diff --git a/Casbin.UnitTests/Examples/abac_not_using_policy_model.conf b/Casbin.UnitTests/Examples/abac_not_using_policy_model.conf new file mode 100644 index 0000000..64c708a --- /dev/null +++ b/Casbin.UnitTests/Examples/abac_not_using_policy_model.conf @@ -0,0 +1,11 @@ +[request_definition] +r = sub, obj, act + +[policy_definition] +p = sub, obj, act, eft + +[policy_effect] +e = some(where (p.eft == allow)) && !some(where (p.eft == deny)) + +[matchers] +m = r.sub == r.obj.Owner \ No newline at end of file diff --git a/Casbin.UnitTests/Examples/abac_rule_effect_policy.csv b/Casbin.UnitTests/Examples/abac_rule_effect_policy.csv new file mode 100644 index 0000000..bea9962 --- /dev/null +++ b/Casbin.UnitTests/Examples/abac_rule_effect_policy.csv @@ -0,0 +1,4 @@ +p, alice, /data1, read, deny +p, alice, /data1, write, allow +p, bob, /data2, write, deny +p, bob, /data2, read, allow \ No newline at end of file diff --git a/Casbin.UnitTests/Examples/abac_rule_policy.csv b/Casbin.UnitTests/Examples/abac_rule_policy.csv index e3dbc83..be29ded 100644 --- a/Casbin.UnitTests/Examples/abac_rule_policy.csv +++ b/Casbin.UnitTests/Examples/abac_rule_policy.csv @@ -1,2 +1,2 @@ p, r.sub.Age > 18, /data1, read -p, r.sub.Age < 60, /data2, write \ No newline at end of file +p, r.sub.Age < 60, /data2, write diff --git a/Casbin.UnitTests/Fixtures/TestModelFixture.cs b/Casbin.UnitTests/Fixtures/TestModelFixture.cs index d54b379..6cb4f60 100644 --- a/Casbin.UnitTests/Fixtures/TestModelFixture.cs +++ b/Casbin.UnitTests/Fixtures/TestModelFixture.cs @@ -102,6 +102,12 @@ public class TestModelFixture public static readonly string AbacWithDynamicValueTypeModelText = ReadTestFile("abac_with_dynamic_value_type_model.conf"); public static readonly string AbacWithDynamicValueTypePolicyText = ReadTestFile("abac_with_dynamic_value_type_policy.csv"); + // https://github.com/casbin/Casbin.NET/issues/364 + public static readonly string AbacNotUsingPolicyModelText = ReadTestFile("abac_not_using_policy_model.conf"); + public static readonly string AbacRuleEffectPolicyText = ReadTestFile("abac_rule_effect_policy.csv"); + public static readonly string AbacRuleModelText = ReadTestFile("abac_rule_model.conf"); + public static readonly string AbacRulePolicyText = ReadTestFile("abac_rule_policy.csv"); + public static IModel GetNewAbacModel() => GetNewTestModel(AbacModelText); public static IModel GetNewAbacWithEvalModel() => GetNewTestModel(AbacWithEvalModelText, AbacWithEvalPolicyText); diff --git a/Casbin.UnitTests/ModelTests/EnforcerTest.cs b/Casbin.UnitTests/ModelTests/EnforcerTest.cs index 50987a2..e67c298 100644 --- a/Casbin.UnitTests/ModelTests/EnforcerTest.cs +++ b/Casbin.UnitTests/ModelTests/EnforcerTest.cs @@ -731,22 +731,30 @@ public async Task TestInitEmptyByInputStreamAsync() public void TestReloadPolicy() { Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv"); - e.LoadPolicy(); - TestGetPolicy(e, - AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"), - AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write"))); + e.TestGetPolicy( + [ + ["alice", "data1", "read"], + ["bob", "data2", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ] + ); } [Fact] public async Task TestReloadPolicyAsync() { Enforcer e = new("Examples/rbac_model.conf", "Examples/rbac_policy.csv"); - await e.LoadPolicyAsync(); - TestGetPolicy(e, - AsList(AsList("alice", "data1", "read"), AsList("bob", "data2", "write"), - AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write"))); + e.TestGetPolicy( + [ + ["alice", "data1", "read"], + ["bob", "data2", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ] + ); } [Fact] @@ -880,7 +888,7 @@ public void TestEnableAutoSave() // Reload the policy from the storage to see the effect. e.LoadPolicy(); - Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here. + Assert.True(e.Enforce("alice", "data1", "read")); // Will not be false here. Assert.False(e.Enforce("alice", "data1", "write")); Assert.False(e.Enforce("alice", "data2", "read")); Assert.False(e.Enforce("alice", "data2", "write")); @@ -1068,11 +1076,13 @@ public async Task TestEnforceExApiAsync() e.BuildRoleLinks(); await e.TestEnforceExAsync("alice", "data1", "read", new List { "alice", "data1", "read", "allow" }); - await e.TestEnforceExAsync("alice", "data1", "write", new List { "data1_deny_group", "data1", "write", "deny" }); + await e.TestEnforceExAsync("alice", "data1", "write", + new List { "data1_deny_group", "data1", "write", "deny" }); await e.TestEnforceExAsync("alice", "data2", "read", new List()); await e.TestEnforceExAsync("alice", "data2", "write", new List()); await e.TestEnforceExAsync("bob", "data1", "write", new List()); - await e.TestEnforceExAsync("bob", "data2", "read", new List { "data2_allow_group", "data2", "read", "allow" }); + await e.TestEnforceExAsync("bob", "data2", "read", + new List { "data2_allow_group", "data2", "read", "allow" }); await e.TestEnforceExAsync("bob", "data2", "write", new List { "bob", "data2", "write", "deny" }); } @@ -1080,10 +1090,7 @@ public async Task TestEnforceExApiAsync() [Fact] public void TestEnforceExApiLog() { - Enforcer e = new(TestModelFixture.GetBasicTestModel()) - { - Logger = new MockLogger(_testOutputHelper) - }; + Enforcer e = new(TestModelFixture.GetBasicTestModel()) { Logger = new MockLogger(_testOutputHelper) }; e.TestEnforceEx("alice", "data1", "read", new List { "alice", "data1", "read" }); e.TestEnforceEx("alice", "data1", "write", new List()); diff --git a/Casbin.UnitTests/ModelTests/JsonValueTest.cs b/Casbin.UnitTests/ModelTests/JsonValueTest.cs new file mode 100644 index 0000000..64c92da --- /dev/null +++ b/Casbin.UnitTests/ModelTests/JsonValueTest.cs @@ -0,0 +1,29 @@ +#if !NET452 && !NET461 && !NET462 +using Casbin.Model; +using DynamicExpresso; +using Xunit; + +namespace Casbin.UnitTests.ModelTests; + +public class JsonValueTest +{ + [Fact] + public void GetJsonValueTest() + { + string json = "{\"name\":\"John\",\"age\":30,\"car\":null}"; + + var interpreter = new Interpreter(); + interpreter.SetVariable("obj", new JsonValue(json)); + object result = interpreter.Eval("obj.name"); + Assert.Equal("John", result); + + string arrayJson = "[{\"name\":\"John\"},{\"name\":\"Doe\"}]"; + + interpreter.SetVariable("array", new JsonValue(arrayJson)); + object arrayResult = interpreter.Eval("array[0].name"); + Assert.Equal("John", arrayResult); + } +} +#endif + + diff --git a/Casbin.UnitTests/ModelTests/ManagementApiTest.cs b/Casbin.UnitTests/ModelTests/ManagementApiTest.cs index f958a3c..4eb0c81 100644 --- a/Casbin.UnitTests/ModelTests/ManagementApiTest.cs +++ b/Casbin.UnitTests/ModelTests/ManagementApiTest.cs @@ -19,9 +19,9 @@ public void TestGetList() e.BuildRoleLinks(); Assert.True(e.GetAllSubjects().DeepEquals(new[] { "alice", "bob", "data2_admin" })); - Assert.True(e.GetAllObjects().DeepEquals(new[] { "data1", "data2" })); - Assert.True(e.GetAllActions().DeepEquals(new[] { "read", "write" })); - Assert.True(e.GetAllRoles().DeepEquals(new[] { "data2_admin" })); + Assert.True(e.GetAllObjects().DeepEquals(new[] { "data1", "data2" })); + Assert.True(e.GetAllActions().DeepEquals(new[] { "read", "write" })); + Assert.True(e.GetAllRoles().DeepEquals(new[] { "data2_admin" })); } [Fact] @@ -30,49 +30,54 @@ public void TestGetPolicyApi() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetPolicy(e, AsList( - AsList("alice", "data1", "read"), - AsList("bob", "data2", "write"), - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"))); + e.TestGetPolicy( + [ + ["alice", "data1", "read"], + ["bob", "data2", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ] + ); - TestGetFilteredPolicy(e, 0, AsList(AsList("alice", "data1", "read")), "alice"); - TestGetFilteredPolicy(e, 0, AsList(AsList("bob", "data2", "write")), "bob"); + TestGetFilteredPolicy(e, 0, [["alice", "data1", "read"]], "alice"); + TestGetFilteredPolicy(e, 0, [["bob", "data2", "write"]], "bob"); TestGetFilteredPolicy(e, 0, - AsList(AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")), "data2_admin"); - TestGetFilteredPolicy(e, 1, AsList(AsList("alice", "data1", "read")), "data1"); + [["data2_admin", "data2", "read"], ["data2_admin", "data2", "write"]], "data2_admin"); + TestGetFilteredPolicy(e, 1, [["alice", "data1", "read"]], "data1"); TestGetFilteredPolicy(e, 1, - AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write")), "data2"); + [ + ["bob", "data2", "write"], ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ], "data2"); TestGetFilteredPolicy(e, 2, - AsList(AsList("alice", "data1", "read"), AsList("data2_admin", "data2", "read")), "read"); + [["alice", "data1", "read"], ["data2_admin", "data2", "read"]], "read"); TestGetFilteredPolicy(e, 2, - AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "write")), "write"); + [["bob", "data2", "write"], ["data2_admin", "data2", "write"]], "write"); TestGetFilteredPolicy(e, 0, - AsList(AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")), "data2_admin", + [["data2_admin", "data2", "read"], ["data2_admin", "data2", "write"]], "data2_admin", "data2"); // Note: "" (empty string) in fieldValues means matching all values. - TestGetFilteredPolicy(e, 0, AsList(AsList("data2_admin", "data2", "read")), "data2_admin", "", "read"); + TestGetFilteredPolicy(e, 0, [["data2_admin", "data2", "read"]], "data2_admin", "", "read"); TestGetFilteredPolicy(e, 1, - AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "write")), "data2", "write"); + [["bob", "data2", "write"], ["data2_admin", "data2", "write"]], "data2", "write"); - Assert.True(e.HasPolicy(AsList("alice", "data1", "read"))); - Assert.True(e.HasPolicy(AsList("bob", "data2", "write"))); - Assert.False(e.HasPolicy(AsList("alice", "data2", "read"))); - Assert.False(e.HasPolicy(AsList("bob", "data3", "write"))); + Assert.True(e.HasPolicy(["alice", "data1", "read"])); + Assert.True(e.HasPolicy(["bob", "data2", "write"])); + Assert.False(e.HasPolicy(["alice", "data2", "read"])); + Assert.False(e.HasPolicy(["bob", "data3", "write"])); - Assert.True(e.GetGroupingPolicy().DeepEquals(AsList(AsList("alice", "data2_admin")))); + Assert.True(e.GetGroupingPolicy().DeepEquals([["alice", "data2_admin"]])); - TestGetFilteredGroupingPolicy(e, 0, AsList(AsList("alice", "data2_admin")), "alice"); + TestGetFilteredGroupingPolicy(e, 0, [["alice", "data2_admin"]], "alice"); TestGetFilteredGroupingPolicy(e, 0, [], "bob"); TestGetFilteredGroupingPolicy(e, 1, [], "data1_admin"); - TestGetFilteredGroupingPolicy(e, 1, AsList(AsList("alice", "data2_admin")), "data2_admin"); + TestGetFilteredGroupingPolicy(e, 1, [["alice", "data2_admin"]], "data2_admin"); // Note: "" (empty string) in fieldValues means matching all values. - TestGetFilteredGroupingPolicy(e, 0, AsList(AsList("alice", "data2_admin")), "", "data2_admin"); + TestGetFilteredGroupingPolicy(e, 0, [["alice", "data2_admin"]], "", "data2_admin"); - Assert.True(e.HasGroupingPolicy(AsList("alice", "data2_admin"))); - Assert.False(e.HasGroupingPolicy(AsList("bob", "data2_admin"))); + Assert.True(e.HasGroupingPolicy(["alice", "data2_admin"])); + Assert.False(e.HasGroupingPolicy(["bob", "data2_admin"])); } [Fact] @@ -81,11 +86,12 @@ public void TestModifyPolicy() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetPolicy(e, AsList( - AsList("alice", "data1", "read"), - AsList("bob", "data2", "write"), - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"))); + e.TestGetPolicy([ + ["alice", "data1", "read"], + ["bob", "data2", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ]); e.RemovePolicy("alice", "data1", "read"); e.RemovePolicy("bob", "data2", "write"); @@ -93,112 +99,116 @@ public void TestModifyPolicy() e.AddPolicy("eve", "data3", "read"); e.AddPolicy("eve", "data3", "read"); - List> rules = AsList( - AsList("jack", "data4", "read"), - AsList("jack", "data4", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("katy", "data4", "write"), - AsList("ham", "data4", "write") - ); + List> rules = + [ + ["jack", "data4", "read"], + ["jack", "data4", "read"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["katy", "data4", "write"], + ["katy", "data4", "write"], + ["ham", "data4", "write"] + ]; _ = e.AddPolicies(rules); _ = e.AddPolicies(rules); - TestGetPolicy(e, AsList( - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"), - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("ham", "data4", "write") - ) + e.TestGetPolicy([ + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"], + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["ham", "data4", "write"] + ] ); _ = e.RemovePolicies(rules); _ = e.RemovePolicies(rules); - List namedPolicy = AsList("eve", "data3", "read"); + List namedPolicy = ["eve", "data3", "read"]; e.RemoveNamedPolicy("p", namedPolicy); e.AddNamedPolicy("p", namedPolicy); - TestGetPolicy(e, AsList( - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"), - AsList("eve", "data3", "read"))); + e.TestGetPolicy([ + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"], + ["eve", "data3", "read"] + ]); e.RemoveFilteredPolicy(1, "data2"); - TestGetPolicy(e, AsList(AsList("eve", "data3", "read"))); + e.TestGetPolicy([["eve", "data3", "read"]]); e.RemoveFilteredPolicy(1); - TestGetPolicy(e, AsList(AsList("eve", "data3", "read"))); + e.TestGetPolicy([["eve", "data3", "read"]]); e.RemoveFilteredPolicy(1, ""); - TestGetPolicy(e, AsList(AsList("eve", "data3", "read"))); + e.TestGetPolicy([["eve", "data3", "read"]]); - bool res = e.UpdatePolicy(AsList("eve", "data3", "read"), AsList("eve", "data3", "write")); - TestGetPolicy(e, AsList(AsList("eve", "data3", "write"))); + bool res = e.UpdatePolicy(["eve", "data3", "read"], ["eve", "data3", "write"]); + e.TestGetPolicy([["eve", "data3", "write"]]); Assert.True(res); // This test shows that a non-existent policy will not be updated. - res = e.UpdatePolicy(AsList("non_exist", "data3", "write"), AsList("non_exist", "data3", "read")); - TestGetPolicy(e, AsList(AsList("eve", "data3", "write"))); + res = e.UpdatePolicy(["non_exist", "data3", "write"], ["non_exist", "data3", "read"]); + e.TestGetPolicy([["eve", "data3", "write"]]); Assert.False(res); e.AddPolicies(rules); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "write"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("ham", "data4", "write"))); - + e.TestGetPolicy([ + ["eve", "data3", "write"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["ham", "data4", "write"] + ]); res = e.UpdatePolicies( - AsList( - AsList("eve", "data3", "write"), - AsList("leyo", "data4", "read"), - AsList("katy", "data4", "write")), - AsList( - AsList("eve", "data3", "read"), - AsList("leyo", "data4", "write"), - AsList("katy", "data1", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [ + ["eve", "data3", "write"], + ["leyo", "data4", "read"], + ["katy", "data4", "write"] + ], + [ + ["eve", "data3", "read"], + ["leyo", "data4", "write"], + ["katy", "data1", "write"] + ]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.True(res); // This test shows that a non-existent policy in oldParameters will not be updated, so other existent ones // will be ignored and the return value will be False. res = e.UpdatePolicies( - AsList( - AsList("eve", "data3", "read"), AsList("non_exist", "data4", "read")), - AsList( - AsList("eve", "data3", "write"), AsList("non_exist", "data4", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [["eve", "data3", "read"], ["non_exist", "data4", "read"]], + [["eve", "data3", "write"], ["non_exist", "data4", "write"]]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.False(res); // If oldRules' length is not the same as newRules', no rules will be updated. res = e.UpdatePolicies( - AsList( - AsList("eve", "data3", "read"), AsList("leyo", "data4", "write")), - AsList(AsList("eve", "data3", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [["eve", "data3", "read"], ["leyo", "data4", "write"]], + [["eve", "data3", "write"]]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.False(res); } @@ -208,11 +218,14 @@ public async Task TestModifyPolicyAsync() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetPolicy(e, AsList( - AsList("alice", "data1", "read"), - AsList("bob", "data2", "write"), - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"))); + e.TestGetPolicy( + [ + ["alice", "data1", "read"], + ["bob", "data2", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ] + ); await e.RemovePolicyAsync("alice", "data1", "read"); await e.RemovePolicyAsync("bob", "data2", "write"); @@ -220,108 +233,125 @@ public async Task TestModifyPolicyAsync() await e.AddPolicyAsync("eve", "data3", "read"); await e.AddPolicyAsync("eve", "data3", "read"); - List> rules = AsList( - AsList("jack", "data4", "read"), - AsList("jack", "data4", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("katy", "data4", "write"), - AsList("ham", "data4", "write") - ); + List> rules = + [ + ["jack", "data4", "read"], + ["jack", "data4", "read"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["katy", "data4", "write"], + ["katy", "data4", "write"], + ["ham", "data4", "write"] + ]; _ = await e.AddPoliciesAsync(rules); _ = await e.AddPoliciesAsync(rules); - TestGetPolicy(e, AsList( - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"), - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("ham", "data4", "write") - ) + e.TestGetPolicy( + [ + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"], + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["ham", "data4", "write"] + ] ); _ = await e.RemovePoliciesAsync(rules); _ = await e.RemovePoliciesAsync(rules); - List namedPolicy = AsList("eve", "data3", "read"); + List namedPolicy = ["eve", "data3", "read"]; await e.RemoveNamedPolicyAsync("p", namedPolicy); await e.AddNamedPolicyAsync("p", namedPolicy); - TestGetPolicy(e, AsList( - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"), - AsList("eve", "data3", "read"))); + e.TestGetPolicy( + [ + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"], + ["eve", "data3", "read"] + ] + ); await e.RemoveFilteredPolicyAsync(1, "data2"); - TestGetPolicy(e, AsList(AsList("eve", "data3", "read"))); + e.TestGetPolicy( + [ + ["eve", "data3", "read"] + ] + ); + + bool res = await e.UpdatePolicyAsync(["eve", "data3", "read"], ["eve", "data3", "write"]); + e.TestGetPolicy( + [ + ["eve", "data3", "write"] + ] + ); - bool res = await e.UpdatePolicyAsync(AsList("eve", "data3", "read"), AsList("eve", "data3", "write")); - TestGetPolicy(e, AsList(AsList("eve", "data3", "write"))); Assert.True(res); // This test shows that a non-existent policy will not be updated. - res = await e.UpdatePolicyAsync(AsList("non_exist", "data3", "write"), - AsList("non_exist", "data3", "read")); - TestGetPolicy(e, AsList(AsList("eve", "data3", "write"))); + res = await e.UpdatePolicyAsync(["non_exist", "data3", "write"], + ["non_exist", "data3", "read"]); + e.TestGetPolicy([["eve", "data3", "write"]]); Assert.False(res); await e.AddPoliciesAsync(rules); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "write"), - AsList("jack", "data4", "read"), - AsList("katy", "data4", "write"), - AsList("leyo", "data4", "read"), - AsList("ham", "data4", "write"))); + e.TestGetPolicy([ + ["eve", "data3", "write"], + ["jack", "data4", "read"], + ["katy", "data4", "write"], + ["leyo", "data4", "read"], + ["ham", "data4", "write"] + ]); res = await e.UpdatePoliciesAsync( - AsList( - AsList("eve", "data3", "write"), - AsList("leyo", "data4", "read"), - AsList("katy", "data4", "write")), - AsList( - AsList("eve", "data3", "read"), - AsList("leyo", "data4", "write"), - AsList("katy", "data1", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [ + ["eve", "data3", "write"], + ["leyo", "data4", "read"], + ["katy", "data4", "write"] + ], + [ + ["eve", "data3", "read"], + ["leyo", "data4", "write"], + ["katy", "data1", "write"] + ]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.True(res); // This test shows that a non-existent policy in oldParameters will not be updated, so other existent ones // will be ignored and the return value will be False. res = await e.UpdatePoliciesAsync( - AsList( - AsList("eve", "data3", "read"), AsList("non_exist", "data4", "read")), - AsList( - AsList("eve", "data3", "write"), AsList("non_exist", "data4", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [["eve", "data3", "read"], ["non_exist", "data4", "read"]], + [["eve", "data3", "write"], ["non_exist", "data4", "write"]]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.False(res); // If oldRules' length is not the same as newRules', no rules will be updated. res = await e.UpdatePoliciesAsync( - AsList( - AsList("eve", "data3", "read"), AsList("leyo", "data4", "write")), - AsList(AsList("eve", "data3", "write"))); - TestGetPolicy(e, AsList( - AsList("eve", "data3", "read"), - AsList("jack", "data4", "read"), - AsList("katy", "data1", "write"), - AsList("leyo", "data4", "write"), - AsList("ham", "data4", "write"))); + [["eve", "data3", "read"], ["leyo", "data4", "write"]], + [["eve", "data3", "write"]]); + e.TestGetPolicy([ + ["eve", "data3", "read"], + ["jack", "data4", "read"], + ["katy", "data1", "write"], + ["leyo", "data4", "write"], + ["ham", "data4", "write"] + ]); Assert.False(res); } @@ -353,7 +383,8 @@ public void TestConcurrentModifyGroupingPolicy() Task.WaitAll(groupingRules.Select(rule => Task.Run(() => { - bool result = e.AddNamedGroupingPolicies(PermConstants.GroupingPolicyType2, new List> { rule }); + bool result = + e.AddNamedGroupingPolicies(PermConstants.GroupingPolicyType2, new List> { rule }); Assert.True(result); })).ToArray()); @@ -371,111 +402,114 @@ public void TestModifyGroupingPolicy() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "eve", AsList()); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "eve", []); + TestGetRoles(e, "non_exist", []); e.RemoveGroupingPolicy("alice", "data2_admin"); e.AddGroupingPolicy("bob", "data1_admin"); e.AddGroupingPolicy("eve", "data3_admin"); - List> groupingRules = AsList( - AsList("ham", "data4_admin"), - AsList("jack", "data5_admin") - ); + List> groupingRules = + [ + ["ham", "data4_admin"], + ["jack", "data5_admin"] + ]; _ = e.AddGroupingPolicies(groupingRules); - TestGetRoles(e, "ham", AsList("data4_admin")); - TestGetRoles(e, "jack", AsList("data5_admin")); + TestGetRoles(e, "ham", ["data4_admin"]); + TestGetRoles(e, "jack", ["data5_admin"]); _ = e.RemoveGroupingPolicies(groupingRules); - TestGetRoles(e, "alice", AsList()); + TestGetRoles(e, "alice", []); - List namedGroupingPolicy = AsList("alice", "data2_admin"); - TestGetRoles(e, "alice", AsList()); + List namedGroupingPolicy = ["alice", "data2_admin"]; + TestGetRoles(e, "alice", []); e.AddNamedGroupingPolicy("g", namedGroupingPolicy); - TestGetRoles(e, "alice", AsList("data2_admin")); + TestGetRoles(e, "alice", ["data2_admin"]); e.RemoveNamedGroupingPolicy("g", namedGroupingPolicy); e.AddNamedGroupingPolicies("g", groupingRules); e.AddNamedGroupingPolicies("g", groupingRules); - TestGetRoles(e, "ham", AsList("data4_admin")); - TestGetRoles(e, "jack", AsList("data5_admin")); + TestGetRoles(e, "ham", ["data4_admin"]); + TestGetRoles(e, "jack", ["data5_admin"]); e.RemoveNamedGroupingPolicies("g", groupingRules); e.RemoveNamedGroupingPolicies("g", groupingRules); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList("data1_admin")); - TestGetRoles(e, "eve", AsList("data3_admin")); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", ["data1_admin"]); + TestGetRoles(e, "eve", ["data3_admin"]); + TestGetRoles(e, "non_exist", []); - TestGetUsers(e, "data1_admin", AsList("bob")); - TestGetUsers(e, "data2_admin", AsList()); - TestGetUsers(e, "data3_admin", AsList("eve")); + TestGetUsers(e, "data1_admin", ["bob"]); + TestGetUsers(e, "data2_admin", []); + TestGetUsers(e, "data3_admin", ["eve"]); e.RemoveFilteredGroupingPolicy(0, "bob"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "eve", AsList("data3_admin")); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "eve", ["data3_admin"]); + TestGetRoles(e, "non_exist", []); - TestGetUsers(e, "data1_admin", AsList()); - TestGetUsers(e, "data2_admin", AsList()); - TestGetUsers(e, "data3_admin", AsList("eve")); + TestGetUsers(e, "data1_admin", []); + TestGetUsers(e, "data2_admin", []); + TestGetUsers(e, "data3_admin", ["eve"]); e.AddGroupingPolicy("data3_admin", "data4_admin"); - bool res = e.UpdateGroupingPolicy(AsList("eve", "data3_admin"), AsList("eve", "admin")); + bool res = e.UpdateGroupingPolicy(["eve", "data3_admin"], ["eve", "admin"]); Assert.True(res); - res = e.UpdateGroupingPolicy(AsList("data3_admin", "data4_admin"), AsList("admin", "data4_admin")); + res = e.UpdateGroupingPolicy(["data3_admin", "data4_admin"], ["admin", "data4_admin"]); Assert.True(res); - TestGetUsers(e, "data4_admin", AsList("admin")); - TestGetUsers(e, "admin", AsList("eve")); - TestGetRoles(e, "eve", AsList("admin")); - TestGetRoles(e, "admin", AsList("data4_admin")); + TestGetUsers(e, "data4_admin", ["admin"]); + TestGetUsers(e, "admin", ["eve"]); + TestGetRoles(e, "eve", ["admin"]); + TestGetRoles(e, "admin", ["data4_admin"]); - res = e.UpdateGroupingPolicy(AsList("non_exist", "data4_admin"), AsList("non_exist2", "data4_admin")); + res = e.UpdateGroupingPolicy(["non_exist", "data4_admin"], ["non_exist2", "data4_admin"]); Assert.False(res); - TestGetUsers(e, "data4_admin", AsList("admin")); + TestGetUsers(e, "data4_admin", ["admin"]); res = e.UpdateGroupingPolicies( - AsList( - AsList("eve", "admin"), - AsList("admin", "data4_admin")), - AsList( - AsList("eve", "admin_groups"), - AsList("admin", "data5_admin"))); + [ + ["eve", "admin"], + ["admin", "data4_admin"] + ], + [ + ["eve", "admin_groups"], + ["admin", "data5_admin"] + ]); Assert.True(res); - TestGetUsers(e, "data5_admin", AsList("admin")); - TestGetUsers(e, "admin_groups", AsList("eve")); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetUsers(e, "data5_admin", ["admin"]); + TestGetUsers(e, "admin_groups", ["eve"]); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); res = e.UpdateGroupingPolicies( - AsList( - AsList("admin", "data5_admin"), - AsList("non_exist", "admin_groups") - ), - AsList( - AsList("admin", "data6_admin"), - AsList("non_exist2", "admin_groups") - )); + [ + ["admin", "data5_admin"], + ["non_exist", "admin_groups"] + ], + [ + ["admin", "data6_admin"], + ["non_exist2", "admin_groups"] + ]); Assert.False(res); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); // If oldRules' length is not the same as newRules', no rules will be updated. res = e.UpdateGroupingPolicies( - AsList( - AsList("admin", "data5_admin"), - AsList("eve", "admin2_groups")), - AsList( - AsList("admin", "data6_admin"))); + [ + ["admin", "data5_admin"], + ["eve", "admin2_groups"] + ], + [["admin", "data6_admin"]]); Assert.False(res); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); } [Fact] @@ -484,112 +518,115 @@ public async Task TestModifyGroupingPolicyAsync() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "eve", AsList()); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "eve", []); + TestGetRoles(e, "non_exist", []); await e.RemoveGroupingPolicyAsync("alice", "data2_admin"); await e.AddGroupingPolicyAsync("bob", "data1_admin"); await e.AddGroupingPolicyAsync("eve", "data3_admin"); - List> groupingRules = AsList( - AsList("ham", "data4_admin"), - AsList("jack", "data5_admin") - ); + List> groupingRules = + [ + ["ham", "data4_admin"], + ["jack", "data5_admin"] + ]; _ = await e.AddGroupingPoliciesAsync(groupingRules); - TestGetRoles(e, "ham", AsList("data4_admin")); - TestGetRoles(e, "jack", AsList("data5_admin")); + TestGetRoles(e, "ham", ["data4_admin"]); + TestGetRoles(e, "jack", ["data5_admin"]); _ = await e.RemoveGroupingPoliciesAsync(groupingRules); - TestGetRoles(e, "alice", AsList()); - List namedGroupingPolicy = AsList("alice", "data2_admin"); - TestGetRoles(e, "alice", AsList()); + TestGetRoles(e, "alice", []); + List namedGroupingPolicy = ["alice", "data2_admin"]; + TestGetRoles(e, "alice", []); await e.AddNamedGroupingPolicyAsync("g", namedGroupingPolicy); - TestGetRoles(e, "alice", AsList("data2_admin")); + TestGetRoles(e, "alice", ["data2_admin"]); await e.RemoveNamedGroupingPolicyAsync("g", namedGroupingPolicy); await e.AddNamedGroupingPoliciesAsync("g", groupingRules); await e.AddNamedGroupingPoliciesAsync("g", groupingRules); - TestGetRoles(e, "ham", AsList("data4_admin")); - TestGetRoles(e, "jack", AsList("data5_admin")); + TestGetRoles(e, "ham", ["data4_admin"]); + TestGetRoles(e, "jack", ["data5_admin"]); await e.RemoveNamedGroupingPoliciesAsync("g", groupingRules); await e.RemoveNamedGroupingPoliciesAsync("g", groupingRules); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList("data1_admin")); - TestGetRoles(e, "eve", AsList("data3_admin")); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", ["data1_admin"]); + TestGetRoles(e, "eve", ["data3_admin"]); + TestGetRoles(e, "non_exist", []); - TestGetUsers(e, "data1_admin", AsList("bob")); - TestGetUsers(e, "data2_admin", AsList()); - TestGetUsers(e, "data3_admin", AsList("eve")); + TestGetUsers(e, "data1_admin", ["bob"]); + TestGetUsers(e, "data2_admin", []); + TestGetUsers(e, "data3_admin", ["eve"]); await e.RemoveFilteredGroupingPolicyAsync(0, "bob"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "eve", AsList("data3_admin")); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "eve", ["data3_admin"]); + TestGetRoles(e, "non_exist", []); - TestGetUsers(e, "data1_admin", AsList()); - TestGetUsers(e, "data2_admin", AsList()); - TestGetUsers(e, "data3_admin", AsList("eve")); + TestGetUsers(e, "data1_admin", []); + TestGetUsers(e, "data2_admin", []); + TestGetUsers(e, "data3_admin", ["eve"]); await e.AddGroupingPolicyAsync("data3_admin", "data4_admin"); - bool res = await e.UpdateGroupingPolicyAsync(AsList("eve", "data3_admin"), AsList("eve", "admin")); + bool res = await e.UpdateGroupingPolicyAsync(["eve", "data3_admin"], ["eve", "admin"]); Assert.True(res); - res = await e.UpdateGroupingPolicyAsync(AsList("data3_admin", "data4_admin"), - AsList("admin", "data4_admin")); + res = await e.UpdateGroupingPolicyAsync(["data3_admin", "data4_admin"], + ["admin", "data4_admin"]); Assert.True(res); - TestGetUsers(e, "data4_admin", AsList("admin")); - TestGetUsers(e, "admin", AsList("eve")); - TestGetRoles(e, "eve", AsList("admin")); - TestGetRoles(e, "admin", AsList("data4_admin")); + TestGetUsers(e, "data4_admin", ["admin"]); + TestGetUsers(e, "admin", ["eve"]); + TestGetRoles(e, "eve", ["admin"]); + TestGetRoles(e, "admin", ["data4_admin"]); - res = await e.UpdateGroupingPolicyAsync(AsList("non_exist", "data4_admin"), - AsList("non_exist2", "data4_admin")); + res = await e.UpdateGroupingPolicyAsync(["non_exist", "data4_admin"], + ["non_exist2", "data4_admin"]); Assert.False(res); - TestGetUsers(e, "data4_admin", AsList("admin")); + TestGetUsers(e, "data4_admin", ["admin"]); res = await e.UpdateGroupingPoliciesAsync( - AsList( - AsList("eve", "admin"), - AsList("admin", "data4_admin")), - AsList( - AsList("eve", "admin_groups"), - AsList("admin", "data5_admin"))); + [ + ["eve", "admin"], + ["admin", "data4_admin"] + ], + [ + ["eve", "admin_groups"], + ["admin", "data5_admin"] + ]); Assert.True(res); - TestGetUsers(e, "data5_admin", AsList("admin")); - TestGetUsers(e, "admin_groups", AsList("eve")); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetUsers(e, "data5_admin", ["admin"]); + TestGetUsers(e, "admin_groups", ["eve"]); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); res = await e.UpdateGroupingPoliciesAsync( - AsList( - AsList("admin", "data5_admin"), - AsList("non_exist", "admin_groups") - ), - AsList( - AsList("admin", "data6_admin"), - AsList("non_exist2", "admin_groups") - )); + [ + ["admin", "data5_admin"], + ["non_exist", "admin_groups"] + ], + [ + ["admin", "data6_admin"], + ["non_exist2", "admin_groups"] + ]); Assert.False(res); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); // If oldRules' length is not the same as newRules', no rules will be updated. res = await e.UpdateGroupingPoliciesAsync( - AsList( - AsList("admin", "data5_admin"), - AsList("eve", "admin2_groups")), - AsList( - AsList("admin", "data6_admin"))); + [ + ["admin", "data5_admin"], + ["eve", "admin2_groups"] + ], + [["admin", "data6_admin"]]); Assert.False(res); - TestGetRoles(e, "admin", AsList("data5_admin")); - TestGetRoles(e, "eve", AsList("admin_groups")); + TestGetRoles(e, "admin", ["data5_admin"]); + TestGetRoles(e, "eve", ["admin_groups"]); } [Fact] diff --git a/Casbin.UnitTests/ModelTests/ModelTest.cs b/Casbin.UnitTests/ModelTests/ModelTest.cs index 4e6a38f..67b9a0a 100644 --- a/Casbin.UnitTests/ModelTests/ModelTest.cs +++ b/Casbin.UnitTests/ModelTests/ModelTest.cs @@ -769,4 +769,53 @@ public void TestAbacWithDynamicValueType() Assert.True(e.Enforce(sub, obj2, "read")); Assert.False(e.Enforce(sub, obj3, "read")); } + +#if !NET452 && !NET461 && !NET462 && !NETSTANDARD + [Fact] + public void TestAbacJsonRequest() + { + Enforcer e = new(TestModelFixture.GetNewAbacModel()); + + JsonValue data1Json = new JsonValue("""{ "Name": "data1", "Owner": "alice"}"""); + JsonValue data2Json = new JsonValue("""{ "Name": "data2", "Owner": "bob"}"""); + + Assert.True(e.Enforce("alice", data1Json, "read")); + Assert.True(e.Enforce("alice", data1Json, "write")); + Assert.False(e.Enforce("alice", data2Json, "read")); + Assert.False(e.Enforce("alice", data2Json, "write")); + Assert.False(e.Enforce("bob", data1Json, "read")); + Assert.False(e.Enforce("bob", data1Json, "write")); + Assert.True(e.Enforce("bob", data2Json, "read")); + Assert.True(e.Enforce("bob", data2Json, "write")); + + e = new Enforcer(TestModelFixture.GetNewTestModel( + TestModelFixture.AbacNotUsingPolicyModelText, + TestModelFixture.AbacRuleEffectPolicyText)); + + Assert.True(e.Enforce("alice", data1Json, "read")); + Assert.True(e.Enforce("alice", data1Json, "write")); + Assert.False(e.Enforce("alice", data2Json, "read")); + Assert.False(e.Enforce("alice", data2Json, "write")); + + e = new Enforcer(TestModelFixture.GetNewTestModel( + TestModelFixture.AbacRuleModelText, + TestModelFixture.AbacRulePolicyText)); + JsonValue sub1Json = new JsonValue("""{ "Name": "alice", "Age": 16}"""); + JsonValue sub2Json = new JsonValue("""{ "Name": "alice", "Age": 20}"""); + JsonValue sub3Json = new JsonValue("""{ "Name": "alice", "Age": 65}"""); + + Assert.False(e.Enforce(sub1Json, "/data1", "read")); + Assert.False(e.Enforce(sub1Json, "/data2", "read")); + Assert.False(e.Enforce(sub1Json, "/data1", "write")); + Assert.True(e.Enforce(sub1Json, "/data2", "write")); + Assert.True(e.Enforce(sub2Json, "/data1", "read")); + Assert.False(e.Enforce(sub2Json, "/data2", "read")); + Assert.False(e.Enforce(sub2Json, "/data1", "write")); + Assert.True(e.Enforce(sub2Json, "/data2", "write")); + Assert.True(e.Enforce(sub3Json, "/data1", "read")); + Assert.False(e.Enforce(sub3Json, "/data2", "read")); + Assert.False(e.Enforce(sub3Json, "/data1", "write")); + Assert.False(e.Enforce(sub3Json, "/data2", "write")); + } +#endif } diff --git a/Casbin.UnitTests/ModelTests/RbacApiTest.cs b/Casbin.UnitTests/ModelTests/RbacApiTest.cs index b7def74..1ce2b69 100644 --- a/Casbin.UnitTests/ModelTests/RbacApiTest.cs +++ b/Casbin.UnitTests/ModelTests/RbacApiTest.cs @@ -8,9 +8,9 @@ namespace Casbin.UnitTests.ModelTests; [Collection("Model collection")] public class RbacApiTest { - private readonly TestModelFixture TestModelFixture; + private readonly TestModelFixture _testModelFixture; - public RbacApiTest(TestModelFixture testModelFixture) => TestModelFixture = testModelFixture; + public RbacApiTest(TestModelFixture testModelFixture) => _testModelFixture = testModelFixture; [Fact] public void TestRoleApi() @@ -18,38 +18,38 @@ public void TestRoleApi() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); + TestGetRoles(e, "non_exist", []); Assert.False(e.HasRoleForUser("alice", "data1_admin")); Assert.True(e.HasRoleForUser("alice", "data2_admin")); e.AddRoleForUser("alice", "data1_admin"); - TestGetRoles(e, "alice", AsList("data1_admin", "data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", ["data1_admin", "data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); e.DeleteRoleForUser("alice", "data1_admin"); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); e.DeleteRolesForUser("alice"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); e.AddRoleForUser("alice", "data1_admin"); e.DeleteUser("alice"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); e.AddRoleForUser("alice", "data2_admin"); @@ -82,38 +82,38 @@ public async Task TestRoleApiAsync() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); - TestGetRoles(e, "non_exist", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); + TestGetRoles(e, "non_exist", []); Assert.False(e.HasRoleForUser("alice", "data1_admin")); Assert.True(e.HasRoleForUser("alice", "data2_admin")); await e.AddRoleForUserAsync("alice", "data1_admin"); - TestGetRoles(e, "alice", AsList("data1_admin", "data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", ["data1_admin", "data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); await e.DeleteRoleForUserAsync("alice", "data1_admin"); - TestGetRoles(e, "alice", AsList("data2_admin")); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", ["data2_admin"]); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); await e.DeleteRolesForUserAsync("alice"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); await e.AddRoleForUserAsync("alice", "data1_admin"); await e.DeleteUserAsync("alice"); - TestGetRoles(e, "alice", AsList()); - TestGetRoles(e, "bob", AsList()); - TestGetRoles(e, "data2_admin", AsList()); + TestGetRoles(e, "alice", []); + TestGetRoles(e, "bob", []); + TestGetRoles(e, "data2_admin", []); await e.AddRoleForUserAsync("alice", "data2_admin"); @@ -149,52 +149,54 @@ public void