Add AI/LLM policy support ("a" type) with natural language evaluation #1695

Copilot · 2026-01-25T08:54:43Z

Implementation Plan for AI/LLM Policy Support ("a" type)

Summary

Successfully implemented AI/LLM policy support ("a" type) in Casbin with comprehensive error handling and robust parsing.

Recent Changes:

Terminology update: Changed "description" to "prompt" throughout the codebase for consistency with LLM terminology
- Updated model configuration: a = prompt instead of a = description
- Renamed variable policyDescription to policyPrompt
- Updated comments to reflect the terminology change

Core Changes:

Model Support: Added "a" section to sectionNameMap for ai_policy_definition
Policy Management: Implemented full CRUD operations (Get, Add, Remove, Update, Filter) for AI policies
Enforcement Logic: AI policies are evaluated first via LLM API, with fallback to traditional policies
AI Integration: Created evaluateAIPolicy() function that calls configured LLM to evaluate policy rules
Error Handling: Added logging for AI policy evaluation errors to aid debugging
Robust Parsing: Improved AI response parsing to use HasPrefix instead of Contains to avoid false positives
Code Quality: Refactored complex nested blocks into helper functions for better maintainability

Files Modified/Created:

model/model.go - Added "a" section support
model/policy.go - Added ClearPolicy support for "a" policies
ai_api.go - Added evaluateAIPolicy() with robust parsing, uses "prompt" terminology
ai_policy_api.go - Complete management API
enforcer.go - Integrated AI policy evaluation with reduced complexity, uses "prompt" terminology
ai_policy_api_test.go - Comprehensive test suite
examples/ai_policy_model.conf - Uses "a = prompt" definition

Testing:

All tests pass (17.5s for full suite)
No regressions introduced
CodeQL security scan: 0 vulnerabilities found
CI checks: Passing

Original prompt

This section details on the original issue you should resolve

<issue_title>[feature] support the new "a" type policies (aka LLM AI policy)</issue_title>
<issue_description>see: https://editor.casbin.org/#6W5HP2HEM

need to support the new "a" type policy (means AI LLM policy, can be "a", "a2", "a3" like p and g policy), like:
a, "if the request object contains anything like credential/secret leak, then deny"
so Casbin will call the LLM API (use the new Explain API in: 0fe9505) to determine the "a" policy: "if the request object contains anything like credential/secret leak, then deny".

