管理 API

提供对Casbin策略管理完全支持的基本API。

筛选的 API

几乎所有的带有过滤器的api有着相同的参数 (fieldIndex int, fieldValues ...string). field index 是匹配起始点的索引。 field Value 表示结果应该有的值。请注意字段值中的空字符串可以是任意单词。

示例:

p, alice, book, read
p, bob, book, read
p, bob, book, write
p, alice, pen, get
p, bob, pen ,get

e.GetFilteredPolicy(1, "book") // 将返回：[Alice book read] [bob book read] [bob book write]]

e.GetFilteredPolicy(1, "book", "read") // 将返回: [[Alice book read] [bob book read]]

e.GetFilteredPolicy(0, "Alice", "", "read") // 将返回: [[Alice book read]]

e.GetFilteredPolicy(0, "Alice") // 将返回: [Alice book read] [Alice penge]]

参考

全局变量 e 是 Enforcer 实例。

e, err := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")

const e = await newEnforcer('examples/rbac_model.conf', 'examples/rbac_policy.csv')

$e = new Enforcer('examples/rbac_model.conf', 'examples/rbac_policy.csv');

e = casbin.Enforcer("examples/rbac_model.conf", "examples/rbac_policy.csv")

var e = new Enforcer("path/to/model.conf", "path/to/policy.csv");

let mut e = Enforce::new("examples/rbac_model.conf", "examples/rbac_policy.csv").await?;

Enforcer e = new Enforcer("examples/rbac_model.conf", "examples/rbac_policy.csv");

`Enforce()`

Enforce决定“主体”是否能够用“动作”操作访问“对象”，输入参数通常是: (sub, obj, act)。

例如:

Go
Node.js
PHP
Python
Java

ok, err := e.Enforce(request)

const ok = await e.enforce(request);

$ok = $e->enforcer($request);

ok = e.enforcer(request)

boolean ok = e.enforce(request);

`EnforceWithMatcher()`

EnforceWithMatcher使用自定义匹配器来决定“subject”是否可以通过"action"操作访问“object”，输入参数通常为：(matcher, sub, obj, act)，在匹配器为""时默认使用模型匹配器。

例如:

Go
PHP
Python
Java

ok, err := e.EnforceWithMatcher(matcher, request)

$ok = $e->enforceWithMatcher($matcher, $request);

ok = e.enforce_with_matcher(matcher, request)

boolean ok = e.enforceWithMatcher(matcher, request);

`EnforceEx()`

EnforceEx 通过通知匹配的规则来解释执行

例如:

Go
Node.js
PHP
Python

ok, reason, err := e.EnforceEx(request)

const ok = await e.enforceEx(request);

list($ok, $reason) = $e->enforceEx($request);

ok, reason = e.enforce_ex(request)

`EnforceExWithMatcher()`

EnforceExWEMatcher 使用自定义匹配器并通过通知匹配的规则来解释强制执行。

例如:

ok, reason, err := e.EnforceExWithMatcher(matcher, request)

`BatchEnforce()`

BatchEnforce 强制执行每个请求并返回一个布尔数组的结果

例如:

Go
Node.js
Java

boolArray, err := e.BatchEnforce(requests)

const boolArray = await e.batchEnforce(requests);

List<Boolean> boolArray = e.batchEnforce(requests);

`GetAllSubjects()`

GetAllSubjects 获取当前策略中显示的主题列表。

例如:

allSubjects := e.GetAllSubjects()

const allSubjects = await e.getAllSubjects()

$allSubjects = $e->getAllSubjects();

all_subjects = e.get_all_subjects()

var allSubjects = e.GetAllSubjects();

let all_subjects = e.get_all_subjects();

List<String> allSubjects = e.getAllSubjects();

`GetAllNamedSubjects()`

GetAllNamedSubjects 获取当前命名策略中显示的主题列表。

例如:

allNamedSubjects := e.GetAllNamedSubjects("p")

const allNamedSubjects = await e.getAllNamedSubjects('p')

$allNamedSubjects = $e->getAllNamedSubjects("p");

all_named_subjects = e.get_all_named_subjects("p")

var allNamedSubjects = e.GetAllNamedSubjects("p");

let all_named_subjects = e.get_all_named_subjects("p");

List<String> allNamedSubjects = e.getAllNamedSubjects("p");

`GetAllObjects()`

GetAllObjects 获取当前策略中显示的对象列表。

例如:

allObjects := e.GetAllObjects()

const allObjects = await e.getAllObjects()

$allObjects = $e->getAllObjects();

all_objects = e.get_all_objects()

var allObjects = e.GetAllObjects();

let all_objects = e.get_all_objects();

List<String> allObjects = e.getAllObjects();

`GetAllNamedObjects()`

GetAllNamedObjects 获取当前命名策略中显示的对象列表。

例如:

allNamedObjects := e.GetAllNamedObjects("p")

const allNamedObjects = await e.getAllNamedObjects('p')

$allNamedObjects = $e->getAllNamedObjects("p");

all_named_objects = e.get_all_named_objects("p")

var allNamedObjects = e.GetAllNamedObjects("p");

let all_named_objects = e.get_all_named_objects("p");

List<String> allNamedObjects = e.getAllNamedObjects("p");

`GetAllActions()`

GetAllActions 获取当前策略中显示的操作列表。

例如：

allActions := e.GetAllActions()

const allActions = await e.getAllActions()

$allActions = $e->getAllActions();

all_actions = e.get_all_actions()

var allActions = e.GetAllActions();

let all_actions = e.get_all_actions();

List<String> allActions = e.getAllActions();

`GetAllNamedActions()`

GetAllNamedActions 获取当前命名策略中显示的操作列表。

例如：

allNamedActions := e.GetAllNamedActions("p")

const allNamedActions = await e.getAllNamedActions('p')

$allNamedActions = $e->getAllNamedActions("p");

all_named_actions = e.get_all_named_actions("p")

var allNamedActions = e.GetAllNamedActions("p");

let all_named_actions = e.get_all_named_actions("p");

