casbin-ruby 1.0.5 → 1.0.9

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 28a62b747911baa032114d99d6ac547a5e10a6661e9c73dddb756db0331dd8d9
4
- data.tar.gz: dc9c0f3b7651fdff49f5effa17282139c083eac30f176b3544cb75aabe174a38
3
+ metadata.gz: 84e517ce25e2018d9bcc8d075c9b0e898861c450b3dea1cec2d835e1d6144925
4
+ data.tar.gz: c8d5448a7aa4fbba4df0a7ce2fa1330b5bfb57bffa31473008ec80015d0ed4d5
5
5
  SHA512:
6
- metadata.gz: 23a694c48da847813dd0632fef4bdebf5f1a982a7610489453bf7b545edd429b26f125d085879dcd2dc5f3737e8b167c6678bf1e3b9bb2afba951ecdfe920c54
7
- data.tar.gz: 4a2dc386dac66769e86836c3ab84ce687e53c7e0f6962dc2f4e136cf8d16d21d1554e7b355c8913a6c7f4b4c35b9d94a66102b5ce9ef5817ec8ced25f02a1240
6
+ metadata.gz: 5f5b72a96bf42091dceb1118d5fd33491e51af3afe808a5b6782efd51bc1b7df192bdacb5509c4748190507e79efb564b20ad49c352ed8bf5cf8ec21b9a25405
7
+ data.tar.gz: 77fa89b6b8379c5e6b774ebc2c029491e61495c008088a15634f29089d072a702840ab5c65d5e2a6ae5c16cdaa6842dea8fb13167b4e28a4d54355d0f2a1b524
data/README.md CHANGED
@@ -8,6 +8,7 @@ at: http://casbin.org/editor/
8
8
 
9
9
  Casbin is a powerful and efficient open-source access control library for Ruby projects. It provides support for
10
10
  enforcing authorization based on various [access control models](https://en.wikipedia.org/wiki/Computer_security_model).
11
+ Ruby version is ported & [supported by Evrone](https://evrone.com/?utm_campaign=casbinruby). More information you can find in articles [in English](https://evrone.com/casbin-ruby?utm_campaign=casbinruby).
11
12
 
12
13
  ## All the languages supported by Casbin:
13
14
 
@@ -130,7 +131,7 @@ What Casbin does NOT do:
130
131
  ## Installation
131
132
 
132
133
  ```
133
- gem 'casbin', github: 'evrone/casbin-ruby'
134
+ gem 'casbin-ruby'
134
135
  ```
135
136
 
136
137
  ## Documentation
@@ -151,7 +152,7 @@ https://casbin.org/docs/en/tutorials
151
152
 
152
153
  ```ruby
153
154
  # TODO: correct `require`
154
- require 'casbin'
155
+ require 'casbin-ruby'
155
156
  enforcer = Casbin::Enforcer.new("path/to/model.conf", "path/to/policy.csv")
156
157
  ```
157
158
 
@@ -186,8 +187,8 @@ See [Policy management APIs](#policy-management) for more usage.
186
187
 
187
188
  Casbin provides two sets of APIs to manage permissions:
188
189
 
189
- - [Management API](https://github.com/casbin/casbin/blob/master/management_api.go): the primitive API that provides full support for Casbin policy management. See [here](https://github.com/casbin/casbin/blob/master/management_api_test.go) for examples.
190
- - [RBAC API](https://github.com/casbin/casbin/blob/master/rbac_api.go): a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code. See [here](https://github.com/casbin/casbin/blob/master/rbac_api_test.go) for examples.
190
+ - [Management API](https://github.com/casbin/casbin/blob/main/management_api.go): the primitive API that provides full support for Casbin policy management. See [here](https://github.com/casbin/casbin/blob/main/management_api_test.go) for examples.
191
+ - [RBAC API](https://github.com/casbin/casbin/blob/main/rbac_api.go): a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code. See [here](https://github.com/casbin/casbin/blob/main/rbac_api_test.go) for examples.
191
192
 
192
193
  We also provide a web-based UI for model management and policy management:
193
194
 
