surreal-casbin-adapter 3.0.5

A SurrealDB adapter for casbin-rs - an authorization library that supports access control models like ACL, RBAC, ABAC and more
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

//! Basic RBAC (Role-Based Access Control) Example
//!
//! This example demonstrates how to use the SurrealDB Casbin adapter
//! for simple role-based access control with both g and g2.
//!
//! Run with: cargo run --example basic_rbac

use casbin::{CoreApi, DefaultModel, Enforcer, MgmtApi};
use surreal_casbin_adapter::SurrealAdapter;
use surrealdb::engine::any::connect;
use surrealdb::opt::auth::Root;

// RBAC model avec g et g2
const MODEL: &str = r#"
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
"#;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Initialize SurrealDB
    let db = connect("ws://localhost:8000").await?;
    db.signin(Root {
        username: "root".to_string(),
        password: "secret".to_string(),
    })
    .await?;
    db.use_ns("test").use_db("test").await?;
    // Create adapter and initialize table
    let adapter = SurrealAdapter::new(db);
    adapter.create_table().await?;
    let model = DefaultModel::from_str(MODEL).await?;
    let mut enforcer = Enforcer::new(model, adapter).await?;

    // ─── Permissions ────────────────────────────────────────────────────────
    enforcer
        .add_policy(vec![
            "reader".to_string(),
            "data".to_string(),
            "read".to_string(),
        ])
        .await?;

    enforcer
        .add_named_grouping_policies("g", vec![vec!["alice".to_string(), "reader".to_string()]])
        .await?;

    Ok(())
}