How-to
Inspect the policy
List rules programmatically
var policies = (CasbinAuthorizationProvider)client.Authorization;
foreach (var rule in policies.ListRules())
{
Console.WriteLine(rule.ToCsv());
} On-disk storage is always encrypted
Whichever storage mode is configured — single-agent local encryption (EnableLocalEncryption) or swarm-shared (EnableSwarmMode) — the bytes on disk are HexaEight-encrypted. There is no plain-text form to read with a text editor.
To see plaintext, always go through ListRules() in code. The on-disk file (e.g. relay-policy.he or <quorumStorageRoot>/policy.enc) cannot be inspected directly.
Check whether bootstrap mode is active
Console.WriteLine($"InBootstrap: {client.Authorization.IsInBootstrapMode}"); Check which storage mode is configured
var casbin = (CasbinAuthorizationProvider)client.Authorization;
Console.WriteLine($"EncryptedStorageConfigured: {casbin.IsEncryptedStorageConfigured}");
Console.WriteLine($"SwarmMode: {casbin.IsSwarmMode}"); See also
- Read the audit log How-to
- Trace a denied request How-to