主题样式选择
默认主题样式 ✅
知乎主题样式
这是一个创建于 1926 天前的主题,其中的信息可能已经有所发展或是发生改变。
Hi, its so chinese here. Dont understand anythink. But thankful you also have english support. So I hope I can share my wishes: 1. I wish to Qery my permissions. Lets assume I have a lot of orders assigned to users and groups. So I can enforce a single order to ask if I have the permission for this order. The problem is, the data is persistend stored in a database and it is not clever to query all order and then iterate over to ask if I have permission for. My idea is, I can query the permissions by saying f.e.
match: obj==order&&akt==view user: 123 seperator: , mask: '
and then I would receive a string like "'order_1',"order_4",'order9'". this string I could couple with SQL Where Clause: SELECT * FROM Orders WHERE OrderId IN (MySeperatedString).
5 条回复 • 2021-01-24 10:57:40 +08:00
hsluoyz5年前
Hi @Kingside, you can use GetImplicitPermissionsForUser() API: https://casbin.org/docs/en/rbac-api#getimplicitpermissionsforuser
Another option is batchEnforce(), but it's still in development: https://github.com/casbin/casbin/issues/617
Kingside5年前
@hsluoyz Thank you for your response. Unfortunately the possibility to get the all permissions for a single user does not solve the problem at all. I mean its a common issue. Lets assume I have a lot of orders. The user want to have an overview of orders assigned to him. So what is the best practice? Query ALL orders, GetPermissionsFor User and then iterate over to retrieve orders assigned to him? This practice would kill the Database Server and the Applikation also. My idea behind this is a Database Interface. So I can query inside the database. SELECT * FROM Orders WHERE UserId IN ({PermissionsForUser}) This Feature would Casbin make perfekt. I could Query Permissions inside the Database. What do you think?
选择语言
选择编辑器