Casbin 是一个强大和高效的开放源码访问控制库,它支持各种 访问控制模型 以强制全面执行授权。
Enforcing a set of rules is as simple as listing subjects, objects, and the desired allowed action (or any other format as per your needs) in a policy file. This is synonymous across all flows in which Casbin is used. The developer/administrator has complete control over the layout, execution, and conditions for authorization, which are set via the model file. Casbin provides an Enforcer for validating an incoming request based on the policy and model files given to the Enforcer.
Languages Supported by Casbin
Casbin provides support for various programming languages, ready to be integrated within any project and workflow:
| Production-ready | Production-ready | Production-ready | Production-ready |
| Production-ready | Production-ready | Production-ready | Production-ready |
Feature Set for Different Languages
We are always working our best to make Casbin have the same set of features for all languages. However, the reality is not that beautiful.
eval()Note - ✅ for Watcher or Role Manager only means having the interface in the core library. It is not indicative of whether there is a watcher or role manager implementation available.
Casbin 是什么?
objectsubjectaction{ subject, object, action }Casbin能够处理除标准流量以外的许多复杂的许可使用者。 There can be the addition of roles (RBAC), attributes (ABAC), etc.
What Casbin Does
{ subject, object, action }rootadministratorkeyMatch/foo/bar/foo*What Casbin Does NOT Do
usernamepasswordIt's more convenient for projects to manage their lists of users, roles, or passwords. 用户通常有他们的密码,但是 Casbin 的设计思想并不是把它作为一个存储密码的容器。 而是存储RBAC方案中用户和角色之间的映射关系。