llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-04 13:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add and load policy within a specific permission (#1357)

Browse Source 
* fix: add and load policy with a specific permission

* fix: use a clear variable name
This commit is contained in:
imp2002
2022-12-05 17:07:10 +08:00
committed by GitHub
parent 78e45d07cf
commit 812c44e070
1 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
object/permission_enforcer.go
View File

@ -65,22 +65,27 @@ m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act`
panic(err) panic(err)
} }
// load Policy with a specific Permission
enforcer.LoadFilteredPolicy(xormadapter.Filter{
V5: []string{permission.Owner + "/" + permission.Name},
})
return enforcer return enforcer
} }
func getPolicies(permission *Permission) ([][]string, [][]string) { func getPolicies(permission *Permission) ([][]string, [][]string) {
var policies [][]string var policies [][]string
var groupingPolicies [][]string var groupingPolicies [][]string
permissionId := permission.Owner + "/" + permission.Name
domainExist := len(permission.Domains) > 0 domainExist := len(permission.Domains) > 0
for _, user := range permission.Users { for _, user := range permission.Users {
for _, resource := range permission.Resources { for _, resource := range permission.Resources {
for _, action := range permission.Actions { for _, action := range permission.Actions {
if domainExist { if domainExist {
for _, domain := range permission.Domains { for _, domain := range permission.Domains {
policies = append(policies, []string{user, domain, resource, strings.ToLower(action)}) policies = append(policies, []string{user, domain, resource, strings.ToLower(action), "", permissionId})
} }
} else { } else {
policies = append(policies, []string{user, resource, strings.ToLower(action)}) policies = append(policies, []string{user, resource, strings.ToLower(action), "", "", permissionId})
} }
} }
} }
@ -90,29 +95,29 @@ func getPolicies(permission *Permission) ([][]string, [][]string) {
for _, subUser := range roleObj.Users { for _, subUser := range roleObj.Users {
if domainExist { if domainExist {
for _, domain := range permission.Domains { for _, domain := range permission.Domains {
groupingPolicies = append(groupingPolicies, []string{subUser, domain, role}) groupingPolicies = append(groupingPolicies, []string{subUser, domain, role, "", "", permissionId})
} }
} else { } else {
groupingPolicies = append(groupingPolicies, []string{subUser, role}) groupingPolicies = append(groupingPolicies, []string{subUser, role, "", "", "", permissionId})
} }
} }
for _, subRole := range roleObj.Roles { for _, subRole := range roleObj.Roles {
if domainExist { if domainExist {
for _, domain := range permission.Domains { for _, domain := range permission.Domains {
groupingPolicies = append(groupingPolicies, []string{subRole, domain, role}) groupingPolicies = append(groupingPolicies, []string{subRole, domain, role, "", "", permissionId})
} }
} else { } else {
groupingPolicies = append(groupingPolicies, []string{subRole, role}) groupingPolicies = append(groupingPolicies, []string{subRole, role, "", "", "", permissionId})
} }
} }
for _, resource := range permission.Resources { for _, resource := range permission.Resources {
for _, action := range permission.Actions { for _, action := range permission.Actions {
if domainExist { if domainExist {
for _, domain := range permission.Domains { for _, domain := range permission.Domains {
policies = append(policies, []string{role, domain, resource, strings.ToLower(action)}) policies = append(policies, []string{role, domain, resource, strings.ToLower(action), "", permissionId})
} }
} else { } else {
policies = append(policies, []string{role, resource, strings.ToLower(action)}) policies = append(policies, []string{role, resource, strings.ToLower(action), "", "", permissionId})
} }
} }
} }