I am trying to use the example of multiple casbin policy RBAC and ABAC.
Here are example model and policy from official.
multiple_policy_definitions_model.conf
[request_definition]
r = sub, obj, act
r2 = sub, obj, act
[policy_definition]
p = sub, obj, act
p2= sub_rule, obj, act, eft
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
#RABC
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
#ABAC
m2 = eval(p2.sub_rule) && r2.obj == p2.obj && r2.act == p2.act
multiple_policy_definitions_policy.csv
p, data2_admin, data2, read
p2, r2.sub.Age > 18 && r2.sub.Age < 60, /data1, read, allow
p2, r2.sub.Age > 60 && r2.sub.Age < 100, /data1, read, deny
g, alice, data2_admin
My request.query is {Age:20}
...
const { query } = request;
const result = await e.enforce(query, '/data1', 'read');
console.log(result);
....
When running the above code, it's failing with this message:
TypeError: Cannot convert object to primitive value
at Array.join (<anonymous>)
at Array.toString (<anonymous>)
at D:\mandy\Project\e_shopping_api\node_modules\casbin\lib\cjs\util\builtinOperators.js:286:26
at D:\mandy\Project\e_shopping_api\node_modules\expression-eval\dist\expression-eval.js:1:519
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.generatorRunAsync (D:\mandy\Project\e_shopping_api\node_modules\casbin\lib\cjs\util\util.js:160:26)
at async Object.handler (D:\mandy\Project\e_shopping_api\src\routes\root.js:81:20)
I guess it does not use r2,p2,e,m2 to match.
I also try it on Casbin online editor
When I use Request r2,p2,e,m2 it work.
But I don't know how to implement by using e.enforce().
Casbin online editor r2,p2,m2 work
Casbin online editor r,p,m work
I much appreciate any responses.