diff --git a/CMakeLists.txt b/CMakeLists.txt index 1f0210bd..f8363a4b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -39,6 +39,7 @@ if(NOT DEFINED CMAKE_OBJECT_PATH_MAX) set(CMAKE_OBJECT_PATH_MAX 300) endif() -set(CMAKE_CXX_STANDARD 11) +# Setting to C++ standard to C++17 +set(CMAKE_CXX_STANDARD 17) add_subdirectory(casbin) diff --git a/casbin/CMakeLists.txt b/casbin/CMakeLists.txt index 59c622b2..83861d8e 100644 --- a/casbin/CMakeLists.txt +++ b/casbin/CMakeLists.txt @@ -3,3 +3,6 @@ set(LIBRARY_OUTPUT_PATH ${PROJECT_SOURCE_DIR}/lib) FILE(GLOB_RECURSE SC_FILES "*.cpp" "*.h") add_library(casbin ${SC_FILES}) + +set_target_properties(casbin PROPERTIES PREFIX "") +set_target_properties(casbin PROPERTIES SUFFIX ".o") diff --git a/casbin/casbin.vcxproj b/casbin/casbin.vcxproj index b6d39710..78734730 100644 --- a/casbin/casbin.vcxproj +++ b/casbin/casbin.vcxproj @@ -181,6 +181,7 @@ + @@ -263,6 +264,9 @@ + + + @@ -298,4 +302,4 @@ - + \ No newline at end of file diff --git a/casbin/casbin.vcxproj.filters b/casbin/casbin.vcxproj.filters index bcb656ef..b737c515 100644 --- a/casbin/casbin.vcxproj.filters +++ b/casbin/casbin.vcxproj.filters @@ -261,6 +261,9 @@ Source Files + + Source Files + @@ -482,8 +485,17 @@ Header Files + + Header Files + + + Header Files + + + Header Files + - + \ No newline at end of file diff --git a/casbin/enforcer.cpp b/casbin/enforcer.cpp index 4abee200..ec681b6b 100644 --- a/casbin/enforcer.cpp +++ b/casbin/enforcer.cpp @@ -33,8 +33,10 @@ namespace casbin { -// enforce use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". -bool Enforcer :: enforce(const std::string& matcher, Scope scope) { +// enforce use a custom matcher to decides whether a "subject" can access a "object" +// with the operation "action", input parameters are usually: (matcher, sub, obj, act), +// use model matcher by default when matcher is "". +bool Enforcer :: m_enforce(const std::string& matcher, Scope scope) { // TODO // defer func() { // if err := recover(); err != nil { @@ -42,83 +44,80 @@ bool Enforcer :: enforce(const std::string& matcher, Scope scope) { // } // }() - this->func_map.scope = scope; + m_func_map.scope = scope; - if(!this->enabled) + if(!m_enabled) return true; - // for(unordered_map :: iterator it = this->fm.fmap.begin() ; it != this->fm.fmap.end() ; it++) - // this->fm.AddFunction(it->first, it->second); - std::string exp_string; if(matcher == "") - exp_string = this->model->m["m"].assertion_map["m"]->value; + exp_string = m_model->m["m"].assertion_map["m"]->value; else exp_string = matcher; std::unordered_map> rm_map; - bool ok = this->model->m.find("g") != this->model->m.end(); + bool ok = m_model->m.find("g") != m_model->m.end(); if(ok) { - for (std::unordered_map>::iterator it = this->model->m["g"].assertion_map.begin(); it != this->model->m["g"].assertion_map.end(); it++) { - std::shared_ptr rm = it->second->rm; - int char_count = int(std::count(it->second->value.begin(), it->second->value.end(), '_')); - int index = int(exp_string.find((it->first)+"(")); + for (auto it : m_model->m["g"].assertion_map) { + std::shared_ptr rm = it.second->rm; + int char_count = int(std::count(it.second->value.begin(), it.second->value.end(), '_')); + int index = int(exp_string.find((it.first)+"(")); if (index != std::string::npos) - exp_string.insert(index+(it->first+"(").length(), "rm, "); - PushPointer(this->func_map.scope, (void *)rm.get(), "rm"); - this->func_map.AddFunction(it->first, GFunction, char_count + 1); + exp_string.insert(index+(it.first+"(").length(), "rm, "); + PushPointer(m_func_map.scope, (void *)rm.get(), "rm"); + m_func_map.AddFunction(it.first, GFunction, char_count + 1); } } // apply function map to current scope. - for(auto func: user_func_list){ - this->func_map.AddFunction(std::get<0>(func), std::get<1>(func), std::get<2>(func)); + for(auto func : m_user_func_list) { + m_func_map.AddFunction(std::get<0>(func), std::get<1>(func), std::get<2>(func)); } std::unordered_map p_int_tokens; - for(int i = 0 ; i < this->model->m["p"].assertion_map["p"]->tokens.size() ; i++) - p_int_tokens[this->model->m["p"].assertion_map["p"]->tokens[i]] = i; + for(int i = 0 ; i < m_model->m["p"].assertion_map["p"]->tokens.size() ; i++) + p_int_tokens[m_model->m["p"].assertion_map["p"]->tokens[i]] = i; - std::vector p_tokens = this->model->m["p"].assertion_map["p"]->tokens; + std::vector p_tokens = m_model->m["p"].assertion_map["p"]->tokens; - int policy_len = int(this->model->m["p"].assertion_map["p"]->policy.size()); + int policy_len = static_cast(m_model->m["p"].assertion_map["p"]->policy.size()); std::vector policy_effects(policy_len, Effect ::Indeterminate); - std::vector matcher_results(policy_len, 0.0); + std::vector matcher_results(policy_len, 0.0f); if(policy_len != 0) { - if(this->model->m["r"].assertion_map["r"]->tokens.size() != this->func_map.GetRLen()) + if(m_model->m["r"].assertion_map["r"]->tokens.size() != m_func_map.GetRLen()) return false; //TODO - for( int i = 0 ; i < policy_len ; i++){ - // log.LogPrint("Policy Rule: ", pvals) - std::vector p_vals = this->model->m["p"].assertion_map["p"]->policy[i]; - if(this->model->m["p"].assertion_map["p"]->tokens.size() != p_vals.size()) + for( int i = 0 ; i < policy_len ; i++) { + std::vector p_vals = m_model->m["p"].assertion_map["p"]->policy[i]; + m_log.LogPrint("Policy Rule: ", p_vals); + if(p_tokens.size() != p_vals.size()) return false; - PushObject(this->func_map.scope, "p"); + PushObject(m_func_map.scope, "p"); for(int j = 0 ; j < p_tokens.size() ; j++){ int index = int(p_tokens[j].find("_")); std::string token = p_tokens[j].substr(index + 1); - PushStringPropToObject(this->func_map.scope, "p", p_vals[j], token); + PushStringPropToObject(m_func_map.scope, "p", p_vals[j], token); } - this->func_map.Evaluate(exp_string); + m_func_map.Evaluate(exp_string); //TODO // log.LogPrint("Result: ", result) - if(CheckType(this->func_map.scope) == Type :: Bool){ - bool result = GetBoolean(this->func_map.scope); + if(CheckType(m_func_map.scope) == Type :: Bool){ + bool result = GetBoolean(m_func_map.scope); if(!result) { policy_effects[i] = Effect :: Indeterminate; continue; } } - else if(CheckType(this->func_map.scope) == Type :: Float){ - float result = GetFloat(this->func_map.scope); + else if(CheckType(m_func_map.scope) == Type :: Float){ + float result = GetFloat(m_func_map.scope); if(result == 0.0) { policy_effects[i] = Effect :: Indeterminate; continue; @@ -142,27 +141,27 @@ bool