diff --git a/config/config/policy.csv b/config/config/policy.csv
new file mode 100644
index 0000000..57aaa97
--- /dev/null
+++ b/config/config/policy.csv
@@ -0,0 +1,2 @@
+p, alice, data1, read
+p, bob, data2, write
\ No newline at end of file
diff --git a/config/model.conf b/config/model.conf
new file mode 100644
index 0000000..dc6da81
--- /dev/null
+++ b/config/model.conf
@@ -0,0 +1,11 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
\ No newline at end of file
diff --git a/go.mod b/go.mod
index c51dc52..2efa312 100644
--- a/go.mod
+++ b/go.mod
@@ -6,6 +6,7 @@ require github.com/emersion/go-imap v1.0.4
 
 require (
 	github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394
+	github.com/casbin/casbin/v2 v2.7.2
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/emersion/go-message v0.11.2
 	github.com/emersion/go-sasl v0.0.0-20200509203442-7bfe0ed36a21
diff --git a/go.sum b/go.sum
index 3104dfe..e93377d 100644
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,11 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw=
+github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394 h1:OYA+5W64v3OgClL+IrOD63t4i/RW7RqrAVl9LTZ9UqQ=
 github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394/go.mod h1:Q8n74mJTIgjX4RBBcHnJ05h//6/k6foqmgE45jTQtxg=
+github.com/casbin/casbin/v2 v2.7.2 h1:PM/u9RGCZmlN4/cpS3FbVqCXG+H5806faG7QGwEy+lE=
+github.com/casbin/casbin/v2 v2.7.2/go.mod h1:XXtYGrs/0zlOsJMeRteEdVi/FsB0ph7KgNfjoCoJUD8=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
diff --git a/middleware/casbin.go b/middleware/casbin.go
new file mode 100644
index 0000000..da7aa2d
--- /dev/null
+++ b/middleware/casbin.go
@@ -0,0 +1,9 @@
+package middleware
+
+import (
+	"github.com/casbin/casbin/v2"
+	"github.com/gin-gonic/gin"
+)
+func CasbinACL(c *gin.Context){
+	_, _ := casbin.NewEnforcer("config/model.conf", "config/policy.csv")
+}