[Question] Domain API not working?

[fracartdev]

Want to prioritize this issue? Try:

---

What's your scenario? What do you want to achieve?
I'm trying to work on a RBAC with Domains system, I'm using the default configuration from the editor, but all the API commands for the domains don't work. For example, e.DeleteDomain("domain1") always returns false (not even an error). I'm storing everything on Postgres and I'm using the default adapter. Everything looks ok on the db table.

Your model:

[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

Your policy:

p, admin, domain1, createUser, allow
p, admin, domain1, deleteUser, allow
p, user, domain1, addComment, allow
p, admin, doman2, createUser, allow

g, alice, admin, domain1
g, bob, admin, domain2

Your request(s):

To have the API to work.

[hsluoyz]

@closetool @tangyang9464

[tangyang9464]

@fracartdev After my test, e.DeleteDomain("domain1") return true.
There may be a problem with your db.Plz provide more information so that I can reproduce the error

[kilosonc]

@fracartdev Can I have your source code, you said you use the default adapter, but the default adapter could not operate postgresql.

[tangyang9464]

@tangyang9464 Can I have your source code, you said you use the default adapter, but the default adapter could not operate postgresql.

No,I just test with the file.

[fracartdev]

This is how I init the app

var Enforcer *casbin.Enforcer

func Init() error {

	a, err := pgadapter.NewAdapterByDB(db.Db, pgadapter.WithTableName("casbin"))
	if err != nil {
		return err
	}

	m, err := model.NewModelFromString(`
[request_definition]
r = sub, dom, obj, act

[policy_definition]
p = sub, dom, obj, act

[role_definition]
g = _, _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act
`)

	if err != nil {
		log.Fatalf("error: model: %s", err)
	}

	enforcer, err := casbin.NewEnforcer(m, a)

	if err != nil {
		return err
	}

	Enforcer = enforcer
	return AddDefaultPoliciesAndGroups()
}

then I add some default groups and policies

func AddDefaultPoliciesAndGroups() error {
	// p = sub, dom, obj, act
	policies := [][]string{
		{"admin", "domain1", "createCompany", "allow"},
		{"admin", "domain1", "deleteCompany", "allow"},
		{"admin", "domain1", "updateCompany", "allow"},
	}

	_, err := Enforcer.AddPolicies(policies)
	if err != nil {
		return err
	}

	groups := [][]string{
		{"test@user.com", "admin", "domain1"},
	}

	_, err = Enforcer.AddNamedGroupingPolicies("g", groups)
	if err != nil {
		return err
	}

	return nil
}

and eventually the DB table named "casbin" looks like this

If I then try to Enforcer.DeleteDomain("domain1"), it returns false and nothing happens.

[kilosonc]

@fracartdev These's a redundant right parenthesis at end of your matcher.
m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act)

[fracartdev]

A typo while I was bringing the code here :) it's not in the source code

[kilosonc]

@fracartdev Test with your source code, and it seems everything runs well.

func main() {
	err := Init()
	if err != nil {
		panic(err)
	}

	fmt.Println(Enforcer.Enforce("admin", "domain1", "createCompany", "allow"))
	fmt.Println(Enforcer.LoadPolicy())
	fmt.Println(Enforcer.Enforce("admin", "domain1", "createCompany", "allow"))
	fmt.Println(Enforcer.DeleteDomains("domain1"))
	fmt.Println(Enforcer.LoadPolicy())
	fmt.Println(Enforcer.Enforce("admin", "domain1", "createCompany", "allow"))
}

result is:

[Running] go run "/home/closetool/Desktop/playground/main.go"
true <nil>
<nil>
true <nil>
true <nil>
<nil>
false <nil>

[hsluoyz]

Closed as resolved.