diff --git a/bindings/CMakeLists.txt b/bindings/CMakeLists.txt deleted file mode 100644 index fccbcda1..00000000 --- a/bindings/CMakeLists.txt +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2021 The casbin Authors. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -if(CASBIN_BUILD_PYTHON_BINDINGS) - add_subdirectory(python) -endif() diff --git a/bindings/README.md b/bindings/README.md deleted file mode 100644 index 7d764a6a..00000000 --- a/bindings/README.md +++ /dev/null @@ -1,129 +0,0 @@ -## Language Bindings for Casbin - -Casbin-CPP provides language bindings to compound the advantages of different languages and to make -authorization easier and faster. - -At present, casbin-cpp provides language bindings for Python. - -## Python Bindings - -### Installing the PyCasbin module - -It is assumed you have CMake >=v3.19 and Python >= 3.2 installed. - -1. Clone/download the project: - ```bash - git clone https://github.com/casbin/casbin-cpp.git - ``` - -2. Make a build directory and generate project files through CMake: - ```bash - mkdir build - cd build - cmake .. - ``` - **Note:** Kindly look at the log message to find the directory you need to add in your `sys.path` (Step 5). The log may look like this: - ```bash - [pycasbin]: Build "pycasbin" target for Python Bindings - [pycasbin]: Add "lib/python3.9/site-packages" to your sys.path/USER_SITE variable if not already present - ``` - -3. Build the python bindings (`pycasbin` target): - ```bash - cmake --build . --config Release --target pycasbin - ``` - -4. Install the `pycasbin` module: - ```bash - cmake --build . --config Release --target install - ``` - This will install the module to: - - `/lib/site-packages` on Windows. - - `/lib/python3.x/site-packages` on UNIX. - - **Note:** The actual install path can be deduced in the log output of Step 2. - -5. Add the correct `site-packages` directory path to `sys.path` or `USER_SITE` of your current python configuration if not already present. - -Now, you're ready to go! - -### Usage - -It is assumed that you have `pycasbin` module correctly installed on your system. - -First, we import the pycasbin module to a python source file: - -```python -import pycasbin as casbin -``` - -Suppose we want a function to check authorization of a request: - -```python -def isAuthorized(req): - result = True - if result: - print('Authorized') - else - print('Not authorized!') -``` - -Here, the request can be a list or a dictionary in the forms: - -```python -req = ['subject1', 'object1', 'action1'] # and so on.. - -req = { - "sub": "subject1", - "obj": "object1", - "act": "action1" # ... and so on -} -``` - -We can Enforce this request (or compute the `result` of this request) through `casbin.Enforce()`. -For that, we need to create a `casbin.Enforcer`: - -```python -e = casbin.Enforcer('path/to/model.conf', 'path/to/policy.csv') -``` -Make sure that the paths are relative to the current python source file or an absolute path. - -Apart from the regular `Enforcer`, you may also use `CachedEnforcer` -depending on your use case. - -Incorporating the `Enforcer` in our example gives us: - -```python -def isAuthorized(req): - result = e.Enforce(req) - if result: - print('Authorized') - else - print('Not authorized!') -``` - -Rest of the method's name is on par with casbin-CPP. - -#### Summary - -This sums up the basic usage of pycasbin module: - -```python -import pycasbin as casbin - -e = casbin.Enforcer('path/to/model.conf', 'path/to/policy.csv') - -def isAuthorized(req): - result = e.Enforce(req) - if result: - print('Authorized') - else - print('Not authorized!') - -isAuthorized(['subject1', 'object1', 'action1']) -isAuthorized(['subject2', 'object2', 'action2']) -# ... and so on -``` - -If you've done everything right, you'll see your output -without any errors. diff --git a/bindings/python/CMakeLists.txt b/bindings/python/CMakeLists.txt deleted file mode 100644 index f4058028..00000000 --- a/bindings/python/CMakeLists.txt +++ /dev/null @@ -1,97 +0,0 @@ -# Copyright 2021 The casbin Authors. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -find_package(Python REQUIRED COMPONENTS Interpreter Development) - -set(SOURCES - main.cpp - py_cached_enforcer.cpp - py_enforcer.cpp - py_model.cpp - py_config.cpp - py_synced_enforcer.cpp - py_adapter.cpp -) - -set(HEADERS - py_casbin.h -) - -Python_add_library(pycasbin MODULE ${SOURCES} ${HEADERS}) - -target_include_directories(pycasbin PUBLIC ${CASBIN_INCLUDE_DIR}) - -set_target_properties(pycasbin PROPERTIES - PREFIX "" - CXX_STANDARD 17 -) - -# For in-source versioning macro -add_definitions(-DPY_CASBIN_VERSION=${PY_CASBIN_VERSION}) - -if(WIN32) - # Windows uses .pyd extension for python modules - set_target_properties(pycasbin PROPERTIES - SUFFIX ".pyd" - ) -endif() - -if(UNIX) - # A 'module' is a dynamic library on Linux (i.e. '-fPIC' needed), - # but a static library on Windows. - - # If supported for the target machine, emit position-independent code - # suitable for dynamic linking. - set_target_properties(pycasbin PROPERTIES - POSITION_INDEPENDENT_CODE ON - ) -endif() - -# macOS demands that the linker resolve all symbols at build time -# Pass this flag to allow dynamic linking -if(APPLE) - set_target_properties(pycasbin PROPERTIES - LINK_FLAGS "-undefined dynamic_lookup" - ) -endif() - -target_link_libraries(pycasbin - PRIVATE - pybind11::module - casbin - nlohmann_json::nlohmann_json -) - -if(WIN32) - set(Python_VARIANT_PATH lib${LIB_SUFFIX}/site-packages) -else() - set(Python_VARIANT_PATH lib${LIB_SUFFIX}/python${Python_VERSION_MAJOR}.