Cleanup (#173)

* add register_g_function macro

* improve loggter by adding log category

* format code

* fix cached benchmark

* add circular link Todo comment

* don't acquire lock more than once

* fix lock name

* upgrade rhai

* fix tests

* add domain_matching_fn

* stop using :: seperator in rbac_role_manager

* format code

format code

format code

* fix cached_enforcer

* add push_index macro & rename expl -> explain

* remove matching fn entry

* bump version

* upgrade rhai

* Fix: CI

* FIX: clippy::redundant-closure

Author: 0x8f701

.gitignore

@@ -18,3 +18,6 @@ Cargo.lock
 output.txt
 before
 after
+
+# design
+design.txt

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "casbin"
-version = "0.9.2"
+version = "1.0.0"
 authors = ["Joey <[email protected]>", "Cheng JIANG <[email protected]>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -13,18 +13,18 @@ keywords = ["auth", "authorization", "rbac", "acl", "abac"]
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-regex = "1.3.7"
-rhai = { version = "0.14.1", features = ["sync", "only_i32", "no_function", "no_float", "no_optimize"] }
+regex = "1.3.9"
+rhai = { version = "0.15.1", features = ["sync", "only_i32", "no_function", "no_float", "no_optimize", "no_module"] }
 ip_network = { version = "0.3.4", optional = true }
 ttl_cache = { version = "0.5.1", optional = true }
 lazy_static = "1.4.0"
-indexmap = "1.3.2"
-async-std = { version = "1.6.0", optional = true }
-async-trait = "0.1.31"
+indexmap = "1.4.0"
+async-std = { version = "1.6.1", optional = true }
+async-trait = "0.1.35"
 log = { version = "0.4.8", optional = true }
 tokio = { version = "0.2.21", optional = true, default-features = false }
 globset = { version = "0.4.5", optional = true }
-thiserror = "1.0.19"
+thiserror = "1.0.20"
 
 [features]
 default = ["runtime-async-std", "incremental"]
@@ -43,8 +43,8 @@ explain = []
 opt-level = 0
 
 [target.'cfg(target_arch = "wasm32")'.dev-dependencies]
-async-std = { version = "1.6.0", features = [ "attributes" ] }
+async-std = { version = "1.6.1", features = [ "attributes" ] }
 
 [target.'cfg(not(target_arch = "wasm32"))'.dev-dependencies]
 tokio = { version = "0.2.21", features = [ "full" ] }
-async-std = { version = "1.6.0", features = [ "attributes" ] }
+async-std = { version = "1.6.1", features = [ "attributes" ] }

README.md

@@ -28,7 +28,7 @@ Add this package to `Cargo.toml` of your project. (Check https://crates.io/crate
 
 ```toml
 [dependencies]
-casbin = { version = "0.9.3", default-features = false, features = ["runtime-async-std", "logging"] }
+casbin = { version = "1.0.0", default-features = false, features = ["runtime-async-std", "logging"] }
 async-std = { version = "1.5.0", features = ["attributes"] }
 env_logger = "0.7.1"
 ```

benches/benchmark.rs

@@ -73,7 +73,7 @@ fn b_benmark_cached_basic_model(b: &mut Bencher) {
     .unwrap();
 
     b.iter(|| {
-        e.enforce(_mut(&["alice", "data1", "read"])).unwrap();
+        e.enforce_mut(&["alice", "data1", "read"]).unwrap();
     });
 }
 
@@ -100,7 +100,7 @@ fn b_benchmark_cached_rbac_model(b: &mut Bencher) {
     .unwrap();
 
     b.iter(|| {
-        e.enforce(_mut(&["alice", "data2", "read"])).unwrap();
+        e.enforce_mut(&["alice", "data2", "read"]).unwrap();
     });
 }
 
@@ -221,7 +221,7 @@ fn b_benchmark_cached_rbac_model_small(b: &mut Bencher) {
 
     e.build_role_links().unwrap();
 
-    b.iter(|| e.enforce(_mut(&["user501", "data9", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["user501", "data9", "read"]).unwrap());
 }
 
 #[bench]
@@ -341,7 +341,7 @@ fn b_benchmark_cached_rbac_model_medium(b: &mut Bencher) {
 
     e.build_role_links().unwrap();
 
-    b.iter(|| e.enforce(_mut(&["user5001", "data15", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["user5001", "data15", "read"]).unwrap());
 }
 
