why my casbin is always ture,even I used e.loadpolicy[Question]

Question

why my casbin is always ture,even I used e.loadpolicy[Question]

liutheuniverse opened this issue 2 years ago · comments

Want to prioritize this issue? Try:

What's your scenario? What do you want to achieve?
Your answer here

Your model:

[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act,eft

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow)) && !some(where (p.eft == deny))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act

Your policy:

g,caixukun,admin_produce
p,admin_produce,data3,write,allow
g,caofengze,admin_purchase
p,admin_purchase,data3,write,allow
p,caixukun,data3,write,deny

Your request(s):

caixukun, data3, write ---> true (expected:false)

Your code:

@user.post("/user/api/request")
def request(user:casbin):
    sub=user.username
    obj=user.obj
    act=user.act
    e.load_policy()
    if e.enforce(sub,obj,act)==True:
        return {"allow":"allow to run the sector"}
    else:
        return {"error":"UNAUTHENTICATE"}

casbin-bot · Answer 1 · Mon Jan 16 2023 22:36:47 GMT+0800 (China Standard Time)

@techoner @Nekotoxin