Skip to content

Commit

Permalink
fix: change the enforcer interface.
Browse files Browse the repository at this point in the history 
Signed-off-by: ZipoChan <[email protected]>
  • Loading branch information
@ZipoChan
ZipoChan committed Jul 18, 2020
1 parent bf6096a commit 012f357
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 85 deletions.
56 changes: 18 additions & 38 deletions casbin/enforcer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,9 @@ bool Enforcer :: enforce(string matcher, Scope scope) {
/**
* Enforcer is the default constructor.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer() {
shared_ptr<Enforcer> e = shared_ptr<Enforcer>(new Enforcer());
return e;
unique_ptr<Enforcer> Enforcer ::NewEnforcer() {
unique_ptr<Enforcer> e = unique_ptr<Enforcer>(new Enforcer());
return move(e);
}

/**
Expand All @@ -173,8 +173,8 @@ shared_ptr<Enforcer> Enforcer :: NewEnforcer() {
* @param model_path the path of the model file.
* @param policyFile the path of the policy file.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, string policyFile) {
return NewEnforcer(model_path, shared_ptr<FileAdapter>(FileAdapter :: NewAdapter(policyFile)));
unique_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, string policyFile) {
return move(NewEnforcer(model_path, shared_ptr<FileAdapter>(FileAdapter :: NewAdapter(policyFile))));
}

/**
Expand All @@ -183,10 +183,10 @@ shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, string policyFil
* @param model_path the path of the model file.
* @param adapter the adapter.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, shared_ptr<Adapter> adapter) {
shared_ptr<Enforcer> e = NewEnforcer(shared_ptr<Model>(Model :: NewModelFromFile(model_path)), adapter);
unique_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, shared_ptr<Adapter> adapter) {
unique_ptr<Enforcer> e = NewEnforcer(shared_ptr<Model>(Model :: NewModelFromFile(model_path)), adapter);
e->model_path = model_path;
return e;
return move(e);
}

/**
Expand All @@ -195,8 +195,8 @@ shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, shared_ptr<Adapt
* @param m the model.
* @param adapter the adapter.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(shared_ptr<Model> m, shared_ptr<Adapter> adapter) {
shared_ptr<Enforcer> e = shared_ptr<Enforcer>(new Enforcer());
unique_ptr<Enforcer> Enforcer :: NewEnforcer(shared_ptr<Model> m, shared_ptr<Adapter> adapter) {
unique_ptr<Enforcer> e = unique_ptr<Enforcer>(new Enforcer());
e->adapter = adapter;
e->watcher = NULL;

Expand All @@ -209,25 +209,25 @@ shared_ptr<Enforcer> Enforcer :: NewEnforcer(shared_ptr<Model> m, shared_ptr<Ada
if (e->adapter->file_path != "") {
e->LoadPolicy();
}
return e;
return move(e);
}

/**
* Enforcer initializes an enforcer with a model.
*
* @param m the model.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(shared_ptr<Model> m) {
return NewEnforcer(m, NULL);
unique_ptr<Enforcer> Enforcer ::NewEnforcer(shared_ptr<Model> m) {
return move(NewEnforcer(m, NULL));
}

/**
* Enforcer initializes an enforcer with a model file.
*
* @param model_path the path of the model file.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path) {
return NewEnforcer(model_path, "");
unique_ptr<Enforcer> Enforcer ::NewEnforcer(string model_path) {
return move(NewEnforcer(model_path, ""));
}

/**
Expand All @@ -237,10 +237,10 @@ shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path) {
* @param policyFile the path of the policy file.
* @param enableLog whether to enable Casbin's log.
*/
shared_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, string policyFile, bool enableLog) {
shared_ptr<Enforcer> e = NewEnforcer(model_path, shared_ptr<FileAdapter>(FileAdapter :: NewAdapter(policyFile)));
unique_ptr<Enforcer> Enforcer :: NewEnforcer(string model_path, string policyFile, bool enableLog) {
unique_ptr<Enforcer> e = NewEnforcer(model_path, shared_ptr<FileAdapter>(FileAdapter :: NewAdapter(policyFile)));
// e.EnableLog(enableLog);
return e;
return move(e);
}


