feat: change all occurrences when a object name is changed (#1252)

2025-05-23 02:35:49 +08:00 · 2022-11-02 00:17:38 +08:00 · 2022-11-02 00:17:38 +08:00 · a8381e875b
commit a8381e875b
parent 4c81fd7d16
7 changed files with 436 additions and 9 deletions
--- a/object/application.go
+++ b/object/application.go
@ -270,6 +270,13 @@ func UpdateApplication(id string, application *Application) bool {
 		application.Name = name
 	}

+	if name != application.Name {
+		err := applicationChangeTrigger(name, application.Name)
+		if err != nil {
+			return false
+		}
+	}
+
 	for _, providerItem := range application.Providers {
 		providerItem.Provider = nil
 	}
@ -400,3 +407,55 @@ func ExtendManagedAccountsWithUser(user *User) *User {

 	return user
 }
+
+func applicationChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	organization := new(Organization)
+	organization.DefaultApplication = newName
+	_, err = session.Where("default_application=?", oldName).Update(organization)
+	if err != nil {
+		return err
+	}
+
+	user := new(User)
+	user.SignupApplication = newName
+	_, err = session.Where("signup_application=?", oldName).Update(user)
+	if err != nil {
+		return err
+	}
+
+	resource := new(Resource)
+	resource.Application = newName
+	_, err = session.Where("application=?", oldName).Update(resource)
+	if err != nil {
+		return err
+	}
+
+	var permissions []*Permission
+	err = adapter.Engine.Find(&permissions)
+	if err != nil {
+		return err
+	}
+	for i := 0; i < len(permissions); i++ {
+		permissionResoureces := permissions[i].Resources
+		for j := 0; j < len(permissionResoureces); j++ {
+			if permissionResoureces[j] == oldName {
+				permissionResoureces[j] = newName
+			}
+		}
+		permissions[i].Resources = permissionResoureces
+		_, err = session.Where("name=?", permissions[i].Name).Update(permissions[i])
+		if err != nil {
+			return err
+		}
+	}
+
+	return session.Commit()
+}
--- a/object/cert.go
+++ b/object/cert.go
@ -114,6 +114,12 @@ func UpdateCert(id string, cert *Cert) bool {
 		return false
 	}

+	if name != cert.Name {
+		err := certChangeTrigger(name, cert.Name)
+		if err != nil {
+			return false
+		}
+	}
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(cert)
 	if err != nil {
 		panic(err)
@ -161,3 +167,22 @@ func getCertByApplication(application *Application) *Cert {
 func GetDefaultCert() *Cert {
 	return getCert("admin", "cert-built-in")
 }
+
+func certChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	application := new(Application)
+	application.Cert = newName
+	_, err = session.Where("cert=?", oldName).Update(application)
+	if err != nil {
+		return err
+	}
+
+	return session.Commit()
+}
--- a/object/model.go
+++ b/object/model.go
@ -92,6 +92,12 @@ func UpdateModel(id string, modelObj *Model) bool {
 		return false
 	}

+	if name != modelObj.Name {
+		err := modelChangeTrigger(name, modelObj.Name)
+		if err != nil {
+			return false
+		}
+	}
 	// check model grammar
 	_, err := model.NewModelFromString(modelObj.ModelText)
 	if err != nil {
@ -127,3 +133,22 @@ func DeleteModel(model *Model) bool {
 func (model *Model) GetId() string {
 	return fmt.Sprintf("%s/%s", model.Owner, model.Name)
 }
+
+func modelChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	permission := new(Permission)
+	permission.Model = newName
+	_, err = session.Where("model=?", oldName).Update(permission)
+	if err != nil {
+		return err
+	}
+
+	return session.Commit()
+}
--- a/object/organization.go
+++ b/object/organization.go
@ -16,6 +16,7 @@ package object

 import (
 	"fmt"
+	"strings"

