Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] using eval() and no polices added, the admin won't be check #1334

Open
BERZERKCOOLeST opened this issue Oct 21, 2023 · 1 comment
Open

[Question] using eval() and no polices added, the admin won't be check #1334

BERZERKCOOLeST opened this issue Oct 21, 2023 · 1 comment
Assignees
@hsluoyz
Labels
enhancement question
Projects
Casbin Easy Tasks for Beginners/Stude...

Comments

@BERZERKCOOLeST
Copy link

BERZERKCOOLeST commented Oct 21, 2023
edited 

type User struct {
	Name string
	Age  int
}

var abacConf = `[request_definition]
r = sub, obj, act

[policy_definition]
p = sub_rule, obj, act

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = eval(p.sub_rule) && r.obj == p.obj && r.act == p.act || r.sub.Name == 'admin'`

func TestABAC(t *testing.T) {
	m, _ := model.NewModelFromString(abacConf)
	e, _ := casbin.NewEnforcer(m, false)
	// e.AddPolicy("r.sub.Age > 18", "res", "read") // if uncomment this line, we get result(ok is true, err is nil).
	ok, err := e.Enforce(&User{
		Name: "admin",
		Age:  17,
	}, "res", "read")
	t.Log(ok, err) // false please make sure rule exists in policy when using eval() in matcher
}

it returns the error now even that sub is a admin, how to deal with this?
@casbin-bot
Copy link
Member

@tangyang9464 @JalinWang

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsluoyz hsluoyz

Labels
enhancement question
Projects
Casbin Easy Tasks for Beginners/Stude...
Casbin Easy Tasks
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hsluoyz @BERZERKCOOLeST @casbin-bot