@hsluoyz I understood you well. You can store it in a single Database field. The downside of it, the format as it is is useless. An userfriendly application has something where you have a permission process like this: 1. Create Users in e.g Table: User 2. Create Role in e.g. Table Role 4. Create Rights in e.g. Table Right 5. Assign Rights to Roles in e.g. Table Role_Right 6. Assign Users to Roles in e.g. Table Role_User So when you have a database design like this you have to transform the data for Casbin. Wouldnt it be easier if Casbin would a similar database design schema? In youre application you have a control or form or something for each of these objects.

Thank you again. I'm from .NET world so GO is not familar to me. Do you have something for .NET and SQL Server? If I am understand it right, with policy-subset-loading I can filter the policy itself. But the purpose is not to query against a database. Right?

When the string is not stored in the database than in a static file? But why? The whole application data is stored in the database. When permission changes you need to store the data in standard format. The Users and Roles are also stored in the Database. So why not save the relations to the permissions also in the database? I can not pass the Casbin Config as it is to the Client.

@hsluoyz Thank you for your response. Unfortunately the possibility to get the all permissions for a single user does not solve the problem at all. I mean its a common issue. Lets assume I have a lot of orders. The user want to have an overview of orders assigned to him. So what is the best practice? Query ALL orders, GetPermissionsFor User and then iterate over to retrieve orders assigned to him? This practice would kill the Database Server and the Applikation also. My idea behind this is a Database Interface. So I can query inside the database. SELECT * FROM Orders WHERE UserId IN ({PermissionsForUser}) This Feature would Casbin make perfekt. I could Query Permissions inside the Database. What do you think?