| 123456789101112131415161718 |
- #表示经典三元组: 访问实体 (Subject),访问资源 (Object) 和访问方法 (Action)。
- [request_definition]
- r = sub, obj, act
- [policy_definition]
- p = sub, obj, act
- [role_definition]
- g = _, _
- #g2 = _, _
- [policy_effect]
- e = some(where (p.eft == allow))
- [matchers]
- #m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
- #m = g(r.sub, p.sub) && g2(r.obj, p.obj) && r.act == p.act
- m = g(r.sub, p.sub) && keyMatch2(r.obj, p.obj) && regexMatch(r.act, p.act)
|