${Python_VERSION_MINOR}/site-packages) -endif() - -# For testing -install( - TARGETS pycasbin - LIBRARY DESTINATION ${CMAKE_SOURCE_DIR}/tests/python -) - -if(CASBIN_INSTALL) - # For actual installation - install( - TARGETS pycasbin - LIBRARY DESTINATION ${Python_VARIANT_PATH} - ) - - message(STATUS "[pycasbin]: Build \"pycasbin\" target for Python Bindings") - message(STATUS "[pycasbin]: Add \"${Python_VARIANT_PATH}\" to your sys.path/USER_SITE variable if not already present") -endif() diff --git a/bindings/python/main.cpp b/bindings/python/main.cpp deleted file mode 100644 index 4cdc08ec..00000000 --- a/bindings/python/main.cpp +++ /dev/null @@ -1,45 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -* This is the main file for python bindings workflow -*/ - -#include -#include "py_casbin.h" - -namespace py = pybind11; - -PYBIND11_MODULE(pycasbin, m) { - m.doc() = R"pbdoc( - Casbin Authorization Library - ----------------------- - - .. currentmodule:: pycasbin - - .. autosummary:: - :toctree: _generate - - Enforcer - )pbdoc"; - - bindPyEnforcer(m); - bindPyCachedEnforcer(m); - bindPyModel(m); - bindPyConfig(m); - bindPySyncedEnforcer(m); - bindPyAdapter(m); - - m.attr("__version__") = PY_CASBIN_VERSION; -} diff --git a/bindings/python/py_adapter.cpp b/bindings/python/py_adapter.cpp deleted file mode 100644 index 5a252cc6..00000000 --- a/bindings/python/py_adapter.cpp +++ /dev/null @@ -1,70 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include - -#include "py_casbin.h" - -namespace py = pybind11; - -void bindPyBaseAdapter(py::module& m) { - // Base Adapter use shared_ptr to manage - // must expose this interface for enforcer build - py::class_>(m, "Adapter") - .def("LoadPolicy", &casbin::Adapter::LoadPolicy, "LoadPolicy loads all policy rules from the storage.") - .def("SavePolicy", &casbin::Adapter::SavePolicy, "SavePolicy saves all policy rules to the storage.") - .def("AddPolicy", &casbin::Adapter::AddPolicy, "AddPolicy adds a policy rule to the storage.") - .def("RemovePolicy", &casbin::Adapter::RemovePolicy, "RemovePolicy removes a policy rule from the storage.") - .def("RemoveFilteredPolicy", &casbin::Adapter::RemoveFilteredPolicy, "RemoveFilteredPolicy removes policy rules that match the filter from the storage.") - .def("IsFiltered", &casbin::Adapter::IsFiltered, "IsFiltered returns true if the loaded policy has been filtered."); -} - -void bindPyBatchAdapter(py::module &m) { - py::class_>(m, "BatchAdapter") - .def("AddPolicies", &casbin::BatchAdapter::AddPolicies, "") - .def("RemovePolicies", &casbin::BatchAdapter::RemovePolicies, ""); -} - -void bindPyFileAdapter(py::module &m) { - // File adapter inhert base adapter and use shared_ptr to manage - py::class_>(m, "FileAdapter") - .def(py::init(), "") - .def_static("NewFileAdapter", &casbin::FileAdapter::NewFileAdapter, "") - .def("LoadPolicy", &casbin::FileAdapter::LoadPolicy, "LoadPolicy loads all policy rules from the storage.") - .def("SavePolicy", &casbin::FileAdapter::SavePolicy, "SavePolicy saves all policy rules to the storage.") - .def("AddPolicy", &casbin::FileAdapter::AddPolicy, "AddPolicy adds a policy rule to the storage.") - .def("RemovePolicy", &casbin::FileAdapter::RemovePolicy, "RemovePolicy removes a policy rule from the storage.") - .def("RemoveFilteredPolicy", &casbin::FileAdapter::RemoveFilteredPolicy, "RemoveFilteredPolicy removes policy rules that match the filter from the storage.") - .def("IsFiltered", &casbin::FileAdapter::IsFiltered, "IsFiltered returns true if the loaded policy has been filtered."); -} - -void bindPyBatchFileAdapter(py::module &m) { - // Batch Adapter is virtual interface, maybe don't expose its' interface is ok. - py::class_>(m, "BatchFileAdapter") - .def(py::init(), "") - .def_static("NewBatchFileAdapter", &casbin::BatchFileAdapter::NewBatchFileAdapter, "") - .def("AddPolicies", &casbin::BatchFileAdapter::AddPolicies, "") - .def("RemovePolicies", &casbin::BatchFileAdapter::RemovePolicies, ""); -} - -void bindPyAdapter(py::module& m) { - bindPyBaseAdapter(m); - bindPyBatchAdapter(m); - bindPyFileAdapter(m); - bindPyBatchFileAdapter(m); -} \ No newline at end of file diff --git a/bindings/python/py_cached_enforcer.cpp b/bindings/python/py_cached_enforcer.cpp deleted file mode 100644 index 4c3ce222..00000000 --- a/bindings/python/py_cached_enforcer.cpp +++ /dev/null @@ -1,83 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include - -namespace py = pybind11; - -void bindPyCachedEnforcer(py::module &m) { - py::class_(m, "CachedEnforcer") - .def(py::init<>(), "Enforcer is the default constructor.") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file and a policy file. - @param model_path the path of the model file. - @param policy_file the path of the policy file. - )doc") - .def(py::init>(), R"doc( - Enforcer initializes an enforcer with a database adapter. - @param model_path the path of the model file. - @param adapter the adapter. - )doc") - .def(py::init, std::shared_ptr>(), R"doc( - Enforcer initializes an enforcer with a model and a database adapter. - @param m the model. - @param adapter the adapter. - )doc") - .def(py::init>(), R"doc( - Enforcer initializes an enforcer with a model. - @param m the model. - )doc") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file. - @param model_path the path of the model file. - )doc") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file, a policy file and an enable log flag. - @param model_path the path of the model file. - @param policy_file the path of the policy file. - @param enable_log whether to enable Casbin's log. - )doc") - - .def("InvalidateCache", &casbin::CachedEnforcer::InvalidateCache) - - .def("Enforce", py::overload_cast(&casbin::CachedEnforcer::Enforce), R"doc( - Enforce with a map param,decides whether a "subject" can access a "object" - with the operation "action", input parameters are usually: (sub, obj, act). - )doc") - .def("Enforce", py::overload_cast(&casbin::CachedEnforcer::Enforce), R"doc( - Enforce with a map param,decides whether a "subject" can access a "object" - with the operation "action", input parameters are usually: (sub, obj, act). - )doc") - .def("Enforce", py::overload_cast(&casbin::CachedEnforcer::Enforce), R"doc( - Enforce with a map param,decides whether a "subject" can access a "object" - with the operation "action", input parameters are usually: (sub, obj, act). - )doc") - - .def("EnforceWithMatcher", py::overload_cast(&casbin::CachedEnforcer::EnforceWithMatcher), R"doc( - EnforceWithMatcher use a custom matcher to decides whether a "subject" can - access a "object" with the operation "action", input parameters are - usually: (matcher, sub, obj, act), use model matcher by default when - matcher is "". - )doc") - .def("EnforceWithMatcher", py::overload_cast(&casbin::CachedEnforcer::EnforceWithMatcher), R"doc( - EnforceWithMatcher use a custom matcher to decides whether a "subject" can - access a "object" with the operation "action", input parameters are - usually: (matcher, sub, obj, act), use model matcher by default when - matcher is "". - )doc"); -} diff --git a/bindings/python/py_casbin.h b/bindings/python/py_casbin.h deleted file mode 100644 index 320ed7e2..00000000 --- a/bindings/python/py_casbin.h +++ /dev/null @@ -1,26 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include - -namespace py = pybind11; - -void bindPyEnforcer(py::module &m); -void bindPyCachedEnforcer(py::module &m); -void bindPyModel(py::module &m); -void bindPyConfig(py::module &m); -void bindPySyncedEnforcer(py::module& m); -void bindPyAdapter(py::module& m); \ No newline at end of file diff --git a/bindings/python/py_config.cpp b/bindings/python/py_config.cpp deleted file mode 100644 index 07069a27..00000000 --- a/bindings/python/py_config.cpp +++ /dev/null @@ -1,50 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include - -namespace py = pybind11; - -void bindPyConfig(py::module &m) { - py::class_>(m, "Config") - .def(py::init<>()) - .def(py::init()) - .def_static("NewConfig", &casbin::Config::NewConfig, R"doc( - /** - * NewConfig create an empty configuration representation from file. - * - * @param confName the path of the model file. - * @return the constructor of Config. - */ - )doc") - .def_static("NewConfigFromText", &casbin::Config::NewConfigFromText, R"doc( - /** - * newConfigFromText create an empty configuration representation from text. - * - * @param text the model text. - * @return the constructor of Config. - */ - )doc") - .def("GetBool", &casbin::Config::GetBool) - .def("GetInt", &casbin::Config::GetInt) - .def("GetFloat", &casbin::Config::GetFloat) - .def("GetString", &casbin::Config::GetString) - .def("GetStrings", &casbin::Config::GetStrings) - .def("Set", &casbin::Config::Set) - .def("Get", &casbin::Config::Get); -} diff --git a/bindings/python/py_enforcer.cpp b/bindings/python/py_enforcer.cpp deleted file mode 100644 index d806f0db..00000000 --- a/bindings/python/py_enforcer.cpp +++ /dev/null @@ -1,150 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include - -#include "py_casbin.h" - -namespace py = pybind11; - -void bindPyEnforcer(py::module& m) { - py::class_(m, "Enforcer") - .def(py::init<>(), "") - .def(py::init(), "") - .def(py::init>(), "") - .def(py::init, std::shared_ptr>(), "") - .def(py::init>(), "") - .def(py::init(), "") - .def(py::init(), "") - - .def("InitWithFile", &casbin::Enforcer::InitWithFile, "InitWithFile initializes an enforcer with a model file and a policy file.") - .def("InitWithAdapter", &casbin::Enforcer::InitWithAdapter, "InitWithAdapter initializes an enforcer with a database adapter.") - .def("InitWithModelAndAdapter", &casbin::Enforcer::InitWithModelAndAdapter, "InitWithModelAndAdapter initializes an enforcer with a model and a database adapter.") - .def("Initialize", &casbin::Enforcer::Initialize) - .def("LoadModel", &casbin::Enforcer::LoadModel, R"doc( - LoadModel reloads the model from the model CONF file. - Because the policy is attached to a model, so the policy is invalidated and - needs to be reloaded by calling LoadPolicy(). - )doc") - - .def("GetModel", &casbin::Enforcer::GetModel, "GetModel gets the current model.") - .def("SetModel", &casbin::Enforcer::SetModel, "SetModel