RBAC with Domains API
A more friendly API for RBAC with domains. This API is a subset of Management API. The RBAC users could use this API to simplify the code.
Reference
global variable e
is Enforcer instance.
e, err := NewEnforcer("examples/rbac_with_domains_model.conf", "examples/rbac_with_domains_policy.csv")
const e = await newEnforcer('examples/rbac_with_domains_model.conf', 'examples/rbac_with_domains_policy.csv')
$e = new Enforcer('examples/rbac_with_domains_model.conf', 'examples/rbac_with_domains_policy.csv');
e = casbin.Enforcer("examples/rbac_with_domains_model.conf", "examples/rbac_with_domains_policy.csv")
var e = new Enforcer("examples/rbac_with_domains_model.conf", "examples/rbac_with_domains_policy.csv");
let mut e = Enforcer::new("examples/rbac_with_domains_model.conf", "examples/rbac_with_domains_policy.csv").await?;
Enforcer e = new Enforcer("examples/rbac_with_domains_model.conf", "examples/rbac_with_domains_policy.csv");
GetUsersForRoleInDomain()
GetUsersForRoleInDomain gets the users that has a role inside a domain.
For example:
res := e.GetUsersForRoleInDomain("admin", "domain1")
const res = e.getUsersForRoleInDomain("admin", "domain1")
res = e.get_users_for_role_in_domain("admin", "domain1")
GetRolesForUserInDomain()
GetRolesForUserInDomain gets the roles that a user has inside a domain.
For example:
res := e.GetRolesForUserInDomain("admin", "domain1")
const res = e.getRolesForUserInDomain("alice", "domain1")
res = e.get_roles_for_user_in_domain("alice", "domain1")
List<String> res = e.getRolesForUserInDomain("admin", "domain1");
GetPermissionsForUserInDomain()
GetPermissionsForUserInDomain gets permissions for a user or role inside a domain.
For example:
res := e.GetPermissionsForUserInDomain("alice", "domain1")
List<List<String>> res = e.getPermissionsForUserInDomain("alice", "domain1");
AddRoleForUserInDomain()
AddRoleForUserInDomain adds a role for a user inside a domain. Returns false if the user already has the role (aka not affected).
For example:
ok, err := e.AddRoleForUserInDomain("alice", "admin", "domain1")
ok = e.add_role_for_user_in_domain("alice", "admin", "domain1")
boolean ok = e.addRoleForUserInDomain("alice", "admin", "domain1");
DeleteRoleForUserInDomain()
DeleteRoleForUserInDomain deletes a role for a user inside a domain. Returns false if the user does not have the role (aka not affected).
For example:
ok, err := e.DeleteRoleForUserInDomain("alice", "admin", "domain1")
boolean ok = e.deleteRoleForUserInDomain("alice", "admin", "domain1");
DeleteRolesForUserInDomain()
DeleteRolesForUserInDomain deletes all roles for a user inside a domain. Returns false if the user does not have any roles (aka not affected).
For example:
ok, err := e.DeleteRolesForUserInDomain("alice", "domain1")
GetAllUsersByDomain()
GetAllUsersByDomain would get all users associated with the domain. Returns empty string array if has no domain defined in model.
For example:
res := e.GetAllUsersByDomain("domain1")
DeleteAllUsersByDomain()
DeleteAllUsersByDomain would delete all users associated with the domain. Returns false if has no domain defined in model.
For example:
ok, err := e.DeleteAllUsersByDomain("domain1")
DeleteDomains()
DeleteDomains would delete all associated users and roles. It would delete all domains if parameter is not provided.
For example:
ok, err := e.DeleteDomains("domain1", "domain2")
GetAllDomains()
GetAllDomains would get all domains.
For example:
res, _ := e.GetAllDomains()
note
If you are handling a domain like name::domain
, it may lead to unexpected behavior. In Casbin, ::
is a reversed keyword, just like for
, if
in a programming language, we should never put ::
in a domain.