Skip to content

Commit

Permalink
feat: add JSON value for ABAC (#373)
Browse files Browse the repository at this point in the history
* feat: support JSON request

Signed-off-by: Taoyuesong <tao634774653@gmail.com>

* feat: support JSON request

Signed-off-by: Taoyuesong <tao634774653@gmail.com>

* feat: add test case

Signed-off-by: Taoyuesong <tao634774653@gmail.com>

* feat: clean up test project by list pattern

Signed-off-by: Taoyuesong <tao634774653@gmail.com>

---------

Signed-off-by: Taoyuesong <tao634774653@gmail.com>
  • Loading branch information
Taoyuesong authored Oct 29, 2024
1 parent 85b9330 commit acd8715
Show file tree
Hide file tree
Showing 17 changed files with 723 additions and 507 deletions.
11 changes: 11 additions & 0 deletions Casbin.UnitTests/Examples/abac_not_using_policy_model.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act, eft

[policy_effect]
e = some(where (p.eft == allow)) && !some(where (p.eft == deny))

[matchers]
m = r.sub == r.obj.Owner
4 changes: 4 additions & 0 deletions Casbin.UnitTests/Examples/abac_rule_effect_policy.csv
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
p, alice, /data1, read, deny
p, alice, /data1, write, allow
p, bob, /data2, write, deny
p, bob, /data2, read, allow
2 changes: 1 addition & 1 deletion Casbin.UnitTests/Examples/abac_rule_policy.csv
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
p, r.sub.Age > 18, /data1, read
p, r.sub.Age < 60, /data2, write
p, r.sub.Age < 60, /data2, write
6 changes: 6 additions & 0 deletions Casbin.UnitTests/Fixtures/TestModelFixture.cs
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,12 @@ public class TestModelFixture
public static readonly string AbacWithDynamicValueTypeModelText = ReadTestFile("abac_with_dynamic_value_type_model.conf");
public static readonly string AbacWithDynamicValueTypePolicyText = ReadTestFile("abac_with_dynamic_value_type_policy.csv");

// https://github.com/casbin/Casbin.NET/issues/364
public static readonly string AbacNotUsingPolicyModelText = ReadTestFile("abac_not_using_policy_model.conf");
public static readonly string AbacRuleEffectPolicyText = ReadTestFile("abac_rule_effect_policy.csv");
public static readonly string AbacRuleModelText = ReadTestFile("abac_rule_model.conf");
public static readonly string AbacRulePolicyText = ReadTestFile("abac_rule_policy.csv");

public static IModel GetNewAbacModel() => GetNewTestModel(AbacModelText);

public static IModel GetNewAbacWithEvalModel() => GetNewTestModel(AbacWithEvalModelText, AbacWithEvalPolicyText);
Expand Down
37 changes: 22 additions & 15 deletions Casbin.UnitTests/ModelTests/EnforcerTest.cs
Original file line number Diff line number Diff line change
Expand Up @@ -731,22 +731,30 @@ public async Task TestInitEmptyByInputStreamAsync()
public void TestReloadPolicy()
{
Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv");

e.LoadPolicy();
TestGetPolicy(e,
AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"),
AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")));
e.TestGetPolicy(
[
["alice", "data1", "read"],
["bob", "data2", "write"],
["data2_admin", "data2", "read"],
["data2_admin", "data2", "write"]
]
);
}

[Fact]
public async Task TestReloadPolicyAsync()
{
Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv");

await e.LoadPolicyAsync();
TestGetPolicy(e,
AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"),
AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")));
e.TestGetPolicy(
[
["alice", "data1", "read"],
["bob", "data2", "write"],
["data2_admin", "data2", "read"],
["data2_admin", "data2", "write"]
]
);
}

[Fact]
Expand Down Expand Up @@ -880,7 +888,7 @@ public void TestEnableAutoSave()
// Reload the policy from the storage to see the effect.
e.LoadPolicy();

Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here.
Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here.
Assert.False(e.Enforce("alice", "data1", "write"));
Assert.False(e.Enforce("alice", "data2", "read"));
Assert.False(e.Enforce("alice", "data2", "write"));
Expand Down Expand Up @@ -1068,22 +1076,21 @@ public async Task TestEnforceExApiAsync()
e.BuildRoleLinks();

await e.TestEnforceExAsync("alice", "data1", "read", new List<string> { "alice", "data1", "read", "allow" });
await e.TestEnforceExAsync("alice", "data1", "write", new List<string> { "data1_deny_group", "data1", "write", "deny" });
await e.TestEnforceExAsync("alice", "data1", "write",
new List<string> { "data1_deny_group", "data1", "write", "deny" });
await e.TestEnforceExAsync("alice", "data2", "read", new List<string>());
await e.TestEnforceExAsync("alice", "data2", "write", new List<string>());
await e.TestEnforceExAsync("bob", "data1", "write", new List<string>());
await e.TestEnforceExAsync("bob", "data2", "read", new List<string> { "data2_allow_group", "data2", "read", "allow" });
await e.TestEnforceExAsync("bob", "data2", "read",
new List<string> { "data2_allow_group", "data2", "read", "allow" });
await e.TestEnforceExAsync("bob", "data2", "write", new List<string> { "bob", "data2", "write", "deny" });
}

#if !NET452
[Fact]
public void TestEnforceExApiLog()
{
Enforcer e = new(TestModelFixture.GetBasicTestModel())
{
Logger = new MockLogger<Enforcer>(_testOutputHelper)
};
Enforcer e = new(TestModelFixture.GetBasicTestModel()) { Logger = new MockLogger<Enforcer>(_testOutputHelper) };

e.TestEnforceEx("alice", "data1", "read", new List<string> { "alice", "data1", "read" });
e.TestEnforceEx("alice", "data1", "write", new List<string>());
Expand Down
29 changes: 29 additions & 0 deletions Casbin.UnitTests/ModelTests/JsonValueTest.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#if !NET452 && !NET461 && !NET462
using Casbin.Model;
using DynamicExpresso;
using Xunit;

namespace Casbin.UnitTests.ModelTests;

public class JsonValueTest
{
[Fact]
public void GetJsonValueTest()
{
string json = "{\"name\":\"John\",\"age\":30,\"car\":null}";

var interpreter = new Interpreter();
interpreter.SetVariable("obj", new JsonValue(json));
object result = interpreter.Eval("obj.name");
Assert.Equal("John", result);

string arrayJson = "[{\"name\":\"John\"},{\"name\":\"Doe\"}]";

interpreter.SetVariable("array", new JsonValue(arrayJson));
object arrayResult = interpreter.Eval("array[0].name");
Assert.Equal("John", arrayResult);
}
}
#endif


Loading

0 comments on commit acd8715

Please # to comment.