casbin-ruby 1.0.6 → 1.0.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d406ef1efa717c0be3eabc7dfe52876fee6abc4e1376fd40a470f21ff66c8db5
-  data.tar.gz: 29ebed777ab1fa73e59673f1c59ece907a42008d0627eb4e7bd3be1f62ccfad9
+  metadata.gz: 88e68e3c8f15c55fbeba3bf37683124c9d2fb17a8d2dd408f3ed7d36a430fe95
+  data.tar.gz: 124e945552b694c89ef488a71d286d6171118281041c2823db896efb56ec0d83
 SHA512:
-  metadata.gz: ba5605585f491b75c06eeeb6f7ded2c6236366e650dc186bf9ec0ff11ab4084ddd22d6731011f11f197a06259feb9d2ec01a0c5694f3ba9bc67ba08dc03fe3ee
-  data.tar.gz: f41d01708fa751dac161f87fe91a20dca70d23cdfb1dad8673437c262763c7883ea96785efa5fd0043b21c7132be5eede5e7fdf83107654919ef34f0d49d547d
+  metadata.gz: 10b12e4a479b2c3d4f7b70f33750d604292f15aaae6441968559a7d7ae195e4a5b291a3ce69fe553e7c976020218fa1b2dd2dcb86c58a9483868c30eef38842c
+  data.tar.gz: 225eaf757fbaab699f3a4c832020b9ca527e2b53e2f03c843631dadf81a1f199c0135447cc9a41bc96f509712011feca18970c02949fa037543e1a1c77aa08c1

data/README.md

@@ -131,7 +131,7 @@ What Casbin does NOT do:
 ## Installation
 
 ```
-gem 'casbin', github: 'evrone/casbin-ruby'
+gem 'casbin-ruby'
 ```
 
 ## Documentation
@@ -152,7 +152,7 @@ https://casbin.org/docs/en/tutorials
 
 ```ruby
 # TODO: correct `require`
-require 'casbin'
+require 'casbin-ruby'
 enforcer = Casbin::Enforcer.new("path/to/model.conf", "path/to/policy.csv")
 ```
 

data/lib/casbin-ruby/management_enforcer.rb

@@ -102,7 +102,7 @@ module Casbin
       if params.size == 1 && params[0].is_a?(Array)
         model.has_policy('p', ptype, params[0])
       else
-        model.has_policy('p', ptype, [params])
+        model.has_policy('p', ptype, params)
       end
     end
 
@@ -130,7 +130,7 @@ module Casbin
       if params.size == 1 && params[0].is_a?(Array)
         parent_add_policy('p', ptype, params[0])
       else
-        parent_add_policy('p', ptype, [params])
+        parent_add_policy('p', ptype, params)
       end
     end
 
@@ -182,7 +182,7 @@ module Casbin
       if params.size == 1 && params[0].is_a?(Array)
         parent_remove_policy('p', ptype, params[0])
       else
-        parent_remove_policy('p', ptype, [params])
+        parent_remove_policy('p', ptype, params)
       end
     end
 
@@ -206,7 +206,7 @@ module Casbin
       if params.size == 1 && params[0].is_a?(Array)
         model.has_policy('g', ptype, params[0])
       else
-        model.has_policy('g', ptype, [params])
+        model.has_policy('g', ptype, params)
       end
     end
 
@@ -235,7 +235,7 @@ module Casbin
       rule_added = if params.size == 1 && params[0].is_a?(Array)
                      parent_add_policy('g', ptype, params[0])
                    else
-                     parent_add_policy('g', ptype, [params])
+                     parent_add_policy('g', ptype, params)
                    end
 
       auto_build_role_links ? build_role_links : rule_added
@@ -271,7 +271,7 @@ module Casbin
       rule_added = if params.size == 1 && params[0].is_a?(Array)
                      parent_remove_policy('g', ptype, params[0])
                    else
-                     parent_remove_policy('g', ptype, [params])
+                     parent_remove_policy('g', ptype, params)
                    end
 
       auto_build_role_links ? build_role_links : rule_added

data/lib/casbin-ruby/model/policy.rb

@@ -112,6 +112,13 @@ module Casbin
         true
       end
 
+      # gets rules based on field filters from a policy.
+      def get_filtered_policy(sec, ptype, field_index, *field_values)
+        model[sec][ptype].policy.select do |rule|
+          field_values.select { |value| rule[field_index] == value }.any?
+        end.compact
+      end
+
       # removes policy rules based on field filters from the model.
       def remove_filtered_policy(sec, ptype, field_index, *field_values)
         return false unless model.key?(sec)

data/lib/casbin-ruby/util/thread_lock.rb

@@ -1,12 +1,15 @@
 # frozen_string_literal: true
 
 require 'singleton'
+require 'forwardable'
 
 class ThreadLock
   include Singleton
 
   class << self
-    delegate :thread=, :lock?, to: :instance
+    extend Forwardable
+
+    def_delegators :instance, :thread=, :lock?
   end
 
   attr_accessor :thread

data/lib/casbin-ruby/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Casbin
-  VERSION = '1.0.6'
+  VERSION = '1.0.10'
 end

data/spec/casbin/enforcer_spec.rb

@@ -29,6 +29,11 @@ describe Casbin::Enforcer do
       expect(enf.model).not_to be_nil
     end
 