Casbin Policy Configuration

Model
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = ipMatch(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
Policy
p, 192.168.2.0/24, data1, read
p, 10.0.0.0/16, data2, write
a, "allow US residential IPs to read data1" # "residential" means not cloud IPs
a, "allow global cloud IPs to write data2"
Request
192.168.2.1, data1, read
10.0.2.3, data2, write
Enforcement Result
(empty)
```</issue_description>

## Comments on the Issue (you are @copilot in this section)

<comments>
</comments>

Fixes [feature] support the new "a" type policies (aka LLM AI policy) #1692

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

CLAassistant · 2026-01-25T08:54:50Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ hsluoyz
❌ Copilot
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

Co-authored-by: hsluoyz <[email protected]>

…ror logging Co-authored-by: hsluoyz <[email protected]>

hsluoyz · 2026-01-25T10:28:42Z

@copilot fix failed CI check: https://github.com/casbin/casbin/actions/runs/21330100245?pr=1695

Annotations
3 errors and 2 warnings
[golangci](https://github.com/casbin/casbin/actions/runs/21330100245/job/61393668925#step:4:28)
issues found
[golangci: enforcer.go#L806](https://github.com/casbin/casbin/pull/1695/files#annotation_44644261286)
`if ok` has complex nested blocks (complexity: 15) (nestif)
[golangci: ai_api.go#L275](https://github.com/casbin/casbin/pull/1695/files#annotation_44644261291)
File is not `goimports`-ed (goimports)

…o ai_api.go Co-authored-by: hsluoyz <[email protected]>

Copilot · 2026-01-25T10:32:03Z

@copilot fix failed CI check: https://github.com/casbin/casbin/actions/runs/21330100245?pr=1695

...

Fixed both CI issues in commit e2bab52:

Reduced complexity in enforcer.go: Refactored the nested AI policy evaluation logic into two helper functions (checkAIPolicies and logAIPolicyError), reducing the complexity from 15 to acceptable levels.
Fixed goimports issue in ai_api.go: Applied goimports to remove trailing newline.

All tests pass successfully.

github-actions · 2026-01-25T12:15:06Z

Benchmark Comparison

Comparing base branch (0fe9505)
vs PR branch (95e8c3b)

goos: linux
goarch: amd64
pkg: github.com/casbin/casbin/v3
cpu: AMD EPYC 7763 64-Core Processor                
                                                 │ base-bench.txt │             pr-bench.txt             │
                                                 │     sec/op     │    sec/op     vs base                      Diff          │
CachedRaw                                          15.37n ± ∞ ¹   15.07n ± ∞ ¹       ~ (p=1.000 n=1) ²         -1.95% ➡️
CachedBasicModel                                   172.6n ± ∞ ¹   179.7n ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.11% ➡️
CachedRBACModel                                    175.5n ± ∞ ¹   180.4n ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.79% ➡️
CachedRBACModelSmall                               176.8n ± ∞ ¹   183.3n ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.68% ➡️
CachedRBACModelMedium                              188.2n ± ∞ ¹   183.4n ± ∞ ¹       ~ (p=1.000 n=1) ²         -2.55% ➡️
CachedRBACModelLarge                               154.9n ± ∞ ¹   156.5n ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.03% ➡️
CachedRBACModelWithResourceRoles                   172.0n ± ∞ ¹   178.8n ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.95% ➡️
CachedRBACModelWithDomains                         179.1n ± ∞ ¹   183.1n ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.23% ➡️
CachedABACModel                                    2.742µ ± ∞ ¹   2.784µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.53% ➡️
CachedKeyMatchModel                                191.0n ± ∞ ¹   199.3n ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.35% ➡️
CachedRBACModelWithDeny                            174.1n ± ∞ ¹   180.6n ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.73% ➡️
CachedPriorityModel                                175.1n ± ∞ ¹   179.4n ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.46% ➡️
CachedWithEnforceContext                           249.5n ± ∞ ¹   239.1n ± ∞ ¹       ~ (p=1.000 n=1) ²         -4.17% ➡️
CachedRBACModelMediumParallel                      166.9n ± ∞ ¹   167.2n ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.18% ➡️
HasPolicySmall                                     433.9n ± ∞ ¹   443.7n ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.26% ➡️
HasPolicyMedium                                    447.7n ± ∞ ¹   469.6n ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.89% ➡️
HasPolicyLarge                                     470.7n ± ∞ ¹   474.3n ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.76% ➡️
AddPolicySmall                                     518.7n ± ∞ ¹   525.6n ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.33% ➡️
AddPolicyMedium                                    610.1n ± ∞ ¹   611.4n ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.21% ➡️
AddPolicyLarge                                     1.153µ ± ∞ ¹   1.180µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.34% ➡️
RemovePolicySmall                                  512.1n ± ∞ ¹   515.1n ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.59% ➡️
