llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve args of Enforce() API

Browse Source
This commit is contained in:
Yang Luo 2023-05-12 21:32:48 +08:00
parent 96a3db21a1
commit 776a682fae
3 changed files with 33 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
controllers/enforcer.go
View File

@ -21,26 +21,30 @@ import (
) )
func (c *ApiController) Enforce() { func (c *ApiController) Enforce() {
var permissionRule object.PermissionRule permissionId := c.Input().Get("permissionId")
err := json.Unmarshal(c.Ctx.Input.RequestBody, &permissionRule)
var request object.CasbinRequest
err := json.Unmarshal(c.Ctx.Input.RequestBody, &request)
if err != nil { if err != nil {
c.ResponseError(err.Error()) c.ResponseError(err.Error())
return return
} }
c.Data["json"] = object.Enforce(&permissionRule) c.Data["json"] = object.Enforce(permissionId, &request)
c.ServeJSON() c.ServeJSON()
} }
func (c *ApiController) BatchEnforce() { func (c *ApiController) BatchEnforce() {
var permissionRules []object.PermissionRule permissionId := c.Input().Get("permissionId")
err := json.Unmarshal(c.Ctx.Input.RequestBody, &permissionRules)
var requests []object.CasbinRequest
err := json.Unmarshal(c.Ctx.Input.RequestBody, &requests)
if err != nil { if err != nil {
c.ResponseError(err.Error()) c.ResponseError(err.Error())
return return
} }
c.Data["json"] = object.BatchEnforce(permissionRules) c.Data["json"] = object.BatchEnforce(permissionId, &requests)
c.ServeJSON() c.ServeJSON()
} }

36
object/permission.go
View File

@ -15,8 +15,6 @@
package object package object
import ( import (
"fmt"
"github.com/casdoor/casdoor/util" "github.com/casdoor/casdoor/util"
"github.com/xorm-io/core" "github.com/xorm-io/core"
) )
@ -65,30 +63,6 @@ func (p *Permission) GetId() string {
return util.GetId(p.Owner, p.Name) return util.GetId(p.Owner, p.Name)
} }
func (p *PermissionRule) GetRequest(adapterName string, permissionId string) ([]interface{}, error) {
request := []interface{}{p.V0, p.V1, p.V2}
if p.V3 != "" {
request = append(request, p.V3)
}
if p.V4 != "" {
request = append(request, p.V4)
}
if adapterName == builtInAdapter {
if p.V5 != "" {
return nil, fmt.Errorf("too many parameters. The maximum parameter number cannot exceed %d", builtInAvailableField)
}
return request, nil
} else {
if p.V5 != "" {
request = append(request, p.V5)
}
return request, nil
}
}
func GetPermissionCount(owner, field, value string) int { func GetPermissionCount(owner, field, value string) int {
session := GetSession(owner, -1, -1, field, value, "", "") session := GetSession(owner, -1, -1, field, value, "", "")
count, err := session.Count(&Permission{}) count, err := session.Count(&Permission{})
@ -271,6 +245,16 @@ func GetPermissionsBySubmitter(owner string, submitter string) []*Permission {
return permissions return permissions
} }
func GetPermissionsByModel(owner string, model string) []*Permission {
permissions := []*Permission{}
err := adapter.Engine.Desc("created_time").Find(&permissions, &Permission{Owner: owner, Model: model})
if err != nil {
panic(err)
}
return permissions
}
func ContainsAsterisk(userId string, users []string) bool { func ContainsAsterisk(userId string, users []string) bool {
containsAsterisk := false containsAsterisk := false
group, _ := util.GetOwnerAndNameFromId(userId) group, _ := util.GetOwnerAndNameFromId(userId)

27
object/permission_enforcer.go
View File

@ -62,7 +62,11 @@ func getEnforcer(permission *Permission) *casbin.Enforcer {
panic(err) panic(err)
} }
enforcer.InitWithModelAndAdapter(m, nil) err = enforcer.InitWithModelAndAdapter(m, nil)
if err != nil {
panic(err)
}
enforcer.SetAdapter(adapter) enforcer.SetAdapter(adapter)
policyFilter := xormadapter.Filter{ policyFilter := xormadapter.Filter{
@ -216,28 +220,23 @@ func removePolicies(permission *Permission) {
} }
} }
func Enforce(permissionRule *PermissionRule) bool { type CasbinRequest = []interface{}
permission := GetPermission(permissionRule.Id)
func Enforce(permissionId string, request *CasbinRequest) bool {
permission := GetPermission(permissionId)
enforcer := getEnforcer(permission) enforcer := getEnforcer(permission)
request, _ := permissionRule.GetRequest(builtInAdapter, permissionRule.Id) allow, err := enforcer.Enforce(*request...)
allow, err := enforcer.Enforce(request...)
if err != nil { if err != nil {
panic(err) panic(err)
} }
return allow return allow
} }
func BatchEnforce(permissionRules []PermissionRule) []bool { func BatchEnforce(permissionId string, requests *[]CasbinRequest) []bool {
var requests [][]interface{} permission := GetPermission(permissionId)
for _, permissionRule := range permissionRules {
request, _ := permissionRule.GetRequest(builtInAdapter, permissionRule.Id)
requests = append(requests, request)
}
permission := GetPermission(permissionRules[0].Id)
enforcer := getEnforcer(permission) enforcer := getEnforcer(permission)
allow, err := enforcer.BatchEnforce(requests) allow, err := enforcer.BatchEnforce(*requests)
if err != nil { if err != nil {
panic(err) panic(err)
} }