feat: add the code

.github/workflows/ci.yml

@@ -0,0 +1,45 @@
+name: CI
+
+on: [ push, pull_request ]
+
+jobs:
+  test-and-coverage:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK 1.8
+        uses: actions/setup-java@v3
+        with:
+          java-version: '8'
+          distribution: 'zulu'
+          cache: 'maven'
+          server-id: ossrh
+          server-username: OSSRH_JIRA_USERNAME
+          server-password: OSSRH_JIRA_PASSWORD
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: GPG_PASSPHRASE
+
+      - name: Build with Maven
+        run: mvn clean test jacoco:report
+
+      - name: Upload To Codecov
+        uses: codecov/codecov-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 20
+
+      - name: Semantic Release
+        run: |
+          npm install -g @conveyal/maven-semantic-release semantic-release
+          semantic-release --prepare @conveyal/maven-semantic-release --publish @semantic-release/github,@conveyal/maven-semantic-release --verify-conditions @semantic-release/github,@conveyal/maven-semantic-release --verify-release @conveyal/maven-semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GPG_KEY_NAME: ${{ secrets.GPG_KEY_NAME }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+          OSSRH_JIRA_USERNAME: ${{ secrets.OSSRH_JIRA_USERNAME }}
+          OSSRH_JIRA_PASSWORD: ${{ secrets.OSSRH_JIRA_PASSWORD }}

README.md

@@ -1 +1,76 @@
-# session-role-manager
+# session-role-manager
+[![codebeat badge](https://codebeat.co/badges/998c8e12-ffdd-4196-b2a2-8979d7f1ee8a)](https://codebeat.co/projects/github-com-jcasbin-session-role-manager-master)
+[![build](https://github.com/jcasbin/session-role-manager/actions/workflows/ci.yml/badge.svg)](https://github.com/jcasbin/session-role-manager/actions)
+[![codecov](https://codecov.io/github/jcasbin/session-role-manager/branch/master/graph/badge.svg?token=4YRFEQY7VK)](https://codecov.io/github/jcasbin/session-role-manager)
+[![javadoc](https://javadoc.io/badge2/org.casbin/session-role-manager/javadoc.svg)](https://javadoc.io/doc/org.casbin/session-role-manager)
+[![Maven Central](https://img.shields.io/maven-central/v/org.casbin/session-role-manager.svg)](https://mvnrepository.com/artifact/org.casbin/session-role-manager/latest)
+[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord&label=discord&color=5865F2)](https://discord.gg/S5UjpzGZjN)
+
+Session Role Manager is the [Session-based](https://en.wikipedia.org/wiki/Session_(computer_science)) role manager for [jCasbin](https://github.com/casbin/jcasbin). With this library, jCasbin can load session-based role hierarchy (user-role mapping) from jCasbin policy or save role hierarchy to it. The session is only active in the specified time range.
+
+## Installation
+```xml
+<dependency>
+    <groupId>org.casbin</groupId>
+    <artifactId>session-role-manager</artifactId>
+    <version>1.0.0</version>
+</dependency>
+```
+
+## Example
+```java
+import org.casbin.jcasbin.main.Enforcer;
+import org.casbin.jcasbin.persist.file_adapter.FileAdapter;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class Example {
+    public static void main(String[] args) {
+        // Create a new Enforcer using the model path. The default role manager is used initially.
+        Enforcer e = new Enforcer("examples/rbac_model_with_sessions.conf");
+
+        // Manually set an adapter for the policy.
+        FileAdapter a = new FileAdapter("examples/rbac_policy_with_sessions.csv");
+        e.setAdapter(a);
+
+        // Use our custom role manager.
+        SessionRoleManager rm = new SessionRoleManager(10);
+        e.setRoleManager(rm);
+
+        // If our role manager relies on Casbin policy (e.g., reading "g" policy rules),
+        // we need to set the role manager before loading the policy.
+        e.loadPolicy();
+
+        // Current role inheritance tree (Time ranges shown in parentheses):
+        //          delta          echo          foxtrott
+        //             \            / \           /
+        //      (0-20)  \   (5-15) /   \ (10-20) / (10-12)
+        //               \        /     \       /
+        //                 bravo         charlie
+        //                   \             /
+        //             (0-10) \           / (5-15)
+        //                     \         /
+        //                        alpha
+
+        // Test permissions for different time points
+        assertTrue(e.enforce("alpha", "data1", "read", "00"));
+        assertTrue(e.enforce("alpha", "data1", "read", "05"));
+        assertTrue(e.enforce("alpha", "data1", "read", "10"));
+        assertFalse(e.enforce("alpha", "data1", "read", "15"));
+        assertFalse(e.enforce("alpha", "data1", "read", "20"));
+
+        assertFalse(e.enforce("alpha", "data2", "read", "00"));
+        assertTrue(e.enforce("alpha", "data2", "read", "05"));
+        assertTrue(e.enforce("alpha", "data2", "read", "10"));
+        assertTrue(e.enforce("alpha", "data2", "read", "15"));
+        assertFalse(e.enforce("alpha", "data2", "read", "20"));
+
+        assertFalse(e.enforce("alpha", "data3", "read", "00"));
+        assertFalse(e.enforce("alpha", "data3", "read", "05"));
+        assertTrue(e.enforce("alpha", "data3", "read", "10"));
+        assertFalse(e.enforce("alpha", "data3", "read", "15"));
+        assertFalse(e.enforce("alpha", "data3", "read", "20"));
+    }
+}
+
+```

