
Assignees
@hsluoyz
Labels
question

Comments

@HimawariSunFlower
Copy link

Want to prioritize this issue? Try:

issuehunt-to-marktext

What's your scenario? What do you want to achieve?
i'm building a RBAC access control system,and i wanna kown my AddRolesForUser verify Is it necessary?

Your model:

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act

Your policy:

p, data1_user, data1, read
p, data2_admin, data2, read
p, data2_admin, data2, write

g, data1_user, data2_admin

Your request(s):

if Enforcer.AddRolesForUser("data2_admin","data1_user") pass ,policy will add "g,data2_admin,data1_user".Is it harmless?or i need check param before use function.i'm tried testing,it's look like harmless,but i wanna konw a true answer.
@casbin-bot
Copy link
Member

@tangyang9464 @JalinWang

@hsluoyz
Copy link
Member

hsluoyz commented Aug 25, 2022

@JalinWang

/cc @tangyang9464

@JalinWang
Copy link
Member

@HimawariSunFlower Thanks for concerning.
I think it's okay. I don't see any problem till now.

@hsluoyz
Copy link
Member

hsluoyz commented Aug 25, 2022

Closed as resolved

@hsluoyz hsluoyz closed this as completed Aug 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsluoyz hsluoyz

Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hsluoyz @JalinWang @HimawariSunFlower @casbin-bot