Enforcer :: enforce(const std::string& matcher, Scope scope) { else policy_effects[i] = Effect :: Allow; - if(this->model->m["e"].assertion_map["e"]->value == "priority(p_eft) || deny") + if(m_model->m["e"].assertion_map["e"]->value == "priority(p_eft) || deny") break; } } else { - bool isValid = this->func_map.Evaluate(exp_string); + bool isValid = m_func_map.Evaluate(exp_string); if(!isValid) return false; - bool result = this->func_map.GetBooleanResult(); + bool result = m_func_map.GetBooleanResult(); //TODO - // log.LogPrint("Result: ", result) - if(result) + m_log.LogPrint("Result: ", result); + if (result) policy_effects.push_back(Effect::Allow); else policy_effects.push_back(Effect::Indeterminate); } //TODO - // log.LogPrint("Rule Results: ", policyEffects) + m_log.LogPrint("Rule Results: ", policy_effects); - bool result = this->eft->MergeEffects(this->model->m["e"].assertion_map["e"]->value, policy_effects, matcher_results); + bool result = m_eft->MergeEffects(m_model->m["e"].assertion_map["e"]->value, policy_effects, matcher_results); return result; } @@ -190,8 +189,8 @@ Enforcer ::Enforcer(const std::string& model_path, const std::string& policy_fil * @param adapter the adapter. */ Enforcer ::Enforcer(const std::string& model_path, std::shared_ptr adapter) - : Enforcer(std::shared_ptr(new Model(model_path)), adapter) { - this->model_path = model_path; + : Enforcer(std::make_shared(model_path), adapter) { + m_model_path = model_path; } /** @@ -200,16 +199,13 @@ Enforcer ::Enforcer(const std::string& model_path, std::shared_ptr adap * @param m the model. * @param adapter the adapter. */ -Enforcer :: Enforcer(std::shared_ptr m, std::shared_ptr adapter) { - this->adapter = adapter; - this->watcher = NULL; - - this->model = m; - this->model->PrintModel(); +Enforcer :: Enforcer(std::shared_ptr m, std::shared_ptr adapter) + : m_adapter(adapter), m_watcher(nullptr), m_model(m) { + m_model->PrintModel(); this->Initialize(); - if (this->adapter && this->adapter->file_path != "") { + if (m_adapter && m_adapter->file_path != "") { this->LoadPolicy(); } } @@ -237,8 +233,9 @@ Enforcer ::Enforcer(const std::string& model_path): Enforcer(model_path, "") { * @param policyFile the path of the policy file. * @param enableLog whether to enable Casbin's log. */ -Enforcer :: Enforcer(const std::string& model_path, const std::string& policy_file, bool enable_log): Enforcer(model_path, std::shared_ptr(new FileAdapter(policy_file))) { - // e.EnableLog(enable_log); +Enforcer :: Enforcer(const std::string& model_path, const std::string& policy_file, bool enable_log) + : Enforcer(model_path, std::make_shared(policy_file)) { + this->EnableLog(enable_log); } @@ -254,72 +251,73 @@ void Enforcer :: InitWithAdapter(const std::string& model_path, std::shared_ptr< this->InitWithModelAndAdapter(m, adapter); - this->model_path = model_path; + m_model_path = model_path; } // InitWithModelAndAdapter initializes an enforcer with a model and a database adapter. void Enforcer :: InitWithModelAndAdapter(std::shared_ptr m, std::shared_ptr adapter) { - this->adapter = adapter; + m_adapter = adapter; - this->model = m; - this->model->PrintModel(); - this->func_map.LoadFunctionMap(); + m_model = m; + m_model->PrintModel(); + m_func_map.LoadFunctionMap(); this->Initialize(); // Do not initialize the full policy when using a filtered adapter - if(this->adapter != NULL && !this->adapter->IsFiltered()) + if(m_adapter != NULL && !m_adapter->IsFiltered()) this->LoadPolicy(); } void Enforcer :: Initialize() { - this->rm = std::shared_ptr(new DefaultRoleManager(10)); - this->eft = std::shared_ptr(new DefaultEffector()); - this->watcher = NULL; + this->rm = std::make_shared(10); + m_eft = std::make_shared(); + m_watcher = NULL; - this->enabled = true; - this->auto_save = true; - this->auto_build_role_links = true; - this->auto_notify_watcher = true; + m_enabled = true; + m_auto_save = true; + m_auto_build_role_links = true; + m_auto_notify_watcher = true; } // LoadModel reloads the model from the model CONF file. -// Because the policy is attached to a model, so the policy is invalidated and needs to be reloaded by calling LoadPolicy(). +// Because the policy is attached to a model, so the policy is invalidated and needs +// to be reloaded by calling LoadPolicy(). void Enforcer :: LoadModel() { - this->model = std::shared_ptr(Model ::NewModelFromFile(this->model_path)); + m_model = std::shared_ptr(Model ::NewModelFromFile(m_model_path)); - this->model->PrintModel(); - this->func_map.LoadFunctionMap(); + m_model->PrintModel(); + m_func_map.LoadFunctionMap(); this->Initialize(); } // GetModel gets the current model. std::shared_ptr Enforcer :: GetModel() { - return this->model; + return m_model; } // SetModel sets the current model. void Enforcer :: SetModel(std::shared_ptr m) { - this->model = m; - this->func_map.LoadFunctionMap(); + m_model = m; + m_func_map.LoadFunctionMap(); this->Initialize(); } // GetAdapter gets the current adapter. std::shared_ptr Enforcer::GetAdapter() { - return this->adapter; + return m_adapter; } // SetAdapter sets the current adapter. void Enforcer::SetAdapter(std::shared_ptr adapter) { - this->adapter = adapter; + m_adapter = adapter; } // SetWatcher sets the current watcher. void Enforcer :: SetWatcher(std::shared_ptr watcher) { - this->watcher = watcher; + m_watcher = watcher; auto func = [&, this](std::string str) { this->LoadPolicy(); }; @@ -338,21 +336,21 @@ void Enforcer :: SetRoleManager(std::shared_ptr rm) { // SetEffector sets the current effector. void Enforcer :: SetEffector(std::shared_ptr eft) { - this->eft = eft; + m_eft = eft; } // ClearPolicy clears all policy. void Enforcer :: ClearPolicy() { - this->model->ClearPolicy(); + m_model->ClearPolicy(); } // LoadPolicy reloads the policy from file/database. void Enforcer :: LoadPolicy() { this->ClearPolicy(); - this->adapter->LoadPolicy(this->model.get()); - this->model->PrintPolicy(); + m_adapter->LoadPolicy(m_model.get()); + m_model->PrintPolicy(); - if(this->auto_build_role_links) { + if(m_auto_build_role_links) { this->BuildRoleLinks(); } } @@ -364,22 +362,22 @@ void Enforcer :: LoadFilteredPolicy(Filter filter) { std::shared_ptr filtered_adapter; - if (this->adapter->IsFiltered()) { - filtered_adapter = std::dynamic_pointer_cast(this->adapter); + if (m_adapter->IsFiltered()) { + filtered_adapter = std::dynamic_pointer_cast(m_adapter); } else throw CasbinAdapterException("filtered policies are