feat: replace externally hosted images with local assets

blog/2020-04-21-google-award.md

@@ -7,7 +7,7 @@ We are pleased to announce that Casbin’s founder, [Yang Luo](https://github.co
 
 <!-- truncate -->
 
-![ospb](https://hsluoyz.github.io/download/Open%20Source%20Peer%20Bonus%20Q3%202019%20-%20Yang%20Luo%20-%20OSPB%20Award%20Letter.png)
+![ospb](/img/blog/google-open-source-peer-bonus-award-letter.png)
 
 > The full award letter is available [here](https://github.com/hsluoyz/hsluoyz.github.io/blob/master/download/Open%20Source%20Peer%20Bonus%20Q3%202019%20-%20Yang%20Luo%20-%20OSPB%20Award%20Letter.pdf).
 

blog/2023-12-08-understanding-casbin-matching-in-detail.md

@@ -13,7 +13,7 @@ RBAC restricts access based on the roles users hold. To see how **hierarchical**
 
 ## Azure’s hierarchical RBAC
 
-![Azure Hierarchy](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-setup-guide/media/organize-resources/scope-levels.png)
+![Azure Hierarchy](/img/blog/azure-scope-levels.png)
 
 In Azure, the **Owner** role applies at different scopes. If I have **Owner** at the subscription level, I am Owner of all resource groups and resources under that subscription. If I have Owner at a resource group level, I am Owner of all resources in that group.
 

blog/authors.yml

@@ -2,33 +2,33 @@ hsluoyz:
   name: Yang Luo
   title: Creator of Casbin
   url: https://github.com/hsluoyz
-  image_url: https://avatars.githubusercontent.com/hsluoyz
+  image_url: /img/authors/hsluoyz.png
 
 BetaCat0:
   name: Helong Zhang
   title: Casbin Maintainer
   url: https://github.com/BetaCat0
-  image_url: https://avatars.githubusercontent.com/BetaCat0
+  image_url: /img/authors/BetaCat0.png
 
 nodece:
   name: Zixuan Liu
   title: Casbin Maintainer
   url: https://github.com/nodece
-  image_url: https://avatars.githubusercontent.com/nodece
+  image_url: /img/authors/nodece.png
 
 rushitote:
   name: Rushikesh Tote
   title: Member of Casbin
   url: https://github.com/rushitote
-  image_url: https://avatars.githubusercontent.com/rushitote
+  image_url: /img/authors/rushitote.png
 
 casbin:
   name: Casbin
   title: Official Account
   url: https://github.com/casbin
-  image_url: https://avatars.githubusercontent.com/casbin
+  image_url: /img/authors/casbin.png
 
 aravindarc:
   name: Aravinda Kumar
   url: https://github.com/aravindarc
-  image_url: https://avatars.githubusercontent.com/aravindarc
+  image_url: /img/authors/aravindarc.png

docs/AdminPortal.mdx

@@ -8,9 +8,9 @@ authors: [hsluoyz]
 
 **[Casdoor](https://casdoor.org)** is a web-based identity and access platform that can manage Casbin models and policies:
 
-![model editor](https://hsluoyz.github.io/casbin/ui_model_editor.png)
+![model editor](/img/docs/admin-portal-model-editor.png)
 
-![policy editor](https://hsluoyz.github.io/casbin/ui_policy_editor.png)
+![policy editor](/img/docs/admin-portal-policy-editor.png)
 
 The table below lists **third-party admin and app projects** that use Casbin for authorization. They are useful as references or starters for your own service.
 

docs/Function.mdx

@@ -55,40 +55,40 @@ Complete function details: [https://github.com/casbin/casbin/blob/master/util/bu
 
 1. Implement a function that takes the required arguments and returns a `bool`:
 
-```go
-func KeyMatch(key1 string, key2 string) bool {
-    i := strings.Index(key2, "*")
-    if i == -1 {
-        return key1 == key2
+    ```go
+    func KeyMatch(key1 string, key2 string) bool {
+        i := strings.Index(key2, "*")
+        if i == -1 {
+            return key1 == key2
+        }
+
+        if len(key1) > i {
+            return key1[:i] == key2[:i]
+        }
+        return key1 == key2[:i]
     }
-
-    if len(key1) > i {
-        return key1[:i] == key2[:i]
-    }
-    return key1 == key2[:i]
-}
-```
+    ```
 
 2. Wrap it for Casbin (signature `func(...interface{}) (interface{}, error)`):
 
-```go
-func KeyMatchFunc(args ...interface{}) (interface{}, error) {
-    name1 := args[0].(string)
-    name2 := args[1].(string)
+    ```go
+    func KeyMatchFunc(args ...interface{}) (interface{}, error) {
+        name1 := args[0].(string)
+        name2 := args[1].(string)
 
-    return (bool)(KeyMatch(name1, name2)), nil
-}
-```
+        return (bool)(KeyMatch(name1, name2)), nil
+    }
+    ```
 
 3. Register it on the enforcer:
 
-```go
-e.AddFunction("my_func", KeyMatchFunc)
-```
+    ```go
+    e.AddFunction("my_func", KeyMatchFunc)
+    ```
 
 4. Use it in your model:
 
-```ini
-[matchers]
-m = r.sub == p.sub && my_func(r.obj, p.obj) && r.act == p.act
-```
+    ```ini
+    [matchers]
+    m = r.sub == p.sub && my_func(r.obj, p.obj) && r.act == p.act
+    ```

docs/RBAC.mdx

@@ -39,9 +39,11 @@ m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
 So the request is allowed only if the request subject has the role given in the policy.
 
 :::note
+
 1. Casbin only stores and evaluates user–role (and resource–role) mappings; it does not validate that users or roles exist. That is the job of authentication.
 2. Do not reuse the same name for a user and a role (e.g. user `alice` and role `alice`), since Casbin cannot tell them apart. Use a prefix (e.g. `role_alice`) if needed.
 3. Role inheritance is transitive and unbounded: if A has role B and B has role C, then A effectively has role C.
+
 :::
 
 :::info Token name convention