RemovePolicyMedium                                 539.7n ± ∞ ¹   543.3n ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.67% ➡️
RemovePolicyLarge                                  577.1n ± ∞ ¹   574.4n ± ∞ ¹       ~ (p=1.000 n=1) ²         -0.47% ➡️
Raw                                                15.09n ± ∞ ¹   15.39n ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.99% ➡️
BasicModel                                         3.573µ ± ∞ ¹   3.614µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.15% ➡️
RBACModel                                          5.244µ ± ∞ ¹   5.354µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.10% ➡️
RBACModelSizes/small                               47.56µ ± ∞ ¹   48.63µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.25% ➡️
RBACModelSizes/medium                              469.0µ ± ∞ ¹   489.2µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.31% ➡️
RBACModelSizes/large                               5.236m ± ∞ ¹   5.242m ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.11% ➡️
RBACModelSmall                                     56.05µ ± ∞ ¹   56.89µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.50% ➡️
RBACModelMedium                                    537.2µ ± ∞ ¹   541.5µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.80% ➡️
RBACModelLarge                                     5.823m ± ∞ ¹   5.858m ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.60% ➡️
RBACModelWithResourceRoles                         4.300µ ± ∞ ¹   4.484µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.28% ➡️
RBACModelWithDomains                               4.876µ ± ∞ ¹   4.977µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.07% ➡️
ABACModel                                          2.620µ ± ∞ ¹   2.813µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +7.37% ➡️
ABACRuleModel                                      3.873m ± ∞ ¹   4.027m ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.98% ➡️
KeyMatchModel                                      5.765µ ± ∞ ¹   5.990µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.90% ➡️
RBACModelWithDeny                                  6.653µ ± ∞ ¹   6.845µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +2.89% ➡️
PriorityModel                                      3.985µ ± ∞ ¹   4.119µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +3.36% ➡️
RBACModelWithDomainPatternLarge                    12.31µ ± ∞ ¹   12.92µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +4.96% ➡️
RoleManagerSmall                                   48.03µ ± ∞ ¹   47.48µ ± ∞ ¹       ~ (p=1.000 n=1) ²         -1.15% ➡️
RoleManagerMedium                                  535.0µ ± ∞ ¹   535.7µ ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.13% ➡️
RoleManagerLarge                                   5.734m ± ∞ ¹   5.777m ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.75% ➡️
BuildRoleLinksWithPatternLarge                     279.9m ± ∞ ¹   283.0m ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.11% ➡️
BuildRoleLinksWithDomainPatternLarge               8.720m ± ∞ ¹   9.322m ± ∞ ¹       ~ (p=1.000 n=1) ²         +6.90% ➡️
BuildRoleLinksWithPatternAndDomainPatternLarge     286.2m ± ∞ ¹   290.4m ± ∞ ¹       ~ (p=1.000 n=1) ²         +1.47% ➡️
HasLinkWithPatternLarge                            976.5n ± ∞ ¹   973.0n ± ∞ ¹       ~ (p=1.000 n=1) ²         -0.36% ➡️
HasLinkWithDomainPatternLarge                      345.4n ± ∞ ¹   331.6n ± ∞ ¹       ~ (p=1.000 n=1) ²         -4.00% ➡️
HasLinkWithPatternAndDomainPatternLarge            975.2n ± ∞ ¹   973.0n ± ∞ ¹       ~ (p=1.000 n=1) ²         -0.23% ➡️
ConcurrentHasLinkWithMatching                      1.151µ ± ∞ ¹   1.151µ ± ∞ ¹       ~ (p=1.000 n=1) ³         +0.00% ➡️
geomean                                              4.869µ         4.952µ                                     +1.70% ➡️
¹ need >= 6 samples for confidence interval at level 0.95
² need >= 4 samples to detect a difference at alpha level 0.05
³ all samples are equal

                                                 │ base-bench.txt │             pr-bench.txt              │
                                                 │      B/op      │     B/op       vs base                     Diff          │
CachedRaw                                           0.000 ± ∞ ¹     0.000 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedBasicModel                                    104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModel                                     104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelSmall                                104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelMedium                               104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelLarge                                96.00 ± ∞ ¹     96.00 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelWithResourceRoles                    104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelWithDomains                          120.0 ± ∞ ¹     120.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedABACModel                                   1.509Ki ± ∞ ¹   1.517Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.53% ➡️
