Session Role Manager is the Session-based role manager for Casbin. With this library, Casbin can load session-based role hierarchy (user-role mapping) from Casbin policy or save role hierarchy to it. The session is only active in the specified time range.
go get github.com/casbin/session-role-manager
package main import ( "github.com/casbin/casbin/v2" fileadapter "github.com/casbin/casbin/v2/persist/file-adapter" sessionrolemanager "github.com/casbin/session-role-manager" ) func main() { // NewEnforcer(modelPath, policyPath) automatically uses the default // role manager when loading policy. So if we want to use a custom // role manager, and this role manager relies on Casbin policy, // we should manually set the role manager before loading policy. e, err := casbin.NewEnforcer("examples/rbac_model_with_sessions.conf") if err != nil { panic(err) } // Manually set an adapter. a := fileadapter.NewAdapter("examples/rbac_policy_with_sessions.csv") e.SetAdapter(a) // Use our role manager. rm := sessionrolemanager.NewRoleManager(10) e.SetRoleManager(rm) // If our role manager relies on Casbin policy (like reading "g" // policy rules), then we have to set the role manager before loading // policy. // // Otherwise, we can set the role manager at any time, because role // manager has nothing to do with the adapter. e.LoadPolicy() // Check the permission. // the 4th arg is the querying time in UNIX time format. e.Enforce("alice", "data1", "read", "1508503308708987131") }
This project is under Apache 2.0 License. See the LICENSE file for the full license text.