List<String> allNamedActions = e.getAllNamedActions("p");

`GetAllRoles()`

GetAllRoles获取当前策略中显示的角色列表。

例如：

allRoles = e.GetAllRoles()

const allRoles = await e.getAllRoles()

$allRoles = $e->getAllRoles();

all_roles = e.get_all_roles()

var allRoles = e.GetAllRoles();

let all_roles = e.get_all_roles();

List<String> allRoles = e.getAllRoles();

`GetAllNamedRoles()`

GetAllNamedRoles 获取当前命名策略中显示的角色列表。

例如：

allNamedRoles := e.GetAllNamedRoles("g")

const allNamedRoles = await e.getAllNamedRoles('g')

$allNamedRoles = $e->getAllNamedRoles('g');

all_named_roles = e.get_all_named_roles("g")

var allNamedRoles = e.GetAllNamedRoles("g");

let all_named_roles = e.get_all_named_roles("g");

List<String> allNamedRoles = e.getAllNamedRoles("g");

`GetPolicy()`

GetPolicy 获取策略中的所有授权规则。

例如：

policy = e.GetPolicy()

const policy = await e.getPolicy()

$policy = $e->getPolicy();

policy = e.get_policy()

var policy = e.GetPolicy();

let policy = e.get_policy();

List<List<String>> policy = e.getPolicy();

`GetFilteredPolicy()`

GetFilteredPolicy 获取策略中的所有授权规则，可以指定字段筛选器。

例如：

filteredPolicy := e.GetFilteredPolicy(0, "alice")

const filteredPolicy = await e.getFilteredPolicy(0, 'alice')

$filteredPolicy = $e->getFilteredPolicy(0, "alice");

filtered_policy = e.get_filtered_policy(0, "alice")

var filteredPolicy = e.GetFilteredPolicy(0, "alice");

let filtered_policy = e.get_filtered_policy(0, vec!["alice".to_owned()]);

List<List<String>> filteredPolicy = e.getFilteredPolicy(0, "alice");

`GetNamedPolicy()`

GetNamedPolicy 获取命名策略中的所有授权规则。

例如：

namedPolicy := e.GetNamedPolicy("p")

const namedPolicy = await e.getNamedPolicy('p')

$namedPolicy = $e->getNamedPolicy("p");

named_policy = e.get_named_policy("p")

var namedPolicy = e.GetNamedPolicy("p");

let named_policy = e.get_named_policy("p");

List<List<String>> namedPolicy = e.getNamedPolicy("p");

`GetFilteredNamedPolicy()`

GetFilteredNamedPolicy 获取命名策略中的所有授权规则，可以指定字段过滤器。

例如：

filteredNamedPolicy = e.GetFilteredNamedPolicy("p", 0, "bob")

const filteredNamedPolicy = await e.getFilteredNamedPolicy('p', 0, 'bob')

$filteredNamedPolicy = $e->getFilteredNamedPolicy("p", 0, "bob");

filtered_named_policy = e.get_filtered_named_policy("p", 0, "alice")

var filteredNamedPolicy = e.GetFilteredNamedPolicy("p", 0, "alice");

let filtered_named_policy = e.get_filtered_named_policy("p", 0, vec!["bob".to_owned()]);

List<List<String>> filteredNamedPolicy = e.getFilteredNamedPolicy("p", 0, "bob");

`GetGroupingPolicy()`

GetGroupingPolicy 获取策略中的所有角色继承规则。

例如：

groupingPolicy := e.GetGroupingPolicy()

const groupingPolicy = await e.getGroupingPolicy()

$groupingPolicy = $e->getGroupingPolicy();

grouping_policy = e.get_grouping_policy()

var groupingPolicy = e.GetGroupingPolicy();

let grouping_policy = e.get_grouping_policy();

List<List<String>> groupingPolicy = e.getGroupingPolicy();

`GetFilteredGroupingPolicy()`

GetFilteredGroupingPolicy 获取策略中的所有角色继承规则，可以指定字段筛选器。

例如：

filteredGroupingPolicy := e.GetFilteredGroupingPolicy(0, "alice")

const filteredGroupingPolicy = await e.getFilteredGroupingPolicy(0, 'alice')

$filteredGroupingPolicy = $e->getFilteredGroupingPolicy(0, "alice");

filtered_grouping_policy = e.get_filtered_grouping_policy(0, "alice")

var filteredGroupingPolicy = e.GetFilteredGroupingPolicy(0, "alice");

let filtered_grouping_policy = e.get_filtered_grouping_policy(0, vec!["alice".to_owned()]);

List<List<String>> filteredGroupingPolicy = e.getFilteredGroupingPolicy(0, "alice");

`GetNamedGroupingPolicy()`

GetNamedGroupingPolicy 获取策略中的所有角色继承规则。

例如：

namedGroupingPolicy := e.GetNamedGroupingPolicy("g")

const namedGroupingPolicy = await e.getNamedGroupingPolicy('g')

$namedGroupingPolicy = $e->getNamedGroupingPolicy("g");

named_grouping_policy = e.get_named_grouping_policy("g")

var namedGroupingPolicy = e.GetNamedGroupingPolicy("g");

let named_grouping_policy = e.get_named_grouping_policy("g");

List<List<String>> namedGroupingPolicy = e.getNamedGroupingPolicy("g");

`GetFilteredNamedGroupingPolicy()`

GetFilteredNamedGroupingPolicy 获取策略中的所有角色继承规则。

例如：

namedGroupingPolicy := e.GetFilteredNamedGroupingPolicy("g", 0, "alice")

const namedGroupingPolicy = await e.getFilteredNamedGroupingPolicy('g', 0, 'alice')

$namedGroupingPolicy = $e->getFilteredNamedGroupingPolicy("g", 0, "alice");

named_grouping_policy = e.get_filtered_named_grouping_policy("g", 0, "alice")

var namedGroupingPolicy = e.GetFilteredNamedGroupingPolicy("g", 0, "alice");

let named_grouping_policy = e.get_filtered_named_groupingPolicy("g", 0, vec!["alice".to_owned()]);