@@ -211,17 +212,17 @@ https://casbin.org/docs/en/benchmark
211
212
 
212
213
  Model | Model file | Policy file
213
214
  ----|------|----
214
- ACL | [basic_model.conf](https://github.com/casbin/casbin/blob/master/examples/basic_model.conf) | [basic_policy.csv](https://github.com/casbin/casbin/blob/master/examples/basic_policy.csv)
215
- ACL with superuser | [basic_model_with_root.conf](https://github.com/casbin/casbin/blob/master/examples/basic_with_root_model.conf) | [basic_policy.csv](https://github.com/casbin/casbin/blob/master/examples/basic_policy.csv)
216
- ACL without users | [basic_model_without_users.conf](https://github.com/casbin/casbin/blob/master/examples/basic_without_users_model.conf) | [basic_policy_without_users.csv](https://github.com/casbin/casbin/blob/master/examples/basic_without_users_policy.csv)
217
- ACL without resources | [basic_model_without_resources.conf](https://github.com/casbin/casbin/blob/master/examples/basic_without_resources_model.conf) | [basic_policy_without_resources.csv](https://github.com/casbin/casbin/blob/master/examples/basic_without_resources_policy.csv)
218
- RBAC | [rbac_model.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_model.conf) | [rbac_policy.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_policy.csv)
219
- RBAC with resource roles | [rbac_model_with_resource_roles.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_resource_roles_model.conf) | [rbac_policy_with_resource_roles.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_resource_roles_policy.csv)
220
- RBAC with domains/tenants | [rbac_model_with_domains.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_domains_model.conf) | [rbac_policy_with_domains.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_domains_policy.csv)
221
- ABAC | [abac_model.conf](https://github.com/casbin/casbin/blob/master/examples/abac_model.conf) | N/A
222
- RESTful | [keymatch_model.conf](https://github.com/casbin/casbin/blob/master/examples/keymatch_model.conf) | [keymatch_policy.csv](https://github.com/casbin/casbin/blob/master/examples/keymatch_policy.csv)
223
- Deny-override | [rbac_model_with_deny.conf](https://github.com/casbin/casbin/blob/master/examples/rbac_with_deny_model.conf) | [rbac_policy_with_deny.csv](https://github.com/casbin/casbin/blob/master/examples/rbac_with_deny_policy.csv)
224
- Priority | [priority_model.conf](https://github.com/casbin/casbin/blob/master/examples/priority_model.conf) | [priority_policy.csv](https://github.com/casbin/casbin/blob/master/examples/priority_policy.csv)
215
+ ACL | [basic_model.conf](https://github.com/casbin/casbin/blob/main/examples/basic_model.conf) | [basic_policy.csv](https://github.com/casbin/casbin/blob/main/examples/basic_policy.csv)
216
+ ACL with superuser | [basic_model_with_root.conf](https://github.com/casbin/casbin/blob/main/examples/basic_with_root_model.conf) | [basic_policy.csv](https://github.com/casbin/casbin/blob/main/examples/basic_policy.csv)
217
+ ACL without users | [basic_model_without_users.conf](https://github.com/casbin/casbin/blob/main/examples/basic_without_users_model.conf) | [basic_policy_without_users.csv](https://github.com/casbin/casbin/blob/main/examples/basic_without_users_policy.csv)
218
+ ACL without resources | [basic_model_without_resources.conf](https://github.com/casbin/casbin/blob/main/examples/basic_without_resources_model.conf) | [basic_policy_without_resources.csv](https://github.com/casbin/casbin/blob/main/examples/basic_without_resources_policy.csv)
219
+ RBAC | [rbac_model.conf](https://github.com/casbin/casbin/blob/main/examples/rbac_model.conf) | [rbac_policy.csv](https://github.com/casbin/casbin/blob/main/examples/rbac_policy.csv)
220
+ RBAC with resource roles | [rbac_model_with_resource_roles.conf](https://github.com/casbin/casbin/blob/main/examples/rbac_with_resource_roles_model.conf) | [rbac_policy_with_resource_roles.csv](https://github.com/casbin/casbin/blob/main/examples/rbac_with_resource_roles_policy.csv)
221
+ RBAC with domains/tenants | [rbac_model_with_domains.conf](https://github.com/casbin/casbin/blob/main/examples/rbac_with_domains_model.conf) | [rbac_policy_with_domains.csv](https://github.com/casbin/casbin/blob/main/examples/rbac_with_domains_policy.csv)
222
+ ABAC | [abac_model.conf](https://github.com/casbin/casbin/blob/main/examples/abac_model.conf) | N/A
223
+ RESTful | [keymatch_model.conf](https://github.com/casbin/casbin/blob/main/examples/keymatch_model.conf) | [keymatch_policy.csv](https://github.com/casbin/casbin/blob/main/examples/keymatch_policy.csv)
224
+ Deny-override | [rbac_model_with_deny.conf](https://github.com/casbin/casbin/blob/main/examples/rbac_with_deny_model.conf) | [rbac_policy_with_deny.csv](https://github.com/casbin/casbin/blob/main/examples/rbac_with_deny_policy.csv)
225
+ Priority | [priority_model.conf](https://github.com/casbin/casbin/blob/main/examples/priority_model.conf) | [priority_policy.csv](https://github.com/casbin/casbin/blob/main/examples/priority_policy.csv)
225
226
 