sets the current model.") - .def("GetAdapter", &casbin::Enforcer::GetAdapter, "GetAdapter gets the current adapter.") - .def("SetAdapter", &casbin::Enforcer::SetAdapter, "SetAdapter sets the current adapter.") - .def("SetWatcher", &casbin::Enforcer::SetWatcher, "SetWatcher sets the current watcher.") - .def("GetRoleManager", &casbin::Enforcer::GetRoleManager, "GetRoleManager gets the current role manager.") - .def("SetRoleManager", &casbin::Enforcer::SetRoleManager, "SetRoleManager sets the current role manager.") - .def("SetEffector", &casbin::Enforcer::SetEffector, "SetEffector sets the current effector.") - .def("ClearPolicy", &casbin::Enforcer::ClearPolicy, "ClearPolicy clears all policy.") - .def("LoadPolicy", &casbin::Enforcer::LoadPolicy, "LoadPolicy reloads the policy from file/database.") - // .def("LoadFilteredPolicy", &casbin::Enforcer::LoadFilteredPolicy, "LoadFilteredPolicy reloads a filtered policy from file/database.") - .def("IsFiltered", &casbin::Enforcer::IsFiltered, "IsFiltered returns true if the loaded policy has been filtered.") - .def("SavePolicy", &casbin::Enforcer::SavePolicy, "SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.") - .def("EnableEnforce", &casbin::Enforcer::EnableEnforce, "EnableEnforce changes the enforcing state of Casbin, when Casbin is disabled, all access will be allowed by the Enforce() function.") - .def("EnableLog", &casbin::Enforcer::EnableLog, "EnableLog changes whether Casbin will log messages to the Logger.") - .def("EnableAutoNotifyWatcher", &casbin::Enforcer::EnableAutoNotifyWatcher, "EnableAutoNotifyWatcher controls whether to save a policy rule automatically notify the Watcher when it is added or removed.") - .def("EnableAutoSave", &casbin::Enforcer::EnableAutoSave, "EnableAutoSave controls whether to save a policy rule automatically to the adapter when it is added or removed.") - .def("EnableAutoBuildRoleLinks", &casbin::Enforcer::EnableAutoBuildRoleLinks, "EnableAutoBuildRoleLinks controls whether to rebuild the role inheritance relations when a role is added or deleted.") - .def("BuildRoleLinks", &casbin::Enforcer::BuildRoleLinks, "BuildRoleLinks manually rebuild the role inheritance relations.") - .def("BuildIncrementalRoleLinks", &casbin::Enforcer::BuildIncrementalRoleLinks, "BuildIncrementalRoleLinks provides incremental build the role inheritance relations.") - .def("Enforce", py::overload_cast(&casbin::Enforcer::Enforce), "Enforce with a vector param, decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (sub, obj, act).") - .def("Enforce", py::overload_cast(&casbin::Enforcer::Enforce), "Enforce with a map param, decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (sub, obj, act).") - .def("EnforceWithMatcher", py::overload_cast(&casbin::Enforcer::EnforceWithMatcher), "EnforceWithMatcher use a custom matcher to decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is \"\".") - .def("EnforceWithMatcher", py::overload_cast(&casbin::Enforcer::EnforceWithMatcher), "EnforceWithMatcher use a custom matcher to decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is \"\".") - .def("BatchEnforce", &casbin::Enforcer::BatchEnforce, "BatchEnforce enforce in batches") - .def("BatchEnforceWithMatcher", &casbin::Enforcer::BatchEnforceWithMatcher, "BatchEnforceWithMatcher enforce with matcher in batches") - - /* Management API member functions. */ - - .def("GetAllSubjects", &casbin::Enforcer::GetAllSubjects) - .def("GetAllNamedSubjects", &casbin::Enforcer::GetAllNamedSubjects) - .def("GetAllObjects", &casbin::Enforcer::GetAllObjects) - .def("GetAllNamedObjects", &casbin::Enforcer::GetAllNamedObjects) - .def("GetAllActions", &casbin::Enforcer::GetAllActions) - .def("GetAllNamedActions", &casbin::Enforcer::GetAllNamedActions) - .def("GetAllRoles", &casbin::Enforcer::GetAllRoles) - .def("GetAllNamedRoles", &casbin::Enforcer::GetAllNamedRoles) - .def("GetPolicy", &casbin::Enforcer::GetPolicy) - .def("GetFilteredPolicy", &casbin::Enforcer::GetFilteredPolicy) - .def("GetNamedPolicy", &casbin::Enforcer::GetNamedPolicy) - .def("GetFilteredNamedPolicy", &casbin::Enforcer::GetFilteredNamedPolicy) - .def("GetGroupingPolicy", &casbin::Enforcer::GetGroupingPolicy) - .def("GetFilteredGroupingPolicy", &casbin::Enforcer::GetFilteredGroupingPolicy) - .def("GetNamedGroupingPolicy", &casbin::Enforcer::GetNamedGroupingPolicy) - .def("GetFilteredNamedGroupingPolicy", &casbin::Enforcer::GetFilteredNamedGroupingPolicy) - - .def("HasPolicy", &casbin::Enforcer::HasPolicy) - .def("HasNamedPolicy", &casbin::Enforcer::HasNamedPolicy) - .def("AddPolicy", &casbin::Enforcer::AddPolicy) - .def("AddNamedPolicy", &casbin::Enforcer::AddNamedPolicy) - .def("AddNamedPolicies", &casbin::Enforcer::AddNamedPolicies) - .def("RemovePolicy", &casbin::Enforcer::RemovePolicy) - .def("RemovePolicies", &casbin::Enforcer::RemovePolicies) - .def("RemoveFilteredPolicy", &casbin::Enforcer::RemoveFilteredPolicy) - .def("RemoveNamedPolicies", &casbin::Enforcer::RemoveNamedPolicies) - .def("RemoveFilteredNamedPolicy", &casbin::Enforcer::RemoveFilteredNamedPolicy) - .def("HasNamedGroupingPolicy", &casbin::Enforcer::HasNamedGroupingPolicy) - .def("AddGroupingPolicy", &casbin::Enforcer::AddGroupingPolicy) - .def("AddGroupingPolicies", &casbin::Enforcer::AddGroupingPolicies) - .def("AddNamedGroupingPolicy", &casbin::Enforcer::AddNamedGroupingPolicy) - .def("AddNamedGroupingPolicies", &casbin::Enforcer::AddNamedGroupingPolicies) - .def("RemoveGroupingPolicy", &casbin::Enforcer::RemoveGroupingPolicy) - .def("RemoveGroupingPolicies", &casbin::Enforcer::RemoveGroupingPolicies) - .def("RemoveFilteredGroupingPolicy", &casbin::Enforcer::RemoveFilteredGroupingPolicy) - .def("RemoveNamedGroupingPolicy", &casbin::Enforcer::RemoveNamedGroupingPolicy) - .def("RemoveNamedGroupingPolicies", &casbin::Enforcer::RemoveNamedGroupingPolicies) - .def("RemoveFilteredNamedGroupingPolicy", &casbin::Enforcer::RemoveFilteredNamedGroupingPolicy) - .def("AddFunction", &casbin::Enforcer::AddFunction) - .def("UpdateGroupingPolicy", &casbin::Enforcer::UpdateGroupingPolicy) - .def("UpdateNamedGroupingPolicy", &casbin::Enforcer::UpdateNamedGroupingPolicy) - .def("UpdatePolicy", &casbin::Enforcer::UpdatePolicy) - .def("UpdateNamedPolicy", &casbin::Enforcer::UpdateNamedPolicy) - .def("UpdatePolicies", &casbin::Enforcer::UpdatePolicies) - .def("UpdateNamedPolicies", &casbin::Enforcer::UpdateNamedPolicies) - - /* RBAC API member functions. */ - - .def("GetRolesForUser", &casbin::Enforcer::GetRolesForUser) - .def("GetUsersForRole", &casbin::Enforcer::GetUsersForRole) - .def("HasRoleForUser", &casbin::Enforcer::HasRoleForUser) - .def("AddRoleForUser", &casbin::Enforcer::AddRoleForUser) - .def("AddRolesForUser", &casbin::Enforcer::AddRolesForUser) - .def("AddPermissionForUser", &casbin::Enforcer::AddPermissionForUser) - .def("DeletePermissionForUser", &casbin::Enforcer::DeletePermissionForUser) - .def("DeletePermissionsForUser", &casbin::Enforcer::DeletePermissionsForUser) - .def("GetPermissionsForUser", &casbin::Enforcer::GetPermissionsForUser) - .def("HasPermissionForUser", &casbin::Enforcer::HasPermissionForUser) - .def("GetImplicitRolesForUser", &casbin::Enforcer::GetImplicitRolesForUser) - .def("GetImplicitPermissionsForUser", &casbin::Enforcer::GetImplicitPermissionsForUser) - .def("GetImplicitUsersForPermission", &casbin::Enforcer::GetImplicitUsersForPermission) - .def("DeleteRoleForUser", &casbin::Enforcer::DeleteRoleForUser) - .def("DeleteRolesForUser", &casbin::Enforcer::DeleteRolesForUser) - .def("DeleteUser", &casbin::Enforcer::DeleteUser) - .def("DeleteRole", &casbin::Enforcer::DeleteRole) - .def("DeletePermission", &casbin::Enforcer::DeletePermission) - - /* Internal API member functions omitted */ - - /* RBAC API with domains.*/ - - .def("GetUsersForRoleInDomain", &casbin::Enforcer::GetUsersForRoleInDomain) - .def("GetRolesForUserInDomain", &casbin::Enforcer::GetRolesForUserInDomain) - .def("GetPermissionsForUserInDomain", &casbin::Enforcer::GetPermissionsForUserInDomain) - .def("AddRoleForUserInDomain", &casbin::Enforcer::AddRoleForUserInDomain) - .def("DeleteRoleForUserInDomain", &casbin::Enforcer::DeleteRoleForUserInDomain); -} \ No newline at end of file diff --git a/bindings/python/py_model.cpp b/bindings/python/py_model.cpp deleted file mode 100644 index f0015b29..00000000 --- a/bindings/python/py_model.cpp +++ /dev/null @@ -1,61 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include - -#include "py_casbin.h" - -void PyLoadModelFromConfig(casbin::Model* model, std::shared_ptr config) { - model->LoadModelFromConfig(config); -} - -void bindPyModel(py::module &m) { - py::class_>(m, "Model") - .def(py::init<>()) - .def(py::init()) - - .def_readonly_static("required_sections", &casbin::Model::required_sections) - - .def("HasSection", &casbin::Model::HasSection) - .def("AddDef", &casbin::Model::AddDef, "AddDef adds an assertion to the model.") - .def("LoadModel", &casbin::Model::LoadModel, "LoadModel loads the model from model CONF file.") - .def("LoadModelFromText", &casbin::Model::LoadModelFromText, "LoadModelFromText loads the model from the text.") - .def("LoadModelFromConfig", &casbin::Model::LoadModelFromConfig) - .def("PrintModel", &casbin::Model::PrintModel, "PrintModel prints the model to the log.") - - .def("BuildIncrementalRoleLinks", &casbin::Model::BuildIncrementalRoleLinks) - .def("BuildRoleLinks", &casbin::Model::BuildRoleLinks, "BuildRoleLinks initializes the roles in RBAC.") - .def("PrintPolicy", &casbin::Model::PrintPolicy, "PrintPolicy prints the policy to log.") - .def("ClearPolicy", &casbin::Model::ClearPolicy, "ClearPolicy clears all current policy.") - .def("GetPolicy", &casbin::Model::GetPolicy, "GetPolicy gets all rules in a policy.") - .def("GetFilteredPolicy", &casbin::Model::GetFilteredPolicy, "GetFilteredPolicy gets rules based on field filters from a policy.") - .def("HasPolicy", &casbin::Model::HasPolicy, "HasPolicy determines whether a model has the specified policy rule.") - .def("AddPolicy", &casbin::Model::AddPolicy, "AddPolicy adds a policy rule to the model.") - .def("AddPolicies", &casbin::Model::AddPolicies, "AddPolicies adds policy rules to the model.") - .def("UpdatePolicy", &casbin::Model::UpdatePolicy, "UpdatePolicy updates a policy rule from the model.") - .def("UpdatePolicies", &casbin::Model::UpdatePolicies, "UpdatePolicies updates a set of policy rules from the model.") - .def("RemovePolicy", &casbin::Model::RemovePolicy, "RemovePolicy removes a policy rule from the model.") - .def("RemovePolicies", &casbin::Model::RemovePolicies, "RemovePolicies