What is the best option to implement such security in Casbin?
I have several folders
, each of them has its own security (i.e. the users
allowed to accede it)
But that's not enough, the action
a user
is allowed to performed in a folder
depends on user
's group
As an example:
alice
can be admin
for folder1
so she can read
and write
within it
alice
can be user
for folder2
so she can only read
I was thinking of using 1 group
per role
(user
, admin
) and 1 group per folder
, however this is not fine because once a user
is assigned a role
, he cannot change
I looked at RBAC with domains and this can work until I duplicate all my policies for each folder
(yeah, all users
will always have the same rights in folder
...) because domain must be part of the policy itself
Do you have any suggestion on how to achieve this?
Thanks