Merge pull request #5 from basakest/FilterAdapter

leeqvip · web-flow · commit 63da5ecae810 · 2021-01-09T16:48:51.000+08:00
try to implement FilterAdapter
diff --git a/.travis.yml b/.travis.yml
@@ -18,6 +18,9 @@ before_install:
 install:
   - travis_retry composer install --no-suggest --no-interaction
 
+before_script:
+  - export XDEBUG_MODE=coverage
+
 script:
  - vendor/bin/phpunit --version
  - mkdir -p build/logs
diff --git a/src/Adapter.php b/src/Adapter.php
@@ -6,29 +6,58 @@
 use Casbin\Persist\Adapter as AdapterContract;
 use TechOne\Database\Manager;
 use Casbin\Persist\AdapterHelper;
+use Casbin\Persist\FilteredAdapter;
+use Casbin\Persist\Adapters\Filter;
+use Casbin\Exceptions\InvalidFilterTypeException;
+use Closure;
 
 /**
  * DatabaseAdapter.
  *
  * @author techlee@qq.com
  */
-class Adapter implements AdapterContract
+class Adapter implements AdapterContract, FilteredAdapter
 {
     use AdapterHelper;
 
     protected $config;
 
+    protected $filtered;
+
     protected $connection;
 
     public $casbinRuleTableName = 'casbin_rule';
 
+    public $rows = [];
+
     public function __construct(array $config)
     {
         $this->config = $config;
+        $this->filtered = false;
         $this->connection = (new Manager($config))->getConnection();
         $this->initTable();
     }
 
+    /**
+     * Returns true if the loaded policy has been filtered.
+     *
+     * @return bool
+     */
+    public function isFiltered(): bool
+    {
+        return $this->filtered;
+    }
+
+    /**
+     * Sets filtered parameter.
+     *
+     * @param bool $filtered
+     */
+    public function setFiltered(bool $filtered): void
+    {
+        $this->filtered = $filtered;
+    }
+
     public static function newAdapter(array $config)
     {
         return new static($config);
@@ -154,4 +183,61 @@ public function removeFilteredPolicy(string $sec, string $ptype, int $fieldIndex
 
         $this->connection->execute($sql, $where);
     }
+
+    /**
+     * Loads only policy rules that match the filter from storage.
+     *
+     * @param Model $model
+     * @param mixed $filter
+     *
+     * @throws CasbinException
+     */
+    public function loadFilteredPolicy(Model $model, $filter): void
+    {
+        // if $filter is empty, load all policies
+        if (is_null($filter)) {
+            $this->loadPolicy($model);
+            return;
+        }
+        // the basic sql
+        $sql = 'SELECT ptype, v0, v1, v2, v3, v4, v5 FROM '.$this->casbinRuleTableName . ' WHERE ';
+        
+        if ($filter instanceof Filter) {
+            $type = '';
+            $filter = (array) $filter;
+            // choose which ptype to use
+            foreach($filter as $i => $v) {
+                if (!empty($v)) {
+                    array_unshift($filter[$i], $i);
+                    $type = $i;
+                    break;
+                }
+            }
+            $items = ['ptype', 'v0', 'v1', 'v2', 'v3', 'v4', 'v5'];
+            $temp = [];
+            $values = [];
+            foreach($items as $i => $item) {
+                if (isset($filter[$type][$i]) && !empty($filter[$type][$i])) {
+                    array_push($temp, $item . '=:' . $item);
+                    $values[$item] = $filter[$type][$i];
+                }
+            }
+            $sql .= implode(' and ', $temp);
+            $rows = $this->connection->query($sql, $values);
+        } elseif (is_string($filter)) {
+            $sql .= $filter;
+            $rows = $this->connection->query($sql);
+        } else if ($filter instanceof Closure) {
+            $filter($this->connection, $sql, $this->rows);
+        } else {
+            throw new InvalidFilterTypeException('invalid filter type');
+        }
+
+        $rows = $rows ?? $this->rows;
+        foreach($rows as $row) {
+            $line = implode(', ', $row);
+            $this->loadPolicyLine($line, $model);
+        }
+        $this->filtered = true;
+    }
 }
diff --git a/tests/AdapterTest.php b/tests/AdapterTest.php
@@ -3,9 +3,12 @@
 namespace Tests;
 
 use Casbin\Enforcer;
+use Casbin\Model\Model;
+use Casbin\Persist\Adapter;
 use CasbinAdapter\Database\Adapter as DatabaseAdapter;
 use PHPUnit\Framework\TestCase;
 use TechOne\Database\Manager;
+use Casbin\Persist\Adapters\Filter;
 
 class AdapterTest extends TestCase
 {
@@ -44,6 +47,31 @@ protected function getEnforcer()
         return new Enforcer(__DIR__.'/rbac_model.conf', $adapter);
     }
 
+    protected function getEnforcerWithAdapter(Adapter $adapter): Enforcer
+    {
+        $this->adapter = $adapter;
+        $this->initDb($this->adapter);
+        $model = Model::newModelFromString(
+            <<<'EOT'
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
+EOT
+        );
+        return new Enforcer($model, $this->adapter);
+    }
+
     public function testLoadPolicy()
     {
         $e = $this->getEnforcer();
@@ -54,6 +82,40 @@ public function testLoadPolicy()
         $this->assertTrue($e->enforce('alice', 'data2', 'write'));
     }
 
+    public function testLoadFilteredPolicy()
+    {
+        $this->initConfig();
+        $adapter = DatabaseAdapter::newAdapter($this->config);
+        $adapter->setFiltered(true);
+        $e = $this->getEnforcerWithAdapter($adapter);
+        $this->assertEquals([], $e->getPolicy());
+
+        // string
+        $filter = "v0 = 'bob'";
+        $e->loadFilteredPolicy($filter);
+        $this->assertEquals([
+            //
+            ['bob', 'data2', 'write', '', '', '']
+        ], $e->getPolicy());
+
+        // Filter
+        $filter = new Filter(['', '', 'read']);
+        $e->loadFilteredPolicy($filter);
+        $this->assertEquals([
+            ['alice', 'data1', 'read', '', '', ''],
+            ['data2_admin', 'data2', 'read', '', '', ''],
+        ], $e->getPolicy());
+
+        // Closure
+        $e->loadFilteredPolicy(function ($connection, $sql, &$rows) {
+            $rows = $connection->query($sql . "v0 = 'alice'");
+        });
+
+        $this->assertEquals([
+            ['alice', 'data1', 'read', '', '', ''],
+        ], $e->getPolicy());
+    }
+
     public function testAddPolicy()
     {
         $e = $this->getEnforcer();