not supported by this adapter"); - filtered_adapter->LoadFilteredPolicy(this->model, filter); + filtered_adapter->LoadFilteredPolicy(m_model, filter); - this->model->PrintPolicy(); - if(this->auto_build_role_links) + m_model->PrintPolicy(); + if(m_auto_build_role_links) this->BuildRoleLinks(); } // IsFiltered returns true if the loaded policy has been filtered. bool Enforcer :: IsFiltered() { - return this->adapter->IsFiltered(); + return m_adapter->IsFiltered(); } // SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database. @@ -387,56 +385,58 @@ void Enforcer :: SavePolicy() { if(this->IsFiltered()) throw CasbinEnforcerException("cannot save a filtered policy"); - this->adapter->SavePolicy(this->model.get()); + m_adapter->SavePolicy(m_model.get()); - if(this->watcher != NULL){ - if (IsInstanceOf(this->watcher.get())) { - void* watcher = this->watcher.get(); - ((WatcherEx*)watcher)->UpdateForSavePolicy(this->model.get()); + if(m_watcher != NULL){ + if (IsInstanceOf(m_watcher.get())) { + auto watcher = dynamic_cast(m_watcher.get()); + watcher->UpdateForSavePolicy(m_model.get()); } else - return this->watcher->Update(); + return m_watcher->Update(); } } -// EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, all access will be allowed by the Enforce() function. +// EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, +// all access will be allowed by the Enforce() function. void Enforcer :: EnableEnforce(bool enable) { - this->enabled = enable; + m_enabled = enable; } // EnableLog changes whether Casbin will log messages to the Logger. -// void Enforcer :: EnableLog(bool enable) { - // log.GetLogger().EnableLog(enable); -// } +void Enforcer :: EnableLog(bool enable) { + m_log.GetLogger().EnableLog(enable); +} // EnableAutoNotifyWatcher controls whether to save a policy rule automatically notify the Watcher when it is added or removed. void Enforcer :: EnableAutoNotifyWatcher(bool enable) { - this->auto_notify_watcher = enable; + m_auto_notify_watcher = enable; } // EnableAutoSave controls whether to save a policy rule automatically to the adapter when it is added or removed. void Enforcer :: EnableAutoSave(bool auto_save) { - this->auto_save = auto_save; + m_auto_save = auto_save; } // EnableAutoBuildRoleLinks controls whether to rebuild the role inheritance relations when a role is added or deleted. void Enforcer :: EnableAutoBuildRoleLinks(bool auto_build_role_links) { - this->auto_build_role_links = auto_build_role_links; + m_auto_build_role_links = auto_build_role_links; } // BuildRoleLinks manually rebuild the role inheritance relations. void Enforcer :: BuildRoleLinks() { this->rm->Clear(); - this->model->BuildRoleLinks(this->rm); + m_model->BuildRoleLinks(this->rm); } // BuildIncrementalRoleLinks provides incremental build the role inheritance relations. void Enforcer :: BuildIncrementalRoleLinks(policy_op op, const std::string& p_type, const std::vector>& rules) { - return this->model->BuildIncrementalRoleLinks(this->rm, op, "g", p_type, rules); + return m_model->BuildIncrementalRoleLinks(this->rm, op, "g", p_type, rules); } -// Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act). +// Enforce decides whether a "subject" can access a "object" with the operation "action", +// input parameters are usually: (sub, obj, act). bool Enforcer :: Enforce(Scope scope) { return this->EnforceWithMatcher("", scope); } @@ -453,12 +453,12 @@ bool Enforcer::Enforce(const std::unordered_map& param // EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". bool Enforcer :: EnforceWithMatcher(const std::string& matcher, Scope scope) { - return this->enforce(matcher, scope); + return m_enforce(matcher, scope); } // EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". bool Enforcer::EnforceWithMatcher(const std::string& matcher, const std::vector& params) { - std::vector r_tokens = this->model->m["r"].assertion_map["r"]->tokens; + std::vector r_tokens = m_model->m["r"].assertion_map["r"]->tokens; int r_cnt = int(r_tokens.size()); int cnt = int(params.size()); @@ -473,12 +473,14 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const std::vector< PushStringPropToObject(scope, "r", params[i], r_tokens[i].substr(2, r_tokens[i].size() - 2)); } - bool result = this->enforce(matcher, scope); + bool result = m_enforce(matcher, scope); DeinitializeScope(scope); return result; } -// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". +// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" +// with the operation "action", input parameters are usually: (matcher, sub, obj, act), +// use model matcher by default when matcher is "". bool Enforcer::EnforceWithMatcher(const std::string& matcher, const std::unordered_map& params) { Scope scope = InitializeScope(); PushObject(scope, "r"); @@ -487,11 +489,32 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const std::unorder PushStringPropToObject(scope, "r", r.second, r.first); } - bool result = this->enforce(matcher, scope); + bool result = m_enforce(matcher, scope); DeinitializeScope(scope); return result; } +// BatchEnforce enforce in batches +std::vector Enforcer :: BatchEnforce(const std::vector>& requests) { + // Initializing an array for storing results with false + std::vector results; + results.reserve(requests.size()); + for (auto request : requests) { + results.push_back(this->Enforce(request)); + } + return results; +} + +// BatchEnforceWithMatcher enforce with matcher in batches +std::vector Enforcer :: BatchEnforceWithMatcher(const std::string& matcher, const std::vector>& requests) { + std::vector results; + results.reserve(requests.size()); + for (auto request : requests) { + results.push_back(this->EnforceWithMatcher(matcher, request)); + } + return results; +} + } // namespace casbin #endif // ENFORCER_CPP diff --git a/casbin/enforcer.h b/casbin/enforcer.h index 2b16826f..29559c2b 100644 --- a/casbin/enforcer.h +++ b/casbin/enforcer.h @@ -23,29 +23,33 @@ #include "./model/function.h" #include "./enforcer_interface.h" #include "./persist/filtered_adapter.h" +#include "./log/log_util.h" namespace casbin { // Enforcer is the main interface for authorization enforcement and policy management. -class Enforcer : public IEnforcer{ +class Enforcer : public IEnforcer { private: - std::string model_path; - std::shared_ptr model; - FunctionMap func_map; - std::vector> user_func_list; - std::shared_ptr eft; + std::string m_model_path; + std::shared_ptr m_model; + FunctionMap