RBAC with Domains API
A more friendly API for RBAC with domains. This API is a subset of Management API. The RBAC users could use this API to simplify the code.
Reference
global variable e is Enforcer instance.
Go
e, err := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")
[]()etUsersForRoleInDomain()GetUsersForRoleInDomain 获取具有域内角色的用户。
例如:
Go
res := e.GetUsersForRoleInDomain("alice", "domain1")
[]()GetRolesForUserInDomain()GetRolesForUserInDomain gets the roles that a user has inside a domain.
For example:
Go
res := e.GetRolesForUserInDomain("admin", "domain1")
[]()GetPermissionsForUserInDomain()GetPermissionsForUserInDomain gets permissions for a user or role inside a domain.
For example:
Go
res := e.GetPermissionsForUserInDomain("alice", "domain1")
[]()AddRoleForUserInDomain()AddRoleForUserInDomain adds a role for a user inside a domain. Returns false if the user already has the role (aka not affected).
For example:
Go
ok, err := e.AddRoleForUserInDomain("alice", "admin", "domain1")
[]()DeleteRoleForUserInDomain()DeleteRoleForUserInDomain deletes a role for a user inside a domain. Returns false if the user does not have the role (aka not affected).
For example:
Go
ok, err := e.DeleteRoleForUserInDomain("alice", "admin", "domain1")
[]()DeleteRolesForUserInDomain()DeleteRolesForUserInDomain deletes all roles for a user inside a domain. Returns false if the user does not have any roles (aka not affected).
For example:
Go
ok, err := e.DeleteRolesForUserInDomain("alice", "domain1")
[]()GetAllUsersByDomain()GetAllUsersByDomain would get all users associated with the domain. Returns empty string array if has no domain defined in model.
For example:
Go
res := e.GetAllUsersByDomain("domain1")
[]()DeleteAllUserByDomain()DeleteAllUsersByDomain would delete all users associated with the domain. Returns false if has no domain defined in model.
For example:
Go
ok, err := e.GetUsersForRoleInDomain("alice","domain1")
[]()DeleteDomains()DeleteDomains would delete all associated users and roles. It would delete all domains if parameter is not provided.
For example:
Go
ok, err := e.DeleteDomains("domain1", "domain2")
NOTE If you are handling a domain like name::domain, it may lead to unexpected behavior. In Casbin, :: is a reversed keyword, just like for, if in a programming language, we should never put :: in a domain.