-
Notifications
You must be signed in to change notification settings - Fork 6
/
casbin.go
141 lines (126 loc) · 3.39 KB
/
casbin.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package database
import (
"context"
"fmt"
"github.com/casbin/casbin/v2"
"github.com/casbin/casbin/v2/model"
"github.com/casbin/casbin/v2/persist"
"path"
"time"
)
type casbinService interface {
GetEFRoles(ctx context.Context) (roles []*EFRolePolicy, err error)
GetEFUsers(ctx context.Context) (users []*EFUseRole, err error)
}
type EFRolePolicy struct {
RoleName string
Router string
Method string
}
type EFUseRole struct {
UserID int64
RoleName string
}
// Config casbin config.
type CasbinConfig struct {
Model string
Enable bool
AutoLoad bool
AutoLoadInternal int
}
// NewCasbinConn with CasbinConfig and Custom Adapter
// Start Goroutine to Watching CasbinModel and CasbinConfig
func NewCasbinConn(svc casbinService, dir string, c *CasbinConfig) (e *casbin.SyncedEnforcer, err error) {
if !c.Enable {
return
}
adapter := NewCasbinAdapter(svc)
//adapter := gormadapter.NewAdapterByDB(db)
m := path.Join(dir, c.Model)
e, err = casbin.NewSyncedEnforcer(m, adapter)
if err != nil {
return
}
e.EnableAutoSave(false)
e.EnableAutoBuildRoleLinks(true)
if c.AutoLoad {
_ = e.InitWithModelAndAdapter(e.GetModel(), adapter)
e.StartAutoLoadPolicy(time.Duration(c.AutoLoadInternal) * time.Second)
} else {
err = adapter.LoadPolicy(e.GetModel())
if err != nil {
return
}
}
err = e.BuildRoleLinks()
return
}
// NewCasbinAdapter 创建casbin适配器
func NewCasbinAdapter(svc casbinService) *CasbinAdapter {
return &CasbinAdapter{
svc: svc,
}
}
// CasbinAdapter casbin适配器
type CasbinAdapter struct {
svc casbinService
}
// LoadPolicy loads all policy rules from the storage.
func (a *CasbinAdapter) LoadPolicy(model model.Model) error {
ctx := context.Background()
err := a.loadRolePolicy(ctx, model)
if err != nil {
return err
}
err = a.loadUserPolicy(ctx, model)
if err != nil {
return err
}
return nil
}
// loadRolePolicy loads all policy rules of role.
func (a *CasbinAdapter) loadRolePolicy(ctx context.Context, model model.Model) error {
roles, err := a.svc.GetEFRoles(ctx)
if err != nil {
return err
}
for _, role := range roles {
if role.Router == "" || role.Method == "" {
continue
}
line := fmt.Sprintf("p,%s,%s,%s", role.RoleName, role.Router, role.Method)
persist.LoadPolicyLine(line, model)
}
return nil
}
// loadRolePolicy loads all policy rules of user.
func (a *CasbinAdapter) loadUserPolicy(ctx context.Context, model model.Model) error {
users, err := a.svc.GetEFUsers(ctx)
if err != nil {
return err
}
for _, user := range users {
line := fmt.Sprintf("g,%d,%s", user.UserID, user.RoleName)
persist.LoadPolicyLine(line, model)
}
return nil
}
// SavePolicy saves all policy rules to the storage.
func (a *CasbinAdapter) SavePolicy(model model.Model) error {
return nil
}
// AddPolicy adds a policy rule to the storage.
// This is part of the Auto-Save feature.
func (a *CasbinAdapter) AddPolicy(sec string, ptype string, rule []string) error {
return nil
}
// RemovePolicy removes a policy rule from the storage.
// This is part of the Auto-Save feature.
func (a *CasbinAdapter) RemovePolicy(sec string, ptype string, rule []string) error {
return nil
}
// RemoveFilteredPolicy removes policy rules that match the filter from the storage.
// This is part of the Auto-Save feature.
func (a *CasbinAdapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error {
return nil
}