List<List<String>> filteredNamedGroupingPolicy = e.getFilteredNamedGroupingPolicy("g", 0, "alice");

`HasPolicy()`

HasPolicy 确定是否存在授权规则。

例如：

hasPolicy := e.HasPolicy("data2_admin", "data2", "read")

const hasPolicy = await e.hasPolicy('data2_admin', 'data2', 'read')

$hasPolicy = $e->hasPolicy('data2_admin', 'data2', 'read');

has_policy = e.has_policy("data2_admin", "data2", "read")

var hasPolicy = e.HasPolicy("data2_admin", "data2", "read");

let has_policy = e.has_policy(vec!["data2_admin".to_owned(), "data2".to_owned(), "read".to_owned()]);

boolean hasPolicy = e.hasPolicy("data2_admin", "data2", "read");

`HasNamedPolicy()`

HasNamedPolicy 确定是否存在命名授权规则。

例如：

hasNamedPolicy := e.HasNamedPolicy("p", "data2_admin", "data2", "read")

const hasNamedPolicy = await e.hasNamedPolicy('p', 'data2_admin', 'data2', 'read')

$hasNamedPolicy = $e->hasNamedPolicy("p", "data2_admin", "data2", "read");

has_named_policy = e.has_named_policy("p", "data2_admin", "data2", "read")

var hasNamedPolicy = e.HasNamedPolicy("p", "data2_admin", "data2", "read");

let has_named_policy = e.has_named_policy("p", vec!["data2_admin".to_owned(), "data2".to_owned(), "read".to_owned()]);

boolean hasNamedPolicy = e.hasNamedPolicy("p", "data2_admin", "data2", "read");

`AddPolicy()`

AddPolicy 向当前策略添加授权规则。如果规则已经存在，函数返回false，并且不会添加规则。否则，函数通过添加新规则并返回true。

例如：

added := e.AddPolicy('eve', 'data3', 'read')

const p = ['eve', 'data3', 'read']
const added = await e.addPolicy(...p)

$added = $e->addPolicy('eve', 'data3', 'read');

added = e.add_policy("eve", "data3", "read")

var added = e.AddPolicy("eve", "data3", "read");
or
var added = await e.AddPolicyAsync("eve", "data3", "read");

let added = e.add_policy(vec!["eve".to_owned(), "data3".to_owned(), "read".to_owned()]);

boolean added = e.addPolicy("eve", "data3", "read");

`AddPolicies()`

AddPolicy 向当前策略添加授权许多规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回false，当前政策中没有添加任何政策规则。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都被添加到目前的政策中。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"jack", "data4", "read"},
    []string {"katy", "data4", "write"},
    []string {"leyo", "data4", "read"},
    []string {"ham", "data4", "write"},
}

areRulesAdded := e.AddPolicies(rules)

const rules = [
    ['jack', 'data4', 'read'],
    ['katy', 'data4', 'write'],
    ['leyo', 'data4', 'read'],
    ['ham', 'data4', 'write']
];

const areRulesAdded = await e.addPolicies(rules);

rules = [
    ["jack", "data4", "read"],
    ["katy", "data4", "write"],
    ["leyo", "data4", "read"],
    ["ham", "data4", "write"]
]
are_rules_added = e.add_policies(rules)

let rules = vec![
    vec!["jack".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["katy".to_owned(), "data4".to_owned(), "write".to_owned()],
    vec!["leyo".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["ham".to_owned(), "data4".to_owned(), "write".to_owned()],
];

let are_rules_added = e.add_policies(rules).await?

String[][] rules = {
    {"jack", "data4", "read"},
    {"katy", "data4", "write"},
    {"leyo", "data4", "read"},
    {"ham", "data4", "write"},
};

boolean areRulesAdded = e.addPolicies(rules);

`AddPoliciesEx()`

AddPoliciesEx adds authorization rules to the current policy. If the rule already exists, the rule will not be added. But unlike AddPolicies, other non-existent rules are added instead of returning false directly

例如：

ok, err := e.AddPoliciesEx([][]string{{"user1", "data1", "read"}, {"user2", "data2", "read"}})

`AddNamedPolicy()`

AddNamedPolicy 向当前命名策略添加授权规则。如果规则已经存在，函数返回false，并且不会添加规则。否则，函数通过添加新规则并返回true。

例如：

added := e.AddNamedPolicy("p", "eve", "data3", "read")

const p = ['eve', 'data3', 'read']
const added = await e.addNamedPolicy('p', ...p)

$added = $e->addNamedPolicy("p", "eve", "data3", "read");

added = e.add_named_policy("p", "eve", "data3", "read")

var added = e.AddNamedPolicy("p", "eve", "data3", "read");
or
var added = await e.AddNamedPolicyAsync("p", "eve", "data3", "read");

let added = e.add_named_policy("p", vec!["eve".to_owned(), "data3".to_owned(), "read".to_owned()]).await?;

boolean added = e.addNamedPolicy("p", "eve", "data3", "read");

`AddNamedPolicies()`

AddNamedPolicies 向当前命名策略中添加授权规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回false，当前政策中没有添加任何政策规则。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都被添加到目前的政策中。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"jack", "data4", "read"},
    []string {"katy", "data4", "write"},
    []string {"leyo", "data4", "read"},
    []string {"ham", "data4", "write"},
}

areRulesAdded := e.AddNamedPolicies("p", rules)

const rules = [
    ['jack', 'data4', 'read'],
    ['katy', 'data4', 'write'],
    ['leyo', 'data4', 'read'],
    ['ham', 'data4', 'write']
];

const areRulesAdded = await e.addNamedPolicies('p', rules);

rules = [
    ["jack", "data4", "read"],
    ["katy", "data4", "write"],
    ["leyo", "data4", "read"],
    ["ham", "data4", "write"]
]
are_rules_added = e.add_named_policies("p", rules)

let rules = vec![
    vec!["jack".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["katy".to_owned(), "data4".to_owned(), "write".to_owned()],
    vec!["leyo".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["ham".to_owned(), "data4".to_owned(), "write".to_owned()],
];

let are_rules_added := e.add_named_policies("p", rules).await?;

