Casbin

Casbin is an authorization library designed to manage application access control and permissions through a configurable model-based engine. It serves as a centralized system for verifying whether a user has permission to perform specific actions on a resource.

The engine supports multiple access control models, including Role-Based Access Control, Attribute-Based Access Control, and Access Control Lists. It allows for the definition of role hierarchies and the evaluation of user, resource, and environment attributes to make access decisions.

The library decouples authorization logic from data storage via a policy persistence layer, enabling the saving and loading of rules from external databases or files. It supports dynamic policy management to update permissions and role mappings at runtime.

Features

Access Control - Verifies user requests against defined permission models to determine if an action is permitted.

Authorization Logic - Provides a flexible system to verify if users have permission to perform specific actions on resources.

Access Control Models - Supports multiple access control paradigms including ACL, RBAC, and ABAC within a single engine.

Attribute-based Access Controls - Controls access to resources based on attributes of the user, the object, and the environment.

Access Control and Authorization - Provides a comprehensive library for managing access control and permissions via a model-based engine.

Configurable Logic Models - Implements a configurable model-based engine to determine access permissions based on custom logic.

Role-Based Access Control - Implements a flexible system for managing user permissions and defining access levels based on assigned roles.

Context-Aware Policy Engines - Evaluates user, resource, and environment attributes to make dynamic access decisions.

Policy - Implements a persistence layer to save and load authorization rules from external databases or files.

Authorization Policy Adapters - Provides a flexible adapter system to persist authorization rules in various databases or files.

Centralized Permission Management - Centralizes the definition and persistence of security policies to ensure consistent enforcement.

Authorization Policies - Enables saving and loading of authorization rules to external storage for session consistency.

Dynamic Policy Refreshers - Allows authorization rules and permissions to be updated in memory without restarting the application.

Role Inheritance Resolution - Calculates inherited permissions by traversing a directed graph of role relationships at runtime.

Access Control List Management - Defines and enforces access control lists to specify which users can access specific objects.

Role-Based Access Management - Organizes structured relationships between users and roles to enable permission inheritance.

Authentication and Authorization - Authorization library supporting ACL, RBAC, and ABAC.

Security & Privacy - Library for access control models like RBAC and ABAC.

hsluoyzcasbin

Features

Star history