Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

[feature] support the new "a" type policies (aka LLM AI policy) #1692

Open

Description

see: https://editor.casbin.org/#6W5HP2HEM

need to support the new "a" type policy (means AI LLM policy, can be "a", "a2", "a3" like p and g policy), like:

a, "if the request object contains anything like credential/secret leak, then deny"

so Casbin will call the LLM API (use the new Explain API in: 0fe9505) to determine the "a" policy: "if the request object contains anything like credential/secret leak, then deny".

Casbin Policy Configuration

Model

[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = ipMatch(r.sub, p.sub) && r.obj == p.obj && r.act == p.act

Policy

p, 192.168.2.0/24, data1, read
p, 10.0.0.0/16, data2, write
a, "allow US residential IPs to read data1" # "residential" means not cloud IPs
a, "allow global cloud IPs to write data2"

Request

192.168.2.1, data1, read
10.0.2.3, data2, write

Enforcement Result

(empty)

Metadata

Metadata

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      AltStyle によって変換されたページ (->オリジナル) /