Open
Description
Want to prioritize this issue? Try:
What's your scenario? What do you want to achieve?
I have a set of objects, and I want to check if the user has access to these objects based on a given action type. I am using Casbin .NET and the BatchEnforce service, but I always get false. However, when I loop through the set and use Enforce one by one, I get the correct results
Your model:
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, act, condition, eft
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && eval(p.condition) && (r.act == p.act )Your policy:
p, 66, Write, r.obj.type == "File" || r.obj.color== "Red", allow
p, 55, Read, r.obj.type == "View", allow
Your request(s):
Here is the object I created that implements IRequestValues :
public class ObjectRequest : IRequestValues
{
public string Sub{ get; set; }
public Attributes Obj { get; set; }
public string Action { get; set; }
public bool TrySetValue<T>(int index, T value)
{
try
{
switch (index)
{
case 0:
Sub= value as string ?? throw new InvalidCastException("Submust be a string");
break;
case 1:
Obj=
value as Attributes
?? throw new InvalidCastException("Object must be of type Attributes");
break;
case 2:
Action = value as string ?? throw new InvalidCastException("Action must be a string");
break;
default:
return false;
}
return true;
}
catch
{
return false;
}
}
public string this[int index]
{
get
{
return index switch
{
0 => Sub,
1 => Obj.ToString(),
3 => Action,
_ => throw new IndexOutOfRangeException($"Invalid index: {index}")
};
}
}
public int Count => 3;
}
And here is the Attributes object definition :
public class Attributes : IRequestValues
{
public string type{ get; set; }
public string color{ get; set; }
public override string ToString()
{
return JsonConvert.SerializeObject(this);
}
}
Metadata
Metadata
Assignees
Labels
No labels