genetic-orange•12mo ago

Casbin's newEnforcer crash the app

I'm trying to configure a RBAC using Casbin following the Doc. Creating the AccessControlProvider, the newEnforcer function causes the error in the image. I have checked the where is the index file from, and it is from csv-parse/lib package. I'm not using that library, I guess the casbin library uses it, but I don't know what to do to solve it. here is my accessControl file

import { newModel, StringAdapter } from "casbin";

export const model = newModel(`
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act, eft

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && keyMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
`);

export const adapter = new StringAdapter(`
p, admin, users, (list)|(create)
p, admin, users/*, (edit)|(show)|(delete)

p, admin, orders, (list)
`);

import { newModel, StringAdapter } from "casbin";

export const model = newModel(`
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act, eft

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && keyMatch(r.obj, p.obj) && regexMatch(r.act, p.act)
`);

export const adapter = new StringAdapter(`
p, admin, users, (list)|(create)
p, admin, users/*, (edit)|(show)|(delete)

p, admin, orders, (list)
`);

And here is the casbin configuration in the app file:

{...}
import { newEnforcer } from "casbin";
import { model, adapter } from "./accessControl";
{...}
function App() {
  const role = localStorage.getItem("role") ?? "admin";
  return (
          {...}
          <Refine
            accessControlProvider={{
              can: async ({ resource, action, params }) => {
                const enforcer = await newEnforcer(model, adapter);

                const idActions = ["edit", "show", "delete"];

                if (idActions.includes(action)) {
                  const can = await enforcer.enforce(
                    role,
                    `${resource}/${params?.id}`,
                    action,
                  );

                  return { can };
                }

                const can = await enforcer.enforce(role, resource, action);

                return { can };
              },
            }}
          >

{...}
import { newEnforcer } from "casbin";
import { model, adapter } from "./accessControl";
{...}
function App() {
  const role = localStorage.getItem("role") ?? "admin";
  return (
          {...}
          <Refine
            accessControlProvider={{
              can: async ({ resource, action, params }) => {
                const enforcer = await newEnforcer(model, adapter);

                const idActions = ["edit", "show", "delete"];

                if (idActions.includes(action)) {
                  const can = await enforcer.enforce(
                    role,
                    `${resource}/${params?.id}`,
                    action,
                  );

                  return { can };
                }

                const can = await enforcer.enforce(role, resource, action);

                return { can };
              },
            }}
          >

7 Replies

kapa.ai•12mo ago

Hi @jaoc1811. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- Based on the information provided in the extracts, it seems like you're on the right track with setting up Role Based Access Control (RBAC) using Casbin in your refine application. However, the error you're encountering seems to be related to the csv-parse/lib package, which is not directly mentioned in the extracts. The newEnforcer function from Casbin is used correctly in your code, as shown in the extracts. It's used to create an enforcer with the model and adapter you've defined.

const enforcer = await newEnforcer(model, adapter);

const enforcer = await newEnforcer(model, adapter);

(Source: refine.dev docs (https://refine.dev/docs/advanced-tutorials/access-control)) However, the error you're encountering might be due to some compatibility issues or missing configurations for Casbin to work in a browser environment. As mentioned in the extracts, you might need to configure some polyfills for Casbin to work properly. This can be done using react-app-rewired to override some configurations of your app. First, add react-app-rewired to your project:

yarn add react-app-rewired

yarn add react-app-rewired

Then, update the scripts in your package.json:

"scripts": {  
 "start": "react-app-rewired start",  
 "build": "react-app-rewired build",  
 "eject": "react-scripts eject",  
 "refine": "refine"  
}

"scripts": {  
 "start": "react-app-rewired start",  
 "build": "react-app-rewired build",  
 "eject": "react-scripts eject",  
 "refine": "refine"  
}

Next, add the following packages:

yarn add assert buffer crypto-browserify stream-browserify  
yarn add -D https-browserify os-browserify path stream-http

yarn add assert buffer crypto-browserify stream-browserify  
yarn add -D https-browserify os-browserify path stream-http

Finally, include a config-overrides.js file to the root of your app folder. You can find an example of this file here (https://github.com/anewman15/refine/blob/pixels-admin/examples/pixels-admin/config-overrides.js). (Source: refine.dev blog (https://refine.dev/blog/refine-pixels-6)) If the error persists after these steps, it might be due to a specific issue with your project setup or a bug in the libraries you're using. In that case, you might want to reach out to the maintainers of the Casbin library or the refine community for more specific help. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------

kapa.ai•12mo ago

<@110864105035808768> kapa.ai is still learning and improving, please let us know how it did by reacting below

genetic-orange•12mo ago

@kapa.ai do you know how can I make an access control with CASL?

kapa.ai•12mo ago

Let me check the knowledge base for you. One moment! :books: ---------------------- I'm sorry, but the provided extracts do not contain information on how to implement access control with CASL in a refine application. My knowledge is based on the information provided in the extracts, and they only cover the implementation of Role Based Access Control (RBAC) using Casbin in refine. For more information on how to implement access control in refine, you can refer to the refine access control documentation (https://refine.dev/docs/api-reference/core/providers/accessControl-provider/). For implementing access control with CASL, you might want to refer to the official CASL documentation or other relevant resources. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------

kapa.ai•12mo ago

<@110864105035808768> kapa.ai is still learning and improving, please let us know how it did by reacting below

curious-teal•12mo ago

Hey @jaoc1811 Do you get the same problem with the following example application? There may be changes in the Cerbos package. You can try using the versions here. https://github.com/refinedev/refine/tree/next/examples/access-control-cerbos

GitHub

refine/examples/access-control-cerbos at next · refinedev/refine

Build your React-based CRUD applications, without constraints. 🌟 Star to support our work! - refinedev/refine

genetic-orange•12mo ago

Hi! I have not tried with Cerbos yet, I was looking with a simple solution like Casbin. But I have not succeed yet. Maybe I'm gonna try with cerbos But checking the casbin example, I saw that they use casbin 5.15.2 and I'm using 5.26. I'm going to install the same version and try again I made it! I had to copy the vite.config.js from the casbin example. I don't know why it was so different to the file generated by refine. I'm gonna mark it as resolved, thanks!