examples/orbac_model.conf - casbin - Git at Google

 [request_definition]
 r = sub, org, obj, act

 [policy_definition]
 p = role, activity, view, org

 [role_definition]
 g = _, _, _
 g2 = _, _, _
 g3 = _, _, _

 [policy_effect]
 e = some(where (p.eft == allow))

 [matchers]
 m = g(r.sub, p.role, r.org) && g2(r.act, p.activity, r.org) && g3(r.obj, p.view, r.org) && r.org == p.org
	[request_definition]
	r = sub, org, obj, act

	[policy_definition]
	p = role, activity, view, org

	[role_definition]
	g = _, _, _
	g2 = _, _, _
	g3 = _, _, _

	[policy_effect]
	e = some(where (p.eft == allow))

	[matchers]
	m = g(r.sub, p.role, r.org) && g2(r.act, p.activity, r.org) && g3(r.obj, p.view, r.org) && r.org == p.org