m_func_map; + std::vector> m_user_func_list; + std::shared_ptr m_eft; - std::shared_ptr adapter; - std::shared_ptr watcher; + std::shared_ptr m_adapter; + std::shared_ptr m_watcher; + LogUtil m_log; - bool enabled; - bool auto_save; - bool auto_build_role_links; - bool auto_notify_watcher; + bool m_enabled; + bool m_auto_save; + bool m_auto_build_role_links; + bool m_auto_notify_watcher; - // enforce use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". - bool enforce(const std::string& matcher, Scope scope); + // enforce use a custom matcher to decides whether a "subject" can access a "object" + // with the operation "action", input parameters are usually: (matcher, sub, obj, act), + // use model matcher by default when matcher is "". + bool m_enforce(const std::string& matcher, Scope scope); public: @@ -104,7 +108,8 @@ class Enforcer : public IEnforcer{ void InitWithModelAndAdapter(std::shared_ptr m, std::shared_ptr adapter); void Initialize(); // LoadModel reloads the model from the model CONF file. - // Because the policy is attached to a model, so the policy is invalidated and needs to be reloaded by calling LoadPolicy(). + // Because the policy is attached to a model, so the policy is invalidated and + // needs to be reloaded by calling LoadPolicy(). void LoadModel(); // GetModel gets the current model. std::shared_ptr GetModel(); @@ -136,9 +141,7 @@ class Enforcer : public IEnforcer{ // EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, all access will be allowed by the Enforce() function. void EnableEnforce(bool enable); // EnableLog changes whether Casbin will log messages to the Logger. - // void EnableLog(bool enable) { - // log.GetLogger().EnableLog(enable); - // } + void EnableLog(bool enable); // EnableAutoNotifyWatcher controls whether to save a policy rule automatically notify the Watcher when it is added or removed. void EnableAutoNotifyWatcher(bool enable); @@ -162,6 +165,10 @@ class Enforcer : public IEnforcer{ bool EnforceWithMatcher(const std::string& matcher, const std::vector& params); // EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "". bool EnforceWithMatcher(const std::string& matcher, const std::unordered_map& params); + // BatchEnforce enforce in batches + std::vector BatchEnforce(const std::vector>& requests); + // BatchEnforceWithMatcher enforce with matcher in batches + std::vector BatchEnforceWithMatcher(const std::string& matcher, const std::vector>& requests); /*Management API member functions.*/ std::vector GetAllSubjects(); @@ -205,6 +212,12 @@ class Enforcer : public IEnforcer{ bool RemoveNamedGroupingPolicies(const std::string& p_type, const std::vector>& rules); bool RemoveFilteredNamedGroupingPolicy(const std::string& p_type, int field_index, const std::vector& field_values); void AddFunction(const std::string& name, Function function, Index nargs); + bool UpdateGroupingPolicy(const std::vector& oldRule, const std::vector& newRule); + bool UpdateNamedGroupingPolicy(const std::string& ptype, const std::vector& oldRule, const std::vector& newRule); + bool UpdatePolicy(const std::vector& oldPolicy, const std::vector& newPolicy); + bool UpdateNamedPolicy(const std::string& ptype, const std::vector& p1, const std::vector& p2); + bool UpdatePolicies(const std::vector>& oldPolices, const std::vector>& newPolicies); + bool UpdateNamedPolicies(const std::string& ptype, const std::vector>& p1, const std::vector>& p2); /*RBAC API member functions.*/ std::vector GetRolesForUser(const std::string& name, const std::vector& domain = {}); @@ -232,6 +245,8 @@ class Enforcer : public IEnforcer{ bool removePolicy(const std::string& sec , const std::string& p_type , const std::vector& rule); bool removePolicies(const std::string& sec, const std::string& p_type, const std::vector>& rules); bool removeFilteredPolicy(const std::string& sec , const std::string& p_type , int field_index , const std::vector& field_values); + bool updatePolicy(const std::string& sec, const std::string& p_type, const std::vector& oldRule, const std::vector& newRule); + bool updatePolicies(const std::string& sec, const std::string& p_type, const std::vector>& p1, const std::vector>& p2); /* RBAC API with domains.*/ std::vector GetUsersForRoleInDomain(const std::string& name, const std::string& domain = {}); diff --git a/casbin/enforcer_interface.h b/casbin/enforcer_interface.h index 6ad1d4db..c80ad017 100644 --- a/casbin/enforcer_interface.h +++ b/casbin/enforcer_interface.h @@ -57,9 +57,11 @@ class IEnforcer { virtual void EnableAutoSave(bool auto_save) = 0; virtual void EnableAutoBuildRoleLinks(bool auto_build_role_links) = 0; virtual void BuildRoleLinks() = 0; - virtual bool enforce(const std::string&matcher, Scope scope) = 0; + virtual bool m_enforce(const std::string& matcher, Scope scope) = 0; virtual bool Enforce(Scope scope) = 0; - virtual bool EnforceWithMatcher(const std::string&matcher, Scope scope) = 0; + virtual bool EnforceWithMatcher(const std::string& matcher, Scope scope) = 0; + virtual std::vector BatchEnforce(const std::vector>& requests) = 0; + virtual std::vector BatchEnforceWithMatcher(const std::string& matcher, const std::vector>& requests) = 0; /* RBAC API */ virtual std::vector GetRolesForUser(const std::string& name, const std::vector& domain = {}) = 0; @@ -123,6 +125,12 @@ class IEnforcer { virtual bool RemoveNamedGroupingPolicies(const std::string& p_type, const std::vector>& rules) = 0; virtual bool RemoveFilteredNamedGroupingPolicy(const std::string& p_type, int field_index, const std::vector& field_values) = 0; virtual void AddFunction(const std::string& name, Function function, Index nargs) = 0; + virtual bool UpdateGroupingPolicy(const std::vector& oldRule, const std::vector& newRule) = 0; + virtual bool UpdateNamedGroupingPolicy(const std::string& ptype, const std::vector& oldRule, const std::vector& newRule) = 0; + virtual bool UpdatePolicy(const std::vector& oldPolicy, const std::vector& newPolicy) = 0; + virtual bool UpdateNamedPolicy(const std::string& ptype, const std::vector& p1, const std::vector& p2) = 0; + virtual bool UpdatePolicies(const std::vector>& oldPolices, const std::vector>& newPolicies) = 0; + virtual bool UpdateNamedPolicies(const std::string& ptype, const std::vector>& p1, const std::vector>& p2) = 0; /* Internal API member functions */ virtual bool addPolicy(const std::string& sec, const std::string& p_type, const std::vector& rule) = 0; @@ -130,6 +138,8 @@ class IEnforcer { virtual bool removePolicy(const std::string& sec , const std::string& p_type , const std::vector& rule) = 0; virtual bool removePolicies(const std::string& sec, const std::string& p_type, const std::vector>& rules) = 0; virtual bool removeFilteredPolicy(const std::string& sec , const std::string& p_type , int field_index , const std::vector& field_values) = 0; + virtual bool updatePolicy(const std::string& sec, const std::string& p_type, const std::vector& oldRule, const std::vector& newRule) = 0; + virtual bool updatePolicies(const std::string& sec, const std::string& p_type, const std::vector>& p1, const std::vector>& p2) = 0; /* RBAC API with domains.