Add Provider interface for importing external identity and authorization systems

[Copilot]

Adds Provider interface to enable importing identity and authorization data from external sources (cloud providers like AWS/Azure/GCP, identity vendors like Okta/Auth0, or auth languages like XACML).

Changes

New Interface: rbac.Provider

• Extends RoleManager with full identity and permission management
• User operations: GetAllUsers(), AddUser(), DeleteUser()
• Role operations: GetAllRoles(), AddRole(), DeleteRole()
• Permission operations: GetPermissions(), AddPermission(), DeletePermission()
• Role-permission operations: GetRolePermissions(), AddRolePermission(), DeleteRolePermission()
• Inherits user-role mapping from RoleManager (AddLink, HasLink, etc.)

Usage Example

type Provider interface {
    RoleManager  // Handles user-role mappings
    
    // User management
    GetAllUsers() ([]string, error)
    AddUser(user string) error
    DeleteUser(user string) error
    
    // Role management  
    GetAllRoles() ([]string, error)
    AddRole(role string) error
    DeleteRole(role string) error
    
    // Permission management
    GetPermissions(subject string) ([][]string, error)
    AddPermission(subject string, permission []string) error
    DeletePermission(subject string, permission []string) error
    
    // Role-permission management
    GetRolePermissions(role string) ([][]string, error)
    AddRolePermission(role string, permission []string) error
    DeleteRolePermission(role string, permission []string) error
}

Implementations can now bridge external authorization systems into Casbin's policy engine.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[feature] add Casbin's Provider interface</issue_title>
<issue_description>the provider is the way to provide identity info for Casbin, including users, roles, user-role-mappings, permissions, role-permission-mappings, etc.

it extends the role manager interface, because role manager only handles user-role-mappings, but provider handles all.

a provider can also be viewed as a way to import other auth permissions into Casbin.

the provider implementations can be cloud providers (like AWS, Azure, GCP) or identity vendors (like Okta, Auth0) or auth languages (like XACML)

this issue will first add the Go interface of Provider to Casbin codebase</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes [feature] add Casbin's Provider interface #1669

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}