-
dovics authored
Signed-off-by:
dovics <wrs369@163.com>
dovics authoredSigned-off-by:
dovics <wrs369@163.com>
internal_api.go 5.61 KiB
// Copyright 2017 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package casbin
import (
Err "github.com/casbin/casbin/v3/errors"
"github.com/casbin/casbin/v3/model"
"github.com/casbin/casbin/v3/persist"
)
const (
notImplemented = "not implemented"
)
func (e *Enforcer) shouldPersist() bool {
return e.adapter != nil && e.autoSave
}
// addPolicy adds a rule to the current policy.
func (e *Enforcer) addPolicy(sec string, ptype string, rule []string) (bool, error) {
if e.model.HasPolicy(sec, ptype, rule) {
return false, nil
}
if e.dispatcher != nil && e.autoNotifyDispatcher {
return true, e.dispatcher.AddPolicies(sec, ptype, [][]string{rule})
}
if e.shouldPersist() {
if err := e.adapter.AddPolicy(sec, ptype, rule); err != nil {
if err.Error() != notImplemented {
return false, err
}
}
}
e.model.AddPolicy(sec, ptype, rule)
if sec == "g" {
err := e.BuildIncrementalRoleLinks(model.PolicyAdd, ptype, [][]string{rule})
if err != nil {
return true, err
}
}
if e.watcher != nil && e.autoNotifyWatcher {
var err error
if watcher, ok := e.watcher.(persist.WatcherEx); ok {
err = watcher.UpdateForAddPolicy(rule...)
} else {
err = e.watcher.Update()
}
return true, err
}
return true, nil
}
// addPolicies adds rules to the current policy.
func (e *Enforcer) addPolicies(sec string, ptype string, rules [][]string) (bool, error) {
if e.model.HasPolicies(sec, ptype, rules) {
return false, nil
}
if e.dispatcher != nil && e.autoNotifyDispatcher {
return true, e.dispatcher.AddPolicies(sec, ptype, rules)
}
if e.shouldPersist() {
if err := e.adapter.(persist.BatchAdapter).AddPolicies(sec, ptype, rules); err != nil {
if err.Error() != notImplemented {
return false, err
}
}
}
e.model.AddPolicies(sec, ptype, rules)
if sec == "g" {
err := e.BuildIncrementalRoleLinks(model.PolicyAdd, ptype, rules)
if err != nil {
return true, err
}
}
if e.watcher != nil && e.autoNotifyWatcher {
err := e.watcher.Update()
if err != nil {
return true, err
}
}
return true, nil
}
// removePolicy removes a rule from the current policy.
func (e *Enforcer) removePolicy(sec string, ptype string, rule []string) (bool, error) {
if e.dispatcher != nil && e.autoNotifyDispatcher {
return true, e.dispatcher.RemovePolicies(sec, ptype, [][]string{rule})
}
if e.shouldPersist() {
if err := e.adapter.RemovePolicy(sec, ptype, rule); err != nil {
if err.Error() != notImplemented {
return false, err
}
}
}
ruleRemoved := e.model.RemovePolicy(sec, ptype, rule)
if !ruleRemoved {
return ruleRemoved, nil
}
if sec == "g" {
err := e.BuildIncrementalRoleLinks(model.PolicyRemove, ptype, [][]string{rule})
if err != nil {
return ruleRemoved, err
}
}
if e.watcher != nil && e.autoNotifyWatcher {
var err error
if watcher, ok := e.watcher.(persist.WatcherEx); ok {
err = watcher.UpdateForRemovePolicy(rule...)
} else {
err = e.watcher.Update()
}
return ruleRemoved, err
}
return ruleRemoved, nil
}
// removePolicies removes rules from the current policy.
func (e *Enforcer) removePolicies(sec string, ptype string, rules [][]string) (bool, error) {
if !e.model.HasPolicies(sec, ptype, rules) {
return false, nil
}
if e.dispatcher != nil && e.autoNotifyDispatcher {
return true, e.dispatcher.RemovePolicies(sec, ptype, rules)
}
if e.shouldPersist() {
if err := e.adapter.(persist.BatchAdapter).RemovePolicies(sec, ptype, rules); err != nil {
if err.Error() != notImplemented {
return false, err
}
}
}
rulesRemoved := e.model.RemovePolicies(sec, ptype, rules)
if !rulesRemoved {
return rulesRemoved, nil
}
if sec == "g" {
err := e.BuildIncrementalRoleLinks(model.PolicyRemove, ptype, rules)
if err != nil {
return rulesRemoved, err
}
}
if e.watcher != nil && e.autoNotifyWatcher {
err := e.watcher.Update()
if err != nil {
return rulesRemoved, err
}
}
return rulesRemoved, nil
}
// removeFilteredPolicy removes rules based on field filters from the current policy.
func (e *Enforcer) removeFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) (bool, error) {
if len(fieldValues) == 0 {
return false, Err.INVALID_FIELDVAULES_PARAMETER
}
if e.dispatcher != nil && e.autoNotifyDispatcher {
return true, e.dispatcher.RemoveFilteredPolicy(sec, ptype, fieldIndex, fieldValues...)
}
if e.shouldPersist() {
if err := e.adapter.RemoveFilteredPolicy(sec, ptype, fieldIndex, fieldValues...); err != nil {
if err.Error() != notImplemented {
return false, err
}
}
}
ruleRemoved, effects := e.model.RemoveFilteredPolicy(sec, ptype, fieldIndex, fieldValues...)
if !ruleRemoved {
return ruleRemoved, nil
}
if sec == "g" {
err := e.BuildIncrementalRoleLinks(model.PolicyRemove, ptype, effects)
if err != nil {
return ruleRemoved, err
}
}
if e.watcher != nil && e.autoNotifyWatcher {
var err error
if watcher, ok := e.watcher.(persist.WatcherEx); ok {
err = watcher.UpdateForRemoveFilteredPolicy(fieldIndex, fieldValues...)
} else {
err = e.watcher.Update()
}
return ruleRemoved, err
}
return ruleRemoved, nil
}