Skip to content

Commit

Permalink
feat: add the code (#2)
Browse files Browse the repository at this point in the history 
* feat: add the code

* feat: add the test code
  • Loading branch information
@tx2002
tx2002 authored Oct 8, 2024
1 parent 77c2c50 commit bf7d4f2
Show file tree
Hide file tree
Showing 10 changed files with 877 additions and 1 deletion.
45 changes: 45 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: CI

on: [ push, pull_request ]

jobs:
test-and-coverage:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- name: Set up JDK 1.8
uses: actions/setup-java@v3
with:
java-version: '8'
distribution: 'zulu'
cache: 'maven'
server-id: ossrh
server-username: OSSRH_JIRA_USERNAME
server-password: OSSRH_JIRA_PASSWORD
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: GPG_PASSPHRASE

- name: Build with Maven
run: mvn clean test jacoco:report

- name: Upload To Codecov
uses: codecov/codecov-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}

- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: 20

- name: Semantic Release
run: |
npm install -g @conveyal/maven-semantic-release semantic-release
semantic-release --prepare @conveyal/maven-semantic-release --publish @semantic-release/github,@conveyal/maven-semantic-release --verify-conditions @semantic-release/github,@conveyal/maven-semantic-release --verify-release @conveyal/maven-semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_KEY_NAME: ${{ secrets.GPG_KEY_NAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
OSSRH_JIRA_USERNAME: ${{ secrets.OSSRH_JIRA_USERNAME }}
OSSRH_JIRA_PASSWORD: ${{ secrets.OSSRH_JIRA_PASSWORD }}
77 changes: 76 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1 +1,76 @@
# session-role-manager
# session-role-manager
[![codebeat badge](https://codebeat.co/badges/998c8e12-ffdd-4196-b2a2-8979d7f1ee8a)](https://codebeat.co/projects/github-com-jcasbin-session-role-manager-master)
[![build](https://github.com/jcasbin/session-role-manager/actions/workflows/ci.yml/badge.svg)](https://github.com/jcasbin/session-role-manager/actions)
[![codecov](https://codecov.io/github/jcasbin/session-role-manager/branch/master/graph/badge.svg?token=4YRFEQY7VK)](https://codecov.io/github/jcasbin/session-role-manager)
[![javadoc](https://javadoc.io/badge2/org.casbin/session-role-manager/javadoc.svg)](https://javadoc.io/doc/org.casbin/session-role-manager)
[![Maven Central](https://img.shields.io/maven-central/v/org.casbin/session-role-manager.svg)](https://mvnrepository.com/artifact/org.casbin/session-role-manager/latest)
[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord&label=discord&color=5865F2)](https://discord.gg/S5UjpzGZjN)

Session Role Manager is the [Session-based](https://en.wikipedia.org/wiki/Session_(computer_science)) role manager for [jCasbin](https://github.com/casbin/jcasbin). With this library, jCasbin can load session-based role hierarchy (user-role mapping) from jCasbin policy or save role hierarchy to it. The session is only active in the specified time range.

## Installation
```xml
<dependency>
<groupId>org.casbin</groupId>
<artifactId>session-role-manager</artifactId>
<version>1.0.0</version>
</dependency>
```

## Example
```java
import org.casbin.jcasbin.main.Enforcer;
import org.casbin.jcasbin.persist.file_adapter.FileAdapter;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;

public class Example {
public static void main(String[] args) {
// Create a new Enforcer using the model path. The default role manager is used initially.
Enforcer e = new Enforcer("examples/rbac_model_with_sessions.conf");

// Manually set an adapter for the policy.
FileAdapter a = new FileAdapter("examples/rbac_policy_with_sessions.csv");
e.setAdapter(a);

// Use our custom role manager.
SessionRoleManager rm = new SessionRoleManager(10);
e.setRoleManager(rm);

// If our role manager relies on Casbin policy (e.g., reading "g" policy rules),
// we need to set the role manager before loading the policy.
e.loadPolicy();

// Current role inheritance tree (Time ranges shown in parentheses):
// delta echo foxtrott
// \ / \ /
// (0-20) \ (5-15) / \ (10-20) / (10-12)
// \ / \ /
// bravo charlie
// \ /
// (0-10) \ / (5-15)
// \ /
// alpha

// Test permissions for different time points
assertTrue(e.enforce("alpha", "data1", "read", "00"));
assertTrue(e.enforce("alpha", "data1", "read", "05"));
assertTrue(e.enforce("alpha", "data1", "read", "10"));
assertFalse(e.enforce("alpha", "data1", "read", "15"));
assertFalse(e.enforce("alpha", "data1", "read", "20"));

assertFalse(e.enforce("alpha", "data2", "read", "00"));
assertTrue(e.enforce("alpha", "data2", "read", "05"));
assertTrue(e.enforce("alpha", "data2", "read", "10"));
assertTrue(e.enforce("alpha", "data2", "read", "15"));
assertFalse(e.enforce("alpha", "data2", "read", "20"));

assertFalse(e.enforce("alpha", "data3", "read", "00"));
assertFalse(e.enforce("alpha", "data3", "read", "05"));
assertTrue(e.enforce("alpha", "data3", "read", "10"));
assertFalse(e.enforce("alpha", "data3", "read", "15"));
assertFalse(e.enforce("alpha", "data3", "read", "20"));
}
}