226
227
  ## Middlewares
227
228
 
@@ -233,6 +234,15 @@ In process
233
234
 
234
235
  ## Contributors
235
236
 
237
+ ## Sponsors
238
+
239
+ <p>
240
+ <a href="https://evrone.com/?utm_source=github&utm_campaign=casbin-ruby">
241
+ <img src="https://camo.githubusercontent.com/433f193098927e4e7229c229c8920f77898282063d4fc3cbafb04ea3d24d73df/68747470733a2f2f6576726f6e652e636f6d2f6c6f676f2f6576726f6e652d73706f6e736f7265642d6c6f676f2e706e67"
242
+ alt="Sponsored by Evrone" width="210">
243
+ </a>
244
+ </p>
245
+
236
246
  ## License
237
247
 
238
248
  ## Contact
@@ -130,7 +130,7 @@ module Casbin
130
130
  if params.size == 1 && params[0].is_a?(Array)
131
131
  parent_add_policy('p', ptype, params[0])
132
132
  else
133
- parent_add_policy('p', ptype, [params])
133
+ parent_add_policy('p', ptype, params)
134
134
  end
135
135
  end
136
136
 
@@ -182,7 +182,7 @@ module Casbin
182
182
  if params.size == 1 && params[0].is_a?(Array)
183
183
  parent_remove_policy('p', ptype, params[0])
184
184
  else
185
- parent_remove_policy('p', ptype, [params])
185
+ parent_remove_policy('p', ptype, params)
186
186
  end
187
187
  end
188
188
 
@@ -235,7 +235,7 @@ module Casbin
235
235
  rule_added = if params.size == 1 && params[0].is_a?(Array)
236
236
  parent_add_policy('g', ptype, params[0])
237
237
  else
238
- parent_add_policy('g', ptype, [params])
238
+ parent_add_policy('g', ptype, params)
239
239
  end
240
240
 
241
241
  auto_build_role_links ? build_role_links : rule_added
@@ -112,9 +112,17 @@ module Casbin
112
112
  true
113
113
  end
114
114
 
115
+ # gets rules based on field filters from a policy.
116
+ def get_filtered_policy(sec, ptype, field_index, *field_values)
117
+ model[sec][ptype].policy.select do |rule|
118
+ field_values.select { |value| rule[field_index] == value }.any?
119
+ end.compact
120
+ end
121
+
115
122
  # removes policy rules based on field filters from the model.
116
123
  def remove_filtered_policy(sec, ptype, field_index, *field_values)
117
- return false unless model.key?(sec) && model[sec].include?(ptype)
124
+ return false unless model.key?(sec)
125
+ return false unless model[sec].include?(ptype)
118
126
 
119
127
  state = { tmp: [], res: false }
120
128
  model[sec][ptype].policy.each do |rule|
@@ -142,12 +150,8 @@ module Casbin
142
150
  private
143
151
 
144
152
  def filtered_rule(state, rule, field_values, field_index)
145
- matched = true
146
-
147
153
  field_values.each_with_index do |field_value, index|
148
- next matched = false if field_value != '' && field_value != rule[field_index + index]
149
-
150
- if matched
154
+ if field_value == '' || rule[field_index + index] == field_value
151
155
  state[:res] = true
152
156
  else
153
157
  state[:tmp] << rule
@@ -68,7 +68,7 @@ module Casbin
68
68
 
69
69
  # joins a string and a slice into a new slice.
70
70
  def join_slice(a, *b)
71
- Array.new(a).concat b
71
+ Array(a).concat b
72
72
  end
73
73
 
74
74
  # returns the elements in `a` that aren't in `b`.
@@ -8,7 +8,8 @@ class ThreadLock
8
8
 
9
9
  class << self
10
10
  extend Forwardable
11
- def_delegators :instance, :thread=, :thread, :lock?
11
+
12
+ def_delegators :instance, :thread=, :lock?
12
13
  end
13
14
 
14
15
  attr_accessor :thread
@@ -16,6 +17,6 @@ class ThreadLock
16
17
  def lock?
17
18
  return false unless thread
18
19
 
