Skip to content

Commit

Permalink
fix: nil pointer panic with no role definition model
Browse files Browse the repository at this point in the history 
fix: casbin#1369

Signed-off-by: ccccrrrr <zcr1006@gmail.com>
  • Loading branch information
@ccccrrrr
ccccrrrr committed Mar 24, 2024
1 parent c929fd5 commit a2c052c
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 4 deletions.
3 changes: 3 additions & 0 deletions model/model.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,9 @@ func (model Model) SortPoliciesBySubjectHierarchy() error {
if model["e"]["e"].Value != constant.SubjectPriorityEffect {
return nil
}
if model["g"]["g"] == nil {
return errors.New("role definition is not defined")
}
subIndex := 0
for ptype, assertion := range model["p"] {
domainIndex, err := model.GetFieldIndex(ptype, constant.DomainIndex)
Expand Down
16 changes: 12 additions & 4 deletions rbac_api_with_domains.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,9 @@ func (e *Enforcer) GetAllUsersByDomain(domain string) []string {
return res
}

users = append(users, getUser(2, g.Policy, domain, m)...)
if g != nil {
users = append(users, getUser(2, g.Policy, domain, m)...)
}
users = append(users, getUser(index, p.Policy, domain, m)...)
return users
}
Expand All @@ -109,6 +111,7 @@ func (e *Enforcer) GetAllUsersByDomain(domain string) []string {
func (e *Enforcer) DeleteAllUsersByDomain(domain string) (bool, error) {
g := e.model["g"]["g"]
p := e.model["p"]["p"]
users := make([][]string, 0)

Check failure on line 114 in rbac_api_with_domains.go

View workflow job for this annotation

GitHub Actions / golangci 

ineffectual assignment to users (ineffassign)
index, err := e.GetFieldIndex("p", constant.DomainIndex)
if err != nil {
return false, err
Expand All @@ -127,9 +130,11 @@ func (e *Enforcer) DeleteAllUsersByDomain(domain string) (bool, error) {
return res
}

users := getUser(2, g.Policy, domain)
if _, err := e.RemoveGroupingPolicies(users); err != nil {
return false, err
if g != nil {
users = getUser(2, g.Policy, domain)
if _, err := e.RemoveGroupingPolicies(users); err != nil {
return false, err
}
}
users = getUser(index, p.Policy, domain)
if _, err := e.RemovePolicies(users); err != nil {
Expand Down Expand Up @@ -165,6 +170,9 @@ func (e *Enforcer) GetAllDomains() ([]string, error) {
// note: Not applicable to Domains with inheritance relationship (implicit roles)
func (e *Enforcer) GetAllRolesByDomain(domain string) []string {
g := e.model["g"]["g"]
if g == nil {
return []string{}
}
policies := g.Policy
roles := make([]string, 0)
existMap := make(map[string]bool) // remove duplicates
Expand Down

0 comments on commit a2c052c

Please sign in to comment.