Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Update dep casbin to 1.41.9 #11400

Merged
merged 1 commit into from
Jul 15, 2024
Merged

chore(deps): Update dep casbin to 1.41.9 #11400

merged 1 commit into from
Jul 15, 2024

Conversation

mikyll
Copy link
Contributor

@mikyll mikyll commented Jul 11, 2024
edited
Loading

Description

Lua Casbin version 1.41.9 fixes bug 157 with PR 158.

Consequences

This allows to escape commas in policy rules and is especially useful for {N,M} pattern quantifier, which would otherwise throw an error ("invalid policy size"), since it considers the comma as a CSV field separator.

The affected plugin is authz-casbin which depends on Casbin.

Example

show/hide

Model file:

[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = regexMatch(r.sub, p.sub) && regexMatch(r.obj, p.obj) && regexMatch(r.act, p.act)

Policy file:

p, bob, "/httpbin/test/authz-casbin/[a-z]{3,5}/test", GET

HTTP Request:

 curl -s -i "localhost:9080/httpbin/test/authz-casbin/abcd/test" -H "user: bob"

Error invalid policy size:

2024/07/11 10:08:46 [error] 63#63: *85813 lua entry thread aborted: runtime error: ...apisix_src//deps/share/lua/5.1/src/main/CoreEnforcer.lua:423: invalid policy size
stack traceback:
coroutine 0:
        [C]: in function 'error'
        ...apisix_src//deps/share/lua/5.1/src/main/CoreEnforcer.lua:423: in function 'enforceEx'
        ...apisix_src//deps/share/lua/5.1/src/main/CoreEnforcer.lua:534: in function 'enforce'
        .../apisix/plugins/scm/custom/apisix/plugins/authz-casbin.lua:123: in function 'phase_func'
        /home/apisix/apisix_src/apisix/plugin.lua:1155: in function 'run_plugin'
        /home/apisix/apisix_src/apisix/init.lua:696: in function 'http_access_phase'
        access_by_lua(nginx.conf:319):2: in main chunk, client: 172.18.0.1, server: _, request: "GET /httpbin/test/authz-casbin/abcd/test HTTP/1.1", host: "localhost:9080"

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

@mikyll
Update dep casbin to 1.41.9
dee4b5d 
Allow to escape commas in policy rules.

Especially useful for {N,M} pattern quantifier, which would otherwise throw an error (invalid policy size), since it considers the comma as a CSV field separator.

Issue: casbin/lua-casbin#157
Fixed by: casbin/lua-casbin#158
@mikyll mikyll changed the title Update dep casbin to 1.41.9 chore(deps): Update dep casbin to 1.41.9 Jul 11, 2024
@bzp2010 bzp2010 merged commit a17655b into apache:master Jul 15, 2024
34 of 35 checks passed
@mikyll mikyll deleted the update_casbin_dep branch September 20, 2024 14:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shreemaan-abhishek shreemaan-abhishek shreemaan-abhishek approved these changes

@moonming moonming moonming approved these changes

@bzp2010 bzp2010 bzp2010 approved these changes

@AlinsRan AlinsRan Awaiting requested review from AlinsRan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mikyll @bzp2010 @moonming @shreemaan-abhishek