 #[bench]
@@ -461,7 +461,7 @@ fn b_benchmark_cached_rbac_model_large(b: &mut Bencher) {
 
     e.build_role_links().unwrap();
 
-    b.iter(|| e.enforce(_mut(&["user50001", "data1500", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["user50001", "data1500", "read"]).unwrap());
 }
 
 #[bench]
@@ -484,7 +484,7 @@ fn b_benchmark_cached_rbac_with_resource_roles(b: &mut Bencher) {
     ))
     .unwrap();
 
-    b.iter(|| e.enforce(_mut(&["alice", "data1", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["alice", "data1", "read"]).unwrap());
 }
 
 #[bench]
@@ -508,7 +508,7 @@ fn b_benchmark_cached_rbac_model_with_domains(b: &mut Bencher) {
     .unwrap();
 
     b.iter(|| {
-        e.enforce(_mut(&["alice", "domain1", "data1", "read"]))
+        e.enforce_mut(&["alice", "domain1", "data1", "read"])
             .unwrap()
     });
 }
@@ -529,7 +529,7 @@ fn b_benchmark_cached_abac_model(b: &mut Bencher) {
     let mut e = await_future(CachedEnforcer::new("examples/abac_model.conf", ())).unwrap();
 
     b.iter(|| {
-        e.enforce(_mut(&["alice", r#"{"Owner": "alice"}"#, "read"]))
+        e.enforce_mut(&["alice", r#"{"Owner": "alice"}"#, "read"])
             .unwrap()
     });
 }
@@ -558,7 +558,7 @@ fn b_benchmark_cached_key_match(b: &mut Bencher) {
     .unwrap();
 
     b.iter(|| {
-        e.enforce(_mut(&["alice", "/alice_data/resource1", "GET"]))
+        e.enforce_mut(&["alice", "/alice_data/resource1", "GET"])
             .unwrap()
     });
 }
@@ -583,7 +583,7 @@ fn b_benchmark_cached_rbac_with_deny(b: &mut Bencher) {
     ))
     .unwrap();
 
-    b.iter(|| e.enforce(_mut(&["alice", "data1", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["alice", "data1", "read"]).unwrap());
 }
 
 #[bench]
@@ -606,5 +606,5 @@ fn b_benchmark_cached_priority_model(b: &mut Bencher) {
     ))
     .unwrap();
 
-    b.iter(|| e.enforce(_mut(&["alice", "data1", "read"])).unwrap());
+    b.iter(|| e.enforce_mut(&["alice", "data1", "read"]).unwrap());
 }

examples/rbac_with_pattern_domain_model.conf

@@ -6,10 +6,9 @@ p = sub, dom, obj, act
 
 [role_definition]
 g = _, _, _
-g2 = _, _, _
 
 [policy_effect]
 e = some(where (p.eft == allow))
 
 [matchers]
-m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && g2(r.obj, p.obj, r.dom) && regexMatch(r.act, p.act)
+m = g(r.sub, p.sub, r.dom) && r.dom == p.dom  && regexMatch(r.act, p.act)

examples/rbac_with_pattern_domain_policy.csv

@@ -1,10 +1,7 @@
-p, alice, domain2, /pen/1, GET
-p, alice, domain1, /book/1, GET
-
-p, book_admin, domain1, book_group, GET
-p, pen_admin, domain2, pen_group, GET
+p, book_admin, domain1, /pen/1 , GET
+p, pen_admin, domain2, /book/1 , GET
 
+g, eve, book_admin, *
+g, eve, pen_admin, *
 g, alice, book_admin, domain1
 g, bob, pen_admin, domain2
-g2, /book/:id, book_group, domain1
-g2, /pen/:id, pen_group, domain2

src/cached_enforcer.rs

@@ -25,6 +25,7 @@ use crate::logger::Logger;
 use crate::{error::ModelError, get_or_err};
 
 use async_trait::async_trait;
+use rhai::ImmutableString;
 
 use std::{
     collections::HashMap,
@@ -64,12 +65,12 @@ impl CachedEnforcer {
         rvals: &[S],
     ) -> Result<(bool, bool, Option<Vec<usize>>)> {
         let cache_key: Vec<String> = rvals.iter().map(|x| String::from(x.as_ref())).collect();
-        Ok(if let Some(result) = self.cache.get(&cache_key) {
-            (*result, true, None)
+        Ok(if let Some(authorized) = self.cache.get(&cache_key) {
+            (*authorized, true, None)
         } else {
-            let (result, idxs) = self.enforcer.private_enforce(rvals)?;
-            self.cache.set(cache_key.clone(), result);
-            (result, false, idxs)
+            let (authorized, indexes) = self.enforcer.private_enforce(rvals)?;
+            self.cache.set(cache_key.clone(), authorized);
+            (authorized, false, indexes)
         })
     }
 }
@@ -87,16 +88,15 @@ impl CoreApi for CachedEnforcer {
         };
 
