feat: support enforceEx, fix #70

fix: fix return value

fix: fix return value

fix: fix return value

fix: refactor some code

fix code

fix code

src/CoreEnforcer.php

@@ -489,13 +489,14 @@ public function buildRoleLinks(): void
      * input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
      *
      * @param string $matcher
+     * @param array $explains
      * @param mixed ...$rvals
      *
      * @return bool
      *
      * @throws CasbinException
      */
-    protected function enforcing(string $matcher, ...$rvals): bool
+    protected function enforcing(string $matcher, &$explains = [], ...$rvals): bool
     {
         if (!$this->enabled) {
             return true;
@@ -623,13 +624,30 @@ protected function enforcing(string $matcher, ...$rvals): bool
             }
         }
 
-        $result = $this->eft->mergeEffects($this->model['e']['e']->value, $policyEffects, $matcherResults);
+        list($result, $explainIndex) = $this->eft->mergeEffects($this->model['e']['e']->value, $policyEffects, $matcherResults);
+
+        if ($explains !== null) {
+            if (($explainIndex != -1) && (count($this->model['p']['p']->policy) > $explainIndex)) {
+                $explains = $this->model['p']['p']->policy[$explainIndex];
+            }
+        }
 
         if (Log::getLogger()->isEnabled()) {
             $reqStr = 'Request: ';
             $reqStr .= implode(', ', array_values($rvals));
 
-            $reqStr .= sprintf(' ---> %s', (string)$result);
+            $reqStr .= sprintf(" ---> %s\n", var_export($result, true));
+
+            $reqStr = 'Hit Policy: ';
+            if (count($explains) == count($explains, COUNT_RECURSIVE)) {
+                // if $explains is not multidimensional
+                $reqStr .= sprintf("%s \n", '[' . implode(', ', $explains) . ']');
+            } else {
+                // if $explains is multidimensional
+                foreach ($explains as $i => $pval) {
+                    $reqStr .= sprintf("%s \n", '[' . implode(', ', $pval) . ']');
+                }
+            }
             Log::logPrint($reqStr);
         }
 
@@ -682,7 +700,8 @@ function ($m) {
      */
     public function enforce(...$rvals): bool
     {
-        return $this->enforcing('', ...$rvals);
+        $explains = [];
+        return $this->enforcing('', $explains, ...$rvals);
     }
 
     /**
@@ -698,6 +717,20 @@ public function enforce(...$rvals): bool
      */
     public function enforceWithMatcher(string $matcher, ...$rvals): bool
     {
-        return $this->enforcing($matcher, ...$rvals);
+        $explains = [];
+        return $this->enforcing($matcher, $explains, ...$rvals);
+    }
+
+    /**
+     * EnforceEx explain enforcement by informing matched rules
+     *
+     * @param mixed ...$rvals
+     * @return array
+     */
+    public function enforceEx(...$rvals)
+    {
+        $explain = [];
+        $result = $this->enforcing("", $explain, ...$rvals);
+        return [$result, $explain];
     }
 }

src/Effect/DefaultEffector.php

@@ -20,44 +20,47 @@ class DefaultEffector extends Effector
      * @param array $effects
      * @param array $results
      *
-     * @return bool
+     * @return array
      *
      * @throws CasbinException
      */
-    public function mergeEffects(string $expr, array $effects, array $results): bool
+    public function mergeEffects(string $expr, array $effects, array $results): array
     {
         $result = false;
+        $explainIndex = -1;
         if ('some(where (p_eft == allow))' == $expr) {
-            if (in_array(self::ALLOW, $effects, true)) {
+            $explainIndex = array_search(self::ALLOW, $effects, true);
+            if ($explainIndex !== false) {
                 $result = true;
             }
         } elseif ('!some(where (p_eft == deny))' == $expr) {
             $result = true;
-            if (in_array(self::DENY, $effects, true)) {
+            $explainIndex = array_search(self::DENY, $effects, true);
+            if ($explainIndex !== false) {
                 $result = false;
             }
         } elseif ('some(where (p_eft == allow)) && !some(where (p_eft == deny))' == $expr) {
-            if (in_array(self::DENY, $effects, true)) {
+            $result = true;
+            $explainIndex = array_search(self::DENY, $effects, true);
+            if ($explainIndex !== false) {
                 $result = false;
-            } elseif (in_array(self::ALLOW, $effects, true)) {
-                $result = true;
             }
         } elseif ('priority(p_eft) || deny' == $expr) {
-            foreach ($effects as $eft) {
-                if (self::INDETERMINATE != $eft) {
-                    if (self::ALLOW == $eft) {
-                        $result = true;
-                    } else {
-                        $result = false;
-                    }
-
-                    break;
+            $explain = array_filter($effects, function ($val) {
+                return $val != self::INDETERMINATE;
+            });
+            $explainIndex = $explain ? array_key_first($explain) : false;
+            if ($explainIndex !== false) {
+                if (self::ALLOW == $explain[$explainIndex]) {
+                    $result = true;
+                } else {
+                    $result = false;
                 }
             }
         } else {
             throw new CasbinException('unsupported effect');
         }
-
-        return $result;
+        $explainIndex = $explainIndex === false ? -1 : $explainIndex;
+        return [$result, $explainIndex];
     }
 }

src/Effect/Effector.php

@@ -22,7 +22,7 @@ abstract class Effector
      * @param array  $effects
      * @param array  $results
      *
-     * @return bool
+     * @return array
      */
-    abstract public function mergeEffects(string $expr, array $effects, array $results): bool;
+    abstract public function mergeEffects(string $expr, array $effects, array $results): array;
 }