+    it '#get_filtered_policy' do
+      expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
+      expect(enf.get_filtered_policy(0, 'alice')).to match_array([%w[alice data1 read]])
+    end
+
     it '#remove_filtered_policy' do
       expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
       enf.remove_filtered_policy(1, 'data1')
@@ -38,6 +43,63 @@ describe Casbin::Enforcer do
       enf.remove_filtered_policy(2, 'write')
       expect(enf.enforce('bob', 'data2', 'write')).to be_falsey
     end
+
+    it '#add_policy' do
+      expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
+      enf.add_policy('alice', 'data3', 'read')
+      enf.add_policy('alice', 'data4', 'read')
+      enf.add_policy(%w[alice data5 read])
+      expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
+      expect(enf.enforce('alice', 'data4', 'read')).to be_truthy
+      expect(enf.enforce('alice', 'data5', 'read')).to be_truthy
+    end
+
+    it '#remove_policy' do
+      enf.add_policy('alice', 'data3', 'read')
+      expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
+      enf.remove_policy('alice', 'data3', 'read')
+      expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
+      enf.add_policy('alice', 'data3', 'read')
+      expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
+      enf.remove_policy(%w[alice data3 read])
+      expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
+    end
+
+    # rubocop:disable RSpec/RepeatedExample
+    it '#delete_permission' do
+      # TODO: Add support this method
+      # expect(enf.enforce('bob', 'data2', 'write')).to be_truthy
+      # expect(enf.enforce('data2_admin', 'data2', 'read')).to be_truthy
+      # expect(enf.enforce('data2_admin', 'data2', 'write')).to be_truthy
+      # expect(enf.delete_permission('data2')).to be_truthy
+      # expect(enf.enforce('bob', 'data2', 'write')).to be_falsey
+      # expect(enf.enforce('data2_admin', 'data2', 'read')).to be_falsey
+      # expect(enf.enforce('data2_admin', 'data2', 'write')).to be_falsey
+    end
+
+    it '#delete_permissions_for_user' do
+      # TODO: Add support this method
+      # expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
+      # expect(enf.delete_permissions_for_user('alice')).to be_truthy
+      # expect(enf.enforce('alice', 'data1', 'read')).to be_falsey
+    end
+
+    it '#get_permissions_for_user' do
+      # TODO: Add support this method
+      # expect(enf.get_permissions_for_user('alice')).to match_array([%w[alice data1 read],
+      #                                                               %w[data2_admin data2 read],
+      #                                                               %w[data2_admin data2 write]])
+    end
+    # rubocop:enable RSpec/RepeatedExample
+
+    it '#has_permission_for_user' do
+      expect(enf.has_permission_for_user('alice', 'data1', 'read')).to be_truthy
+      expect(enf.has_permission_for_user('alice', 'data1', 'write')).to be_falsey
+    end
+
+    it '#get_implicit_permissions_for_user' do
+      expect(enf.get_implicit_permissions_for_user('alice')).to match_array([%w[alice data1 read]])
+    end
   end
 