         cached_enforcer.on(Event::ClearCache, clear_cache);
+
         #[cfg(any(feature = "logging", feature = "watcher"))]
-        {
-            cached_enforcer.on(Event::PolicyChange, notify_logger_and_watcher);
-        }
+        cached_enforcer.on(Event::PolicyChange, notify_logger_and_watcher);
 
         Ok(cached_enforcer)
     }
 
     #[inline]
-    fn add_function(&mut self, fname: &str, f: fn(String, String) -> bool) {
+    fn add_function(&mut self, fname: &str, f: fn(ImmutableString, ImmutableString) -> bool) {
         self.enforcer.fm.add_function(fname, f);
     }
 
@@ -147,11 +147,6 @@ impl CoreApi for CachedEnforcer {
         self.enforcer.set_role_manager(rm)
     }
 
-    #[inline]
-    fn add_matching_fn(&mut self, f: fn(&str, &str) -> bool) -> Result<()> {
-        self.enforcer.add_matching_fn(f)
-    }
-
     #[inline]
     async fn set_model<M: TryIntoModel>(&mut self, m: M) -> Result<()> {
         self.enforcer.set_model(m).await
@@ -181,7 +176,8 @@ impl CoreApi for CachedEnforcer {
 
     fn enforce_mut<S: AsRef<str> + Send + Sync>(&mut self, rvals: &[S]) -> Result<bool> {
         #[allow(unused_variables)]
-        let (authorized, cached, idxs) = self.private_enforce(rvals)?;
+        let (authorized, cached, indexs) = self.private_enforce(rvals)?;
+
         #[cfg(feature = "logging")]
         {
             self.enforcer.get_logger().print_enforce_log(
@@ -191,15 +187,13 @@ impl CoreApi for CachedEnforcer {
             );
 
             #[cfg(feature = "explain")]
-            {
-                if let Some(idxs) = idxs {
-                    let all_rules = get_or_err!(self, "p", ModelError::P, "policy").get_policy();
-                    let rules: Vec<&Vec<String>> = idxs
-                        .into_iter()
-                        .filter_map(|y| all_rules.get_index(y))
-                        .collect();
-                    self.enforcer.get_logger().print_expl_log(rules);
-                }
+            if let Some(indexs) = indexs {
+                let all_rules = get_or_err!(self, "p", ModelError::P, "policy").get_policy();
+                let rules: Vec<String> = indexs
+                    .into_iter()
+                    .filter_map(|y| all_rules.get_index(y).map(|x| x.join(", ")))
+                    .collect();
+                self.enforcer.get_logger().print_explain_log(rules);
             }
         }
 

src/core_api.rs

@@ -10,6 +10,7 @@ use crate::Logger;
 use crate::emitter::EventData;
 
 use async_trait::async_trait;
+use rhai::ImmutableString;
 
 use std::sync::{Arc, RwLock};
 
@@ -18,7 +19,7 @@ pub trait CoreApi: Send + Sync {
     async fn new<M: TryIntoModel, A: TryIntoAdapter>(m: M, a: A) -> Result<Self>
     where
         Self: Sized;
-    fn add_function(&mut self, fname: &str, f: fn(String, String) -> bool);
+    fn add_function(&mut self, fname: &str, f: fn(ImmutableString, ImmutableString) -> bool);
     fn get_model(&self) -> &dyn Model;
     fn get_mut_model(&mut self) -> &mut dyn Model;
     fn get_adapter(&self) -> &dyn Adapter;
@@ -35,7 +36,6 @@ pub trait CoreApi: Send + Sync {
     fn get_logger(&self) -> &dyn Logger;
     #[cfg(feature = "logging")]
     fn set_logger(&mut self, logger: Box<dyn Logger>);
-    fn add_matching_fn(&mut self, f: fn(&str, &str) -> bool) -> Result<()>;
     async fn set_model<M: TryIntoModel>(&mut self, m: M) -> Result<()>;
     async fn set_adapter<A: TryIntoAdapter>(&mut self, a: A) -> Result<()>;
     fn set_effector(&mut self, e: Box<dyn Effector>);