need pattern/matcher to allow sub/user of a group (admin/root) to allow any action on any object

Casbin = way to authorization

A place for Casbin developers and users

已注册用户请登录

主题样式选择

默认主题样式 ✅

知乎主题样式

这是一个创建于 718 天前的主题，其中的信息可能已经有所发展或是发生改变。

Using the RBAC with resources model, how do people usually implement a matcher to allow a sub/user to allow any action (anything of read, write, create, delete, etc...) on any object?

I have certainly seen a matcher where the request sub is a particular user.

108 次点击 ∙ 0 人收藏

Tweet Weibo 忽略主题

4 条回复 •

hsluoyz2年前

Use keyMatch():

p, alice, *, *

Use regexMatch():

p, alice, .*, .*

ferrous2年前

Thank you, I will try that. I had wondered about the use of * and if it was a true regex or not. Seems like you have to pick the correct matcher impl based on what you are saying.

thanks!

Same as my other post :) but is there a casbin example that I perhaps missed that shows this/

hsluoyz2年前

All these built-in functions are documented here: https://casbin.org/docs/en/function

ferrous2年前

Thanks. I think I'm not blocked anymore. Appreciate your help.