19
- thread.alive?
20
+ thread.active?
20
21
  end
21
22
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Casbin
4
- VERSION = '1.0.5'
4
+ VERSION = '1.0.9'
5
5
  end
@@ -28,6 +28,42 @@ describe Casbin::Enforcer do
28
28
  enf.load_model
29
29
  expect(enf.model).not_to be_nil
30
30
  end
31
+
32
+ it '#get_filtered_policy' do
33
+ expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
34
+ expect(enf.get_filtered_policy(0, 'alice')).to match_array([%w[alice data1 read]])
35
+ end
36
+
37
+ it '#remove_filtered_policy' do
38
+ expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
39
+ enf.remove_filtered_policy(1, 'data1')
40
+ expect(enf.enforce('alice', 'data1', 'read')).to be_falsey
41
+
42
+ expect(enf.enforce('bob', 'data2', 'write')).to be_truthy
43
+ enf.remove_filtered_policy(2, 'write')
44
+ expect(enf.enforce('bob', 'data2', 'write')).to be_falsey
45
+ end
46
+
47
+ it '#add_policy' do
48
+ expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
49
+ enf.add_policy('alice', 'data3', 'read')
50
+ enf.add_policy('alice', 'data4', 'read')
51
+ enf.add_policy(%w[alice data5 read])
52
+ expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
53
+ expect(enf.enforce('alice', 'data4', 'read')).to be_truthy
54
+ expect(enf.enforce('alice', 'data5', 'read')).to be_truthy
55
+ end
56
+
57
+ it '#remove_policy' do
58
+ enf.add_policy('alice', 'data3', 'read')
59
+ expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
60
+ enf.remove_policy('alice', 'data3', 'read')
61
+ expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
62
+ enf.add_policy('alice', 'data3', 'read')
63
+ expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
64
+ enf.remove_policy(%w[alice data3 read])
65
+ expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
66
+ end
31
67
  end
32
68
 
33
69
  describe 'basic without spaces' do
@@ -140,6 +176,18 @@ describe Casbin::Enforcer do
140
176
  expect(enf.enforce('alice', 'data2', 'write')).to be_truthy
141
177
  expect(enf.enforce('bogus', 'data2', 'write')).to be_falsey
142
178
  end
179
+
180
+ it '#add_grouping_policy' do
181
+ expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
182
+ enf.add_policy('base', 'data3', 'read')
183
+ enf.add_policy(%w[alice data4 read])
184
+ enf.add_grouping_policy('alice', 'base')
185
+ enf.add_grouping_policy(%w[bob base])
186
+ expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
187
+ expect(enf.enforce('bob', 'data3', 'read')).to be_truthy
188
+ expect(enf.enforce('alice', 'data4', 'read')).to be_truthy
189
+ expect(enf.enforce('bob', 'data4', 'read')).to be_falsey
190
+ end
143
191
  end
144
192
 
145
193
  describe 'rbac empty policy' do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: casbin-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.5
4
+ version: 1.0.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Igor Kutyavin
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-05-14 00:00:00.000000000 Z
12
+ date: 2021-08-23 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: keisan
@@ -113,7 +113,6 @@ files:
113
113
  - spec/casbin/rbac/default_role_manager/role_manager_spec.rb
114
114
  - spec/casbin/rbac/default_role_manager/role_spec.rb
115
115
  - spec/casbin/util/builtin_operators_spec.rb
116
- - spec/casbin/util/thread_lock_spec.rb
117
116
  - spec/casbin/util_spec.rb
118
117
  - spec/support/model_helper.rb
119
118
  homepage: https://github.com/evrone/casbin-ruby
@@ -141,13 +140,12 @@ signing_key:
141
140
  specification_version: 4
142
141
  summary: Casbin in Ruby
143
142
  test_files:
144
- - spec/casbin/core_enforcer_spec.rb
145
- - spec/casbin/enforcer_spec.rb
146
- - spec/casbin/model/function_map_spec.rb
143
+ - spec/support/model_helper.rb
147
144
  - spec/casbin/rbac/default_role_manager/role_spec.rb
148
145
  - spec/casbin/rbac/default_role_manager/role_manager_spec.rb
149
- - spec/casbin/config/config_spec.rb
150
- - spec/casbin/util/thread_lock_spec.rb
146
+ - spec/casbin/enforcer_spec.rb
151
147
  - spec/casbin/util/builtin_operators_spec.rb
152
148
  - spec/casbin/util_spec.rb
153
- - spec/support/model_helper.rb
149
+ - spec/casbin/core_enforcer_spec.rb
150
+ - spec/casbin/config/config_spec.rb
151
+ - spec/casbin/model/function_map_spec.rb
@@ -1,17 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'casbin-ruby/util/thread_lock'
4
-
5
- describe ThreadLock do
6
- it '#lock? with no thread' do
7
- expect(described_class).not_to be_lock
8
- end
9
-
10
- it '#lock? with thread' do
11
- described_class.thread = Thread.new { loop }
12
- expect(described_class).to be_lock
13
- described_class.thread.exit
14
- sleep 0.001 # waiting exit
15
- expect(described_class).not_to be_lock
16
- end
17
- end