removes policy rules from the model.") - .def("RemoveFilteredPolicy", &casbin::Model::RemoveFilteredPolicy, "RemoveFilteredPolicy removes policy rules based on field filters from the model.") - .def("GetValuesForFieldInPolicy", &casbin::Model::GetValuesForFieldInPolicy, "GetValuesForFieldInPolicy gets all values for a field for all rules in a policy, duplicated values are removed.") - .def("GetValuesForFieldInPolicyAllTypes", &casbin::Model::GetValuesForFieldInPolicyAllTypes, "GetValuesForFieldInPolicyAllTypes gets all values for a field for all rules in a policy of all p_types, duplicated values are removed.") - - .def_static("NewModel", &casbin::Model::NewModel, "NewModel creates an empty model.") - .def_static("NewModelFromFile", &casbin::Model::NewModelFromFile, "NewModelFromFile creates a model from a .CONF file.") - .def_static("NewModelFromString", &casbin::Model::NewModelFromString, "NewModel creates a model from a std::string which contains model text."); -} diff --git a/bindings/python/py_synced_enforcer.cpp b/bindings/python/py_synced_enforcer.cpp deleted file mode 100644 index 610eff19..00000000 --- a/bindings/python/py_synced_enforcer.cpp +++ /dev/null @@ -1,119 +0,0 @@ -/* -* Copyright 2021 The casbin Authors. All Rights Reserved. -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -#include -#include -#include -#include - -#include "py_casbin.h" - -namespace py = pybind11; - -void bindPySyncedEnforcer(py::module& m) { - py::class_(m, "SyncedEnforcer") - .def(py::init<>(), "Enforcer is the default constructor.") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file and a policy file. - @param model_path the path of the model file. - @param policy_file the path of the policy file. - )doc") - .def(py::init>(), R"doc( - Enforcer initializes an enforcer with a database adapter. - @param model_path the path of the model file. - @param adapter the adapter. - )doc") - .def(py::init, std::shared_ptr>(), R"doc( - Enforcer initializes an enforcer with a model and a database adapter. - @param m the model. - @param adapter the adapter. - )doc") - .def(py::init>(), R"doc( - Enforcer initializes an enforcer with a model. - @param m the model. - )doc") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file. - @param model_path the path of the model file. - )doc") - .def(py::init(), R"doc( - Enforcer initializes an enforcer with a model file, a policy file and an enable log flag. - @param model_path the path of the model file. - @param policy_file the path of the policy file. - @param enable_log whether to enable Casbin's log. - )doc") - - .def("StartAutoLoadPolicy", &casbin::SyncedEnforcer::StartAutoLoadPolicy, "StartAutoLoadPolicy starts a thread that will go through every specified duration call LoadPolicy") - .def("IsAutoLoadingRunning", &casbin::SyncedEnforcer::IsAutoLoadingRunning, "IsAutoLoadingRunning check if SyncedEnforcer is auto loading policies") - .def("StopAutoLoadPolicy", &casbin::SyncedEnforcer::StopAutoLoadPolicy, "StopAutoLoadPolicy causes the thread to exit") - .def("SetWatcher", &casbin::SyncedEnforcer::SetWatcher, "SetWatcher sets the current watcher.") - .def("LoadModel", &casbin::SyncedEnforcer::LoadModel, "LoadModel reloads the model from the model CONF file.") - .def("ClearPolicy", &casbin::SyncedEnforcer::ClearPolicy, "ClearPolicy clears all policy.") - .def("LoadPolicy", &casbin::SyncedEnforcer::LoadPolicy, "LoadPolicy reloads the policy from file/database.") - // .def("LoadFilteredPolicy", &casbin::SyncedEnforcer::LoadFilteredPolicy, "LoadFilteredPolicy reloads a filtered policy from file/database.") - .def("SavePolicy", &casbin::SyncedEnforcer::SavePolicy, "SavePolicy saves the current policy (usually after changed with Casbin API) back to file/database.") - .def("BuildRoleLinks", &casbin::SyncedEnforcer::BuildRoleLinks, "BuildRoleLinks manually rebuild the role inheritance relations.") - .def("Enforce", py::overload_cast(&casbin::SyncedEnforcer::Enforce), "Enforce with a vector param, decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (sub, obj, act).") - .def("Enforce", py::overload_cast(&casbin::SyncedEnforcer::Enforce), "Enforce with a map param, decides whether a \"subject\" can access a \"object\" with the operation \"action\", input parameters are usually: (sub, obj, act).") - .def("BatchEnforce", &casbin::SyncedEnforcer::BatchEnforce, "BatchEnforce enforce in batches") - .def("BatchEnforceWithMatcher", &casbin::SyncedEnforcer::BatchEnforceWithMatcher, "BatchEnforceWithMatcher enforce with matcher in batches") - - /* Management API member functions. */ - - .def("GetAllSubjects", &casbin::SyncedEnforcer::GetAllSubjects) - .def("GetAllNamedSubjects", &casbin::SyncedEnforcer::GetAllNamedSubjects) - .def("GetAllObjects", &casbin::SyncedEnforcer::GetAllObjects) - .def("GetAllNamedObjects", &casbin::SyncedEnforcer::GetAllNamedObjects) - .def("GetAllNamedActions", &casbin::SyncedEnforcer::GetAllNamedActions) - .def("GetAllRoles", &casbin::SyncedEnforcer::GetAllRoles) - .def("GetAllNamedRoles", &casbin::SyncedEnforcer::GetAllNamedRoles) - .def("GetPolicy", &casbin::SyncedEnforcer::GetPolicy) - .def("GetNamedPolicy", &casbin::SyncedEnforcer::GetNamedPolicy) - .def("GetFilteredNamedPolicy", &casbin::SyncedEnforcer::GetFilteredNamedPolicy) - .def("GetGroupingPolicy", &casbin::SyncedEnforcer::GetGroupingPolicy) - .def("GetFilteredGroupingPolicy", &casbin::SyncedEnforcer::GetFilteredGroupingPolicy) - .def("GetNamedGroupingPolicy", &casbin::SyncedEnforcer::GetNamedGroupingPolicy) - .def("GetFilteredNamedGroupingPolicy", &casbin::SyncedEnforcer::GetFilteredNamedGroupingPolicy) - - .def("HasPolicy", &casbin::SyncedEnforcer::HasPolicy) - .def("HasNamedPolicy", &casbin::SyncedEnforcer::HasNamedPolicy) - .def("AddPolicy", &casbin::SyncedEnforcer::AddPolicy) - .def("AddNamedPolicy", &casbin::SyncedEnforcer::AddNamedPolicy) - .def("AddNamedPolicies", &casbin::SyncedEnforcer::AddNamedPolicies) - .def("RemovePolicy", &casbin::SyncedEnforcer::RemovePolicy) - .def("RemovePolicies", &casbin::SyncedEnforcer::RemovePolicies) - .def("RemoveFilteredPolicy", &casbin::SyncedEnforcer::RemoveFilteredPolicy) - .def("RemoveNamedPolicies", &casbin::SyncedEnforcer::RemoveNamedPolicies) - .def("RemoveFilteredNamedPolicy", &casbin::SyncedEnforcer::RemoveFilteredNamedPolicy) - .def("HasNamedGroupingPolicy", &casbin::SyncedEnforcer::HasNamedGroupingPolicy) - .def("AddGroupingPolicy", &casbin::SyncedEnforcer::AddGroupingPolicy) - .def("AddGroupingPolicies", &casbin::SyncedEnforcer::AddGroupingPolicies) - .def("AddNamedGroupingPolicy", &casbin::SyncedEnforcer::AddNamedGroupingPolicy) - .def("AddNamedGroupingPolicies", &casbin::SyncedEnforcer::AddNamedGroupingPolicies) - .def("RemoveGroupingPolicy", &casbin::SyncedEnforcer::RemoveGroupingPolicy) - .def("RemoveGroupingPolicies", &casbin::SyncedEnforcer::RemoveGroupingPolicies) - .def("RemoveFilteredGroupingPolicy", &casbin::SyncedEnforcer::RemoveFilteredGroupingPolicy) - .def("RemoveNamedGroupingPolicy", &casbin::SyncedEnforcer::RemoveNamedGroupingPolicy) - .def("RemoveNamedGroupingPolicies", &casbin::SyncedEnforcer::RemoveNamedGroupingPolicies) - .def("RemoveFilteredNamedGroupingPolicy", &casbin::SyncedEnforcer::RemoveFilteredNamedGroupingPolicy) - .def("AddFunction", &casbin::SyncedEnforcer::AddFunction) - .def("UpdateGroupingPolicy", &casbin::SyncedEnforcer::UpdateGroupingPolicy) - .def("UpdateNamedGroupingPolicy", &casbin::SyncedEnforcer::UpdateNamedGroupingPolicy) - .def("UpdatePolicy", &casbin::SyncedEnforcer::UpdatePolicy) - .def("UpdateNamedPolicy", &casbin::SyncedEnforcer::UpdateNamedPolicy) - .def("UpdatePolicies", &casbin::SyncedEnforcer::UpdatePolicies) - .def("UpdateNamedPolicies", &casbin::SyncedEnforcer::UpdateNamedPolicies); -} diff --git a/casbin/enforcer.cpp b/casbin/enforcer.cpp index b28a1bc5..f01f55f7 100644 --- a/casbin/enforcer.cpp +++ b/casbin/enforcer.cpp @@ -296,7 +296,8 @@ void Enforcer::InitWithModelAndAdapter(const std::shared_ptr& m, std::sha void Enforcer::Initialize() { this->rm = std::make_shared(10); m_eft = std::make_shared(); - m_watcher = NULL; + m_watcher = nullptr; + m_scope = nullptr; m_enabled = true; m_auto_save = true; @@ -304,6 +305,17 @@ void Enforcer::Initialize() { m_auto_notify_watcher = true; } +/** + * Destructor of Enforcer + * + * @step: Release the memory of Enforcer->m_scope +*/ +Enforcer::~Enforcer() { + if (this->m_scope != nullptr) { + DeinitializeScope(this->m_scope); + } +} + // LoadModel reloads the model from the model CONF file. // Because the policy is attached to a model, so the policy is invalidated and needs // to be reloaded by calling LoadPolicy(). @@ -493,7 +505,11 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataList& pa if (cnt != r_cnt) return false; - Scope scope = InitializeScope(); + if (this->m_scope == nullptr) { + this->m_scope = InitializeScope(); + } + Scope scope = this->m_scope; + PushObject(scope, "r"); size_t i = 0; @@ -518,7 +534,11 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataList& pa // } bool result = m_enforce(matcher, scope); - DeinitializeScope(scope); + + if (scope != nullptr) { + clean_scope("r"); + clean_scope("p"); + } return result; } @@ -532,7 +552,10 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataVector& if (cnt != r_cnt) return false; - Scope scope = InitializeScope(); + if (this->m_scope == nullptr) { + this->m_scope = InitializeScope(); + } + Scope scope = this->m_scope; PushObject(scope, "r"); size_t i = 0; @@ -558,7 +581,10 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataVector& // } bool result = m_enforce(matcher, scope); - DeinitializeScope(scope); + if (scope != nullptr) { + clean_scope("r"); + clean_scope("p"); + } return result; } @@ -566,7 +592,10 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataVector& // with the operation "action", input parameters are usually: (matcher, sub, obj, act), // use model matcher by default when matcher is "". bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataMap& params) { - Scope scope = InitializeScope(); + if (this->m_scope == nullptr) { + this->m_scope = InitializeScope(); + } + Scope scope = this->m_scope; PushObject(scope, "r"); for (auto [param_name, param_data] : params) { @@ -583,7 +612,10 @@ bool Enforcer::EnforceWithMatcher(const std::string& matcher, const DataMap& par } bool result = m_enforce(matcher, scope); - DeinitializeScope(scope); + if (scope != nullptr) { + clean_scope("r"); + clean_scope("p"); + } return result; } @@ -608,6 +640,20 @@ std::vector