 	"github.com/casdoor/casdoor/cred"
 	"github.com/casdoor/casdoor/i18n"
@ -134,15 +135,10 @@ func UpdateOrganization(id string, organization *Organization) bool {
 	}

 	if name != organization.Name {
-		go func() {
-			application := new(Application)
-			application.Organization = organization.Name
-			_, _ = adapter.Engine.Where("organization=?", name).Update(application)
-
-			user := new(User)
-			user.Owner = organization.Name
-			_, _ = adapter.Engine.Where("owner=?", name).Update(user)
-		}()
+		err := organizationChangeTrigger(name, organization.Name)
+		if err != nil {
+			return false
+		}
 	}

 	if organization.MasterPassword != "" && organization.MasterPassword != "***" {
@ -252,3 +248,148 @@ func GetDefaultApplication(id string) (*Application, error) {

 	return defaultApplication, nil
 }
+
+func organizationChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	application := new(Application)
+	application.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(application)
+	if err != nil {
+		return err
+	}
+
+	user := new(User)
+	user.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(user)
+	if err != nil {
+		return err
+	}
+
+	role := new(Role)
+	_, err = adapter.Engine.Where("owner=?", oldName).Get(role)
+	if err != nil {
+		return err
+	}
+	for i, u := range role.Users {
+		// u = organization/username
+		split := strings.Split(u, "/")
+		if split[0] == oldName {
+			split[0] = newName
+			role.Users[i] = split[0] + "/" + split[1]
+		}
+	}
+	for i, u := range role.Roles {
+		// u = organization/username
+		split := strings.Split(u, "/")
+		if split[0] == oldName {
+			split[0] = newName
+			role.Roles[i] = split[0] + "/" + split[1]
+		}
+	}
+	role.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(role)
+	if err != nil {
+		return err
+	}
+
+	permission := new(Permission)
+	_, err = adapter.Engine.Where("owner=?", oldName).Get(permission)
+	if err != nil {
+		return err
+	}
+	for i, u := range permission.Users {
+		// u = organization/username
+		split := strings.Split(u, "/")
+		if split[0] == oldName {
+			split[0] = newName
+			permission.Users[i] = split[0] + "/" + split[1]
+		}
+	}
+	for i, u := range permission.Roles {
+		// u = organization/username
+		split := strings.Split(u, "/")
+		if split[0] == oldName {
+			split[0] = newName
+			permission.Roles[i] = split[0] + "/" + split[1]
+		}
+	}
+	permission.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(permission)
+	if err != nil {
+		return err
+	}
+
+	casbinAdapter := new(CasbinAdapter)
+	casbinAdapter.Owner = newName
+	casbinAdapter.Organization = newName
+	_, err = session.Where("owner=?", oldName).Update(casbinAdapter)
+	if err != nil {
+		return err
+	}
+
+	ldap := new(Ldap)
+	ldap.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(ldap)
+	if err != nil {
+		return err
+	}
+
+	model := new(Model)
+	model.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(model)
+	if err != nil {
+		return err
+	}
+
+	payment := new(Payment)
+	payment.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(payment)
+	if err != nil {
+		return err
+	}
+
+	record := new(Record)
+	record.Owner = newName
+	record.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(record)
+	if err != nil {
+		return err
+	}
+
+	resource := new(Resource)
+	resource.Owner = newName
+	_, err = session.Where("owner=?", oldName).Update(resource)
+	if err != nil {
+		return err
+	}
+
+	syncer := new(Syncer)
+	syncer.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(syncer)
+	if err != nil {
+		return err
+	}
+
+	token := new(Token)
+	token.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(token)
+	if err != nil {
+		return err
+	}
+
+	webhook := new(Webhook)
+	webhook.Organization = newName
+	_, err = session.Where("organization=?", oldName).Update(webhook)
+	if err != nil {
+		return err
+	}
+
+	return session.Commit()
+}
--- a/object/provider.go
+++ b/object/provider.go
@ -175,6 +175,13 @@ func UpdateProvider(id string, provider *Provider) bool {
 		return false
 	}

+	if name != provider.Name {
+		err := providerChangeTrigger(name, provider.Name)
+		if err != nil {
+			return false
+		}
+	}
+
 	session := adapter.Engine.ID(core.PK{owner, name}).AllCols()
 	if provider.ClientSecret == "***" {
 		session = session.Omit("client_secret")
@ -262,3 +269,41 @@ func GetCaptchaProviderByApplication(applicationId, isCurrentProvider, lang stri
 	}
 	return nil, nil
 }
+
+func providerChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	var applications []*Application
+	err = adapter.Engine.Find(&applications)
+	if err != nil {
+		return err
+	}
+	for i := 0; i < len(applications); i++ {
+		providers := applications[i].Providers
+		for j := 0; j < len(providers); j++ {
+			if providers[j].Name == oldName {
+				providers[j].Name = newName
+			}
+		}
+		applications[i].Providers = providers
+		_, err = session.Where("name=?", applications[i].Name).Update(applications[i])
+		if err != nil {
+			return err
+		}
+	}
+
+	resource := new(Resource)
+	resource.Provider = newName
+	_, err = session.Where("provider=?", oldName).Update(resource)
+	if err != nil {
+		return err
+	}
+
+	return session.Commit()
+}
--- a/object/role.go
+++ b/object/role.go
@ -16,6 +16,7 @@ package object

 import (
 	"fmt"
+	"strings"