List<List<String>> rules = Arrays.asList(
    Arrays.asList("jack", "data4", "read"),
    Arrays.asList("katy", "data4", "write"),
    Arrays.asList("leyo", "data4", "read"),
    Arrays.asList("ham", "data4", "write")
);
boolean areRulesAdded = e.addNamedPolicies("p", rules);

`AddNamedPoliciesEx()`

AddNamedPoliciesEx adds authorization rules to the current named policy. If the rule already exists, the rule will not be added. But unlike AddNamedPolicies, other non-existent rules are added instead of returning false directly

例如：

ok, err := e.AddNamedPoliciesEx("p", [][]string{{"user1", "data1", "read"}, {"user2", "data2", "read"}})

`SelfAddPoliciesEx()`

SelfAddPoliciesEx adds authorization rules to the current named policy with autoNotifyWatcher disabled. If the rule already exists, the rule will not be added. But unlike SelfAddPolicies, other non-existent rules are added instead of returning false directly

例如：

ok, err := e.SelfAddPoliciesEx("p", "p", [][]string{{"user1", "data1", "read"}, {"user2", "data2", "read"}})

`RemovePolicy()`

RemovePolicy 从当前策略中删除授权规则。

例如：

removed := e.RemovePolicy("alice", "data1", "read")

const p = ['alice', 'data1', 'read']
const removed = await e.removePolicy(...p)

$removed = $e->removePolicy("alice", "data1", "read");

removed = e.remove_policy("alice", "data1", "read")

var removed = e.RemovePolicy("alice", "data1", "read");
or
var removed = await e.RemovePolicyAsync("alice", "data1", "read");

let removed = e.remove_policy(vec!["alice".to_owned(), "data1".to_owned(), "read".to_owned()]).await?;

boolean removed = e.removePolicy("alice", "data1", "read");

`RemovePolicies()`

RemovePolicies 从当前策略中删除授权规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回 false ，当前政策中没有任何政策规则被删除。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都从现行政策中删除。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"jack", "data4", "read"},
    []string {"katy", "data4", "write"},
    []string {"leyo", "data4", "read"},
    []string {"ham", "data4", "write"},
}

areRulesRemoved := e.RemovePolicies(rules)

const rules = [
    ['jack', 'data4', 'read'],
    ['katy', 'data4', 'write'],
    ['leyo', 'data4', 'read'],
    ['ham', 'data4', 'write']
];

const areRulesRemoved = await e.removePolicies(rules);

rules = [
    ["jack", "data4", "read"],
    ["katy", "data4", "write"],
    ["leyo", "data4", "read"],
    ["ham", "data4", "write"]
]
are_rules_removed = e.remove_policies(rules)

let rules = vec![
    vec!["jack".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["katy".to_owned(), "data4".to_owned(), "write".to_owned()],
    vec!["leyo".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["ham".to_owned(), "data4".to_owned(), "write".to_owned()],
];

let are_rules_removed = e.remove_policies(rules).await?;

String[][] rules = {
    {"jack", "data4", "read"},
    {"katy", "data4", "write"},
    {"leyo", "data4", "read"},
    {"ham", "data4", "write"},
};
boolean areRulesRemoved = e.removePolicies(rules);

`RemoveFilteredPolicy()`

RemoveFilteredPolicy 移除当前策略中的授权规则，可以指定字段筛选器。 RemovePolicy 从当前策略中删除授权规则。

例如：

removed := e.RemoveFilteredPolicy(0, "alice", "data1", "read")

const p = ['alice', 'data1', 'read']
const removed = await e.removeFilteredPolicy(0, ...p)

$removed = $e->removeFilteredPolicy(0, "alice", "data1", "read");

removed = e.remove_filtered_policy(0, "alice", "data1", "read")

var removed = e.RemoveFilteredPolicy("alice", "data1", "read");
or
var removed = await e.RemoveFilteredPolicyAsync("alice", "data1", "read");

let removed = e.remove_filtered_policy(0, vec!["alice".to_owned(), "data1".to_owned(), "read".to_owned()]).await?;

boolean removed = e.removeFilteredPolicy(0, "alice", "data1", "read");

`RemoveNamedPolicy()`

RemoveNamedPolicy 从当前命名策略中删除授权规则。

例如：

removed := e.RemoveNamedPolicy("p", "alice", "data1", "read")

const p = ['alice', 'data1', 'read']
const removed = await e.removeNamedPolicy('p', ...p)

$removed = $e->removeNamedPolicy("p", "alice", "data1", "read");

removed = e.remove_named_policy("p", "alice", "data1", "read")

var removed = e.RemoveNamedPolicy("p", "alice", "data1", "read");
or
var removed = await e.RemoveNamedPolicyAsync("p", "alice", "data1", "read");

let removed = e.remove_named_policy("p", vec!["alice".to_owned(), "data1".to_owned(), "read".to_owned()]).await?;

boolean removed = e.removeNamedPolicy("p", "alice", "data1", "read");

`RemoveNamedPolicies()`

RemoveNamedPolicies 从当前命名策略中删除授权规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回 false ，当前政策中没有任何政策规则被删除。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都从现行政策中删除。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"jack", "data4", "read"},
    []string {"katy", "data4", "write"},
    []string {"leyo", "data4", "read"},
    []string {"ham", "data4", "write"},
}

areRulesRemoved := e.RemoveNamedPolicies("p", rules)

const rules = [
    ['jack', 'data4', 'read'],
    ['katy', 'data4', 'write'],
    ['leyo', 'data4', 'read'],
    ['ham', 'data4', 'write']
];

const areRulesRemoved = await e.removeNamedPolicies('p', rules);

rules = [
    ["jack", "data4", "read"],
    ["katy", "data4", "write"],
    ["leyo", "data4", "read"],
    ["ham", "data4", "write"]
]
are_rules_removed = e.remove_named_policies("p", rules)

let rules = vec![
    vec!["jack".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["katy".to_owned(), "data4".to_owned(), "write".to_owned()],
    vec!["leyo".to_owned(), "data4".to_owned(), "read".to_owned()],
    vec!["ham".to_owned(), "data4".to_owned(), "write".to_owned()],
];

let areRulesRemoved = e.remove_named_policies("p", rules).await?;