Enforcer::BatchEnforceWithMatcher(const std::string& matcher, return results; } +// clean scope to prepare next enforce +void Enforcer::clean_scope(std::string section_name) { + auto& section = this->m_model->m[section_name]; + for (auto& [assertion_name, assertion]: section.assertion_map) { + std::vector raw_tokens = assertion->tokens; + + for(int j = 0 ; j < raw_tokens.size() ; j++) { + size_t index = raw_tokens[j].find("_"); + std::string token = raw_tokens[j].substr(index + 1); + DeletePropFromObject(this->m_scope, assertion_name, token); + } + } +} + } // namespace casbin #endif // ENFORCER_CPP diff --git a/casbin/enforcer.h b/casbin/enforcer.h index 7de0c570..3b7d2383 100644 --- a/casbin/enforcer.h +++ b/casbin/enforcer.h @@ -39,6 +39,7 @@ class Enforcer : public IEnforcer { std::shared_ptr m_adapter; std::shared_ptr m_watcher; + Scope m_scope; LogUtil m_log; bool m_enabled; @@ -50,6 +51,8 @@ class Enforcer : public IEnforcer { // with the operation "action", input parameters are usually: (matcher, sub, obj, act), // use model matcher by default when matcher is "". bool m_enforce(const std::string& matcher, Scope scope); + // clean scope to prepare next enforce + void clean_scope(std::string section_name); public: @@ -100,6 +103,8 @@ class Enforcer : public IEnforcer { * @param enable_log whether to enable Casbin's log. */ Enforcer(const std::string& model_path, const std::string& policy_file, bool enable_log); + // Destructor of Enforcer. + ~Enforcer(); // InitWithFile initializes an enforcer with a model file and a policy file. void InitWithFile(const std::string& model_path, const std::string& policy_path); // InitWithAdapter initializes an enforcer with a database adapter. diff --git a/casbin/management_api.cpp b/casbin/management_api.cpp index 14f72d83..84ef74a2 100644 --- a/casbin/management_api.cpp +++ b/casbin/management_api.cpp @@ -245,7 +245,8 @@ bool Enforcer :: AddNamedGroupingPolicy(const std::string& p_type, const std::ve } if(m_auto_build_role_links) - this->BuildRoleLinks(); + this->BuildIncrementalRoleLinks(policy_add, p_type, {params}); + // this->BuildRoleLinks(); return rule_added; } diff --git a/casbin/model/scope_config.cpp b/casbin/model/scope_config.cpp index 7604273e..404984fc 100644 --- a/casbin/model/scope_config.cpp +++ b/casbin/model/scope_config.cpp @@ -278,6 +278,12 @@ void EvalNoResult(Scope scope, std::string expression){ duk_eval_string_noresult(scope, expression.c_str()); } +void DeletePropFromObject(Scope scope, std::string object_name, std::string prop_name) { + if (duk_get_global_string(scope, object_name.c_str())) { + duk_del_prop_string(scope, -1, prop_name.c_str()); + } +} + } // namespace casbin #endif // SCOPE_CONFIG_CPP diff --git a/casbin/model/scope_config.h b/casbin/model/scope_config.h index 213e2508..0394d9a8 100644 --- a/casbin/model/scope_config.h +++ b/casbin/model/scope_config.h @@ -70,6 +70,7 @@ void PushStringPropToObject(Scope scope, std::string obj, std::string s, std::st void PushPointerPropToObject(Scope scope, std::string obj, void * ptr, std::string identifier); void PushObjectPropToObject(Scope scope, std::string obj, std::string identifier); void PushObjectPropFromJson(Scope scope, nlohmann::json& j, std::string j_name); +void DeletePropFromObject(Scope scope, std::string object_name, std::string prop_name); Type CheckType(Scope scope); bool FetchIdentifier(Scope scope, std::string identifier); unsigned int Size(Scope scope); diff --git a/include/casbin/casbin_enforcer.h b/include/casbin/casbin_enforcer.h index 81925d8a..44a574c0 100644 --- a/include/casbin/casbin_enforcer.h +++ b/include/casbin/casbin_enforcer.h @@ -159,6 +159,7 @@ namespace casbin { std::shared_ptr m_adapter; std::shared_ptr m_watcher; + Scope m_scope; LogUtil m_log; bool m_enabled; @@ -170,6 +171,8 @@ namespace casbin { // with the operation "action", input parameters are usually: (matcher, sub, obj, act), // use model matcher by default when matcher is "". bool m_enforce(const std::string& matcher, Scope scope); + // clean scope to prepare next enforce + void clean_scope(std::string section_name); public: @@ -220,6 +223,8 @@ namespace casbin { * @param enable_log whether to enable Casbin's log. */ Enforcer(const std::string& model_path, const std::string& policy_file, bool enable_log); + // Destructor of Enforcer. + ~Enforcer(); // InitWithFile initializes an enforcer with a model file and a policy file. void InitWithFile(const std::string& model_path, const std::string& policy_path); // InitWithAdapter initializes an enforcer with a database adapter. diff --git a/include/casbin/casbin_helpers.h b/include/casbin/casbin_helpers.h index c7e779b6..62dd73c2 100644 --- a/include/casbin/casbin_helpers.h +++ b/include/casbin/casbin_helpers.h @@ -545,6 +545,7 @@ namespace casbin { void PushPointerPropToObject(Scope scope, std::string obj, void * ptr, std::string identifier); void PushObjectPropToObject(Scope scope, std::string obj, std::string identifier); void PushObjectPropFromJson(Scope scope, nlohmann::json& j, std::string j_name); + void DeletePropFromObject(Scope scope, std::string object_name, std::string prop_name); Type CheckType(Scope scope); bool FetchIdentifier(Scope scope, std::string identifier); unsigned int Size(Scope scope);