 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@ -94,6 +95,13 @@ func UpdateRole(id string, role *Role) bool {
 		return false
 	}

+	if name != role.Name {
+		err := roleChangeTrigger(name, role.Name)
+		if err != nil {
+			return false
+		}
+	}
+
 	affected, err := adapter.Engine.ID(core.PK{owner, name}).AllCols().Update(role)
 	if err != nil {
 		panic(err)
@ -133,3 +141,54 @@ func GetRolesByUser(userId string) []*Role {

 	return roles
 }
+
+func roleChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	var roles []*Role
+	err = adapter.Engine.Find(&roles)
+	if err != nil {
+		return err
+	}
+	for _, role := range roles {
+		for j, u := range role.Roles {
+			split := strings.Split(u, "/")
+			if split[1] == oldName {
+				split[1] = newName
+				role.Roles[j] = split[0] + "/" + split[1]
+			}
+		}
+		_, err = session.Where("name=?", role.Name).Update(role)
+		if err != nil {
+			return err
+		}
+	}
+
+	var permissions []*Permission
+	err = adapter.Engine.Find(&permissions)
+	if err != nil {
+		return err
+	}
+	for _, permission := range permissions {
+		for j, u := range permission.Roles {
+			// u = organization/username
+			split := strings.Split(u, "/")
+			if split[1] == oldName {
+				split[1] = newName
+				permission.Roles[j] = split[0] + "/" + split[1]
+			}
+		}
+		_, err = session.Where("name=?", permission.Name).Update(permission)
+		if err != nil {
+			return err
+		}
+	}
+
+	return session.Commit()
+}
--- a/object/user.go
+++ b/object/user.go
@ -380,6 +380,13 @@ func UpdateUser(id string, user *User, columns []string, isGlobalAdmin bool) boo
 		return false
 	}

+	if name != user.Name {
+		err := userChangeTrigger(name, user.Name)
+		if err != nil {
+			return false
+		}
+	}
+
 	if user.Password == "***" {
 		user.Password = oldUser.Password
 	}
@ -416,6 +423,13 @@ func UpdateUserForAllFields(id string, user *User) bool {
 		return false
 	}

+	if name != user.Name {
+		err := userChangeTrigger(name, user.Name)
+		if err != nil {
+			return false
+		}
+	}
+
 	user.UpdateUserHash()

 	if user.Avatar != oldUser.Avatar && user.Avatar != "" {
@ -567,3 +581,62 @@ func ExtendUserWithRolesAndPermissions(user *User) {
 	user.Roles = GetRolesByUser(user.GetId())
 	user.Permissions = GetPermissionsByUser(user.GetId())
 }
+
+func userChangeTrigger(oldName string, newName string) error {
+	session := adapter.Engine.NewSession()
+	defer session.Close()
+
+	err := session.Begin()
+	if err != nil {
+		return err
+	}
+
+	var roles []*Role
+	err = adapter.Engine.Find(&roles)
+	if err != nil {
+		return err
+	}
+	for _, role := range roles {
+		for j, u := range role.Users {
+			// u = organization/username
+			split := strings.Split(u, "/")
+			if split[1] == oldName {
+				split[1] = newName
+				role.Users[j] = split[0] + "/" + split[1]
+			}
+		}
+		_, err = session.Where("name=?", role.Name).Update(role)
+		if err != nil {
+			return err
+		}
+	}
+
+	var permissions []*Permission
+	err = adapter.Engine.Find(&permissions)
+	if err != nil {
+		return err
+	}
+	for _, permission := range permissions {
+		for j, u := range permission.Users {
+			// u = organization/username
+			split := strings.Split(u, "/")
+			if split[1] == oldName {
+				split[1] = newName
+				permission.Users[j] = split[0] + "/" + split[1]
+			}
+		}
+		_, err = session.Where("name=?", permission.Name).Update(permission)
+		if err != nil {
+			return err
+		}
+	}
+
+	resource := new(Resource)
+	resource.User = newName
+	_, err = session.Where("user=?", oldName).Update(resource)
+	if err != nil {
+		return err
+	}
+
+	return session.Commit()
+}