List<List<String>> rules = Arrays.asList(
    Arrays.asList("jack", "data4", "read"),
    Arrays.asList("katy", "data4", "write"),
    Arrays.asList("leyo", "data4", "read"),
    Arrays.asList("ham", "data4", "write")
);
boolean areRulesRemoved = e.removeNamedPolicies("p", rules);

`RemoveFilteredNamedPolicy()`

RemoveFilteredNamedPolicy 从当前命名策略中移除授权规则，可以指定字段筛选器。

例如：

removed := e.RemoveFilteredNamedPolicy("p", 0, "alice", "data1", "read")

const p = ['alice', 'data1', 'read']
const removed = await e.removeFilteredNamedPolicy('p', 0, ...p)

$removed = $e->removeFilteredNamedPolicy("p", 0, "alice", "data1", "read");

removed = e.remove_filtered_named_policy("p", 0, "alice", "data1", "read")

var removed = e.RemoveFilteredNamedPolicy("p", 0, "alice", "data1", "read");
or
var removed = e.RemoveFilteredNamedPolicyAync("p", 0, "alice", "data1", "read");

let removed = e.remove_filtered_named_policy("p", 0, vec!["alice".to_owned(), "data1".to_owned(), "read".to_owned()]).await?;

boolean removed = e.removeFilteredNamedPolicy("p", 0, "alice", "data1", "read");

`HasGroupingPolicy()`

HasGroupingPolicy 确定是否存在角色继承规则。

例如：

has := e.HasGroupingPolicy("alice", "data2_admin")

const has = await e.hasGroupingPolicy('alice', 'data2_admin')

$has = $e->hasGroupingPolicy("alice", "data2_admin");

has = e.has_grouping_policy("alice", "data2_admin")

var has = e.HasGroupingPolicy("alice", "data2_admin");

let has = e.has_grouping_policy(vec!["alice".to_owned(), "data2_admin".to_owned()]);

boolean has = e.hasGroupingPolicy("alice", "data2_admin");

`HasNamedGroupingPolicy()`

HasNamedGroupingPolicy 确定是否存在命名角色继承规则。

例如：

has := e.HasNamedGroupingPolicy("g", "alice", "data2_admin")

const has = await e.hasNamedGroupingPolicy('g', 'alice', 'data2_admin')

$has = $e->hasNamedGroupingPolicy("g", "alice", "data2_admin");

has = e.has_named_grouping_policy("g", "alice", "data2_admin")

var has = e.HasNamedGroupingPolicy("g", "alice", "data2_admin");

let has = e.has_named_grouping_policy("g", vec!["alice".to_owned(), "data2_admin".to_owned()]);

boolean has = e.hasNamedGroupingPolicy("g", "alice", "data2_admin");

`AddGroupingPolicy()`

AddGroupingPolicy 向当前策略添加角色继承规则。如果规则已经存在，函数返回false，并且不会添加规则。否则，函数通过添加新规则并返回true。

例如：

added := e.AddGroupingPolicy("group1", "data2_admin")

const added = await e.addGroupingPolicy('group1', 'data2_admin')

$added = $e->addGroupingPolicy("group1", "data2_admin");

added = e.add_grouping_policy("group1", "data2_admin")

var added = e.AddGroupingPolicy("group1", "data2_admin");
or
var added = await e.AddGroupingPolicyAsync("group1", "data2_admin");

let added = e.add_grouping_policy(vec!["group1".to_owned(), "data2_admin".to_owned()]).await?;

boolean added = e.addGroupingPolicy("group1", "data2_admin");

`AddGroupingPolicies()`

AddGroupingPolicy 向当前策略添加角色继承规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回false，当前政策中没有添加任何政策规则。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都被添加到目前的政策中。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"ham", "data4_admin"},
    []string {"jack", "data5_admin"},
}

areRulesAdded := e.AddGroupingPolicies(rules)

const groupingRules = [
    ['ham', 'data4_admin'],
    ['jack', 'data5_admin']
  ];

const areRulesAdded = await e.addGroupingPolicies(groupingRules);

rules = [
    ["ham", "data4_admin"],
    ["jack", "data5_admin"]
]

are_rules_added = e.add_grouping_policies(rules)

let rules = vec![
    vec!["ham".to_owned(), "data4_admin".to_owned()],
    vec!["jack".to_owned(), "data5_admin".to_owned()],
];

let areRulesAdded = e.add_grouping_policies(rules).await?;

String[][] groupingRules = {
    {"ham", "data4_admin"},
    {"jack", "data5_admin"}
};
boolean areRulesAdded = e.addGroupingPolicies(groupingRules);

`AddGroupingPoliciesEx()`

AddGroupingPoliciesEx adds role inheritance rules to the current policy. If the rule already exists, the rule will not be added. But unlike AddGroupingPolicies, other non-existent rules are added instead of returning false directly

例如：

ok, err := e.AddGroupingPoliciesEx([][]string{{"user1", "member"}, {"user2", "member"}})

`AddNamedGroupingPolicy()`

AddNamedGroupingPolicy 将命名角色继承规则添加到当前策略。如果规则已经存在，函数返回false，并且不会添加规则。否则，函数通过添加新规则并返回true。

例如：

added := e.AddNamedGroupingPolicy("g", "group1", "data2_admin")

const added = await e.addNamedGroupingPolicy('g', 'group1', 'data2_admin')

$added = $e->addNamedGroupingPolicy("g", "group1", "data2_admin");

added = e.add_named_grouping_policy("g", "group1", "data2_admin")

var added = e.AddNamedGroupingPolicy("g", "group1", "data2_admin");
or
var added = await e.AddNamedGroupingPolicyAsync("g", "group1", "data2_admin");

let added = e.add_named_grouping_policy("g", vec!["group1".to_owned(), "data2_admin".to_owned()]).await?;

boolean added = e.addNamedGroupingPolicy("g", "group1", "data2_admin");