TestRoleApiWithDomains() Assert.True(e.HasRoleForUser("alice", "admin", "domain1")); Assert.False(e.HasRoleForUser("alice", "admin", "domain2")); - TestGetRoles(e, "alice", AsList("admin"), "domain1"); - TestGetRoles(e, "bob", AsList(), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", ["admin"], "domain1"); + TestGetRoles(e, "bob", [], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); _ = e.DeleteRoleForUser("alice", "admin", "domain1"); _ = e.AddRoleForUser("bob", "admin", "domain1"); - TestGetRoles(e, "alice", AsList(), "domain1"); - TestGetRoles(e, "bob", AsList("admin"), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", [], "domain1"); + TestGetRoles(e, "bob", ["admin"], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); _ = e.AddRoleForUser("alice", "admin", "domain1"); _ = e.DeleteRolesForUser("bob", "domain1"); - TestGetRoles(e, "alice", AsList("admin"), "domain1"); - TestGetRoles(e, "bob", AsList(), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", ["admin"], "domain1"); + TestGetRoles(e, "bob", [], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); - _ = e.AddRolesForUser("bob", AsList("admin", "admin1", "admin2"), "domain1"); + _ = e.AddRolesForUser("bob", ["admin", "admin1", "admin2"], "domain1"); - TestGetRoles(e, "bob", AsList("admin", "admin1", "admin2"), "domain1"); + TestGetRoles(e, "bob", ["admin", "admin1", "admin2"], "domain1"); - TestGetPermissions(e, "admin", AsList( - AsList("admin", "domain1", "data1", "read"), - AsList("admin", "domain1", "data1", "write")), + TestGetPermissions(e, "admin", [ + ["admin", "domain1", "data1", "read"], + ["admin", "domain1", "data1", "write"] + ], "domain1"); - TestGetPermissions(e, "admin", AsList( - AsList("admin", "domain2", "data2", "read"), - AsList("admin", "domain2", "data2", "write")), + TestGetPermissions(e, "admin", [ + ["admin", "domain2", "data2", "read"], + ["admin", "domain2", "data2", "write"] + ], "domain2"); } @@ -207,52 +209,54 @@ public async Task TestRoleApiWithDomainsAsync() Assert.True(e.HasRoleForUser("alice", "admin", "domain1")); Assert.False(e.HasRoleForUser("alice", "admin", "domain2")); - TestGetRoles(e, "alice", AsList("admin"), "domain1"); - TestGetRoles(e, "bob", AsList(), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", ["admin"], "domain1"); + TestGetRoles(e, "bob", [], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); _ = await e.DeleteRoleForUserAsync("alice", "admin", "domain1"); _ = await e.AddRoleForUserAsync("bob", "admin", "domain1"); - TestGetRoles(e, "alice", AsList(), "domain1"); - TestGetRoles(e, "bob", AsList("admin"), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", [], "domain1"); + TestGetRoles(e, "bob", ["admin"], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); _ = await e.AddRoleForUserAsync("alice", "admin", "domain1"); _ = await e.DeleteRolesForUserAsync("bob", "domain1"); - TestGetRoles(e, "alice", AsList("admin"), "domain1"); - TestGetRoles(e, "bob", AsList(), "domain1"); - TestGetRoles(e, "admin", AsList(), "domain1"); - TestGetRoles(e, "non_exist", AsList(), "domain1"); - TestGetRoles(e, "alice", AsList(), "domain2"); - TestGetRoles(e, "bob", AsList("admin"), "domain2"); - TestGetRoles(e, "admin", AsList(), "domain2"); - TestGetRoles(e, "non_exist", AsList(), "domain2"); + TestGetRoles(e, "alice", ["admin"], "domain1"); + TestGetRoles(e, "bob", [], "domain1"); + TestGetRoles(e, "admin", [], "domain1"); + TestGetRoles(e, "non_exist", [], "domain1"); + TestGetRoles(e, "alice", [], "domain2"); + TestGetRoles(e, "bob", ["admin"], "domain2"); + TestGetRoles(e, "admin", [], "domain2"); + TestGetRoles(e, "non_exist", [], "domain2"); - _ = await e.AddRolesForUserAsync("bob", AsList("admin", "admin1", "admin2"), "domain1"); + _ = await e.AddRolesForUserAsync("bob", ["admin", "admin1", "admin2"], "domain1"); - TestGetRoles(e, "bob", AsList("admin", "admin1", "admin2"), "domain1"); + TestGetRoles(e, "bob", ["admin", "admin1", "admin2"], "domain1"); - TestGetPermissions(e, "admin", AsList( - AsList("admin", "domain1", "data1", "read"), - AsList("admin", "domain1", "data1", "write")), + TestGetPermissions(e, "admin", [ + ["admin", "domain1", "data1", "read"], + ["admin", "domain1", "data1", "write"] + ], "domain1"); - TestGetPermissions(e, "admin", AsList( - AsList("admin", "domain2", "data2", "read"), - AsList("admin", "domain2", "data2", "write")), + TestGetPermissions(e, "admin", [ + ["admin", "domain2", "data2", "read"], + ["admin", "domain2", "data2", "write"] + ], "domain2"); } @@ -262,14 +266,14 @@ public void TestAddRolesForUser() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - _ = e.AddRolesForUser("alice", AsList("data1_admin", "data2_admin", "data3_admin")); + _ = e.AddRolesForUser("alice", ["data1_admin", "data2_admin", "data3_admin"]); // The "alice" already has "data2_admin" , it will be return false. So "alice" just has "data2_admin". - TestGetRoles(e, "alice", AsList("data2_admin")); + TestGetRoles(e, "alice", ["data2_admin"]); // delete role _ = e.DeleteRoleForUser("alice", "data2_admin"); - _ = e.AddRolesForUser("alice", AsList("data1_admin", "data2_admin", "data3_admin")); - TestGetRoles(e, "alice", AsList("data1_admin", "data2_admin", "data3_admin")); + _ = e.AddRolesForUser("alice", ["data1_admin", "data2_admin", "data3_admin"]); + TestGetRoles(e, "alice", ["data1_admin", "data2_admin", "data3_admin"]); Assert.True(e.Enforce("alice", "data1", "read")); Assert.True(e.Enforce("alice", "data2", "read")); Assert.True(e.Enforce("alice", "data2", "write")); @@ -281,14 +285,14 @@ public async Task TestAddRolesForUserAsync() Enforcer e = new(TestModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); - _ = await e.AddRolesForUserAsync("alice", AsList("data1_admin", "data2_admin", "data3_admin")); + _ = await e.AddRolesForUserAsync("alice", ["data1_admin", "data2_admin", "data3_admin"]); // The "alice" already has "data2_admin" , it will be return false. So "alice" just has "data2_admin". - TestGetRoles(e, "alice", AsList("data2_admin")); + TestGetRoles(e, "alice", ["data2_admin"]); // delete role _ = await e.DeleteRoleForUserAsync("alice", "data2_admin"); - _ = await e.AddRolesForUserAsync("alice", AsList("data1_admin", "data2_admin", "data3_admin")); - TestGetRoles(e, "alice", AsList("data1_admin", "data2_admin", "data3_admin")); + _ = await e.AddRolesForUserAsync("alice", ["data1_admin", "data2_admin", "data3_admin"]); + TestGetRoles(e, "alice", ["data1_admin", "data2_admin", "data3_admin"]); Assert.True(await e.EnforceAsync("alice", "data1", "read")); Assert.True(await e.EnforceAsync("alice", "data2", "read")); Assert.True(await e.EnforceAsync("alice", "data2", "write")); @@ -305,8 +309,8 @@ public void TestPermissionApi() Assert.False(e.Enforce("bob", "read")); Assert.True(e.Enforce("bob", "write")); - TestGetPermissions(e, "alice", AsList(AsList("alice", "read"))); - TestGetPermissions(e, "bob", AsList(AsList("bob", "write"))); + TestGetPermissions(e, "alice", [["alice", "read"]]); + TestGetPermissions(e, "bob", [["bob", "write"]]); Assert.True(e.HasPermissionForUser("alice", "read")); Assert.False(e.HasPermissionForUser("alice", "write")); @@ -353,8 +357,8 @@ public async Task TestPermissionApiAsync() Assert.False(await e.EnforceAsync("bob", "read")); Assert.True(await e.EnforceAsync("bob", "write")); - TestGetPermissions(e, "alice", AsList(AsList("alice", "read"))); - TestGetPermissions(e, "bob", AsList(AsList("bob", "write"))); + TestGetPermissions(e, "alice", [["alice", "read"]]); + TestGetPermissions(e, "bob", [["bob", "write"]]); Assert.True(e.HasPermissionForUser("alice", "read")); Assert.False(e.HasPermissionForUser("alice", "write")); @@ -398,19 +402,17 @@ public void TestGetImplicitPermissionsForUser() TestModelFixture.RbacWithHierarchyPolicyText)); e.BuildRoleLinks(); - TestGetPermissions(e, "alice", AsList( - AsList("alice", "data1", "read"))); - TestGetPermissions(e, "bob", AsList( - AsList("bob", "data2", "write"))); - - TestGetImplicitPermissions(e, "alice", AsList( - AsList("alice", "data1", "read"), - AsList("data1_admin", "data1", "read"), - AsList("data1_admin", "data1", "write"), - AsList("data2_admin", "data2", "read"), - AsList("data2_admin", "data2", "write"))); - TestGetImplicitPermissions(e, "bob", AsList( - AsList("bob", "data2", "write"))); + TestGetPermissions(e, "alice", [["alice", "data1", "read"]]); + TestGetPermissions(e, "bob", [["bob", "data2", "write"]]); + + TestGetImplicitPermissions(e, "alice", [ + ["alice", "data1", "read"], + ["data1_admin", "data1", "read"], + ["data1_admin", "data1", "write"], + ["data2_admin", "data2", "read"], + ["data2_admin", "data2", "write"] + ]); + TestGetImplicitPermissions(e, "bob", [["bob", "data2", "write"]]); } [Fact] @@ -421,10 +423,11 @@ public void TestGetImplicitPermissionsForUserWithDomain() TestModelFixture.RbacWithHierarchyWithDomainsPolicyText)); e.BuildRoleLinks(); - TestGetImplicitPermissions(e, "alice", AsList( - AsList("alice", "domain1", "data2", "read"), - AsList("role:reader", "domain1", "data1", "read"), - AsList("role:writer", "domain1", "data1", "write")), + TestGetImplicitPermissions(e, "alice", [ + ["alice", "domain1", "data2", "read"], + ["role:reader", "domain1", "data1", "read"], + ["role:writer", "domain1", "data1", "write"] + ], "domain1"); } @@ -438,13 +441,11 @@ public void GetImplicitRolesForUser() e.BuildRoleLinks(); // Assert - TestGetPermissions(e, "alice", AsList( - AsList("alice", "data1", "read"))); - TestGetPermissions(e, "bob", AsList( - AsList("bob", "data2", "write"))); + TestGetPermissions(e, "alice", [["alice", "data1", "read"]]); + TestGetPermissions(e, "bob", [["bob", "data2", "write"]]); Assert.Equal(["admin", "data1_admin", "data2_admin"], e.GetImplicitRolesForUser("alice")); - Assert.Equal(new string[0], + Assert.Equal([], e.GetImplicitRolesForUser("bob")); } diff --git a/Casbin.UnitTests/ModelTests/RbacApiWithDomainsTest.cs b/Casbin.UnitTests/ModelTests/RbacApiWithDomainsTest.cs index f030c4b..1166674 100644 --- a/Casbin.UnitTests/ModelTests/RbacApiWithDomainsTest.cs +++ b/Casbin.UnitTests/ModelTests/RbacApiWithDomainsTest.cs @@ -35,10 +35,10 @@ public void TestGetRolesFromUserWithDomains() e.BuildRoleLinks(); // This is only able to retrieve the first level of roles. - TestGetRolesInDomain(e, "alice", "domain1", AsList("role:global_admin")); + TestGetRolesInDomain(e, "alice", "domain1", ["role:global_admin"]); // Retrieve all inherit roles. It supports domains as well. - TestGetImplicitRolesInDomain(e, "alice", "domain1", AsList("role:global_admin", "role:reader", "role:writer")); + TestGetImplicitRolesInDomain(e, "alice", "domain1", ["role:global_admin", "role:reader", "role:writer"]); } [Fact] @@ -47,28 +47,28 @@ public void TestRoleApiWithDomains() Enforcer e = new(TestModelFixture.GetNewRbacWithDomainsTestModel()); e.BuildRoleLinks(); - TestGetRolesInDomain(e, "alice", "domain1", AsList("admin")); - TestGetRolesInDomain(e, "bob", "domain1", AsList()); - TestGetRolesInDomain(e, "admin", "domain1", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain1", AsList()); + TestGetRolesInDomain(e, "alice", "domain1", ["admin"]); + TestGetRolesInDomain(e, "bob", "domain1", []); + TestGetRolesInDomain(e, "admin", "domain1", []); + TestGetRolesInDomain(e, "non_exist", "domain1", []); - TestGetRolesInDomain(e, "alice", "domain2", AsList()); - TestGetRolesInDomain(e, "bob", "domain2", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain2", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain2", AsList()); + TestGetRolesInDomain(e, "alice", "domain2", []); + TestGetRolesInDomain(e, "bob", "domain2", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain2", []); + TestGetRolesInDomain(e, "non_exist", "domain2", []); e.DeleteRoleForUserInDomain("alice", "admin", "domain1"); e.AddRoleForUserInDomain("bob", "admin", "domain1"); - TestGetRolesInDomain(e, "alice", "domain1", AsList()); - TestGetRolesInDomain(e, "bob", "domain1", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain1", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain1", AsList()); + TestGetRolesInDomain(e, "alice", "domain1", []); + TestGetRolesInDomain(e, "bob", "domain1", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain1", []); + TestGetRolesInDomain(e, "non_exist", "domain1", []); - TestGetRolesInDomain(e, "alice", "domain2", AsList()); - TestGetRolesInDomain(e, "bob", "domain2", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain2", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain2", AsList()); + TestGetRolesInDomain(e, "alice", "domain2", []); + TestGetRolesInDomain(e, "bob", "domain2", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain2", []); + TestGetRolesInDomain(e, "non_exist", "domain2", []); } [Fact] @@ -77,27 +77,27 @@ public async Task TestRoleApiWithDomainsAsync() Enforcer e = new(TestModelFixture.GetNewRbacWithDomainsTestModel()); e.BuildRoleLinks(); - TestGetRolesInDomain(e, "alice", "domain1", AsList("admin")); - TestGetRolesInDomain(e, "bob", "domain1", AsList()); - TestGetRolesInDomain(e, "admin", "domain1", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain1", AsList()); + TestGetRolesInDomain(e, "alice", "domain1", ["admin"]); + TestGetRolesInDomain(e, "bob", "domain1", []); + TestGetRolesInDomain(e, "admin", "domain1", []); + TestGetRolesInDomain(e, "non_exist", "domain1", []); - TestGetRolesInDomain(e, "alice", "domain2", AsList()); - TestGetRolesInDomain(e, "bob", "domain2", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain2", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain2", AsList()); + TestGetRolesInDomain(e, "alice", "domain2", []); + TestGetRolesInDomain(e, "bob", "domain2", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain2", []); + TestGetRolesInDomain(e, "non_exist", "domain2", []); await e.DeleteRoleForUserInDomainAsync("alice", "admin", "domain1"); await e.AddRoleForUserInDomainAsync("bob", "admin", "domain1"); - TestGetRolesInDomain(e, "alice", "domain1", AsList()); - TestGetRolesInDomain(e, "bob", "domain1", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain1", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain1", AsList()); + TestGetRolesInDomain(e, "alice", "domain1", []); + TestGetRolesInDomain(e, "bob", "domain1", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain1", []); + TestGetRolesInDomain(e, "non_exist", "domain1", []); - TestGetRolesInDomain(e, "alice", "domain2", AsList()); - TestGetRolesInDomain(e, "bob", "domain2", AsList("admin")); - TestGetRolesInDomain(e, "admin", "domain2", AsList()); - TestGetRolesInDomain(e, "non_exist", "domain2", AsList()); + TestGetRolesInDomain(e, "alice", "domain2", []); + TestGetRolesInDomain(e, "bob", "domain2", ["admin"]); + TestGetRolesInDomain(e, "admin", "domain2", []); + TestGetRolesInDomain(e, "non_exist", "domain2", []); } } diff --git a/Casbin.UnitTests/Util/TestUtil.cs b/Casbin.UnitTests/Util/TestUtil.cs index 1a741f2..8de1e43 100644 --- a/Casbin.UnitTests/Util/TestUtil.cs +++ b/Casbin.UnitTests/Util/TestUtil.cs @@ -5,17 +5,15 @@ using Casbin.Rbac; using Casbin.Util; using Xunit; + // ReSharper disable PossibleMultipleEnumeration namespace Casbin.UnitTests.Util; internal static class TestUtil { - internal static