CachedKeyMatchModel                                 152.0 ± ∞ ¹     152.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelWithDeny                             104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedPriorityModel                                 104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedWithEnforceContext                            176.0 ± ∞ ¹     176.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
CachedRBACModelMediumParallel                       104.0 ± ∞ ¹     104.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
HasPolicySmall                                      102.0 ± ∞ ¹     102.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
HasPolicyMedium                                     109.0 ± ∞ ¹     109.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
HasPolicyLarge                                      117.0 ± ∞ ¹     117.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
AddPolicySmall                                      152.0 ± ∞ ¹     152.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
AddPolicyMedium                                     166.0 ± ∞ ¹     166.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
AddPolicyLarge                                      414.0 ± ∞ ¹     415.0 ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.24% ➡️
RemovePolicySmall                                   166.0 ± ∞ ¹     166.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
RemovePolicyMedium                                  173.0 ± ∞ ¹     174.0 ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.58% ➡️
RemovePolicyLarge                                   181.0 ± ∞ ¹     181.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
Raw                                                 0.000 ± ∞ ¹     0.000 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
BasicModel                                        1.479Ki ± ∞ ¹   1.488Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.61% ➡️
RBACModel                                         2.021Ki ± ∞ ¹   2.035Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.69% ➡️
RBACModelSizes/small                              19.66Ki ± ∞ ¹   19.79Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.66% ➡️
RBACModelSizes/medium                             186.8Ki ± ∞ ¹   187.3Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.27% ➡️
RBACModelSizes/large                              1.813Mi ± ∞ ¹   1.811Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        -0.11% ➡️
RBACModelSmall                                    19.75Ki ± ∞ ¹   19.95Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +1.01% ➡️
RBACModelMedium                                   189.5Ki ± ∞ ¹   189.9Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.21% ➡️
RBACModelLarge                                    1.840Mi ± ∞ ¹   1.840Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.00% ➡️
RBACModelWithResourceRoles                        1.800Ki ± ∞ ¹   1.809Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.50% ➡️
RBACModelWithDomains                              1.791Ki ± ∞ ¹   1.800Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.50% ➡️
ABACModel                                         1.497Ki ± ∞ ¹   1.507Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.67% ➡️
ABACRuleModel                                     1.244Mi ± ∞ ¹   1.252Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.64% ➡️
KeyMatchModel                                     2.998Ki ± ∞ ¹   3.017Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.63% ➡️
RBACModelWithDeny                                 2.429Ki ± ∞ ¹   2.444Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.62% ➡️
PriorityModel                                     1.726Ki ± ∞ ¹   1.737Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.64% ➡️
RBACModelWithDomainPatternLarge                   8.684Ki ± ∞ ¹   8.693Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.10% ➡️
RoleManagerSmall                                    800.0 ± ∞ ¹     800.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
RoleManagerMedium                                 13.63Ki ± ∞ ¹   13.63Ki ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
RoleManagerLarge                                  224.6Ki ± ∞ ¹   224.6Ki ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.00% ➡️
BuildRoleLinksWithPatternLarge                    60.75Mi ± ∞ ¹   60.89Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.23% ➡️
BuildRoleLinksWithDomainPatternLarge              3.944Mi ± ∞ ¹   3.946Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.05% ➡️
BuildRoleLinksWithPatternAndDomainPatternLarge    62.36Mi ± ∞ ¹   62.50Mi ± ∞ ¹       ~ (p=1.000 n=1) ³        +0.22% ➡️
HasLinkWithPatternLarge                             112.0 ± ∞ ¹     112.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
HasLinkWithDomainPatternLarge                       16.00 ± ∞ ¹     16.00 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
HasLinkWithPatternAndDomainPatternLarge             112.0 ± ∞ ¹     112.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
ConcurrentHasLinkWithMatching                       736.0 ± ∞ ¹     736.0 ± ∞ ¹       ~ (p=1.000 n=1) ²        +0.00% ➡️