`AddNamedGroupingPolicies()`

AddNamedGroupingPolicies 将命名角色继承规则添加到当前策略。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回false，当前政策中没有添加任何政策规则。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都被添加到目前的政策中。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"ham", "data4_admin"},
    []string {"jack", "data5_admin"},
}

areRulesAdded := e.AddNamedGroupingPolicies("g", rules)

const groupingRules = [
    ['ham', 'data4_admin'],
    ['jack', 'data5_admin']
  ];

const areRulesAdded = await e.addNamedGroupingPolicies('g', groupingRules);

rules = [
    ["ham", "data4_admin"],
    ["jack", "data5_admin"]
]

are_rules_added = e.add_named_grouping_policies("g", rules)

let rules = vec![
    vec!["ham".to_owned(), "data4_admin".to_owned()],
    vec!["jack".to_owned(), "data5_admin".to_owned()],
];

let are_rules_added = e.add_named_grouping_policies("g", rules).await?;

String[][] groupingRules = {
    {"ham", "data4_admin"},
    {"jack", "data5_admin"}
};
boolean areRulesAdded = e.addNamedGroupingPolicies("g", groupingRules);

`AddNamedGroupingPoliciesEx()`

AddNamedGroupingPoliciesEx adds named role inheritance rules to the current policy. If the rule already exists, the rule will not be added. But unlike AddNamedGroupingPolicies, other non-existent rules are added instead of returning false directly

例如：

ok, err := e.AddNamedGroupingPoliciesEx("g", [][]string{{"user1", "member"}, {"user2", "member"}})

`RemoveGroupingPolicy()`

RemoveGroupingPolicy 从当前策略中删除角色继承规则。

例如：

removed := e.RemoveGroupingPolicy("alice", "data2_admin")

const removed = await e.removeGroupingPolicy('alice', 'data2_admin')

$removed = $e->removeGroupingPolicy("alice", "data2_admin");

removed = e.remove_grouping_policy("alice", "data2_admin")

var removed = e.RemoveGroupingPolicy("alice", "data2_admin");
or
var removed = await e.RemoveGroupingPolicyAsync("alice", "data2_admin");

let removed = e.remove_grouping_policy(vec!["alice".to_owned(), "data2_admin".to_owned()]).await?;

boolean removed = e.removeGroupingPolicy("alice", "data2_admin");

`RemoveGroupingPolicies()`

RemoveGroupingPolicy 从当前策略中删除角色继承规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回 false ，当前政策中没有任何政策规则被删除。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都从现行政策中删除。

例如：

Go
Node.js
Rust
Python
Java

rules := [][] string {
                []string {"ham", "data4_admin"},
                []string {"jack", "data5_admin"},
        }

areRulesRemoved := e.RemoveGroupingPolicies(rules)

const groupingRules = [
    ['ham', 'data4_admin'],
    ['jack', 'data5_admin']
  ];

const areRulesRemoved = await e.removeGroupingPolicies(groupingRules);

let rules = vec![
    vec!["ham".to_owned(), "data4_admin".to_owned()],
    vec!["jack".to_owned(), "data5_admin".to_owned()],
];

let are_rules_removed = e.remove_grouping_policies(rules).await?;

rules = [
    ["ham", "data4_admin"],
    ["jack", "data5_admin"]
]

are_rules_removed = e.remove_grouping_policies(rules)

String[][] groupingRules = {
    {"ham", "data4_admin"},
    {"jack", "data5_admin"}
};
boolean areRulesRemoved = e.removeGroupingPolicies(groupingRules);

`RemoveFilteredGroupingPolicy()`

RemoveFilteredGroupingPolicy 从当前策略中移除角色继承规则，可以指定字段筛选器。

例如：

removed := e.RemoveFilteredGroupingPolicy(0, "alice")

const removed = await e.removeFilteredGroupingPolicy(0, 'alice')

$removed = $e->removeFilteredGroupingPolicy(0, "alice");

removed = e.remove_filtered_grouping_policy(0, "alice")

var removed = e.RemoveFilteredGroupingPolicy(0, "alice");
or
var removed = await e.RemoveFilteredGroupingPolicyAsync(0, "alice");

let removed = e.remove_filtered_grouping_policy(0, vec!["alice".to_owned()]).await?;

boolean removed = e.removeFilteredGroupingPolicy(0, "alice");

`RemoveNamedGroupingPolicy()`

RemoveNamedGroupingPolicy 从当前命名策略中移除角色继承规则。

例如：

removed := e.RemoveNamedGroupingPolicy("g", "alice")

const removed = await e.removeNamedGroupingPolicy('g', 'alice')

$removed = $e->removeNamedGroupingPolicy("g", "alice");

removed = e.remove_named_grouping_policy("g", "alice", "data2_admin")

var removed = e.RemoveNamedGroupingPolicy("g", "alice");
or 
var removed = await e.RemoveNamedGroupingPolicyAsync("g", "alice");

let removed = e.remove_named_grouping_policy("g", vec!["alice".to_owned()]).await?;

boolean removed = e.removeNamedGroupingPolicy("g", "alice");

`RemoveNamedGroupingPolicies()`

RemoveNamedGroupingPolicies 从当前策略中删除角色继承规则。该操作本质上是原子的因此，如果授权规则由不符合现行政策的规则组成，函数返回 false ，当前政策中没有任何政策规则被删除。如果所有授权规则都符合政策规则，则函数返回true，每项政策规则都从现行政策中删除。

例如：

Go
Node.js
Python
Rust
Java

rules := [][] string {
    []string {"ham", "data4_admin"},
    []string {"jack", "data5_admin"},
}

areRulesRemoved := e.RemoveNamedGroupingPolicies("g", rules)

const groupingRules = [
    ['ham', 'data4_admin'],
    ['jack', 'data5_admin']
  ];

const areRulesRemoved = await e.removeNamedGroupingPolicies('g', groupingRules);

rules = [
    ["ham", "data4_admin"],
    ["jack", "data5_admin"]
]
are_rules_removed = e.remove_named_grouping_policies("g", rules)

let rules = vec![
    vec!["ham".to_owned(), "data4_admin".to_owned()],
    vec!["jack".to_owned(), "data5_admin".to_owned()],
];

let are_rules_removed = e.remove_named_grouping_policies("g", rules).await?;

