Comments (6)
@tangyang9464 @JalinWang @imp2002
from casdoor.
@link89 see docs: https://casdoor.org/docs/permission/permission-configuration
How to forbid a user from logging into an application: https://door.casdoor.com/permissions/casbin/permission_deny_role
from casdoor.
@hsluoyz The example you show it is to deny specify users to read specific apps. Is it possible to use white list rule?
For example, if there are 3 apps in an organization, how to setup rules so that
- all users can access App1
- only users in group
whitelist-app2
can access App2 - only users in group
whitelist-app3
can access App3
from casdoor.
@link89 you deny all first, then allow someone
from casdoor.
@link89 you deny all first, then allow someone
hi @hsluoyz
I have created two permissions for users, one is to deny all, the other one allow a role. and the user have matched by permission in the user info page, but it still deny when user login.
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
from casdoor.
Closed issues won't be responded.
from casdoor.
Related Issues (20)
- Certificate value in every SAML Response is getting changed HOT 6
- casdoor proxmox ve (bs) HOT 4
- Does the internal LDAP Server redirect to other LDAP sources? HOT 5
- [Bug]update owner error when update permission HOT 6
- Do not give hints of registered emails/accounts HOT 3
- [Bug] An application should not be able to create users for other organizations HOT 2
- Allow All Users to Perform LDAP Search Lookups in their org HOT 3
- How to control access to the console for regular users HOT 2
- Signup and get phone number from Lark OAuth provider HOT 1
- Automatically create a database when Docker runs? HOT 2
- Failed to save: pq: value too long for type character varying(1000) HOT 2
- Can the user password be encrypted at the front end and then transmitted to the back end during login? HOT 2
- logout not work when concurrent request HOT 8
- [feature] Add Support for `memberOf` Overlay in LDAP Server HOT 5
- Simulate user HOT 3
- sms login HOT 2
- Cannot read properties of null at Object.isPasswordEnabled after upgrading HOT 4
- [Bug] Incorrect `Username` fetch in IdP Lark HOT 3
- [feature] SAML NameID Mapping HOT 12
- SAML providers don't work (neither custom nor pre-installed) HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from casdoor.