geomean                                                         ⁴                                              +0.19% ➡️               ⁴
¹ need >= 6 samples for confidence interval at level 0.95
² all samples are equal
³ need >= 4 samples to detect a difference at alpha level 0.05
⁴ summaries must be >0 to compute geomean

                                                 │ base-bench.txt │             pr-bench.txt             │
                                                 │   allocs/op    │  allocs/op    vs base                      Diff          │
CachedRaw                                           0.000 ± ∞ ¹    0.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedBasicModel                                    4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModel                                     4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelSmall                                4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelMedium                               4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelLarge                                3.000 ± ∞ ¹    3.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelWithResourceRoles                    4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelWithDomains                          4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedABACModel                                     18.00 ± ∞ ¹    18.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedKeyMatchModel                                 4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelWithDeny                             4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedPriorityModel                                 4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedWithEnforceContext                            4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
CachedRBACModelMediumParallel                       4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
HasPolicySmall                                      4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
HasPolicyMedium                                     4.000 ± ∞ ¹    4.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
HasPolicyLarge                                      5.000 ± ∞ ¹    5.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
AddPolicySmall                                      6.000 ± ∞ ¹    6.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
AddPolicyMedium                                     7.000 ± ∞ ¹    7.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
AddPolicyLarge                                      9.000 ± ∞ ¹    9.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RemovePolicySmall                                   7.000 ± ∞ ¹    7.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RemovePolicyMedium                                  7.000 ± ∞ ¹    7.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RemovePolicyLarge                                   8.000 ± ∞ ¹    8.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
Raw                                                 0.000 ± ∞ ¹    0.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
BasicModel                                          18.00 ± ∞ ¹    18.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModel                                           36.00 ± ∞ ¹    36.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelSizes/small                                481.0 ± ∞ ¹    481.0 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelSizes/medium                              4.829k ± ∞ ¹   4.829k ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelSizes/large                               48.19k ± ∞ ¹   48.15k ± ∞ ¹       ~ (p=1.000 n=1) ³         -0.08% ➡️
RBACModelSmall                                      616.0 ± ∞ ¹    616.0 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelMedium                                    6.016k ± ∞ ¹   6.016k ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelLarge                                     60.08k ± ∞ ¹   60.08k ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelWithResourceRoles                          28.00 ± ∞ ¹    28.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelWithDomains                                26.00 ± ∞ ¹    26.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
ABACModel                                           17.00 ± ∞ ¹    17.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
ABACRuleModel                                      37.09k ± ∞ ¹   37.09k ± ∞ ¹       ~ (p=1.000 n=1) ³         +0.00% ➡️
KeyMatchModel                                       38.00 ± ∞ ¹    38.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelWithDeny                                   50.00 ± ∞ ¹    50.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
PriorityModel                                       23.00 ± ∞ ¹    23.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RBACModelWithDomainPatternLarge                     73.00 ± ∞ ¹    73.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RoleManagerSmall                                    100.0 ± ∞ ¹    100.0 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RoleManagerMedium                                  1.744k ± ∞ ¹   1.744k ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