*/ virtual std::vector GetUsersForRoleInDomain(const std::string& name, const std::string& domain) = 0; diff --git a/casbin/enforcer_synced.cpp b/casbin/enforcer_synced.cpp index 5f59b905..4a5daab4 100644 --- a/casbin/enforcer_synced.cpp +++ b/casbin/enforcer_synced.cpp @@ -201,17 +201,17 @@ bool SyncedEnforcer ::Enforce(const std::unordered_map return Enforcer::Enforce(params); } -// // BatchEnforce enforce in batches -// std::vector SyncedEnforcer ::BatchEnforce(const std::vector>& requests) { -// std::lock_guard lock(policyMutex); -// return Enforcer::BatchEnforce(requests); -// } +// BatchEnforce enforce in batches +std::vector SyncedEnforcer ::BatchEnforce(const std::vector>& requests) { + std::lock_guard lock(policyMutex); + return Enforcer::BatchEnforce(requests); +} -// // BatchEnforceWithMatcher enforce with matcher in batches -// std::vector SyncedEnforcer ::BatchEnforceWithMatcher(const std::string& matcher, const std::vector>& requests) { -// std::lock_guard lock(policyMutex); -// return Enforcer::BatchEnforce(matcher, requests); -// } +// BatchEnforceWithMatcher enforce with matcher in batches +std::vector SyncedEnforcer ::BatchEnforceWithMatcher(const std::string& matcher, const std::vector>& requests) { + std::lock_guard lock(policyMutex); + return Enforcer::BatchEnforceWithMatcher(matcher, requests); +} // GetAllSubjects gets the list of subjects that show up in the current policy. std::vector SyncedEnforcer ::GetAllSubjects() { @@ -348,26 +348,26 @@ bool SyncedEnforcer ::RemovePolicy(const std::vector& params) { } // UpdatePolicy updates an authorization rule from the current policy. -// bool SyncedEnforcer ::UpdatePolicy(const std::vector& oldPolicy, const std::vector& newPolicy) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdatePolicy(oldPolicy, newPolicy); -// } +bool SyncedEnforcer ::UpdatePolicy(const std::vector& oldPolicy, const std::vector& newPolicy) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdatePolicy(oldPolicy, newPolicy); +} -// bool SyncedEnforcer ::UpdateNamedPolicy(const std::string& ptype, const std::vector& p1, const std::vector& p2) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdateNamedPolicy(ptype, p1, p2); -// } +bool SyncedEnforcer ::UpdateNamedPolicy(const std::string& ptype, const std::vector& p1, const std::vector& p2) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdateNamedPolicy(ptype, p1, p2); +} -// // UpdatePolicies updates authorization rules from the current policies. -// bool SyncedEnforcer ::UpdatePolicies(const std::vector>& oldPolices, const std::vector>& newPolicies) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdatePolicies(oldPolices, newPolicies); -// } +// UpdatePolicies updates authorization rules from the current policies. +bool SyncedEnforcer ::UpdatePolicies(const std::vector>& oldPolices, const std::vector>& newPolicies) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdatePolicies(oldPolices, newPolicies); +} -// bool SyncedEnforcer ::UpdateNamedPolicies(const std::string& ptype, const std::vector>& p1, const std::vector>& p2) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdateNamedPolicies(ptype, p1, p2); -// } +bool SyncedEnforcer ::UpdateNamedPolicies(const std::string& ptype, const std::vector>& p1, const std::vector>& p2) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdateNamedPolicies(ptype, p1, p2); +} // RemovePolicies removes authorization rules from the current policy. bool SyncedEnforcer ::RemovePolicies(const std::vector>& rules) { @@ -473,15 +473,15 @@ bool SyncedEnforcer ::RemoveNamedGroupingPolicies(const std::string& ptype, cons return Enforcer::RemoveNamedGroupingPolicies(ptype, rules); } -// bool SyncedEnforcer ::UpdateGroupingPolicy(const std::vector& oldRule, const std::vector& newRule) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdateGroupingPolicy(oldRule, newRule); -// } +bool SyncedEnforcer ::UpdateGroupingPolicy(const std::vector& oldRule, const std::vector& newRule) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdateGroupingPolicy(oldRule, newRule); +} -// bool SyncedEnforcer ::UpdateNamedGroupingPolicy(const std::string& ptype, const std::vector& oldRule, const std::vector& newRule) { -// std::lock_guard lock(policyMutex); -// return Enforcer::UpdateNamedGroupingPolicy(ptype, oldRule, newRule); -// } +bool SyncedEnforcer ::UpdateNamedGroupingPolicy(const std::string& ptype, const std::vector& oldRule, const std::vector& newRule) { + std::lock_guard lock(policyMutex); + return Enforcer::UpdateNamedGroupingPolicy(ptype, oldRule, newRule); +} // RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified. bool SyncedEnforcer ::RemoveFilteredNamedGroupingPolicy(const std::string& ptype, int fieldIndex, const std::vector& fieldValues) { diff --git a/casbin/internal_api.cpp b/casbin/internal_api.cpp index 248281f0..73cb5647 100644 --- a/casbin/internal_api.cpp +++ b/casbin/internal_api.cpp @@ -30,7 +30,7 @@ namespace casbin { // addPolicy adds a rule to the current policy. bool Enforcer :: addPolicy(const std::string& sec, const std::string& p_type, const std::vector& rule) { - bool rule_added = this->model->AddPolicy(sec, p_type, rule); + bool rule_added = m_model->AddPolicy(sec, p_type, rule); if(!rule_added) return rule_added; @@ -39,20 +39,20 @@ bool Enforcer :: addPolicy(const std::string& sec, const std::string& p_type, co this->BuildIncrementalRoleLinks(policy_add, p_type, rules); } - if (this->adapter && this->auto_save) { + if (m_adapter && m_auto_save) { try { - this->adapter->AddPolicy(sec, p_type, rule); + m_adapter->AddPolicy(sec, p_type, rule); } catch(UnsupportedOperationException e) { } } - if (this->watcher && this->auto_notify_watcher) { - if (IsInstanceOf(this->watcher.get())) { - std::dynamic_pointer_cast(this->watcher)->UpdateForAddPolicy(rule); + if (m_watcher && m_auto_notify_watcher) { + if (IsInstanceOf(m_watcher.get())) { + std::dynamic_pointer_cast(m_watcher)->UpdateForAddPolicy(rule); } else - this->watcher->Update(); + m_watcher->Update(); } return rule_added; @@ -60,7 +60,7 @@ bool Enforcer :: addPolicy(const std::string& sec, const std::string& p_type, co // addPolicies adds rules to the current policy. bool Enforcer :: addPolicies(const std::string& sec, const std::string& p_type, const std::vector>& rules) { - bool rules_added = this->model->AddPolicies(sec, p_type, rules); + bool rules_added = m_model->AddPolicies(sec, p_type, rules); if (!rules_added) return rules_added; @@ -68,23 +68,23 @@ bool Enforcer :: addPolicies(const std::string& sec, const std::string& p_type, this->BuildIncrementalRoleLinks(policy_add, p_type, rules); - if (this->adapter && this->auto_save) { + if (m_adapter && m_auto_save) { try { - std::dynamic_pointer_cast(this->adapter)->AddPolicies(sec, p_type, rules); + std::dynamic_pointer_cast(m_adapter)->AddPolicies(sec, p_type, rules); } catch(UnsupportedOperationException e) { } } - if (this->watcher && this->auto_notify_watcher) - this->watcher->Update(); + if (m_watcher && m_auto_notify_watcher) + m_watcher->Update(); return rules_added; } // removePolicy removes a rule from the current policy. bool Enforcer :: removePolicy(const std::string& sec, const std::string& p_type, const std::vector& rule) { - bool rule_removed = this->model->RemovePolicy(sec, p_type, rule); + bool rule_removed = m_model->RemovePolicy(sec, p_type, rule); if(!rule_removed) return rule_removed; @@ -93,20 +93,20 @@ bool Enforcer :: removePolicy(const std::string& sec, const std::string& p_type, this->BuildIncrementalRoleLinks(policy_add, p_type, rules); } - if (this->adapter && this->auto_save) { + if (m_adapter && m_auto_save) { try { - this->adapter->RemovePolicy(sec, p_type, rule); + m_adapter->RemovePolicy(sec, p_type, rule); } catch (UnsupportedOperationException e) { } } - if(this->watcher && this->auto_notify_watcher){ - if (IsInstanceOf(this->watcher.get())) { - std::dynamic_pointer_cast(watcher)->UpdateForRemovePolicy(rule); + if(m_watcher && m_auto_notify_watcher){ + if (IsInstanceOf(m_watcher.get())) { + std::dynamic_pointer_cast(m_watcher)->UpdateForRemovePolicy(rule); } else - this->watcher->Update(); + m_watcher->Update(); } return rule_removed; @@ -114,30 +114,30 @@ bool Enforcer :: removePolicy(const std::string& sec, const std::string& p_type, // removePolicies removes rules from the current policy. bool Enforcer :: removePolicies(const std::string& sec, const std::string& p_type, const std::vector>& rules) { - bool rules_removed = this->model->AddPolicies(sec, p_type, rules); + bool rules_removed = m_model->AddPolicies(sec, p_type, rules); if (!rules_removed) return rules_removed; if (sec == "g") this->BuildIncrementalRoleLinks(policy_add, p_type, rules); - if (this->adapter && this->auto_save) { + if (m_adapter && m_auto_save) { try{ - std::dynamic_pointer_cast(this->adapter)->RemovePolicies(sec, p_type, rules); + std::dynamic_pointer_cast(m_adapter)->RemovePolicies(sec, p_type, rules); } catch(UnsupportedOperationException e){ } } - if (this->watcher && this->auto_notify_watcher) - this->watcher->Update(); + if (m_watcher && m_auto_notify_watcher) + m_watcher->Update(); return rules_removed; } // removeFilteredPolicy removes rules based on field filters from the current policy. bool Enforcer :: removeFilteredPolicy(const std::string& sec, const std::string& p_type, int field_index, const std::vector& field_values){ - std::pair>> p = this->model->RemoveFilteredPolicy(sec, p_type, field_index, field_values); + std::pair>> p = m_model->RemoveFilteredPolicy(sec, p_type, field_index, field_values); bool rule_removed = p.first; std::vector> effects = p.second; @@ -147,25 +147,33 @@ bool Enforcer :: removeFilteredPolicy(const std::string& sec, const std::string& if (sec == "g") this->BuildIncrementalRoleLinks(policy_remove, p_type, effects); - if (this->adapter && this->auto_save) { + if (m_adapter && m_auto_save) { try { - this->adapter->RemoveFilteredPolicy(sec, p_type, field_index, field_values); \ + m_adapter->RemoveFilteredPolicy(sec, p_type, field_index, field_values); \ } catch (UnsupportedOperationException e) { } } - if (this->watcher && this->auto_notify_watcher) { - if (IsInstanceOf(this->watcher.get())) { - std::dynamic_pointer_cast(this->watcher)->UpdateForRemoveFilteredPolicy(field_index, field_values); + if (m_watcher && m_auto_notify_watcher) { + if (IsInstanceOf(m_watcher.get())) { + std::dynamic_pointer_cast(m_watcher)->UpdateForRemoveFilteredPolicy(field_index, field_values); } else - this->watcher->Update(); + m_watcher->Update(); } return rule_removed; } +bool Enforcer :: updatePolicy(const std::string& sec, const std::string& p_type, const std::vector& oldRule, const std::vector& newRule) { + return true; +} + +bool Enforcer :: updatePolicies(const std::string& sec, const std::string& p_type, const std::vector>& p1, const std::vector>& p2) { + return true; +} + } // namespace casbin #endif // INTERNAL_API_CPP diff --git a/casbin/log/Log.h b/casbin/log/Log.h deleted file mode 100644 index e69de29b..00000000 diff --git a/casbin/log/Logger.h b/casbin/log/Logger.h index 68171d09..63015f91 100644 --- a/casbin/log/Logger.h +++ b/casbin/log/Logger.h @@ -7,27 +7,23 @@ namespace casbin { class Logger{ protected: - bool enable; + bool m_enable; public: //EnableLog controls whether print the message. - virtual void EnableLog(bool enable); + virtual void EnableLog(bool enable) = 0; //IsEnabled returns if logger is enabled. - virtual bool IsEnabled(); + virtual bool IsEnabled() = 0; //Print formats using the default formats for its operands and logs the message. - template - void Print(Object... objects){ - return; - } + template + void Print(T arg, Object... objects); //Printf formats according to a format specifier and logs the message. template - void Printf(std::string, Object... objects){ - return; - } + void Printf(std::string, Object... objects); }; } // namespace casbin diff --git a/casbin/log/default_logger.h b/casbin/log/default_logger.h index 49dc946d..509eb225 100644 --- a/casbin/log/default_logger.h +++ b/casbin/log/default_logger.h @@ -1,32 +1,31 @@ #ifndef CASBIN_CPP_LOG_DEFAULT_LOGGER #define CASBIN_CPP_LOG_DEFAULT_LOGGER -#include "Logger.h" -#include "Log.h" +#include "./Logger.h" namespace casbin { -class DefaultLogger : public Logger{ +class