feat: improve the synced enforcer like Go casbin (#248)

casbin · May 1, 2024 · abf9092 · abf9092
1 parent eb321d7
commit abf9092
Show file tree

Hide file tree

Showing 3 changed files with 135 additions and 2 deletions.
diff --git a/casbin/enforcer_synced.cpp b/casbin/enforcer_synced.cpp
@@ -513,6 +513,81 @@ bool SyncedEnforcer ::RemoveFilteredNamedGroupingPolicy(const std::string& ptype
     return Enforcer::RemoveFilteredNamedGroupingPolicy(ptype, fieldIndex, fieldValues);
 }
 
+// GetAllActions gets the list of actions that show up in the current policy.
+std::vector<std::string> SyncedEnforcer::GetAllActions() {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::GetAllActions();
+}
+
+// GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
+PoliciesValues SyncedEnforcer::GetFilteredPolicy(int fieldIndex, std::vector<std::string> fieldValues) {
+   std::unique_lock<std::shared_mutex> lock(policyMutex);
+   return Enforcer::GetFilteredPolicy(fieldIndex, fieldValues);
+}
+
+// EnforceExWithMatcher use a custom matcher and explain enforcement by informing matched rules.
+bool SyncedEnforcer::SyncedEnforceExWithMatcher(const std::string& matcher, std::shared_ptr<IEvaluator> evalator, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceExWithMatcher(matcher, evalator, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceExWithMatcher(const std::string& matcher, const DataList& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceExWithMatcher(matcher, params, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceExWithMatcher(const std::string& matcher, const DataVector& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceExWithMatcher(matcher, params, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceExWithMatcher(const std::string& matcher, const DataMap& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceExWithMatcher(matcher, params, explain);
+}
+
+// EnforceEx explain enforcement by informing matched rules.
+bool SyncedEnforcer::SyncedEnforceEx(std::shared_ptr<IEvaluator> evalator, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceEx(evalator, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceEx(const DataList& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceEx(params, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceEx(const DataVector& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceEx(params, explain);
+}
+
+bool SyncedEnforcer::SyncedEnforceEx(const DataMap& params, std::vector<std::string>& explain) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceEx(params, explain);
+}
+
+// EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model matcher by default when matcher is "".
+bool SyncedEnforcer::SyncedEnforceWithMatcher(const std::string& matcher, std::shared_ptr<IEvaluator> evalator) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceWithMatcher(matcher, evalator);
+}
+
+bool SyncedEnforcer::SyncedEnforceWithMatcher(const std::string& matcher, const DataList& params) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceWithMatcher(matcher, params);
+}
+
+bool SyncedEnforcer::SyncedEnforceWithMatcher(const std::string& matcher, const DataVector& params) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceWithMatcher(matcher, params);
+}
+
+bool SyncedEnforcer::SyncedEnforceWithMatcher(const std::string& matcher, const DataMap& params) {
+    std::unique_lock<std::shared_mutex> lock(policyMutex);
+    return Enforcer::EnforceWithMatcher(matcher, params);
+}
+
 } // namespace casbin
 
-#endif // ENFORCER_SYNCED_CPP
+#endif // ENFORCER_SYNCED_CPP
diff --git a/include/casbin/enforcer_synced.h b/include/casbin/enforcer_synced.h
@@ -292,8 +292,42 @@ class SyncedEnforcer : public Enforcer {
 
     // RemoveFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.
     bool RemoveFilteredNamedGroupingPolicy(const std::string& ptype, int fieldIndex, const std::vector<std::string>& fieldValues) override;
+
+    // GetAllActions gets the list of actions that show up in the current policy.
+
+    std::vector<std::string> GetAllActions() override;
+
+    // GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
+    PoliciesValues GetFilteredPolicy(int fieldIndex, std::vector<std::string> fieldValues);
+
+    // EnforceExWithMatcher use a custom matcher and explain enforcement by informing matched rules.
+    bool SyncedEnforceExWithMatcher(const std::string& matcher, std::shared_ptr<IEvaluator> evalator, std::vector<std::string>& explain);
+
+    bool SyncedEnforceExWithMatcher(const std::string& matcher, const DataList& params, std::vector<std::string>& explain);
+
+    bool SyncedEnforceExWithMatcher(const std::string& matcher, const DataVector& params, std::vector<std::string>& explain);
+
+    bool SyncedEnforceExWithMatcher(const std::string& matcher, const DataMap& params, std::vector<std::string>& explain);
+
+    // EnforceEx explain enforcement by informing matched rules.
+    bool SyncedEnforceEx(std::shared_ptr<IEvaluator> evalator, std::vector<std::string>& explain);
+
+    bool SyncedEnforceEx(const DataList& params, std::vector<std::string>& explain);
+
+    bool SyncedEnforceEx(const DataVector& params, std::vector<std::string>& explain);
+
+    bool SyncedEnforceEx(const DataMap& params, std::vector<std::string>& explain);
+
+    // EnforceWithMatcher use a custom matcher to decides whether a "subject" can access a "object" with the operation "action", input parameters are usually: (matcher, sub, obj, act), use model
+    bool SyncedEnforceWithMatcher(const std::string& matcher, std::shared_ptr<IEvaluator> evalator);
+
+    bool SyncedEnforceWithMatcher(const std::string& matcher, const DataList& params);
+
+    bool SyncedEnforceWithMatcher(const std::string& matcher, const DataVector& params);
+
+    bool SyncedEnforceWithMatcher(const std::string& matcher, const DataMap& params);
 };
 
 } // namespace casbin
 
-#endif
+#endif
diff --git a/tests/enforcer_synced_test.cpp b/tests/enforcer_synced_test.cpp
@@ -334,4 +334,28 @@ TEST(TestEnforcerSynced, TestMultiThreadBatchEnforce) {
     EXPECT_EQ(e.IsAutoLoadingRunning(), false);
 }
 
+void testSyncedEnforcerGetPolicy(casbin::SyncedEnforcer& e, PoliciesVector expected) {
+    auto myRes = e.GetPolicy();
+    PoliciesVector actual;
+    for (auto it = myRes.begin(); it != myRes.end(); ++it) {
+        actual.push_back(*it);
+    }
+    std::sort(actual.begin(), actual.end());
+    std::sort(expected.begin(), expected.end());
+    ASSERT_EQ(expected, actual);
+}
+
+TEST(TestSyncedEnforcer, GetPolicy) {
+    casbin::SyncedEnforcer e(basic_model_path, basic_policy_path);
+
+    PoliciesVector expected_policy = {
+        {"alice", "data1", "read"},
+        {"bob", "data2", "write"},
+    };
+
+    testSyncedEnforcerGetPolicy(e, expected_policy);
+}
+
+
+
 } // namespace