fix: priority cannot be non first policy element

shink · shink · commit 6a40ed326051 · 2021-04-21T23:38:14.000+08:00
issue: casbin#177 Signed-off-by: tsund <tsund@qq.com>
diff --git a/examples/priority_model_explicit.conf b/examples/priority_model_explicit.conf
@@ -2,7 +2,7 @@
 r = sub, obj, act
 
 [policy_definition]
-p = priority, sub, obj, act, eft
+p = sub, obj, act, eft, priority
 
 [role_definition]
 g = _, _
diff --git a/examples/priority_policy_explicit.csv b/examples/priority_policy_explicit.csv
@@ -1,12 +1,12 @@
-p, 10, data1_deny_group, data1, read, deny
-p, 10, data1_deny_group, data1, write, deny
-p, 10, data2_allow_group, data2, read, allow
-p, 10, data2_allow_group, data2, write, allow
+p, data1_deny_group, data1, read, deny, 10
+p, data1_deny_group, data1, write, deny, 10
+p, data2_allow_group, data2, read, allow, 10
+p, data2_allow_group, data2, write, allow, 10
 
 
-p, 1, alice, data1, write, allow
-p, 1, alice, data1, read, allow
-p, 1, bob, data2, read, deny
+p, alice, data1, write, allow, 1
+p, alice, data1, read, allow, 1
+p, bob, data2, read, deny, 1
 
 g, bob, data2_allow_group
-g, alice, data1_deny_group
+g, alice, data1_deny_group
diff --git a/src/main/java/org/casbin/jcasbin/model/Assertion.java b/src/main/java/org/casbin/jcasbin/model/Assertion.java
@@ -30,6 +30,7 @@ public class Assertion {
     public String[] tokens;
     public List<List<String>> policy;
     public RoleManager rm;
+    public int priorityIndex;
 
     public Assertion() {
         policy = new ArrayList<>();
@@ -94,4 +95,8 @@ public void buildIncrementalRoleLinks(RoleManager rm, Model.PolicyOperations op,
             }
         }
     }
+
+    public void initPriorityIndex() {
+        priorityIndex = -1;
+    }
 }
diff --git a/src/main/java/org/casbin/jcasbin/model/Model.java b/src/main/java/org/casbin/jcasbin/model/Model.java
@@ -66,15 +66,20 @@ public boolean addDef(String sec, String key, String value) {
         Assertion ast = new Assertion();
         ast.key = key;
         ast.value = value;
+        ast.initPriorityIndex();
 
         if (ast.value.equals("")) {
             return false;
         }
 
         if (sec.equals("r") || sec.equals("p")) {
             ast.tokens = splitCommaDelimited(ast.value);
-            for (int i = 0; i < ast.tokens.length; i ++) {
+            for (int i = 0; i < ast.tokens.length; i++) {
                 ast.tokens[i] = key + "_" + ast.tokens[i];
+
+                if ("p_priority".equals(ast.tokens[i])) {
+                    ast.priorityIndex = i;
+                }
             }
         } else {
             ast.value = Util.removeComments(Util.escapeAssertion(ast.value));
@@ -207,14 +212,17 @@ public void printModel() {
      * sort policies by priority value
      */
     public void sortPoliciesByPriority() {
-        if (model.containsKey("p")) {
-            for (Map.Entry<String, Assertion> entry : model.get("p").entrySet()) {
-                Assertion assertion = entry.getValue();
-                if (!(entry.getKey() + "_priority").equals(assertion.tokens[0])) {
-                    continue;
-                }
-                assertion.policy.sort(Comparator.comparingInt(p -> Integer.parseInt(p.get(0))));
+        if (!model.containsKey("p")) {
+            return;
+        }
+
+        for (Map.Entry<String, Assertion> entry : model.get("p").entrySet()) {
+            Assertion assertion = entry.getValue();
+            int priorityIndex = assertion.priorityIndex;
+            if (priorityIndex < 0) {
+                continue;
             }
+            assertion.policy.sort(Comparator.comparingInt(p -> Integer.parseInt(p.get(priorityIndex))));
         }
     }
 
diff --git a/src/main/java/org/casbin/jcasbin/model/Policy.java b/src/main/java/org/casbin/jcasbin/model/Policy.java
@@ -182,15 +182,16 @@ public boolean addPolicy(String sec, String ptype, List<String> rule) {
         if (!hasPolicy(sec, ptype, rule)) {
             Assertion assertion = model.get(sec).get(ptype);
             List<List<String>> policy = assertion.policy;
+            int priorityIndex = assertion.priorityIndex;
 
             // ensure the policies is ordered by priority value
-            if ("p".equals(sec) && (ptype + "_priority").equals(assertion.tokens[0])) {
-                int value = Integer.parseInt(rule.get(0));
+            if ("p".equals(sec) && priorityIndex >= 0) {
+                int value = Integer.parseInt(rule.get(priorityIndex));
                 int left = 0, right = policy.size();
                 // binary insert
                 while (left < right) {
                     int mid = (left + right) >>> 1;
-                    if (value > Integer.parseInt(policy.get(mid).get(0))) {
+                    if (value > Integer.parseInt(policy.get(mid).get(priorityIndex))) {
                         left = mid + 1;
                     } else {
                         right = mid;
diff --git a/src/test/java/org/casbin/jcasbin/main/EnforcerUnitTest.java b/src/test/java/org/casbin/jcasbin/main/EnforcerUnitTest.java
@@ -514,7 +514,7 @@ public void testPriorityExplicit() {
         testEnforce(e, "data2_allow_group", "data2", "write", true);
 
         // add a higher priority policy
-        e.addPolicy("1", "bob", "data2", "write", "deny");
+        e.addPolicy("bob", "data2", "write", "deny", "1");
 
         testEnforce(e, "alice", "data1", "write", true);
         testEnforce(e, "alice", "data1", "read", true);

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,7 @@ public class Assertion {`
`30`	`30`	`public String[] tokens;`
`31`	`31`	`public List<List<String>> policy;`
`32`	`32`	`public RoleManager rm;`
	`33`	`+ public int priorityIndex;`
`33`	`34`
`34`	`35`	`public Assertion() {`
`35`	`36`	`policy = new ArrayList<>();`
`@@ -94,4 +95,8 @@ public void buildIncrementalRoleLinks(RoleManager rm, Model.PolicyOperations op,`
`94`	`95`	`}`
`95`	`96`	`}`
`96`	`97`	`}`
	`98`	`+`
	`99`	`+ public void initPriorityIndex() {`
	`100`	`+ priorityIndex = -1;`
	`101`	`+ }`
`97`	`102`	`}`