Skip to content

Commit

Permalink
feat: Update to latest node-casbin version and improve API support (#169
Browse files Browse the repository at this point in the history
)

* Updates to latest node-casbin version
Improves Casbin API support

* fix typos in JSDoc comments
  • Loading branch information
Dallin343 authored Jul 3, 2024
1 parent 44f9626 commit a3ab9d3
Show file tree
Hide file tree
Showing 4 changed files with 1,857 additions and 1,390 deletions.
4 changes: 3 additions & 1 deletion jest.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,9 @@ module.exports = {
moduleFileExtensions: ['ts', 'tsx', 'js'],

// A map from regular expressions to module names that allow to stub out resources with a single module
// moduleNameMapper: {},
moduleNameMapper: {
'csv-parse': '<rootDir>/node_modules/csv-parse/dist/cjs/sync.cjs',
},

// An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
// modulePathIgnorePatterns: [],
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
"author": "dreamdevil00",
"license": "MIT",
"dependencies": {
"casbin": "^5.11.1"
"casbin": "^5.30.0"
},
"devDependencies": {
"@nestjs/common": "^9.0.3",
Expand Down
91 changes: 91 additions & 0 deletions src/services/authz-management.service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,66 @@ export class AuthZManagementService {
public readonly enforcer: casbin.Enforcer
) {}

/**
* enforce decides whether a "subject" can access a "object" with the operation "action"
*
* @param params the request parameters, usually (sub, obj, act)
*
* @return whether or not the request is allowed
*/
enforce(...params: string[]): Promise<boolean> {
return this.enforcer.enforce(params);
}

/**
* enforceWithMatcher uses a custom matcher to decides whether a "subject" can access a "object" with the operation "action"
*
* @param matcher the matcher statement to use
* @param params the request parameters, usually (sub, obj, act)
*
* @return whether or not the request is allowed
*/
enforceWithMatcher(matcher: string, ...params: string[]): Promise<boolean> {
return this.enforcer.enforceWithMatcher(matcher, params);
}

/**
* enforceEx explains enforcement by returning matched rules.
*
* @param params the request parameters, usually (sub, obj, act)
*
* @return whether or not the request is allowed, and what policy caused that decision
*/
enforceEx(...params: string[]): Promise<[boolean, string[]]> {
return this.enforcer.enforceEx(params);
}

/**
* enforceExWithMatcher uses a custom matcher and explains enforcement by returning matched rules.
*
* @param matcher the matcher statement to use
* @param params the request parameters, usually (sub, obj, act)
*
* @return whether or not the request is allowed, and what policy caused that decision
*/
enforceExWithMatcher(
matcher: string,
...params: string[]
): Promise<[boolean, string[]]> {
return this.enforcer.enforceExWithMatcher(matcher, params);
}

/**
* batchEnforce enforces each request and returns result in a bool array
*
* @param params the request parameters, usually (sub, obj, act)
*
* @return an array with the enforcement results for each given request
*/
batchEnforce(params: string[][]): Promise<boolean[]> {
return this.enforcer.batchEnforce(params);
}

/**
* getAllSubjects gets the list of subjects that show up in the current policy.
*
Expand Down Expand Up @@ -537,4 +597,35 @@ export class AuthZManagementService {
loadPolicy(): Promise<void> {
return this.enforcer.loadPolicy();
}

/**
* updateGroupingPolicy updates a role inheritance rule from the current policy.
* If the rule not exists, the function returns false.
* Otherwise the function returns true by changing it to the new rule.
*
* @param oldRule the role inheritance rule will be remove
* @param newRule the role inheritance rule will be added
* @return succeeds or not.
*/
updateGroupingPolicy(oldRule: string[], newRule: string[]): Promise<boolean> {
return this.enforcer.updateGroupingPolicy(oldRule, newRule);
}

/**
* updateNamedGroupingPolicy updates a named role inheritance rule from the current policy.
* If the rule not exists, the function returns false.
* Otherwise the function returns true by changing it to the new rule.
*
* @param ptype the policy type, can be "g", "g2", "g3", ..
* @param oldRule the role inheritance rule will be remove
* @param newRule the role inheritance rule will be added
* @return succeeds or not.
*/
updateNamedGroupingPolicy(
ptype: string,
oldRule: string[],
newRule: string[]
): Promise<boolean> {
return this.enforcer.updateNamedGroupingPolicy(ptype, oldRule, newRule);
}
}
Loading

0 comments on commit a3ab9d3

Please sign in to comment.