企业🤖AI智能体构建引擎,智能编排和调试,一键部署,支持私有化部署方案 广告
# 支持的Models 1. [**ACL (Access Control List, 访问控制列表)**](https://en.wikipedia.org/wiki/Access_control_list) 2. **具有[超级用户](https://en.wikipedia.org/wiki/Superuser)的 ACL** 3. **没有用户的 ACL**: 对于没有身份验证或用户登录的系统尤其有用。 4. **没有资源的 ACL**: 某些场景可能只针对资源的类型, 而不是单个资源, 诸如`write-article`,`read-log`等权限。 它不控制对特定文章或日志的访问。 5. **[RBAC (基于角色的访问控制)](https://en.wikipedia.org/wiki/Role-based_access_control)** 6. **支持资源角色的RBAC**: 用户和资源可以同时具有角色 (或组)。 7. **支持域/租户的RBAC**: 用户可以为不同的域/租户设置不同的角色集。 8. **[ABAC (基于属性的访问控制)](https://en.wikipedia.org/wiki/Attribute-Based_Access_Control)**: 支持利用`resource.Owner`这种语法糖获取元素的属性。 9. **[RESTful](https://en.wikipedia.org/wiki/Representational_state_transfer)**: 支持路径, 如`/res/*`,`/res/: id`和 HTTP 方法, 如`GET`,`POST`,`PUT`,`DELETE`。 10. **拒绝优先**: 支持允许和拒绝授权, 拒绝优先于允许。 11. **优先级**: 策略规则按照先后次序确定优先级,类似于防火墙规则。 ## 例子 | 访问控制模型 | Model 文件 | Policy 文件 | | --- | --- | --- | | ACL | [basic\_model.conf](https://github.com/casbin/casbin/blob/master/examples/basic_model.conf) | [basic\_policy.csv](https://github.com/casbin/casbin/blob/master/examples/basic_policy.csv) | | | ![basic_model](https://img.kancloud.cn/4e/76/4e76bc8780444f5a5344c431cf8ea75b_421x224.png) |![basic_policy](https://img.kancloud.cn/f6/45/f6456db976c9809990b6fd3637ea72d4_190x75.png) | | 具有超级用户的ACL | [basic\_model\_with\_root.conf](https://github.com/casbin/casbin/blob/master/examples/basic_with_root_model.conf) | [basic\_policy.csv](https://github.com/casbin/casbin/blob/master/examples/basic_policy.csv) | | | ![basic_model_with_root](https://img.kancloud.cn/d7/aa/d7aa20089512839070dbf278eae59bbd_559x232.png) |![basic_policy](https://img.kancloud.cn/f6/45/f6456db976c9809990b6fd3637ea72d4_190x75.png) | | 没有用户的ACL | [basic\_model\_without\_users.conf](https://github.com/casbin/casbin/blob/master/examples/basic_without_users_model.conf) | [basic\_policy\_without\_users.csv](https://github.com/casbin/casbin/blob/master/examples/basic_without_users_policy.csv) | | | ![basic_model_without_users](https://img.kancloud.cn/52/01/52010db44f384b45fe0bdf5af4b92a61_343x223.png) |![basic_policy_without_users](https://img.kancloud.cn/a3/05/a305b8e86ff47f73e750dcd2b2b5e39f_163x80.png) | | 没有资源的ACL | [basic\_model\_without\_resources.conf](https://github.com/casbin/casbin/blob/master/examples/basic_without_resources_model.conf) | [basic\_policy\_without\_resources.csv](https://github.com/casbin/casbin/blob/master/examples/basic_without_resources_policy.csv) | | | ![basic_model_without_resources](https://img.kancloud.cn/5f/00/5f00c59314f845035e8e5a36c148a485_357x227.png) |![basic_policy_without_resources](https://img.kancloud.cn/ba/39/ba391fc7357d4bfd44bfb41b7b29d9d7_137x59.png) | | RBAC | [rbac\_model.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_model.conf) | [rbac\_policy.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_policy.csv) | | | ![rbac_model](https://img.kancloud.cn/b7/16/b7163b786bbe8a91884c964c177178f0_445x283.png) |![rbac_policy](https://img.kancloud.cn/f6/45/f6456db976c9809990b6fd3637ea72d4_190x75.png) | | 支持资源角色的RBAC | [rbac\_model\_with\_resource\_roles.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_resource_roles_model.conf) | [rbac\_policy\_with\_resource\_roles.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_resource_roles_policy.csv) | | | ![rbac_model_with_resource_roles](https://img.kancloud.cn/42/e2/42e27feb6b25d77b4995b25080c94173_412x304.png) |![rbac_policy_with_resource_roles](https://img.kancloud.cn/c3/b4/c3b43aafaca9a7b77e0721f57169711a_316x148.png) | | 支持域/租户的RBAC | [rbac\_model\_with\_domains.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_domains_model.conf) | [rbac\_policy\_with\_domains.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_domains_policy.csv) | | | ![rbac_model_with_domains](https://img.kancloud.cn/a5/00/a500b4ca73f53927157b0f032ce1ceba_565x279.png) |![rbac_policy_with_domains](https://img.kancloud.cn/4a/ff/4aff1e037d40ce4bddc8c4de4a601171_284x134.png) | | ABAC | [abac\_model.conf](https://github.com/casbin/casbin/blob/master/examples/abac_model.conf) | 无 | | | ![abac_model](https://img.kancloud.cn/5c/66/5c66fcbd96ca0887beda6297d6940e43_256x220.png) | | | RESTful | [keymatch\_model.conf](https://github.com/casbin/casbin/blob/master/examples/keymatch_model.conf) | [keymatch\_policy.csv](https://github.com/casbin/casbin/blob/master/examples/keymatch_policy.csv) | | | ![keymatch_model](https://img.kancloud.cn/59/1a/591a074f1ee23a416bafd312ddce0d04_499x228.png) |![keymatch_policy](https://img.kancloud.cn/18/75/187546bdaf4815882b8e911d83b722ac_304x133.png) | | 拒绝优先 | [rbac\_model\_with\_deny.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_deny_model.conf) | [rbac\_policy\_with\_deny.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_deny_policy.csv) | | | ![rbac_model_with_deny](https://img.kancloud.cn/36/55/365531c1b42a1e3fe64f442468639a50_485x281.png) |![rbac_policy_with_deny](https://img.kancloud.cn/b2/97/b29707a652e90d0f095fdf643283ec02_284x146.png) | | 优先级 | [priority\_model.conf](https://github.com/casbin/casbin/blob/master/examples/priority_model.conf) | [priority\_policy.csv](https://github.com/casbin/casbin/blob/master/examples/priority_policy.csv) | | | ![priority_model](https://img.kancloud.cn/de/06/de06288faa22c11f51de1ec176b045ab_383x283.png) |![priority_policy](https://img.kancloud.cn/56/a9/56a97d34ff5649089ffc5b1ccb2d9a5a_359x259.png) |