We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Want to prioritize this issue? Try:
What's your scenario? What do you want to achieve? I've tried to build following model and policy where
companyA
companyB
financePerson
I can make request to companyB's resource being on companyA. But I am also looking some ways to make request to companyB's resource being on companyB
Your model:
[request_definition] r = user, domain, resource, action [policy_definition] p = user, domain, eft, resource, action [role_definition] g = _, _, _ g2 = _, _ [policy_effect] e = some(where (p.eft == allow)) && !some(where (p.eft == deny)) [matchers] m = g(r.user, p.user, r.domain) && keyMatch2(r.resource, p.resource) && keyMatch2(r.action, p.action) && (g2(r.domain, p.domain) || keyMatch4(r.domain, p.domain))
Your policy:
p, financePerson, companyA, allow, /restrict, GET p, financePerson, companyA, deny, /restrict, POST p, financePerson, companyB, allow, /restricted, GET g, sujit, financePerson, companyA g2, companyA, companyB
Your request(s):
sujit, companyA, /restricted, GET ---> true (expected: true) sujit, companyB, /restricted, GET ---> false (expected: true)
https://editor.casbin.org/#E7X7LBRDM
I would appreciate to find some help
The text was updated successfully, but these errors were encountered:
@tangyang9464 @JalinWang
Sorry, something went wrong.
@sujit-baniya what's your question? What to expect and what you got?
How to Enforce the hierarchical permission for child company? I tried defining model as mentioned above and added sample policies.
As for policy, following should hold true
But it's not working as expected. How to fix model to achive the correct answer?
hsluoyz
No branches or pull requests
Want to prioritize this issue? Try:
What's your scenario? What do you want to achieve?
I've tried to build following model and policy where
companyA
has childcompanyB
.financePerson
tocompanyA
I can make request to
companyB
's resource being oncompanyA
. But I am also looking some ways to make request tocompanyB
's resource being oncompanyB
Your model:
Your policy:
Your request(s):
https://editor.casbin.org/#E7X7LBRDM
I would appreciate to find some help
The text was updated successfully, but these errors were encountered: