feat: add enforcer EnableAcceptJsonRequest feature (#119)

Version of the "Casbin" module upgraded to 2.100 to access the "bleAcceptJsonRequest" feature then integrated this project with the new version of the "Casbin" then added new requested feature. Changes: - Upgraded the version of the "Casbin" module - Integrated with the new version of the "Casbin" module - Changed the .proto file to add "EnableAcceptJsonRequest" field at calling NewEnforcer - Generated Go files from new changed the .proto file - Added "EnableAcceptJsonRequest" field to each "NewEncoder" test cases Co-authored-by: Ali Shokoohi <[email protected]>
casbin · Oct 5, 2024 · 8d7fda9 · 8d7fda9
1 parent 8d65648
commit 8d7fda9
Show file tree

Hide file tree

Showing 10 changed files with 391 additions and 322 deletions.
diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/casbin/casbin-server
 go 1.19
 
 require (
-	github.com/casbin/casbin/v2 v2.71.1
+	github.com/casbin/casbin/v2 v2.100.0
 	github.com/casbin/gorm-adapter/v3 v3.14.0
 	github.com/casbin/mongodb-adapter/v3 v3.7.0
 	github.com/stretchr/testify v1.8.0
@@ -13,6 +13,8 @@ require (
 
 require (
 	github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect
+	github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect
+	github.com/casbin/govaluate v1.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/glebarez/go-sqlite v1.19.1 // indirect
 	github.com/glebarez/sqlite v1.5.0 // indirect

diff --git a/go.sum b/go.sum
@@ -10,11 +10,17 @@ github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go
 github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc=
 github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
+github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwNy7PA4I=
+github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
 github.com/casbin/casbin/v2 v2.55.1/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
 github.com/casbin/casbin/v2 v2.71.1 h1:LRHyqM0S1LzM/K59PmfUIN0ZJfLgcOjL4OhOQI/FNXU=
 github.com/casbin/casbin/v2 v2.71.1/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
+github.com/casbin/casbin/v2 v2.100.0 h1:aeugSNjjHfCrgA22nHkVvw2xsscboHv5r0a13ljQKGQ=
+github.com/casbin/casbin/v2 v2.100.0/go.mod h1:LO7YPez4dX3LgoTCqSQAleQDo0S0BeZBDxYnPUl95Ng=
 github.com/casbin/gorm-adapter/v3 v3.14.0 h1:zZ6AIiNHJZ3ntdf5RBrqD+0Cb4UO+uKFk79R9yJ7mpw=
 github.com/casbin/gorm-adapter/v3 v3.14.0/go.mod h1:jqaf4bUITbCyMPUellaTd8IQJ77JfVAbe77gZZnx98w=
+github.com/casbin/govaluate v1.2.0 h1:wXCXFmqyY+1RwiKfYo3jMKyrtZmOL3kHwaqDyCPOYak=
+github.com/casbin/govaluate v1.2.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
 github.com/casbin/mongodb-adapter/v3 v3.7.0 h1:w9c3bea1BGK4eZTAmk17JkY52yv/xSZDSHKji8q+z6E=
 github.com/casbin/mongodb-adapter/v3 v3.7.0/go.mod h1:F1mu4ojoJVE/8VhIMxMedhjfwRDdIXgANYs6Sd0MgVA=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=

diff --git a/proto/casbin.pb.go b/proto/casbin.pb.go
diff --git a/proto/casbin.proto b/proto/casbin.proto
@@ -93,6 +93,7 @@ service Casbin {
 message NewEnforcerRequest {
   string modelText = 1;
   int32 adapterHandle = 2;
+  bool enableAcceptJsonRequest = 3;
 }
 
 message NewEnforcerReply {

diff --git a/proto/casbin_grpc.pb.go b/proto/casbin_grpc.pb.go
diff --git a/server/enforcer.go b/server/enforcer.go
@@ -126,6 +126,9 @@ func (s *Server) NewEnforcer(ctx context.Context, in *pb.NewEnforcerRequest) (*p
 			return &pb.NewEnforcerReply{Handler: 0}, err
 		}
 	}
+
+	e.EnableAcceptJsonRequest(in.EnableAcceptJsonRequest)
+
 	h := s.addEnforcer(e)
 
 	return &pb.NewEnforcerReply{Handler: int32(h)}, nil

diff --git a/server/management_api.go b/server/management_api.go
@@ -46,7 +46,12 @@ func (s *Server) GetAllNamedSubjects(ctx context.Context, in *pb.SimpleGetReques
 		return &pb.ArrayReply{}, err
 	}
 
