How to do Role hierarchy with domain using casbin #481
Description
Hi for my usage,I need to setup casbin with role hierarchy to avoid duplication beetwen domain.
Example of policies
### Define global user role permissions
p, abstract_roles1, devis, read, *
p, abstract_roles1, devis, create, *
p, abstract_roles2, devis, read, *
p, abstract_roles2, organization, read, *
p, abstract_roles2, organization, write, *
### Define role inheritance
g, roles1, abstract_roles1, tenant1
g, roles1, abstract_roles1, tenant2
g, roles1, abstract_roles1, tenant3
g, roles2, abstract_roles2, tenant1
g, roles2, abstract_roles2, tenant2
g, roles2, abstract_roles2, tenant3
g, super_user, abstract_roles2, *
### Assign users to roles
g, michael, roles1, tenant1
g, antoine, roles1, tenant2
g, kevin, roles1, tenant3
g, thomas, roles2, tenant1
g, thomas, roles2, tenant2
g, lucie, roles2, tenant3
g, theo, super_user, *
Example of configuration
[request_definition]
r = sub, obj, act, dom
[policy_definition]
p = sub, obj, act, dom, eft
[role_definition]
g = _, _, _
[policy_effect]
e = some(where (p.eft == allow)) && !some(where (p.eft == deny))
[matchers]
m = (g(r.sub, p.sub, r.dom) || g(r.sub, p.sub, '*')) && (p.dom == '*' || r.dom == p.dom) && r.obj == p.obj && r.act == p.act
Is this method the best approach, or are there alternative methods available? How can I retrieve all permissions for a user using this library?
Currently, this.enforcer.getImplicitPermissionsForUser() is not functioning as intended.