String[][] groupingRules = {
    {"ham", "data4_admin"},
    {"jack", "data5_admin"}
};
boolean areRulesRemoved = e.removeNamedGroupingPolicies("g", groupingRules);

`RemoveFilteredNamedGroupingPolicy()`

RemoveFilteredNamedGroupingPolicy 从当前命名策略中移除角色继承规则，可以指定字段筛选器。

例如：

removed := e.RemoveFilteredNamedGroupingPolicy("g", 0, "alice")

const removed = await e.removeFilteredNamedGroupingPolicy('g', 0, 'alice')

$removed = $e->removeFilteredNamedGroupingPolicy("g", 0, "alice");

removed = e.remove_filtered_named_grouping_policy("g", 0, "alice")

var removed = e.RemoveFilteredNamedGroupingPolicy("g", 0, "alice");
or
var removed = await e.RemoveFilteredNamedGroupingPolicyAsync("g", 0, "alice");

let removed = e.remove_filtered_named_groupingPolicy("g", 0, vec!["alice".to_owned()]).await?;

boolean removed = e.removeFilteredNamedGroupingPolicy("g", 0, "alice");

`UpdatePolicy()`

UpdatePolicy 把旧的政策更新到新的政策

例如：

Go
Node.js
Python
Java

updated, err := e.UpdatePolicy([]string{"eve", "data3", "read"}, []string{"eve", "data3", "write"})

const update = await e.updatePolicy(["eve", "data3", "read"], ["eve", "data3", "write"]);

updated = e.update_policy(["eve", "data3", "read"], ["eve", "data3", "write"])

boolean updated = e.updatePolicy(Arrays.asList("eve", "data3", "read"), Arrays.asList("eve", "data3", "write"));

`UpdatePolicies()`

UpdatePolicies 将所有的旧政策更新到新政策

例如：

Go
Python

updated, err := e.UpdatePolicies([][]string{{"eve", "data3", "read"}, {"jack", "data3", "read"}}, [][]string{{"eve", "data3", "write"}, {"jack", "data3", "write"}})

old_rules = [["eve", "data3", "read"], ["jack", "data3", "read"]]
new_rules = [["eve", "data3", "write"], ["jack", "data3", "write"]]

updated = e.update_policies(old_rules, new_rules)

`AddFunction()`

AddFunction 添加自定义函数。

例如:

func CustomFunction(key1 string, key2 string) bool {
    if key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data/:resource" {
        return true
    } else if key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data2/:id/using/:resId" {
        return true
    } else {
        return false
    }
}

func CustomFunctionWrapper(args ...interface{}) (interface{}, error) {
    key1 := args[0].(string)
    key2 := args[1].(string)

    return bool(CustomFunction(key1, key2)), nil
}

e.AddFunction("keyMatchCustom", CustomFunctionWrapper)

function customFunction(key1, key2){
    if(key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data/:resource") {
        return true
    } else if(key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data2/:id/using/:resId") {
        return true
    } else {
        return false
    }
}

e.addFunction("keyMatchCustom", customFunction);

func customFunction($key1, $key2) {
    if ($key1 == "/alice_data2/myid/using/res_id" && $key2 == "/alice_data/:resource") {
        return true;
    } elseif ($key1 == "/alice_data2/myid/using/res_id" && $key2 == "/alice_data2/:id/using/:resId") {
        return true;
    } else {
        return false;
    }
}

func customFunctionWrapper(...$args){
    $key1 := $args[0];
    $key2 := $args[1];

    return customFunction($key1, $key2);
}

$e->addFunction("keyMatchCustom", customFunctionWrapper);

def custom_function(key1, key2):
    return ((key1 == "/alice_data2/myid/using/res_id" and key2 == "/alice_data/:resource") or (key1 == "/alice_data2/myid/using/res_id" and key2 == "/alice_data2/:id/using/:resId"))


e.add_function("keyMatchCustom", custom_function)

fn custom_function(key1: STring, key2: String) {
    key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data/:resource" || key1 == "/alice_data2/myid/using/res_id" && key2 == "/alice_data2/:id/using/:resId"
}


e.add_function("keyMatchCustom", custom_function);

public static class CustomFunc extends CustomFunction {
    @Override
    public AviatorObject call(Map<String, Object> env, AviatorObject arg1, AviatorObject arg2) {
        String key1 = FunctionUtils.getStringValue(arg1, env);
        String key2 = FunctionUtils.getStringValue(arg2, env);
        if (key1.equals("/alice_data2/myid/using/res_id") && key2.equals("/alice_data/:resource")) {
            return AviatorBoolean.valueOf(true);
        } else if (key1.equals("/alice_data2/myid/using/res_id") && key2.equals("/alice_data2/:id/using/:resId")) {
            return AviatorBoolean.valueOf(true);
        } else {
            return AviatorBoolean.valueOf(false);
        }
    }

    @Override
    public String getName() {
        return "keyMatchCustom";
    }
}

FunctionTest.CustomFunc customFunc = new FunctionTest.CustomFunc();
e.addFunction(customFunc.getName(), customFunc);

`LoadFilteredPolicy()`

LoadFilteredPolicy从文件/数据库加载过滤完成的政策

For example:

Go
Node.js
Python
Java

err := e.LoadFilteredPolicy()

const ok = await e.loadFilteredPolicy();

class Filter:
    P = []
    G = []

adapter = casbin.persist.adapters.FilteredAdapter("rbac_with_domains_policy.csv")
e = casbin.Enforcer("rbac_with_domains_model.conf", adapter)
filter = Filter()
filter.P = ["", "domain1"]
filter.G = ["", "", "domain1"]
e.load_filtered_policy(filter)

e.loadFilteredPolicy(new String[] { "", "domain1" });

