Skip to content

Commit acd8715

Browse files
TaoyuesongTaoyuesong
authored
feat: add JSON value for ABAC (#373)
* feat: support JSON request Signed-off-by: Taoyuesong <tao634774653@gmail.com> * feat: support JSON request Signed-off-by: Taoyuesong <tao634774653@gmail.com> * feat: add test case Signed-off-by: Taoyuesong <tao634774653@gmail.com> * feat: clean up test project by list pattern Signed-off-by: Taoyuesong <tao634774653@gmail.com> --------- Signed-off-by: Taoyuesong <tao634774653@gmail.com>
1 parent 85b9330 commit acd8715

17 files changed

+723
-507
lines changed

Casbin.UnitTests/Examples/abac_not_using_policy_model.conf

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
[request_definition]
2+
r = sub, obj, act
3+
4+
[policy_definition]
5+
p = sub, obj, act, eft
6+
7+
[policy_effect]
8+
e = some(where (p.eft == allow)) && !some(where (p.eft == deny))
9+
10+
[matchers]
11+
m = r.sub == r.obj.Owner

Casbin.UnitTests/Examples/abac_rule_effect_policy.csv

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
p, alice, /data1, read, deny
2+
p, alice, /data1, write, allow
3+
p, bob, /data2, write, deny
4+
p, bob, /data2, read, allow

Casbin.UnitTests/Examples/abac_rule_policy.csv

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
p, r.sub.Age > 18, /data1, read
2-
p, r.sub.Age < 60, /data2, write
2+
p, r.sub.Age < 60, /data2, write

Casbin.UnitTests/Fixtures/TestModelFixture.cs

+6
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,12 @@ public class TestModelFixture
102102
public static readonly string AbacWithDynamicValueTypeModelText = ReadTestFile("abac_with_dynamic_value_type_model.conf");
103103
public static readonly string AbacWithDynamicValueTypePolicyText = ReadTestFile("abac_with_dynamic_value_type_policy.csv");
104104

105+
// https://github.com/casbin/Casbin.NET/issues/364
106+
public static readonly string AbacNotUsingPolicyModelText = ReadTestFile("abac_not_using_policy_model.conf");
107+
public static readonly string AbacRuleEffectPolicyText = ReadTestFile("abac_rule_effect_policy.csv");
108+
public static readonly string AbacRuleModelText = ReadTestFile("abac_rule_model.conf");
109+
public static readonly string AbacRulePolicyText = ReadTestFile("abac_rule_policy.csv");
110+
105111
public static IModel GetNewAbacModel() => GetNewTestModel(AbacModelText);
106112

107113
public static IModel GetNewAbacWithEvalModel() => GetNewTestModel(AbacWithEvalModelText, AbacWithEvalPolicyText);

Casbin.UnitTests/ModelTests/EnforcerTest.cs

+22-15
Original file line numberDiff line numberDiff line change
@@ -731,22 +731,30 @@ public async Task TestInitEmptyByInputStreamAsync()
731731
public void TestReloadPolicy()
732732
{
733733
Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv");
734-
735734
e.LoadPolicy();
736-
TestGetPolicy(e,
737-
AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"),
738-
AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")));
735+
e.TestGetPolicy(
736+
[
737+
["alice", "data1", "read"],
738+
["bob", "data2", "write"],
739+
["data2_admin", "data2", "read"],
740+
["data2_admin", "data2", "write"]
741+
]
742+
);
739743
}
740744

741745
[Fact]
742746
public async Task TestReloadPolicyAsync()
743747
{
744748
Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv");
745-
746749
await e.LoadPolicyAsync();
747-
TestGetPolicy(e,
748-
AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"),
749-
AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")));
750+
e.TestGetPolicy(
751+
[
752+
["alice", "data1", "read"],
753+
["bob", "data2", "write"],
754+
["data2_admin", "data2", "read"],
755+
["data2_admin", "data2", "write"]
756+
]
757+
);
750758
}
751759

752760
[Fact]
@@ -880,7 +888,7 @@ public void TestEnableAutoSave()
880888
// Reload the policy from the storage to see the effect.
881889
e.LoadPolicy();
882890

883-
Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here.
891+
Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here.
884892
Assert.False(e.Enforce("alice", "data1", "write"));
885893
Assert.False(e.Enforce("alice", "data2", "read"));
886894
Assert.False(e.Enforce("alice", "data2", "write"));
@@ -1068,22 +1076,21 @@ public async Task TestEnforceExApiAsync()
10681076
e.BuildRoleLinks();
10691077

10701078
await e.TestEnforceExAsync("alice", "data1", "read", new List<string> { "alice", "data1", "read", "allow" });
1071-
await e.TestEnforceExAsync("alice", "data1", "write", new List<string> { "data1_deny_group", "data1", "write", "deny" });
1079+
await e.TestEnforceExAsync("alice", "data1", "write",
1080+
new List<string> { "data1_deny_group", "data1", "write", "deny" });
10721081
await e.TestEnforceExAsync("alice", "data2", "read", new List<string>());
10731082
await e.TestEnforceExAsync("alice", "data2", "write", new List<string>());
10741083
await e.TestEnforceExAsync("bob", "data1", "write", new List<string>());
1075-
await e.TestEnforceExAsync("bob", "data2", "read", new List<string> { "data2_allow_group", "data2", "read", "allow" });
1084+
await e.TestEnforceExAsync("bob", "data2", "read",
1085+
new List<string> { "data2_allow_group", "data2", "read", "allow" });
10761086
await e.TestEnforceExAsync("bob", "data2", "write", new List<string> { "bob", "data2", "write", "deny" });
10771087
}
10781088

10791089
#if !NET452
10801090
[Fact]
10811091
public void TestEnforceExApiLog()
10821092
{
1083-
Enforcer e = new(TestModelFixture.GetBasicTestModel())
1084-
{
1085-
Logger = new MockLogger<Enforcer>(_testOutputHelper)
1086-
};
1093+
Enforcer e = new(TestModelFixture.GetBasicTestModel()) { Logger = new MockLogger<Enforcer>(_testOutputHelper) };
10871094

10881095
e.TestEnforceEx("alice", "data1", "read", new List<string> { "alice", "data1", "read" });
10891096
e.TestEnforceEx("alice", "data1", "write", new List<string>());

Casbin.UnitTests/ModelTests/JsonValueTest.cs

+29
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
#if !NET452 && !NET461 && !NET462
2+
using Casbin.Model;
3+
using DynamicExpresso;
4+
using Xunit;
5+
6+
namespace Casbin.UnitTests.ModelTests;
7+
8+
public class JsonValueTest
9+
{
10+
[Fact]
11+
public void GetJsonValueTest()
12+
{
13+
string json = "{\"name\":\"John\",\"age\":30,\"car\":null}";
14+
15+
var interpreter = new Interpreter();
16+
interpreter.SetVariable("obj", new JsonValue(json));
17+
object result = interpreter.Eval("obj.name");
18+
Assert.Equal("John", result);
19+
20+
string arrayJson = "[{\"name\":\"John\"},{\"name\":\"Doe\"}]";
21+
22+
interpreter.SetVariable("array", new JsonValue(arrayJson));
23+
object arrayResult = interpreter.Eval("array[0].name");
24+
Assert.Equal("John", arrayResult);
25+
}
26+
}
27+
#endif
28+
29+

0 commit comments

Comments
 (0)