DefaultLogger : public Logger { public: void EnableLog(bool enable) { - this->enable = enable; + m_enable = enable; } bool IsEnabled() { - return this->enable; + return m_enable; } template void Print(Object... objects){ - if (this->enable){ + if (m_enable){ Print(objects...); } } template void Print(std::string format, Object... objects){ - if (this->enable){ + if (m_enable){ Printf(format, objects...); } } diff --git a/casbin/log/log_util.h b/casbin/log/log_util.h index 99b00e32..f7996710 100644 --- a/casbin/log/log_util.h +++ b/casbin/log/log_util.h @@ -1,36 +1,36 @@ #ifndef CASBIN_CPP_LOG_LOG_UTIL #define CASBIN_CPP_LOG_LOG_UTIL -#include "DefaultLogger.h" +#include "./default_logger.h" namespace casbin { -class LogUtil{ +class LogUtil { private: - static Logger logger; + static DefaultLogger s_logger; public: // SetLogger sets the current logger. - static void SetLogger(Logger l){ - logger = l; + static void SetLogger(const DefaultLogger& l){ + s_logger = l; } // GetLogger returns the current logger. - static Logger GetLogger() { - return logger; + static DefaultLogger GetLogger() { + return s_logger; } // LogPrint prints the log. template static void LogPrint(Object... objects) { - logger.Print(objects...); + s_logger.Print(objects...); } // LogPrintf prints the log with the format. template static void LogPrintf(std::string format, Object... objects) { - logger.Printf(format, objects...); + s_logger.Printf(format, objects...); } }; diff --git a/casbin/logger.cpp b/casbin/logger.cpp new file mode 100644 index 00000000..a60566a1 --- /dev/null +++ b/casbin/logger.cpp @@ -0,0 +1,28 @@ +#include "pch.h" + +#ifndef LOGGER_CPP +#define LOGGER_CPP + +#include +#include "log/Logger.h" +#include "log/log_util.h" + +namespace casbin { + +//Print formats using the default formats for its operands and logs the message. +template +void Logger::Print(T arg, Object... objects) { + return; +} + +//Printf formats according to a format specifier and logs the message. +template +void Logger::Printf(std::string format, Object... objects) { + Print(objects...); +} + +DefaultLogger LogUtil::s_logger; + +} + +#endif // LOGGER_CPP diff --git a/casbin/management_api.cpp b/casbin/management_api.cpp index 764d53d7..14f72d83 100644 --- a/casbin/management_api.cpp +++ b/casbin/management_api.cpp @@ -26,42 +26,42 @@ namespace casbin { // GetAllSubjects gets the list of subjects that show up in the current policy. std::vector Enforcer :: GetAllSubjects() { - return this->model->GetValuesForFieldInPolicyAllTypes("p", 0); + return m_model->GetValuesForFieldInPolicyAllTypes("p", 0); } // GetAllNamedSubjects gets the list of subjects that show up in the current named policy. std::vector Enforcer :: GetAllNamedSubjects(const std::string& p_type) { - return this->model->GetValuesForFieldInPolicy("p", p_type, 0); + return m_model->GetValuesForFieldInPolicy("p", p_type, 0); } // GetAllObjects gets the list of objects that show up in the current policy. std::vector Enforcer :: GetAllObjects() { - return this->model->GetValuesForFieldInPolicyAllTypes("p", 1); + return m_model->GetValuesForFieldInPolicyAllTypes("p", 1); } // GetAllNamedObjects gets the list of objects that show up in the current named policy. std::vector Enforcer :: GetAllNamedObjects(const std::string& p_type) { - return this->model->GetValuesForFieldInPolicy("p", p_type, 1); + return m_model->GetValuesForFieldInPolicy("p", p_type, 1); } // GetAllActions gets the list of actions that show up in the current policy. std::vector Enforcer :: GetAllActions() { - return this->model->GetValuesForFieldInPolicyAllTypes("p", 2); + return m_model->GetValuesForFieldInPolicyAllTypes("p", 2); } // GetAllNamedActions gets the list of actions that show up in the current named policy. std::vector Enforcer :: GetAllNamedActions(const std::string& p_type) { - return this->model->GetValuesForFieldInPolicy("p", p_type, 2); + return m_model->GetValuesForFieldInPolicy("p", p_type, 2); } // GetAllRoles gets the list of roles that show up in the current policy. std::vector Enforcer :: GetAllRoles() { - return this->model->GetValuesForFieldInPolicyAllTypes("g", 1); + return m_model->GetValuesForFieldInPolicyAllTypes("g", 1); } // GetAllNamedRoles gets the list of roles that show up in the current named policy. std::vector Enforcer :: GetAllNamedRoles(const std::string& p_type) { - return this->model->GetValuesForFieldInPolicy("g", p_type, 1); + return m_model->GetValuesForFieldInPolicy("g", p_type, 1); } // GetPolicy gets all the authorization rules in the policy. @@ -76,12 +76,12 @@ std::vector> Enforcer :: GetFilteredPolicy(int field_in // GetNamedPolicy gets all the authorization rules in the named policy. std::vector> Enforcer :: GetNamedPolicy(const std::string& p_type) { - return this->model->GetPolicy("p", p_type); + return m_model->GetPolicy("p", p_type); } // GetFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified. std::vector> Enforcer :: GetFilteredNamedPolicy(const std::string& p_type, int field_index, const std::vector& field_values) { - return this->model->GetFilteredPolicy("p", p_type, field_index, field_values); + return m_model->GetFilteredPolicy("p", p_type, field_index, field_values); } // GetGroupingPolicy gets all the role inheritance rules in the policy. @@ -96,12 +96,12 @@ std::vector> Enforcer :: GetFilteredGroupingPolicy(int // GetNamedGroupingPolicy gets all the role inheritance rules in the policy. std::vector> Enforcer :: GetNamedGroupingPolicy(const std::string& p_type) { - return this->model->GetPolicy("g", p_type); + return m_model->GetPolicy("g", p_type); } // GetFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified. std::vector> Enforcer :: GetFilteredNamedGroupingPolicy(const std::string& p_type, int field_index, const std::vector& field_values) { - return this->model->GetFilteredPolicy("g", p_type, field_index, field_values); + return m_model->GetFilteredPolicy("g", p_type, field_index, field_values); } // HasPolicy determines whether an authorization rule exists. @@ -113,13 +113,13 @@ bool Enforcer :: HasPolicy(const std::vector& params) { bool Enforcer :: HasNamedPolicy(const std::string& p_type, const std::vector& params) { if (params.size() == 1) { std::vector str_slice{params[0]}; - return this->model->HasPolicy("p", p_type, str_slice); + return m_model->HasPolicy("p", p_type, str_slice); } std::vector policy; for (int i = 0 ; i < params.size() ; i++) policy.push_back(params[i]); - return