RoleManagerLarge                                   19.74k ± ∞ ¹   19.74k ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
BuildRoleLinksWithPatternLarge                     3.560M ± ∞ ¹   3.560M ± ∞ ¹       ~ (p=1.000 n=1) ³         +0.00% ➡️
BuildRoleLinksWithDomainPatternLarge               120.2k ± ∞ ¹   120.2k ± ∞ ¹       ~ (p=1.000 n=1) ³         +0.00% ➡️
BuildRoleLinksWithPatternAndDomainPatternLarge     3.637M ± ∞ ¹   3.637M ± ∞ ¹       ~ (p=1.000 n=1) ³         +0.00% ➡️
HasLinkWithPatternLarge                             9.000 ± ∞ ¹    9.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
HasLinkWithDomainPatternLarge                       1.000 ± ∞ ¹    1.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
HasLinkWithPatternAndDomainPatternLarge             9.000 ± ∞ ¹    9.000 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
ConcurrentHasLinkWithMatching                       11.00 ± ∞ ¹    11.00 ± ∞ ¹       ~ (p=1.000 n=1) ²         +0.00% ➡️
geomean                                                         ⁴                                              -0.00% ➡️               ⁴
¹ need >= 6 samples for confidence interval at level 0.95
² all samples are equal
³ need >= 4 samples to detect a difference at alpha level 0.05
⁴ summaries must be >0 to compute geomean

_{🤖 This comment will be automatically updated with the latest benchmark results.}

hsluoyz · 2026-01-25T12:50:16Z

@copilot

[ai_policy_definition]
a = description

change "description" to "prompt" everywhere in the code

Co-authored-by: hsluoyz <[email protected]>

Copilot · 2026-01-25T12:53:05Z

@copilot

...

Changed "description" to "prompt" everywhere in commit 9b12cb4:

Updated model configuration: a = prompt in examples/ai_policy_model.conf
Renamed variable policyDescription to policyPrompt in both enforcer.go and ai_api.go
Updated comments to reflect the new terminology

All tests pass successfully.

Initial plan

0c5cebe

Copilot AI assigned Copilot and hsluoyz Jan 25, 2026

hsluoyz marked this pull request as ready for review January 25, 2026 08:55

Copilot started work on behalf of hsluoyz January 25, 2026 08:55 View session

Copilot AI and others added 4 commits January 25, 2026 08:57

Add AI policy ("a" type) support to model and enforcer

a9fcad3

Co-authored-by: hsluoyz <[email protected]>

Add AI policy tests and example files

a8b0dfe

Co-authored-by: hsluoyz <[email protected]>

Fix AI policy enforcement logic and update tests

282c792

Co-authored-by: hsluoyz <[email protected]>

Address code review feedback - improve AI response parsing and add er…

be8a298

…ror logging Co-authored-by: hsluoyz <[email protected]>

Copilot AI changed the title ~~[WIP] Add support for new 'a' type policies in Casbin~~ Add AI/LLM policy support ("a" type) with natural language evaluation Jan 25, 2026

Copilot AI requested a review from hsluoyz January 25, 2026 09:08

Copilot finished work on behalf of hsluoyz January 25, 2026 09:08

Copilot started work on behalf of hsluoyz January 25, 2026 10:29 View session

Fix CI issues: reduce complexity in enforcer.go and apply goimports t…

e2bab52

…o ai_api.go Co-authored-by: hsluoyz <[email protected]>

Copilot finished work on behalf of hsluoyz January 25, 2026 10:32

Update enforcer.go

95e8c3b

Copilot started work on behalf of hsluoyz January 25, 2026 12:50 View session

Rename "description" to "prompt" in AI policy definition

9b12cb4

Co-authored-by: hsluoyz <[email protected]>

Copilot finished work on behalf of hsluoyz January 25, 2026 12:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add AI/LLM policy support ("a" type) with natural language evaluation #1695

Add AI/LLM policy support ("a" type) with natural language evaluation #1695

Copilot AI commented Jan 25, 2026 •

edited

Loading

Uh oh!

CLAassistant commented Jan 25, 2026 •

edited

Loading

Uh oh!

hsluoyz commented Jan 25, 2026

Uh oh!

Copilot AI commented Jan 25, 2026

Uh oh!

github-actions bot commented Jan 25, 2026

Uh oh!

hsluoyz commented Jan 25, 2026

Uh oh!

Copilot AI commented Jan 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Uh oh!

Add AI/LLM policy support ("a" type) with natural language evaluation #1695

Are you sure you want to change the base?

Add AI/LLM policy support ("a" type) with natural language evaluation #1695

Conversation

Copilot AI commented Jan 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Implementation Plan for AI/LLM Policy Support ("a" type)

Summary

Recent Changes:

Core Changes:

Files Modified/Created:

Testing:

Casbin Policy Configuration

Model

Policy

Request

Enforcement Result

Uh oh!

CLAassistant commented Jan 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

hsluoyz commented Jan 25, 2026

Uh oh!

Copilot AI commented Jan 25, 2026

Uh oh!

github-actions bot commented Jan 25, 2026

Benchmark Comparison

Uh oh!

hsluoyz commented Jan 25, 2026

Uh oh!

Copilot AI commented Jan 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Copilot AI commented Jan 25, 2026 •

edited

Loading

CLAassistant commented Jan 25, 2026 •

edited

Loading