Expand Down Expand Up @@ -444,16 +444,6 @@ bool Enforcer :: Enforce(Scope scope) {
return this->EnforceWithMatcher("", scope);
}

// Enforce with three params, decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforcer::Enforce(string sub, string obj, string act) {
return EnforceWithMatcher("", sub, obj, act);
}

// Enforce with four params, decides whether a "subject" can access a "object" with the operation "action" in the domain "dom", input parameters are usually: (sub, dom, obj,act).
bool Enforcer::Enforce(string sub, string dom, string obj, string act) {
return EnforceWithMatcher("", sub, dom, obj, act);
}

// Enforce with a vector param,decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforcer::Enforce(vector<string> params) {
return this->EnforceWithMatcher("", params);
Expand All @@ -469,16 +459,6 @@ bool Enforcer :: EnforceWithMatcher(string matcher, Scope scope) {
return this->enforce(matcher, scope);
}

// Enforce with three params, decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforcer::EnforceWithMatcher(string matcher, string sub, string obj, string act) {
return this->EnforceWithMatcher(matcher, { sub,obj,act });
}

// Enforce with four params, decides whether a "subject" can access a "object" with the operation "action" in the domain "dom", input parameters are usually: (sub, dom, obj,act).
bool Enforcer::EnforceWithMatcher(string matcher, string sub, string dom, string obj, string act) {
return this->EnforceWithMatcher(matcher, { sub,dom,obj,act });
}

// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
bool Enforcer::EnforceWithMatcher(string matcher, vector<string> params) {
vector <string> r_tokens = this->model->m["r"].assertion_map["r"]->tokens;
Expand Down
22 changes: 7 additions & 15 deletions casbin/enforcer.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,48 +50,48 @@ class Enforcer : public IEnforcer{
/**
* Enforcer is the default constructor.
*/
static shared_ptr<Enforcer> NewEnforcer();
static unique_ptr<Enforcer> NewEnforcer();
/**
* Enforcer initializes an enforcer with a model file and a policy file.
*
* @param model_path the path of the model file.
* @param policyFile the path of the policy file.
*/
static shared_ptr<Enforcer> NewEnforcer(string model_path, string policyFile);
static unique_ptr<Enforcer> NewEnforcer(string model_path, string policyFile);
/**
* Enforcer initializes an enforcer with a database adapter.
*
* @param model_path the path of the model file.
* @param adapter the adapter.
*/
static shared_ptr<Enforcer> NewEnforcer(string model_path, shared_ptr<Adapter> adapter);
static unique_ptr<Enforcer> NewEnforcer(string model_path, shared_ptr<Adapter> adapter);
/**
* Enforcer initializes an enforcer with a model and a database adapter.
*
* @param m the model.
* @param adapter the adapter.
*/
static shared_ptr<Enforcer> NewEnforcer(shared_ptr<Model> m, shared_ptr<Adapter> adapter);
static unique_ptr<Enforcer> NewEnforcer(shared_ptr<Model> m, shared_ptr<Adapter> adapter);
/**
* Enforcer initializes an enforcer with a model.
*
* @param m the model.
*/
static shared_ptr<Enforcer> NewEnforcer(shared_ptr<Model> m);
static unique_ptr<Enforcer> NewEnforcer(shared_ptr<Model> m);
/**
* Enforcer initializes an enforcer with a model file.
*
* @param model_path the path of the model file.
*/
static shared_ptr<Enforcer> NewEnforcer(string model_path);
static unique_ptr<Enforcer> NewEnforcer(string model_path);
/**
* Enforcer initializes an enforcer with a model file, a policy file and an enable log flag.
*
* @param model_path the path of the model file.
* @param policyFile the path of the policy file.
* @param enableLog whether to enable Casbin's log.
*/
static shared_ptr<Enforcer> NewEnforcer(string model_path, string policyFile, bool enableLog);
static unique_ptr<Enforcer> NewEnforcer(string model_path, string policyFile, bool enableLog);
// InitWithFile initializes an enforcer with a model file and a policy file.
void InitWithFile(string model_path, string policyPath);
// InitWithAdapter initializes an enforcer with a database adapter.
Expand Down Expand Up @@ -148,20 +148,12 @@ class Enforcer : public IEnforcer{
void BuildIncrementalRoleLinks(policy_op op, string p_type, vector<vector<string>> rules);
// Enforce decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforce(Scope scope);
// Enforce with three params, decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforce(string sub, string obj, string act);
// Enforce with four params, decides whether a "subject" can access a "object" with the operation "action" in the domain "dom", input parameters are usually: (sub, dom, obj,act).
bool Enforce(string sub, string dom, string obj, string act);
// Enforce with a vector param,decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforce(vector<string> params);
// Enforce with a map param,decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool Enforce(unordered_map<string,string> params);
// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
bool EnforceWithMatcher(string matcher, Scope scope);
// Enforce with three params, decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (sub, obj, act).
bool EnforceWithMatcher(string matcher, string sub, string obj, string act);
// Enforce with four params, decides whether a "subject" can access a "object" with the operation "action" in the domain "dom", input parameters are usually: (sub, dom, obj,act).
bool EnforceWithMatcher(string matcher, string sub, string dom, string obj, string act);
// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
bool EnforceWithMatcher(string matcher, vector<string> params);
// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
Expand Down
20 changes: 10 additions & 10 deletions test/test_enforcer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,19 +15,19 @@ namespace test_enforcer
{
public:

void TestEnforce(shared_ptr<Enforcer> e, string sub, string dom, string obj, string act, bool res) {
Assert::AreEqual(res, e->Enforce(sub, dom, obj, act));
void TestEnforce(unique_ptr<Enforcer>& e, string sub, string dom, string obj, string act, bool res) {
Assert::AreEqual(res, e->Enforce({sub, dom, obj, act}));
}

void TestEnforce(shared_ptr<Enforcer> e, string sub, string obj, string act, bool res) {
Assert::AreEqual(res, e->Enforce(sub, obj, act));
void TestEnforce(unique_ptr<Enforcer>& e, string sub, string obj, string act, bool res) {
Assert::AreEqual(res, e->Enforce({sub, obj, act}));
}

void TestEnforce(shared_ptr<Enforcer> e, vector<string> params, bool res) {
void TestEnforce(unique_ptr<Enforcer>& e, vector<string> params, bool res) {
Assert::AreEqual(res, e->Enforce(params));
}

void TestEnforce(shared_ptr<Enforcer> e, unordered_map<string,string> params, bool res) {
void TestEnforce(unique_ptr<Enforcer>& e, unordered_map<string,string> params, bool res) {
Assert::AreEqual(res, e->Enforce(params));
}

Expand All @@ -36,7 +36,7 @@ namespace test_enforcer

string model = "../../examples/rbac_with_domains_model.conf";
string policy = "../../examples/rbac_with_domains_policy.csv";
shared_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);
unique_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);

TestEnforce(e, "alice", "domain1", "data1", "read", true);
TestEnforce(e, "alice", "domain1", "data1", "write", true);
Expand All @@ -51,7 +51,7 @@ namespace test_enforcer
TEST_METHOD(TestThreeParams) {
string model = "../../examples/basic_model_without_spaces.conf";
string policy = "../../examples/basic_policy.csv";
shared_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);
unique_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);

TestEnforce(e, { "alice", "data1", "read" }, true);
TestEnforce(e, { "alice", "data1", "write" }, false);
Expand All @@ -66,7 +66,7 @@ namespace test_enforcer
TEST_METHOD(TestVectorParams) {
string model = "../../examples/basic_model_without_spaces.conf";
string policy = "../../examples/basic_policy.csv";
shared_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);
unique_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);

TestEnforce(e, { "alice", "data1", "read" }, true);
TestEnforce(e, { "alice", "data1", "write" }, false);
Expand All @@ -81,7 +81,7 @@ namespace test_enforcer
TEST_METHOD(TestMapParams) {
string model = "../../examples/basic_model_without_spaces.conf";
string policy = "../../examples/basic_policy.csv";
shared_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);
unique_ptr<Enforcer> e = Enforcer::NewEnforcer(model, policy);

unordered_map<string, string> params = { {"sub","alice"},{"obj","data1"},{"act","read"} };
TestEnforce(e, params, true);
Expand Down
Loading

0 comments on commit 012f357

Please sign in to comment.