`LoadIncrementalFilteredPolicy()`

LoadFilteredPolicy从文件/数据库添加过滤完成的政策

For example:

Go
Node.js
Python

err := e.LoadIncrementalFilteredPolicy()

const ok = await e.loadIncrementalFilteredPolicy();

adapter = casbin.persist.adapters.FilteredAdapter("rbac_with_domains_policy.csv")
e = casbin.Enforcer("rbac_with_domains_model.conf", adapter)
filter = Filter()
filter.P = ["", "domain1"]
filter.G = ["", "", "domain1"]
e.load_increment_filtered_policy(filter)

`UpdateGroupingPolicy()`

UpdateGroupingPolicy 在 g段更新oldRule到newRule

For example:

Go
Java

succeed, err : = e.UpdateGroupingPolicy([]string{"data3_admin", "data4_admin"}, []string{"admin", "data4_admin"})

boolean succeed = e.updateGroupingPolicy(Arrays.asList("data3_admin", "data4_admin"), Arrays.asList("admin", "data4_admin"));

`UpdateNamedGroupingPolicy()`

UpdateNamedGroupingPolicy 在g 部分将名为 ptype 的旧策略更新为新策略

For example:

Go
Java

succeed, err : = e.UpdateGroupingPolicy("g1",[]string{"data3_admin", "data4_admin"}, []string{"admin", "data4_admin"})

boolean succeed = e.updateNamedGroupingPolicy("g1", Arrays.asList("data3_admin", "data4_admin"), Arrays.asList("admin", "data4_admin"));

`SetFieldIndex()`

设置FieldIndex 子端口自定义常规名称和位置 子类, obj, 域 和 优先级.

[policy_definition]
p = customized_priority, obj, act, eft, subject

For example:

e.SetFieldIndex("p", constant.PriorityIndex, 0)
e.SetFieldIndex("p", constant.SubjectIndex, 4)

筛选的 API
参考

筛选的 API​

参考​

Enforce()​

EnforceWithMatcher()​

EnforceEx()​

EnforceExWithMatcher()​

BatchEnforce()​

GetAllSubjects()​

GetAllNamedSubjects()​

GetAllObjects()​

GetAllNamedObjects()​

GetAllActions()​

GetAllNamedActions()​

GetAllRoles()​

GetAllNamedRoles()​

GetPolicy()​

GetFilteredPolicy()​

GetNamedPolicy()​

GetFilteredNamedPolicy()​

GetGroupingPolicy()​

GetFilteredGroupingPolicy()​

GetNamedGroupingPolicy()​

GetFilteredNamedGroupingPolicy()​

HasPolicy()​

HasNamedPolicy()​

AddPolicy()​

AddPolicies()​

AddPoliciesEx()​

AddNamedPolicy()​

AddNamedPolicies()​

AddNamedPoliciesEx()​

SelfAddPoliciesEx()​

RemovePolicy()​

RemovePolicies()​

RemoveFilteredPolicy()​

RemoveNamedPolicy()​

RemoveNamedPolicies()​

RemoveFilteredNamedPolicy()​

HasGroupingPolicy()​

HasNamedGroupingPolicy()​

AddGroupingPolicy()​

AddGroupingPolicies()​

AddGroupingPoliciesEx()​

AddNamedGroupingPolicy()​

AddNamedGroupingPolicies()​

AddNamedGroupingPoliciesEx()​

RemoveGroupingPolicy()​

RemoveGroupingPolicies()​

RemoveFilteredGroupingPolicy()​

RemoveNamedGroupingPolicy()​

RemoveNamedGroupingPolicies()​

RemoveFilteredNamedGroupingPolicy()​

UpdatePolicy()​

UpdatePolicies()​

AddFunction()​

LoadFilteredPolicy()​

LoadIncrementalFilteredPolicy()​

UpdateGroupingPolicy()​

UpdateNamedGroupingPolicy()​

SetFieldIndex()​

筛选的 API

参考

`Enforce()`

`EnforceWithMatcher()`

`EnforceEx()`

`EnforceExWithMatcher()`

`BatchEnforce()`

`GetAllSubjects()`

`GetAllNamedSubjects()`

`GetAllObjects()`

`GetAllNamedObjects()`

`GetAllActions()`

`GetAllNamedActions()`

`GetAllRoles()`

`GetAllNamedRoles()`

`GetPolicy()`

`GetFilteredPolicy()`

`GetNamedPolicy()`

`GetFilteredNamedPolicy()`

`GetGroupingPolicy()`

`GetFilteredGroupingPolicy()`

`GetNamedGroupingPolicy()`

`GetFilteredNamedGroupingPolicy()`

`HasPolicy()`

`HasNamedPolicy()`

`AddPolicy()`

`AddPolicies()`

`AddPoliciesEx()`

`AddNamedPolicy()`

`AddNamedPolicies()`

`AddNamedPoliciesEx()`

`SelfAddPoliciesEx()`

`RemovePolicy()`

`RemovePolicies()`

`RemoveFilteredPolicy()`

`RemoveNamedPolicy()`

`RemoveNamedPolicies()`

`RemoveFilteredNamedPolicy()`

`HasGroupingPolicy()`

`HasNamedGroupingPolicy()`

`AddGroupingPolicy()`

`AddGroupingPolicies()`

`AddGroupingPoliciesEx()`

`AddNamedGroupingPolicy()`

`AddNamedGroupingPolicies()`

`AddNamedGroupingPoliciesEx()`

`RemoveGroupingPolicy()`

`RemoveGroupingPolicies()`

`RemoveFilteredGroupingPolicy()`

`RemoveNamedGroupingPolicy()`

`RemoveNamedGroupingPolicies()`

`RemoveFilteredNamedGroupingPolicy()`

`UpdatePolicy()`

`UpdatePolicies()`

`AddFunction()`

`LoadFilteredPolicy()`

`LoadIncrementalFilteredPolicy()`

`UpdateGroupingPolicy()`

`UpdateNamedGroupingPolicy()`

`SetFieldIndex()`