-	return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 0)}, nil
+	valuesForFieldInPolicy, err := e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 0)
+	if err != nil {
+		return &pb.ArrayReply{}, err
+	}
+
+	return &pb.ArrayReply{Array: valuesForFieldInPolicy}, nil
 }
 
 // GetAllObjects gets the list of objects that show up in the current policy.
@@ -61,7 +66,12 @@ func (s *Server) GetAllNamedObjects(ctx context.Context, in *pb.SimpleGetRequest
 		return &pb.ArrayReply{}, err
 	}
 
-	return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 1)}, nil
+	valuesForFieldInPolicy, err := e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 1)
+	if err != nil {
+		return &pb.ArrayReply{}, err
+	}
+
+	return &pb.ArrayReply{Array: valuesForFieldInPolicy}, nil
 }
 
 // GetAllActions gets the list of actions that show up in the current policy.
@@ -76,7 +86,12 @@ func (s *Server) GetAllNamedActions(ctx context.Context, in *pb.SimpleGetRequest
 		return &pb.ArrayReply{}, err
 	}
 
-	return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 2)}, nil
+	valuesForFieldInPolicy, err := e.GetModel().GetValuesForFieldInPolicy("p", in.PType, 2)
+	if err != nil {
+		return &pb.ArrayReply{}, err
+	}
+
+	return &pb.ArrayReply{Array: valuesForFieldInPolicy}, nil
 }
 
 // GetAllRoles gets the list of roles that show up in the current policy.
@@ -91,7 +106,12 @@ func (s *Server) GetAllNamedRoles(ctx context.Context, in *pb.SimpleGetRequest)
 		return &pb.ArrayReply{}, err
 	}
 
-	return &pb.ArrayReply{Array: e.GetModel().GetValuesForFieldInPolicy("g", in.PType, 1)}, nil
+	valuesForFieldInPolicy, err := e.GetModel().GetValuesForFieldInPolicy("g", in.PType, 1)
+	if err != nil {
+		return &pb.ArrayReply{}, err
+	}
+
+	return &pb.ArrayReply{Array: valuesForFieldInPolicy}, nil
 }
 
 // GetPolicy gets all the authorization rules in the policy.
@@ -106,7 +126,12 @@ func (s *Server) GetNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.
 		return &pb.Array2DReply{}, err
 	}
 
-	return s.wrapPlainPolicy(e.GetModel().GetPolicy("p", in.PType)), nil
+	policy, err := e.GetModel().GetPolicy("p", in.PType)
+	if err != nil {
+		return &pb.Array2DReply{}, err
+	}
+
+	return s.wrapPlainPolicy(policy), nil
 }
 
 // GetFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
@@ -123,7 +148,12 @@ func (s *Server) GetFilteredNamedPolicy(ctx context.Context, in *pb.FilteredPoli
 		return &pb.Array2DReply{}, err
 	}
 
-	return s.wrapPlainPolicy(e.GetModel().GetFilteredPolicy("p", in.PType, int(in.FieldIndex), in.FieldValues...)), nil
+	filteredPolicy, err := e.GetModel().GetFilteredPolicy("p", in.PType, int(in.FieldIndex), in.FieldValues...)
+	if err != nil {
+		return &pb.Array2DReply{}, err
+	}
+
+	return s.wrapPlainPolicy(filteredPolicy), nil
 }
 
 // GetGroupingPolicy gets all the role inheritance rules in the policy.
@@ -138,7 +168,12 @@ func (s *Server) GetNamedGroupingPolicy(ctx context.Context, in *pb.PolicyReques
 		return &pb.Array2DReply{}, err
 	}
 
-	return s.wrapPlainPolicy(e.GetModel().GetPolicy("g", in.PType)), nil
+	policy, err := e.GetModel().GetPolicy("g", in.PType)
+	if err != nil {
+		return &pb.Array2DReply{}, err
+	}
+
+	return s.wrapPlainPolicy(policy), nil
 }
 
 // GetFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
@@ -155,7 +190,12 @@ func (s *Server) GetFilteredNamedGroupingPolicy(ctx context.Context, in *pb.Filt
 		return &pb.Array2DReply{}, err
 	}
 
