Skip to content
/ casbin.js Public
  • Sponsor
  • Notifications You must be signed in to change notification settings
  • Fork 35
  • Star 179
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: casbin/casbin.js
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.3.4
Choose a base ref
...
head repository: casbin/casbin.js
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v0.4.0
Choose a head ref
3 contributors
Loading
Showing with 1,436 additions and 1,979 deletions.
  1. +13 −13 package.json
  2. +19 −11 src/Authorizer.ts
  3. +38 −2 src/__test__/enforcer.test.ts
  4. +3 −0 src/__test__/models.ts
  5. +1,363 −1,953 yarn.lock
26 changes: 13 additions & 13 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -20,10 +20,10 @@
},
"devDependencies": {
"@babel/plugin-proposal-optional-chaining": "^7.11.0",
"@types/express": "^4.17.6",
"@types/jest": "^25.2.3",
"@types/express": "^4.17.12",
"@types/jest": "^26.0.23",
"@types/js-cookie": "^2.2.6",
"@typescript-eslint/eslint-plugin": "^3.2.0",
"@typescript-eslint/eslint-plugin": "^4.0.0",
"@typescript-eslint/parser": "^3.2.0",
"clean-webpack-plugin": "^3.0.0",
"eslint": "^7.7.0",
@@ -32,23 +32,23 @@
"html-webpack-plugin": "^4.3.0",
"jest": "^26.1.0",
"npm-run-all": "^4.1.5",
"prettier": "^2.0.5",
"prettier": "^2.3.1",
"rimraf": "^3.0.2",
"ts-jest": "^26.1.0",
"ts-loader": "^8.0.2",
"ts-jest": "^26.5.6",
"ts-loader": "^9.2.1",
"tslint-config-prettier": "^1.18.0",
"typescript": "^3.9.6",
"webpack": "^4.43.0",
"webpack-cli": "^3.3.12",
"webpack-dev-server": "^3.11.0",
"webpack-merge": "^5.0.8"
"webpack": "^5.39.0",
"webpack-cli": "^4.7.2",
"webpack-dev-server": "^3.11.2",
"webpack-merge": "^5.8.0"
},
"dependencies": {
"@babel/core": "^7.11.4",
"@babel/preset-env": "^7.11.0",
"@babel/core": "^7.14.6",
"@babel/preset-env": "^7.14.5",
"axios": "^0.21.1",
"babel-loader": ">=8.1.0",
"casbin": "^5.4.2",
"casbin": "^5.8.0",
"js-cookie": "^2.2.1"
}
}
30 changes: 19 additions & 11 deletions src/Authorizer.ts
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
import axios from 'axios';
import Cookies from 'js-cookie';
import * as casbin from 'casbin';
import Permission from './Permission';
import { StringKV } from './types';
@@ -83,7 +82,7 @@ export class Authorizer {
}
this.permission.load(permission);
}

public async initEnforcer(s: string): Promise<void> {
const obj = JSON.parse(s);
if (!('m' in obj)) {
@@ -93,7 +92,14 @@ export class Authorizer {
this.enforcer = await casbin.newEnforcer(m);
if ('p' in obj) {
for (const sArray of obj['p']) {
await this.enforcer.addPolicy(sArray[1].trim(), sArray[2].trim(), sArray[3].trim());
let arr = sArray as string[];
arr = arr.map(v => v.trim())
const pType = arr.shift()
if (pType == 'p'){
await this.enforcer.addPolicy(...arr);
} else if (pType == 'g'){
await this.enforcer.addGroupingPolicy(...arr);
}
}
}
}
@@ -127,36 +133,38 @@ export class Authorizer {
}
}

public async can(action: string, object: string): Promise<boolean> {
public async can(action: string, object: string, domain?: string): Promise<boolean> {
if (this.mode == "manual") {
return this.permission !== undefined && this.permission.check(action, object);
} else if (this.mode == "auto") {
if (this.enforcer === undefined) {
throw Error("Enforcer not initialized");
} else {
} else if (domain == undefined) {
return await this.enforcer.enforce(this.user, object, action);
} else {
return await this.enforcer.enforce(this.user, domain, object, action);
}
} else {
throw Error(`Mode ${this.mode} not recognized.`);
}
}

public async cannot(action: string, object: string): Promise<boolean> {
return !(await this.can(action, object));
public async cannot(action: string, object: string, domain?: string): Promise<boolean> {
return !(await this.can(action, object, domain));
}

public async canAll(action: string, objects: string[]) : Promise<boolean> {
public async canAll(action: string, objects: string[], domain?: string) : Promise<boolean> {
for (let i = 0; i < objects.length; ++i) {
if (await this.cannot(action, objects[i])) {
if (await this.cannot(action, objects[i], domain)) {
return false;
}
}
return true;
}

public async canAny(action: string, objects: string[]) : Promise<boolean> {
public async canAny(action: string, objects: string[], domain?: string) : Promise<boolean> {
for (let i = 0; i < objects.length; ++i) {
if (await this.can(action, objects[i])) {
if (await this.can(action, objects[i], domain)) {
return true;
}
}
40 changes: 38 additions & 2 deletions src/__test__/enforcer.test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import * as casbin from "casbin"
import { Authorizer } from "../Authorizer";
import { basicModelStr } from "./models";
import { basicModelStr, rbacWithDomainsModelStr} from './models';

const respData = JSON.stringify({
m: basicModelStr,
@@ -20,6 +20,42 @@ test('Authorizer enforcer API', async() => {
expect(await authorizer.canAny("read", ["data1", "data2"])).toBe(true);
})

const respDataWithDomain = JSON.stringify({
m:rbacWithDomainsModelStr,
p: [
[
"p",
"admin",
"domain1",
"data1",
"read"
],
[
"p",
"admin",
"domain1",
"data2",
"write"
],
[
"g",
"alice",
"admin",
"domain1"
],
]
})

test('Authorizer enforcer with domain API', async() => {
const authorizer = new Authorizer("auto", {endpoint: "whatever"});
await authorizer.initEnforcer(respDataWithDomain);
authorizer.user = "alice";
expect(await authorizer.can("read", "data1", "domain1")).toBe(true);
expect(await authorizer.cannot("write", "data1", "domain1")).toBe(true);
expect(await authorizer.canAny("write", ["data1", "data2"], "domain1")).toBe(true);
expect(await authorizer.canAll("write", ["data1", "data2"], "domain1")).toBe(false);
})

const s = `[request_definition]
r = sub, obj, act
@@ -36,7 +72,7 @@ m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
test('Load casbin from strings.', async () => {
const m = casbin.newModelFromString(s);
const e = await casbin.newEnforcer(m);

await e.addPolicy("alice", "data1", "read");
expect(await e.enforce("alice", "data1", "read")).toBe(true);
expect(await e.enforce("alice", "data1", "write")).toBe(false);
3 changes: 3 additions & 0 deletions src/__test__/models.ts
View file
Original file line number Diff line number Diff line change
@@ -8,3 +8,6 @@ export const rbacModelStr = readFileSync(rbacExample).toString();

const abacWithObjRuleExample = 'src/__test__/examples/abac_with_obj_rule_policy.csv';
export const abacWithObjRuleModelStr = readFileSync(abacWithObjRuleExample).toString();

const rbacWithDomainsExample = 'src/__test__/examples/rbac_with_domains_model.conf';
export const rbacWithDomainsModelStr= readFileSync(rbacWithDomainsExample).toString();
Loading