fix and optimize casbin (flipped-aurora#1121)

SliverHorn · web-flow · commit 3ec886dd5b43 · 2022-06-10T09:57:09.000+08:00
* - 删除rabac_model.conf, 改为字符串代码, 方便部署
- 删除casbin相关配置文件

* fix: delete api时只传id导致casbin_rules表清空bug
diff --git a/server/config.docker.yaml b/server/config.docker.yaml
@@ -35,10 +35,6 @@ email:
   secret: 'xxx'
   nickname: 'test'
 
-# casbin configuration
-casbin:
-  model-path: './resource/rbac_model.conf'
-
 # system configuration
 system:
   env: 'public'  # Change to "develop" to skip authentication for development mode
diff --git a/server/config.yaml b/server/config.yaml
@@ -35,10 +35,6 @@ email:
   secret: 'xxx'
   nickname: 'test'
 
-# casbin configuration
-casbin:
-  model-path: './resource/rbac_model.conf'
-
 # system configuration
 system:
   env: 'public'  # Change to "develop" to skip authentication for development mode
diff --git a/server/config/casbin.go b/server/config/casbin.go
diff --git a/server/config/config.go b/server/config/config.go
@@ -5,7 +5,6 @@ type Server struct {
 	Zap     Zap     `mapstructure:"zap" json:"zap" yaml:"zap"`
 	Redis   Redis   `mapstructure:"redis" json:"redis" yaml:"redis"`
 	Email   Email   `mapstructure:"email" json:"email" yaml:"email"`
-	Casbin  Casbin  `mapstructure:"casbin" json:"casbin" yaml:"casbin"`
 	System  System  `mapstructure:"system" json:"system" yaml:"system"`
 	Captcha Captcha `mapstructure:"captcha" json:"captcha" yaml:"captcha"`
 	// auto
diff --git a/server/resource/rbac_model.conf b/server/resource/rbac_model.conf
diff --git a/server/service/system/sys_api.go b/server/service/system/sys_api.go
@@ -35,9 +35,17 @@ func (apiService *ApiService) CreateApi(api system.SysApi) (err error) {
 //@return: err error
 
 func (apiService *ApiService) DeleteApi(api system.SysApi) (err error) {
-	err = global.GVA_DB.Delete(&api).Error
-	CasbinServiceApp.ClearCasbin(1, api.Path, api.Method)
-	return err
+	var entity system.SysApi
+	err = global.GVA_DB.Where("id = ?", api.ID).First(&entity).Error // 根据id查询api记录
+	if errors.Is(err, gorm.ErrRecordNotFound) {                      // api记录不存在
+		return err
+	}
+	err = global.GVA_DB.Delete(&entity).Error
+	if err != nil {
+		return err
+	}
+	CasbinServiceApp.ClearCasbin(1, entity.Path, entity.Method)
+	return nil
 }
 
 //@author: [piexlmax](https://github.com/piexlmax)
diff --git a/server/service/system/sys_casbin.go b/server/service/system/sys_casbin.go
@@ -2,6 +2,8 @@ package system
 
 import (
 	"errors"
+	"github.com/casbin/casbin/v2/model"
+	"go.uber.org/zap"
 	"sync"
 
 	"github.com/casbin/casbin/v2"
@@ -92,7 +94,28 @@ var (
 func (casbinService *CasbinService) Casbin() *casbin.SyncedEnforcer {
 	once.Do(func() {
 		a, _ := gormadapter.NewAdapterByDB(global.GVA_DB)
-		syncedEnforcer, _ = casbin.NewSyncedEnforcer(global.GVA_CONFIG.Casbin.ModelPath, a)
+		text := `
+		[request_definition]
+		r = sub, obj, act
+		
+		[policy_definition]
+		p = sub, obj, act
+		
+		[role_definition]
+		g = _, _
+		
+		[policy_effect]
+		e = some(where (p.eft == allow))
+		
+		[matchers]
+		m = r.sub == p.sub && keyMatch2(r.obj,p.obj) && r.act == p.act
+		`
+		m, err := model.NewModelFromString(text)
+		if err != nil {
+			zap.L().Error("字符串加载模型失败!", zap.Error(err))
+			return
+		}
+		syncedEnforcer, _ = casbin.NewSyncedEnforcer(m, a)
 	})
 	_ = syncedEnforcer.LoadPolicy()
 	return syncedEnforcer
diff --git a/web/src/view/systemTools/system/system.vue b/web/src/view/systemTools/system/system.vue
@@ -120,12 +120,6 @@
             <el-button @click="email">测试邮件</el-button>
           </el-form-item>
         </el-collapse-item>
-        <el-collapse-item title="casbin配置" name="6">
-          <el-form-item label="模型地址">
-            <el-input v-model="config.casbin['model-path']" />
-          </el-form-item>
-        </el-collapse-item>
-
         <el-collapse-item title="验证码配置" name="7">
           <el-form-item label="字符长度">
             <el-input v-model.number="config.captcha['key-long']" />
@@ -370,7 +364,6 @@ const config = ref({
     'iplimit-time': 0
   },
   jwt: {},
-  casbin: {},
   mysql: {},
   pgsql: {},
   excel: {},