-	return s.wrapPlainPolicy(e.GetModel().GetFilteredPolicy("g", in.PType, int(in.FieldIndex), in.FieldValues...)), nil
+	filteredPolicy, err := e.GetModel().GetFilteredPolicy("g", in.PType, int(in.FieldIndex), in.FieldValues...)
+	if err != nil {
+		return &pb.Array2DReply{}, err
+	}
+
+	return s.wrapPlainPolicy(filteredPolicy), nil
 }
 
 // HasPolicy determines whether an authorization rule exists.
@@ -170,7 +210,12 @@ func (s *Server) HasNamedPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.
 		return &pb.BoolReply{}, err
 	}
 
-	return &pb.BoolReply{Res: e.GetModel().HasPolicy("p", in.PType, in.Params)}, nil
+	hasPolicy, err := e.GetModel().HasPolicy("p", in.PType, in.Params)
+	if err != nil {
+		return &pb.BoolReply{}, err
+	}
+
+	return &pb.BoolReply{Res: hasPolicy}, nil
 }
 
 // HasGroupingPolicy determines whether a role inheritance rule exists.
@@ -186,7 +231,12 @@ func (s *Server) HasNamedGroupingPolicy(ctx context.Context, in *pb.PolicyReques
 		return &pb.BoolReply{}, err
 	}
 
-	return &pb.BoolReply{Res: e.GetModel().HasPolicy("g", in.PType, in.Params)}, nil
+	haPolicy, err := e.GetModel().HasPolicy("g", in.PType, in.Params)
+	if err != nil {
+		return &pb.BoolReply{}, err
+	}
+
+	return &pb.BoolReply{Res: haPolicy}, nil
 }
 
 func (s *Server) AddPolicy(ctx context.Context, in *pb.PolicyRequest) (*pb.BoolReply, error) {

diff --git a/server/model_test.go b/server/model_test.go
@@ -59,7 +59,7 @@ func TestRBACModel(t *testing.T) {
 		t.Error(err)
 	}
 
-	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0})
+	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0, EnableAcceptJsonRequest: false})
 	if err != nil {
 		t.Error(err)
 	}
@@ -90,7 +90,7 @@ func TestABACModel(t *testing.T) {
 		t.Error(err)
 	}
 
-	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: -1})
+	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: -1, EnableAcceptJsonRequest: false})
 	if err != nil {
 		t.Error(err)
 	}

diff --git a/server/rbac_api.go b/server/rbac_api.go
@@ -217,7 +217,12 @@ func (s *Server) GetPermissionsForUser(ctx context.Context, in *pb.PermissionReq
 		return &pb.Array2DReply{}, err
 	}
 
-	return s.wrapPlainPolicy(e.GetFilteredPolicy(0, in.User)), nil
+	filteredPolicy, err := e.GetFilteredPolicy(0, in.User)
+	if err != nil {
+		return &pb.Array2DReply{}, err
+	}
+
+	return s.wrapPlainPolicy(filteredPolicy), nil
 }
 
 // GetImplicitPermissionsForUser gets all permissions(including children) for a user or role.
@@ -237,7 +242,12 @@ func (s *Server) HasPermissionForUser(ctx context.Context, in *pb.PermissionRequ
 		return &pb.BoolReply{}, err
 	}
 
-	return &pb.BoolReply{Res: e.HasPolicy(s.convertPermissions(in.User, in.Permissions...)...)}, nil
+	hasPolicy, err := e.HasPolicy(s.convertPermissions(in.User, in.Permissions...)...)
+	if err != nil {
+		return &pb.BoolReply{}, err
+	}
+
+	return &pb.BoolReply{Res: hasPolicy}, nil
 }
 
 func (s *Server) convertPermissions(user string, permissions ...string) []interface{} {

diff --git a/server/test_util.go b/server/test_util.go
@@ -42,7 +42,7 @@ func newTestEngine(t *testing.T, from, connectStr string, modelLoc string) *test
 		t.Fatal(err)
 	}
 
-	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0})
+	resp, err := s.NewEnforcer(ctx, &pb.NewEnforcerRequest{ModelText: string(modelText), AdapterHandle: 0, EnableAcceptJsonRequest: true})
 	if err != nil {
 		t.Fatal(err)
 	}