examples/rbac_model_with_sessions.conf

@@ -0,0 +1,19 @@
+# Request definition
+[request_definition]
+r = sub, obj, act, time
+
+# Policy definition
+[policy_definition]
+p = sub, obj, act
+
+# Policy effect
+[policy_effect]
+e = some(where (p_eft == allow)) && !some(where (p_eft == deny))
+
+# Role definition
+[role_definition]
+g = _, _, _, _
+
+# Matchers
+[matchers]
+m = g(r.sub, p.sub, r.time) && r.obj == p.obj && r.act == p.act

examples/rbac_policy_with_sessions.csv

@@ -0,0 +1,10 @@
+p, delta, data1, read
+p, echo, data2, read
+p, foxtrott, data3, read
+
+g, alpha, bravo, 00, 10
+g, alpha, charlie, 05, 15
+g, bravo, delta, 00, 20
+g, bravo, echo, 05, 15
+g, charlie, echo, 10, 20
+g, charlie, foxtrott, 10, 12

maven-settings.xml

@@ -0,0 +1,22 @@
+<settings>
+    <servers>
+        <server>
+            <id>ossrh</id>
+            <username>${OSSRH_JIRA_USERNAME}</username>
+            <password>${OSSRH_JIRA_PASSWORD}</password>
+        </server>
+    </servers>
+    <profiles>
+        <profile>
+            <id>ossrh</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <properties>
+                <gpg.executable>gpg</gpg.executable>
+                <gpg.keyname>${GPG_KEY_NAME}</gpg.keyname>
+                <gpg.passphrase>${GPG_PASSPHRASE}</gpg.passphrase>
+            </properties>
+        </profile>
+    </profiles>
+</settings>

