hadihammurabi/casbin.md

## casbin.md

      
    Raw
  

              casbin.md
            
          
    Casbin

Model


request_definition pola parameter pengecekan otorisasi.
policy_definition pola otorisasi yang terdaftar.
role_definition pola role atau group yang terdaftar.
policy_effect kondisi untuk menentukan diizinkan atau tidak.
matchers kondisi yang digunakan untuk memenuhi kondisi pada policy effect.

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
Policy


p untuk mendaftarkan permission sesuai pola policy pada model.
g untuk mendaftarkan role atau group sesuai pola role pada model.


Policy bisa digunakan untuk memberi permission pada role, kemudian user dapat dimasukkan pada role tersebut.


Permission pada role tertentu dapat diberikan ke role lainnya, melalui g, penerima, pemberi.

p, admin, users, write
p, user, users, read

g, admin, user
g, alice, admin
g, bob, user


## example-casbin.go
package main

import (
	"log"

	"github.com/casbin/casbin/v2"
	gormadapter "github.com/casbin/gorm-adapter/v3"
	"gorm.io/driver/postgres"
	"gorm.io/gorm"
)

func main() {
	dsn := "host=localhost user=hammurabi password=hammurabi dbname=belajar_casbin port=5432 sslmode=disable TimeZone=Asia/Jakarta"
	db, _ := gorm.Open(postgres.Open(dsn), &gorm.Config{})

	// You can also use an already existing gorm instance with gormadapter.NewAdapterByDB(gormInstance)
	adapter, _ := gormadapter.NewAdapterByDB(db)
	enforcer, _ := casbin.NewEnforcer("rbac_model.conf", adapter)

	enforcer.LoadPolicy()
	log.Println(enforcer.Enforce("hadi", "users", "read"))

	// Modify the policy.
	enforcer.AddPolicy("student", "users", "read")
	enforcer.AddPolicy("school", "users", "create")
	enforcer.AddPolicy("admin", "users", "update")
	enforcer.AddPolicy("admin", "users", "delete")
	enforcer.AddRoleForUser("admin", "school")
	enforcer.AddRoleForUser("school", "student")
	enforcer.AddRoleForUser("raja", "admin")
	enforcer.AddRoleForUser("hadi", "student")

	// Save the policy back to DB.
	enforcer.SavePolicy()
}
	package main

	import (
	"log"

	"github.com/casbin/casbin/v2"
	gormadapter "github.com/casbin/gorm-adapter/v3"
	"gorm.io/driver/postgres"
	"gorm.io/gorm"
	)

	func main() {
	dsn := "host=localhost user=hammurabi password=hammurabi dbname=belajar_casbin port=5432 sslmode=disable TimeZone=Asia/Jakarta"
	db, _ := gorm.Open(postgres.Open(dsn), &gorm.Config{})

	// You can also use an already existing gorm instance with gormadapter.NewAdapterByDB(gormInstance)
	adapter, _ := gormadapter.NewAdapterByDB(db)
	enforcer, _ := casbin.NewEnforcer("rbac_model.conf", adapter)

	enforcer.LoadPolicy()
	log.Println(enforcer.Enforce("hadi", "users", "read"))

	// Modify the policy.
	enforcer.AddPolicy("student", "users", "read")
	enforcer.AddPolicy("school", "users", "create")
	enforcer.AddPolicy("admin", "users", "update")
	enforcer.AddPolicy("admin", "users", "delete")
	enforcer.AddRoleForUser("admin", "school")
	enforcer.AddRoleForUser("school", "student")
	enforcer.AddRoleForUser("raja", "admin")
	enforcer.AddRoleForUser("hadi", "student")

	// Save the policy back to DB.
	enforcer.SavePolicy()
	}