this->model->HasPolicy("p", p_type, policy); + return m_model->HasPolicy("p", p_type, policy); } // AddPolicy adds an authorization rule to the current policy. @@ -205,13 +205,13 @@ bool Enforcer :: HasGroupingPolicy(const std::vector& params) { bool Enforcer :: HasNamedGroupingPolicy(const std::string& p_type, const std::vector& params) { if (params.size() == 1) { std::vector str_slice{params[0]}; - return this->model->HasPolicy("g", p_type, str_slice); + return m_model->HasPolicy("g", p_type, str_slice); } std::vector policy; for (int i = 0 ; i < params.size() ; i++) policy.push_back(params[i]); - return this->model->HasPolicy("g", p_type, policy); + return m_model->HasPolicy("g", p_type, policy); } // AddGroupingPolicy adds a role inheritance rule to the current policy. @@ -244,7 +244,7 @@ bool Enforcer :: AddNamedGroupingPolicy(const std::string& p_type, const std::ve rule_added = this->addPolicy("g", p_type, policy); } - if(this->auto_build_role_links) + if(m_auto_build_role_links) this->BuildRoleLinks(); return rule_added; @@ -286,7 +286,7 @@ bool Enforcer :: RemoveNamedGroupingPolicy(const std::string& p_type, const std: rule_removed = this->removePolicy("g", p_type, policy); } - if(this->auto_build_role_links) + if(m_auto_build_role_links) this->BuildRoleLinks(); return rule_removed; @@ -301,7 +301,7 @@ bool Enforcer :: RemoveNamedGroupingPolicies(const std::string& p_type, const s bool Enforcer :: RemoveFilteredNamedGroupingPolicy(const std::string& p_type, int field_index, const std::vector& field_values) { bool rule_removed = this->removeFilteredPolicy("g", p_type, field_index, field_values); - if(this->auto_build_role_links) + if(m_auto_build_role_links) this->BuildRoleLinks(); return rule_removed; @@ -309,7 +309,34 @@ bool Enforcer :: RemoveFilteredNamedGroupingPolicy(const std::string& p_type, in // AddFunction adds a customized function. void Enforcer :: AddFunction(const std::string& name, Function function, Index nargs) { - user_func_list.push_back(make_tuple(name, function, nargs)); + m_user_func_list.push_back(make_tuple(name, function, nargs)); +} + + +bool Enforcer :: UpdateGroupingPolicy(const std::vector& oldRule, const std::vector& newRule) { + return UpdateNamedGroupingPolicy("g", oldRule, newRule); +} + +bool Enforcer :: UpdateNamedGroupingPolicy(const std::string& p_type, const std::vector& oldRule, const std::vector& newRule) { + return this->updatePolicy("g", p_type, oldRule, newRule); +} + +// UpdatePolicy updates an authorization rule from the current policy. +bool Enforcer :: UpdatePolicy(const std::vector& oldPolicy, const std::vector& newPolicy) { + return UpdateNamedPolicy("p", oldPolicy, newPolicy); +} + +bool Enforcer :: UpdateNamedPolicy(const std::string& ptype, const std::vector& p1, const std::vector& p2) { + return this->updatePolicy("p", ptype, p1, p2); +} + +// UpdatePolicies updates authorization rules from the current policies. +bool Enforcer :: UpdatePolicies(const std::vector>& oldPolices, const std::vector>& newPolicies) { + return UpdateNamedPolicies("p", oldPolices, newPolicies); +} + +bool Enforcer :: UpdateNamedPolicies(const std::string& ptype, const std::vector>& p1, const std::vector>& p2) { + return this->updatePolicies("p", ptype, p1, p2); } } // namespace casbin diff --git a/casbin/rbac_api.cpp b/casbin/rbac_api.cpp index 00834cb4..2b2976f9 100644 --- a/casbin/rbac_api.cpp +++ b/casbin/rbac_api.cpp @@ -28,13 +28,13 @@ namespace casbin { // GetRolesForUser gets the roles that a user has. std::vector Enforcer :: GetRolesForUser(const std::string& name, const std::vector& domain) { - std::vector res = this->model->m["g"].assertion_map["g"]->rm->GetRoles(name, domain); + std::vector res = m_model->m["g"].assertion_map["g"]->rm->GetRoles(name, domain); return res; } // GetUsersForRole gets the users that has a role. std::vector Enforcer :: GetUsersForRole(const std::string& name, const std::vector& domain) { - std::vector res = this->model->m["g"].assertion_map["g"]->rm->GetUsers(name, domain); + std::vector res = m_model->m["g"].assertion_map["g"]->rm->GetUsers(name, domain); return res; } @@ -168,7 +168,7 @@ std::vector Enforcer :: GetImplicitRolesForUser(const std::string& std::string name = q[0]; q.erase(q.begin()); - std::vector roles = this->rm->GetRoles(name, domain); + std::vector roles = rm->GetRoles(name, domain); for (int i = 0 ; i < roles.size() ; i++) { if (!(role_set.find(roles[i]) != role_set.end())) { @@ -227,8 +227,8 @@ std::vector> Enforcer :: GetImplicitPermissionsForUser( // Note: only users will be returned, roles (2nd arg in "g") will be excluded. std::vector Enforcer :: GetImplicitUsersForPermission(const std::vector& permission) { std::vector p_subjects = this->GetAllSubjects(); - std::vector g_inherit = this->model->GetValuesForFieldInPolicyAllTypes("g", 1); - std::vector g_subjects = this->model->GetValuesForFieldInPolicyAllTypes("g", 0); + std::vector g_inherit = m_model->GetValuesForFieldInPolicyAllTypes("g", 1); + std::vector g_subjects = m_model->GetValuesForFieldInPolicyAllTypes("g", 0); std::vector subjects(p_subjects); subjects.insert(subjects.end(), g_subjects.begin(), g_subjects.end()); diff --git a/casbin/rbac_api_with_domains.cpp b/casbin/rbac_api_with_domains.cpp index 44628dea..b3f358b1 100644 --- a/casbin/rbac_api_with_domains.cpp +++ b/casbin/rbac_api_with_domains.cpp @@ -27,14 +27,14 @@ namespace casbin { // GetUsersForRoleInDomain gets the users that has a role inside a domain. Add by Gordon std::vector Enforcer :: GetUsersForRoleInDomain(const std::string& name, const std::string& domain) { std::vector domains{domain}; - std::vector res = this->model->m["g"].assertion_map["g"]->rm->GetUsers(name, domains); + std::vector res = m_model->m["g"].assertion_map["g"]->rm->GetUsers(name, domains); return res; } // GetRolesForUserInDomain gets the roles that a user has inside a domain. std::vector Enforcer :: GetRolesForUserInDomain(const std::string& name, const std::string& domain) { std::vector domains{domain}; - std::vector res = this->model->m["g"].assertion_map["g"]->rm->GetRoles(name, domains); + std::vector res = m_model->m["g"].assertion_map["g"]->rm->GetRoles(name, domains); return res; } diff --git a/makefile b/makefile index 6e84b92e..f12fab2c 100644 --- a/makefile +++ b/makefile @@ -5,7 +5,7 @@ AR := ar # Define compiler flags OBJ_FLAG := -c FILE_FLAG := -o -STD_FLAG := -std=c++11 +STD_FLAG := -std=c++17 DIS_WARN := -w # Define archive flags