Getting Started
In order to use Casbin, you need to provide two important elements:
-
The policy model: This is, typically, implemented in a .conf file but it can be built at run-time or provided to Casbin via other sources
-
The policy rules: This is, typically, implemented as a csv file but it can be created at run-time or provided from other sources (eg. a database, a LDAP layer, etc.)
For full details, please visit this page.
The most basic and simplest model in Casbin is ACL. ACL's model CONF looks like this:
# Request definition
[request_definition]
r = sub, obj, act
# Policy definition
[policy_definition]
p = sub, obj, act
# Policy effect
[policy_effect]
e = some(where (p.eft == allow))
# Matchers
[matchers]
m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
The above configuration follows the Go language.
Casbin4D understands it but you can also use the typical Delphi/Pascal style:
...
[matchers]
m = r.sub = p.sub and r.obj = p.sub and r.act = p.act
An example policy for ACL model is like:
p, alice, data1, read
p, bob, data2, write
For Casbin this means that:
- alice can read data1
- bob can write data2
Then, in your application instantiate a new Casbin (interfaced) object and pass the required files:
var
casbin: ICasbin;
begin
casbin:=TCasbin.Create ('model.conf', 'policies.csv');
...
end
and, finally, test (enforce) an assertion:
...
if casbin.enforce(['alice,data1,read']) then
// Alice is super happy as she can read data1
else
// Alice is sad
...
