ABAC eval not working with empty dict
See original GitHub issueModel:
[request_definition]
r = sub, obj, type, act
[policy_definition]
p = rule, type, act
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = eval(p.rule) && r.type == p.type && r.act == p.act
Policy:
p, r.sub.admin == True, user, delete
p, r.sub.identifier == r.obj.identifier, user, read
When attempting to eval the following:
abac_enforcer = casbin.Enforcer(
str(file_path(...)), str(file_path(...))
if abac_enforcer.enforce({"admin": False}, {}, "user", "delete"):
return True
Raises the following:
/simpleeval.py", line 481, in _eval_attribute
raise AttributeDoesNotExist(node.attr, self.expr)
simpleeval.AttributeDoesNotExist: ('identifier', '(r_sub.identifier == r_obj.identifier) and r_type == p_type and r_act == p_act')
I attempted this within the online editor and it works fine. Sorry if I’m missing something. New PyCasbin user here!
Issue Analytics
- State:
- Created 2 years ago
- Comments:20 (13 by maintainers)
Top Results From Across the Web
eval function doesnt turn dict-like string into dict?
1. the message shows the error, the string is not valid. · Try to remove the "\"" around taglist. – Andrej Kesely ·...
Read more >Attribute Based Access Control - NCCoE
Attribute based access control (ABAC) is an advanced method for managing access rights for people and systems connecting to networks and assets.
Read more >Symbol API — mxnet documentation
The Symbol API, defined in the symbol (or simply sym ) package, provides neural network graphs and auto-differentiation. A symbol represents a multi-output ......
Read more >Programming in Standard ML
This book is an introduction to programming with the Standard ML pro- gramming language. It began life as a set of lecture notes...
Read more >Data types - Fauna Documentation
Scalar types; Boolean; Null; Number; String; Literal; Array; Object ... Null is a special marker used to indicate that a data value does...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@killswitch-GUI I don’t quite suggest change PyCasbin or simpleeval. You should instead follow the “object all the way down” logic when you use A(ttribute)BAC. And BTW
this is working simply because you set
It evaluates the first line in policy and turns out to be True and ignored the second line 😃
I’m checking the issue…