feat(casbin): add support to build upon multi role links

Signed-off-by: Kevin <kevin.dsouza@apica.io>

Author: sokryptk

enforcer.go

@@ -175,6 +175,9 @@ func (e *Enforcer) InitWithAdapter(modelPath string, adapter persist.Adapter) er
 func (e *Enforcer) InitWithModelAndAdapter(m model.Model, adapter persist.Adapter) error {
 	e.adapter = adapter
 
+	// Global g* asserter
+	m.AddDef("g", "*", "_, _")
+	
 	e.model = m
 	m.SetLogger(e.logger)
 	e.model.PrintModel()

model/policy.go

@@ -228,6 +228,16 @@ func (model Model) AddPolicy(sec string, ptype string, rule []string) error {
 	assertion.Policy = append(assertion.Policy, rule)
 	assertion.PolicyMap[strings.Join(rule, DefaultSep)] = len(model[sec][ptype].Policy) - 1
 
+	if sec == "g" {
+		assertion, err := model.GetAssertion(sec, "*")
+		if err != nil {
+			return err
+		} else {
+			assertion.Policy = append(assertion.Policy, rule)
+			assertion.PolicyMap[strings.Join(rule, DefaultSep)] = len(model[sec]["*"].Policy) - 1
+		}
+	}
+
 	hasPriority := false
 	if _, ok := assertion.FieldIndexMap[constant.PriorityIndex]; ok {
 		hasPriority = true

rbac_api.go

@@ -324,7 +324,7 @@ func (e *Enforcer) GetImplicitUsersForRole(name string, domain ...string) ([]str
 // GetPermissionsForUser("alice") can only get: [["alice", "data2", "read"]].
 // But GetImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].
 func (e *Enforcer) GetImplicitPermissionsForUser(user string, domain ...string) ([][]string, error) {
-	return e.GetNamedImplicitPermissionsForUser("p", "g", user, domain...)
+	return e.GetNamedImplicitPermissionsForUser("p", "*", user, domain...)
 }
 
 // GetNamedImplicitPermissionsForUser gets implicit permissions for a user or role by named policy.