You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What's your scenario? What do you want to achieve?
I’m after some guidance given I’m struggling to work out how best to model my authorization requirements using Casbin. My own attempt feels like it falls a bit short because I've pushed a lot of the complexity into the matcher leaving the policies themselves seemingly redundant. Any help would be very much appreciated.
Here’s a summary of the entities:
I have a User with ID, type (customer or admin) & active time range (defined by a start & finish)
I also have a Store with ID & active time range
A StoreUser represents a relationship between a User & a Store. It has a userID, storeID & active time range
User A is allowed to view Store B if:
The User A is active & Store B is active & an active StoreUser exists with userID ‘A’ and storeID ‘B’
Or, User A has type ‘admin’
A few extra points:
There are a significant number of Users and Stores. Looking at Casbin docs on performance optimization I’m guessing we don’t want the number of policies to scale with the number of Users & Stores.
There may be many StoreUser entries for the same User & Store. Each of these will have non-overlapping active time ranges. e.g
What's your scenario? What do you want to achieve?
I’m after some guidance given I’m struggling to work out how best to model my authorization requirements using Casbin. My own attempt feels like it falls a bit short because I've pushed a lot of the complexity into the matcher leaving the policies themselves seemingly redundant. Any help would be very much appreciated.
Here’s a summary of the entities:
A few extra points:
Your model:
Your policy:
Your request(s):
Assuming these request were made at “2023-01-20T00:00:00”....
The text was updated successfully, but these errors were encountered: