implicit policies #1115
-
|
how can I create policies that are applied to all subjects automatically? I thought that casbin was designed to have each subject with its own roles and permission, so that when a user is created, new policies for that user are created to but digging deeper it seems you should only apply policies to specific users you want to have specific perms, like admins, mods etc. so then there must be a way to apply a policy for all subjects implicitly? How can I do this? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 4 replies
-
|
ok so I figured out how to do it without groups but I'm not sure how to achieve this: to allow user group to all subjects |
Beta Was this translation helpful? Give feedback.
-
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = (g(r.sub, p.sub) || p.sub == "everyone") && r.obj == p.obj && r.act == p.actp, everyone, resource1, read, allow
p, everyone, resource2, read, allow
p, everyone, resource3, read, allow |
Beta Was this translation helpful? Give feedback.
-
|
so if I want to apply polices for everyone I can't add those policies to a group and then apply that group to everyone that way? |
Beta Was this translation helpful? Give feedback.
-
|
I'd like to group multiple policies together and apply that to everyone. This way I don't have to remove policies one by one, I can instead remove one line. |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
|
@hsluoyz I think I found something that seems to work. Is there something I've missed? |
Beta Was this translation helpful? Give feedback.
-
|
@SirMetathyst create a github issue instead |
Beta Was this translation helpful? Give feedback.
@hsluoyz I think I found something that seems to work. Is there something I've missed?