List AsList(params T[] values) => values.ToList(); - - internal static List AsList(params string[] values) => values.ToList(); - - internal static void TestBatchEnforce(this IEnforcer e, IEnumerable<(T, bool)> values) where T : IRequestValues => + internal static void TestBatchEnforce(this IEnforcer e, IEnumerable<(T, bool)> values) + where T : IRequestValues => Assert.True(values.Select(x => x.Item2).SequenceEqual(e.BatchEnforce(values.Select(x => x.Item1)))); internal static void TestParallelBatchEnforce(Enforcer e, IEnumerable<(T, bool)> values) @@ -49,12 +47,14 @@ internal static void TestBatchEnforceWithMatcher(this IEnforcer e, string mat Assert.True(values.Select(x => x.Item2) .SequenceEqual(e.BatchEnforceWithMatcher(matcher, values.Select(x => x.Item1)))); - internal static void TestBatchEnforceWithMatcherParallel(this Enforcer e, string matcher, IEnumerable<(T, bool)> values) + internal static void TestBatchEnforceWithMatcherParallel(this Enforcer e, string matcher, + IEnumerable<(T, bool)> values) where T : IRequestValues => Assert.True(values.Select(x => x.Item2) .SequenceEqual(e.BatchEnforceWithMatcherParallel(matcher, values.Select(x => x.Item1).ToList()))); - internal static async void TestBatchEnforceWithMatcherAsync(IEnforcer e, string matcher, IEnumerable<(T, bool)> values) + internal static async void TestBatchEnforceWithMatcherAsync(IEnforcer e, string matcher, + IEnumerable<(T, bool)> values) where T : IRequestValues { #if !NET452 @@ -81,7 +81,8 @@ internal static void TestEnforceEx(this IEnforcer e, T1 sub, T2 obj, Assert.True(except.SetEquals(explains.FirstOrDefault() ?? [])); } - internal static async Task TestEnforceExAsync(this IEnforcer e, T1 sub, T2 obj, T3 act, List except) + internal static async Task TestEnforceExAsync(this IEnforcer e, T1 sub, T2 obj, T3 act, + List except) { List> explains = (await e.EnforceExAsync(sub, obj, act)).Item2.ToList(); Assert.True(except.SetEquals(explains.FirstOrDefault() ?? [])); @@ -101,7 +102,7 @@ internal static async Task TestEnforceExWithMatcherAsync(this IEnfor Assert.True(except.SetEquals(explains.FirstOrDefault() ?? [])); } - internal static void TestGetPolicy(IEnforcer e, List> except) + internal static void TestGetPolicy(this IEnforcer e, List> except) { IEnumerable> actual = e.GetPolicy(); Assert.True(except.DeepEquals(actual)); @@ -165,13 +166,15 @@ internal static void TestGetImplicitRolesInDomain(IEnforcer e, string name, stri } #region RoleManager test + internal static void TestGetRoles(IRoleManager roleManager, string name, List except) { List actual = roleManager.GetRoles(name).ToList(); Assert.True(except.SetEquals(actual)); } - internal static void TestGetRolesWithDomain(IRoleManager roleManager, string name, string domain, List except) + internal static void TestGetRolesWithDomain(IRoleManager roleManager, string name, string domain, + List except) { List actual = roleManager.GetRoles(name, domain).ToList(); Assert.True(except.SetEquals(actual)); diff --git a/Casbin/Abstractions/IEnforcer.cs b/Casbin/Abstractions/IEnforcer.cs index 4d2f8d5..21226fe 100644 --- a/Casbin/Abstractions/IEnforcer.cs +++ b/Casbin/Abstractions/IEnforcer.cs @@ -81,6 +81,7 @@ public BatchEnforceAsyncResults BatchEnforceAsync(EnforceContext conte public bool AutoBuildRoleLinks { get; set; } public bool AutoNotifyWatcher { get; set; } public bool AutoCleanEnforceCache { get; set; } + public bool AcceptJsonRequest { get; set; } #endregion diff --git a/Casbin/EnforceOptions.cs b/Casbin/EnforceOptions.cs index 61721d3..6b3310b 100644 --- a/Casbin/EnforceOptions.cs +++ b/Casbin/EnforceOptions.cs @@ -11,6 +11,8 @@ public class EnforcerOptions public bool AutoCleanEnforceCache { get; set; } = true; public bool AutoLoadPolicy { get; set; } = true; public IPolicyFilter AutoLoadPolicyFilter { get; set; } = null; + + public bool AcceptJsonRequest { get; set; } = false; } diff --git a/Casbin/Enforcer.Internal.cs b/Casbin/Enforcer.Internal.cs index fee0427..5f06f8a 100644 --- a/Casbin/Enforcer.Internal.cs +++ b/Casbin/Enforcer.Internal.cs @@ -80,7 +80,7 @@ private bool InternalEnforce(in EnforceContext context, in TR session.HasNextPolicy = scanner.HasNext(); HandleInitialRequest(in context, ref session, in requestValues); - if (context.View.HasPolicyParameter && session.HasNextPolicy) + if (session.HasNextPolicy && context.View.HasPolicyParameter) { try { @@ -281,7 +281,9 @@ private static void HandleExpressionResult( nowEffect = GetEffect(session.ExpressionResult); - if (nowEffect is not PolicyEffect.Indeterminate && context.View.HasEffect) + if (nowEffect is not PolicyEffect.Indeterminate + && context.View.HasEffect + && context.View.HasPolicyParameter) { string policyEffect = policy[context.View.EffectIndex]; nowEffect = policyEffect switch diff --git a/Casbin/Enforcer.cs b/Casbin/Enforcer.cs index 14a204a..4cadf7f 100644 --- a/Casbin/Enforcer.cs +++ b/Casbin/Enforcer.cs @@ -36,6 +36,7 @@ public Enforcer(IModel model, IReadOnlyAdapter adapter = default, EnforcerOption AutoNotifyWatcher = options.AutoNotifyWatcher; AutoBuildRoleLinks = options.AutoBuildRoleLinks; AutoCleanEnforceCache = options.AutoCleanEnforceCache; + AcceptJsonRequest = options.AcceptJsonRequest; this.SetModel(model); if (adapter is not null) @@ -65,6 +66,7 @@ public Enforcer(IModel model, IReadOnlyAdapter adapter = default, EnforcerOption public bool AutoBuildRoleLinks { get; set; } public bool AutoNotifyWatcher { get; set; } public bool AutoCleanEnforceCache { get; set; } + public bool AcceptJsonRequest { get; set; } #endregion diff --git a/Casbin/Extensions/Enforcer/EnforcerExtension.cs b/Casbin/Extensions/Enforcer/EnforcerExtension.cs index a5b0880..b52d675 100644 --- a/Casbin/Extensions/Enforcer/EnforcerExtension.cs +++ b/Casbin/Extensions/Enforcer/EnforcerExtension.cs @@ -417,7 +417,6 @@ internal static void LogEnforceResult(this IEnforcer enforcer, in Enfo enforcer.Logger?.LogEnforceResult(requestValues, finalResult, context.Explanations); return; } - enforcer.Logger?.LogEnforceResult(requestValues, finalResult); } #endif diff --git a/Casbin/Model/JsonValue.cs b/Casbin/Model/JsonValue.cs new file mode 100644 index 0000000..51e6341 --- /dev/null +++ b/Casbin/Model/JsonValue.cs @@ -0,0 +1,63 @@ +#if !NET452 && !NET461 && !NET462 && !NETSTANDARD +using System; +using System.Dynamic; +using System.Text.Json; + +namespace Casbin.Model; + +internal class JsonValue : DynamicObject +{ + private readonly JsonElement _element; + + public JsonValue(string json) : + this(JsonDocument.Parse(json).RootElement) + { + } + + private JsonValue(JsonElement element) + { + _element = element; + } + + public override bool TryGetMember(GetMemberBinder binder, out object result) + { + if (_element.ValueKind != JsonValueKind.Object) + { + result = null; + return false; + } + + if (_element.TryGetProperty(binder.Name, out var value)) + { + result = GetValue(value); + return true; + } + + result = null; + return false; + } + + public object this[int index] => GetValue(_element[index]); + + public override string ToString() + { + return _element.ToString(); + } + + private static object GetValue(JsonElement element) + { + return element.ValueKind switch + { + JsonValueKind.Object => new JsonValue(element), + JsonValueKind.Array => new JsonValue(element), + JsonValueKind.String => element.GetString(), + JsonValueKind.Number => element.GetInt32(), + JsonValueKind.True => true, + JsonValueKind.False => false, + JsonValueKind.Null => null, + JsonValueKind.Undefined => null, + _ => throw new InvalidOperationException(), + }; + } +} +#endif