   describe 'basic without spaces' do
@@ -150,6 +212,80 @@ describe Casbin::Enforcer do
       expect(enf.enforce('alice', 'data2', 'write')).to be_truthy
       expect(enf.enforce('bogus', 'data2', 'write')).to be_falsey
     end
+
+    it '#add_grouping_policy' do
+      expect(enf.enforce('alice', 'data3', 'read')).to be_falsey
+      enf.add_policy('base', 'data3', 'read')
+      enf.add_policy(%w[alice data4 read])
+      enf.add_grouping_policy('alice', 'base')
+      enf.add_grouping_policy(%w[bob base])
+      expect(enf.enforce('alice', 'data3', 'read')).to be_truthy
+      expect(enf.enforce('bob', 'data3', 'read')).to be_truthy
+      expect(enf.enforce('alice', 'data4', 'read')).to be_truthy
+      expect(enf.enforce('bob', 'data4', 'read')).to be_falsey
+    end
+
+    it '#get_roles_for_user' do
+      expect(enf.get_roles_for_user('alice')).to match_array(['data2_admin'])
+      expect(enf.get_roles_for_user('bob')).to match_array([])
+    end
+
+    it '#get_users_for_role' do
+      expect(enf.get_users_for_role('data2_admin')).to match_array(['alice'])
+      expect(enf.get_users_for_role('data1_admin')).to match_array([])
+    end
+
+    it '#has_role_for_user' do
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_truthy
+      expect(enf.has_role_for_user('bob', 'data2_admin')).to be_falsey
+    end
+
+    it '#add_role_for_user' do
+      expect(enf.has_role_for_user('alice', 'manager')).to be_falsey
+      expect(enf.add_role_for_user('alice', 'manager')).to be_truthy
+      expect(enf.has_role_for_user('alice', 'manager')).to be_truthy
+    end
+
+    it '#delete_role_for_user' do
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_truthy
+      expect(enf.delete_role_for_user('alice', 'data2_admin')).to be_truthy
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_falsey
+    end
+
+    it '#delete_roles_for_user' do
+      enf.add_grouping_policy('alice', 'base')
+      expect(enf.delete_roles_for_user('alice')).to be_truthy
+      expect(enf.get_roles_for_user('alice')).to match_array([])
+    end
+
+    it '#delete_user' do
+      expect(enf.enforce('alice', 'data1', 'read')).to be_truthy
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_truthy
+      expect(enf.delete_user('alice')).to be_truthy
+      expect(enf.enforce('alice', 'data1', 'read')).to be_falsey
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_falsey
+    end
+
+    it '#delete_role' do
+      expect(enf.enforce('data2_admin', 'data2', 'read')).to be_truthy
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_truthy
+      expect(enf.delete_role('data2_admin')).to be_truthy
+      expect(enf.enforce('data2_admin', 'data2', 'read')).to be_falsey
+      expect(enf.has_role_for_user('alice', 'data2_admin')).to be_falsey
+    end
+
+    # rubocop:disable RSpec/RepeatedExample
+    it '#get_implicit_roles_for_user' do
+      # TODO: Add support this method
+      # enf.add_role_for_user('data2_admin', 'super_admin')
+      # expect(enf.get_implicit_roles_for_user('alice')).to match_array(%w[data2_admin super_admin])
+    end
+
+    it '#get_implicit_users_for_permission' do
+      # TODO: Add support this method
+      # expect(enf.get_implicit_users_for_permission('data2', 'write')).to match_array(%w[alice bob])
+    end
+    # rubocop:enable RSpec/RepeatedExample
   end
 
   describe 'rbac empty policy' do
@@ -189,6 +325,34 @@ describe Casbin::Enforcer do
       expect(enf.enforce('bob', 'domain2', 'data2', 'read')).to be_truthy
       expect(enf.enforce('bob', 'domain2', 'data2', 'write')).to be_truthy
     end
+
+    it '#get_roles_for_user_in_domain' do
+      expect(enf.get_roles_for_user_in_domain('alice', 'domain1')).to match_array(%w[admin])
+      expect(enf.get_roles_for_user_in_domain('bob', 'domain2')).to match_array(%w[admin])
+    end
+
+    it '#get_users_for_role_in_domain' do
+      expect(enf.get_users_for_role_in_domain('admin', 'domain1')).to match_array(%w[alice])
+      expect(enf.get_users_for_role_in_domain('admin', 'domain2')).to match_array(%w[bob])
+    end
+
+    it '#delete_roles_for_user_in_domain' do
+      enf.delete_roles_for_user_in_domain('alice', 'admin', 'domain1')
+      expect(enf.get_roles_for_user_in_domain('alice', 'domain1')).to match_array(%w[])
+    end
+
+    it '#get_permissions_for_user_in_domain' do
+      expect(enf.get_permissions_for_user_in_domain('admin', 'domain1'))
+        .to match_array([%w[admin domain1 data1 read],
+                         %w[admin domain1 data1 write],
+                         %w[admin domain2 data2 read],
+                         %w[admin domain2 data2 write]])
+      expect(enf.get_permissions_for_user_in_domain('admin', 'domain2'))
+        .to match_array([%w[admin domain1 data1 read],
+                         %w[admin domain1 data1 write],
+                         %w[admin domain2 data2 read],
+                         %w[admin domain2 data2 write]])
+    end
   end
 
   describe 'rbac with not deny' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: casbin-ruby
 version: !ruby/object:Gem::Version
-  version: 1.0.6
+  version: 1.0.10
 platform: ruby
 authors:
 - Igor Kutyavin
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-03 00:00:00.000000000 Z
+date: 2021-09-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: keisan
@@ -141,11 +141,11 @@ specification_version: 4
 summary: Casbin in Ruby
 test_files:
 - spec/support/model_helper.rb
-- spec/casbin/core_enforcer_spec.rb
-- spec/casbin/rbac/default_role_manager/role_manager_spec.rb
 - spec/casbin/rbac/default_role_manager/role_spec.rb
+- spec/casbin/rbac/default_role_manager/role_manager_spec.rb
+- spec/casbin/enforcer_spec.rb
+- spec/casbin/util/builtin_operators_spec.rb
+- spec/casbin/util_spec.rb
+- spec/casbin/core_enforcer_spec.rb
 - spec/casbin/config/config_spec.rb
 - spec/casbin/model/function_map_spec.rb
-- spec/casbin/util_spec.rb
-- spec/casbin/util/builtin_operators_spec.rb
-- spec/casbin/enforcer_spec.rb