pom.xml

@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>org.casbin</groupId>
+    <artifactId>session-role-manager</artifactId>
+    <version>1.0.0</version>
+
+    <name>Session based role manager for jCasbin</name>
+    <description>Load session-based role hierarchy from jCasbin policy or save role hierarchy to it</description>
+    <url>https://github.com/jcasbin/session-role-manager</url>
+    <inceptionYear>2024</inceptionYear>
+
+    <issueManagement>
+        <system>Github</system>
+        <url>https://github.com/jcasbin/session-role-manager/issues</url>
+    </issueManagement>
+
+    <parent>
+        <groupId>org.sonatype.oss</groupId>
+        <artifactId>oss-parent</artifactId>
+        <version>7</version>
+    </parent>
+
+    <licenses>
+        <license>
+            <name>The Apache Software License, Version 2.0</name>
+            <url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
+            <distribution>repo</distribution>
+        </license>
+    </licenses>
+
+    <scm>
+        <url>https://github.com/jcasbin/session-role-manager</url>
+        <connection>git@github.com:jcasbin/session-role-manager.git</connection>
+        <developerConnection>https://github.com/hsluoyz</developerConnection>
+    </scm>
+
+    <developers>
+        <developer>
+            <name>Xu Tan</name>
+            <email>1428427011@qq.com</email>
+            <url>https://github.com/tx2002</url>
+        </developer>
+    </developers>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+
+    <profiles>
+        <profile>
+            <id>default</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <build>
+                <plugins>
+                    <plugin>
+                        <!-- Automatically close and deploy from OSSRH -->
+                        <groupId>org.sonatype.central</groupId>
+                        <artifactId>central-publishing-maven-plugin</artifactId>
+                        <version>0.5.0</version>
+                        <extensions>true</extensions>
+                        <configuration>
+                            <publishingServerId>ossrh</publishingServerId>
+                            <tokenAuth>true</tokenAuth>
+                            <autoPublish>true</autoPublish>
+                        </configuration>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-source-plugin</artifactId>
+                        <version>3.2.1</version>
+                        <executions>
+                            <execution>
+                                <phase>package</phase>
+                                <goals>
+                                    <goal>jar-no-fork</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-javadoc-plugin</artifactId>
+                        <version>3.2.0</version>
+                        <executions>
+                            <execution>
+                                <phase>package</phase>
+                                <goals>
+                                    <goal>jar</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-gpg-plugin</artifactId>
+                        <version>1.5</version>
+                        <executions>
+                            <execution>
+                                <id>sign-artifacts</id>
+                                <phase>verify</phase>
+                                <goals>
+                                    <goal>sign</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                        <configuration>
+                            <gpgArguments>
+                                <arg>--pinentry-mode</arg>
+                                <arg>loopback</arg>
+                            </gpgArguments>
+                        </configuration>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.jacoco</groupId>
+                        <artifactId>jacoco-maven-plugin</artifactId>
+                        <version>0.7.6.201602180812</version>
+                        <executions>
+                            <execution>
+                                <id>prepare-agent</id>
+                                <goals>
+                                    <goal>prepare-agent</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-compiler-plugin</artifactId>
+                        <configuration>
+                            <source>8</source>
+                            <target>8</target>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+            <distributionManagement>
+                <snapshotRepository>
+                    <id>ossrh</id>
+                    <url>https://central.sonatype.com</url>
+                </snapshotRepository>
+            </distributionManagement>
+        </profile>
+    </profiles>
+
+    <dependencies>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.13.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.casbin</groupId>
+            <artifactId>jcasbin</artifactId>
+            <version>1.31.2</version>
+        </dependency>
+        <dependency>
+            <groupId>commons-collections</groupId>
+            <artifactId>commons-collections</artifactId>
+            <version>3.2.2</version>
+        </dependency>
+    </dependencies>
+
+</project>

src/main/java/org/casbin/rolemanager/Session.java

@@ -0,0 +1,39 @@
+// Copyright 2024 The casbin Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.casbin.rolemanager;
+
+public class Session {
+    private SessionRole role;
+    private String startTime;
+    private String endTime;
+
+    public Session(SessionRole role, String startTime, String endTime) {
+        this.role = role;
+        this.startTime = startTime;
+        this.endTime = endTime;
+    }
+
+    public SessionRole getRole() {
+        return role;
+    }
+
+    public String getStartTime() {
+        return startTime;
+    }
+
+    public String getEndTime() {
+        return endTime;
+    }
+}