```
19 changes: 19 additions & 0 deletions examples/rbac_model_with_sessions.conf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Request definition
[request_definition]
r = sub, obj, act, time

# Policy definition
[policy_definition]
p = sub, obj, act

# Policy effect
[policy_effect]
e = some(where (p_eft == allow)) && !some(where (p_eft == deny))

# Role definition
[role_definition]
g = _, _, _, _

# Matchers
[matchers]
m = g(r.sub, p.sub, r.time) && r.obj == p.obj && r.act == p.act
10 changes: 10 additions & 0 deletions examples/rbac_policy_with_sessions.csv
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
p, delta, data1, read
p, echo, data2, read
p, foxtrott, data3, read

g, alpha, bravo, 00, 10
g, alpha, charlie, 05, 15
g, bravo, delta, 00, 20
g, bravo, echo, 05, 15
g, charlie, echo, 10, 20
g, charlie, foxtrott, 10, 12
22 changes: 22 additions & 0 deletions maven-settings.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<settings>
<servers>
<server>
<id>ossrh</id>
<username>${OSSRH_JIRA_USERNAME}</username>
<password>${OSSRH_JIRA_PASSWORD}</password>
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.keyname>${GPG_KEY_NAME}</gpg.keyname>
<gpg.passphrase>${GPG_PASSPHRASE}</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>
170 changes: 170 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>org.casbin</groupId>
<artifactId>session-role-manager</artifactId>
<version>1.0.0</version>

<name>Session based role manager for jCasbin</name>
<description>Load session-based role hierarchy from jCasbin policy or save role hierarchy to it</description>
<url>https://github.com/jcasbin/session-role-manager</url>
<inceptionYear>2024</inceptionYear>

<issueManagement>
<system>Github</system>
<url>https://github.com/jcasbin/session-role-manager/issues</url>
</issueManagement>

<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>

<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>

<scm>
<url>https://github.com/jcasbin/session-role-manager</url>
<connection>git@github.com:jcasbin/session-role-manager.git</connection>
<developerConnection>https://github.com/hsluoyz</developerConnection>
</scm>

<developers>
<developer>
<name>Xu Tan</name>
<email>1428427011@qq.com</email>
<url>https://github.com/tx2002</url>
</developer>
</developers>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>

<profiles>
<profile>
<id>default</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<!-- Automatically close and deploy from OSSRH -->
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.5.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>ossrh</publishingServerId>
<tokenAuth>true</tokenAuth>
<autoPublish>true</autoPublish>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.2.1</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.2.0</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.7.6.201602180812</version>
<executions>
<execution>
<id>prepare-agent</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>8</source>
<target>8</target>
</configuration>
</plugin>
</plugins>
</build>
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://central.sonatype.com</url>
</snapshotRepository>
</distributionManagement>
</profile>
</profiles>

<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.casbin</groupId>
<artifactId>jcasbin</artifactId>
<version>1.31.2</version>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>3.2.2</version>
</dependency>
</dependencies>

</project>
39 changes: 39 additions & 0 deletions src/main/java/org/casbin/rolemanager/Session.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
// Copyright 2024 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package org.casbin.rolemanager;

public class Session {
private SessionRole role;
private String startTime;
private String endTime;

public Session(SessionRole role, String startTime, String endTime) {
this.role = role;
this.startTime = startTime;
this.endTime = endTime;
}

public SessionRole getRole() {
return role;
}

public String getStartTime() {
return startTime;
}

public String getEndTime() {
return endTime;
}
}
Loading

0 comments on commit bf7d4f2

Please sign in to comment.